@azure/msal-common 14.15.0 → 15.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/dist/cache/CacheManager.d.ts +8 -37
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +10 -77
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +4 -4
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +24 -13
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts +10 -3
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +62 -10
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +10 -4
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -0
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.d.ts +2 -0
- package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +5 -3
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.d.ts +19 -0
- package/dist/error/NetworkError.d.ts.map +1 -0
- package/dist/error/NetworkError.mjs +34 -0
- package/dist/error/NetworkError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +2 -1
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +2 -2
- package/dist/index-node.mjs +2 -2
- package/dist/index.mjs +2 -2
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.d.ts +1 -1
- package/dist/network/INetworkModule.d.ts.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/NetworkResponse.d.ts +6 -0
- package/dist/network/NetworkResponse.d.ts.map +1 -0
- package/dist/network/ThrottlingUtils.d.ts +1 -1
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +2 -0
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +8 -1
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +26 -3
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +3 -3
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +29 -10
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +6 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +1 -6
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +2 -7
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +33 -13
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-aee3f7b6.js → index-node-DDJMpU-A.js} +278 -260
- package/lib/index-node-DDJMpU-A.js.map +1 -0
- package/lib/index-node.cjs +5 -4
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -4
- package/lib/index.cjs.map +1 -1
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +8 -37
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +4 -4
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts +10 -3
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -0
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
- package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
- package/lib/types/error/NetworkError.d.ts +19 -0
- package/lib/types/error/NetworkError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +2 -1
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/network/INetworkModule.d.ts +1 -1
- package/lib/types/network/INetworkModule.d.ts.map +1 -1
- package/lib/types/network/NetworkResponse.d.ts +6 -0
- package/lib/types/network/NetworkResponse.d.ts.map +1 -0
- package/lib/types/network/ThrottlingUtils.d.ts +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +2 -0
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +8 -1
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +9 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +1 -6
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/package.json +2 -4
- package/src/authority/RegionDiscovery.ts +1 -1
- package/src/cache/CacheManager.ts +16 -130
- package/src/cache/interface/ICacheManager.ts +4 -4
- package/src/client/AuthorizationCodeClient.ts +37 -16
- package/src/client/BaseClient.ts +104 -22
- package/src/client/RefreshTokenClient.ts +14 -5
- package/src/config/ClientConfiguration.ts +2 -0
- package/src/constants/AADServerParamKeys.ts +2 -0
- package/src/error/NetworkError.ts +44 -0
- package/src/exports-common.ts +2 -5
- package/src/network/INetworkModule.ts +1 -1
- package/src/network/NetworkResponse.ts +10 -0
- package/src/network/ThrottlingUtils.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/request/BaseAuthRequest.ts +2 -0
- package/src/request/RequestParameterBuilder.ts +51 -1
- package/src/response/ResponseHandler.ts +2 -2
- package/src/telemetry/performance/PerformanceClient.ts +42 -12
- package/src/telemetry/performance/PerformanceEvent.ts +15 -0
- package/src/utils/Constants.ts +1 -6
- package/dist/network/NetworkManager.d.ts +0 -34
- package/dist/network/NetworkManager.d.ts.map +0 -1
- package/dist/network/NetworkManager.mjs +0 -44
- package/dist/network/NetworkManager.mjs.map +0 -1
- package/lib/index-node-aee3f7b6.js.map +0 -1
- package/lib/types/network/NetworkManager.d.ts +0 -34
- package/lib/types/network/NetworkManager.d.ts.map +0 -1
- package/src/network/NetworkManager.ts +0 -76
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common
|
|
1
|
+
/*! @azure/msal-common v15.0.0-alpha.0 2024-12-18 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -96,6 +96,7 @@ const OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];
|
|
|
96
96
|
*/
|
|
97
97
|
const HeaderNames = {
|
|
98
98
|
CONTENT_TYPE: "Content-Type",
|
|
99
|
+
CONTENT_LENGTH: "Content-Length",
|
|
99
100
|
RETRY_AFTER: "Retry-After",
|
|
100
101
|
CCS_HEADER: "X-AnchorMailbox",
|
|
101
102
|
WWWAuthenticate: "WWW-Authenticate",
|
|
@@ -107,12 +108,6 @@ const HeaderNames = {
|
|
|
107
108
|
* Persistent cache keys MSAL which stay while user is logged in.
|
|
108
109
|
*/
|
|
109
110
|
const PersistentCacheKeys = {
|
|
110
|
-
ID_TOKEN: "idtoken",
|
|
111
|
-
CLIENT_INFO: "client.info",
|
|
112
|
-
ADAL_ID_TOKEN: "adal.idtoken",
|
|
113
|
-
ERROR: "error",
|
|
114
|
-
ERROR_DESC: "error.description",
|
|
115
|
-
ACTIVE_ACCOUNT: "active-account",
|
|
116
111
|
ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
|
|
117
112
|
};
|
|
118
113
|
/**
|
|
@@ -1612,6 +1607,7 @@ const PerformanceEvents = {
|
|
|
1612
1607
|
/**
|
|
1613
1608
|
* Time spent sending/waiting for the response of a request to the token endpoint
|
|
1614
1609
|
*/
|
|
1610
|
+
NetworkClientSendPostRequestAsync: "networkClientSendPostRequestAsync",
|
|
1615
1611
|
RefreshTokenClientExecutePostToTokenEndpoint: "refreshTokenClientExecutePostToTokenEndpoint",
|
|
1616
1612
|
AuthorizationCodeClientExecutePostToTokenEndpoint: "authorizationCodeClientExecutePostToTokenEndpoint",
|
|
1617
1613
|
/**
|
|
@@ -1785,6 +1781,10 @@ const PerformanceEventAbbreviations = new Map([
|
|
|
1785
1781
|
PerformanceEvents.BaseClientCreateTokenRequestHeaders,
|
|
1786
1782
|
"BaseClientCreateTReqHead",
|
|
1787
1783
|
],
|
|
1784
|
+
[
|
|
1785
|
+
PerformanceEvents.NetworkClientSendPostRequestAsync,
|
|
1786
|
+
"NetClientSendPost",
|
|
1787
|
+
],
|
|
1788
1788
|
[
|
|
1789
1789
|
PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint,
|
|
1790
1790
|
"RTClientExecPost",
|
|
@@ -3519,11 +3519,15 @@ const LOGOUT_HINT = "logout_hint";
|
|
|
3519
3519
|
const SID = "sid";
|
|
3520
3520
|
const LOGIN_HINT = "login_hint";
|
|
3521
3521
|
const DOMAIN_HINT = "domain_hint";
|
|
3522
|
-
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3522
|
+
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
3523
|
+
const BROKER_CLIENT_ID = "brk_client_id";
|
|
3524
|
+
const BROKER_REDIRECT_URI = "brk_redirect_uri";
|
|
3523
3525
|
|
|
3524
3526
|
var AADServerParamKeys = /*#__PURE__*/Object.freeze({
|
|
3525
3527
|
__proto__: null,
|
|
3526
3528
|
ACCESS_TOKEN: ACCESS_TOKEN,
|
|
3529
|
+
BROKER_CLIENT_ID: BROKER_CLIENT_ID,
|
|
3530
|
+
BROKER_REDIRECT_URI: BROKER_REDIRECT_URI,
|
|
3527
3531
|
CCS_HEADER: CCS_HEADER,
|
|
3528
3532
|
CLAIMS: CLAIMS,
|
|
3529
3533
|
CLIENT_ASSERTION: CLIENT_ASSERTION,
|
|
@@ -3806,7 +3810,7 @@ class Logger {
|
|
|
3806
3810
|
|
|
3807
3811
|
/* eslint-disable header/header */
|
|
3808
3812
|
const name = "@azure/msal-common";
|
|
3809
|
-
const version = "
|
|
3813
|
+
const version = "15.0.0-alpha.0";
|
|
3810
3814
|
|
|
3811
3815
|
/*
|
|
3812
3816
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4591,10 +4595,10 @@ class CacheManager {
|
|
|
4591
4595
|
}
|
|
4592
4596
|
try {
|
|
4593
4597
|
if (!!cacheRecord.account) {
|
|
4594
|
-
this.setAccount(cacheRecord.account);
|
|
4598
|
+
await this.setAccount(cacheRecord.account);
|
|
4595
4599
|
}
|
|
4596
4600
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
4597
|
-
this.setIdTokenCredential(cacheRecord.idToken);
|
|
4601
|
+
await this.setIdTokenCredential(cacheRecord.idToken);
|
|
4598
4602
|
}
|
|
4599
4603
|
if (!!cacheRecord.accessToken &&
|
|
4600
4604
|
storeInCache?.accessToken !== false) {
|
|
@@ -4602,7 +4606,7 @@ class CacheManager {
|
|
|
4602
4606
|
}
|
|
4603
4607
|
if (!!cacheRecord.refreshToken &&
|
|
4604
4608
|
storeInCache?.refreshToken !== false) {
|
|
4605
|
-
this.setRefreshTokenCredential(cacheRecord.refreshToken);
|
|
4609
|
+
await this.setRefreshTokenCredential(cacheRecord.refreshToken);
|
|
4606
4610
|
}
|
|
4607
4611
|
if (!!cacheRecord.appMetadata) {
|
|
4608
4612
|
this.setAppMetadata(cacheRecord.appMetadata);
|
|
@@ -4659,7 +4663,7 @@ class CacheManager {
|
|
|
4659
4663
|
}
|
|
4660
4664
|
});
|
|
4661
4665
|
await Promise.all(removedAccessTokens);
|
|
4662
|
-
this.setAccessTokenCredential(credential);
|
|
4666
|
+
await this.setAccessTokenCredential(credential);
|
|
4663
4667
|
}
|
|
4664
4668
|
/**
|
|
4665
4669
|
* Retrieve account entities matching all provided tenant-agnostic filters; if no filter is set, get all account entities in the cache
|
|
@@ -4945,61 +4949,6 @@ class CacheManager {
|
|
|
4945
4949
|
});
|
|
4946
4950
|
await Promise.all(removedCredentials);
|
|
4947
4951
|
}
|
|
4948
|
-
/**
|
|
4949
|
-
* Migrates a single-tenant account and all it's associated alternate cross-tenant account objects in the
|
|
4950
|
-
* cache into a condensed multi-tenant account object with tenant profiles.
|
|
4951
|
-
* @param accountKey
|
|
4952
|
-
* @param accountEntity
|
|
4953
|
-
* @param logger
|
|
4954
|
-
* @returns
|
|
4955
|
-
*/
|
|
4956
|
-
updateOutdatedCachedAccount(accountKey, accountEntity, logger) {
|
|
4957
|
-
// Only update if account entity is defined and has no tenantProfiles object (is outdated)
|
|
4958
|
-
if (accountEntity && accountEntity.isSingleTenant()) {
|
|
4959
|
-
this.commonLogger?.verbose("updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity");
|
|
4960
|
-
// Get keys of all accounts belonging to user
|
|
4961
|
-
const matchingAccountKeys = this.getAccountKeys().filter((key) => {
|
|
4962
|
-
return key.startsWith(accountEntity.homeAccountId);
|
|
4963
|
-
});
|
|
4964
|
-
// Get all account entities belonging to user
|
|
4965
|
-
const accountsToMerge = [];
|
|
4966
|
-
matchingAccountKeys.forEach((key) => {
|
|
4967
|
-
const account = this.getCachedAccountEntity(key);
|
|
4968
|
-
if (account) {
|
|
4969
|
-
accountsToMerge.push(account);
|
|
4970
|
-
}
|
|
4971
|
-
});
|
|
4972
|
-
// Set base account to home account if available, any account if not
|
|
4973
|
-
const baseAccount = accountsToMerge.find((account) => {
|
|
4974
|
-
return tenantIdMatchesHomeTenant(account.realm, account.homeAccountId);
|
|
4975
|
-
}) || accountsToMerge[0];
|
|
4976
|
-
// Populate tenant profiles built from each account entity belonging to the user
|
|
4977
|
-
baseAccount.tenantProfiles = accountsToMerge.map((account) => {
|
|
4978
|
-
return {
|
|
4979
|
-
tenantId: account.realm,
|
|
4980
|
-
localAccountId: account.localAccountId,
|
|
4981
|
-
name: account.name,
|
|
4982
|
-
isHomeTenant: tenantIdMatchesHomeTenant(account.realm, account.homeAccountId),
|
|
4983
|
-
};
|
|
4984
|
-
});
|
|
4985
|
-
const updatedAccount = CacheManager.toObject(new AccountEntity(), {
|
|
4986
|
-
...baseAccount,
|
|
4987
|
-
});
|
|
4988
|
-
const newAccountKey = updatedAccount.generateAccountKey();
|
|
4989
|
-
// Clear cache of legacy account objects that have been collpsed into tenant profiles
|
|
4990
|
-
matchingAccountKeys.forEach((key) => {
|
|
4991
|
-
if (key !== newAccountKey) {
|
|
4992
|
-
this.removeOutdatedAccount(accountKey);
|
|
4993
|
-
}
|
|
4994
|
-
});
|
|
4995
|
-
// Cache updated account object
|
|
4996
|
-
this.setAccount(updatedAccount);
|
|
4997
|
-
logger?.verbose("Updated an outdated account entity in the cache");
|
|
4998
|
-
return updatedAccount;
|
|
4999
|
-
}
|
|
5000
|
-
// No update is necessary
|
|
5001
|
-
return accountEntity;
|
|
5002
|
-
}
|
|
5003
4952
|
/**
|
|
5004
4953
|
* returns a boolean if the given credential is removed
|
|
5005
4954
|
* @param credential
|
|
@@ -5595,28 +5544,25 @@ class CacheManager {
|
|
|
5595
5544
|
}
|
|
5596
5545
|
/** @internal */
|
|
5597
5546
|
class DefaultStorageClass extends CacheManager {
|
|
5598
|
-
setAccount() {
|
|
5547
|
+
async setAccount() {
|
|
5599
5548
|
throw createClientAuthError(methodNotImplemented);
|
|
5600
5549
|
}
|
|
5601
5550
|
getAccount() {
|
|
5602
5551
|
throw createClientAuthError(methodNotImplemented);
|
|
5603
5552
|
}
|
|
5604
|
-
|
|
5605
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5606
|
-
}
|
|
5607
|
-
setIdTokenCredential() {
|
|
5553
|
+
async setIdTokenCredential() {
|
|
5608
5554
|
throw createClientAuthError(methodNotImplemented);
|
|
5609
5555
|
}
|
|
5610
5556
|
getIdTokenCredential() {
|
|
5611
5557
|
throw createClientAuthError(methodNotImplemented);
|
|
5612
5558
|
}
|
|
5613
|
-
setAccessTokenCredential() {
|
|
5559
|
+
async setAccessTokenCredential() {
|
|
5614
5560
|
throw createClientAuthError(methodNotImplemented);
|
|
5615
5561
|
}
|
|
5616
5562
|
getAccessTokenCredential() {
|
|
5617
5563
|
throw createClientAuthError(methodNotImplemented);
|
|
5618
5564
|
}
|
|
5619
|
-
setRefreshTokenCredential() {
|
|
5565
|
+
async setRefreshTokenCredential() {
|
|
5620
5566
|
throw createClientAuthError(methodNotImplemented);
|
|
5621
5567
|
}
|
|
5622
5568
|
getRefreshTokenCredential() {
|
|
@@ -5661,15 +5607,6 @@ class DefaultStorageClass extends CacheManager {
|
|
|
5661
5607
|
getTokenKeys() {
|
|
5662
5608
|
throw createClientAuthError(methodNotImplemented);
|
|
5663
5609
|
}
|
|
5664
|
-
async clear() {
|
|
5665
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5666
|
-
}
|
|
5667
|
-
updateCredentialCacheKey() {
|
|
5668
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5669
|
-
}
|
|
5670
|
-
removeOutdatedAccount() {
|
|
5671
|
-
throw createClientAuthError(methodNotImplemented);
|
|
5672
|
-
}
|
|
5673
5610
|
}
|
|
5674
5611
|
|
|
5675
5612
|
/*
|
|
@@ -5769,154 +5706,6 @@ function isOidcProtocolMode(config) {
|
|
|
5769
5706
|
return (config.authOptions.authority.options.protocolMode === ProtocolMode.OIDC);
|
|
5770
5707
|
}
|
|
5771
5708
|
|
|
5772
|
-
/*
|
|
5773
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5774
|
-
* Licensed under the MIT License.
|
|
5775
|
-
*/
|
|
5776
|
-
/**
|
|
5777
|
-
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
5778
|
-
*/
|
|
5779
|
-
class ServerError extends AuthError {
|
|
5780
|
-
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
5781
|
-
super(errorCode, errorMessage, subError);
|
|
5782
|
-
this.name = "ServerError";
|
|
5783
|
-
this.errorNo = errorNo;
|
|
5784
|
-
this.status = status;
|
|
5785
|
-
Object.setPrototypeOf(this, ServerError.prototype);
|
|
5786
|
-
}
|
|
5787
|
-
}
|
|
5788
|
-
|
|
5789
|
-
/*
|
|
5790
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5791
|
-
* Licensed under the MIT License.
|
|
5792
|
-
*/
|
|
5793
|
-
/** @internal */
|
|
5794
|
-
class ThrottlingUtils {
|
|
5795
|
-
/**
|
|
5796
|
-
* Prepares a RequestThumbprint to be stored as a key.
|
|
5797
|
-
* @param thumbprint
|
|
5798
|
-
*/
|
|
5799
|
-
static generateThrottlingStorageKey(thumbprint) {
|
|
5800
|
-
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
5801
|
-
}
|
|
5802
|
-
/**
|
|
5803
|
-
* Performs necessary throttling checks before a network request.
|
|
5804
|
-
* @param cacheManager
|
|
5805
|
-
* @param thumbprint
|
|
5806
|
-
*/
|
|
5807
|
-
static preProcess(cacheManager, thumbprint) {
|
|
5808
|
-
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
5809
|
-
const value = cacheManager.getThrottlingCache(key);
|
|
5810
|
-
if (value) {
|
|
5811
|
-
if (value.throttleTime < Date.now()) {
|
|
5812
|
-
cacheManager.removeItem(key);
|
|
5813
|
-
return;
|
|
5814
|
-
}
|
|
5815
|
-
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
5816
|
-
}
|
|
5817
|
-
}
|
|
5818
|
-
/**
|
|
5819
|
-
* Performs necessary throttling checks after a network request.
|
|
5820
|
-
* @param cacheManager
|
|
5821
|
-
* @param thumbprint
|
|
5822
|
-
* @param response
|
|
5823
|
-
*/
|
|
5824
|
-
static postProcess(cacheManager, thumbprint, response) {
|
|
5825
|
-
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
5826
|
-
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
5827
|
-
const thumbprintValue = {
|
|
5828
|
-
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
5829
|
-
error: response.body.error,
|
|
5830
|
-
errorCodes: response.body.error_codes,
|
|
5831
|
-
errorMessage: response.body.error_description,
|
|
5832
|
-
subError: response.body.suberror,
|
|
5833
|
-
};
|
|
5834
|
-
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
5835
|
-
}
|
|
5836
|
-
}
|
|
5837
|
-
/**
|
|
5838
|
-
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
5839
|
-
* @param response
|
|
5840
|
-
*/
|
|
5841
|
-
static checkResponseStatus(response) {
|
|
5842
|
-
return (response.status === 429 ||
|
|
5843
|
-
(response.status >= 500 && response.status < 600));
|
|
5844
|
-
}
|
|
5845
|
-
/**
|
|
5846
|
-
* Checks a NetworkResponse object's RetryAfter header
|
|
5847
|
-
* @param response
|
|
5848
|
-
*/
|
|
5849
|
-
static checkResponseForRetryAfter(response) {
|
|
5850
|
-
if (response.headers) {
|
|
5851
|
-
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
5852
|
-
(response.status < 200 || response.status >= 300));
|
|
5853
|
-
}
|
|
5854
|
-
return false;
|
|
5855
|
-
}
|
|
5856
|
-
/**
|
|
5857
|
-
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
5858
|
-
* @param throttleTime
|
|
5859
|
-
*/
|
|
5860
|
-
static calculateThrottleTime(throttleTime) {
|
|
5861
|
-
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
5862
|
-
const currentSeconds = Date.now() / 1000;
|
|
5863
|
-
return Math.floor(Math.min(currentSeconds +
|
|
5864
|
-
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
5865
|
-
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
5866
|
-
}
|
|
5867
|
-
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
5868
|
-
const thumbprint = {
|
|
5869
|
-
clientId: clientId,
|
|
5870
|
-
authority: request.authority,
|
|
5871
|
-
scopes: request.scopes,
|
|
5872
|
-
homeAccountIdentifier: homeAccountIdentifier,
|
|
5873
|
-
claims: request.claims,
|
|
5874
|
-
authenticationScheme: request.authenticationScheme,
|
|
5875
|
-
resourceRequestMethod: request.resourceRequestMethod,
|
|
5876
|
-
resourceRequestUri: request.resourceRequestUri,
|
|
5877
|
-
shrClaims: request.shrClaims,
|
|
5878
|
-
sshKid: request.sshKid,
|
|
5879
|
-
};
|
|
5880
|
-
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
5881
|
-
cacheManager.removeItem(key);
|
|
5882
|
-
}
|
|
5883
|
-
}
|
|
5884
|
-
|
|
5885
|
-
/*
|
|
5886
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5887
|
-
* Licensed under the MIT License.
|
|
5888
|
-
*/
|
|
5889
|
-
/** @internal */
|
|
5890
|
-
class NetworkManager {
|
|
5891
|
-
constructor(networkClient, cacheManager) {
|
|
5892
|
-
this.networkClient = networkClient;
|
|
5893
|
-
this.cacheManager = cacheManager;
|
|
5894
|
-
}
|
|
5895
|
-
/**
|
|
5896
|
-
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
5897
|
-
* @param thumbprint
|
|
5898
|
-
* @param tokenEndpoint
|
|
5899
|
-
* @param options
|
|
5900
|
-
*/
|
|
5901
|
-
async sendPostRequest(thumbprint, tokenEndpoint, options) {
|
|
5902
|
-
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
5903
|
-
let response;
|
|
5904
|
-
try {
|
|
5905
|
-
response = await this.networkClient.sendPostRequestAsync(tokenEndpoint, options);
|
|
5906
|
-
}
|
|
5907
|
-
catch (e) {
|
|
5908
|
-
if (e instanceof AuthError) {
|
|
5909
|
-
throw e;
|
|
5910
|
-
}
|
|
5911
|
-
else {
|
|
5912
|
-
throw createClientAuthError(networkError);
|
|
5913
|
-
}
|
|
5914
|
-
}
|
|
5915
|
-
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
5916
|
-
return response;
|
|
5917
|
-
}
|
|
5918
|
-
}
|
|
5919
|
-
|
|
5920
5709
|
/*
|
|
5921
5710
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5922
5711
|
* Licensed under the MIT License.
|
|
@@ -5995,10 +5784,24 @@ class RequestValidator {
|
|
|
5995
5784
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5996
5785
|
* Licensed under the MIT License.
|
|
5997
5786
|
*/
|
|
5787
|
+
function instrumentBrokerParams(parameters, correlationId, performanceClient) {
|
|
5788
|
+
if (!correlationId) {
|
|
5789
|
+
return;
|
|
5790
|
+
}
|
|
5791
|
+
const clientId = parameters.get(CLIENT_ID);
|
|
5792
|
+
if (clientId && parameters.has(BROKER_CLIENT_ID)) {
|
|
5793
|
+
performanceClient?.addFields({
|
|
5794
|
+
embeddedClientId: clientId,
|
|
5795
|
+
embeddedRedirectUri: parameters.get(REDIRECT_URI),
|
|
5796
|
+
}, correlationId);
|
|
5797
|
+
}
|
|
5798
|
+
}
|
|
5998
5799
|
/** @internal */
|
|
5999
5800
|
class RequestParameterBuilder {
|
|
6000
|
-
constructor() {
|
|
5801
|
+
constructor(correlationId, performanceClient) {
|
|
6001
5802
|
this.parameters = new Map();
|
|
5803
|
+
this.performanceClient = performanceClient;
|
|
5804
|
+
this.correlationId = correlationId;
|
|
6002
5805
|
}
|
|
6003
5806
|
/**
|
|
6004
5807
|
* add response_type = code
|
|
@@ -6362,6 +6165,14 @@ class RequestParameterBuilder {
|
|
|
6362
6165
|
addLogoutHint(logoutHint) {
|
|
6363
6166
|
this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
|
|
6364
6167
|
}
|
|
6168
|
+
addBrokerParameters(params) {
|
|
6169
|
+
const brokerParams = {};
|
|
6170
|
+
brokerParams[BROKER_CLIENT_ID] =
|
|
6171
|
+
params.brokerClientId;
|
|
6172
|
+
brokerParams[BROKER_REDIRECT_URI] =
|
|
6173
|
+
params.brokerRedirectUri;
|
|
6174
|
+
this.addExtraQueryParameters(brokerParams);
|
|
6175
|
+
}
|
|
6365
6176
|
/**
|
|
6366
6177
|
* Utility to create a URL from the params map
|
|
6367
6178
|
*/
|
|
@@ -6370,10 +6181,152 @@ class RequestParameterBuilder {
|
|
|
6370
6181
|
this.parameters.forEach((value, key) => {
|
|
6371
6182
|
queryParameterArray.push(`${key}=${value}`);
|
|
6372
6183
|
});
|
|
6184
|
+
instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
|
|
6373
6185
|
return queryParameterArray.join("&");
|
|
6374
6186
|
}
|
|
6375
6187
|
}
|
|
6376
6188
|
|
|
6189
|
+
/*
|
|
6190
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6191
|
+
* Licensed under the MIT License.
|
|
6192
|
+
*/
|
|
6193
|
+
/**
|
|
6194
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
6195
|
+
*/
|
|
6196
|
+
class ServerError extends AuthError {
|
|
6197
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
6198
|
+
super(errorCode, errorMessage, subError);
|
|
6199
|
+
this.name = "ServerError";
|
|
6200
|
+
this.errorNo = errorNo;
|
|
6201
|
+
this.status = status;
|
|
6202
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
6203
|
+
}
|
|
6204
|
+
}
|
|
6205
|
+
|
|
6206
|
+
/*
|
|
6207
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6208
|
+
* Licensed under the MIT License.
|
|
6209
|
+
*/
|
|
6210
|
+
/** @internal */
|
|
6211
|
+
class ThrottlingUtils {
|
|
6212
|
+
/**
|
|
6213
|
+
* Prepares a RequestThumbprint to be stored as a key.
|
|
6214
|
+
* @param thumbprint
|
|
6215
|
+
*/
|
|
6216
|
+
static generateThrottlingStorageKey(thumbprint) {
|
|
6217
|
+
return `${ThrottlingConstants.THROTTLING_PREFIX}.${JSON.stringify(thumbprint)}`;
|
|
6218
|
+
}
|
|
6219
|
+
/**
|
|
6220
|
+
* Performs necessary throttling checks before a network request.
|
|
6221
|
+
* @param cacheManager
|
|
6222
|
+
* @param thumbprint
|
|
6223
|
+
*/
|
|
6224
|
+
static preProcess(cacheManager, thumbprint) {
|
|
6225
|
+
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
6226
|
+
const value = cacheManager.getThrottlingCache(key);
|
|
6227
|
+
if (value) {
|
|
6228
|
+
if (value.throttleTime < Date.now()) {
|
|
6229
|
+
cacheManager.removeItem(key);
|
|
6230
|
+
return;
|
|
6231
|
+
}
|
|
6232
|
+
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
6233
|
+
}
|
|
6234
|
+
}
|
|
6235
|
+
/**
|
|
6236
|
+
* Performs necessary throttling checks after a network request.
|
|
6237
|
+
* @param cacheManager
|
|
6238
|
+
* @param thumbprint
|
|
6239
|
+
* @param response
|
|
6240
|
+
*/
|
|
6241
|
+
static postProcess(cacheManager, thumbprint, response) {
|
|
6242
|
+
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
6243
|
+
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
6244
|
+
const thumbprintValue = {
|
|
6245
|
+
throttleTime: ThrottlingUtils.calculateThrottleTime(parseInt(response.headers[HeaderNames.RETRY_AFTER])),
|
|
6246
|
+
error: response.body.error,
|
|
6247
|
+
errorCodes: response.body.error_codes,
|
|
6248
|
+
errorMessage: response.body.error_description,
|
|
6249
|
+
subError: response.body.suberror,
|
|
6250
|
+
};
|
|
6251
|
+
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
6252
|
+
}
|
|
6253
|
+
}
|
|
6254
|
+
/**
|
|
6255
|
+
* Checks a NetworkResponse object's status codes against 429 or 5xx
|
|
6256
|
+
* @param response
|
|
6257
|
+
*/
|
|
6258
|
+
static checkResponseStatus(response) {
|
|
6259
|
+
return (response.status === 429 ||
|
|
6260
|
+
(response.status >= 500 && response.status < 600));
|
|
6261
|
+
}
|
|
6262
|
+
/**
|
|
6263
|
+
* Checks a NetworkResponse object's RetryAfter header
|
|
6264
|
+
* @param response
|
|
6265
|
+
*/
|
|
6266
|
+
static checkResponseForRetryAfter(response) {
|
|
6267
|
+
if (response.headers) {
|
|
6268
|
+
return (response.headers.hasOwnProperty(HeaderNames.RETRY_AFTER) &&
|
|
6269
|
+
(response.status < 200 || response.status >= 300));
|
|
6270
|
+
}
|
|
6271
|
+
return false;
|
|
6272
|
+
}
|
|
6273
|
+
/**
|
|
6274
|
+
* Calculates the Unix-time value for a throttle to expire given throttleTime in seconds.
|
|
6275
|
+
* @param throttleTime
|
|
6276
|
+
*/
|
|
6277
|
+
static calculateThrottleTime(throttleTime) {
|
|
6278
|
+
const time = throttleTime <= 0 ? 0 : throttleTime;
|
|
6279
|
+
const currentSeconds = Date.now() / 1000;
|
|
6280
|
+
return Math.floor(Math.min(currentSeconds +
|
|
6281
|
+
(time || ThrottlingConstants.DEFAULT_THROTTLE_TIME_SECONDS), currentSeconds +
|
|
6282
|
+
ThrottlingConstants.DEFAULT_MAX_THROTTLE_TIME_SECONDS) * 1000);
|
|
6283
|
+
}
|
|
6284
|
+
static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
|
|
6285
|
+
const thumbprint = {
|
|
6286
|
+
clientId: clientId,
|
|
6287
|
+
authority: request.authority,
|
|
6288
|
+
scopes: request.scopes,
|
|
6289
|
+
homeAccountIdentifier: homeAccountIdentifier,
|
|
6290
|
+
claims: request.claims,
|
|
6291
|
+
authenticationScheme: request.authenticationScheme,
|
|
6292
|
+
resourceRequestMethod: request.resourceRequestMethod,
|
|
6293
|
+
resourceRequestUri: request.resourceRequestUri,
|
|
6294
|
+
shrClaims: request.shrClaims,
|
|
6295
|
+
sshKid: request.sshKid,
|
|
6296
|
+
};
|
|
6297
|
+
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
6298
|
+
cacheManager.removeItem(key);
|
|
6299
|
+
}
|
|
6300
|
+
}
|
|
6301
|
+
|
|
6302
|
+
/*
|
|
6303
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6304
|
+
* Licensed under the MIT License.
|
|
6305
|
+
*/
|
|
6306
|
+
/**
|
|
6307
|
+
* Represents network related errors
|
|
6308
|
+
*/
|
|
6309
|
+
class NetworkError extends AuthError {
|
|
6310
|
+
constructor(error, httpStatus, responseHeaders) {
|
|
6311
|
+
super(error.errorCode, error.errorMessage, error.subError);
|
|
6312
|
+
Object.setPrototypeOf(this, NetworkError.prototype);
|
|
6313
|
+
this.name = "NetworkError";
|
|
6314
|
+
this.error = error;
|
|
6315
|
+
this.httpStatus = httpStatus;
|
|
6316
|
+
this.responseHeaders = responseHeaders;
|
|
6317
|
+
}
|
|
6318
|
+
}
|
|
6319
|
+
/**
|
|
6320
|
+
* Creates NetworkError object for a failed network request
|
|
6321
|
+
* @param error - Error to be thrown back to the caller
|
|
6322
|
+
* @param httpStatus - Status code of the network request
|
|
6323
|
+
* @param responseHeaders - Response headers of the network request, when available
|
|
6324
|
+
* @returns NetworkError object
|
|
6325
|
+
*/
|
|
6326
|
+
function createNetworkError(error, httpStatus, responseHeaders) {
|
|
6327
|
+
return new NetworkError(error, httpStatus, responseHeaders);
|
|
6328
|
+
}
|
|
6329
|
+
|
|
6377
6330
|
/*
|
|
6378
6331
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
6379
6332
|
* Licensed under the MIT License.
|
|
@@ -6394,8 +6347,6 @@ class BaseClient {
|
|
|
6394
6347
|
this.cacheManager = this.config.storageInterface;
|
|
6395
6348
|
// Set the network interface
|
|
6396
6349
|
this.networkClient = this.config.networkInterface;
|
|
6397
|
-
// Set the NetworkManager
|
|
6398
|
-
this.networkManager = new NetworkManager(this.networkClient, this.cacheManager);
|
|
6399
6350
|
// Set TelemetryManager
|
|
6400
6351
|
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
6401
6352
|
// set Authority
|
|
@@ -6439,11 +6390,7 @@ class BaseClient {
|
|
|
6439
6390
|
if (queuedEvent) {
|
|
6440
6391
|
this.performanceClient?.addQueueMeasurement(queuedEvent, correlationId);
|
|
6441
6392
|
}
|
|
6442
|
-
const response = await this.
|
|
6443
|
-
this.performanceClient?.addFields({
|
|
6444
|
-
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6445
|
-
httpVerToken: response.headers?.[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6446
|
-
}, correlationId);
|
|
6393
|
+
const response = await this.sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId);
|
|
6447
6394
|
if (this.config.serverTelemetryManager &&
|
|
6448
6395
|
response.status < 500 &&
|
|
6449
6396
|
response.status !== 429) {
|
|
@@ -6452,6 +6399,52 @@ class BaseClient {
|
|
|
6452
6399
|
}
|
|
6453
6400
|
return response;
|
|
6454
6401
|
}
|
|
6402
|
+
/**
|
|
6403
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
6404
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
6405
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
6406
|
+
* @param options - Body and Headers to include on the POST request
|
|
6407
|
+
* @param correlationId - CorrelationId for telemetry
|
|
6408
|
+
*/
|
|
6409
|
+
async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
|
|
6410
|
+
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
6411
|
+
let response;
|
|
6412
|
+
try {
|
|
6413
|
+
response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
|
|
6414
|
+
const responseHeaders = response.headers || {};
|
|
6415
|
+
this.performanceClient?.addFields({
|
|
6416
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
6417
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6418
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
6419
|
+
}, correlationId);
|
|
6420
|
+
}
|
|
6421
|
+
catch (e) {
|
|
6422
|
+
if (e instanceof NetworkError) {
|
|
6423
|
+
const responseHeaders = e.responseHeaders;
|
|
6424
|
+
if (responseHeaders) {
|
|
6425
|
+
this.performanceClient?.addFields({
|
|
6426
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
6427
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] ||
|
|
6428
|
+
"",
|
|
6429
|
+
contentTypeHeader: responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
6430
|
+
undefined,
|
|
6431
|
+
contentLengthHeader: responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
6432
|
+
undefined,
|
|
6433
|
+
httpStatus: e.httpStatus,
|
|
6434
|
+
}, correlationId);
|
|
6435
|
+
}
|
|
6436
|
+
throw e.error;
|
|
6437
|
+
}
|
|
6438
|
+
if (e instanceof AuthError) {
|
|
6439
|
+
throw e;
|
|
6440
|
+
}
|
|
6441
|
+
else {
|
|
6442
|
+
throw createClientAuthError(networkError);
|
|
6443
|
+
}
|
|
6444
|
+
}
|
|
6445
|
+
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
6446
|
+
return response;
|
|
6447
|
+
}
|
|
6455
6448
|
/**
|
|
6456
6449
|
* Updates the authority object of the client. Endpoint discovery must be completed.
|
|
6457
6450
|
* @param updatedAuthority
|
|
@@ -6467,10 +6460,17 @@ class BaseClient {
|
|
|
6467
6460
|
* @param request
|
|
6468
6461
|
*/
|
|
6469
6462
|
createTokenQueryParameters(request) {
|
|
6470
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
6463
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
6464
|
+
if (request.embeddedClientId) {
|
|
6465
|
+
parameterBuilder.addBrokerParameters({
|
|
6466
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
6467
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
6468
|
+
});
|
|
6469
|
+
}
|
|
6471
6470
|
if (request.tokenQueryParameters) {
|
|
6472
6471
|
parameterBuilder.addExtraQueryParameters(request.tokenQueryParameters);
|
|
6473
6472
|
}
|
|
6473
|
+
parameterBuilder.addCorrelationId(request.correlationId);
|
|
6474
6474
|
return parameterBuilder.createQueryString();
|
|
6475
6475
|
}
|
|
6476
6476
|
}
|
|
@@ -6922,7 +6922,7 @@ class ResponseHandler {
|
|
|
6922
6922
|
!forceCacheRefreshTokenResponse &&
|
|
6923
6923
|
cacheRecord.account) {
|
|
6924
6924
|
const key = cacheRecord.account.generateAccountKey();
|
|
6925
|
-
const account = this.cacheStorage.getAccount(key
|
|
6925
|
+
const account = this.cacheStorage.getAccount(key);
|
|
6926
6926
|
if (!account) {
|
|
6927
6927
|
this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache");
|
|
6928
6928
|
return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
|
|
@@ -7114,7 +7114,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7114
7114
|
});
|
|
7115
7115
|
let cachedAccount = null;
|
|
7116
7116
|
if (baseAccountKey) {
|
|
7117
|
-
cachedAccount = cacheStorage.getAccount(baseAccountKey
|
|
7117
|
+
cachedAccount = cacheStorage.getAccount(baseAccountKey);
|
|
7118
7118
|
}
|
|
7119
7119
|
const baseAccount = cachedAccount ||
|
|
7120
7120
|
AccountEntity.createAccount({
|
|
@@ -7285,8 +7285,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7285
7285
|
*/
|
|
7286
7286
|
async createTokenRequestBody(request) {
|
|
7287
7287
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateTokenRequestBody, request.correlationId);
|
|
7288
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7289
|
-
parameterBuilder.addClientId(request.
|
|
7288
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7289
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7290
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7290
7291
|
this.config.authOptions.clientId);
|
|
7291
7292
|
/*
|
|
7292
7293
|
* For hybrid spa flow, there will be a code but no verifier
|
|
@@ -7346,9 +7347,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7346
7347
|
throw createClientConfigurationError(missingSshJwk);
|
|
7347
7348
|
}
|
|
7348
7349
|
}
|
|
7349
|
-
const correlationId = request.correlationId ||
|
|
7350
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7351
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7352
7350
|
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7353
7351
|
(this.config.authOptions.clientCapabilities &&
|
|
7354
7352
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
@@ -7388,6 +7386,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7388
7386
|
break;
|
|
7389
7387
|
}
|
|
7390
7388
|
}
|
|
7389
|
+
if (request.embeddedClientId) {
|
|
7390
|
+
parameterBuilder.addBrokerParameters({
|
|
7391
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7392
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7393
|
+
});
|
|
7394
|
+
}
|
|
7391
7395
|
if (request.tokenBodyParameters) {
|
|
7392
7396
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7393
7397
|
}
|
|
@@ -7406,9 +7410,13 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7406
7410
|
* @param request
|
|
7407
7411
|
*/
|
|
7408
7412
|
async createAuthCodeUrlQueryString(request) {
|
|
7409
|
-
|
|
7410
|
-
const
|
|
7411
|
-
|
|
7413
|
+
// generate the correlationId if not set by the user and add
|
|
7414
|
+
const correlationId = request.correlationId ||
|
|
7415
|
+
this.config.cryptoInterface.createNewGuid();
|
|
7416
|
+
this.performanceClient?.addQueueMeasurement(PerformanceEvents.AuthClientCreateQueryString, correlationId);
|
|
7417
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7418
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7419
|
+
request.extraQueryParameters?.[CLIENT_ID] ||
|
|
7412
7420
|
this.config.authOptions.clientId);
|
|
7413
7421
|
const requestScopes = [
|
|
7414
7422
|
...(request.scopes || []),
|
|
@@ -7417,9 +7425,6 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7417
7425
|
parameterBuilder.addScopes(requestScopes, true, this.oidcDefaultScopes);
|
|
7418
7426
|
// validate the redirectUri (to be a non null value)
|
|
7419
7427
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
7420
|
-
// generate the correlationId if not set by the user and add
|
|
7421
|
-
const correlationId = request.correlationId ||
|
|
7422
|
-
this.config.cryptoInterface.createNewGuid();
|
|
7423
7428
|
parameterBuilder.addCorrelationId(correlationId);
|
|
7424
7429
|
// add response_mode. If not passed in it defaults to query.
|
|
7425
7430
|
parameterBuilder.addResponseMode(request.responseMode);
|
|
@@ -7521,6 +7526,12 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7521
7526
|
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7522
7527
|
parameterBuilder.addClaims(request.claims, this.config.authOptions.clientCapabilities);
|
|
7523
7528
|
}
|
|
7529
|
+
if (request.embeddedClientId) {
|
|
7530
|
+
parameterBuilder.addBrokerParameters({
|
|
7531
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7532
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7533
|
+
});
|
|
7534
|
+
}
|
|
7524
7535
|
this.addExtraQueryParams(request, parameterBuilder);
|
|
7525
7536
|
if (request.nativeBroker) {
|
|
7526
7537
|
// signal ests that this is a WAM call
|
|
@@ -7547,7 +7558,7 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7547
7558
|
* @param request
|
|
7548
7559
|
*/
|
|
7549
7560
|
createLogoutUrlQueryString(request) {
|
|
7550
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7561
|
+
const parameterBuilder = new RequestParameterBuilder(request.correlationId, this.performanceClient);
|
|
7551
7562
|
if (request.postLogoutRedirectUri) {
|
|
7552
7563
|
parameterBuilder.addPostLogoutRedirectUri(request.postLogoutRedirectUri);
|
|
7553
7564
|
}
|
|
@@ -7726,8 +7737,9 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7726
7737
|
async createTokenRequestBody(request) {
|
|
7727
7738
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientCreateTokenRequestBody, request.correlationId);
|
|
7728
7739
|
const correlationId = request.correlationId;
|
|
7729
|
-
const parameterBuilder = new RequestParameterBuilder();
|
|
7730
|
-
parameterBuilder.addClientId(request.
|
|
7740
|
+
const parameterBuilder = new RequestParameterBuilder(correlationId, this.performanceClient);
|
|
7741
|
+
parameterBuilder.addClientId(request.embeddedClientId ||
|
|
7742
|
+
request.tokenBodyParameters?.[CLIENT_ID] ||
|
|
7731
7743
|
this.config.authOptions.clientId);
|
|
7732
7744
|
if (request.redirectUri) {
|
|
7733
7745
|
parameterBuilder.addRedirectUri(request.redirectUri);
|
|
@@ -7741,7 +7753,6 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7741
7753
|
if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
|
|
7742
7754
|
parameterBuilder.addServerTelemetry(this.serverTelemetryManager);
|
|
7743
7755
|
}
|
|
7744
|
-
parameterBuilder.addCorrelationId(correlationId);
|
|
7745
7756
|
parameterBuilder.addRefreshToken(request.refreshToken);
|
|
7746
7757
|
if (this.config.clientCredentials.clientSecret) {
|
|
7747
7758
|
parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
|
|
@@ -7795,6 +7806,12 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7795
7806
|
break;
|
|
7796
7807
|
}
|
|
7797
7808
|
}
|
|
7809
|
+
if (request.embeddedClientId) {
|
|
7810
|
+
parameterBuilder.addBrokerParameters({
|
|
7811
|
+
brokerClientId: this.config.authOptions.clientId,
|
|
7812
|
+
brokerRedirectUri: this.config.authOptions.redirectUri,
|
|
7813
|
+
});
|
|
7814
|
+
}
|
|
7798
7815
|
if (request.tokenBodyParameters) {
|
|
7799
7816
|
parameterBuilder.addExtraQueryParameters(request.tokenBodyParameters);
|
|
7800
7817
|
}
|
|
@@ -8314,7 +8331,7 @@ exports.InteractionRequiredAuthErrorCodes = InteractionRequiredAuthErrorCodes;
|
|
|
8314
8331
|
exports.InteractionRequiredAuthErrorMessage = InteractionRequiredAuthErrorMessage;
|
|
8315
8332
|
exports.JsonWebTokenTypes = JsonWebTokenTypes;
|
|
8316
8333
|
exports.Logger = Logger;
|
|
8317
|
-
exports.
|
|
8334
|
+
exports.NetworkError = NetworkError;
|
|
8318
8335
|
exports.OIDC_DEFAULT_SCOPES = OIDC_DEFAULT_SCOPES;
|
|
8319
8336
|
exports.ONE_DAY_IN_MS = ONE_DAY_IN_MS;
|
|
8320
8337
|
exports.PasswordGrantConstants = PasswordGrantConstants;
|
|
@@ -8353,6 +8370,7 @@ exports.createAuthError = createAuthError;
|
|
|
8353
8370
|
exports.createClientAuthError = createClientAuthError;
|
|
8354
8371
|
exports.createClientConfigurationError = createClientConfigurationError;
|
|
8355
8372
|
exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
|
|
8373
|
+
exports.createNetworkError = createNetworkError;
|
|
8356
8374
|
exports.formatAuthorityUri = formatAuthorityUri;
|
|
8357
8375
|
exports.getClientAssertion = getClientAssertion;
|
|
8358
8376
|
exports.getTenantIdFromIdTokenClaims = getTenantIdFromIdTokenClaims;
|
|
@@ -8361,4 +8379,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
8361
8379
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
8362
8380
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
8363
8381
|
exports.version = version;
|
|
8364
|
-
//# sourceMappingURL=index-node-
|
|
8382
|
+
//# sourceMappingURL=index-node-DDJMpU-A.js.map
|