@azure/msal-common 14.15.0 → 14.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (225) hide show
  1. package/dist/account/AccountInfo.d.ts +1 -0
  2. package/dist/account/AccountInfo.d.ts.map +1 -1
  3. package/dist/account/AccountInfo.mjs +1 -1
  4. package/dist/account/AccountInfo.mjs.map +1 -1
  5. package/dist/account/AuthToken.mjs +1 -1
  6. package/dist/account/CcsCredential.mjs +1 -1
  7. package/dist/account/ClientInfo.mjs +1 -1
  8. package/dist/account/TokenClaims.mjs +1 -1
  9. package/dist/authority/Authority.mjs +1 -1
  10. package/dist/authority/AuthorityFactory.mjs +1 -1
  11. package/dist/authority/AuthorityMetadata.mjs +1 -1
  12. package/dist/authority/AuthorityOptions.mjs +1 -1
  13. package/dist/authority/AuthorityType.mjs +1 -1
  14. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  15. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  16. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  17. package/dist/authority/ProtocolMode.mjs +1 -1
  18. package/dist/authority/RegionDiscovery.mjs +1 -1
  19. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
  20. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
  21. package/dist/cache/CacheManager.d.ts +34 -39
  22. package/dist/cache/CacheManager.d.ts.map +1 -1
  23. package/dist/cache/CacheManager.mjs +84 -102
  24. package/dist/cache/CacheManager.mjs.map +1 -1
  25. package/dist/cache/entities/AccountEntity.d.ts +1 -0
  26. package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
  27. package/dist/cache/entities/AccountEntity.mjs +1 -1
  28. package/dist/cache/entities/AccountEntity.mjs.map +1 -1
  29. package/dist/cache/entities/CredentialEntity.d.ts +2 -0
  30. package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
  31. package/dist/cache/interface/ICacheManager.d.ts +21 -21
  32. package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
  33. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  34. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  35. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  36. package/dist/client/AuthorizationCodeClient.mjs +24 -13
  37. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  38. package/dist/client/BaseClient.d.ts +10 -3
  39. package/dist/client/BaseClient.d.ts.map +1 -1
  40. package/dist/client/BaseClient.mjs +62 -10
  41. package/dist/client/BaseClient.mjs.map +1 -1
  42. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  43. package/dist/client/RefreshTokenClient.mjs +12 -6
  44. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  45. package/dist/client/SilentFlowClient.d.ts.map +1 -1
  46. package/dist/client/SilentFlowClient.mjs +4 -4
  47. package/dist/client/SilentFlowClient.mjs.map +1 -1
  48. package/dist/config/ClientConfiguration.d.ts +2 -0
  49. package/dist/config/ClientConfiguration.d.ts.map +1 -1
  50. package/dist/config/ClientConfiguration.mjs +1 -1
  51. package/dist/config/ClientConfiguration.mjs.map +1 -1
  52. package/dist/constants/AADServerParamKeys.d.ts +2 -0
  53. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  54. package/dist/constants/AADServerParamKeys.mjs +5 -3
  55. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  56. package/dist/crypto/ICrypto.mjs +1 -1
  57. package/dist/crypto/JoseHeader.mjs +1 -1
  58. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  59. package/dist/error/AuthError.mjs +1 -1
  60. package/dist/error/AuthErrorCodes.mjs +1 -1
  61. package/dist/error/CacheError.d.ts +6 -0
  62. package/dist/error/CacheError.d.ts.map +1 -1
  63. package/dist/error/CacheError.mjs +24 -6
  64. package/dist/error/CacheError.mjs.map +1 -1
  65. package/dist/error/CacheErrorCodes.d.ts +2 -2
  66. package/dist/error/CacheErrorCodes.d.ts.map +1 -1
  67. package/dist/error/CacheErrorCodes.mjs +4 -4
  68. package/dist/error/CacheErrorCodes.mjs.map +1 -1
  69. package/dist/error/ClientAuthError.mjs +1 -1
  70. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  71. package/dist/error/ClientConfigurationError.mjs +1 -1
  72. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  73. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  74. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  75. package/dist/error/JoseHeaderError.mjs +1 -1
  76. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  77. package/dist/error/NetworkError.d.ts +19 -0
  78. package/dist/error/NetworkError.d.ts.map +1 -0
  79. package/dist/error/NetworkError.mjs +34 -0
  80. package/dist/error/NetworkError.mjs.map +1 -0
  81. package/dist/error/ServerError.mjs +1 -1
  82. package/dist/exports-common.d.ts +3 -2
  83. package/dist/exports-common.d.ts.map +1 -1
  84. package/dist/index-browser.mjs +3 -3
  85. package/dist/index-node.mjs +3 -3
  86. package/dist/index.mjs +3 -3
  87. package/dist/logger/Logger.mjs +1 -1
  88. package/dist/network/INetworkModule.d.ts +1 -1
  89. package/dist/network/INetworkModule.d.ts.map +1 -1
  90. package/dist/network/INetworkModule.mjs +1 -1
  91. package/dist/network/NetworkResponse.d.ts +6 -0
  92. package/dist/network/NetworkResponse.d.ts.map +1 -0
  93. package/dist/network/ThrottlingUtils.d.ts +3 -3
  94. package/dist/network/ThrottlingUtils.d.ts.map +1 -1
  95. package/dist/network/ThrottlingUtils.mjs +6 -6
  96. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  97. package/dist/packageMetadata.d.ts +1 -1
  98. package/dist/packageMetadata.mjs +2 -2
  99. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  100. package/dist/request/BaseAuthRequest.d.ts +2 -0
  101. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  102. package/dist/request/RequestParameterBuilder.d.ts +8 -1
  103. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  104. package/dist/request/RequestParameterBuilder.mjs +26 -3
  105. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  106. package/dist/request/RequestValidator.mjs +1 -1
  107. package/dist/request/ScopeSet.mjs +1 -1
  108. package/dist/response/ResponseHandler.d.ts +1 -1
  109. package/dist/response/ResponseHandler.d.ts.map +1 -1
  110. package/dist/response/ResponseHandler.mjs +6 -6
  111. package/dist/response/ResponseHandler.mjs.map +1 -1
  112. package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  113. package/dist/telemetry/performance/PerformanceClient.mjs +29 -10
  114. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  115. package/dist/telemetry/performance/PerformanceEvent.d.ts +9 -0
  116. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  117. package/dist/telemetry/performance/PerformanceEvent.mjs +6 -1
  118. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  119. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  120. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  121. package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
  122. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  123. package/dist/url/UrlString.mjs +1 -1
  124. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  125. package/dist/utils/Constants.d.ts +1 -0
  126. package/dist/utils/Constants.d.ts.map +1 -1
  127. package/dist/utils/Constants.mjs +2 -1
  128. package/dist/utils/Constants.mjs.map +1 -1
  129. package/dist/utils/FunctionWrappers.mjs +1 -1
  130. package/dist/utils/ProtocolUtils.mjs +1 -1
  131. package/dist/utils/StringUtils.mjs +1 -1
  132. package/dist/utils/TimeUtils.mjs +1 -1
  133. package/dist/utils/UrlUtils.mjs +1 -1
  134. package/lib/index-browser.cjs +34 -13
  135. package/lib/index-browser.cjs.map +1 -1
  136. package/lib/{index-node-aee3f7b6.js → index-node-CebvEPer.js} +390 -298
  137. package/lib/index-node-CebvEPer.js.map +1 -0
  138. package/lib/index-node.cjs +6 -4
  139. package/lib/index-node.cjs.map +1 -1
  140. package/lib/index.cjs +6 -4
  141. package/lib/index.cjs.map +1 -1
  142. package/lib/types/account/AccountInfo.d.ts +1 -0
  143. package/lib/types/account/AccountInfo.d.ts.map +1 -1
  144. package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
  145. package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
  146. package/lib/types/cache/CacheManager.d.ts +34 -39
  147. package/lib/types/cache/CacheManager.d.ts.map +1 -1
  148. package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
  149. package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
  150. package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
  151. package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
  152. package/lib/types/cache/interface/ICacheManager.d.ts +21 -21
  153. package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
  154. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  155. package/lib/types/client/BaseClient.d.ts +10 -3
  156. package/lib/types/client/BaseClient.d.ts.map +1 -1
  157. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  158. package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
  159. package/lib/types/config/ClientConfiguration.d.ts +2 -0
  160. package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
  161. package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
  162. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  163. package/lib/types/error/CacheError.d.ts +6 -0
  164. package/lib/types/error/CacheError.d.ts.map +1 -1
  165. package/lib/types/error/CacheErrorCodes.d.ts +2 -2
  166. package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
  167. package/lib/types/error/NetworkError.d.ts +19 -0
  168. package/lib/types/error/NetworkError.d.ts.map +1 -0
  169. package/lib/types/exports-common.d.ts +3 -2
  170. package/lib/types/exports-common.d.ts.map +1 -1
  171. package/lib/types/network/INetworkModule.d.ts +1 -1
  172. package/lib/types/network/INetworkModule.d.ts.map +1 -1
  173. package/lib/types/network/NetworkResponse.d.ts +6 -0
  174. package/lib/types/network/NetworkResponse.d.ts.map +1 -0
  175. package/lib/types/network/ThrottlingUtils.d.ts +3 -3
  176. package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
  177. package/lib/types/packageMetadata.d.ts +1 -1
  178. package/lib/types/request/BaseAuthRequest.d.ts +2 -0
  179. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  180. package/lib/types/request/RequestParameterBuilder.d.ts +8 -1
  181. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  182. package/lib/types/response/ResponseHandler.d.ts +1 -1
  183. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  184. package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  185. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +9 -0
  186. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  187. package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  188. package/lib/types/utils/Constants.d.ts +1 -0
  189. package/lib/types/utils/Constants.d.ts.map +1 -1
  190. package/package.json +2 -4
  191. package/src/account/AccountInfo.ts +1 -0
  192. package/src/authority/RegionDiscovery.ts +1 -1
  193. package/src/cache/CacheManager.ts +184 -131
  194. package/src/cache/entities/AccountEntity.ts +1 -0
  195. package/src/cache/entities/CredentialEntity.ts +2 -0
  196. package/src/cache/interface/ICacheManager.ts +45 -20
  197. package/src/client/AuthorizationCodeClient.ts +37 -16
  198. package/src/client/BaseClient.ts +113 -22
  199. package/src/client/RefreshTokenClient.ts +20 -8
  200. package/src/client/SilentFlowClient.ts +7 -5
  201. package/src/config/ClientConfiguration.ts +2 -0
  202. package/src/constants/AADServerParamKeys.ts +2 -0
  203. package/src/error/CacheError.ts +24 -4
  204. package/src/error/CacheErrorCodes.ts +2 -2
  205. package/src/error/NetworkError.ts +44 -0
  206. package/src/exports-common.ts +7 -6
  207. package/src/network/INetworkModule.ts +1 -1
  208. package/src/network/NetworkResponse.ts +10 -0
  209. package/src/network/ThrottlingUtils.ts +9 -6
  210. package/src/packageMetadata.ts +1 -1
  211. package/src/request/BaseAuthRequest.ts +2 -0
  212. package/src/request/RequestParameterBuilder.ts +51 -1
  213. package/src/response/ResponseHandler.ts +14 -4
  214. package/src/telemetry/performance/PerformanceClient.ts +42 -12
  215. package/src/telemetry/performance/PerformanceEvent.ts +15 -0
  216. package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
  217. package/src/utils/Constants.ts +1 -0
  218. package/dist/network/NetworkManager.d.ts +0 -34
  219. package/dist/network/NetworkManager.d.ts.map +0 -1
  220. package/dist/network/NetworkManager.mjs +0 -44
  221. package/dist/network/NetworkManager.mjs.map +0 -1
  222. package/lib/index-node-aee3f7b6.js.map +0 -1
  223. package/lib/types/network/NetworkManager.d.ts +0 -34
  224. package/lib/types/network/NetworkManager.d.ts.map +0 -1
  225. package/src/network/NetworkManager.ts +0 -76
@@ -62,6 +62,7 @@ export class AccountEntity {
62
62
  msGraphHost?: string;
63
63
  nativeAccountId?: string;
64
64
  tenantProfiles?: Array<TenantProfile>;
65
+ lastUpdatedAt?: string;
65
66
 
66
67
  /**
67
68
  * Generate Account Id key component as per the schema: <home_account_id>-<environment>
@@ -33,4 +33,6 @@ export type CredentialEntity = {
33
33
  keyId?: string;
34
34
  /** Matches the SHA 256 hash of the claims object included in the token request */
35
35
  requestedClaimsHash?: string;
36
+ /** Timestamp when the entry was last updated */
37
+ lastUpdatedAt?: string;
36
38
  };
@@ -21,13 +21,13 @@ export interface ICacheManager {
21
21
  * fetch the account entity from the platform cache
22
22
  * @param accountKey
23
23
  */
24
- getAccount(accountKey: string): AccountEntity | null;
24
+ getAccount(accountKey: string, correlationId: string): AccountEntity | null;
25
25
 
26
26
  /**
27
27
  * set account entity in the platform cache
28
28
  * @param account
29
29
  */
30
- setAccount(account: AccountEntity): void;
30
+ setAccount(account: AccountEntity, correlationId: string): void;
31
31
 
32
32
  /**
33
33
  * Returns true if the given key matches our account key schema. Also matches homeAccountId and/or tenantId if provided
@@ -46,39 +46,52 @@ export interface ICacheManager {
46
46
  * fetch the idToken entity from the platform cache
47
47
  * @param idTokenKey
48
48
  */
49
- getIdTokenCredential(idTokenKey: string): IdTokenEntity | null;
49
+ getIdTokenCredential(
50
+ idTokenKey: string,
51
+ correlationId: string
52
+ ): IdTokenEntity | null;
50
53
 
51
54
  /**
52
55
  * set idToken entity to the platform cache
53
56
  * @param idToken
54
57
  */
55
- setIdTokenCredential(idToken: IdTokenEntity): void;
58
+ setIdTokenCredential(idToken: IdTokenEntity, correlationId: string): void;
56
59
 
57
60
  /**
58
61
  * fetch the idToken entity from the platform cache
59
62
  * @param accessTokenKey
60
63
  */
61
- getAccessTokenCredential(accessTokenKey: string): AccessTokenEntity | null;
64
+ getAccessTokenCredential(
65
+ accessTokenKey: string,
66
+ correlationId: string
67
+ ): AccessTokenEntity | null;
62
68
 
63
69
  /**
64
70
  * set idToken entity to the platform cache
65
71
  * @param accessToken
66
72
  */
67
- setAccessTokenCredential(accessToken: AccessTokenEntity): void;
73
+ setAccessTokenCredential(
74
+ accessToken: AccessTokenEntity,
75
+ correlationId: string
76
+ ): void;
68
77
 
69
78
  /**
70
79
  * fetch the idToken entity from the platform cache
71
80
  * @param refreshTokenKey
72
81
  */
73
82
  getRefreshTokenCredential(
74
- refreshTokenKey: string
83
+ refreshTokenKey: string,
84
+ correlationId: string
75
85
  ): RefreshTokenEntity | null;
76
86
 
77
87
  /**
78
88
  * set idToken entity to the platform cache
79
89
  * @param refreshToken
80
90
  */
81
- setRefreshTokenCredential(refreshToken: RefreshTokenEntity): void;
91
+ setRefreshTokenCredential(
92
+ refreshToken: RefreshTokenEntity,
93
+ correlationId: string
94
+ ): void;
82
95
 
83
96
  /**
84
97
  * fetch appMetadata entity from the platform cache
@@ -90,7 +103,7 @@ export interface ICacheManager {
90
103
  * set appMetadata entity to the platform cache
91
104
  * @param appMetadata
92
105
  */
93
- setAppMetadata(appMetadata: AppMetadataEntity): void;
106
+ setAppMetadata(appMetadata: AppMetadataEntity, correlationId: string): void;
94
107
 
95
108
  /**
96
109
  * fetch server telemetry entity from the platform cache
@@ -107,7 +120,8 @@ export interface ICacheManager {
107
120
  */
108
121
  setServerTelemetry(
109
122
  serverTelemetryKey: string,
110
- serverTelemetry: ServerTelemetryEntity
123
+ serverTelemetry: ServerTelemetryEntity,
124
+ correlationId: string
111
125
  ): void;
112
126
 
113
127
  /**
@@ -153,13 +167,14 @@ export interface ICacheManager {
153
167
  */
154
168
  setThrottlingCache(
155
169
  throttlingCacheKey: string,
156
- throttlingCache: ThrottlingEntity
170
+ throttlingCache: ThrottlingEntity,
171
+ correlationId: string
157
172
  ): void;
158
173
 
159
174
  /**
160
175
  * Returns all accounts in cache
161
176
  */
162
- getAllAccounts(): AccountInfo[];
177
+ getAllAccounts(correlationId: string): AccountInfo[];
163
178
 
164
179
  /**
165
180
  * saves a cache record
@@ -167,6 +182,7 @@ export interface ICacheManager {
167
182
  */
168
183
  saveCacheRecord(
169
184
  cacheRecord: CacheRecord,
185
+ correlationId: string,
170
186
  storeInCache?: StoreInCache
171
187
  ): Promise<void>;
172
188
 
@@ -176,43 +192,52 @@ export interface ICacheManager {
176
192
  * @param environment
177
193
  * @param realm
178
194
  */
179
- getAccountsFilteredBy(filter: AccountFilter): AccountEntity[];
195
+ getAccountsFilteredBy(
196
+ filter: AccountFilter,
197
+ correlationId: string
198
+ ): AccountEntity[];
180
199
 
181
200
  /**
182
201
  * Get AccountInfo object based on provided filters
183
202
  * @param filter
184
203
  */
185
- getAccountInfoFilteredBy(filter: AccountFilter): AccountInfo | null;
204
+ getAccountInfoFilteredBy(
205
+ filter: AccountFilter,
206
+ correlationId: string
207
+ ): AccountInfo | null;
186
208
 
187
209
  /**
188
210
  * Removes all accounts and related tokens from cache.
189
211
  */
190
- removeAllAccounts(): Promise<void>;
212
+ removeAllAccounts(correlationId: string): Promise<void>;
191
213
 
192
214
  /**
193
215
  * returns a boolean if the given account is removed
194
216
  * @param account
195
217
  */
196
- removeAccount(accountKey: string): Promise<void>;
218
+ removeAccount(accountKey: string, correlationId: string): Promise<void>;
197
219
 
198
220
  /**
199
221
  * returns a boolean if the given account is removed
200
222
  * @param account
201
223
  */
202
- removeAccountContext(account: AccountEntity): Promise<void>;
224
+ removeAccountContext(
225
+ account: AccountEntity,
226
+ correlationId: string
227
+ ): Promise<void>;
203
228
 
204
229
  /**
205
230
  * @param key
206
231
  */
207
- removeIdToken(key: string): void;
232
+ removeIdToken(key: string, correlationId: string): void;
208
233
 
209
234
  /**
210
235
  * @param key
211
236
  */
212
- removeAccessToken(key: string): Promise<void>;
237
+ removeAccessToken(key: string, correlationId: string): void;
213
238
 
214
239
  /**
215
240
  * @param key
216
241
  */
217
- removeRefreshToken(key: string): void;
242
+ removeRefreshToken(key: string, correlationId: string): void;
218
243
  }
@@ -21,7 +21,7 @@ import {
21
21
  isOidcProtocolMode,
22
22
  } from "../config/ClientConfiguration.js";
23
23
  import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse.js";
24
- import { NetworkResponse } from "../network/NetworkManager.js";
24
+ import { NetworkResponse } from "../network/NetworkResponse.js";
25
25
  import { ResponseHandler } from "../response/ResponseHandler.js";
26
26
  import { AuthenticationResult } from "../response/AuthenticationResult.js";
27
27
  import { StringUtils } from "../utils/StringUtils.js";
@@ -314,10 +314,14 @@ export class AuthorizationCodeClient extends BaseClient {
314
314
  request.correlationId
315
315
  );
316
316
 
317
- const parameterBuilder = new RequestParameterBuilder();
317
+ const parameterBuilder = new RequestParameterBuilder(
318
+ request.correlationId,
319
+ this.performanceClient
320
+ );
318
321
 
319
322
  parameterBuilder.addClientId(
320
- request.tokenBodyParameters?.[AADServerParamKeys.CLIENT_ID] ||
323
+ request.embeddedClientId ||
324
+ request.tokenBodyParameters?.[AADServerParamKeys.CLIENT_ID] ||
321
325
  this.config.authOptions.clientId
322
326
  );
323
327
 
@@ -416,11 +420,6 @@ export class AuthorizationCodeClient extends BaseClient {
416
420
  }
417
421
  }
418
422
 
419
- const correlationId =
420
- request.correlationId ||
421
- this.config.cryptoInterface.createNewGuid();
422
- parameterBuilder.addCorrelationId(correlationId);
423
-
424
423
  if (
425
424
  !StringUtils.isEmptyObj(request.claims) ||
426
425
  (this.config.authOptions.clientCapabilities &&
@@ -474,6 +473,13 @@ export class AuthorizationCodeClient extends BaseClient {
474
473
  }
475
474
  }
476
475
 
476
+ if (request.embeddedClientId) {
477
+ parameterBuilder.addBrokerParameters({
478
+ brokerClientId: this.config.authOptions.clientId,
479
+ brokerRedirectUri: this.config.authOptions.redirectUri,
480
+ });
481
+ }
482
+
477
483
  if (request.tokenBodyParameters) {
478
484
  parameterBuilder.addExtraQueryParameters(
479
485
  request.tokenBodyParameters
@@ -503,15 +509,24 @@ export class AuthorizationCodeClient extends BaseClient {
503
509
  private async createAuthCodeUrlQueryString(
504
510
  request: CommonAuthorizationUrlRequest
505
511
  ): Promise<string> {
512
+ // generate the correlationId if not set by the user and add
513
+ const correlationId =
514
+ request.correlationId ||
515
+ this.config.cryptoInterface.createNewGuid();
516
+
506
517
  this.performanceClient?.addQueueMeasurement(
507
518
  PerformanceEvents.AuthClientCreateQueryString,
508
- request.correlationId
519
+ correlationId
509
520
  );
510
521
 
511
- const parameterBuilder = new RequestParameterBuilder();
522
+ const parameterBuilder = new RequestParameterBuilder(
523
+ correlationId,
524
+ this.performanceClient
525
+ );
512
526
 
513
527
  parameterBuilder.addClientId(
514
- request.extraQueryParameters?.[AADServerParamKeys.CLIENT_ID] ||
528
+ request.embeddedClientId ||
529
+ request.extraQueryParameters?.[AADServerParamKeys.CLIENT_ID] ||
515
530
  this.config.authOptions.clientId
516
531
  );
517
532
 
@@ -524,10 +539,6 @@ export class AuthorizationCodeClient extends BaseClient {
524
539
  // validate the redirectUri (to be a non null value)
525
540
  parameterBuilder.addRedirectUri(request.redirectUri);
526
541
 
527
- // generate the correlationId if not set by the user and add
528
- const correlationId =
529
- request.correlationId ||
530
- this.config.cryptoInterface.createNewGuid();
531
542
  parameterBuilder.addCorrelationId(correlationId);
532
543
 
533
544
  // add response_mode. If not passed in it defaults to query.
@@ -674,6 +685,13 @@ export class AuthorizationCodeClient extends BaseClient {
674
685
  );
675
686
  }
676
687
 
688
+ if (request.embeddedClientId) {
689
+ parameterBuilder.addBrokerParameters({
690
+ brokerClientId: this.config.authOptions.clientId,
691
+ brokerRedirectUri: this.config.authOptions.redirectUri,
692
+ });
693
+ }
694
+
677
695
  this.addExtraQueryParams(request, parameterBuilder);
678
696
 
679
697
  if (request.nativeBroker) {
@@ -714,7 +732,10 @@ export class AuthorizationCodeClient extends BaseClient {
714
732
  private createLogoutUrlQueryString(
715
733
  request: CommonEndSessionRequest
716
734
  ): string {
717
- const parameterBuilder = new RequestParameterBuilder();
735
+ const parameterBuilder = new RequestParameterBuilder(
736
+ request.correlationId,
737
+ this.performanceClient
738
+ );
718
739
 
719
740
  if (request.postLogoutRedirectUri) {
720
741
  parameterBuilder.addPostLogoutRedirectUri(
@@ -8,8 +8,11 @@ import {
8
8
  buildClientConfiguration,
9
9
  CommonClientConfiguration,
10
10
  } from "../config/ClientConfiguration.js";
11
- import { INetworkModule } from "../network/INetworkModule.js";
12
- import { NetworkManager, NetworkResponse } from "../network/NetworkManager.js";
11
+ import {
12
+ INetworkModule,
13
+ NetworkRequestOptions,
14
+ } from "../network/INetworkModule.js";
15
+ import { NetworkResponse } from "../network/NetworkResponse.js";
13
16
  import { ICrypto } from "../crypto/ICrypto.js";
14
17
  import { Authority } from "../authority/Authority.js";
15
18
  import { Logger } from "../logger/Logger.js";
@@ -26,6 +29,14 @@ import { RequestParameterBuilder } from "../request/RequestParameterBuilder.js";
26
29
  import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
27
30
  import { createDiscoveredInstance } from "../authority/AuthorityFactory.js";
28
31
  import { PerformanceEvents } from "../telemetry/performance/PerformanceEvent.js";
32
+ import { ThrottlingUtils } from "../network/ThrottlingUtils.js";
33
+ import { AuthError } from "../error/AuthError.js";
34
+ import {
35
+ ClientAuthErrorCodes,
36
+ createClientAuthError,
37
+ } from "../error/ClientAuthError.js";
38
+ import { NetworkError } from "../error/NetworkError.js";
39
+ import { invokeAsync } from "../utils/FunctionWrappers.js";
29
40
 
30
41
  /**
31
42
  * Base application class which will construct requests to send to and handle responses from the Microsoft STS using the authorization code flow.
@@ -50,9 +61,6 @@ export abstract class BaseClient {
50
61
  // Server Telemetry Manager
51
62
  protected serverTelemetryManager: ServerTelemetryManager | null;
52
63
 
53
- // Network Manager
54
- protected networkManager: NetworkManager;
55
-
56
64
  // Default authority object
57
65
  public authority: Authority;
58
66
 
@@ -78,12 +86,6 @@ export abstract class BaseClient {
78
86
  // Set the network interface
79
87
  this.networkClient = this.config.networkInterface;
80
88
 
81
- // Set the NetworkManager
82
- this.networkManager = new NetworkManager(
83
- this.networkClient,
84
- this.cacheManager
85
- );
86
-
87
89
  // Set TelemetryManager
88
90
  this.serverTelemetryManager = this.config.serverTelemetryManager;
89
91
 
@@ -152,19 +154,12 @@ export abstract class BaseClient {
152
154
  }
153
155
 
154
156
  const response =
155
- await this.networkManager.sendPostRequest<ServerAuthorizationTokenResponse>(
157
+ await this.sendPostRequest<ServerAuthorizationTokenResponse>(
156
158
  thumbprint,
157
159
  tokenEndpoint,
158
- { body: queryString, headers: headers }
160
+ { body: queryString, headers: headers },
161
+ correlationId
159
162
  );
160
- this.performanceClient?.addFields(
161
- {
162
- refreshTokenSize: response.body.refresh_token?.length || 0,
163
- httpVerToken:
164
- response.headers?.[HeaderNames.X_MS_HTTP_VERSION] || "",
165
- },
166
- correlationId
167
- );
168
163
 
169
164
  if (
170
165
  this.config.serverTelemetryManager &&
@@ -178,6 +173,90 @@ export abstract class BaseClient {
178
173
  return response;
179
174
  }
180
175
 
176
+ /**
177
+ * Wraps sendPostRequestAsync with necessary preflight and postflight logic
178
+ * @param thumbprint - Request thumbprint for throttling
179
+ * @param tokenEndpoint - Endpoint to make the POST to
180
+ * @param options - Body and Headers to include on the POST request
181
+ * @param correlationId - CorrelationId for telemetry
182
+ */
183
+ async sendPostRequest<T extends ServerAuthorizationTokenResponse>(
184
+ thumbprint: RequestThumbprint,
185
+ tokenEndpoint: string,
186
+ options: NetworkRequestOptions,
187
+ correlationId: string
188
+ ): Promise<NetworkResponse<T>> {
189
+ ThrottlingUtils.preProcess(
190
+ this.cacheManager,
191
+ thumbprint,
192
+ correlationId
193
+ );
194
+
195
+ let response;
196
+ try {
197
+ response = await invokeAsync(
198
+ this.networkClient.sendPostRequestAsync.bind(
199
+ this.networkClient
200
+ )<T>,
201
+ PerformanceEvents.NetworkClientSendPostRequestAsync,
202
+ this.logger,
203
+ this.performanceClient,
204
+ correlationId
205
+ )(tokenEndpoint, options);
206
+ const responseHeaders = response.headers || {};
207
+ this.performanceClient?.addFields(
208
+ {
209
+ refreshTokenSize: response.body.refresh_token?.length || 0,
210
+ httpVerToken:
211
+ responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
212
+ requestId:
213
+ responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
214
+ },
215
+ correlationId
216
+ );
217
+ } catch (e) {
218
+ if (e instanceof NetworkError) {
219
+ const responseHeaders = e.responseHeaders;
220
+ if (responseHeaders) {
221
+ this.performanceClient?.addFields(
222
+ {
223
+ httpVerToken:
224
+ responseHeaders[
225
+ HeaderNames.X_MS_HTTP_VERSION
226
+ ] || "",
227
+ requestId:
228
+ responseHeaders[HeaderNames.X_MS_REQUEST_ID] ||
229
+ "",
230
+ contentTypeHeader:
231
+ responseHeaders[HeaderNames.CONTENT_TYPE] ||
232
+ undefined,
233
+ contentLengthHeader:
234
+ responseHeaders[HeaderNames.CONTENT_LENGTH] ||
235
+ undefined,
236
+ httpStatus: e.httpStatus,
237
+ },
238
+ correlationId
239
+ );
240
+ }
241
+ throw e.error;
242
+ }
243
+ if (e instanceof AuthError) {
244
+ throw e;
245
+ } else {
246
+ throw createClientAuthError(ClientAuthErrorCodes.networkError);
247
+ }
248
+ }
249
+
250
+ ThrottlingUtils.postProcess(
251
+ this.cacheManager,
252
+ thumbprint,
253
+ response,
254
+ correlationId
255
+ );
256
+
257
+ return response;
258
+ }
259
+
181
260
  /**
182
261
  * Updates the authority object of the client. Endpoint discovery must be completed.
183
262
  * @param updatedAuthority
@@ -208,7 +287,17 @@ export abstract class BaseClient {
208
287
  * @param request
209
288
  */
210
289
  createTokenQueryParameters(request: BaseAuthRequest): string {
211
- const parameterBuilder = new RequestParameterBuilder();
290
+ const parameterBuilder = new RequestParameterBuilder(
291
+ request.correlationId,
292
+ this.performanceClient
293
+ );
294
+
295
+ if (request.embeddedClientId) {
296
+ parameterBuilder.addBrokerParameters({
297
+ brokerClientId: this.config.authOptions.clientId,
298
+ brokerRedirectUri: this.config.authOptions.redirectUri,
299
+ });
300
+ }
212
301
 
213
302
  if (request.tokenQueryParameters) {
214
303
  parameterBuilder.addExtraQueryParameters(
@@ -216,6 +305,8 @@ export abstract class BaseClient {
216
305
  );
217
306
  }
218
307
 
308
+ parameterBuilder.addCorrelationId(request.correlationId);
309
+
219
310
  return parameterBuilder.createQueryString();
220
311
  }
221
312
  }
@@ -24,7 +24,7 @@ import { AuthenticationResult } from "../response/AuthenticationResult.js";
24
24
  import { PopTokenGenerator } from "../crypto/PopTokenGenerator.js";
25
25
  import { StringUtils } from "../utils/StringUtils.js";
26
26
  import { RequestThumbprint } from "../network/RequestThumbprint.js";
27
- import { NetworkResponse } from "../network/NetworkManager.js";
27
+ import { NetworkResponse } from "../network/NetworkResponse.js";
28
28
  import { CommonSilentFlowRequest } from "../request/CommonSilentFlowRequest.js";
29
29
  import {
30
30
  createClientConfigurationError,
@@ -211,9 +211,9 @@ export class RefreshTokenClient extends BaseClient {
211
211
  )(
212
212
  request.account,
213
213
  foci,
214
+ request.correlationId,
214
215
  undefined,
215
- this.performanceClient,
216
- request.correlationId
216
+ this.performanceClient
217
217
  );
218
218
 
219
219
  if (!refreshToken) {
@@ -265,7 +265,10 @@ export class RefreshTokenClient extends BaseClient {
265
265
  "acquireTokenWithRefreshToken: bad refresh token, removing from cache"
266
266
  );
267
267
  const badRefreshTokenKey = generateCredentialKey(refreshToken);
268
- this.cacheManager.removeRefreshToken(badRefreshTokenKey);
268
+ this.cacheManager.removeRefreshToken(
269
+ badRefreshTokenKey,
270
+ request.correlationId
271
+ );
269
272
  }
270
273
 
271
274
  throw e;
@@ -345,10 +348,14 @@ export class RefreshTokenClient extends BaseClient {
345
348
  );
346
349
 
347
350
  const correlationId = request.correlationId;
348
- const parameterBuilder = new RequestParameterBuilder();
351
+ const parameterBuilder = new RequestParameterBuilder(
352
+ correlationId,
353
+ this.performanceClient
354
+ );
349
355
 
350
356
  parameterBuilder.addClientId(
351
- request.tokenBodyParameters?.[AADServerParamKeys.CLIENT_ID] ||
357
+ request.embeddedClientId ||
358
+ request.tokenBodyParameters?.[AADServerParamKeys.CLIENT_ID] ||
352
359
  this.config.authOptions.clientId
353
360
  );
354
361
 
@@ -376,8 +383,6 @@ export class RefreshTokenClient extends BaseClient {
376
383
  parameterBuilder.addServerTelemetry(this.serverTelemetryManager);
377
384
  }
378
385
 
379
- parameterBuilder.addCorrelationId(correlationId);
380
-
381
386
  parameterBuilder.addRefreshToken(request.refreshToken);
382
387
 
383
388
  if (this.config.clientCredentials.clientSecret) {
@@ -472,6 +477,13 @@ export class RefreshTokenClient extends BaseClient {
472
477
  }
473
478
  }
474
479
 
480
+ if (request.embeddedClientId) {
481
+ parameterBuilder.addBrokerParameters({
482
+ brokerClientId: this.config.authOptions.clientId,
483
+ brokerRedirectUri: this.config.authOptions.redirectUri,
484
+ });
485
+ }
486
+
475
487
  if (request.tokenBodyParameters) {
476
488
  parameterBuilder.addExtraQueryParameters(
477
489
  request.tokenBodyParameters
@@ -131,8 +131,7 @@ export class SilentFlowClient extends BaseClient {
131
131
  request,
132
132
  tokenKeys,
133
133
  requestTenantId,
134
- this.performanceClient,
135
- request.correlationId
134
+ this.performanceClient
136
135
  );
137
136
 
138
137
  if (!cachedAccessToken) {
@@ -172,14 +171,17 @@ export class SilentFlowClient extends BaseClient {
172
171
  const environment =
173
172
  request.authority || this.authority.getPreferredCache();
174
173
  const cacheRecord: CacheRecord = {
175
- account: this.cacheManager.readAccountFromCache(request.account),
174
+ account: this.cacheManager.readAccountFromCache(
175
+ request.account,
176
+ request.correlationId
177
+ ),
176
178
  accessToken: cachedAccessToken,
177
179
  idToken: this.cacheManager.getIdToken(
178
180
  request.account,
181
+ request.correlationId,
179
182
  tokenKeys,
180
183
  requestTenantId,
181
- this.performanceClient,
182
- request.correlationId
184
+ this.performanceClient
183
185
  ),
184
186
  refreshToken: null,
185
187
  appMetadata:
@@ -82,11 +82,13 @@ export type CommonClientConfiguration = {
82
82
  * - protocolMode - Enum that represents the protocol that msal follows. Used for configuring proper endpoints.
83
83
  * - skipAuthorityMetadataCache - A flag to choose whether to use or not use the local metadata cache during authority initialization. Defaults to false.
84
84
  * - instanceAware - A flag of whether the STS will send back additional parameters to specify where the tokens should be retrieved from.
85
+ * - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
85
86
  * @internal
86
87
  */
87
88
  export type AuthOptions = {
88
89
  clientId: string;
89
90
  authority: Authority;
91
+ redirectUri: string;
90
92
  clientCapabilities?: Array<string>;
91
93
  azureCloudOptions?: AzureCloudOptions;
92
94
  skipAuthorityMetadataCache?: boolean;
@@ -56,3 +56,5 @@ export const SID = "sid";
56
56
  export const LOGIN_HINT = "login_hint";
57
57
  export const DOMAIN_HINT = "domain_hint";
58
58
  export const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
59
+ export const BROKER_CLIENT_ID = "brk_client_id";
60
+ export const BROKER_REDIRECT_URI = "brk_redirect_uri";
@@ -7,9 +7,8 @@ import * as CacheErrorCodes from "./CacheErrorCodes.js";
7
7
  export { CacheErrorCodes };
8
8
 
9
9
  export const CacheErrorMessages = {
10
- [CacheErrorCodes.cacheQuotaExceededErrorCode]:
11
- "Exceeded cache storage capacity.",
12
- [CacheErrorCodes.cacheUnknownErrorCode]:
10
+ [CacheErrorCodes.cacheQuotaExceeded]: "Exceeded cache storage capacity.",
11
+ [CacheErrorCodes.cacheErrorUnknown]:
13
12
  "Unexpected error occurred when using cache storage.",
14
13
  };
15
14
 
@@ -32,7 +31,7 @@ export class CacheError extends Error {
32
31
  errorMessage ||
33
32
  (CacheErrorMessages[errorCode]
34
33
  ? CacheErrorMessages[errorCode]
35
- : CacheErrorMessages[CacheErrorCodes.cacheUnknownErrorCode]);
34
+ : CacheErrorMessages[CacheErrorCodes.cacheErrorUnknown]);
36
35
 
37
36
  super(`${errorCode}: ${message}`);
38
37
  Object.setPrototypeOf(this, CacheError.prototype);
@@ -42,3 +41,24 @@ export class CacheError extends Error {
42
41
  this.errorMessage = message;
43
42
  }
44
43
  }
44
+
45
+ /**
46
+ * Helper function to wrap browser errors in a CacheError object
47
+ * @param e
48
+ * @returns
49
+ */
50
+ export function createCacheError(e: unknown): CacheError {
51
+ if (!(e instanceof Error)) {
52
+ return new CacheError(CacheErrorCodes.cacheErrorUnknown);
53
+ }
54
+
55
+ if (
56
+ e.name === "QuotaExceededError" ||
57
+ e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
58
+ e.message.includes("exceeded the quota")
59
+ ) {
60
+ return new CacheError(CacheErrorCodes.cacheQuotaExceeded);
61
+ } else {
62
+ return new CacheError(e.name, e.message);
63
+ }
64
+ }
@@ -3,5 +3,5 @@
3
3
  * Licensed under the MIT License.
4
4
  */
5
5
 
6
- export const cacheQuotaExceededErrorCode = "cache_quota_exceeded";
7
- export const cacheUnknownErrorCode = "cache_error_unknown";
6
+ export const cacheQuotaExceeded = "cache_quota_exceeded";
7
+ export const cacheErrorUnknown = "cache_error_unknown";