@azure/msal-common 14.15.0 → 14.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.d.ts +0 -5
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +1 -4
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +24 -13
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts +10 -3
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +62 -10
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +10 -4
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -0
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.d.ts +2 -0
- package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +5 -3
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.d.ts +19 -0
- package/dist/error/NetworkError.d.ts.map +1 -0
- package/dist/error/NetworkError.mjs +34 -0
- package/dist/error/NetworkError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +2 -1
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +2 -2
- package/dist/index-node.mjs +2 -2
- package/dist/index.mjs +2 -2
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.d.ts +1 -1
- package/dist/network/INetworkModule.d.ts.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/NetworkResponse.d.ts +6 -0
- package/dist/network/NetworkResponse.d.ts.map +1 -0
- package/dist/network/ThrottlingUtils.d.ts +1 -1
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +2 -0
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +8 -1
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +26 -3
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +29 -10
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +6 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +1 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +2 -1
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +33 -13
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-aee3f7b6.js → index-node-C9XsExml.js} +268 -180
- package/lib/index-node-C9XsExml.js.map +1 -0
- package/lib/index-node.cjs +5 -4
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -4
- package/lib/index.cjs.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +0 -5
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts +10 -3
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -0
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
- package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
- package/lib/types/error/NetworkError.d.ts +19 -0
- package/lib/types/error/NetworkError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +2 -1
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/network/INetworkModule.d.ts +1 -1
- package/lib/types/network/INetworkModule.d.ts.map +1 -1
- package/lib/types/network/NetworkResponse.d.ts +6 -0
- package/lib/types/network/NetworkResponse.d.ts.map +1 -0
- package/lib/types/network/ThrottlingUtils.d.ts +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +2 -0
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +8 -1
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +1 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/package.json +2 -4
- package/src/authority/RegionDiscovery.ts +1 -1
- package/src/cache/CacheManager.ts +0 -8
- package/src/client/AuthorizationCodeClient.ts +37 -16
- package/src/client/BaseClient.ts +104 -22
- package/src/client/RefreshTokenClient.ts +14 -5
- package/src/config/ClientConfiguration.ts +2 -0
- package/src/constants/AADServerParamKeys.ts +2 -0
- package/src/error/NetworkError.ts +44 -0
- package/src/exports-common.ts +2 -5
- package/src/network/INetworkModule.ts +1 -1
- package/src/network/NetworkResponse.ts +10 -0
- package/src/network/ThrottlingUtils.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/request/BaseAuthRequest.ts +2 -0
- package/src/request/RequestParameterBuilder.ts +51 -1
- package/src/telemetry/performance/PerformanceClient.ts +42 -12
- package/src/telemetry/performance/PerformanceEvent.ts +15 -0
- package/src/utils/Constants.ts +1 -0
- package/dist/network/NetworkManager.d.ts +0 -34
- package/dist/network/NetworkManager.d.ts.map +0 -1
- package/dist/network/NetworkManager.mjs +0 -44
- package/dist/network/NetworkManager.mjs.map +0 -1
- package/lib/index-node-aee3f7b6.js.map +0 -1
- package/lib/types/network/NetworkManager.d.ts +0 -34
- package/lib/types/network/NetworkManager.d.ts.map +0 -1
- package/src/network/NetworkManager.ts +0 -76
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v14.
|
|
1
|
+
/*! @azure/msal-common v14.16.0 2024-11-05 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -96,6 +96,7 @@ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
|
|
|
96
96
|
*/
|
|
97
97
|
const HeaderNames = {
|
|
98
98
|
CONTENT_TYPE: "Content-Type",
|
|
99
|
+
CONTENT_LENGTH: "Content-Length",
|
|
99
100
|
RETRY_AFTER: "Retry-After",
|
|
100
101
|
CCS_HEADER: "X-AnchorMailbox",
|
|
101
102
|
WWWAuthenticate: "WWW-Authenticate",
|
|
@@ -1612,6 +1613,7 @@ const PerformanceEvents = {
|
|
|
1612
1613
|
/**
|
|
1613
1614
|
* Time spent sending/waiting for the response of a request to the token endpoint
|
|
1614
1615
|
*/
|
|
1616
|
+
NetworkClientSendPostRequestAsync: "networkClientSendPostRequestAsync",
|
|
1615
1617
|
RefreshTokenClientExecutePostToTokenEndpoint: "refreshTokenClientExecutePostToTokenEndpoint",
|
|
1616
1618
|
AuthorizationCodeClientExecutePostToTokenEndpoint: "authorizationCodeClientExecutePostToTokenEndpoint",
|
|
1617
1619
|
/**
|
|
@@ -1785,6 +1787,10 @@ const PerformanceEventAbbreviations = new Map([
|
|
|
1785
1787
|
PerformanceEvents.BaseClientCreateTokenRequestHeaders,
|
|
1786
1788
|
"BaseClientCreateTReqHead",
|
|
1787
1789
|
],
|
|
1790
|
+
[
|
|
1791
|
+
PerformanceEvents.NetworkClientSendPostRequestAsync,
|
|
1792
|
+
"NetClientSendPost",
|
|
1793
|
+
],
|
|
1788
1794
|
[
|
|
1789
1795
|
PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint,
|
|
1790
1796
|
"RTClientExecPost",
|
|
@@ -3519,11 +3525,15 @@ const LOGOUT_HINT = "logout_hint";
|
|
|
3519
3525
|
const SID = "sid";
|
|
3520
3526
|
const LOGIN_HINT = "login_hint";
|
|
3521
3527
|
const DOMAIN_HINT = "domain_hint";
|
|
3522
|
-
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3528
|
+
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3529
|
+
const BROKER_CLIENT_ID = "brk_client_id";
|
|
3530
|
+
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
3523
3531
|
|
|
3524
3532
|
var AADServerParamKeys = /*#__PURE__*/Object.freeze({
|
|
3525
3533
|
__proto__: null,
|
|
3526
3534
|
ACCESS_TOKEN: ACCESS_TOKEN,
|
|
3535
|
+
BROKER_CLIENT_ID: BROKER_CLIENT_ID,
|
|
3536
|
+
BROKER_REDIRECT_URI: BROKER_REDIRECT_URI,
|
|
3527
3537
|
CCS_HEADER: CCS_HEADER,
|
|
3528
3538
|
CLAIMS: CLAIMS,
|
|
3529
3539
|
CLIENT_ASSERTION: CLIENT_ASSERTION,
|
|
@@ -3806,7 +3816,7 @@ class Logger {
|
|
|
3806
3816
|
|
|
3807
3817
|
/* eslint-disable header/header */
|
|
3808
3818
|
const name = "@azure/msal-common";
|
|
3809
|
-
const version = "14.
|
|
3819
|
+
const version = "14.16.0";
|
|
3810
3820
|
|
|
3811
3821
|
/*
|
|
3812
3822
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5661,9 +5671,6 @@ class DefaultStorageClass extends CacheManager {
|
|
|
5661
5671
|
getTokenKeys() {
|
|
5662
5672
|
throw createClientAuthError(methodNotImplemented);
|
|
5663
5673
|
}
|
|
5664
|
-
async clear() {
|
|
5665
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5666
|
-
}
|
|
5667
5674
|
updateCredentialCacheKey() {
|
|
5668
5675
|
throw createClientAuthError(methodNotImplemented);
|
|
5669
5676
|
}
|
|
@@ -5769,154 +5776,6 @@ function isOidcProtocolMode(config) {
|
|
|
5769
5776
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
5770
5777
|
}
|
|
5771
5778
|
|
|
5772
|
-
/*
|
|
5773
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5774
|
-
* Licensed under the MIT License.
|
|
5775
|
-
*/
|
|
5776
|
-
/**
|
|
5777
|
-
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
5778
|
-
*/
|
|
5779
|
-
class ServerError extends AuthError {
|
|
5780
|
-
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
5781
|
-
super(errorCode, errorMessage, subError);
|
|
5782
|
-
this.name = "ServerError";
|
|
5783
|
-
this.errorNo = errorNo;
|
|
5784
|
-
this.status = status;
|
|
5785
|
-
Object.setPrototypeOf(this, ServerError.prototype);
|
|
5786
|
-
}
|
|
5787
|
-
}
|
|
5788
|
-
|
|
5789
|
-
/*
|
|
5790
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5791
|
-
* Licensed under the MIT License.
|
|
5792
|
-
*/
|
|
5793
|
-
/** @internal */
|
|
5794
|
-
class ThrottlingUtils {
|
|
5795
|
-
/**
|
|
5796
|
-
* Prepares a RequestThumbprint to be stored as a key.
|
|
5797
|
-
* @param thumbprint
|
|
5798
|
-
*/
|
|
5799
|
-
static generateThrottlingStorageKey(thumbprint) {
|
|
5800
|
-
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
5801
|
-
}
|
|
5802
|
-
/**
|
|
5803
|
-
* Performs necessary throttling checks before a network request.
|
|
5804
|
-
* @param cacheManager
|
|
5805
|
-
* @param thumbprint
|
|
5806
|
-
*/
|
|
5807
|
-
static preProcess(cacheManager, thumbprint) {
|
|
5808
|
-
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
5809
|
-
const value = cacheManager.getThrottlingCache(key);
|
|
5810
|
-
if (value) {
|
|
5811
|
-
if (value.throttleTime < Date.now()) {
|
|
5812
|
-
cacheManager.removeItem(key);
|
|
5813
|
-
return;
|
|
5814
|
-
}
|
|
5815
|
-
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
5816
|
-
}
|
|
5817
|
-
}
|
|
5818
|
-
/**
|
|
5819
|
-
* Performs necessary throttling checks after a network request.
|
|
5820
|
-
* @param cacheManager
|
|
5821
|
-
* @param thumbprint
|
|
5822
|
-
* @param response
|
|
5823
|
-
*/
|
|
5824
|
-
static postProcess(cacheManager, thumbprint, response) {
|
|
5825
|
-
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
5826
|
-
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
5827
|
-
const thumbprintValue = {
|
|
5828
|
-
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
5829
|
-
error: response.body.error,
|
|
5830
|
-
errorCodes: response.body.error_codes,
|
|
5831
|
-
errorMessage: response.body.error_description,
|
|
5832
|
-
subError: response.body.suberror,
|
|
5833
|
-
};
|
|
5834
|
-
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
5835
|
-
}
|
|
5836
|
-
}
|
|
5837
|
-
/**
|
|
5838
|
-
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
5839
|
-
* @param response
|
|
5840
|
-
*/
|
|
5841
|
-
static checkResponseStatus(response) {
|
|
5842
|
-
return (response.status === 429 ||
|
|
5843
|
-
(response.status >= 500 && response.status < 600));
|
|
5844
|
-
}
|
|
5845
|
-
/**
|
|
5846
|
-
* Checks a NetworkResponse object's RetryAfter header
|
|
5847
|
-
* @param response
|
|
5848
|
-
*/
|
|
5849
|
-
static checkResponseForRetryAfter(response) {
|
|
5850
|
-
if (response.headers) {
|
|
5851
|
-
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
5852
|
-
(response.status < 200 || response.status >= 300));
|
|
5853
|
-
}
|
|
5854
|
-
return false;
|
|
5855
|
-
}
|
|
5856
|
-
/**
|
|
5857
|
-
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
5858
|
-
* @param throttleTime
|
|
5859
|
-
*/
|
|
5860
|
-
static calculateThrottleTime(throttleTime) {
|
|
5861
|
-
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
5862
|
-
const currentSeconds = Date.now() / 1000;
|
|
5863
|
-
return Math.floor(Math.min(currentSeconds +
|
|
5864
|
-
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
5865
|
-
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
5866
|
-
}
|
|
5867
|
-
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
5868
|
-
const thumbprint = {
|
|
5869
|
-
clientId: clientId,
|
|
5870
|
-
authority: request.authority,
|
|
5871
|
-
scopes: request.scopes,
|
|
5872
|
-
homeAccountIdentifier: homeAccountIdentifier,
|
|
5873
|
-
claims: request.claims,
|
|
5874
|
-
authenticationScheme: request.authenticationScheme,
|
|
5875
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
5876
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
5877
|
-
shrClaims: request.shrClaims,
|
|
5878
|
-
sshKid: request.sshKid,
|
|
5879
|
-
};
|
|
5880
|
-
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
5881
|
-
cacheManager.removeItem(key);
|
|
5882
|
-
}
|
|
5883
|
-
}
|
|
5884
|
-
|
|
5885
|
-
/*
|
|
5886
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5887
|
-
* Licensed under the MIT License.
|
|
5888
|
-
*/
|
|
5889
|
-
/** @internal */
|
|
5890
|
-
class NetworkManager {
|
|
5891
|
-
constructor(networkClient, cacheManager) {
|
|
5892
|
-
this.networkClient = networkClient;
|
|
5893
|
-
this.cacheManager = cacheManager;
|
|
5894
|
-
}
|
|
5895
|
-
/**
|
|
5896
|
-
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
5897
|
-
* @param thumbprint
|
|
5898
|
-
* @param tokenEndpoint
|
|
5899
|
-
* @param options
|
|
5900
|
-
*/
|
|
5901
|
-
async sendPostRequest(thumbprint, tokenEndpoint, options) {
|
|
5902
|
-
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
5903
|
-
let response;
|
|
5904
|
-
try {
|
|
5905
|
-
response = await this.networkClient.sendPostRequestAsync(tokenEndpoint, options);
|
|
5906
|
-
}
|
|
5907
|
-
catch (e) {
|
|
5908
|
-
if (e instanceof AuthError) {
|
|
5909
|
-
throw e;
|
|
5910
|
-
}
|
|
5911
|
-
else {
|
|
5912
|
-
throw createClientAuthError(networkError);
|
|
5913
|
-
}
|
|
5914
|
-
}
|
|
5915
|
-
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
5916
|
-
return response;
|
|
5917
|
-
}
|
|
5918
|
-
}
|
|
5919
|
-
|
|
5920
5779
|
/*
|
|
5921
5780
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5922
5781
|
* Licensed under the MIT License.
|
|
@@ -5995,10 +5854,24 @@ class RequestValidator {
|
|
|
5995
5854
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5996
5855
|
* Licensed under the MIT License.
|
|
5997
5856
|
*/
|
|
5857
|
+
function instrumentBrokerParams(parameters, correlationId, performanceClient) {
|
|
5858
|
+
if (!correlationId) {
|
|
5859
|
+
return;
|
|
5860
|
+
}
|
|
5861
|
+
const clientId = parameters.get(CLIENT_ID);
|
|
5862
|
+
if (clientId && parameters.has(BROKER_CLIENT_ID)) {
|
|
5863
|
+
performanceClient?.addFields({
|
|
5864
|
+
embeddedClientId: clientId,
|
|
5865
|
+
embeddedRedirectUri: parameters.get(REDIRECT_URI),
|
|
5866
|
+
}, correlationId);
|
|
5867
|
+
}
|
|
5868
|
+
}
|
|
5998
5869
|
/** @internal */
|
|
5999
5870
|
class RequestParameterBuilder {
|
|
6000
|
-
constructor() {
|
|
5871
|
+
constructor(correlationId, performanceClient) {
|
|
6001
5872
|
this.parameters = new Map();
|
|
5873
|
+
this.performanceClient = performanceClient;
|
|
5874
|
+
this.correlationId = correlationId;
|
|
6002
5875
|
}
|
|
6003
5876
|
/**
|
|
6004
5877
|
* add response_type = code
|
|
@@ -6362,6 +6235,14 @@ class RequestParameterBuilder {
|
|
|
6362
6235
|
addLogoutHint(logoutHint) {
|
|
6363
6236
|
this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
|
|
6364
6237
|
}
|
|
6238
|
+
addBrokerParameters(params) {
|
|
6239
|
+
const brokerParams = {};
|
|
6240
|
+
brokerParams[BROKER_CLIENT_ID] =
|
|
6241
|
+
params.brokerClientId;
|
|
6242
|
+
brokerParams[BROKER_REDIRECT_URI] =
|
|
6243
|
+
params.brokerRedirectUri;
|
|
6244
|
+
this.addExtraQueryParameters(brokerParams);
|
|
6245
|
+
}
|
|
6365
6246
|
/**
|
|
6366
6247
|
* Utility to create a URL from the params map
|
|
6367
6248
|
*/
|
|
@@ -6370,10 +6251,152 @@ class RequestParameterBuilder {
|
|
|
6370
6251
|
this.parameters.forEach((value, key) => {
|
|
6371
6252
|
queryParameterArray.push(`${key}=${value}`);
|
|
6372
6253
|
});
|
|
6254
|
+
instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
|
|
6373
6255
|
return queryParameterArray.join("&");
|
|
6374
6256
|
}
|
|
6375
6257
|
}
|
|
6376
6258
|
|
|
6259
|
+
/*
|
|
6260
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6261
|
+
* Licensed under the MIT License.
|
|
6262
|
+
*/
|
|
6263
|
+
/**
|
|
6264
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
6265
|
+
*/
|
|
6266
|
+
class ServerError extends AuthError {
|
|
6267
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
6268
|
+
super(errorCode, errorMessage, subError);
|
|
6269
|
+
this.name = "ServerError";
|
|
6270
|
+
this.errorNo = errorNo;
|
|
6271
|
+
this.status = status;
|
|
6272
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
6273
|
+
}
|
|
6274
|
+
}
|
|
6275
|
+
|
|
6276
|
+
/*
|
|
6277
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6278
|
+
* Licensed under the MIT License.
|
|
6279
|
+
*/
|
|
6280
|
+
/** @internal */
|
|
6281
|
+
class ThrottlingUtils {
|
|
6282
|
+
/**
|
|
6283
|
+
* Prepares a RequestThumbprint to be stored as a key.
|
|
6284
|
+
* @param thumbprint
|
|
6285
|
+
*/
|
|
6286
|
+
static generateThrottlingStorageKey(thumbprint) {
|
|
6287
|
+
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
6288
|
+
}
|
|
6289
|
+
/**
|
|
6290
|
+
* Performs necessary throttling checks before a network request.
|
|
6291
|
+
* @param cacheManager
|
|
6292
|
+
* @param thumbprint
|
|
6293
|
+
*/
|
|
6294
|
+
static preProcess(cacheManager, thumbprint) {
|
|
6295
|
+
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
6296
|
+
const value = cacheManager.getThrottlingCache(key);
|
|
6297
|
+
if (value) {
|
|
6298
|
+
if (value.throttleTime < Date.now()) {
|
|
6299
|
+
cacheManager.removeItem(key);
|
|
6300
|
+
return;
|
|
6301
|
+
}
|
|
6302
|
+
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
6303
|
+
}
|
|
6304
|
+
}
|
|
6305
|
+
/**
|
|
6306
|
+
* Performs necessary throttling checks after a network request.
|
|
6307
|
+
* @param cacheManager
|
|
6308
|
+
* @param thumbprint
|
|
6309
|
+
* @param response
|
|
6310
|
+
*/
|
|
6311
|
+
static postProcess(cacheManager, thumbprint, response) {
|
|
6312
|
+
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
6313
|
+
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
6314
|
+
const thumbprintValue = {
|
|
6315
|
+
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
6316
|
+
error: response.body.error,
|
|
6317
|
+
errorCodes: response.body.error_codes,
|
|
6318
|
+
errorMessage: response.body.error_description,
|
|
6319
|
+
subError: response.body.suberror,
|
|
6320
|
+
};
|
|
6321
|
+
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
6322
|
+
}
|
|
6323
|
+
}
|
|
6324
|
+
/**
|
|
6325
|
+
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
6326
|
+
* @param response
|
|
6327
|
+
*/
|
|
6328
|
+
static checkResponseStatus(response) {
|
|
6329
|
+
return (response.status === 429 ||
|
|
6330
|
+
(response.status >= 500 && response.status < 600));
|
|
6331
|
+
}
|
|
6332
|
+
/**
|
|
6333
|
+
* Checks a NetworkResponse object's RetryAfter header
|
|
6334
|
+
* @param response
|
|
6335
|
+
*/
|
|
6336
|
+
static checkResponseForRetryAfter(response) {
|
|
6337
|
+
if (response.headers) {
|
|
6338
|
+
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
6339
|
+
(response.status < 200 || response.status >= 300));
|
|
6340
|
+
}
|
|
6341
|
+
return false;
|
|
6342
|
+
}
|
|
6343
|
+
/**
|
|
6344
|
+
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
6345
|
+
* @param throttleTime
|
|
6346
|
+
*/
|
|
6347
|
+
static calculateThrottleTime(throttleTime) {
|
|
6348
|
+
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
6349
|
+
const currentSeconds = Date.now() / 1000;
|
|
6350
|
+
return Math.floor(Math.min(currentSeconds +
|
|
6351
|
+
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
6352
|
+
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
6353
|
+
}
|
|
6354
|
+
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
6355
|
+
const thumbprint = {
|
|
6356
|
+
clientId: clientId,
|
|
6357
|
+
authority: request.authority,
|
|
6358
|
+
scopes: request.scopes,
|
|
6359
|
+
homeAccountIdentifier: homeAccountIdentifier,
|
|
6360
|
+
claims: request.claims,
|
|
6361
|
+
authenticationScheme: request.authenticationScheme,
|
|
6362
|
+
resourceRequestMethod: request.resourceRequestMethod,
|
|
6363
|
+
resourceRequestUri: request.resourceRequestUri,
|
|
6364
|
+
shrClaims: request.shrClaims,
|
|
6365
|
+
sshKid: request.sshKid,
|
|
6366
|
+
};
|
|
6367
|
+
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
6368
|
+
cacheManager.removeItem(key);
|
|
6369
|
+
}
|
|
6370
|
+
}
|
|
6371
|
+
|
|
6372
|
+
/*
|
|
6373
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6374
|
+
* Licensed under the MIT License.
|
|
6375
|
+
*/
|
|
6376
|
+
/**
|
|
6377
|
+
* Represents network related errors
|
|
6378
|
+
*/
|
|
6379
|
+
class NetworkError extends AuthError {
|
|
6380
|
+
constructor(error, httpStatus, responseHeaders) {
|
|
6381
|
+
super(error.errorCode, error.errorMessage, error.subError);
|
|
6382
|
+
Object.setPrototypeOf(this, NetworkError.prototype);
|
|
6383
|
+
this.name = "NetworkError";
|
|
6384
|
+
this.error = error;
|
|
6385
|
+
this.httpStatus = httpStatus;
|
|
6386
|
+
this.responseHeaders = responseHeaders;
|
|
6387
|
+
}
|
|
6388
|
+
}
|
|
6389
|
+
/**
|
|
6390
|
+
* Creates NetworkError object for a failed network request
|
|
6391
|
+
* @param error - Error to be thrown back to the caller
|
|
6392
|
+
* @param httpStatus - Status code of the network request
|
|
6393
|
+
* @param responseHeaders - Response headers of the network request, when available
|
|
6394
|
+
* @returns NetworkError object
|
|
6395
|
+
*/
|
|
6396
|
+
function createNetworkError(error, httpStatus, responseHeaders) {
|
|
6397
|
+
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6398
|
+
}
|
|
6399
|
+
|
|
6377
6400
|
/*
|
|
6378
6401
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6379
6402
|
* Licensed under the MIT License.
|
|
@@ -6394,8 +6417,6 @@ class BaseClient {
|
|
|
6394
6417
|
this.cacheManager = this.config.storageInterface;
|
|
6395
6418
|
// Set the network interface
|
|
6396
6419
|
this.networkClient = this.config.networkInterface;
|
|
6397
|
-
// Set the NetworkManager
|
|
6398
|
-
this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);
|
|
6399
6420
|
// Set TelemetryManager
|
|
6400
6421
|
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
6401
6422
|
// set Authority
|
|
@@ -6439,11 +6460,7 @@ class BaseClient {
|
|
|
6439
6460
|
if (queuedEvent) {
|
|
6440
6461
|
this.performanceClient?.addQueueMeasurement(queuedEvent, correlationId);
|
|
6441
6462
|
}
|
|
6442
|
-
const response = await this.
|
|
6443
|
-
this.performanceClient?.addFields({
|
|
6444
|
-
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6445
|
-
httpVerToken: response.headers?.[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6446
|
-
}, correlationId);
|
|
6463
|
+
const response = await this.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId);
|
|
6447
6464
|
if (this.config.serverTelemetryManager &&
|
|
6448
6465
|
response.status < 500 &&
|
|
6449
6466
|
response.status !== 429) {
|
|
@@ -6452,6 +6469,52 @@ class BaseClient {
|
|
|
6452
6469
|
}
|
|
6453
6470
|
return response;
|
|
6454
6471
|
}
|
|
6472
|
+
/**
|
|
6473
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
6474
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
6475
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
6476
|
+
* @param options - Body and Headers to include on the POST request
|
|
6477
|
+
* @param correlationId - CorrelationId for telemetry
|
|
6478
|
+
*/
|
|
6479
|
+
async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
|
|
6480
|
+
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
6481
|
+
let response;
|
|
6482
|
+
try {
|
|
6483
|
+
response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
|
|
6484
|
+
const responseHeaders = response.headers || {};
|
|
6485
|
+
this.performanceClient?.addFields({
|
|
6486
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6487
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6488
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
6489
|
+
}, correlationId);
|
|
6490
|
+
}
|
|
6491
|
+
catch (e) {
|
|
6492
|
+
if (e instanceof NetworkError) {
|
|
6493
|
+
const responseHeaders = e.responseHeaders;
|
|
6494
|
+
if (responseHeaders) {
|
|
6495
|
+
this.performanceClient?.addFields({
|
|
6496
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6497
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] ||
|
|
6498
|
+
"",
|
|
6499
|
+
contentTypeHeader: responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
6500
|
+
undefined,
|
|
6501
|
+
contentLengthHeader: responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
6502
|
+
undefined,
|
|
6503
|
+
httpStatus: e.httpStatus,
|
|
6504
|
+
}, correlationId);
|
|
6505
|
+
}
|
|
6506
|
+
throw e.error;
|
|
6507
|
+
}
|
|
6508
|
+
if (e instanceof AuthError) {
|
|
6509
|
+
throw e;
|
|
6510
|
+
}
|
|
6511
|
+
else {
|
|
6512
|
+
throw createClientAuthError(networkError);
|
|
6513
|
+
}
|
|
6514
|
+
}
|
|
6515
|
+
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
6516
|
+
return response;
|
|
6517
|
+
}
|
|
6455
6518
|
/**
|
|
6456
6519
|
* Updates the authority object of the client. Endpoint discovery must be completed.
|
|
6457
6520
|
* @param updatedAuthority
|
|
@@ -6467,10 +6530,17 @@ class BaseClient {
|
|
|
6467
6530
|
* @param request
|
|
6468
6531
|
*/
|
|
6469
6532
|
createTokenQueryParameters(request) {
|
|
6470
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
6533
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
6534
|
+
if (request.embeddedClientId) {
|
|
6535
|
+
parameterBuilder.addBrokerParameters({
|
|
6536
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
6537
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
6538
|
+
});
|
|
6539
|
+
}
|
|
6471
6540
|
if (request.tokenQueryParameters) {
|
|
6472
6541
|
parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);
|
|
6473
6542
|
}
|
|
6543
|
+
parameterBuilder.addCorrelationId(request.correlationId);
|
|
6474
6544
|
return parameterBuilder.createQueryString();
|
|
6475
6545
|
}
|
|
6476
6546
|
}
|
|
@@ -7285,8 +7355,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7285
7355
|
*/
|
|
7286
7356
|
async createTokenRequestBody(request) {
|
|
7287
7357
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
|
|
7288
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7289
|
-
parameterBuilder.addClientId(request.
|
|
7358
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7359
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7360
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7290
7361
|
this.config.authOptions.clientId);
|
|
7291
7362
|
/*
|
|
7292
7363
|
* For hybrid spa flow, there will be a code but no verifier
|
|
@@ -7346,9 +7417,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7346
7417
|
throw createClientConfigurationError(missingSshJwk);
|
|
7347
7418
|
}
|
|
7348
7419
|
}
|
|
7349
|
-
const correlationId = request.correlationId ||
|
|
7350
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7351
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7352
7420
|
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7353
7421
|
(this.config.authOptions.clientCapabilities &&
|
|
7354
7422
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
@@ -7388,6 +7456,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7388
7456
|
break;
|
|
7389
7457
|
}
|
|
7390
7458
|
}
|
|
7459
|
+
if (request.embeddedClientId) {
|
|
7460
|
+
parameterBuilder.addBrokerParameters({
|
|
7461
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7462
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7463
|
+
});
|
|
7464
|
+
}
|
|
7391
7465
|
if (request.tokenBodyParameters) {
|
|
7392
7466
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7393
7467
|
}
|
|
@@ -7406,9 +7480,13 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7406
7480
|
* @param request
|
|
7407
7481
|
*/
|
|
7408
7482
|
async createAuthCodeUrlQueryString(request) {
|
|
7409
|
-
|
|
7410
|
-
const
|
|
7411
|
-
|
|
7483
|
+
// generate the correlationId if not set by the user and add
|
|
7484
|
+
const correlationId = request.correlationId ||
|
|
7485
|
+
this.config.cryptoInterface.createNewGuid();
|
|
7486
|
+
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, correlationId);
|
|
7487
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7488
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7489
|
+
request.extraQueryParameters?.[CLIENT_ID] ||
|
|
7412
7490
|
this.config.authOptions.clientId);
|
|
7413
7491
|
const requestScopes = [
|
|
7414
7492
|
...(request.scopes || []),
|
|
@@ -7417,9 +7495,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7417
7495
|
parameterBuilder.addScopes(requestScopes, true, this.oidcDefaultScopes);
|
|
7418
7496
|
// validate the redirectUri (to be a non null value)
|
|
7419
7497
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
7420
|
-
// generate the correlationId if not set by the user and add
|
|
7421
|
-
const correlationId = request.correlationId ||
|
|
7422
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7423
7498
|
parameterBuilder.addCorrelationId(correlationId);
|
|
7424
7499
|
// add response_mode. If not passed in it defaults to query.
|
|
7425
7500
|
parameterBuilder.addResponseMode(request.responseMode);
|
|
@@ -7521,6 +7596,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7521
7596
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7522
7597
|
parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);
|
|
7523
7598
|
}
|
|
7599
|
+
if (request.embeddedClientId) {
|
|
7600
|
+
parameterBuilder.addBrokerParameters({
|
|
7601
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7602
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7603
|
+
});
|
|
7604
|
+
}
|
|
7524
7605
|
this.addExtraQueryParams(request, parameterBuilder);
|
|
7525
7606
|
if (request.nativeBroker) {
|
|
7526
7607
|
// signal ests that this is a WAM call
|
|
@@ -7547,7 +7628,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7547
7628
|
* @param request
|
|
7548
7629
|
*/
|
|
7549
7630
|
createLogoutUrlQueryString(request) {
|
|
7550
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7631
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7551
7632
|
if (request.postLogoutRedirectUri) {
|
|
7552
7633
|
parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);
|
|
7553
7634
|
}
|
|
@@ -7726,8 +7807,9 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7726
7807
|
async createTokenRequestBody(request) {
|
|
7727
7808
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
|
|
7728
7809
|
const correlationId = request.correlationId;
|
|
7729
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7730
|
-
parameterBuilder.addClientId(request.
|
|
7810
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7811
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7812
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7731
7813
|
this.config.authOptions.clientId);
|
|
7732
7814
|
if (request.redirectUri) {
|
|
7733
7815
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
@@ -7741,7 +7823,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7741
7823
|
if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
|
|
7742
7824
|
parameterBuilder.addServerTelemetry(this.serverTelemetryManager);
|
|
7743
7825
|
}
|
|
7744
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7745
7826
|
parameterBuilder.addRefreshToken(request.refreshToken);
|
|
7746
7827
|
if (this.config.clientCredentials.clientSecret) {
|
|
7747
7828
|
parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
|
|
@@ -7795,6 +7876,12 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7795
7876
|
break;
|
|
7796
7877
|
}
|
|
7797
7878
|
}
|
|
7879
|
+
if (request.embeddedClientId) {
|
|
7880
|
+
parameterBuilder.addBrokerParameters({
|
|
7881
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7882
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7883
|
+
});
|
|
7884
|
+
}
|
|
7798
7885
|
if (request.tokenBodyParameters) {
|
|
7799
7886
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7800
7887
|
}
|
|
@@ -8314,7 +8401,7 @@ exports.InteractionRequiredAuthErrorCodes = InteractionRequiredAuthErrorCodes;
|
|
|
8314
8401
|
exports.InteractionRequiredAuthErrorMessage = InteractionRequiredAuthErrorMessage;
|
|
8315
8402
|
exports.JsonWebTokenTypes = JsonWebTokenTypes;
|
|
8316
8403
|
exports.Logger = Logger;
|
|
8317
|
-
exports.
|
|
8404
|
+
exports.NetworkError = NetworkError;
|
|
8318
8405
|
exports.OIDC_DEFAULT_SCOPES = OIDC_DEFAULT_SCOPES;
|
|
8319
8406
|
exports.ONE_DAY_IN_MS = ONE_DAY_IN_MS;
|
|
8320
8407
|
exports.PasswordGrantConstants = PasswordGrantConstants;
|
|
@@ -8353,6 +8440,7 @@ exports.createAuthError = createAuthError;
|
|
|
8353
8440
|
exports.createClientAuthError = createClientAuthError;
|
|
8354
8441
|
exports.createClientConfigurationError = createClientConfigurationError;
|
|
8355
8442
|
exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
|
|
8443
|
+
exports.createNetworkError = createNetworkError;
|
|
8356
8444
|
exports.formatAuthorityUri = formatAuthorityUri;
|
|
8357
8445
|
exports.getClientAssertion = getClientAssertion;
|
|
8358
8446
|
exports.getTenantIdFromIdTokenClaims = getTenantIdFromIdTokenClaims;
|
|
@@ -8361,4 +8449,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
8361
8449
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
8362
8450
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
8363
8451
|
exports.version = version;
|
|
8364
|
-
//# sourceMappingURL=index-node-
|
|
8452
|
+
//# sourceMappingURL=index-node-C9XsExml.js.map
|