@azure/msal-common 14.15.0 → 14.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (172) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.d.ts +0 -5
  17. package/dist/cache/CacheManager.d.ts.map +1 -1
  18. package/dist/cache/CacheManager.mjs +1 -4
  19. package/dist/cache/CacheManager.mjs.map +1 -1
  20. package/dist/cache/entities/AccountEntity.mjs +1 -1
  21. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  22. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  23. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  24. package/dist/client/AuthorizationCodeClient.mjs +24 -13
  25. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  26. package/dist/client/BaseClient.d.ts +10 -3
  27. package/dist/client/BaseClient.d.ts.map +1 -1
  28. package/dist/client/BaseClient.mjs +62 -10
  29. package/dist/client/BaseClient.mjs.map +1 -1
  30. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  31. package/dist/client/RefreshTokenClient.mjs +10 -4
  32. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  33. package/dist/client/SilentFlowClient.mjs +1 -1
  34. package/dist/config/ClientConfiguration.d.ts +2 -0
  35. package/dist/config/ClientConfiguration.d.ts.map +1 -1
  36. package/dist/config/ClientConfiguration.mjs +1 -1
  37. package/dist/config/ClientConfiguration.mjs.map +1 -1
  38. package/dist/constants/AADServerParamKeys.d.ts +2 -0
  39. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  40. package/dist/constants/AADServerParamKeys.mjs +5 -3
  41. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  42. package/dist/crypto/ICrypto.mjs +1 -1
  43. package/dist/crypto/JoseHeader.mjs +1 -1
  44. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  45. package/dist/error/AuthError.mjs +1 -1
  46. package/dist/error/AuthErrorCodes.mjs +1 -1
  47. package/dist/error/CacheError.mjs +1 -1
  48. package/dist/error/CacheErrorCodes.mjs +1 -1
  49. package/dist/error/ClientAuthError.mjs +1 -1
  50. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  51. package/dist/error/ClientConfigurationError.mjs +1 -1
  52. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  53. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  54. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  55. package/dist/error/JoseHeaderError.mjs +1 -1
  56. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  57. package/dist/error/NetworkError.d.ts +19 -0
  58. package/dist/error/NetworkError.d.ts.map +1 -0
  59. package/dist/error/NetworkError.mjs +34 -0
  60. package/dist/error/NetworkError.mjs.map +1 -0
  61. package/dist/error/ServerError.mjs +1 -1
  62. package/dist/exports-common.d.ts +2 -1
  63. package/dist/exports-common.d.ts.map +1 -1
  64. package/dist/index-browser.mjs +2 -2
  65. package/dist/index-node.mjs +2 -2
  66. package/dist/index.mjs +2 -2
  67. package/dist/logger/Logger.mjs +1 -1
  68. package/dist/network/INetworkModule.d.ts +1 -1
  69. package/dist/network/INetworkModule.d.ts.map +1 -1
  70. package/dist/network/INetworkModule.mjs +1 -1
  71. package/dist/network/NetworkResponse.d.ts +6 -0
  72. package/dist/network/NetworkResponse.d.ts.map +1 -0
  73. package/dist/network/ThrottlingUtils.d.ts +1 -1
  74. package/dist/network/ThrottlingUtils.d.ts.map +1 -1
  75. package/dist/network/ThrottlingUtils.mjs +1 -1
  76. package/dist/packageMetadata.d.ts +1 -1
  77. package/dist/packageMetadata.mjs +2 -2
  78. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  79. package/dist/request/BaseAuthRequest.d.ts +2 -0
  80. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  81. package/dist/request/RequestParameterBuilder.d.ts +8 -1
  82. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  83. package/dist/request/RequestParameterBuilder.mjs +26 -3
  84. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  85. package/dist/request/RequestValidator.mjs +1 -1
  86. package/dist/request/ScopeSet.mjs +1 -1
  87. package/dist/response/ResponseHandler.mjs +1 -1
  88. package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  89. package/dist/telemetry/performance/PerformanceClient.mjs +29 -10
  90. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  91. package/dist/telemetry/performance/PerformanceEvent.d.ts +9 -0
  92. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  93. package/dist/telemetry/performance/PerformanceEvent.mjs +6 -1
  94. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  95. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  96. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  97. package/dist/url/UrlString.mjs +1 -1
  98. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  99. package/dist/utils/Constants.d.ts +1 -0
  100. package/dist/utils/Constants.d.ts.map +1 -1
  101. package/dist/utils/Constants.mjs +2 -1
  102. package/dist/utils/Constants.mjs.map +1 -1
  103. package/dist/utils/FunctionWrappers.mjs +1 -1
  104. package/dist/utils/ProtocolUtils.mjs +1 -1
  105. package/dist/utils/StringUtils.mjs +1 -1
  106. package/dist/utils/TimeUtils.mjs +1 -1
  107. package/dist/utils/UrlUtils.mjs +1 -1
  108. package/lib/index-browser.cjs +33 -13
  109. package/lib/index-browser.cjs.map +1 -1
  110. package/lib/{index-node-aee3f7b6.js → index-node-C9XsExml.js} +268 -180
  111. package/lib/index-node-C9XsExml.js.map +1 -0
  112. package/lib/index-node.cjs +5 -4
  113. package/lib/index-node.cjs.map +1 -1
  114. package/lib/index.cjs +5 -4
  115. package/lib/index.cjs.map +1 -1
  116. package/lib/types/cache/CacheManager.d.ts +0 -5
  117. package/lib/types/cache/CacheManager.d.ts.map +1 -1
  118. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  119. package/lib/types/client/BaseClient.d.ts +10 -3
  120. package/lib/types/client/BaseClient.d.ts.map +1 -1
  121. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  122. package/lib/types/config/ClientConfiguration.d.ts +2 -0
  123. package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
  124. package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
  125. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  126. package/lib/types/error/NetworkError.d.ts +19 -0
  127. package/lib/types/error/NetworkError.d.ts.map +1 -0
  128. package/lib/types/exports-common.d.ts +2 -1
  129. package/lib/types/exports-common.d.ts.map +1 -1
  130. package/lib/types/network/INetworkModule.d.ts +1 -1
  131. package/lib/types/network/INetworkModule.d.ts.map +1 -1
  132. package/lib/types/network/NetworkResponse.d.ts +6 -0
  133. package/lib/types/network/NetworkResponse.d.ts.map +1 -0
  134. package/lib/types/network/ThrottlingUtils.d.ts +1 -1
  135. package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
  136. package/lib/types/packageMetadata.d.ts +1 -1
  137. package/lib/types/request/BaseAuthRequest.d.ts +2 -0
  138. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  139. package/lib/types/request/RequestParameterBuilder.d.ts +8 -1
  140. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  141. package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  142. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +9 -0
  143. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  144. package/lib/types/utils/Constants.d.ts +1 -0
  145. package/lib/types/utils/Constants.d.ts.map +1 -1
  146. package/package.json +2 -4
  147. package/src/authority/RegionDiscovery.ts +1 -1
  148. package/src/cache/CacheManager.ts +0 -8
  149. package/src/client/AuthorizationCodeClient.ts +37 -16
  150. package/src/client/BaseClient.ts +104 -22
  151. package/src/client/RefreshTokenClient.ts +14 -5
  152. package/src/config/ClientConfiguration.ts +2 -0
  153. package/src/constants/AADServerParamKeys.ts +2 -0
  154. package/src/error/NetworkError.ts +44 -0
  155. package/src/exports-common.ts +2 -5
  156. package/src/network/INetworkModule.ts +1 -1
  157. package/src/network/NetworkResponse.ts +10 -0
  158. package/src/network/ThrottlingUtils.ts +1 -1
  159. package/src/packageMetadata.ts +1 -1
  160. package/src/request/BaseAuthRequest.ts +2 -0
  161. package/src/request/RequestParameterBuilder.ts +51 -1
  162. package/src/telemetry/performance/PerformanceClient.ts +42 -12
  163. package/src/telemetry/performance/PerformanceEvent.ts +15 -0
  164. package/src/utils/Constants.ts +1 -0
  165. package/dist/network/NetworkManager.d.ts +0 -34
  166. package/dist/network/NetworkManager.d.ts.map +0 -1
  167. package/dist/network/NetworkManager.mjs +0 -44
  168. package/dist/network/NetworkManager.mjs.map +0 -1
  169. package/lib/index-node-aee3f7b6.js.map +0 -1
  170. package/lib/types/network/NetworkManager.d.ts +0 -34
  171. package/lib/types/network/NetworkManager.d.ts.map +0 -1
  172. package/src/network/NetworkManager.ts +0 -76
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v14.15.0 2024-09-20 */
1
+ /*! @azure/msal-common v14.16.0 2024-11-05 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -96,6 +96,7 @@ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
96
96
  */
97
97
  const HeaderNames = {
98
98
  CONTENT_TYPE: "Content-Type",
99
+ CONTENT_LENGTH: "Content-Length",
99
100
  RETRY_AFTER: "Retry-After",
100
101
  CCS_HEADER: "X-AnchorMailbox",
101
102
  WWWAuthenticate: "WWW-Authenticate",
@@ -1612,6 +1613,7 @@ const PerformanceEvents = {
1612
1613
  /**
1613
1614
  * Time spent sending/waiting for the response of a request to the token endpoint
1614
1615
  */
1616
+ NetworkClientSendPostRequestAsync: "networkClientSendPostRequestAsync",
1615
1617
  RefreshTokenClientExecutePostToTokenEndpoint: "refreshTokenClientExecutePostToTokenEndpoint",
1616
1618
  AuthorizationCodeClientExecutePostToTokenEndpoint: "authorizationCodeClientExecutePostToTokenEndpoint",
1617
1619
  /**
@@ -1785,6 +1787,10 @@ const PerformanceEventAbbreviations = new Map([
1785
1787
  PerformanceEvents.BaseClientCreateTokenRequestHeaders,
1786
1788
  "BaseClientCreateTReqHead",
1787
1789
  ],
1790
+ [
1791
+ PerformanceEvents.NetworkClientSendPostRequestAsync,
1792
+ "NetClientSendPost",
1793
+ ],
1788
1794
  [
1789
1795
  PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint,
1790
1796
  "RTClientExecPost",
@@ -3519,11 +3525,15 @@ const LOGOUT_HINT = "logout_hint";
3519
3525
  const SID = "sid";
3520
3526
  const LOGIN_HINT = "login_hint";
3521
3527
  const DOMAIN_HINT = "domain_hint";
3522
- const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
3528
+ const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
3529
+ const BROKER_CLIENT_ID = "brk_client_id";
3530
+ const BROKER_REDIRECT_URI = "brk_redirect_uri";
3523
3531
 
3524
3532
  var AADServerParamKeys = /*#__PURE__*/Object.freeze({
3525
3533
  __proto__: null,
3526
3534
  ACCESS_TOKEN: ACCESS_TOKEN,
3535
+ BROKER_CLIENT_ID: BROKER_CLIENT_ID,
3536
+ BROKER_REDIRECT_URI: BROKER_REDIRECT_URI,
3527
3537
  CCS_HEADER: CCS_HEADER,
3528
3538
  CLAIMS: CLAIMS,
3529
3539
  CLIENT_ASSERTION: CLIENT_ASSERTION,
@@ -3806,7 +3816,7 @@ class Logger {
3806
3816
 
3807
3817
  /* eslint-disable header/header */
3808
3818
  const name = "@azure/msal-common";
3809
- const version = "14.15.0";
3819
+ const version = "14.16.0";
3810
3820
 
3811
3821
  /*
3812
3822
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5661,9 +5671,6 @@ class DefaultStorageClass extends CacheManager {
5661
5671
  getTokenKeys() {
5662
5672
  throw createClientAuthError(methodNotImplemented);
5663
5673
  }
5664
- async clear() {
5665
- throw createClientAuthError(methodNotImplemented);
5666
- }
5667
5674
  updateCredentialCacheKey() {
5668
5675
  throw createClientAuthError(methodNotImplemented);
5669
5676
  }
@@ -5769,154 +5776,6 @@ function isOidcProtocolMode(config) {
5769
5776
  return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
5770
5777
  }
5771
5778
 
5772
- /*
5773
- * Copyright (c) Microsoft Corporation. All rights reserved.
5774
- * Licensed under the MIT License.
5775
- */
5776
- /**
5777
- * Error thrown when there is an error with the server code, for example, unavailability.
5778
- */
5779
- class ServerError extends AuthError {
5780
- constructor(errorCode, errorMessage, subError, errorNo, status) {
5781
- super(errorCode, errorMessage, subError);
5782
- this.name = "ServerError";
5783
- this.errorNo = errorNo;
5784
- this.status = status;
5785
- Object.setPrototypeOf(this, ServerError.prototype);
5786
- }
5787
- }
5788
-
5789
- /*
5790
- * Copyright (c) Microsoft Corporation. All rights reserved.
5791
- * Licensed under the MIT License.
5792
- */
5793
- /** @internal */
5794
- class ThrottlingUtils {
5795
- /**
5796
- * Prepares a RequestThumbprint to be stored as a key.
5797
- * @param thumbprint
5798
- */
5799
- static generateThrottlingStorageKey(thumbprint) {
5800
- return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
5801
- }
5802
- /**
5803
- * Performs necessary throttling checks before a network request.
5804
- * @param cacheManager
5805
- * @param thumbprint
5806
- */
5807
- static preProcess(cacheManager, thumbprint) {
5808
- const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
5809
- const value = cacheManager.getThrottlingCache(key);
5810
- if (value) {
5811
- if (value.throttleTime < Date.now()) {
5812
- cacheManager.removeItem(key);
5813
- return;
5814
- }
5815
- throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
5816
- }
5817
- }
5818
- /**
5819
- * Performs necessary throttling checks after a network request.
5820
- * @param cacheManager
5821
- * @param thumbprint
5822
- * @param response
5823
- */
5824
- static postProcess(cacheManager, thumbprint, response) {
5825
- if (ThrottlingUtils.checkResponseStatus(response) ||
5826
- ThrottlingUtils.checkResponseForRetryAfter(response)) {
5827
- const thumbprintValue = {
5828
- throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
5829
- error: response.body.error,
5830
- errorCodes: response.body.error_codes,
5831
- errorMessage: response.body.error_description,
5832
- subError: response.body.suberror,
5833
- };
5834
- cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
5835
- }
5836
- }
5837
- /**
5838
- * Checks a NetworkResponse object's status codes against 429 or 5xx
5839
- * @param response
5840
- */
5841
- static checkResponseStatus(response) {
5842
- return (response.status === 429 ||
5843
- (response.status >= 500 && response.status < 600));
5844
- }
5845
- /**
5846
- * Checks a NetworkResponse object's RetryAfter header
5847
- * @param response
5848
- */
5849
- static checkResponseForRetryAfter(response) {
5850
- if (response.headers) {
5851
- return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
5852
- (response.status < 200 || response.status >= 300));
5853
- }
5854
- return false;
5855
- }
5856
- /**
5857
- * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
5858
- * @param throttleTime
5859
- */
5860
- static calculateThrottleTime(throttleTime) {
5861
- const time = throttleTime <= 0 ? 0 : throttleTime;
5862
- const currentSeconds = Date.now() / 1000;
5863
- return Math.floor(Math.min(currentSeconds +
5864
- (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
5865
- ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
5866
- }
5867
- static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
5868
- const thumbprint = {
5869
- clientId: clientId,
5870
- authority: request.authority,
5871
- scopes: request.scopes,
5872
- homeAccountIdentifier: homeAccountIdentifier,
5873
- claims: request.claims,
5874
- authenticationScheme: request.authenticationScheme,
5875
- resourceRequestMethod: request.resourceRequestMethod,
5876
- resourceRequestUri: request.resourceRequestUri,
5877
- shrClaims: request.shrClaims,
5878
- sshKid: request.sshKid,
5879
- };
5880
- const key = this.generateThrottlingStorageKey(thumbprint);
5881
- cacheManager.removeItem(key);
5882
- }
5883
- }
5884
-
5885
- /*
5886
- * Copyright (c) Microsoft Corporation. All rights reserved.
5887
- * Licensed under the MIT License.
5888
- */
5889
- /** @internal */
5890
- class NetworkManager {
5891
- constructor(networkClient, cacheManager) {
5892
- this.networkClient = networkClient;
5893
- this.cacheManager = cacheManager;
5894
- }
5895
- /**
5896
- * Wraps sendPostRequestAsync with necessary preflight and postflight logic
5897
- * @param thumbprint
5898
- * @param tokenEndpoint
5899
- * @param options
5900
- */
5901
- async sendPostRequest(thumbprint, tokenEndpoint, options) {
5902
- ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
5903
- let response;
5904
- try {
5905
- response = await this.networkClient.sendPostRequestAsync(tokenEndpoint, options);
5906
- }
5907
- catch (e) {
5908
- if (e instanceof AuthError) {
5909
- throw e;
5910
- }
5911
- else {
5912
- throw createClientAuthError(networkError);
5913
- }
5914
- }
5915
- ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
5916
- return response;
5917
- }
5918
- }
5919
-
5920
5779
  /*
5921
5780
  * Copyright (c) Microsoft Corporation. All rights reserved.
5922
5781
  * Licensed under the MIT License.
@@ -5995,10 +5854,24 @@ class RequestValidator {
5995
5854
  * Copyright (c) Microsoft Corporation. All rights reserved.
5996
5855
  * Licensed under the MIT License.
5997
5856
  */
5857
+ function instrumentBrokerParams(parameters, correlationId, performanceClient) {
5858
+ if (!correlationId) {
5859
+ return;
5860
+ }
5861
+ const clientId = parameters.get(CLIENT_ID);
5862
+ if (clientId && parameters.has(BROKER_CLIENT_ID)) {
5863
+ performanceClient?.addFields({
5864
+ embeddedClientId: clientId,
5865
+ embeddedRedirectUri: parameters.get(REDIRECT_URI),
5866
+ }, correlationId);
5867
+ }
5868
+ }
5998
5869
  /** @internal */
5999
5870
  class RequestParameterBuilder {
6000
- constructor() {
5871
+ constructor(correlationId, performanceClient) {
6001
5872
  this.parameters = new Map();
5873
+ this.performanceClient = performanceClient;
5874
+ this.correlationId = correlationId;
6002
5875
  }
6003
5876
  /**
6004
5877
  * add response_type = code
@@ -6362,6 +6235,14 @@ class RequestParameterBuilder {
6362
6235
  addLogoutHint(logoutHint) {
6363
6236
  this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
6364
6237
  }
6238
+ addBrokerParameters(params) {
6239
+ const brokerParams = {};
6240
+ brokerParams[BROKER_CLIENT_ID] =
6241
+ params.brokerClientId;
6242
+ brokerParams[BROKER_REDIRECT_URI] =
6243
+ params.brokerRedirectUri;
6244
+ this.addExtraQueryParameters(brokerParams);
6245
+ }
6365
6246
  /**
6366
6247
  * Utility to create a URL from the params map
6367
6248
  */
@@ -6370,10 +6251,152 @@ class RequestParameterBuilder {
6370
6251
  this.parameters.forEach((value, key) => {
6371
6252
  queryParameterArray.push(`${key}=${value}`);
6372
6253
  });
6254
+ instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
6373
6255
  return queryParameterArray.join("&");
6374
6256
  }
6375
6257
  }
6376
6258
 
6259
+ /*
6260
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6261
+ * Licensed under the MIT License.
6262
+ */
6263
+ /**
6264
+ * Error thrown when there is an error with the server code, for example, unavailability.
6265
+ */
6266
+ class ServerError extends AuthError {
6267
+ constructor(errorCode, errorMessage, subError, errorNo, status) {
6268
+ super(errorCode, errorMessage, subError);
6269
+ this.name = "ServerError";
6270
+ this.errorNo = errorNo;
6271
+ this.status = status;
6272
+ Object.setPrototypeOf(this, ServerError.prototype);
6273
+ }
6274
+ }
6275
+
6276
+ /*
6277
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6278
+ * Licensed under the MIT License.
6279
+ */
6280
+ /** @internal */
6281
+ class ThrottlingUtils {
6282
+ /**
6283
+ * Prepares a RequestThumbprint to be stored as a key.
6284
+ * @param thumbprint
6285
+ */
6286
+ static generateThrottlingStorageKey(thumbprint) {
6287
+ return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
6288
+ }
6289
+ /**
6290
+ * Performs necessary throttling checks before a network request.
6291
+ * @param cacheManager
6292
+ * @param thumbprint
6293
+ */
6294
+ static preProcess(cacheManager, thumbprint) {
6295
+ const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
6296
+ const value = cacheManager.getThrottlingCache(key);
6297
+ if (value) {
6298
+ if (value.throttleTime < Date.now()) {
6299
+ cacheManager.removeItem(key);
6300
+ return;
6301
+ }
6302
+ throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
6303
+ }
6304
+ }
6305
+ /**
6306
+ * Performs necessary throttling checks after a network request.
6307
+ * @param cacheManager
6308
+ * @param thumbprint
6309
+ * @param response
6310
+ */
6311
+ static postProcess(cacheManager, thumbprint, response) {
6312
+ if (ThrottlingUtils.checkResponseStatus(response) ||
6313
+ ThrottlingUtils.checkResponseForRetryAfter(response)) {
6314
+ const thumbprintValue = {
6315
+ throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
6316
+ error: response.body.error,
6317
+ errorCodes: response.body.error_codes,
6318
+ errorMessage: response.body.error_description,
6319
+ subError: response.body.suberror,
6320
+ };
6321
+ cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
6322
+ }
6323
+ }
6324
+ /**
6325
+ * Checks a NetworkResponse object's status codes against 429 or 5xx
6326
+ * @param response
6327
+ */
6328
+ static checkResponseStatus(response) {
6329
+ return (response.status === 429 ||
6330
+ (response.status >= 500 && response.status < 600));
6331
+ }
6332
+ /**
6333
+ * Checks a NetworkResponse object's RetryAfter header
6334
+ * @param response
6335
+ */
6336
+ static checkResponseForRetryAfter(response) {
6337
+ if (response.headers) {
6338
+ return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
6339
+ (response.status < 200 || response.status >= 300));
6340
+ }
6341
+ return false;
6342
+ }
6343
+ /**
6344
+ * Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
6345
+ * @param throttleTime
6346
+ */
6347
+ static calculateThrottleTime(throttleTime) {
6348
+ const time = throttleTime <= 0 ? 0 : throttleTime;
6349
+ const currentSeconds = Date.now() / 1000;
6350
+ return Math.floor(Math.min(currentSeconds +
6351
+ (time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
6352
+ ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
6353
+ }
6354
+ static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
6355
+ const thumbprint = {
6356
+ clientId: clientId,
6357
+ authority: request.authority,
6358
+ scopes: request.scopes,
6359
+ homeAccountIdentifier: homeAccountIdentifier,
6360
+ claims: request.claims,
6361
+ authenticationScheme: request.authenticationScheme,
6362
+ resourceRequestMethod: request.resourceRequestMethod,
6363
+ resourceRequestUri: request.resourceRequestUri,
6364
+ shrClaims: request.shrClaims,
6365
+ sshKid: request.sshKid,
6366
+ };
6367
+ const key = this.generateThrottlingStorageKey(thumbprint);
6368
+ cacheManager.removeItem(key);
6369
+ }
6370
+ }
6371
+
6372
+ /*
6373
+ * Copyright (c) Microsoft Corporation. All rights reserved.
6374
+ * Licensed under the MIT License.
6375
+ */
6376
+ /**
6377
+ * Represents network related errors
6378
+ */
6379
+ class NetworkError extends AuthError {
6380
+ constructor(error, httpStatus, responseHeaders) {
6381
+ super(error.errorCode, error.errorMessage, error.subError);
6382
+ Object.setPrototypeOf(this, NetworkError.prototype);
6383
+ this.name = "NetworkError";
6384
+ this.error = error;
6385
+ this.httpStatus = httpStatus;
6386
+ this.responseHeaders = responseHeaders;
6387
+ }
6388
+ }
6389
+ /**
6390
+ * Creates NetworkError object for a failed network request
6391
+ * @param error - Error to be thrown back to the caller
6392
+ * @param httpStatus - Status code of the network request
6393
+ * @param responseHeaders - Response headers of the network request, when available
6394
+ * @returns NetworkError object
6395
+ */
6396
+ function createNetworkError(error, httpStatus, responseHeaders) {
6397
+ return new NetworkError(error, httpStatus, responseHeaders);
6398
+ }
6399
+
6377
6400
  /*
6378
6401
  * Copyright (c) Microsoft Corporation. All rights reserved.
6379
6402
  * Licensed under the MIT License.
@@ -6394,8 +6417,6 @@ class BaseClient {
6394
6417
  this.cacheManager = this.config.storageInterface;
6395
6418
  // Set the network interface
6396
6419
  this.networkClient = this.config.networkInterface;
6397
- // Set the NetworkManager
6398
- this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);
6399
6420
  // Set TelemetryManager
6400
6421
  this.serverTelemetryManager = this.config.serverTelemetryManager;
6401
6422
  // set Authority
@@ -6439,11 +6460,7 @@ class BaseClient {
6439
6460
  if (queuedEvent) {
6440
6461
  this.performanceClient?.addQueueMeasurement(queuedEvent, correlationId);
6441
6462
  }
6442
- const response = await this.networkManager.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers });
6443
- this.performanceClient?.addFields({
6444
- refreshTokenSize: response.body.refresh_token?.length || 0,
6445
- httpVerToken: response.headers?.[HeaderNames.X_MS_HTTP_VERSION] || "",
6446
- }, correlationId);
6463
+ const response = await this.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId);
6447
6464
  if (this.config.serverTelemetryManager &&
6448
6465
  response.status < 500 &&
6449
6466
  response.status !== 429) {
@@ -6452,6 +6469,52 @@ class BaseClient {
6452
6469
  }
6453
6470
  return response;
6454
6471
  }
6472
+ /**
6473
+ * Wraps sendPostRequestAsync with necessary preflight and postflight logic
6474
+ * @param thumbprint - Request thumbprint for throttling
6475
+ * @param tokenEndpoint - Endpoint to make the POST to
6476
+ * @param options - Body and Headers to include on the POST request
6477
+ * @param correlationId - CorrelationId for telemetry
6478
+ */
6479
+ async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
6480
+ ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
6481
+ let response;
6482
+ try {
6483
+ response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
6484
+ const responseHeaders = response.headers || {};
6485
+ this.performanceClient?.addFields({
6486
+ refreshTokenSize: response.body.refresh_token?.length || 0,
6487
+ httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
6488
+ requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
6489
+ }, correlationId);
6490
+ }
6491
+ catch (e) {
6492
+ if (e instanceof NetworkError) {
6493
+ const responseHeaders = e.responseHeaders;
6494
+ if (responseHeaders) {
6495
+ this.performanceClient?.addFields({
6496
+ httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
6497
+ requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] ||
6498
+ "",
6499
+ contentTypeHeader: responseHeaders[HeaderNames.CONTENT_TYPE] ||
6500
+ undefined,
6501
+ contentLengthHeader: responseHeaders[HeaderNames.CONTENT_LENGTH] ||
6502
+ undefined,
6503
+ httpStatus: e.httpStatus,
6504
+ }, correlationId);
6505
+ }
6506
+ throw e.error;
6507
+ }
6508
+ if (e instanceof AuthError) {
6509
+ throw e;
6510
+ }
6511
+ else {
6512
+ throw createClientAuthError(networkError);
6513
+ }
6514
+ }
6515
+ ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
6516
+ return response;
6517
+ }
6455
6518
  /**
6456
6519
  * Updates the authority object of the client. Endpoint discovery must be completed.
6457
6520
  * @param updatedAuthority
@@ -6467,10 +6530,17 @@ class BaseClient {
6467
6530
  * @param request
6468
6531
  */
6469
6532
  createTokenQueryParameters(request) {
6470
- const parameterBuilder = new RequestParameterBuilder();
6533
+ const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
6534
+ if (request.embeddedClientId) {
6535
+ parameterBuilder.addBrokerParameters({
6536
+ brokerClientId: this.config.authOptions.clientId,
6537
+ brokerRedirectUri: this.config.authOptions.redirectUri,
6538
+ });
6539
+ }
6471
6540
  if (request.tokenQueryParameters) {
6472
6541
  parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);
6473
6542
  }
6543
+ parameterBuilder.addCorrelationId(request.correlationId);
6474
6544
  return parameterBuilder.createQueryString();
6475
6545
  }
6476
6546
  }
@@ -7285,8 +7355,9 @@ class AuthorizationCodeClient extends BaseClient {
7285
7355
  */
7286
7356
  async createTokenRequestBody(request) {
7287
7357
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
7288
- const parameterBuilder = new RequestParameterBuilder();
7289
- parameterBuilder.addClientId(request.tokenBodyParameters?.[CLIENT_ID] ||
7358
+ const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
7359
+ parameterBuilder.addClientId(request.embeddedClientId ||
7360
+ request.tokenBodyParameters?.[CLIENT_ID] ||
7290
7361
  this.config.authOptions.clientId);
7291
7362
  /*
7292
7363
  * For hybrid spa flow, there will be a code but no verifier
@@ -7346,9 +7417,6 @@ class AuthorizationCodeClient extends BaseClient {
7346
7417
  throw createClientConfigurationError(missingSshJwk);
7347
7418
  }
7348
7419
  }
7349
- const correlationId = request.correlationId ||
7350
- this.config.cryptoInterface.createNewGuid();
7351
- parameterBuilder.addCorrelationId(correlationId);
7352
7420
  if (!StringUtils.isEmptyObj(request.claims) ||
7353
7421
  (this.config.authOptions.clientCapabilities &&
7354
7422
  this.config.authOptions.clientCapabilities.length > 0)) {
@@ -7388,6 +7456,12 @@ class AuthorizationCodeClient extends BaseClient {
7388
7456
  break;
7389
7457
  }
7390
7458
  }
7459
+ if (request.embeddedClientId) {
7460
+ parameterBuilder.addBrokerParameters({
7461
+ brokerClientId: this.config.authOptions.clientId,
7462
+ brokerRedirectUri: this.config.authOptions.redirectUri,
7463
+ });
7464
+ }
7391
7465
  if (request.tokenBodyParameters) {
7392
7466
  parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
7393
7467
  }
@@ -7406,9 +7480,13 @@ class AuthorizationCodeClient extends BaseClient {
7406
7480
  * @param request
7407
7481
  */
7408
7482
  async createAuthCodeUrlQueryString(request) {
7409
- this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, request.correlationId);
7410
- const parameterBuilder = new RequestParameterBuilder();
7411
- parameterBuilder.addClientId(request.extraQueryParameters?.[CLIENT_ID] ||
7483
+ // generate the correlationId if not set by the user and add
7484
+ const correlationId = request.correlationId ||
7485
+ this.config.cryptoInterface.createNewGuid();
7486
+ this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, correlationId);
7487
+ const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
7488
+ parameterBuilder.addClientId(request.embeddedClientId ||
7489
+ request.extraQueryParameters?.[CLIENT_ID] ||
7412
7490
  this.config.authOptions.clientId);
7413
7491
  const requestScopes = [
7414
7492
  ...(request.scopes || []),
@@ -7417,9 +7495,6 @@ class AuthorizationCodeClient extends BaseClient {
7417
7495
  parameterBuilder.addScopes(requestScopes, true, this.oidcDefaultScopes);
7418
7496
  // validate the redirectUri (to be a non null value)
7419
7497
  parameterBuilder.addRedirectUri(request.redirectUri);
7420
- // generate the correlationId if not set by the user and add
7421
- const correlationId = request.correlationId ||
7422
- this.config.cryptoInterface.createNewGuid();
7423
7498
  parameterBuilder.addCorrelationId(correlationId);
7424
7499
  // add response_mode. If not passed in it defaults to query.
7425
7500
  parameterBuilder.addResponseMode(request.responseMode);
@@ -7521,6 +7596,12 @@ class AuthorizationCodeClient extends BaseClient {
7521
7596
  this.config.authOptions.clientCapabilities.length > 0)) {
7522
7597
  parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);
7523
7598
  }
7599
+ if (request.embeddedClientId) {
7600
+ parameterBuilder.addBrokerParameters({
7601
+ brokerClientId: this.config.authOptions.clientId,
7602
+ brokerRedirectUri: this.config.authOptions.redirectUri,
7603
+ });
7604
+ }
7524
7605
  this.addExtraQueryParams(request, parameterBuilder);
7525
7606
  if (request.nativeBroker) {
7526
7607
  // signal ests that this is a WAM call
@@ -7547,7 +7628,7 @@ class AuthorizationCodeClient extends BaseClient {
7547
7628
  * @param request
7548
7629
  */
7549
7630
  createLogoutUrlQueryString(request) {
7550
- const parameterBuilder = new RequestParameterBuilder();
7631
+ const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
7551
7632
  if (request.postLogoutRedirectUri) {
7552
7633
  parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);
7553
7634
  }
@@ -7726,8 +7807,9 @@ class RefreshTokenClient extends BaseClient {
7726
7807
  async createTokenRequestBody(request) {
7727
7808
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
7728
7809
  const correlationId = request.correlationId;
7729
- const parameterBuilder = new RequestParameterBuilder();
7730
- parameterBuilder.addClientId(request.tokenBodyParameters?.[CLIENT_ID] ||
7810
+ const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
7811
+ parameterBuilder.addClientId(request.embeddedClientId ||
7812
+ request.tokenBodyParameters?.[CLIENT_ID] ||
7731
7813
  this.config.authOptions.clientId);
7732
7814
  if (request.redirectUri) {
7733
7815
  parameterBuilder.addRedirectUri(request.redirectUri);
@@ -7741,7 +7823,6 @@ class RefreshTokenClient extends BaseClient {
7741
7823
  if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
7742
7824
  parameterBuilder.addServerTelemetry(this.serverTelemetryManager);
7743
7825
  }
7744
- parameterBuilder.addCorrelationId(correlationId);
7745
7826
  parameterBuilder.addRefreshToken(request.refreshToken);
7746
7827
  if (this.config.clientCredentials.clientSecret) {
7747
7828
  parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
@@ -7795,6 +7876,12 @@ class RefreshTokenClient extends BaseClient {
7795
7876
  break;
7796
7877
  }
7797
7878
  }
7879
+ if (request.embeddedClientId) {
7880
+ parameterBuilder.addBrokerParameters({
7881
+ brokerClientId: this.config.authOptions.clientId,
7882
+ brokerRedirectUri: this.config.authOptions.redirectUri,
7883
+ });
7884
+ }
7798
7885
  if (request.tokenBodyParameters) {
7799
7886
  parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
7800
7887
  }
@@ -8314,7 +8401,7 @@ exports.InteractionRequiredAuthErrorCodes = InteractionRequiredAuthErrorCodes;
8314
8401
  exports.InteractionRequiredAuthErrorMessage = InteractionRequiredAuthErrorMessage;
8315
8402
  exports.JsonWebTokenTypes = JsonWebTokenTypes;
8316
8403
  exports.Logger = Logger;
8317
- exports.NetworkManager = NetworkManager;
8404
+ exports.NetworkError = NetworkError;
8318
8405
  exports.OIDC_DEFAULT_SCOPES = OIDC_DEFAULT_SCOPES;
8319
8406
  exports.ONE_DAY_IN_MS = ONE_DAY_IN_MS;
8320
8407
  exports.PasswordGrantConstants = PasswordGrantConstants;
@@ -8353,6 +8440,7 @@ exports.createAuthError = createAuthError;
8353
8440
  exports.createClientAuthError = createClientAuthError;
8354
8441
  exports.createClientConfigurationError = createClientConfigurationError;
8355
8442
  exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
8443
+ exports.createNetworkError = createNetworkError;
8356
8444
  exports.formatAuthorityUri = formatAuthorityUri;
8357
8445
  exports.getClientAssertion = getClientAssertion;
8358
8446
  exports.getTenantIdFromIdTokenClaims = getTenantIdFromIdTokenClaims;
@@ -8361,4 +8449,4 @@ exports.invokeAsync = invokeAsync;
8361
8449
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
8362
8450
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
8363
8451
  exports.version = version;
8364
- //# sourceMappingURL=index-node-aee3f7b6.js.map
8452
+ //# sourceMappingURL=index-node-C9XsExml.js.map