@azure/msal-common 14.15.0 → 14.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +1 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/dist/cache/CacheManager.d.ts +34 -39
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +84 -102
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +1 -0
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +2 -0
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +21 -21
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +24 -13
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts +10 -3
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +62 -10
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +12 -6
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +4 -4
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -0
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.d.ts +2 -0
- package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +5 -3
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +6 -0
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +24 -6
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.d.ts.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +4 -4
- package/dist/error/CacheErrorCodes.mjs.map +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.d.ts +19 -0
- package/dist/error/NetworkError.d.ts.map +1 -0
- package/dist/error/NetworkError.mjs +34 -0
- package/dist/error/NetworkError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +3 -2
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +3 -3
- package/dist/index-node.mjs +3 -3
- package/dist/index.mjs +3 -3
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.d.ts +1 -1
- package/dist/network/INetworkModule.d.ts.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/NetworkResponse.d.ts +6 -0
- package/dist/network/NetworkResponse.d.ts.map +1 -0
- package/dist/network/ThrottlingUtils.d.ts +3 -3
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -6
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +2 -0
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +8 -1
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +26 -3
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +6 -6
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +29 -10
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +6 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +1 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +2 -1
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +34 -13
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-aee3f7b6.js → index-node-CebvEPer.js} +390 -298
- package/lib/index-node-CebvEPer.js.map +1 -0
- package/lib/index-node.cjs +6 -4
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +6 -4
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +1 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +34 -39
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +21 -21
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts +10 -3
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -0
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
- package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +6 -0
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/CacheErrorCodes.d.ts +2 -2
- package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
- package/lib/types/error/NetworkError.d.ts +19 -0
- package/lib/types/error/NetworkError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +3 -2
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/network/INetworkModule.d.ts +1 -1
- package/lib/types/network/INetworkModule.d.ts.map +1 -1
- package/lib/types/network/NetworkResponse.d.ts +6 -0
- package/lib/types/network/NetworkResponse.d.ts.map +1 -0
- package/lib/types/network/ThrottlingUtils.d.ts +3 -3
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +2 -0
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +8 -1
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +1 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/package.json +2 -4
- package/src/account/AccountInfo.ts +1 -0
- package/src/authority/RegionDiscovery.ts +1 -1
- package/src/cache/CacheManager.ts +184 -131
- package/src/cache/entities/AccountEntity.ts +1 -0
- package/src/cache/entities/CredentialEntity.ts +2 -0
- package/src/cache/interface/ICacheManager.ts +45 -20
- package/src/client/AuthorizationCodeClient.ts +37 -16
- package/src/client/BaseClient.ts +113 -22
- package/src/client/RefreshTokenClient.ts +20 -8
- package/src/client/SilentFlowClient.ts +7 -5
- package/src/config/ClientConfiguration.ts +2 -0
- package/src/constants/AADServerParamKeys.ts +2 -0
- package/src/error/CacheError.ts +24 -4
- package/src/error/CacheErrorCodes.ts +2 -2
- package/src/error/NetworkError.ts +44 -0
- package/src/exports-common.ts +7 -6
- package/src/network/INetworkModule.ts +1 -1
- package/src/network/NetworkResponse.ts +10 -0
- package/src/network/ThrottlingUtils.ts +9 -6
- package/src/packageMetadata.ts +1 -1
- package/src/request/BaseAuthRequest.ts +2 -0
- package/src/request/RequestParameterBuilder.ts +51 -1
- package/src/response/ResponseHandler.ts +14 -4
- package/src/telemetry/performance/PerformanceClient.ts +42 -12
- package/src/telemetry/performance/PerformanceEvent.ts +15 -0
- package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
- package/src/utils/Constants.ts +1 -0
- package/dist/network/NetworkManager.d.ts +0 -34
- package/dist/network/NetworkManager.d.ts.map +0 -1
- package/dist/network/NetworkManager.mjs +0 -44
- package/dist/network/NetworkManager.mjs.map +0 -1
- package/lib/index-node-aee3f7b6.js.map +0 -1
- package/lib/types/network/NetworkManager.d.ts +0 -34
- package/lib/types/network/NetworkManager.d.ts.map +0 -1
- package/src/network/NetworkManager.ts +0 -76
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v14.
|
|
1
|
+
/*! @azure/msal-common v14.16.1 2025-08-05 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -96,6 +96,7 @@ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
|
|
|
96
96
|
*/
|
|
97
97
|
const HeaderNames = {
|
|
98
98
|
CONTENT_TYPE: "Content-Type",
|
|
99
|
+
CONTENT_LENGTH: "Content-Length",
|
|
99
100
|
RETRY_AFTER: "Retry-After",
|
|
100
101
|
CCS_HEADER: "X-AnchorMailbox",
|
|
101
102
|
WWWAuthenticate: "WWW-Authenticate",
|
|
@@ -1612,6 +1613,7 @@ const PerformanceEvents = {
|
|
|
1612
1613
|
/**
|
|
1613
1614
|
* Time spent sending/waiting for the response of a request to the token endpoint
|
|
1614
1615
|
*/
|
|
1616
|
+
NetworkClientSendPostRequestAsync: "networkClientSendPostRequestAsync",
|
|
1615
1617
|
RefreshTokenClientExecutePostToTokenEndpoint: "refreshTokenClientExecutePostToTokenEndpoint",
|
|
1616
1618
|
AuthorizationCodeClientExecutePostToTokenEndpoint: "authorizationCodeClientExecutePostToTokenEndpoint",
|
|
1617
1619
|
/**
|
|
@@ -1785,6 +1787,10 @@ const PerformanceEventAbbreviations = new Map([
|
|
|
1785
1787
|
PerformanceEvents.BaseClientCreateTokenRequestHeaders,
|
|
1786
1788
|
"BaseClientCreateTReqHead",
|
|
1787
1789
|
],
|
|
1790
|
+
[
|
|
1791
|
+
PerformanceEvents.NetworkClientSendPostRequestAsync,
|
|
1792
|
+
"NetClientSendPost",
|
|
1793
|
+
],
|
|
1788
1794
|
[
|
|
1789
1795
|
PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint,
|
|
1790
1796
|
"RTClientExecPost",
|
|
@@ -3519,11 +3525,15 @@ const LOGOUT_HINT = "logout_hint";
|
|
|
3519
3525
|
const SID = "sid";
|
|
3520
3526
|
const LOGIN_HINT = "login_hint";
|
|
3521
3527
|
const DOMAIN_HINT = "domain_hint";
|
|
3522
|
-
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3528
|
+
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3529
|
+
const BROKER_CLIENT_ID = "brk_client_id";
|
|
3530
|
+
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
3523
3531
|
|
|
3524
3532
|
var AADServerParamKeys = /*#__PURE__*/Object.freeze({
|
|
3525
3533
|
__proto__: null,
|
|
3526
3534
|
ACCESS_TOKEN: ACCESS_TOKEN,
|
|
3535
|
+
BROKER_CLIENT_ID: BROKER_CLIENT_ID,
|
|
3536
|
+
BROKER_REDIRECT_URI: BROKER_REDIRECT_URI,
|
|
3527
3537
|
CCS_HEADER: CCS_HEADER,
|
|
3528
3538
|
CLAIMS: CLAIMS,
|
|
3529
3539
|
CLIENT_ASSERTION: CLIENT_ASSERTION,
|
|
@@ -3806,7 +3816,7 @@ class Logger {
|
|
|
3806
3816
|
|
|
3807
3817
|
/* eslint-disable header/header */
|
|
3808
3818
|
const name = "@azure/msal-common";
|
|
3809
|
-
const version = "14.
|
|
3819
|
+
const version = "14.16.1";
|
|
3810
3820
|
|
|
3811
3821
|
/*
|
|
3812
3822
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4388,13 +4398,13 @@ class AccountEntity {
|
|
|
4388
4398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4389
4399
|
* Licensed under the MIT License.
|
|
4390
4400
|
*/
|
|
4391
|
-
const
|
|
4392
|
-
const
|
|
4401
|
+
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
4402
|
+
const cacheErrorUnknown = "cache_error_unknown";
|
|
4393
4403
|
|
|
4394
4404
|
var CacheErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4395
4405
|
__proto__: null,
|
|
4396
|
-
|
|
4397
|
-
|
|
4406
|
+
cacheErrorUnknown: cacheErrorUnknown,
|
|
4407
|
+
cacheQuotaExceeded: cacheQuotaExceeded
|
|
4398
4408
|
});
|
|
4399
4409
|
|
|
4400
4410
|
/*
|
|
@@ -4402,8 +4412,8 @@ var CacheErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
4402
4412
|
* Licensed under the MIT License.
|
|
4403
4413
|
*/
|
|
4404
4414
|
const CacheErrorMessages = {
|
|
4405
|
-
[
|
|
4406
|
-
[
|
|
4415
|
+
[cacheQuotaExceeded]: "Exceeded cache storage capacity.",
|
|
4416
|
+
[cacheErrorUnknown]: "Unexpected error occurred when using cache storage.",
|
|
4407
4417
|
};
|
|
4408
4418
|
/**
|
|
4409
4419
|
* Error thrown when there is an error with the cache
|
|
@@ -4413,13 +4423,31 @@ class CacheError extends Error {
|
|
|
4413
4423
|
const message = errorMessage ||
|
|
4414
4424
|
(CacheErrorMessages[errorCode]
|
|
4415
4425
|
? CacheErrorMessages[errorCode]
|
|
4416
|
-
: CacheErrorMessages[
|
|
4426
|
+
: CacheErrorMessages[cacheErrorUnknown]);
|
|
4417
4427
|
super(`${errorCode}: ${message}`);
|
|
4418
4428
|
Object.setPrototypeOf(this, CacheError.prototype);
|
|
4419
4429
|
this.name = "CacheError";
|
|
4420
4430
|
this.errorCode = errorCode;
|
|
4421
4431
|
this.errorMessage = message;
|
|
4422
4432
|
}
|
|
4433
|
+
}
|
|
4434
|
+
/**
|
|
4435
|
+
* Helper function to wrap browser errors in a CacheError object
|
|
4436
|
+
* @param e
|
|
4437
|
+
* @returns
|
|
4438
|
+
*/
|
|
4439
|
+
function createCacheError(e) {
|
|
4440
|
+
if (!(e instanceof Error)) {
|
|
4441
|
+
return new CacheError(cacheErrorUnknown);
|
|
4442
|
+
}
|
|
4443
|
+
if (e.name === "QuotaExceededError" ||
|
|
4444
|
+
e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
|
|
4445
|
+
e.message.includes("exceeded the quota")) {
|
|
4446
|
+
return new CacheError(cacheQuotaExceeded);
|
|
4447
|
+
}
|
|
4448
|
+
else {
|
|
4449
|
+
return new CacheError(e.name, e.message);
|
|
4450
|
+
}
|
|
4423
4451
|
}
|
|
4424
4452
|
|
|
4425
4453
|
/*
|
|
@@ -4442,14 +4470,14 @@ class CacheManager {
|
|
|
4442
4470
|
* @param accountFilter - (Optional) filter to narrow down the accounts returned
|
|
4443
4471
|
* @returns Array of AccountInfo objects in cache
|
|
4444
4472
|
*/
|
|
4445
|
-
getAllAccounts(accountFilter) {
|
|
4446
|
-
return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter || {}), accountFilter);
|
|
4473
|
+
getAllAccounts(correlationId, accountFilter) {
|
|
4474
|
+
return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter || {}, correlationId), correlationId, accountFilter);
|
|
4447
4475
|
}
|
|
4448
4476
|
/**
|
|
4449
4477
|
* Gets first tenanted AccountInfo object found based on provided filters
|
|
4450
4478
|
*/
|
|
4451
|
-
getAccountInfoFilteredBy(accountFilter) {
|
|
4452
|
-
const allAccounts = this.getAllAccounts(accountFilter);
|
|
4479
|
+
getAccountInfoFilteredBy(accountFilter, correlationId) {
|
|
4480
|
+
const allAccounts = this.getAllAccounts(correlationId, accountFilter);
|
|
4453
4481
|
if (allAccounts.length > 1) {
|
|
4454
4482
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
4455
4483
|
const sortedAccounts = allAccounts.sort((account) => {
|
|
@@ -4470,8 +4498,8 @@ class CacheManager {
|
|
|
4470
4498
|
* @param accountFilter
|
|
4471
4499
|
* @returns
|
|
4472
4500
|
*/
|
|
4473
|
-
getBaseAccountInfo(accountFilter) {
|
|
4474
|
-
const accountEntities = this.getAccountsFilteredBy(accountFilter);
|
|
4501
|
+
getBaseAccountInfo(accountFilter, correlationId) {
|
|
4502
|
+
const accountEntities = this.getAccountsFilteredBy(accountFilter, correlationId);
|
|
4475
4503
|
if (accountEntities.length > 0) {
|
|
4476
4504
|
return accountEntities[0].getAccountInfo();
|
|
4477
4505
|
}
|
|
@@ -4486,12 +4514,12 @@ class CacheManager {
|
|
|
4486
4514
|
* @param accountFilter
|
|
4487
4515
|
* @returns Array of AccountInfo objects that match account and tenant profile filters
|
|
4488
4516
|
*/
|
|
4489
|
-
buildTenantProfiles(cachedAccounts, accountFilter) {
|
|
4517
|
+
buildTenantProfiles(cachedAccounts, correlationId, accountFilter) {
|
|
4490
4518
|
return cachedAccounts.flatMap((accountEntity) => {
|
|
4491
|
-
return this.getTenantProfilesFromAccountEntity(accountEntity, accountFilter?.tenantId, accountFilter);
|
|
4519
|
+
return this.getTenantProfilesFromAccountEntity(accountEntity, correlationId, accountFilter?.tenantId, accountFilter);
|
|
4492
4520
|
});
|
|
4493
4521
|
}
|
|
4494
|
-
getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter) {
|
|
4522
|
+
getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter) {
|
|
4495
4523
|
let tenantedAccountInfo = null;
|
|
4496
4524
|
let idTokenClaims;
|
|
4497
4525
|
if (tenantProfileFilter) {
|
|
@@ -4499,7 +4527,7 @@ class CacheManager {
|
|
|
4499
4527
|
return null;
|
|
4500
4528
|
}
|
|
4501
4529
|
}
|
|
4502
|
-
const idToken = this.getIdToken(accountInfo, tokenKeys, tenantProfile.tenantId);
|
|
4530
|
+
const idToken = this.getIdToken(accountInfo, correlationId, tokenKeys, tenantProfile.tenantId);
|
|
4503
4531
|
if (idToken) {
|
|
4504
4532
|
idTokenClaims = extractTokenClaims(idToken.secret, this.cryptoImpl.base64Decode);
|
|
4505
4533
|
if (!this.idTokenClaimsMatchTenantProfileFilter(idTokenClaims, tenantProfileFilter)) {
|
|
@@ -4511,7 +4539,7 @@ class CacheManager {
|
|
|
4511
4539
|
tenantedAccountInfo = updateAccountTenantProfileData(accountInfo, tenantProfile, idTokenClaims, idToken?.secret);
|
|
4512
4540
|
return tenantedAccountInfo;
|
|
4513
4541
|
}
|
|
4514
|
-
getTenantProfilesFromAccountEntity(accountEntity, targetTenantId, tenantProfileFilter) {
|
|
4542
|
+
getTenantProfilesFromAccountEntity(accountEntity, correlationId, targetTenantId, tenantProfileFilter) {
|
|
4515
4543
|
const accountInfo = accountEntity.getAccountInfo();
|
|
4516
4544
|
let searchTenantProfiles = accountInfo.tenantProfiles || new Map();
|
|
4517
4545
|
const tokenKeys = this.getTokenKeys();
|
|
@@ -4531,7 +4559,7 @@ class CacheManager {
|
|
|
4531
4559
|
}
|
|
4532
4560
|
const matchingTenantProfiles = [];
|
|
4533
4561
|
searchTenantProfiles.forEach((tenantProfile) => {
|
|
4534
|
-
const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter);
|
|
4562
|
+
const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter);
|
|
4535
4563
|
if (tenantedAccountInfo) {
|
|
4536
4564
|
matchingTenantProfiles.push(tenantedAccountInfo);
|
|
4537
4565
|
}
|
|
@@ -4585,46 +4613,36 @@ class CacheManager {
|
|
|
4585
4613
|
* @param storeInCache {?StoreInCache}
|
|
4586
4614
|
* @param correlationId {?string} correlation id
|
|
4587
4615
|
*/
|
|
4588
|
-
async saveCacheRecord(cacheRecord,
|
|
4616
|
+
async saveCacheRecord(cacheRecord, correlationId, storeInCache) {
|
|
4589
4617
|
if (!cacheRecord) {
|
|
4590
4618
|
throw createClientAuthError(invalidCacheRecord);
|
|
4591
4619
|
}
|
|
4592
4620
|
try {
|
|
4593
4621
|
if (!!cacheRecord.account) {
|
|
4594
|
-
this.setAccount(cacheRecord.account);
|
|
4622
|
+
this.setAccount(cacheRecord.account, correlationId);
|
|
4595
4623
|
}
|
|
4596
4624
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
4597
|
-
this.setIdTokenCredential(cacheRecord.idToken);
|
|
4625
|
+
this.setIdTokenCredential(cacheRecord.idToken, correlationId);
|
|
4598
4626
|
}
|
|
4599
4627
|
if (!!cacheRecord.accessToken &&
|
|
4600
4628
|
storeInCache?.accessToken !== false) {
|
|
4601
|
-
await this.saveAccessToken(cacheRecord.accessToken);
|
|
4629
|
+
await this.saveAccessToken(cacheRecord.accessToken, correlationId);
|
|
4602
4630
|
}
|
|
4603
4631
|
if (!!cacheRecord.refreshToken &&
|
|
4604
4632
|
storeInCache?.refreshToken !== false) {
|
|
4605
|
-
this.setRefreshTokenCredential(cacheRecord.refreshToken);
|
|
4633
|
+
this.setRefreshTokenCredential(cacheRecord.refreshToken, correlationId);
|
|
4606
4634
|
}
|
|
4607
4635
|
if (!!cacheRecord.appMetadata) {
|
|
4608
|
-
this.setAppMetadata(cacheRecord.appMetadata);
|
|
4636
|
+
this.setAppMetadata(cacheRecord.appMetadata, correlationId);
|
|
4609
4637
|
}
|
|
4610
4638
|
}
|
|
4611
4639
|
catch (e) {
|
|
4612
4640
|
this.commonLogger?.error(`CacheManager.saveCacheRecord: failed`);
|
|
4613
|
-
if (e instanceof
|
|
4614
|
-
|
|
4615
|
-
if (e.name === "QuotaExceededError" ||
|
|
4616
|
-
e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
|
|
4617
|
-
e.message.includes("exceeded the quota")) {
|
|
4618
|
-
this.commonLogger?.error(`CacheManager.saveCacheRecord: exceeded storage quota`, correlationId);
|
|
4619
|
-
throw new CacheError(cacheQuotaExceededErrorCode);
|
|
4620
|
-
}
|
|
4621
|
-
else {
|
|
4622
|
-
throw new CacheError(e.name, e.message);
|
|
4623
|
-
}
|
|
4641
|
+
if (e instanceof AuthError) {
|
|
4642
|
+
throw e;
|
|
4624
4643
|
}
|
|
4625
4644
|
else {
|
|
4626
|
-
|
|
4627
|
-
throw new CacheError(cacheUnknownErrorCode);
|
|
4645
|
+
throw createCacheError(e);
|
|
4628
4646
|
}
|
|
4629
4647
|
}
|
|
4630
4648
|
}
|
|
@@ -4632,7 +4650,7 @@ class CacheManager {
|
|
|
4632
4650
|
* saves access token credential
|
|
4633
4651
|
* @param credential
|
|
4634
4652
|
*/
|
|
4635
|
-
async saveAccessToken(credential) {
|
|
4653
|
+
async saveAccessToken(credential, correlationId) {
|
|
4636
4654
|
const accessTokenFilter = {
|
|
4637
4655
|
clientId: credential.clientId,
|
|
4638
4656
|
credentialType: credential.credentialType,
|
|
@@ -4644,29 +4662,27 @@ class CacheManager {
|
|
|
4644
4662
|
};
|
|
4645
4663
|
const tokenKeys = this.getTokenKeys();
|
|
4646
4664
|
const currentScopes = ScopeSet.fromString(credential.target);
|
|
4647
|
-
const removedAccessTokens = [];
|
|
4648
4665
|
tokenKeys.accessToken.forEach((key) => {
|
|
4649
4666
|
if (!this.accessTokenKeyMatchesFilter(key, accessTokenFilter, false)) {
|
|
4650
4667
|
return;
|
|
4651
4668
|
}
|
|
4652
|
-
const tokenEntity = this.getAccessTokenCredential(key);
|
|
4669
|
+
const tokenEntity = this.getAccessTokenCredential(key, correlationId);
|
|
4653
4670
|
if (tokenEntity &&
|
|
4654
4671
|
this.credentialMatchesFilter(tokenEntity, accessTokenFilter)) {
|
|
4655
4672
|
const tokenScopeSet = ScopeSet.fromString(tokenEntity.target);
|
|
4656
4673
|
if (tokenScopeSet.intersectingScopeSets(currentScopes)) {
|
|
4657
|
-
|
|
4674
|
+
this.removeAccessToken(key, correlationId);
|
|
4658
4675
|
}
|
|
4659
4676
|
}
|
|
4660
4677
|
});
|
|
4661
|
-
|
|
4662
|
-
this.setAccessTokenCredential(credential);
|
|
4678
|
+
this.setAccessTokenCredential(credential, correlationId);
|
|
4663
4679
|
}
|
|
4664
4680
|
/**
|
|
4665
4681
|
* Retrieve account entities matching all provided tenant-agnostic filters; if no filter is set, get all account entities in the cache
|
|
4666
4682
|
* Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared
|
|
4667
4683
|
* @param accountFilter - An object containing Account properties to filter by
|
|
4668
4684
|
*/
|
|
4669
|
-
getAccountsFilteredBy(accountFilter) {
|
|
4685
|
+
getAccountsFilteredBy(accountFilter, correlationId) {
|
|
4670
4686
|
const allAccountKeys = this.getAccountKeys();
|
|
4671
4687
|
const matchingAccounts = [];
|
|
4672
4688
|
allAccountKeys.forEach((cacheKey) => {
|
|
@@ -4674,7 +4690,7 @@ class CacheManager {
|
|
|
4674
4690
|
// Don't parse value if the key doesn't match the account filters
|
|
4675
4691
|
return;
|
|
4676
4692
|
}
|
|
4677
|
-
const entity = this.getAccount(cacheKey, this.commonLogger);
|
|
4693
|
+
const entity = this.getAccount(cacheKey, correlationId, this.commonLogger);
|
|
4678
4694
|
// Match base account fields
|
|
4679
4695
|
if (!entity) {
|
|
4680
4696
|
return;
|
|
@@ -4900,11 +4916,11 @@ class CacheManager {
|
|
|
4900
4916
|
/**
|
|
4901
4917
|
* Removes all accounts and related tokens from cache.
|
|
4902
4918
|
*/
|
|
4903
|
-
async removeAllAccounts() {
|
|
4919
|
+
async removeAllAccounts(correlationId) {
|
|
4904
4920
|
const allAccountKeys = this.getAccountKeys();
|
|
4905
4921
|
const removedAccounts = [];
|
|
4906
4922
|
allAccountKeys.forEach((cacheKey) => {
|
|
4907
|
-
removedAccounts.push(this.removeAccount(cacheKey));
|
|
4923
|
+
removedAccounts.push(this.removeAccount(cacheKey, correlationId));
|
|
4908
4924
|
});
|
|
4909
4925
|
await Promise.all(removedAccounts);
|
|
4910
4926
|
}
|
|
@@ -4912,38 +4928,41 @@ class CacheManager {
|
|
|
4912
4928
|
* Removes the account and related tokens for a given account key
|
|
4913
4929
|
* @param account
|
|
4914
4930
|
*/
|
|
4915
|
-
async removeAccount(accountKey) {
|
|
4916
|
-
const account = this.getAccount(accountKey, this.commonLogger);
|
|
4931
|
+
async removeAccount(accountKey, correlationId) {
|
|
4932
|
+
const account = this.getAccount(accountKey, correlationId, this.commonLogger);
|
|
4917
4933
|
if (!account) {
|
|
4918
4934
|
return;
|
|
4919
4935
|
}
|
|
4920
|
-
await this.removeAccountContext(account);
|
|
4921
|
-
this.removeItem(accountKey);
|
|
4936
|
+
await this.removeAccountContext(account, correlationId);
|
|
4937
|
+
this.removeItem(accountKey, correlationId);
|
|
4922
4938
|
}
|
|
4923
4939
|
/**
|
|
4924
4940
|
* Removes credentials associated with the provided account
|
|
4925
4941
|
* @param account
|
|
4926
4942
|
*/
|
|
4927
|
-
async removeAccountContext(account) {
|
|
4943
|
+
async removeAccountContext(account, correlationId) {
|
|
4928
4944
|
const allTokenKeys = this.getTokenKeys();
|
|
4929
4945
|
const accountId = account.generateAccountId();
|
|
4930
|
-
const removedCredentials = [];
|
|
4931
4946
|
allTokenKeys.idToken.forEach((key) => {
|
|
4932
4947
|
if (key.indexOf(accountId) === 0) {
|
|
4933
|
-
this.removeIdToken(key);
|
|
4948
|
+
this.removeIdToken(key, correlationId);
|
|
4934
4949
|
}
|
|
4935
4950
|
});
|
|
4936
4951
|
allTokenKeys.accessToken.forEach((key) => {
|
|
4937
4952
|
if (key.indexOf(accountId) === 0) {
|
|
4938
|
-
|
|
4953
|
+
this.removeAccessToken(key, correlationId);
|
|
4939
4954
|
}
|
|
4940
4955
|
});
|
|
4941
4956
|
allTokenKeys.refreshToken.forEach((key) => {
|
|
4942
4957
|
if (key.indexOf(accountId) === 0) {
|
|
4943
|
-
this.removeRefreshToken(key);
|
|
4958
|
+
this.removeRefreshToken(key, correlationId);
|
|
4959
|
+
}
|
|
4960
|
+
});
|
|
4961
|
+
this.getKeys().forEach((key) => {
|
|
4962
|
+
if (key.includes(accountId)) {
|
|
4963
|
+
this.removeItem(key, correlationId);
|
|
4944
4964
|
}
|
|
4945
4965
|
});
|
|
4946
|
-
await Promise.all(removedCredentials);
|
|
4947
4966
|
}
|
|
4948
4967
|
/**
|
|
4949
4968
|
* Migrates a single-tenant account and all it's associated alternate cross-tenant account objects in the
|
|
@@ -4953,7 +4972,7 @@ class CacheManager {
|
|
|
4953
4972
|
* @param logger
|
|
4954
4973
|
* @returns
|
|
4955
4974
|
*/
|
|
4956
|
-
updateOutdatedCachedAccount(accountKey, accountEntity, logger) {
|
|
4975
|
+
updateOutdatedCachedAccount(accountKey, accountEntity, correlationId, logger) {
|
|
4957
4976
|
// Only update if account entity is defined and has no tenantProfiles object (is outdated)
|
|
4958
4977
|
if (accountEntity && accountEntity.isSingleTenant()) {
|
|
4959
4978
|
this.commonLogger?.verbose("updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity");
|
|
@@ -4964,7 +4983,7 @@ class CacheManager {
|
|
|
4964
4983
|
// Get all account entities belonging to user
|
|
4965
4984
|
const accountsToMerge = [];
|
|
4966
4985
|
matchingAccountKeys.forEach((key) => {
|
|
4967
|
-
const account = this.getCachedAccountEntity(key);
|
|
4986
|
+
const account = this.getCachedAccountEntity(key, correlationId);
|
|
4968
4987
|
if (account) {
|
|
4969
4988
|
accountsToMerge.push(account);
|
|
4970
4989
|
}
|
|
@@ -4989,11 +5008,11 @@ class CacheManager {
|
|
|
4989
5008
|
// Clear cache of legacy account objects that have been collpsed into tenant profiles
|
|
4990
5009
|
matchingAccountKeys.forEach((key) => {
|
|
4991
5010
|
if (key !== newAccountKey) {
|
|
4992
|
-
this.removeOutdatedAccount(accountKey);
|
|
5011
|
+
this.removeOutdatedAccount(accountKey, correlationId);
|
|
4993
5012
|
}
|
|
4994
5013
|
});
|
|
4995
5014
|
// Cache updated account object
|
|
4996
|
-
this.setAccount(updatedAccount);
|
|
5015
|
+
this.setAccount(updatedAccount, correlationId);
|
|
4997
5016
|
logger?.verbose("Updated an outdated account entity in the cache");
|
|
4998
5017
|
return updatedAccount;
|
|
4999
5018
|
}
|
|
@@ -5004,37 +5023,31 @@ class CacheManager {
|
|
|
5004
5023
|
* returns a boolean if the given credential is removed
|
|
5005
5024
|
* @param credential
|
|
5006
5025
|
*/
|
|
5007
|
-
|
|
5008
|
-
const credential = this.getAccessTokenCredential(key);
|
|
5009
|
-
|
|
5026
|
+
removeAccessToken(key, correlationId) {
|
|
5027
|
+
const credential = this.getAccessTokenCredential(key, correlationId);
|
|
5028
|
+
this.removeItem(key, correlationId);
|
|
5029
|
+
if (!credential ||
|
|
5030
|
+
credential.credentialType.toLowerCase() !==
|
|
5031
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
|
|
5032
|
+
credential.tokenType !== AuthenticationScheme.POP) {
|
|
5010
5033
|
return;
|
|
5011
5034
|
}
|
|
5012
5035
|
// Remove Token Binding Key from key store for PoP Tokens Credentials
|
|
5013
|
-
|
|
5014
|
-
|
|
5015
|
-
|
|
5016
|
-
|
|
5017
|
-
|
|
5018
|
-
if (kid) {
|
|
5019
|
-
try {
|
|
5020
|
-
await this.cryptoImpl.removeTokenBindingKey(kid);
|
|
5021
|
-
}
|
|
5022
|
-
catch (error) {
|
|
5023
|
-
throw createClientAuthError(bindingKeyNotRemoved);
|
|
5024
|
-
}
|
|
5025
|
-
}
|
|
5026
|
-
}
|
|
5036
|
+
const kid = credential.keyId;
|
|
5037
|
+
if (kid) {
|
|
5038
|
+
void this.cryptoImpl.removeTokenBindingKey(kid).catch(() => {
|
|
5039
|
+
this.commonLogger.error("Binding key could not be removed");
|
|
5040
|
+
});
|
|
5027
5041
|
}
|
|
5028
|
-
return this.removeItem(key);
|
|
5029
5042
|
}
|
|
5030
5043
|
/**
|
|
5031
5044
|
* Removes all app metadata objects from cache.
|
|
5032
5045
|
*/
|
|
5033
|
-
removeAppMetadata() {
|
|
5046
|
+
removeAppMetadata(correlationId) {
|
|
5034
5047
|
const allCacheKeys = this.getKeys();
|
|
5035
5048
|
allCacheKeys.forEach((cacheKey) => {
|
|
5036
5049
|
if (this.isAppMetadata(cacheKey)) {
|
|
5037
|
-
this.removeItem(cacheKey);
|
|
5050
|
+
this.removeItem(cacheKey, correlationId);
|
|
5038
5051
|
}
|
|
5039
5052
|
});
|
|
5040
5053
|
return true;
|
|
@@ -5043,9 +5056,9 @@ class CacheManager {
|
|
|
5043
5056
|
* Retrieve AccountEntity from cache
|
|
5044
5057
|
* @param account
|
|
5045
5058
|
*/
|
|
5046
|
-
readAccountFromCache(account) {
|
|
5059
|
+
readAccountFromCache(account, correlationId) {
|
|
5047
5060
|
const accountKey = AccountEntity.generateAccountCacheKey(account);
|
|
5048
|
-
return this.getAccount(accountKey, this.commonLogger);
|
|
5061
|
+
return this.getAccount(accountKey, correlationId, this.commonLogger);
|
|
5049
5062
|
}
|
|
5050
5063
|
/**
|
|
5051
5064
|
* Retrieve IdTokenEntity from cache
|
|
@@ -5055,7 +5068,7 @@ class CacheManager {
|
|
|
5055
5068
|
* @param performanceClient {?IPerformanceClient}
|
|
5056
5069
|
* @param correlationId {?string}
|
|
5057
5070
|
*/
|
|
5058
|
-
getIdToken(account, tokenKeys, targetRealm, performanceClient
|
|
5071
|
+
getIdToken(account, correlationId, tokenKeys, targetRealm, performanceClient) {
|
|
5059
5072
|
this.commonLogger.trace("CacheManager - getIdToken called");
|
|
5060
5073
|
const idTokenFilter = {
|
|
5061
5074
|
homeAccountId: account.homeAccountId,
|
|
@@ -5064,7 +5077,7 @@ class CacheManager {
|
|
|
5064
5077
|
clientId: this.clientId,
|
|
5065
5078
|
realm: targetRealm,
|
|
5066
5079
|
};
|
|
5067
|
-
const idTokenMap = this.getIdTokensByFilter(idTokenFilter, tokenKeys);
|
|
5080
|
+
const idTokenMap = this.getIdTokensByFilter(idTokenFilter, correlationId, tokenKeys);
|
|
5068
5081
|
const numIdTokens = idTokenMap.size;
|
|
5069
5082
|
if (numIdTokens < 1) {
|
|
5070
5083
|
this.commonLogger.info("CacheManager:getIdToken - No token found");
|
|
@@ -5097,7 +5110,7 @@ class CacheManager {
|
|
|
5097
5110
|
// Multiple tokens for a single tenant profile, remove all and return null
|
|
5098
5111
|
this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them");
|
|
5099
5112
|
tokensToBeRemoved.forEach((idToken, key) => {
|
|
5100
|
-
this.removeIdToken(key);
|
|
5113
|
+
this.removeIdToken(key, correlationId);
|
|
5101
5114
|
});
|
|
5102
5115
|
if (performanceClient && correlationId) {
|
|
5103
5116
|
performanceClient.addFields({ multiMatchedID: idTokenMap.size }, correlationId);
|
|
@@ -5112,7 +5125,7 @@ class CacheManager {
|
|
|
5112
5125
|
* @param filter
|
|
5113
5126
|
* @returns
|
|
5114
5127
|
*/
|
|
5115
|
-
getIdTokensByFilter(filter, tokenKeys) {
|
|
5128
|
+
getIdTokensByFilter(filter, correlationId, tokenKeys) {
|
|
5116
5129
|
const idTokenKeys = (tokenKeys && tokenKeys.idToken) || this.getTokenKeys().idToken;
|
|
5117
5130
|
const idTokens = new Map();
|
|
5118
5131
|
idTokenKeys.forEach((key) => {
|
|
@@ -5122,7 +5135,7 @@ class CacheManager {
|
|
|
5122
5135
|
})) {
|
|
5123
5136
|
return;
|
|
5124
5137
|
}
|
|
5125
|
-
const idToken = this.getIdTokenCredential(key);
|
|
5138
|
+
const idToken = this.getIdTokenCredential(key, correlationId);
|
|
5126
5139
|
if (idToken && this.credentialMatchesFilter(idToken, filter)) {
|
|
5127
5140
|
idTokens.set(key, idToken);
|
|
5128
5141
|
}
|
|
@@ -5151,15 +5164,15 @@ class CacheManager {
|
|
|
5151
5164
|
* Removes idToken from the cache
|
|
5152
5165
|
* @param key
|
|
5153
5166
|
*/
|
|
5154
|
-
removeIdToken(key) {
|
|
5155
|
-
this.removeItem(key);
|
|
5167
|
+
removeIdToken(key, correlationId) {
|
|
5168
|
+
this.removeItem(key, correlationId);
|
|
5156
5169
|
}
|
|
5157
5170
|
/**
|
|
5158
5171
|
* Removes refresh token from the cache
|
|
5159
5172
|
* @param key
|
|
5160
5173
|
*/
|
|
5161
|
-
removeRefreshToken(key) {
|
|
5162
|
-
this.removeItem(key);
|
|
5174
|
+
removeRefreshToken(key, correlationId) {
|
|
5175
|
+
this.removeItem(key, correlationId);
|
|
5163
5176
|
}
|
|
5164
5177
|
/**
|
|
5165
5178
|
* Retrieve AccessTokenEntity from cache
|
|
@@ -5169,7 +5182,7 @@ class CacheManager {
|
|
|
5169
5182
|
* @param performanceClient {?IPerformanceClient}
|
|
5170
5183
|
* @param correlationId {?string}
|
|
5171
5184
|
*/
|
|
5172
|
-
getAccessToken(account, request, tokenKeys, targetRealm, performanceClient
|
|
5185
|
+
getAccessToken(account, request, tokenKeys, targetRealm, performanceClient) {
|
|
5173
5186
|
this.commonLogger.trace("CacheManager - getAccessToken called");
|
|
5174
5187
|
const scopes = ScopeSet.createSearchScopes(request.scopes);
|
|
5175
5188
|
const authScheme = request.authenticationScheme || AuthenticationScheme.BEARER;
|
|
@@ -5199,7 +5212,7 @@ class CacheManager {
|
|
|
5199
5212
|
accessTokenKeys.forEach((key) => {
|
|
5200
5213
|
// Validate key
|
|
5201
5214
|
if (this.accessTokenKeyMatchesFilter(key, accessTokenFilter, true)) {
|
|
5202
|
-
const accessToken = this.getAccessTokenCredential(key);
|
|
5215
|
+
const accessToken = this.getAccessTokenCredential(key, request.correlationId);
|
|
5203
5216
|
// Validate value
|
|
5204
5217
|
if (accessToken &&
|
|
5205
5218
|
this.credentialMatchesFilter(accessToken, accessTokenFilter)) {
|
|
@@ -5215,10 +5228,10 @@ class CacheManager {
|
|
|
5215
5228
|
else if (numAccessTokens > 1) {
|
|
5216
5229
|
this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them");
|
|
5217
5230
|
accessTokens.forEach((accessToken) => {
|
|
5218
|
-
void this.removeAccessToken(generateCredentialKey(accessToken));
|
|
5231
|
+
void this.removeAccessToken(generateCredentialKey(accessToken), request.correlationId);
|
|
5219
5232
|
});
|
|
5220
|
-
if (performanceClient && correlationId) {
|
|
5221
|
-
performanceClient.addFields({ multiMatchedAT: accessTokens.length }, correlationId);
|
|
5233
|
+
if (performanceClient && request.correlationId) {
|
|
5234
|
+
performanceClient.addFields({ multiMatchedAT: accessTokens.length }, request.correlationId);
|
|
5222
5235
|
}
|
|
5223
5236
|
return null;
|
|
5224
5237
|
}
|
|
@@ -5271,14 +5284,14 @@ class CacheManager {
|
|
|
5271
5284
|
* @param filter
|
|
5272
5285
|
* @returns
|
|
5273
5286
|
*/
|
|
5274
|
-
getAccessTokensByFilter(filter) {
|
|
5287
|
+
getAccessTokensByFilter(filter, correlationId) {
|
|
5275
5288
|
const tokenKeys = this.getTokenKeys();
|
|
5276
5289
|
const accessTokens = [];
|
|
5277
5290
|
tokenKeys.accessToken.forEach((key) => {
|
|
5278
5291
|
if (!this.accessTokenKeyMatchesFilter(key, filter, true)) {
|
|
5279
5292
|
return;
|
|
5280
5293
|
}
|
|
5281
|
-
const accessToken = this.getAccessTokenCredential(key);
|
|
5294
|
+
const accessToken = this.getAccessTokenCredential(key, correlationId);
|
|
5282
5295
|
if (accessToken &&
|
|
5283
5296
|
this.credentialMatchesFilter(accessToken, filter)) {
|
|
5284
5297
|
accessTokens.push(accessToken);
|
|
@@ -5294,7 +5307,7 @@ class CacheManager {
|
|
|
5294
5307
|
* @param performanceClient {?IPerformanceClient}
|
|
5295
5308
|
* @param correlationId {?string}
|
|
5296
5309
|
*/
|
|
5297
|
-
getRefreshToken(account, familyRT, tokenKeys, performanceClient
|
|
5310
|
+
getRefreshToken(account, familyRT, correlationId, tokenKeys, performanceClient) {
|
|
5298
5311
|
this.commonLogger.trace("CacheManager - getRefreshToken called");
|
|
5299
5312
|
const id = familyRT ? THE_FAMILY_ID : undefined;
|
|
5300
5313
|
const refreshTokenFilter = {
|
|
@@ -5310,7 +5323,7 @@ class CacheManager {
|
|
|
5310
5323
|
refreshTokenKeys.forEach((key) => {
|
|
5311
5324
|
// Validate key
|
|
5312
5325
|
if (this.refreshTokenKeyMatchesFilter(key, refreshTokenFilter)) {
|
|
5313
|
-
const refreshToken = this.getRefreshTokenCredential(key);
|
|
5326
|
+
const refreshToken = this.getRefreshTokenCredential(key, correlationId);
|
|
5314
5327
|
// Validate value
|
|
5315
5328
|
if (refreshToken &&
|
|
5316
5329
|
this.credentialMatchesFilter(refreshToken, refreshTokenFilter)) {
|
|
@@ -5661,9 +5674,6 @@ class DefaultStorageClass extends CacheManager {
|
|
|
5661
5674
|
getTokenKeys() {
|
|
5662
5675
|
throw createClientAuthError(methodNotImplemented);
|
|
5663
5676
|
}
|
|
5664
|
-
async clear() {
|
|
5665
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5666
|
-
}
|
|
5667
5677
|
updateCredentialCacheKey() {
|
|
5668
5678
|
throw createClientAuthError(methodNotImplemented);
|
|
5669
5679
|
}
|
|
@@ -5769,154 +5779,6 @@ function isOidcProtocolMode(config) {
|
|
|
5769
5779
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
5770
5780
|
}
|
|
5771
5781
|
|
|
5772
|
-
/*
|
|
5773
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5774
|
-
* Licensed under the MIT License.
|
|
5775
|
-
*/
|
|
5776
|
-
/**
|
|
5777
|
-
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
5778
|
-
*/
|
|
5779
|
-
class ServerError extends AuthError {
|
|
5780
|
-
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
5781
|
-
super(errorCode, errorMessage, subError);
|
|
5782
|
-
this.name = "ServerError";
|
|
5783
|
-
this.errorNo = errorNo;
|
|
5784
|
-
this.status = status;
|
|
5785
|
-
Object.setPrototypeOf(this, ServerError.prototype);
|
|
5786
|
-
}
|
|
5787
|
-
}
|
|
5788
|
-
|
|
5789
|
-
/*
|
|
5790
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5791
|
-
* Licensed under the MIT License.
|
|
5792
|
-
*/
|
|
5793
|
-
/** @internal */
|
|
5794
|
-
class ThrottlingUtils {
|
|
5795
|
-
/**
|
|
5796
|
-
* Prepares a RequestThumbprint to be stored as a key.
|
|
5797
|
-
* @param thumbprint
|
|
5798
|
-
*/
|
|
5799
|
-
static generateThrottlingStorageKey(thumbprint) {
|
|
5800
|
-
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
5801
|
-
}
|
|
5802
|
-
/**
|
|
5803
|
-
* Performs necessary throttling checks before a network request.
|
|
5804
|
-
* @param cacheManager
|
|
5805
|
-
* @param thumbprint
|
|
5806
|
-
*/
|
|
5807
|
-
static preProcess(cacheManager, thumbprint) {
|
|
5808
|
-
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
5809
|
-
const value = cacheManager.getThrottlingCache(key);
|
|
5810
|
-
if (value) {
|
|
5811
|
-
if (value.throttleTime < Date.now()) {
|
|
5812
|
-
cacheManager.removeItem(key);
|
|
5813
|
-
return;
|
|
5814
|
-
}
|
|
5815
|
-
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
5816
|
-
}
|
|
5817
|
-
}
|
|
5818
|
-
/**
|
|
5819
|
-
* Performs necessary throttling checks after a network request.
|
|
5820
|
-
* @param cacheManager
|
|
5821
|
-
* @param thumbprint
|
|
5822
|
-
* @param response
|
|
5823
|
-
*/
|
|
5824
|
-
static postProcess(cacheManager, thumbprint, response) {
|
|
5825
|
-
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
5826
|
-
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
5827
|
-
const thumbprintValue = {
|
|
5828
|
-
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
5829
|
-
error: response.body.error,
|
|
5830
|
-
errorCodes: response.body.error_codes,
|
|
5831
|
-
errorMessage: response.body.error_description,
|
|
5832
|
-
subError: response.body.suberror,
|
|
5833
|
-
};
|
|
5834
|
-
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
5835
|
-
}
|
|
5836
|
-
}
|
|
5837
|
-
/**
|
|
5838
|
-
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
5839
|
-
* @param response
|
|
5840
|
-
*/
|
|
5841
|
-
static checkResponseStatus(response) {
|
|
5842
|
-
return (response.status === 429 ||
|
|
5843
|
-
(response.status >= 500 && response.status < 600));
|
|
5844
|
-
}
|
|
5845
|
-
/**
|
|
5846
|
-
* Checks a NetworkResponse object's RetryAfter header
|
|
5847
|
-
* @param response
|
|
5848
|
-
*/
|
|
5849
|
-
static checkResponseForRetryAfter(response) {
|
|
5850
|
-
if (response.headers) {
|
|
5851
|
-
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
5852
|
-
(response.status < 200 || response.status >= 300));
|
|
5853
|
-
}
|
|
5854
|
-
return false;
|
|
5855
|
-
}
|
|
5856
|
-
/**
|
|
5857
|
-
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
5858
|
-
* @param throttleTime
|
|
5859
|
-
*/
|
|
5860
|
-
static calculateThrottleTime(throttleTime) {
|
|
5861
|
-
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
5862
|
-
const currentSeconds = Date.now() / 1000;
|
|
5863
|
-
return Math.floor(Math.min(currentSeconds +
|
|
5864
|
-
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
5865
|
-
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
5866
|
-
}
|
|
5867
|
-
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
5868
|
-
const thumbprint = {
|
|
5869
|
-
clientId: clientId,
|
|
5870
|
-
authority: request.authority,
|
|
5871
|
-
scopes: request.scopes,
|
|
5872
|
-
homeAccountIdentifier: homeAccountIdentifier,
|
|
5873
|
-
claims: request.claims,
|
|
5874
|
-
authenticationScheme: request.authenticationScheme,
|
|
5875
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
5876
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
5877
|
-
shrClaims: request.shrClaims,
|
|
5878
|
-
sshKid: request.sshKid,
|
|
5879
|
-
};
|
|
5880
|
-
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
5881
|
-
cacheManager.removeItem(key);
|
|
5882
|
-
}
|
|
5883
|
-
}
|
|
5884
|
-
|
|
5885
|
-
/*
|
|
5886
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5887
|
-
* Licensed under the MIT License.
|
|
5888
|
-
*/
|
|
5889
|
-
/** @internal */
|
|
5890
|
-
class NetworkManager {
|
|
5891
|
-
constructor(networkClient, cacheManager) {
|
|
5892
|
-
this.networkClient = networkClient;
|
|
5893
|
-
this.cacheManager = cacheManager;
|
|
5894
|
-
}
|
|
5895
|
-
/**
|
|
5896
|
-
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
5897
|
-
* @param thumbprint
|
|
5898
|
-
* @param tokenEndpoint
|
|
5899
|
-
* @param options
|
|
5900
|
-
*/
|
|
5901
|
-
async sendPostRequest(thumbprint, tokenEndpoint, options) {
|
|
5902
|
-
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
5903
|
-
let response;
|
|
5904
|
-
try {
|
|
5905
|
-
response = await this.networkClient.sendPostRequestAsync(tokenEndpoint, options);
|
|
5906
|
-
}
|
|
5907
|
-
catch (e) {
|
|
5908
|
-
if (e instanceof AuthError) {
|
|
5909
|
-
throw e;
|
|
5910
|
-
}
|
|
5911
|
-
else {
|
|
5912
|
-
throw createClientAuthError(networkError);
|
|
5913
|
-
}
|
|
5914
|
-
}
|
|
5915
|
-
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
5916
|
-
return response;
|
|
5917
|
-
}
|
|
5918
|
-
}
|
|
5919
|
-
|
|
5920
5782
|
/*
|
|
5921
5783
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5922
5784
|
* Licensed under the MIT License.
|
|
@@ -5995,10 +5857,24 @@ class RequestValidator {
|
|
|
5995
5857
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5996
5858
|
* Licensed under the MIT License.
|
|
5997
5859
|
*/
|
|
5860
|
+
function instrumentBrokerParams(parameters, correlationId, performanceClient) {
|
|
5861
|
+
if (!correlationId) {
|
|
5862
|
+
return;
|
|
5863
|
+
}
|
|
5864
|
+
const clientId = parameters.get(CLIENT_ID);
|
|
5865
|
+
if (clientId && parameters.has(BROKER_CLIENT_ID)) {
|
|
5866
|
+
performanceClient?.addFields({
|
|
5867
|
+
embeddedClientId: clientId,
|
|
5868
|
+
embeddedRedirectUri: parameters.get(REDIRECT_URI),
|
|
5869
|
+
}, correlationId);
|
|
5870
|
+
}
|
|
5871
|
+
}
|
|
5998
5872
|
/** @internal */
|
|
5999
5873
|
class RequestParameterBuilder {
|
|
6000
|
-
constructor() {
|
|
5874
|
+
constructor(correlationId, performanceClient) {
|
|
6001
5875
|
this.parameters = new Map();
|
|
5876
|
+
this.performanceClient = performanceClient;
|
|
5877
|
+
this.correlationId = correlationId;
|
|
6002
5878
|
}
|
|
6003
5879
|
/**
|
|
6004
5880
|
* add response_type = code
|
|
@@ -6362,6 +6238,14 @@ class RequestParameterBuilder {
|
|
|
6362
6238
|
addLogoutHint(logoutHint) {
|
|
6363
6239
|
this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
|
|
6364
6240
|
}
|
|
6241
|
+
addBrokerParameters(params) {
|
|
6242
|
+
const brokerParams = {};
|
|
6243
|
+
brokerParams[BROKER_CLIENT_ID] =
|
|
6244
|
+
params.brokerClientId;
|
|
6245
|
+
brokerParams[BROKER_REDIRECT_URI] =
|
|
6246
|
+
params.brokerRedirectUri;
|
|
6247
|
+
this.addExtraQueryParameters(brokerParams);
|
|
6248
|
+
}
|
|
6365
6249
|
/**
|
|
6366
6250
|
* Utility to create a URL from the params map
|
|
6367
6251
|
*/
|
|
@@ -6370,10 +6254,152 @@ class RequestParameterBuilder {
|
|
|
6370
6254
|
this.parameters.forEach((value, key) => {
|
|
6371
6255
|
queryParameterArray.push(`${key}=${value}`);
|
|
6372
6256
|
});
|
|
6257
|
+
instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
|
|
6373
6258
|
return queryParameterArray.join("&");
|
|
6374
6259
|
}
|
|
6375
6260
|
}
|
|
6376
6261
|
|
|
6262
|
+
/*
|
|
6263
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6264
|
+
* Licensed under the MIT License.
|
|
6265
|
+
*/
|
|
6266
|
+
/**
|
|
6267
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
6268
|
+
*/
|
|
6269
|
+
class ServerError extends AuthError {
|
|
6270
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
6271
|
+
super(errorCode, errorMessage, subError);
|
|
6272
|
+
this.name = "ServerError";
|
|
6273
|
+
this.errorNo = errorNo;
|
|
6274
|
+
this.status = status;
|
|
6275
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
6276
|
+
}
|
|
6277
|
+
}
|
|
6278
|
+
|
|
6279
|
+
/*
|
|
6280
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6281
|
+
* Licensed under the MIT License.
|
|
6282
|
+
*/
|
|
6283
|
+
/** @internal */
|
|
6284
|
+
class ThrottlingUtils {
|
|
6285
|
+
/**
|
|
6286
|
+
* Prepares a RequestThumbprint to be stored as a key.
|
|
6287
|
+
* @param thumbprint
|
|
6288
|
+
*/
|
|
6289
|
+
static generateThrottlingStorageKey(thumbprint) {
|
|
6290
|
+
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
6291
|
+
}
|
|
6292
|
+
/**
|
|
6293
|
+
* Performs necessary throttling checks before a network request.
|
|
6294
|
+
* @param cacheManager
|
|
6295
|
+
* @param thumbprint
|
|
6296
|
+
*/
|
|
6297
|
+
static preProcess(cacheManager, thumbprint, correlationId) {
|
|
6298
|
+
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
6299
|
+
const value = cacheManager.getThrottlingCache(key);
|
|
6300
|
+
if (value) {
|
|
6301
|
+
if (value.throttleTime < Date.now()) {
|
|
6302
|
+
cacheManager.removeItem(key, correlationId);
|
|
6303
|
+
return;
|
|
6304
|
+
}
|
|
6305
|
+
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
6306
|
+
}
|
|
6307
|
+
}
|
|
6308
|
+
/**
|
|
6309
|
+
* Performs necessary throttling checks after a network request.
|
|
6310
|
+
* @param cacheManager
|
|
6311
|
+
* @param thumbprint
|
|
6312
|
+
* @param response
|
|
6313
|
+
*/
|
|
6314
|
+
static postProcess(cacheManager, thumbprint, response, correlationId) {
|
|
6315
|
+
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
6316
|
+
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
6317
|
+
const thumbprintValue = {
|
|
6318
|
+
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
6319
|
+
error: response.body.error,
|
|
6320
|
+
errorCodes: response.body.error_codes,
|
|
6321
|
+
errorMessage: response.body.error_description,
|
|
6322
|
+
subError: response.body.suberror,
|
|
6323
|
+
};
|
|
6324
|
+
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue, correlationId);
|
|
6325
|
+
}
|
|
6326
|
+
}
|
|
6327
|
+
/**
|
|
6328
|
+
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
6329
|
+
* @param response
|
|
6330
|
+
*/
|
|
6331
|
+
static checkResponseStatus(response) {
|
|
6332
|
+
return (response.status === 429 ||
|
|
6333
|
+
(response.status >= 500 && response.status < 600));
|
|
6334
|
+
}
|
|
6335
|
+
/**
|
|
6336
|
+
* Checks a NetworkResponse object's RetryAfter header
|
|
6337
|
+
* @param response
|
|
6338
|
+
*/
|
|
6339
|
+
static checkResponseForRetryAfter(response) {
|
|
6340
|
+
if (response.headers) {
|
|
6341
|
+
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
6342
|
+
(response.status < 200 || response.status >= 300));
|
|
6343
|
+
}
|
|
6344
|
+
return false;
|
|
6345
|
+
}
|
|
6346
|
+
/**
|
|
6347
|
+
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
6348
|
+
* @param throttleTime
|
|
6349
|
+
*/
|
|
6350
|
+
static calculateThrottleTime(throttleTime) {
|
|
6351
|
+
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
6352
|
+
const currentSeconds = Date.now() / 1000;
|
|
6353
|
+
return Math.floor(Math.min(currentSeconds +
|
|
6354
|
+
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
6355
|
+
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
6356
|
+
}
|
|
6357
|
+
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
6358
|
+
const thumbprint = {
|
|
6359
|
+
clientId: clientId,
|
|
6360
|
+
authority: request.authority,
|
|
6361
|
+
scopes: request.scopes,
|
|
6362
|
+
homeAccountIdentifier: homeAccountIdentifier,
|
|
6363
|
+
claims: request.claims,
|
|
6364
|
+
authenticationScheme: request.authenticationScheme,
|
|
6365
|
+
resourceRequestMethod: request.resourceRequestMethod,
|
|
6366
|
+
resourceRequestUri: request.resourceRequestUri,
|
|
6367
|
+
shrClaims: request.shrClaims,
|
|
6368
|
+
sshKid: request.sshKid,
|
|
6369
|
+
};
|
|
6370
|
+
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
6371
|
+
cacheManager.removeItem(key, request.correlationId);
|
|
6372
|
+
}
|
|
6373
|
+
}
|
|
6374
|
+
|
|
6375
|
+
/*
|
|
6376
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6377
|
+
* Licensed under the MIT License.
|
|
6378
|
+
*/
|
|
6379
|
+
/**
|
|
6380
|
+
* Represents network related errors
|
|
6381
|
+
*/
|
|
6382
|
+
class NetworkError extends AuthError {
|
|
6383
|
+
constructor(error, httpStatus, responseHeaders) {
|
|
6384
|
+
super(error.errorCode, error.errorMessage, error.subError);
|
|
6385
|
+
Object.setPrototypeOf(this, NetworkError.prototype);
|
|
6386
|
+
this.name = "NetworkError";
|
|
6387
|
+
this.error = error;
|
|
6388
|
+
this.httpStatus = httpStatus;
|
|
6389
|
+
this.responseHeaders = responseHeaders;
|
|
6390
|
+
}
|
|
6391
|
+
}
|
|
6392
|
+
/**
|
|
6393
|
+
* Creates NetworkError object for a failed network request
|
|
6394
|
+
* @param error - Error to be thrown back to the caller
|
|
6395
|
+
* @param httpStatus - Status code of the network request
|
|
6396
|
+
* @param responseHeaders - Response headers of the network request, when available
|
|
6397
|
+
* @returns NetworkError object
|
|
6398
|
+
*/
|
|
6399
|
+
function createNetworkError(error, httpStatus, responseHeaders) {
|
|
6400
|
+
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6401
|
+
}
|
|
6402
|
+
|
|
6377
6403
|
/*
|
|
6378
6404
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6379
6405
|
* Licensed under the MIT License.
|
|
@@ -6394,8 +6420,6 @@ class BaseClient {
|
|
|
6394
6420
|
this.cacheManager = this.config.storageInterface;
|
|
6395
6421
|
// Set the network interface
|
|
6396
6422
|
this.networkClient = this.config.networkInterface;
|
|
6397
|
-
// Set the NetworkManager
|
|
6398
|
-
this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);
|
|
6399
6423
|
// Set TelemetryManager
|
|
6400
6424
|
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
6401
6425
|
// set Authority
|
|
@@ -6439,11 +6463,7 @@ class BaseClient {
|
|
|
6439
6463
|
if (queuedEvent) {
|
|
6440
6464
|
this.performanceClient?.addQueueMeasurement(queuedEvent, correlationId);
|
|
6441
6465
|
}
|
|
6442
|
-
const response = await this.
|
|
6443
|
-
this.performanceClient?.addFields({
|
|
6444
|
-
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6445
|
-
httpVerToken: response.headers?.[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6446
|
-
}, correlationId);
|
|
6466
|
+
const response = await this.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId);
|
|
6447
6467
|
if (this.config.serverTelemetryManager &&
|
|
6448
6468
|
response.status < 500 &&
|
|
6449
6469
|
response.status !== 429) {
|
|
@@ -6452,6 +6472,52 @@ class BaseClient {
|
|
|
6452
6472
|
}
|
|
6453
6473
|
return response;
|
|
6454
6474
|
}
|
|
6475
|
+
/**
|
|
6476
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
6477
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
6478
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
6479
|
+
* @param options - Body and Headers to include on the POST request
|
|
6480
|
+
* @param correlationId - CorrelationId for telemetry
|
|
6481
|
+
*/
|
|
6482
|
+
async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
|
|
6483
|
+
ThrottlingUtils.preProcess(this.cacheManager, thumbprint, correlationId);
|
|
6484
|
+
let response;
|
|
6485
|
+
try {
|
|
6486
|
+
response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
|
|
6487
|
+
const responseHeaders = response.headers || {};
|
|
6488
|
+
this.performanceClient?.addFields({
|
|
6489
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6490
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6491
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
6492
|
+
}, correlationId);
|
|
6493
|
+
}
|
|
6494
|
+
catch (e) {
|
|
6495
|
+
if (e instanceof NetworkError) {
|
|
6496
|
+
const responseHeaders = e.responseHeaders;
|
|
6497
|
+
if (responseHeaders) {
|
|
6498
|
+
this.performanceClient?.addFields({
|
|
6499
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6500
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] ||
|
|
6501
|
+
"",
|
|
6502
|
+
contentTypeHeader: responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
6503
|
+
undefined,
|
|
6504
|
+
contentLengthHeader: responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
6505
|
+
undefined,
|
|
6506
|
+
httpStatus: e.httpStatus,
|
|
6507
|
+
}, correlationId);
|
|
6508
|
+
}
|
|
6509
|
+
throw e.error;
|
|
6510
|
+
}
|
|
6511
|
+
if (e instanceof AuthError) {
|
|
6512
|
+
throw e;
|
|
6513
|
+
}
|
|
6514
|
+
else {
|
|
6515
|
+
throw createClientAuthError(networkError);
|
|
6516
|
+
}
|
|
6517
|
+
}
|
|
6518
|
+
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response, correlationId);
|
|
6519
|
+
return response;
|
|
6520
|
+
}
|
|
6455
6521
|
/**
|
|
6456
6522
|
* Updates the authority object of the client. Endpoint discovery must be completed.
|
|
6457
6523
|
* @param updatedAuthority
|
|
@@ -6467,10 +6533,17 @@ class BaseClient {
|
|
|
6467
6533
|
* @param request
|
|
6468
6534
|
*/
|
|
6469
6535
|
createTokenQueryParameters(request) {
|
|
6470
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
6536
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
6537
|
+
if (request.embeddedClientId) {
|
|
6538
|
+
parameterBuilder.addBrokerParameters({
|
|
6539
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
6540
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
6541
|
+
});
|
|
6542
|
+
}
|
|
6471
6543
|
if (request.tokenQueryParameters) {
|
|
6472
6544
|
parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);
|
|
6473
6545
|
}
|
|
6546
|
+
parameterBuilder.addCorrelationId(request.correlationId);
|
|
6474
6547
|
return parameterBuilder.createQueryString();
|
|
6475
6548
|
}
|
|
6476
6549
|
}
|
|
@@ -6922,13 +6995,13 @@ class ResponseHandler {
|
|
|
6922
6995
|
!forceCacheRefreshTokenResponse &&
|
|
6923
6996
|
cacheRecord.account) {
|
|
6924
6997
|
const key = cacheRecord.account.generateAccountKey();
|
|
6925
|
-
const account = this.cacheStorage.getAccount(key, this.logger);
|
|
6998
|
+
const account = this.cacheStorage.getAccount(key, request.correlationId, this.logger);
|
|
6926
6999
|
if (!account) {
|
|
6927
7000
|
this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache");
|
|
6928
7001
|
return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
|
|
6929
7002
|
}
|
|
6930
7003
|
}
|
|
6931
|
-
await this.cacheStorage.saveCacheRecord(cacheRecord, request.
|
|
7004
|
+
await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, request.storeInCache);
|
|
6932
7005
|
}
|
|
6933
7006
|
finally {
|
|
6934
7007
|
if (this.persistencePlugin &&
|
|
@@ -6957,7 +7030,7 @@ class ResponseHandler {
|
|
|
6957
7030
|
let cachedAccount;
|
|
6958
7031
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
6959
7032
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
6960
|
-
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
7033
|
+
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
6961
7034
|
this.logger);
|
|
6962
7035
|
}
|
|
6963
7036
|
// AccessToken
|
|
@@ -7105,7 +7178,7 @@ class ResponseHandler {
|
|
|
7105
7178
|
};
|
|
7106
7179
|
}
|
|
7107
7180
|
}
|
|
7108
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
7181
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
7109
7182
|
logger?.verbose("setCachedAccount called");
|
|
7110
7183
|
// Check if base account is already cached
|
|
7111
7184
|
const accountKeys = cacheStorage.getAccountKeys();
|
|
@@ -7114,7 +7187,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7114
7187
|
});
|
|
7115
7188
|
let cachedAccount = null;
|
|
7116
7189
|
if (baseAccountKey) {
|
|
7117
|
-
cachedAccount = cacheStorage.getAccount(baseAccountKey, logger);
|
|
7190
|
+
cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId, logger);
|
|
7118
7191
|
}
|
|
7119
7192
|
const baseAccount = cachedAccount ||
|
|
7120
7193
|
AccountEntity.createAccount({
|
|
@@ -7285,8 +7358,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7285
7358
|
*/
|
|
7286
7359
|
async createTokenRequestBody(request) {
|
|
7287
7360
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
|
|
7288
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7289
|
-
parameterBuilder.addClientId(request.
|
|
7361
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7362
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7363
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7290
7364
|
this.config.authOptions.clientId);
|
|
7291
7365
|
/*
|
|
7292
7366
|
* For hybrid spa flow, there will be a code but no verifier
|
|
@@ -7346,9 +7420,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7346
7420
|
throw createClientConfigurationError(missingSshJwk);
|
|
7347
7421
|
}
|
|
7348
7422
|
}
|
|
7349
|
-
const correlationId = request.correlationId ||
|
|
7350
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7351
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7352
7423
|
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7353
7424
|
(this.config.authOptions.clientCapabilities &&
|
|
7354
7425
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
@@ -7388,6 +7459,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7388
7459
|
break;
|
|
7389
7460
|
}
|
|
7390
7461
|
}
|
|
7462
|
+
if (request.embeddedClientId) {
|
|
7463
|
+
parameterBuilder.addBrokerParameters({
|
|
7464
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7465
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7466
|
+
});
|
|
7467
|
+
}
|
|
7391
7468
|
if (request.tokenBodyParameters) {
|
|
7392
7469
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7393
7470
|
}
|
|
@@ -7406,9 +7483,13 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7406
7483
|
* @param request
|
|
7407
7484
|
*/
|
|
7408
7485
|
async createAuthCodeUrlQueryString(request) {
|
|
7409
|
-
|
|
7410
|
-
const
|
|
7411
|
-
|
|
7486
|
+
// generate the correlationId if not set by the user and add
|
|
7487
|
+
const correlationId = request.correlationId ||
|
|
7488
|
+
this.config.cryptoInterface.createNewGuid();
|
|
7489
|
+
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, correlationId);
|
|
7490
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7491
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7492
|
+
request.extraQueryParameters?.[CLIENT_ID] ||
|
|
7412
7493
|
this.config.authOptions.clientId);
|
|
7413
7494
|
const requestScopes = [
|
|
7414
7495
|
...(request.scopes || []),
|
|
@@ -7417,9 +7498,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7417
7498
|
parameterBuilder.addScopes(requestScopes, true, this.oidcDefaultScopes);
|
|
7418
7499
|
// validate the redirectUri (to be a non null value)
|
|
7419
7500
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
7420
|
-
// generate the correlationId if not set by the user and add
|
|
7421
|
-
const correlationId = request.correlationId ||
|
|
7422
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7423
7501
|
parameterBuilder.addCorrelationId(correlationId);
|
|
7424
7502
|
// add response_mode. If not passed in it defaults to query.
|
|
7425
7503
|
parameterBuilder.addResponseMode(request.responseMode);
|
|
@@ -7521,6 +7599,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7521
7599
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7522
7600
|
parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);
|
|
7523
7601
|
}
|
|
7602
|
+
if (request.embeddedClientId) {
|
|
7603
|
+
parameterBuilder.addBrokerParameters({
|
|
7604
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7605
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7606
|
+
});
|
|
7607
|
+
}
|
|
7524
7608
|
this.addExtraQueryParams(request, parameterBuilder);
|
|
7525
7609
|
if (request.nativeBroker) {
|
|
7526
7610
|
// signal ests that this is a WAM call
|
|
@@ -7547,7 +7631,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7547
7631
|
* @param request
|
|
7548
7632
|
*/
|
|
7549
7633
|
createLogoutUrlQueryString(request) {
|
|
7550
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7634
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7551
7635
|
if (request.postLogoutRedirectUri) {
|
|
7552
7636
|
parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);
|
|
7553
7637
|
}
|
|
@@ -7661,7 +7745,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7661
7745
|
async acquireTokenWithCachedRefreshToken(request, foci) {
|
|
7662
7746
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
|
|
7663
7747
|
// fetches family RT or application RT based on FOCI value
|
|
7664
|
-
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, undefined, this.performanceClient
|
|
7748
|
+
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
|
|
7665
7749
|
if (!refreshToken) {
|
|
7666
7750
|
throw createInteractionRequiredAuthError(noTokensFound);
|
|
7667
7751
|
}
|
|
@@ -7689,7 +7773,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7689
7773
|
// Remove bad refresh token from cache
|
|
7690
7774
|
this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
|
|
7691
7775
|
const badRefreshTokenKey = generateCredentialKey(refreshToken);
|
|
7692
|
-
this.cacheManager.removeRefreshToken(badRefreshTokenKey);
|
|
7776
|
+
this.cacheManager.removeRefreshToken(badRefreshTokenKey, request.correlationId);
|
|
7693
7777
|
}
|
|
7694
7778
|
throw e;
|
|
7695
7779
|
}
|
|
@@ -7726,8 +7810,9 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7726
7810
|
async createTokenRequestBody(request) {
|
|
7727
7811
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
|
|
7728
7812
|
const correlationId = request.correlationId;
|
|
7729
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7730
|
-
parameterBuilder.addClientId(request.
|
|
7813
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7814
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7815
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7731
7816
|
this.config.authOptions.clientId);
|
|
7732
7817
|
if (request.redirectUri) {
|
|
7733
7818
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
@@ -7741,7 +7826,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7741
7826
|
if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
|
|
7742
7827
|
parameterBuilder.addServerTelemetry(this.serverTelemetryManager);
|
|
7743
7828
|
}
|
|
7744
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7745
7829
|
parameterBuilder.addRefreshToken(request.refreshToken);
|
|
7746
7830
|
if (this.config.clientCredentials.clientSecret) {
|
|
7747
7831
|
parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
|
|
@@ -7795,6 +7879,12 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7795
7879
|
break;
|
|
7796
7880
|
}
|
|
7797
7881
|
}
|
|
7882
|
+
if (request.embeddedClientId) {
|
|
7883
|
+
parameterBuilder.addBrokerParameters({
|
|
7884
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7885
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7886
|
+
});
|
|
7887
|
+
}
|
|
7798
7888
|
if (request.tokenBodyParameters) {
|
|
7799
7889
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7800
7890
|
}
|
|
@@ -7870,7 +7960,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7870
7960
|
const requestTenantId = request.account.tenantId ||
|
|
7871
7961
|
getTenantFromAuthorityString(request.authority);
|
|
7872
7962
|
const tokenKeys = this.cacheManager.getTokenKeys();
|
|
7873
|
-
const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId, this.performanceClient
|
|
7963
|
+
const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId, this.performanceClient);
|
|
7874
7964
|
if (!cachedAccessToken) {
|
|
7875
7965
|
// must refresh due to non-existent access_token
|
|
7876
7966
|
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
@@ -7890,9 +7980,9 @@ class SilentFlowClient extends BaseClient {
|
|
|
7890
7980
|
}
|
|
7891
7981
|
const environment = request.authority || this.authority.getPreferredCache();
|
|
7892
7982
|
const cacheRecord = {
|
|
7893
|
-
account: this.cacheManager.readAccountFromCache(request.account),
|
|
7983
|
+
account: this.cacheManager.readAccountFromCache(request.account, request.correlationId),
|
|
7894
7984
|
accessToken: cachedAccessToken,
|
|
7895
|
-
idToken: this.cacheManager.getIdToken(request.account, tokenKeys, requestTenantId, this.performanceClient
|
|
7985
|
+
idToken: this.cacheManager.getIdToken(request.account, request.correlationId, tokenKeys, requestTenantId, this.performanceClient),
|
|
7896
7986
|
refreshToken: null,
|
|
7897
7987
|
appMetadata: this.cacheManager.readAppMetadataFromCache(environment),
|
|
7898
7988
|
};
|
|
@@ -8142,7 +8232,7 @@ class ServerTelemetryManager {
|
|
|
8142
8232
|
else {
|
|
8143
8233
|
lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);
|
|
8144
8234
|
}
|
|
8145
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8235
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8146
8236
|
return;
|
|
8147
8237
|
}
|
|
8148
8238
|
/**
|
|
@@ -8151,7 +8241,7 @@ class ServerTelemetryManager {
|
|
|
8151
8241
|
incrementCacheHits() {
|
|
8152
8242
|
const lastRequests = this.getLastRequests();
|
|
8153
8243
|
lastRequests.cacheHits += 1;
|
|
8154
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8244
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8155
8245
|
return lastRequests.cacheHits;
|
|
8156
8246
|
}
|
|
8157
8247
|
/**
|
|
@@ -8175,7 +8265,7 @@ class ServerTelemetryManager {
|
|
|
8175
8265
|
const errorCount = lastRequests.errors.length;
|
|
8176
8266
|
if (numErrorsFlushed === errorCount) {
|
|
8177
8267
|
// All errors were sent on last request, clear Telemetry cache
|
|
8178
|
-
this.cacheManager.removeItem(this.telemetryCacheKey);
|
|
8268
|
+
this.cacheManager.removeItem(this.telemetryCacheKey, this.correlationId);
|
|
8179
8269
|
}
|
|
8180
8270
|
else {
|
|
8181
8271
|
// Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed
|
|
@@ -8184,7 +8274,7 @@ class ServerTelemetryManager {
|
|
|
8184
8274
|
errors: lastRequests.errors.slice(numErrorsFlushed),
|
|
8185
8275
|
cacheHits: 0,
|
|
8186
8276
|
};
|
|
8187
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity);
|
|
8277
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity, this.correlationId);
|
|
8188
8278
|
}
|
|
8189
8279
|
}
|
|
8190
8280
|
/**
|
|
@@ -8251,7 +8341,7 @@ class ServerTelemetryManager {
|
|
|
8251
8341
|
setNativeBrokerErrorCode(errorCode) {
|
|
8252
8342
|
const lastRequests = this.getLastRequests();
|
|
8253
8343
|
lastRequests.nativeBrokerErrorCode = errorCode;
|
|
8254
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8344
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8255
8345
|
}
|
|
8256
8346
|
getNativeBrokerErrorCode() {
|
|
8257
8347
|
return this.getLastRequests().nativeBrokerErrorCode;
|
|
@@ -8259,7 +8349,7 @@ class ServerTelemetryManager {
|
|
|
8259
8349
|
clearNativeBrokerErrorCode() {
|
|
8260
8350
|
const lastRequests = this.getLastRequests();
|
|
8261
8351
|
delete lastRequests.nativeBrokerErrorCode;
|
|
8262
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8352
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8263
8353
|
}
|
|
8264
8354
|
static makeExtraSkuString(params) {
|
|
8265
8355
|
return makeExtraSkuString(params);
|
|
@@ -8314,7 +8404,7 @@ exports.InteractionRequiredAuthErrorCodes = InteractionRequiredAuthErrorCodes;
|
|
|
8314
8404
|
exports.InteractionRequiredAuthErrorMessage = InteractionRequiredAuthErrorMessage;
|
|
8315
8405
|
exports.JsonWebTokenTypes = JsonWebTokenTypes;
|
|
8316
8406
|
exports.Logger = Logger;
|
|
8317
|
-
exports.
|
|
8407
|
+
exports.NetworkError = NetworkError;
|
|
8318
8408
|
exports.OIDC_DEFAULT_SCOPES = OIDC_DEFAULT_SCOPES;
|
|
8319
8409
|
exports.ONE_DAY_IN_MS = ONE_DAY_IN_MS;
|
|
8320
8410
|
exports.PasswordGrantConstants = PasswordGrantConstants;
|
|
@@ -8350,9 +8440,11 @@ exports.buildClientInfoFromHomeAccountId = buildClientInfoFromHomeAccountId;
|
|
|
8350
8440
|
exports.buildStaticAuthorityOptions = buildStaticAuthorityOptions;
|
|
8351
8441
|
exports.buildTenantProfile = buildTenantProfile;
|
|
8352
8442
|
exports.createAuthError = createAuthError;
|
|
8443
|
+
exports.createCacheError = createCacheError;
|
|
8353
8444
|
exports.createClientAuthError = createClientAuthError;
|
|
8354
8445
|
exports.createClientConfigurationError = createClientConfigurationError;
|
|
8355
8446
|
exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
|
|
8447
|
+
exports.createNetworkError = createNetworkError;
|
|
8356
8448
|
exports.formatAuthorityUri = formatAuthorityUri;
|
|
8357
8449
|
exports.getClientAssertion = getClientAssertion;
|
|
8358
8450
|
exports.getTenantIdFromIdTokenClaims = getTenantIdFromIdTokenClaims;
|
|
@@ -8361,4 +8453,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
8361
8453
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
8362
8454
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
8363
8455
|
exports.version = version;
|
|
8364
|
-
//# sourceMappingURL=index-node-
|
|
8456
|
+
//# sourceMappingURL=index-node-CebvEPer.js.map
|