@azure/msal-common 14.16.0 → 14.16.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (156) hide show
  1. package/dist/account/AccountInfo.d.ts +1 -0
  2. package/dist/account/AccountInfo.d.ts.map +1 -1
  3. package/dist/account/AccountInfo.mjs +1 -1
  4. package/dist/account/AccountInfo.mjs.map +1 -1
  5. package/dist/account/AuthToken.mjs +1 -1
  6. package/dist/account/CcsCredential.mjs +1 -1
  7. package/dist/account/ClientInfo.mjs +1 -1
  8. package/dist/account/TokenClaims.mjs +1 -1
  9. package/dist/authority/Authority.mjs +1 -1
  10. package/dist/authority/AuthorityFactory.mjs +1 -1
  11. package/dist/authority/AuthorityMetadata.mjs +1 -1
  12. package/dist/authority/AuthorityOptions.mjs +1 -1
  13. package/dist/authority/AuthorityType.mjs +1 -1
  14. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  15. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  16. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  17. package/dist/authority/ProtocolMode.mjs +1 -1
  18. package/dist/authority/RegionDiscovery.mjs +1 -1
  19. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
  20. package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
  21. package/dist/cache/CacheManager.d.ts +34 -34
  22. package/dist/cache/CacheManager.d.ts.map +1 -1
  23. package/dist/cache/CacheManager.mjs +84 -99
  24. package/dist/cache/CacheManager.mjs.map +1 -1
  25. package/dist/cache/entities/AccountEntity.d.ts +1 -0
  26. package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
  27. package/dist/cache/entities/AccountEntity.mjs +1 -1
  28. package/dist/cache/entities/AccountEntity.mjs.map +1 -1
  29. package/dist/cache/entities/CredentialEntity.d.ts +2 -0
  30. package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
  31. package/dist/cache/interface/ICacheManager.d.ts +21 -21
  32. package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
  33. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  34. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  35. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  36. package/dist/client/BaseClient.d.ts.map +1 -1
  37. package/dist/client/BaseClient.mjs +3 -3
  38. package/dist/client/BaseClient.mjs.map +1 -1
  39. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  40. package/dist/client/RefreshTokenClient.mjs +3 -3
  41. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  42. package/dist/client/SilentFlowClient.d.ts.map +1 -1
  43. package/dist/client/SilentFlowClient.mjs +4 -4
  44. package/dist/client/SilentFlowClient.mjs.map +1 -1
  45. package/dist/config/ClientConfiguration.mjs +1 -1
  46. package/dist/constants/AADServerParamKeys.mjs +1 -1
  47. package/dist/crypto/ICrypto.mjs +1 -1
  48. package/dist/crypto/JoseHeader.mjs +1 -1
  49. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  50. package/dist/error/AuthError.mjs +1 -1
  51. package/dist/error/AuthErrorCodes.mjs +1 -1
  52. package/dist/error/CacheError.d.ts +6 -0
  53. package/dist/error/CacheError.d.ts.map +1 -1
  54. package/dist/error/CacheError.mjs +24 -6
  55. package/dist/error/CacheError.mjs.map +1 -1
  56. package/dist/error/CacheErrorCodes.d.ts +2 -2
  57. package/dist/error/CacheErrorCodes.d.ts.map +1 -1
  58. package/dist/error/CacheErrorCodes.mjs +4 -4
  59. package/dist/error/CacheErrorCodes.mjs.map +1 -1
  60. package/dist/error/ClientAuthError.mjs +1 -1
  61. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  62. package/dist/error/ClientConfigurationError.mjs +1 -1
  63. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  64. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  65. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  66. package/dist/error/JoseHeaderError.mjs +1 -1
  67. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  68. package/dist/error/NetworkError.mjs +1 -1
  69. package/dist/error/ServerError.mjs +1 -1
  70. package/dist/exports-common.d.ts +1 -1
  71. package/dist/exports-common.d.ts.map +1 -1
  72. package/dist/index-browser.mjs +2 -2
  73. package/dist/index-node.mjs +2 -2
  74. package/dist/index.mjs +2 -2
  75. package/dist/logger/Logger.mjs +1 -1
  76. package/dist/network/INetworkModule.mjs +1 -1
  77. package/dist/network/ThrottlingUtils.d.ts +2 -2
  78. package/dist/network/ThrottlingUtils.d.ts.map +1 -1
  79. package/dist/network/ThrottlingUtils.mjs +6 -6
  80. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  81. package/dist/packageMetadata.d.ts +1 -1
  82. package/dist/packageMetadata.mjs +2 -2
  83. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  84. package/dist/request/RequestParameterBuilder.mjs +1 -1
  85. package/dist/request/RequestValidator.mjs +1 -1
  86. package/dist/request/ScopeSet.mjs +1 -1
  87. package/dist/response/ResponseHandler.d.ts +1 -1
  88. package/dist/response/ResponseHandler.d.ts.map +1 -1
  89. package/dist/response/ResponseHandler.mjs +6 -6
  90. package/dist/response/ResponseHandler.mjs.map +1 -1
  91. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  92. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  93. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  94. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  95. package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
  96. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  97. package/dist/url/UrlString.mjs +1 -1
  98. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  99. package/dist/utils/Constants.mjs +1 -1
  100. package/dist/utils/FunctionWrappers.mjs +1 -1
  101. package/dist/utils/ProtocolUtils.mjs +1 -1
  102. package/dist/utils/StringUtils.mjs +1 -1
  103. package/dist/utils/TimeUtils.mjs +1 -1
  104. package/dist/utils/UrlUtils.mjs +1 -1
  105. package/lib/index-browser.cjs +3 -2
  106. package/lib/index-browser.cjs.map +1 -1
  107. package/lib/{index-node-C9XsExml.js → index-node-CebvEPer.js} +132 -128
  108. package/lib/index-node-CebvEPer.js.map +1 -0
  109. package/lib/index-node.cjs +3 -2
  110. package/lib/index-node.cjs.map +1 -1
  111. package/lib/index.cjs +3 -2
  112. package/lib/index.cjs.map +1 -1
  113. package/lib/types/account/AccountInfo.d.ts +1 -0
  114. package/lib/types/account/AccountInfo.d.ts.map +1 -1
  115. package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
  116. package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
  117. package/lib/types/cache/CacheManager.d.ts +34 -34
  118. package/lib/types/cache/CacheManager.d.ts.map +1 -1
  119. package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
  120. package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
  121. package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
  122. package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
  123. package/lib/types/cache/interface/ICacheManager.d.ts +21 -21
  124. package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
  125. package/lib/types/client/BaseClient.d.ts.map +1 -1
  126. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  127. package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
  128. package/lib/types/error/CacheError.d.ts +6 -0
  129. package/lib/types/error/CacheError.d.ts.map +1 -1
  130. package/lib/types/error/CacheErrorCodes.d.ts +2 -2
  131. package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
  132. package/lib/types/exports-common.d.ts +1 -1
  133. package/lib/types/exports-common.d.ts.map +1 -1
  134. package/lib/types/network/ThrottlingUtils.d.ts +2 -2
  135. package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
  136. package/lib/types/packageMetadata.d.ts +1 -1
  137. package/lib/types/response/ResponseHandler.d.ts +1 -1
  138. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  139. package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  140. package/package.json +1 -1
  141. package/src/account/AccountInfo.ts +1 -0
  142. package/src/cache/CacheManager.ts +184 -123
  143. package/src/cache/entities/AccountEntity.ts +1 -0
  144. package/src/cache/entities/CredentialEntity.ts +2 -0
  145. package/src/cache/interface/ICacheManager.ts +45 -20
  146. package/src/client/BaseClient.ts +11 -2
  147. package/src/client/RefreshTokenClient.ts +6 -3
  148. package/src/client/SilentFlowClient.ts +7 -5
  149. package/src/error/CacheError.ts +24 -4
  150. package/src/error/CacheErrorCodes.ts +2 -2
  151. package/src/exports-common.ts +5 -1
  152. package/src/network/ThrottlingUtils.ts +8 -5
  153. package/src/packageMetadata.ts +1 -1
  154. package/src/response/ResponseHandler.ts +14 -4
  155. package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
  156. package/lib/index-node-C9XsExml.js.map +0 -1
@@ -53,7 +53,8 @@ import { getAliasesFromStaticSources } from "../authority/AuthorityMetadata.js";
53
53
  import { StaticAuthorityOptions } from "../authority/AuthorityOptions.js";
54
54
  import { TokenClaims } from "../account/TokenClaims.js";
55
55
  import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
56
- import { CacheError, CacheErrorCodes } from "../error/CacheError.js";
56
+ import { createCacheError } from "../error/CacheError.js";
57
+ import { AuthError } from "../error/AuthError.js";
57
58
 
58
59
  /**
59
60
  * Interface class which implement cache storage functions used by MSAL to perform validity checks, and store tokens.
@@ -84,64 +85,85 @@ export abstract class CacheManager implements ICacheManager {
84
85
  */
85
86
  abstract getAccount(
86
87
  accountKey: string,
88
+ correlationId: string,
87
89
  logger?: Logger
88
90
  ): AccountEntity | null;
89
91
 
90
92
  /**
91
93
  * Returns deserialized account if found in the cache, otherwiser returns null
92
94
  */
93
- abstract getCachedAccountEntity(accountKey: string): AccountEntity | null;
95
+ abstract getCachedAccountEntity(
96
+ accountKey: string,
97
+ correlationId: string
98
+ ): AccountEntity | null;
94
99
 
95
100
  /**
96
101
  * set account entity in the platform cache
97
102
  * @param account
98
103
  */
99
- abstract setAccount(account: AccountEntity): void;
104
+ abstract setAccount(account: AccountEntity, correlationId: string): void;
100
105
 
101
106
  /**
102
107
  * remove account entity from the platform cache if it's outdated
103
108
  */
104
- abstract removeOutdatedAccount(accountKey: string): void;
109
+ abstract removeOutdatedAccount(
110
+ accountKey: string,
111
+ correlationId: string
112
+ ): void;
105
113
 
106
114
  /**
107
115
  * fetch the idToken entity from the platform cache
108
116
  * @param idTokenKey
109
117
  */
110
- abstract getIdTokenCredential(idTokenKey: string): IdTokenEntity | null;
118
+ abstract getIdTokenCredential(
119
+ idTokenKey: string,
120
+ correlationId: string
121
+ ): IdTokenEntity | null;
111
122
 
112
123
  /**
113
124
  * set idToken entity to the platform cache
114
125
  * @param idToken
115
126
  */
116
- abstract setIdTokenCredential(idToken: IdTokenEntity): void;
127
+ abstract setIdTokenCredential(
128
+ idToken: IdTokenEntity,
129
+ correlationId: string
130
+ ): void;
117
131
 
118
132
  /**
119
133
  * fetch the idToken entity from the platform cache
120
134
  * @param accessTokenKey
121
135
  */
122
136
  abstract getAccessTokenCredential(
123
- accessTokenKey: string
137
+ accessTokenKey: string,
138
+ correlationId: string
124
139
  ): AccessTokenEntity | null;
125
140
 
126
141
  /**
127
142
  * set idToken entity to the platform cache
128
143
  * @param accessToken
129
144
  */
130
- abstract setAccessTokenCredential(accessToken: AccessTokenEntity): void;
145
+ abstract setAccessTokenCredential(
146
+ accessToken: AccessTokenEntity,
147
+ correlationId: string
148
+ ): void;
131
149
 
132
150
  /**
133
151
  * fetch the idToken entity from the platform cache
134
152
  * @param refreshTokenKey
135
153
  */
136
154
  abstract getRefreshTokenCredential(
137
- refreshTokenKey: string
155
+ refreshTokenKey: string,
156
+ correlationId: string
138
157
  ): RefreshTokenEntity | null;
139
158
 
140
159
  /**
141
160
  * set idToken entity to the platform cache
142
161
  * @param refreshToken
143
162
  */
144
- abstract setRefreshTokenCredential(refreshToken: RefreshTokenEntity): void;
163
+ abstract setRefreshTokenCredential(
164
+ refreshToken: RefreshTokenEntity,
165
+ correlationId: string
166
+ ): void;
145
167
 
146
168
  /**
147
169
  * fetch appMetadata entity from the platform cache
@@ -153,7 +175,10 @@ export abstract class CacheManager implements ICacheManager {
153
175
  * set appMetadata entity to the platform cache
154
176
  * @param appMetadata
155
177
  */
156
- abstract setAppMetadata(appMetadata: AppMetadataEntity): void;
178
+ abstract setAppMetadata(
179
+ appMetadata: AppMetadataEntity,
180
+ correlationId: string
181
+ ): void;
157
182
 
158
183
  /**
159
184
  * fetch server telemetry entity from the platform cache
@@ -170,7 +195,8 @@ export abstract class CacheManager implements ICacheManager {
170
195
  */
171
196
  abstract setServerTelemetry(
172
197
  serverTelemetryKey: string,
173
- serverTelemetry: ServerTelemetryEntity
198
+ serverTelemetry: ServerTelemetryEntity,
199
+ correlationId: string
174
200
  ): void;
175
201
 
176
202
  /**
@@ -209,14 +235,15 @@ export abstract class CacheManager implements ICacheManager {
209
235
  */
210
236
  abstract setThrottlingCache(
211
237
  throttlingCacheKey: string,
212
- throttlingCache: ThrottlingEntity
238
+ throttlingCache: ThrottlingEntity,
239
+ correlationId: string
213
240
  ): void;
214
241
 
215
242
  /**
216
243
  * Function to remove an item from cache given its key.
217
244
  * @param key
218
245
  */
219
- abstract removeItem(key: string): void;
246
+ abstract removeItem(key: string, correlationId: string): void;
220
247
 
221
248
  /**
222
249
  * Function which retrieves all current keys from the cache.
@@ -238,7 +265,8 @@ export abstract class CacheManager implements ICacheManager {
238
265
  */
239
266
  abstract updateCredentialCacheKey(
240
267
  currentCacheKey: string,
241
- credential: ValidCredentialType
268
+ credential: ValidCredentialType,
269
+ correlationId: string
242
270
  ): string;
243
271
 
244
272
  /**
@@ -246,9 +274,13 @@ export abstract class CacheManager implements ICacheManager {
246
274
  * @param accountFilter - (Optional) filter to narrow down the accounts returned
247
275
  * @returns Array of AccountInfo objects in cache
248
276
  */
249
- getAllAccounts(accountFilter?: AccountFilter): AccountInfo[] {
277
+ getAllAccounts(
278
+ correlationId: string,
279
+ accountFilter?: AccountFilter
280
+ ): AccountInfo[] {
250
281
  return this.buildTenantProfiles(
251
- this.getAccountsFilteredBy(accountFilter || {}),
282
+ this.getAccountsFilteredBy(accountFilter || {}, correlationId),
283
+ correlationId,
252
284
  accountFilter
253
285
  );
254
286
  }
@@ -256,8 +288,11 @@ export abstract class CacheManager implements ICacheManager {
256
288
  /**
257
289
  * Gets first tenanted AccountInfo object found based on provided filters
258
290
  */
259
- getAccountInfoFilteredBy(accountFilter: AccountFilter): AccountInfo | null {
260
- const allAccounts = this.getAllAccounts(accountFilter);
291
+ getAccountInfoFilteredBy(
292
+ accountFilter: AccountFilter,
293
+ correlationId: string
294
+ ): AccountInfo | null {
295
+ const allAccounts = this.getAllAccounts(correlationId, accountFilter);
261
296
  if (allAccounts.length > 1) {
262
297
  // If one or more accounts are found, prioritize accounts that have an ID token
263
298
  const sortedAccounts = allAccounts.sort((account) => {
@@ -277,8 +312,14 @@ export abstract class CacheManager implements ICacheManager {
277
312
  * @param accountFilter
278
313
  * @returns
279
314
  */
280
- getBaseAccountInfo(accountFilter: AccountFilter): AccountInfo | null {
281
- const accountEntities = this.getAccountsFilteredBy(accountFilter);
315
+ getBaseAccountInfo(
316
+ accountFilter: AccountFilter,
317
+ correlationId: string
318
+ ): AccountInfo | null {
319
+ const accountEntities = this.getAccountsFilteredBy(
320
+ accountFilter,
321
+ correlationId
322
+ );
282
323
  if (accountEntities.length > 0) {
283
324
  return accountEntities[0].getAccountInfo();
284
325
  } else {
@@ -295,11 +336,13 @@ export abstract class CacheManager implements ICacheManager {
295
336
  */
296
337
  private buildTenantProfiles(
297
338
  cachedAccounts: AccountEntity[],
339
+ correlationId: string,
298
340
  accountFilter?: AccountFilter
299
341
  ): AccountInfo[] {
300
342
  return cachedAccounts.flatMap((accountEntity) => {
301
343
  return this.getTenantProfilesFromAccountEntity(
302
344
  accountEntity,
345
+ correlationId,
303
346
  accountFilter?.tenantId,
304
347
  accountFilter
305
348
  );
@@ -310,6 +353,7 @@ export abstract class CacheManager implements ICacheManager {
310
353
  accountInfo: AccountInfo,
311
354
  tokenKeys: TokenKeys,
312
355
  tenantProfile: TenantProfile,
356
+ correlationId: string,
313
357
  tenantProfileFilter?: TenantProfileFilter
314
358
  ): AccountInfo | null {
315
359
  let tenantedAccountInfo: AccountInfo | null = null;
@@ -328,6 +372,7 @@ export abstract class CacheManager implements ICacheManager {
328
372
 
329
373
  const idToken = this.getIdToken(
330
374
  accountInfo,
375
+ correlationId,
331
376
  tokenKeys,
332
377
  tenantProfile.tenantId
333
378
  );
@@ -362,6 +407,7 @@ export abstract class CacheManager implements ICacheManager {
362
407
 
363
408
  private getTenantProfilesFromAccountEntity(
364
409
  accountEntity: AccountEntity,
410
+ correlationId: string,
365
411
  targetTenantId?: string,
366
412
  tenantProfileFilter?: TenantProfileFilter
367
413
  ): AccountInfo[] {
@@ -390,6 +436,7 @@ export abstract class CacheManager implements ICacheManager {
390
436
  accountInfo,
391
437
  tokenKeys,
392
438
  tenantProfile,
439
+ correlationId,
393
440
  tenantProfileFilter
394
441
  );
395
442
  if (tenantedAccountInfo) {
@@ -493,8 +540,8 @@ export abstract class CacheManager implements ICacheManager {
493
540
  */
494
541
  async saveCacheRecord(
495
542
  cacheRecord: CacheRecord,
496
- storeInCache?: StoreInCache,
497
- correlationId?: string
543
+ correlationId: string,
544
+ storeInCache?: StoreInCache
498
545
  ): Promise<void> {
499
546
  if (!cacheRecord) {
500
547
  throw createClientAuthError(
@@ -504,59 +551,42 @@ export abstract class CacheManager implements ICacheManager {
504
551
 
505
552
  try {
506
553
  if (!!cacheRecord.account) {
507
- this.setAccount(cacheRecord.account);
554
+ this.setAccount(cacheRecord.account, correlationId);
508
555
  }
509
556
 
510
557
  if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
511
- this.setIdTokenCredential(cacheRecord.idToken);
558
+ this.setIdTokenCredential(cacheRecord.idToken, correlationId);
512
559
  }
513
560
 
514
561
  if (
515
562
  !!cacheRecord.accessToken &&
516
563
  storeInCache?.accessToken !== false
517
564
  ) {
518
- await this.saveAccessToken(cacheRecord.accessToken);
565
+ await this.saveAccessToken(
566
+ cacheRecord.accessToken,
567
+ correlationId
568
+ );
519
569
  }
520
570
 
521
571
  if (
522
572
  !!cacheRecord.refreshToken &&
523
573
  storeInCache?.refreshToken !== false
524
574
  ) {
525
- this.setRefreshTokenCredential(cacheRecord.refreshToken);
575
+ this.setRefreshTokenCredential(
576
+ cacheRecord.refreshToken,
577
+ correlationId
578
+ );
526
579
  }
527
580
 
528
581
  if (!!cacheRecord.appMetadata) {
529
- this.setAppMetadata(cacheRecord.appMetadata);
582
+ this.setAppMetadata(cacheRecord.appMetadata, correlationId);
530
583
  }
531
584
  } catch (e: unknown) {
532
585
  this.commonLogger?.error(`CacheManager.saveCacheRecord: failed`);
533
- if (e instanceof Error) {
534
- this.commonLogger?.errorPii(
535
- `CacheManager.saveCacheRecord: ${e.message}`,
536
- correlationId
537
- );
538
-
539
- if (
540
- e.name === "QuotaExceededError" ||
541
- e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
542
- e.message.includes("exceeded the quota")
543
- ) {
544
- this.commonLogger?.error(
545
- `CacheManager.saveCacheRecord: exceeded storage quota`,
546
- correlationId
547
- );
548
- throw new CacheError(
549
- CacheErrorCodes.cacheQuotaExceededErrorCode
550
- );
551
- } else {
552
- throw new CacheError(e.name, e.message);
553
- }
586
+ if (e instanceof AuthError) {
587
+ throw e;
554
588
  } else {
555
- this.commonLogger?.errorPii(
556
- `CacheManager.saveCacheRecord: ${e}`,
557
- correlationId
558
- );
559
- throw new CacheError(CacheErrorCodes.cacheUnknownErrorCode);
589
+ throw createCacheError(e);
560
590
  }
561
591
  }
562
592
  }
@@ -566,7 +596,8 @@ export abstract class CacheManager implements ICacheManager {
566
596
  * @param credential
567
597
  */
568
598
  private async saveAccessToken(
569
- credential: AccessTokenEntity
599
+ credential: AccessTokenEntity,
600
+ correlationId: string
570
601
  ): Promise<void> {
571
602
  const accessTokenFilter: CredentialFilter = {
572
603
  clientId: credential.clientId,
@@ -581,7 +612,6 @@ export abstract class CacheManager implements ICacheManager {
581
612
  const tokenKeys = this.getTokenKeys();
582
613
  const currentScopes = ScopeSet.fromString(credential.target);
583
614
 
584
- const removedAccessTokens: Array<Promise<void>> = [];
585
615
  tokenKeys.accessToken.forEach((key) => {
586
616
  if (
587
617
  !this.accessTokenKeyMatchesFilter(key, accessTokenFilter, false)
@@ -589,7 +619,10 @@ export abstract class CacheManager implements ICacheManager {
589
619
  return;
590
620
  }
591
621
 
592
- const tokenEntity = this.getAccessTokenCredential(key);
622
+ const tokenEntity = this.getAccessTokenCredential(
623
+ key,
624
+ correlationId
625
+ );
593
626
 
594
627
  if (
595
628
  tokenEntity &&
@@ -597,12 +630,11 @@ export abstract class CacheManager implements ICacheManager {
597
630
  ) {
598
631
  const tokenScopeSet = ScopeSet.fromString(tokenEntity.target);
599
632
  if (tokenScopeSet.intersectingScopeSets(currentScopes)) {
600
- removedAccessTokens.push(this.removeAccessToken(key));
633
+ this.removeAccessToken(key, correlationId);
601
634
  }
602
635
  }
603
636
  });
604
- await Promise.all(removedAccessTokens);
605
- this.setAccessTokenCredential(credential);
637
+ this.setAccessTokenCredential(credential, correlationId);
606
638
  }
607
639
 
608
640
  /**
@@ -610,7 +642,10 @@ export abstract class CacheManager implements ICacheManager {
610
642
  * Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared
611
643
  * @param accountFilter - An object containing Account properties to filter by
612
644
  */
613
- getAccountsFilteredBy(accountFilter: AccountFilter): AccountEntity[] {
645
+ getAccountsFilteredBy(
646
+ accountFilter: AccountFilter,
647
+ correlationId: string
648
+ ): AccountEntity[] {
614
649
  const allAccountKeys = this.getAccountKeys();
615
650
  const matchingAccounts: AccountEntity[] = [];
616
651
  allAccountKeys.forEach((cacheKey) => {
@@ -621,6 +656,7 @@ export abstract class CacheManager implements ICacheManager {
621
656
 
622
657
  const entity: AccountEntity | null = this.getAccount(
623
658
  cacheKey,
659
+ correlationId,
624
660
  this.commonLogger
625
661
  );
626
662
 
@@ -952,12 +988,12 @@ export abstract class CacheManager implements ICacheManager {
952
988
  /**
953
989
  * Removes all accounts and related tokens from cache.
954
990
  */
955
- async removeAllAccounts(): Promise<void> {
991
+ async removeAllAccounts(correlationId: string): Promise<void> {
956
992
  const allAccountKeys = this.getAccountKeys();
957
993
  const removedAccounts: Array<Promise<void>> = [];
958
994
 
959
995
  allAccountKeys.forEach((cacheKey) => {
960
- removedAccounts.push(this.removeAccount(cacheKey));
996
+ removedAccounts.push(this.removeAccount(cacheKey, correlationId));
961
997
  });
962
998
 
963
999
  await Promise.all(removedAccounts);
@@ -967,43 +1003,56 @@ export abstract class CacheManager implements ICacheManager {
967
1003
  * Removes the account and related tokens for a given account key
968
1004
  * @param account
969
1005
  */
970
- async removeAccount(accountKey: string): Promise<void> {
971
- const account = this.getAccount(accountKey, this.commonLogger);
1006
+ async removeAccount(
1007
+ accountKey: string,
1008
+ correlationId: string
1009
+ ): Promise<void> {
1010
+ const account = this.getAccount(
1011
+ accountKey,
1012
+ correlationId,
1013
+ this.commonLogger
1014
+ );
972
1015
  if (!account) {
973
1016
  return;
974
1017
  }
975
- await this.removeAccountContext(account);
976
- this.removeItem(accountKey);
1018
+ await this.removeAccountContext(account, correlationId);
1019
+ this.removeItem(accountKey, correlationId);
977
1020
  }
978
1021
 
979
1022
  /**
980
1023
  * Removes credentials associated with the provided account
981
1024
  * @param account
982
1025
  */
983
- async removeAccountContext(account: AccountEntity): Promise<void> {
1026
+ async removeAccountContext(
1027
+ account: AccountEntity,
1028
+ correlationId: string
1029
+ ): Promise<void> {
984
1030
  const allTokenKeys = this.getTokenKeys();
985
1031
  const accountId = account.generateAccountId();
986
- const removedCredentials: Array<Promise<void>> = [];
987
1032
 
988
1033
  allTokenKeys.idToken.forEach((key) => {
989
1034
  if (key.indexOf(accountId) === 0) {
990
- this.removeIdToken(key);
1035
+ this.removeIdToken(key, correlationId);
991
1036
  }
992
1037
  });
993
1038
 
994
1039
  allTokenKeys.accessToken.forEach((key) => {
995
1040
  if (key.indexOf(accountId) === 0) {
996
- removedCredentials.push(this.removeAccessToken(key));
1041
+ this.removeAccessToken(key, correlationId);
997
1042
  }
998
1043
  });
999
1044
 
1000
1045
  allTokenKeys.refreshToken.forEach((key) => {
1001
1046
  if (key.indexOf(accountId) === 0) {
1002
- this.removeRefreshToken(key);
1047
+ this.removeRefreshToken(key, correlationId);
1003
1048
  }
1004
1049
  });
1005
1050
 
1006
- await Promise.all(removedCredentials);
1051
+ this.getKeys().forEach((key) => {
1052
+ if (key.includes(accountId)) {
1053
+ this.removeItem(key, correlationId);
1054
+ }
1055
+ });
1007
1056
  }
1008
1057
 
1009
1058
  /**
@@ -1017,6 +1066,7 @@ export abstract class CacheManager implements ICacheManager {
1017
1066
  protected updateOutdatedCachedAccount(
1018
1067
  accountKey: string,
1019
1068
  accountEntity: AccountEntity | null,
1069
+ correlationId: string,
1020
1070
  logger?: Logger
1021
1071
  ): AccountEntity | null {
1022
1072
  // Only update if account entity is defined and has no tenantProfiles object (is outdated)
@@ -1035,7 +1085,7 @@ export abstract class CacheManager implements ICacheManager {
1035
1085
  // Get all account entities belonging to user
1036
1086
  const accountsToMerge: AccountEntity[] = [];
1037
1087
  matchingAccountKeys.forEach((key: string) => {
1038
- const account = this.getCachedAccountEntity(key);
1088
+ const account = this.getCachedAccountEntity(key, correlationId);
1039
1089
  if (account) {
1040
1090
  accountsToMerge.push(account);
1041
1091
  }
@@ -1074,12 +1124,12 @@ export abstract class CacheManager implements ICacheManager {
1074
1124
  // Clear cache of legacy account objects that have been collpsed into tenant profiles
1075
1125
  matchingAccountKeys.forEach((key: string) => {
1076
1126
  if (key !== newAccountKey) {
1077
- this.removeOutdatedAccount(accountKey);
1127
+ this.removeOutdatedAccount(accountKey, correlationId);
1078
1128
  }
1079
1129
  });
1080
1130
 
1081
1131
  // Cache updated account object
1082
- this.setAccount(updatedAccount);
1132
+ this.setAccount(updatedAccount, correlationId);
1083
1133
  logger?.verbose("Updated an outdated account entity in the cache");
1084
1134
  return updatedAccount;
1085
1135
  }
@@ -1092,45 +1142,37 @@ export abstract class CacheManager implements ICacheManager {
1092
1142
  * returns a boolean if the given credential is removed
1093
1143
  * @param credential
1094
1144
  */
1095
- async removeAccessToken(key: string): Promise<void> {
1096
- const credential = this.getAccessTokenCredential(key);
1097
- if (!credential) {
1098
- return;
1099
- }
1145
+ removeAccessToken(key: string, correlationId: string): void {
1146
+ const credential = this.getAccessTokenCredential(key, correlationId);
1147
+ this.removeItem(key, correlationId);
1100
1148
 
1101
- // Remove Token Binding Key from key store for PoP Tokens Credentials
1102
1149
  if (
1103
- credential.credentialType.toLowerCase() ===
1104
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()
1150
+ !credential ||
1151
+ credential.credentialType.toLowerCase() !==
1152
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
1153
+ credential.tokenType !== AuthenticationScheme.POP
1105
1154
  ) {
1106
- if (credential.tokenType === AuthenticationScheme.POP) {
1107
- const accessTokenWithAuthSchemeEntity =
1108
- credential as AccessTokenEntity;
1109
- const kid = accessTokenWithAuthSchemeEntity.keyId;
1110
-
1111
- if (kid) {
1112
- try {
1113
- await this.cryptoImpl.removeTokenBindingKey(kid);
1114
- } catch (error) {
1115
- throw createClientAuthError(
1116
- ClientAuthErrorCodes.bindingKeyNotRemoved
1117
- );
1118
- }
1119
- }
1120
- }
1155
+ return;
1121
1156
  }
1122
1157
 
1123
- return this.removeItem(key);
1158
+ // Remove Token Binding Key from key store for PoP Tokens Credentials
1159
+ const kid = credential.keyId;
1160
+
1161
+ if (kid) {
1162
+ void this.cryptoImpl.removeTokenBindingKey(kid).catch(() => {
1163
+ this.commonLogger.error("Binding key could not be removed");
1164
+ });
1165
+ }
1124
1166
  }
1125
1167
 
1126
1168
  /**
1127
1169
  * Removes all app metadata objects from cache.
1128
1170
  */
1129
- removeAppMetadata(): boolean {
1171
+ removeAppMetadata(correlationId: string): boolean {
1130
1172
  const allCacheKeys = this.getKeys();
1131
1173
  allCacheKeys.forEach((cacheKey) => {
1132
1174
  if (this.isAppMetadata(cacheKey)) {
1133
- this.removeItem(cacheKey);
1175
+ this.removeItem(cacheKey, correlationId);
1134
1176
  }
1135
1177
  });
1136
1178
 
@@ -1141,10 +1183,13 @@ export abstract class CacheManager implements ICacheManager {
1141
1183
  * Retrieve AccountEntity from cache
1142
1184
  * @param account
1143
1185
  */
1144
- readAccountFromCache(account: AccountInfo): AccountEntity | null {
1186
+ readAccountFromCache(
1187
+ account: AccountInfo,
1188
+ correlationId: string
1189
+ ): AccountEntity | null {
1145
1190
  const accountKey: string =
1146
1191
  AccountEntity.generateAccountCacheKey(account);
1147
- return this.getAccount(accountKey, this.commonLogger);
1192
+ return this.getAccount(accountKey, correlationId, this.commonLogger);
1148
1193
  }
1149
1194
 
1150
1195
  /**
@@ -1157,10 +1202,10 @@ export abstract class CacheManager implements ICacheManager {
1157
1202
  */
1158
1203
  getIdToken(
1159
1204
  account: AccountInfo,
1205
+ correlationId: string,
1160
1206
  tokenKeys?: TokenKeys,
1161
1207
  targetRealm?: string,
1162
- performanceClient?: IPerformanceClient,
1163
- correlationId?: string
1208
+ performanceClient?: IPerformanceClient
1164
1209
  ): IdTokenEntity | null {
1165
1210
  this.commonLogger.trace("CacheManager - getIdToken called");
1166
1211
  const idTokenFilter: CredentialFilter = {
@@ -1173,6 +1218,7 @@ export abstract class CacheManager implements ICacheManager {
1173
1218
 
1174
1219
  const idTokenMap: Map<string, IdTokenEntity> = this.getIdTokensByFilter(
1175
1220
  idTokenFilter,
1221
+ correlationId,
1176
1222
  tokenKeys
1177
1223
  );
1178
1224
 
@@ -1215,7 +1261,7 @@ export abstract class CacheManager implements ICacheManager {
1215
1261
  "CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"
1216
1262
  );
1217
1263
  tokensToBeRemoved.forEach((idToken, key) => {
1218
- this.removeIdToken(key);
1264
+ this.removeIdToken(key, correlationId);
1219
1265
  });
1220
1266
  if (performanceClient && correlationId) {
1221
1267
  performanceClient.addFields(
@@ -1237,6 +1283,7 @@ export abstract class CacheManager implements ICacheManager {
1237
1283
  */
1238
1284
  getIdTokensByFilter(
1239
1285
  filter: CredentialFilter,
1286
+ correlationId: string,
1240
1287
  tokenKeys?: TokenKeys
1241
1288
  ): Map<string, IdTokenEntity> {
1242
1289
  const idTokenKeys =
@@ -1255,7 +1302,7 @@ export abstract class CacheManager implements ICacheManager {
1255
1302
  ) {
1256
1303
  return;
1257
1304
  }
1258
- const idToken = this.getIdTokenCredential(key);
1305
+ const idToken = this.getIdTokenCredential(key, correlationId);
1259
1306
  if (idToken && this.credentialMatchesFilter(idToken, filter)) {
1260
1307
  idTokens.set(key, idToken);
1261
1308
  }
@@ -1296,16 +1343,16 @@ export abstract class CacheManager implements ICacheManager {
1296
1343
  * Removes idToken from the cache
1297
1344
  * @param key
1298
1345
  */
1299
- removeIdToken(key: string): void {
1300
- this.removeItem(key);
1346
+ removeIdToken(key: string, correlationId: string): void {
1347
+ this.removeItem(key, correlationId);
1301
1348
  }
1302
1349
 
1303
1350
  /**
1304
1351
  * Removes refresh token from the cache
1305
1352
  * @param key
1306
1353
  */
1307
- removeRefreshToken(key: string): void {
1308
- this.removeItem(key);
1354
+ removeRefreshToken(key: string, correlationId: string): void {
1355
+ this.removeItem(key, correlationId);
1309
1356
  }
1310
1357
 
1311
1358
  /**
@@ -1321,8 +1368,7 @@ export abstract class CacheManager implements ICacheManager {
1321
1368
  request: BaseAuthRequest,
1322
1369
  tokenKeys?: TokenKeys,
1323
1370
  targetRealm?: string,
1324
- performanceClient?: IPerformanceClient,
1325
- correlationId?: string
1371
+ performanceClient?: IPerformanceClient
1326
1372
  ): AccessTokenEntity | null {
1327
1373
  this.commonLogger.trace("CacheManager - getAccessToken called");
1328
1374
  const scopes = ScopeSet.createSearchScopes(request.scopes);
@@ -1361,7 +1407,10 @@ export abstract class CacheManager implements ICacheManager {
1361
1407
  if (
1362
1408
  this.accessTokenKeyMatchesFilter(key, accessTokenFilter, true)
1363
1409
  ) {
1364
- const accessToken = this.getAccessTokenCredential(key);
1410
+ const accessToken = this.getAccessTokenCredential(
1411
+ key,
1412
+ request.correlationId
1413
+ );
1365
1414
 
1366
1415
  // Validate value
1367
1416
  if (
@@ -1384,12 +1433,15 @@ export abstract class CacheManager implements ICacheManager {
1384
1433
  "CacheManager:getAccessToken - Multiple access tokens found, clearing them"
1385
1434
  );
1386
1435
  accessTokens.forEach((accessToken) => {
1387
- void this.removeAccessToken(generateCredentialKey(accessToken));
1436
+ void this.removeAccessToken(
1437
+ generateCredentialKey(accessToken),
1438
+ request.correlationId
1439
+ );
1388
1440
  });
1389
- if (performanceClient && correlationId) {
1441
+ if (performanceClient && request.correlationId) {
1390
1442
  performanceClient.addFields(
1391
1443
  { multiMatchedAT: accessTokens.length },
1392
- correlationId
1444
+ request.correlationId
1393
1445
  );
1394
1446
  }
1395
1447
  return null;
@@ -1466,7 +1518,10 @@ export abstract class CacheManager implements ICacheManager {
1466
1518
  * @param filter
1467
1519
  * @returns
1468
1520
  */
1469
- getAccessTokensByFilter(filter: CredentialFilter): AccessTokenEntity[] {
1521
+ getAccessTokensByFilter(
1522
+ filter: CredentialFilter,
1523
+ correlationId: string
1524
+ ): AccessTokenEntity[] {
1470
1525
  const tokenKeys = this.getTokenKeys();
1471
1526
 
1472
1527
  const accessTokens: AccessTokenEntity[] = [];
@@ -1475,7 +1530,10 @@ export abstract class CacheManager implements ICacheManager {
1475
1530
  return;
1476
1531
  }
1477
1532
 
1478
- const accessToken = this.getAccessTokenCredential(key);
1533
+ const accessToken = this.getAccessTokenCredential(
1534
+ key,
1535
+ correlationId
1536
+ );
1479
1537
  if (
1480
1538
  accessToken &&
1481
1539
  this.credentialMatchesFilter(accessToken, filter)
@@ -1498,9 +1556,9 @@ export abstract class CacheManager implements ICacheManager {
1498
1556
  getRefreshToken(
1499
1557
  account: AccountInfo,
1500
1558
  familyRT: boolean,
1559
+ correlationId: string,
1501
1560
  tokenKeys?: TokenKeys,
1502
- performanceClient?: IPerformanceClient,
1503
- correlationId?: string
1561
+ performanceClient?: IPerformanceClient
1504
1562
  ): RefreshTokenEntity | null {
1505
1563
  this.commonLogger.trace("CacheManager - getRefreshToken called");
1506
1564
  const id = familyRT ? THE_FAMILY_ID : undefined;
@@ -1520,7 +1578,10 @@ export abstract class CacheManager implements ICacheManager {
1520
1578
  refreshTokenKeys.forEach((key) => {
1521
1579
  // Validate key
1522
1580
  if (this.refreshTokenKeyMatchesFilter(key, refreshTokenFilter)) {
1523
- const refreshToken = this.getRefreshTokenCredential(key);
1581
+ const refreshToken = this.getRefreshTokenCredential(
1582
+ key,
1583
+ correlationId
1584
+ );
1524
1585
  // Validate value
1525
1586
  if (
1526
1587
  refreshToken &&