@azure/msal-common 14.16.0 → 14.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +1 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/dist/cache/CacheManager.d.ts +34 -34
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +84 -99
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +1 -0
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +2 -0
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +21 -21
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +3 -3
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +3 -3
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +4 -4
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +6 -0
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +24 -6
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.d.ts.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +4 -4
- package/dist/error/CacheErrorCodes.mjs.map +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +1 -1
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +2 -2
- package/dist/index-node.mjs +2 -2
- package/dist/index.mjs +2 -2
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/ThrottlingUtils.d.ts +2 -2
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -6
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +6 -6
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +3 -2
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-C9XsExml.js → index-node-CebvEPer.js} +132 -128
- package/lib/index-node-CebvEPer.js.map +1 -0
- package/lib/index-node.cjs +3 -2
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -2
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +1 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +34 -34
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +21 -21
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +6 -0
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/CacheErrorCodes.d.ts +2 -2
- package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +1 -1
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts +2 -2
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/account/AccountInfo.ts +1 -0
- package/src/cache/CacheManager.ts +184 -123
- package/src/cache/entities/AccountEntity.ts +1 -0
- package/src/cache/entities/CredentialEntity.ts +2 -0
- package/src/cache/interface/ICacheManager.ts +45 -20
- package/src/client/BaseClient.ts +11 -2
- package/src/client/RefreshTokenClient.ts +6 -3
- package/src/client/SilentFlowClient.ts +7 -5
- package/src/error/CacheError.ts +24 -4
- package/src/error/CacheErrorCodes.ts +2 -2
- package/src/exports-common.ts +5 -1
- package/src/network/ThrottlingUtils.ts +8 -5
- package/src/packageMetadata.ts +1 -1
- package/src/response/ResponseHandler.ts +14 -4
- package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
- package/lib/index-node-C9XsExml.js.map +0 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v14.16.
|
|
1
|
+
/*! @azure/msal-common v14.16.1 2025-08-05 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -3816,7 +3816,7 @@ class Logger {
|
|
|
3816
3816
|
|
|
3817
3817
|
/* eslint-disable header/header */
|
|
3818
3818
|
const name = "@azure/msal-common";
|
|
3819
|
-
const version = "14.16.
|
|
3819
|
+
const version = "14.16.1";
|
|
3820
3820
|
|
|
3821
3821
|
/*
|
|
3822
3822
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4398,13 +4398,13 @@ class AccountEntity {
|
|
|
4398
4398
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
4399
4399
|
* Licensed under the MIT License.
|
|
4400
4400
|
*/
|
|
4401
|
-
const
|
|
4402
|
-
const
|
|
4401
|
+
const cacheQuotaExceeded = "cache_quota_exceeded";
|
|
4402
|
+
const cacheErrorUnknown = "cache_error_unknown";
|
|
4403
4403
|
|
|
4404
4404
|
var CacheErrorCodes = /*#__PURE__*/Object.freeze({
|
|
4405
4405
|
__proto__: null,
|
|
4406
|
-
|
|
4407
|
-
|
|
4406
|
+
cacheErrorUnknown: cacheErrorUnknown,
|
|
4407
|
+
cacheQuotaExceeded: cacheQuotaExceeded
|
|
4408
4408
|
});
|
|
4409
4409
|
|
|
4410
4410
|
/*
|
|
@@ -4412,8 +4412,8 @@ var CacheErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
4412
4412
|
* Licensed under the MIT License.
|
|
4413
4413
|
*/
|
|
4414
4414
|
const CacheErrorMessages = {
|
|
4415
|
-
[
|
|
4416
|
-
[
|
|
4415
|
+
[cacheQuotaExceeded]: "Exceeded cache storage capacity.",
|
|
4416
|
+
[cacheErrorUnknown]: "Unexpected error occurred when using cache storage.",
|
|
4417
4417
|
};
|
|
4418
4418
|
/**
|
|
4419
4419
|
* Error thrown when there is an error with the cache
|
|
@@ -4423,13 +4423,31 @@ class CacheError extends Error {
|
|
|
4423
4423
|
const message = errorMessage ||
|
|
4424
4424
|
(CacheErrorMessages[errorCode]
|
|
4425
4425
|
? CacheErrorMessages[errorCode]
|
|
4426
|
-
: CacheErrorMessages[
|
|
4426
|
+
: CacheErrorMessages[cacheErrorUnknown]);
|
|
4427
4427
|
super(`${errorCode}: ${message}`);
|
|
4428
4428
|
Object.setPrototypeOf(this, CacheError.prototype);
|
|
4429
4429
|
this.name = "CacheError";
|
|
4430
4430
|
this.errorCode = errorCode;
|
|
4431
4431
|
this.errorMessage = message;
|
|
4432
4432
|
}
|
|
4433
|
+
}
|
|
4434
|
+
/**
|
|
4435
|
+
* Helper function to wrap browser errors in a CacheError object
|
|
4436
|
+
* @param e
|
|
4437
|
+
* @returns
|
|
4438
|
+
*/
|
|
4439
|
+
function createCacheError(e) {
|
|
4440
|
+
if (!(e instanceof Error)) {
|
|
4441
|
+
return new CacheError(cacheErrorUnknown);
|
|
4442
|
+
}
|
|
4443
|
+
if (e.name === "QuotaExceededError" ||
|
|
4444
|
+
e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
|
|
4445
|
+
e.message.includes("exceeded the quota")) {
|
|
4446
|
+
return new CacheError(cacheQuotaExceeded);
|
|
4447
|
+
}
|
|
4448
|
+
else {
|
|
4449
|
+
return new CacheError(e.name, e.message);
|
|
4450
|
+
}
|
|
4433
4451
|
}
|
|
4434
4452
|
|
|
4435
4453
|
/*
|
|
@@ -4452,14 +4470,14 @@ class CacheManager {
|
|
|
4452
4470
|
* @param accountFilter - (Optional) filter to narrow down the accounts returned
|
|
4453
4471
|
* @returns Array of AccountInfo objects in cache
|
|
4454
4472
|
*/
|
|
4455
|
-
getAllAccounts(accountFilter) {
|
|
4456
|
-
return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter || {}), accountFilter);
|
|
4473
|
+
getAllAccounts(correlationId, accountFilter) {
|
|
4474
|
+
return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter || {}, correlationId), correlationId, accountFilter);
|
|
4457
4475
|
}
|
|
4458
4476
|
/**
|
|
4459
4477
|
* Gets first tenanted AccountInfo object found based on provided filters
|
|
4460
4478
|
*/
|
|
4461
|
-
getAccountInfoFilteredBy(accountFilter) {
|
|
4462
|
-
const allAccounts = this.getAllAccounts(accountFilter);
|
|
4479
|
+
getAccountInfoFilteredBy(accountFilter, correlationId) {
|
|
4480
|
+
const allAccounts = this.getAllAccounts(correlationId, accountFilter);
|
|
4463
4481
|
if (allAccounts.length > 1) {
|
|
4464
4482
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
4465
4483
|
const sortedAccounts = allAccounts.sort((account) => {
|
|
@@ -4480,8 +4498,8 @@ class CacheManager {
|
|
|
4480
4498
|
* @param accountFilter
|
|
4481
4499
|
* @returns
|
|
4482
4500
|
*/
|
|
4483
|
-
getBaseAccountInfo(accountFilter) {
|
|
4484
|
-
const accountEntities = this.getAccountsFilteredBy(accountFilter);
|
|
4501
|
+
getBaseAccountInfo(accountFilter, correlationId) {
|
|
4502
|
+
const accountEntities = this.getAccountsFilteredBy(accountFilter, correlationId);
|
|
4485
4503
|
if (accountEntities.length > 0) {
|
|
4486
4504
|
return accountEntities[0].getAccountInfo();
|
|
4487
4505
|
}
|
|
@@ -4496,12 +4514,12 @@ class CacheManager {
|
|
|
4496
4514
|
* @param accountFilter
|
|
4497
4515
|
* @returns Array of AccountInfo objects that match account and tenant profile filters
|
|
4498
4516
|
*/
|
|
4499
|
-
buildTenantProfiles(cachedAccounts, accountFilter) {
|
|
4517
|
+
buildTenantProfiles(cachedAccounts, correlationId, accountFilter) {
|
|
4500
4518
|
return cachedAccounts.flatMap((accountEntity) => {
|
|
4501
|
-
return this.getTenantProfilesFromAccountEntity(accountEntity, accountFilter?.tenantId, accountFilter);
|
|
4519
|
+
return this.getTenantProfilesFromAccountEntity(accountEntity, correlationId, accountFilter?.tenantId, accountFilter);
|
|
4502
4520
|
});
|
|
4503
4521
|
}
|
|
4504
|
-
getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter) {
|
|
4522
|
+
getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter) {
|
|
4505
4523
|
let tenantedAccountInfo = null;
|
|
4506
4524
|
let idTokenClaims;
|
|
4507
4525
|
if (tenantProfileFilter) {
|
|
@@ -4509,7 +4527,7 @@ class CacheManager {
|
|
|
4509
4527
|
return null;
|
|
4510
4528
|
}
|
|
4511
4529
|
}
|
|
4512
|
-
const idToken = this.getIdToken(accountInfo, tokenKeys, tenantProfile.tenantId);
|
|
4530
|
+
const idToken = this.getIdToken(accountInfo, correlationId, tokenKeys, tenantProfile.tenantId);
|
|
4513
4531
|
if (idToken) {
|
|
4514
4532
|
idTokenClaims = extractTokenClaims(idToken.secret, this.cryptoImpl.base64Decode);
|
|
4515
4533
|
if (!this.idTokenClaimsMatchTenantProfileFilter(idTokenClaims, tenantProfileFilter)) {
|
|
@@ -4521,7 +4539,7 @@ class CacheManager {
|
|
|
4521
4539
|
tenantedAccountInfo = updateAccountTenantProfileData(accountInfo, tenantProfile, idTokenClaims, idToken?.secret);
|
|
4522
4540
|
return tenantedAccountInfo;
|
|
4523
4541
|
}
|
|
4524
|
-
getTenantProfilesFromAccountEntity(accountEntity, targetTenantId, tenantProfileFilter) {
|
|
4542
|
+
getTenantProfilesFromAccountEntity(accountEntity, correlationId, targetTenantId, tenantProfileFilter) {
|
|
4525
4543
|
const accountInfo = accountEntity.getAccountInfo();
|
|
4526
4544
|
let searchTenantProfiles = accountInfo.tenantProfiles || new Map();
|
|
4527
4545
|
const tokenKeys = this.getTokenKeys();
|
|
@@ -4541,7 +4559,7 @@ class CacheManager {
|
|
|
4541
4559
|
}
|
|
4542
4560
|
const matchingTenantProfiles = [];
|
|
4543
4561
|
searchTenantProfiles.forEach((tenantProfile) => {
|
|
4544
|
-
const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter);
|
|
4562
|
+
const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter);
|
|
4545
4563
|
if (tenantedAccountInfo) {
|
|
4546
4564
|
matchingTenantProfiles.push(tenantedAccountInfo);
|
|
4547
4565
|
}
|
|
@@ -4595,46 +4613,36 @@ class CacheManager {
|
|
|
4595
4613
|
* @param storeInCache {?StoreInCache}
|
|
4596
4614
|
* @param correlationId {?string} correlation id
|
|
4597
4615
|
*/
|
|
4598
|
-
async saveCacheRecord(cacheRecord,
|
|
4616
|
+
async saveCacheRecord(cacheRecord, correlationId, storeInCache) {
|
|
4599
4617
|
if (!cacheRecord) {
|
|
4600
4618
|
throw createClientAuthError(invalidCacheRecord);
|
|
4601
4619
|
}
|
|
4602
4620
|
try {
|
|
4603
4621
|
if (!!cacheRecord.account) {
|
|
4604
|
-
this.setAccount(cacheRecord.account);
|
|
4622
|
+
this.setAccount(cacheRecord.account, correlationId);
|
|
4605
4623
|
}
|
|
4606
4624
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
4607
|
-
this.setIdTokenCredential(cacheRecord.idToken);
|
|
4625
|
+
this.setIdTokenCredential(cacheRecord.idToken, correlationId);
|
|
4608
4626
|
}
|
|
4609
4627
|
if (!!cacheRecord.accessToken &&
|
|
4610
4628
|
storeInCache?.accessToken !== false) {
|
|
4611
|
-
await this.saveAccessToken(cacheRecord.accessToken);
|
|
4629
|
+
await this.saveAccessToken(cacheRecord.accessToken, correlationId);
|
|
4612
4630
|
}
|
|
4613
4631
|
if (!!cacheRecord.refreshToken &&
|
|
4614
4632
|
storeInCache?.refreshToken !== false) {
|
|
4615
|
-
this.setRefreshTokenCredential(cacheRecord.refreshToken);
|
|
4633
|
+
this.setRefreshTokenCredential(cacheRecord.refreshToken, correlationId);
|
|
4616
4634
|
}
|
|
4617
4635
|
if (!!cacheRecord.appMetadata) {
|
|
4618
|
-
this.setAppMetadata(cacheRecord.appMetadata);
|
|
4636
|
+
this.setAppMetadata(cacheRecord.appMetadata, correlationId);
|
|
4619
4637
|
}
|
|
4620
4638
|
}
|
|
4621
4639
|
catch (e) {
|
|
4622
4640
|
this.commonLogger?.error(`CacheManager.saveCacheRecord: failed`);
|
|
4623
|
-
if (e instanceof
|
|
4624
|
-
|
|
4625
|
-
if (e.name === "QuotaExceededError" ||
|
|
4626
|
-
e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
|
|
4627
|
-
e.message.includes("exceeded the quota")) {
|
|
4628
|
-
this.commonLogger?.error(`CacheManager.saveCacheRecord: exceeded storage quota`, correlationId);
|
|
4629
|
-
throw new CacheError(cacheQuotaExceededErrorCode);
|
|
4630
|
-
}
|
|
4631
|
-
else {
|
|
4632
|
-
throw new CacheError(e.name, e.message);
|
|
4633
|
-
}
|
|
4641
|
+
if (e instanceof AuthError) {
|
|
4642
|
+
throw e;
|
|
4634
4643
|
}
|
|
4635
4644
|
else {
|
|
4636
|
-
|
|
4637
|
-
throw new CacheError(cacheUnknownErrorCode);
|
|
4645
|
+
throw createCacheError(e);
|
|
4638
4646
|
}
|
|
4639
4647
|
}
|
|
4640
4648
|
}
|
|
@@ -4642,7 +4650,7 @@ class CacheManager {
|
|
|
4642
4650
|
* saves access token credential
|
|
4643
4651
|
* @param credential
|
|
4644
4652
|
*/
|
|
4645
|
-
async saveAccessToken(credential) {
|
|
4653
|
+
async saveAccessToken(credential, correlationId) {
|
|
4646
4654
|
const accessTokenFilter = {
|
|
4647
4655
|
clientId: credential.clientId,
|
|
4648
4656
|
credentialType: credential.credentialType,
|
|
@@ -4654,29 +4662,27 @@ class CacheManager {
|
|
|
4654
4662
|
};
|
|
4655
4663
|
const tokenKeys = this.getTokenKeys();
|
|
4656
4664
|
const currentScopes = ScopeSet.fromString(credential.target);
|
|
4657
|
-
const removedAccessTokens = [];
|
|
4658
4665
|
tokenKeys.accessToken.forEach((key) => {
|
|
4659
4666
|
if (!this.accessTokenKeyMatchesFilter(key, accessTokenFilter, false)) {
|
|
4660
4667
|
return;
|
|
4661
4668
|
}
|
|
4662
|
-
const tokenEntity = this.getAccessTokenCredential(key);
|
|
4669
|
+
const tokenEntity = this.getAccessTokenCredential(key, correlationId);
|
|
4663
4670
|
if (tokenEntity &&
|
|
4664
4671
|
this.credentialMatchesFilter(tokenEntity, accessTokenFilter)) {
|
|
4665
4672
|
const tokenScopeSet = ScopeSet.fromString(tokenEntity.target);
|
|
4666
4673
|
if (tokenScopeSet.intersectingScopeSets(currentScopes)) {
|
|
4667
|
-
|
|
4674
|
+
this.removeAccessToken(key, correlationId);
|
|
4668
4675
|
}
|
|
4669
4676
|
}
|
|
4670
4677
|
});
|
|
4671
|
-
|
|
4672
|
-
this.setAccessTokenCredential(credential);
|
|
4678
|
+
this.setAccessTokenCredential(credential, correlationId);
|
|
4673
4679
|
}
|
|
4674
4680
|
/**
|
|
4675
4681
|
* Retrieve account entities matching all provided tenant-agnostic filters; if no filter is set, get all account entities in the cache
|
|
4676
4682
|
* Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared
|
|
4677
4683
|
* @param accountFilter - An object containing Account properties to filter by
|
|
4678
4684
|
*/
|
|
4679
|
-
getAccountsFilteredBy(accountFilter) {
|
|
4685
|
+
getAccountsFilteredBy(accountFilter, correlationId) {
|
|
4680
4686
|
const allAccountKeys = this.getAccountKeys();
|
|
4681
4687
|
const matchingAccounts = [];
|
|
4682
4688
|
allAccountKeys.forEach((cacheKey) => {
|
|
@@ -4684,7 +4690,7 @@ class CacheManager {
|
|
|
4684
4690
|
// Don't parse value if the key doesn't match the account filters
|
|
4685
4691
|
return;
|
|
4686
4692
|
}
|
|
4687
|
-
const entity = this.getAccount(cacheKey, this.commonLogger);
|
|
4693
|
+
const entity = this.getAccount(cacheKey, correlationId, this.commonLogger);
|
|
4688
4694
|
// Match base account fields
|
|
4689
4695
|
if (!entity) {
|
|
4690
4696
|
return;
|
|
@@ -4910,11 +4916,11 @@ class CacheManager {
|
|
|
4910
4916
|
/**
|
|
4911
4917
|
* Removes all accounts and related tokens from cache.
|
|
4912
4918
|
*/
|
|
4913
|
-
async removeAllAccounts() {
|
|
4919
|
+
async removeAllAccounts(correlationId) {
|
|
4914
4920
|
const allAccountKeys = this.getAccountKeys();
|
|
4915
4921
|
const removedAccounts = [];
|
|
4916
4922
|
allAccountKeys.forEach((cacheKey) => {
|
|
4917
|
-
removedAccounts.push(this.removeAccount(cacheKey));
|
|
4923
|
+
removedAccounts.push(this.removeAccount(cacheKey, correlationId));
|
|
4918
4924
|
});
|
|
4919
4925
|
await Promise.all(removedAccounts);
|
|
4920
4926
|
}
|
|
@@ -4922,38 +4928,41 @@ class CacheManager {
|
|
|
4922
4928
|
* Removes the account and related tokens for a given account key
|
|
4923
4929
|
* @param account
|
|
4924
4930
|
*/
|
|
4925
|
-
async removeAccount(accountKey) {
|
|
4926
|
-
const account = this.getAccount(accountKey, this.commonLogger);
|
|
4931
|
+
async removeAccount(accountKey, correlationId) {
|
|
4932
|
+
const account = this.getAccount(accountKey, correlationId, this.commonLogger);
|
|
4927
4933
|
if (!account) {
|
|
4928
4934
|
return;
|
|
4929
4935
|
}
|
|
4930
|
-
await this.removeAccountContext(account);
|
|
4931
|
-
this.removeItem(accountKey);
|
|
4936
|
+
await this.removeAccountContext(account, correlationId);
|
|
4937
|
+
this.removeItem(accountKey, correlationId);
|
|
4932
4938
|
}
|
|
4933
4939
|
/**
|
|
4934
4940
|
* Removes credentials associated with the provided account
|
|
4935
4941
|
* @param account
|
|
4936
4942
|
*/
|
|
4937
|
-
async removeAccountContext(account) {
|
|
4943
|
+
async removeAccountContext(account, correlationId) {
|
|
4938
4944
|
const allTokenKeys = this.getTokenKeys();
|
|
4939
4945
|
const accountId = account.generateAccountId();
|
|
4940
|
-
const removedCredentials = [];
|
|
4941
4946
|
allTokenKeys.idToken.forEach((key) => {
|
|
4942
4947
|
if (key.indexOf(accountId) === 0) {
|
|
4943
|
-
this.removeIdToken(key);
|
|
4948
|
+
this.removeIdToken(key, correlationId);
|
|
4944
4949
|
}
|
|
4945
4950
|
});
|
|
4946
4951
|
allTokenKeys.accessToken.forEach((key) => {
|
|
4947
4952
|
if (key.indexOf(accountId) === 0) {
|
|
4948
|
-
|
|
4953
|
+
this.removeAccessToken(key, correlationId);
|
|
4949
4954
|
}
|
|
4950
4955
|
});
|
|
4951
4956
|
allTokenKeys.refreshToken.forEach((key) => {
|
|
4952
4957
|
if (key.indexOf(accountId) === 0) {
|
|
4953
|
-
this.removeRefreshToken(key);
|
|
4958
|
+
this.removeRefreshToken(key, correlationId);
|
|
4959
|
+
}
|
|
4960
|
+
});
|
|
4961
|
+
this.getKeys().forEach((key) => {
|
|
4962
|
+
if (key.includes(accountId)) {
|
|
4963
|
+
this.removeItem(key, correlationId);
|
|
4954
4964
|
}
|
|
4955
4965
|
});
|
|
4956
|
-
await Promise.all(removedCredentials);
|
|
4957
4966
|
}
|
|
4958
4967
|
/**
|
|
4959
4968
|
* Migrates a single-tenant account and all it's associated alternate cross-tenant account objects in the
|
|
@@ -4963,7 +4972,7 @@ class CacheManager {
|
|
|
4963
4972
|
* @param logger
|
|
4964
4973
|
* @returns
|
|
4965
4974
|
*/
|
|
4966
|
-
updateOutdatedCachedAccount(accountKey, accountEntity, logger) {
|
|
4975
|
+
updateOutdatedCachedAccount(accountKey, accountEntity, correlationId, logger) {
|
|
4967
4976
|
// Only update if account entity is defined and has no tenantProfiles object (is outdated)
|
|
4968
4977
|
if (accountEntity && accountEntity.isSingleTenant()) {
|
|
4969
4978
|
this.commonLogger?.verbose("updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity");
|
|
@@ -4974,7 +4983,7 @@ class CacheManager {
|
|
|
4974
4983
|
// Get all account entities belonging to user
|
|
4975
4984
|
const accountsToMerge = [];
|
|
4976
4985
|
matchingAccountKeys.forEach((key) => {
|
|
4977
|
-
const account = this.getCachedAccountEntity(key);
|
|
4986
|
+
const account = this.getCachedAccountEntity(key, correlationId);
|
|
4978
4987
|
if (account) {
|
|
4979
4988
|
accountsToMerge.push(account);
|
|
4980
4989
|
}
|
|
@@ -4999,11 +5008,11 @@ class CacheManager {
|
|
|
4999
5008
|
// Clear cache of legacy account objects that have been collpsed into tenant profiles
|
|
5000
5009
|
matchingAccountKeys.forEach((key) => {
|
|
5001
5010
|
if (key !== newAccountKey) {
|
|
5002
|
-
this.removeOutdatedAccount(accountKey);
|
|
5011
|
+
this.removeOutdatedAccount(accountKey, correlationId);
|
|
5003
5012
|
}
|
|
5004
5013
|
});
|
|
5005
5014
|
// Cache updated account object
|
|
5006
|
-
this.setAccount(updatedAccount);
|
|
5015
|
+
this.setAccount(updatedAccount, correlationId);
|
|
5007
5016
|
logger?.verbose("Updated an outdated account entity in the cache");
|
|
5008
5017
|
return updatedAccount;
|
|
5009
5018
|
}
|
|
@@ -5014,37 +5023,31 @@ class CacheManager {
|
|
|
5014
5023
|
* returns a boolean if the given credential is removed
|
|
5015
5024
|
* @param credential
|
|
5016
5025
|
*/
|
|
5017
|
-
|
|
5018
|
-
const credential = this.getAccessTokenCredential(key);
|
|
5019
|
-
|
|
5026
|
+
removeAccessToken(key, correlationId) {
|
|
5027
|
+
const credential = this.getAccessTokenCredential(key, correlationId);
|
|
5028
|
+
this.removeItem(key, correlationId);
|
|
5029
|
+
if (!credential ||
|
|
5030
|
+
credential.credentialType.toLowerCase() !==
|
|
5031
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
|
|
5032
|
+
credential.tokenType !== AuthenticationScheme.POP) {
|
|
5020
5033
|
return;
|
|
5021
5034
|
}
|
|
5022
5035
|
// Remove Token Binding Key from key store for PoP Tokens Credentials
|
|
5023
|
-
|
|
5024
|
-
|
|
5025
|
-
|
|
5026
|
-
|
|
5027
|
-
|
|
5028
|
-
if (kid) {
|
|
5029
|
-
try {
|
|
5030
|
-
await this.cryptoImpl.removeTokenBindingKey(kid);
|
|
5031
|
-
}
|
|
5032
|
-
catch (error) {
|
|
5033
|
-
throw createClientAuthError(bindingKeyNotRemoved);
|
|
5034
|
-
}
|
|
5035
|
-
}
|
|
5036
|
-
}
|
|
5036
|
+
const kid = credential.keyId;
|
|
5037
|
+
if (kid) {
|
|
5038
|
+
void this.cryptoImpl.removeTokenBindingKey(kid).catch(() => {
|
|
5039
|
+
this.commonLogger.error("Binding key could not be removed");
|
|
5040
|
+
});
|
|
5037
5041
|
}
|
|
5038
|
-
return this.removeItem(key);
|
|
5039
5042
|
}
|
|
5040
5043
|
/**
|
|
5041
5044
|
* Removes all app metadata objects from cache.
|
|
5042
5045
|
*/
|
|
5043
|
-
removeAppMetadata() {
|
|
5046
|
+
removeAppMetadata(correlationId) {
|
|
5044
5047
|
const allCacheKeys = this.getKeys();
|
|
5045
5048
|
allCacheKeys.forEach((cacheKey) => {
|
|
5046
5049
|
if (this.isAppMetadata(cacheKey)) {
|
|
5047
|
-
this.removeItem(cacheKey);
|
|
5050
|
+
this.removeItem(cacheKey, correlationId);
|
|
5048
5051
|
}
|
|
5049
5052
|
});
|
|
5050
5053
|
return true;
|
|
@@ -5053,9 +5056,9 @@ class CacheManager {
|
|
|
5053
5056
|
* Retrieve AccountEntity from cache
|
|
5054
5057
|
* @param account
|
|
5055
5058
|
*/
|
|
5056
|
-
readAccountFromCache(account) {
|
|
5059
|
+
readAccountFromCache(account, correlationId) {
|
|
5057
5060
|
const accountKey = AccountEntity.generateAccountCacheKey(account);
|
|
5058
|
-
return this.getAccount(accountKey, this.commonLogger);
|
|
5061
|
+
return this.getAccount(accountKey, correlationId, this.commonLogger);
|
|
5059
5062
|
}
|
|
5060
5063
|
/**
|
|
5061
5064
|
* Retrieve IdTokenEntity from cache
|
|
@@ -5065,7 +5068,7 @@ class CacheManager {
|
|
|
5065
5068
|
* @param performanceClient {?IPerformanceClient}
|
|
5066
5069
|
* @param correlationId {?string}
|
|
5067
5070
|
*/
|
|
5068
|
-
getIdToken(account, tokenKeys, targetRealm, performanceClient
|
|
5071
|
+
getIdToken(account, correlationId, tokenKeys, targetRealm, performanceClient) {
|
|
5069
5072
|
this.commonLogger.trace("CacheManager - getIdToken called");
|
|
5070
5073
|
const idTokenFilter = {
|
|
5071
5074
|
homeAccountId: account.homeAccountId,
|
|
@@ -5074,7 +5077,7 @@ class CacheManager {
|
|
|
5074
5077
|
clientId: this.clientId,
|
|
5075
5078
|
realm: targetRealm,
|
|
5076
5079
|
};
|
|
5077
|
-
const idTokenMap = this.getIdTokensByFilter(idTokenFilter, tokenKeys);
|
|
5080
|
+
const idTokenMap = this.getIdTokensByFilter(idTokenFilter, correlationId, tokenKeys);
|
|
5078
5081
|
const numIdTokens = idTokenMap.size;
|
|
5079
5082
|
if (numIdTokens < 1) {
|
|
5080
5083
|
this.commonLogger.info("CacheManager:getIdToken - No token found");
|
|
@@ -5107,7 +5110,7 @@ class CacheManager {
|
|
|
5107
5110
|
// Multiple tokens for a single tenant profile, remove all and return null
|
|
5108
5111
|
this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them");
|
|
5109
5112
|
tokensToBeRemoved.forEach((idToken, key) => {
|
|
5110
|
-
this.removeIdToken(key);
|
|
5113
|
+
this.removeIdToken(key, correlationId);
|
|
5111
5114
|
});
|
|
5112
5115
|
if (performanceClient && correlationId) {
|
|
5113
5116
|
performanceClient.addFields({ multiMatchedID: idTokenMap.size }, correlationId);
|
|
@@ -5122,7 +5125,7 @@ class CacheManager {
|
|
|
5122
5125
|
* @param filter
|
|
5123
5126
|
* @returns
|
|
5124
5127
|
*/
|
|
5125
|
-
getIdTokensByFilter(filter, tokenKeys) {
|
|
5128
|
+
getIdTokensByFilter(filter, correlationId, tokenKeys) {
|
|
5126
5129
|
const idTokenKeys = (tokenKeys && tokenKeys.idToken) || this.getTokenKeys().idToken;
|
|
5127
5130
|
const idTokens = new Map();
|
|
5128
5131
|
idTokenKeys.forEach((key) => {
|
|
@@ -5132,7 +5135,7 @@ class CacheManager {
|
|
|
5132
5135
|
})) {
|
|
5133
5136
|
return;
|
|
5134
5137
|
}
|
|
5135
|
-
const idToken = this.getIdTokenCredential(key);
|
|
5138
|
+
const idToken = this.getIdTokenCredential(key, correlationId);
|
|
5136
5139
|
if (idToken && this.credentialMatchesFilter(idToken, filter)) {
|
|
5137
5140
|
idTokens.set(key, idToken);
|
|
5138
5141
|
}
|
|
@@ -5161,15 +5164,15 @@ class CacheManager {
|
|
|
5161
5164
|
* Removes idToken from the cache
|
|
5162
5165
|
* @param key
|
|
5163
5166
|
*/
|
|
5164
|
-
removeIdToken(key) {
|
|
5165
|
-
this.removeItem(key);
|
|
5167
|
+
removeIdToken(key, correlationId) {
|
|
5168
|
+
this.removeItem(key, correlationId);
|
|
5166
5169
|
}
|
|
5167
5170
|
/**
|
|
5168
5171
|
* Removes refresh token from the cache
|
|
5169
5172
|
* @param key
|
|
5170
5173
|
*/
|
|
5171
|
-
removeRefreshToken(key) {
|
|
5172
|
-
this.removeItem(key);
|
|
5174
|
+
removeRefreshToken(key, correlationId) {
|
|
5175
|
+
this.removeItem(key, correlationId);
|
|
5173
5176
|
}
|
|
5174
5177
|
/**
|
|
5175
5178
|
* Retrieve AccessTokenEntity from cache
|
|
@@ -5179,7 +5182,7 @@ class CacheManager {
|
|
|
5179
5182
|
* @param performanceClient {?IPerformanceClient}
|
|
5180
5183
|
* @param correlationId {?string}
|
|
5181
5184
|
*/
|
|
5182
|
-
getAccessToken(account, request, tokenKeys, targetRealm, performanceClient
|
|
5185
|
+
getAccessToken(account, request, tokenKeys, targetRealm, performanceClient) {
|
|
5183
5186
|
this.commonLogger.trace("CacheManager - getAccessToken called");
|
|
5184
5187
|
const scopes = ScopeSet.createSearchScopes(request.scopes);
|
|
5185
5188
|
const authScheme = request.authenticationScheme || AuthenticationScheme.BEARER;
|
|
@@ -5209,7 +5212,7 @@ class CacheManager {
|
|
|
5209
5212
|
accessTokenKeys.forEach((key) => {
|
|
5210
5213
|
// Validate key
|
|
5211
5214
|
if (this.accessTokenKeyMatchesFilter(key, accessTokenFilter, true)) {
|
|
5212
|
-
const accessToken = this.getAccessTokenCredential(key);
|
|
5215
|
+
const accessToken = this.getAccessTokenCredential(key, request.correlationId);
|
|
5213
5216
|
// Validate value
|
|
5214
5217
|
if (accessToken &&
|
|
5215
5218
|
this.credentialMatchesFilter(accessToken, accessTokenFilter)) {
|
|
@@ -5225,10 +5228,10 @@ class CacheManager {
|
|
|
5225
5228
|
else if (numAccessTokens > 1) {
|
|
5226
5229
|
this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them");
|
|
5227
5230
|
accessTokens.forEach((accessToken) => {
|
|
5228
|
-
void this.removeAccessToken(generateCredentialKey(accessToken));
|
|
5231
|
+
void this.removeAccessToken(generateCredentialKey(accessToken), request.correlationId);
|
|
5229
5232
|
});
|
|
5230
|
-
if (performanceClient && correlationId) {
|
|
5231
|
-
performanceClient.addFields({ multiMatchedAT: accessTokens.length }, correlationId);
|
|
5233
|
+
if (performanceClient && request.correlationId) {
|
|
5234
|
+
performanceClient.addFields({ multiMatchedAT: accessTokens.length }, request.correlationId);
|
|
5232
5235
|
}
|
|
5233
5236
|
return null;
|
|
5234
5237
|
}
|
|
@@ -5281,14 +5284,14 @@ class CacheManager {
|
|
|
5281
5284
|
* @param filter
|
|
5282
5285
|
* @returns
|
|
5283
5286
|
*/
|
|
5284
|
-
getAccessTokensByFilter(filter) {
|
|
5287
|
+
getAccessTokensByFilter(filter, correlationId) {
|
|
5285
5288
|
const tokenKeys = this.getTokenKeys();
|
|
5286
5289
|
const accessTokens = [];
|
|
5287
5290
|
tokenKeys.accessToken.forEach((key) => {
|
|
5288
5291
|
if (!this.accessTokenKeyMatchesFilter(key, filter, true)) {
|
|
5289
5292
|
return;
|
|
5290
5293
|
}
|
|
5291
|
-
const accessToken = this.getAccessTokenCredential(key);
|
|
5294
|
+
const accessToken = this.getAccessTokenCredential(key, correlationId);
|
|
5292
5295
|
if (accessToken &&
|
|
5293
5296
|
this.credentialMatchesFilter(accessToken, filter)) {
|
|
5294
5297
|
accessTokens.push(accessToken);
|
|
@@ -5304,7 +5307,7 @@ class CacheManager {
|
|
|
5304
5307
|
* @param performanceClient {?IPerformanceClient}
|
|
5305
5308
|
* @param correlationId {?string}
|
|
5306
5309
|
*/
|
|
5307
|
-
getRefreshToken(account, familyRT, tokenKeys, performanceClient
|
|
5310
|
+
getRefreshToken(account, familyRT, correlationId, tokenKeys, performanceClient) {
|
|
5308
5311
|
this.commonLogger.trace("CacheManager - getRefreshToken called");
|
|
5309
5312
|
const id = familyRT ? THE_FAMILY_ID : undefined;
|
|
5310
5313
|
const refreshTokenFilter = {
|
|
@@ -5320,7 +5323,7 @@ class CacheManager {
|
|
|
5320
5323
|
refreshTokenKeys.forEach((key) => {
|
|
5321
5324
|
// Validate key
|
|
5322
5325
|
if (this.refreshTokenKeyMatchesFilter(key, refreshTokenFilter)) {
|
|
5323
|
-
const refreshToken = this.getRefreshTokenCredential(key);
|
|
5326
|
+
const refreshToken = this.getRefreshTokenCredential(key, correlationId);
|
|
5324
5327
|
// Validate value
|
|
5325
5328
|
if (refreshToken &&
|
|
5326
5329
|
this.credentialMatchesFilter(refreshToken, refreshTokenFilter)) {
|
|
@@ -6291,12 +6294,12 @@ class ThrottlingUtils {
|
|
|
6291
6294
|
* @param cacheManager
|
|
6292
6295
|
* @param thumbprint
|
|
6293
6296
|
*/
|
|
6294
|
-
static preProcess(cacheManager, thumbprint) {
|
|
6297
|
+
static preProcess(cacheManager, thumbprint, correlationId) {
|
|
6295
6298
|
const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
|
|
6296
6299
|
const value = cacheManager.getThrottlingCache(key);
|
|
6297
6300
|
if (value) {
|
|
6298
6301
|
if (value.throttleTime < Date.now()) {
|
|
6299
|
-
cacheManager.removeItem(key);
|
|
6302
|
+
cacheManager.removeItem(key, correlationId);
|
|
6300
6303
|
return;
|
|
6301
6304
|
}
|
|
6302
6305
|
throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
|
|
@@ -6308,7 +6311,7 @@ class ThrottlingUtils {
|
|
|
6308
6311
|
* @param thumbprint
|
|
6309
6312
|
* @param response
|
|
6310
6313
|
*/
|
|
6311
|
-
static postProcess(cacheManager, thumbprint, response) {
|
|
6314
|
+
static postProcess(cacheManager, thumbprint, response, correlationId) {
|
|
6312
6315
|
if (ThrottlingUtils.checkResponseStatus(response) ||
|
|
6313
6316
|
ThrottlingUtils.checkResponseForRetryAfter(response)) {
|
|
6314
6317
|
const thumbprintValue = {
|
|
@@ -6318,7 +6321,7 @@ class ThrottlingUtils {
|
|
|
6318
6321
|
errorMessage: response.body.error_description,
|
|
6319
6322
|
subError: response.body.suberror,
|
|
6320
6323
|
};
|
|
6321
|
-
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
|
|
6324
|
+
cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue, correlationId);
|
|
6322
6325
|
}
|
|
6323
6326
|
}
|
|
6324
6327
|
/**
|
|
@@ -6365,7 +6368,7 @@ class ThrottlingUtils {
|
|
|
6365
6368
|
sshKid: request.sshKid,
|
|
6366
6369
|
};
|
|
6367
6370
|
const key = this.generateThrottlingStorageKey(thumbprint);
|
|
6368
|
-
cacheManager.removeItem(key);
|
|
6371
|
+
cacheManager.removeItem(key, request.correlationId);
|
|
6369
6372
|
}
|
|
6370
6373
|
}
|
|
6371
6374
|
|
|
@@ -6477,7 +6480,7 @@ class BaseClient {
|
|
|
6477
6480
|
* @param correlationId - CorrelationId for telemetry
|
|
6478
6481
|
*/
|
|
6479
6482
|
async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
|
|
6480
|
-
ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
|
|
6483
|
+
ThrottlingUtils.preProcess(this.cacheManager, thumbprint, correlationId);
|
|
6481
6484
|
let response;
|
|
6482
6485
|
try {
|
|
6483
6486
|
response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
|
|
@@ -6512,7 +6515,7 @@ class BaseClient {
|
|
|
6512
6515
|
throw createClientAuthError(networkError);
|
|
6513
6516
|
}
|
|
6514
6517
|
}
|
|
6515
|
-
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
|
|
6518
|
+
ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response, correlationId);
|
|
6516
6519
|
return response;
|
|
6517
6520
|
}
|
|
6518
6521
|
/**
|
|
@@ -6992,13 +6995,13 @@ class ResponseHandler {
|
|
|
6992
6995
|
!forceCacheRefreshTokenResponse &&
|
|
6993
6996
|
cacheRecord.account) {
|
|
6994
6997
|
const key = cacheRecord.account.generateAccountKey();
|
|
6995
|
-
const account = this.cacheStorage.getAccount(key, this.logger);
|
|
6998
|
+
const account = this.cacheStorage.getAccount(key, request.correlationId, this.logger);
|
|
6996
6999
|
if (!account) {
|
|
6997
7000
|
this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache");
|
|
6998
7001
|
return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
|
|
6999
7002
|
}
|
|
7000
7003
|
}
|
|
7001
|
-
await this.cacheStorage.saveCacheRecord(cacheRecord, request.
|
|
7004
|
+
await this.cacheStorage.saveCacheRecord(cacheRecord, request.correlationId, request.storeInCache);
|
|
7002
7005
|
}
|
|
7003
7006
|
finally {
|
|
7004
7007
|
if (this.persistencePlugin &&
|
|
@@ -7027,7 +7030,7 @@ class ResponseHandler {
|
|
|
7027
7030
|
let cachedAccount;
|
|
7028
7031
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
7029
7032
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
7030
|
-
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
7033
|
+
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
7031
7034
|
this.logger);
|
|
7032
7035
|
}
|
|
7033
7036
|
// AccessToken
|
|
@@ -7175,7 +7178,7 @@ class ResponseHandler {
|
|
|
7175
7178
|
};
|
|
7176
7179
|
}
|
|
7177
7180
|
}
|
|
7178
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
7181
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
7179
7182
|
logger?.verbose("setCachedAccount called");
|
|
7180
7183
|
// Check if base account is already cached
|
|
7181
7184
|
const accountKeys = cacheStorage.getAccountKeys();
|
|
@@ -7184,7 +7187,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7184
7187
|
});
|
|
7185
7188
|
let cachedAccount = null;
|
|
7186
7189
|
if (baseAccountKey) {
|
|
7187
|
-
cachedAccount = cacheStorage.getAccount(baseAccountKey, logger);
|
|
7190
|
+
cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId, logger);
|
|
7188
7191
|
}
|
|
7189
7192
|
const baseAccount = cachedAccount ||
|
|
7190
7193
|
AccountEntity.createAccount({
|
|
@@ -7742,7 +7745,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7742
7745
|
async acquireTokenWithCachedRefreshToken(request, foci) {
|
|
7743
7746
|
this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
|
|
7744
7747
|
// fetches family RT or application RT based on FOCI value
|
|
7745
|
-
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, undefined, this.performanceClient
|
|
7748
|
+
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
|
|
7746
7749
|
if (!refreshToken) {
|
|
7747
7750
|
throw createInteractionRequiredAuthError(noTokensFound);
|
|
7748
7751
|
}
|
|
@@ -7770,7 +7773,7 @@ class RefreshTokenClient extends BaseClient {
|
|
|
7770
7773
|
// Remove bad refresh token from cache
|
|
7771
7774
|
this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
|
|
7772
7775
|
const badRefreshTokenKey = generateCredentialKey(refreshToken);
|
|
7773
|
-
this.cacheManager.removeRefreshToken(badRefreshTokenKey);
|
|
7776
|
+
this.cacheManager.removeRefreshToken(badRefreshTokenKey, request.correlationId);
|
|
7774
7777
|
}
|
|
7775
7778
|
throw e;
|
|
7776
7779
|
}
|
|
@@ -7957,7 +7960,7 @@ class SilentFlowClient extends BaseClient {
|
|
|
7957
7960
|
const requestTenantId = request.account.tenantId ||
|
|
7958
7961
|
getTenantFromAuthorityString(request.authority);
|
|
7959
7962
|
const tokenKeys = this.cacheManager.getTokenKeys();
|
|
7960
|
-
const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId, this.performanceClient
|
|
7963
|
+
const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId, this.performanceClient);
|
|
7961
7964
|
if (!cachedAccessToken) {
|
|
7962
7965
|
// must refresh due to non-existent access_token
|
|
7963
7966
|
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
@@ -7977,9 +7980,9 @@ class SilentFlowClient extends BaseClient {
|
|
|
7977
7980
|
}
|
|
7978
7981
|
const environment = request.authority || this.authority.getPreferredCache();
|
|
7979
7982
|
const cacheRecord = {
|
|
7980
|
-
account: this.cacheManager.readAccountFromCache(request.account),
|
|
7983
|
+
account: this.cacheManager.readAccountFromCache(request.account, request.correlationId),
|
|
7981
7984
|
accessToken: cachedAccessToken,
|
|
7982
|
-
idToken: this.cacheManager.getIdToken(request.account, tokenKeys, requestTenantId, this.performanceClient
|
|
7985
|
+
idToken: this.cacheManager.getIdToken(request.account, request.correlationId, tokenKeys, requestTenantId, this.performanceClient),
|
|
7983
7986
|
refreshToken: null,
|
|
7984
7987
|
appMetadata: this.cacheManager.readAppMetadataFromCache(environment),
|
|
7985
7988
|
};
|
|
@@ -8229,7 +8232,7 @@ class ServerTelemetryManager {
|
|
|
8229
8232
|
else {
|
|
8230
8233
|
lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);
|
|
8231
8234
|
}
|
|
8232
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8235
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8233
8236
|
return;
|
|
8234
8237
|
}
|
|
8235
8238
|
/**
|
|
@@ -8238,7 +8241,7 @@ class ServerTelemetryManager {
|
|
|
8238
8241
|
incrementCacheHits() {
|
|
8239
8242
|
const lastRequests = this.getLastRequests();
|
|
8240
8243
|
lastRequests.cacheHits += 1;
|
|
8241
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8244
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8242
8245
|
return lastRequests.cacheHits;
|
|
8243
8246
|
}
|
|
8244
8247
|
/**
|
|
@@ -8262,7 +8265,7 @@ class ServerTelemetryManager {
|
|
|
8262
8265
|
const errorCount = lastRequests.errors.length;
|
|
8263
8266
|
if (numErrorsFlushed === errorCount) {
|
|
8264
8267
|
// All errors were sent on last request, clear Telemetry cache
|
|
8265
|
-
this.cacheManager.removeItem(this.telemetryCacheKey);
|
|
8268
|
+
this.cacheManager.removeItem(this.telemetryCacheKey, this.correlationId);
|
|
8266
8269
|
}
|
|
8267
8270
|
else {
|
|
8268
8271
|
// Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed
|
|
@@ -8271,7 +8274,7 @@ class ServerTelemetryManager {
|
|
|
8271
8274
|
errors: lastRequests.errors.slice(numErrorsFlushed),
|
|
8272
8275
|
cacheHits: 0,
|
|
8273
8276
|
};
|
|
8274
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity);
|
|
8277
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity, this.correlationId);
|
|
8275
8278
|
}
|
|
8276
8279
|
}
|
|
8277
8280
|
/**
|
|
@@ -8338,7 +8341,7 @@ class ServerTelemetryManager {
|
|
|
8338
8341
|
setNativeBrokerErrorCode(errorCode) {
|
|
8339
8342
|
const lastRequests = this.getLastRequests();
|
|
8340
8343
|
lastRequests.nativeBrokerErrorCode = errorCode;
|
|
8341
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8344
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8342
8345
|
}
|
|
8343
8346
|
getNativeBrokerErrorCode() {
|
|
8344
8347
|
return this.getLastRequests().nativeBrokerErrorCode;
|
|
@@ -8346,7 +8349,7 @@ class ServerTelemetryManager {
|
|
|
8346
8349
|
clearNativeBrokerErrorCode() {
|
|
8347
8350
|
const lastRequests = this.getLastRequests();
|
|
8348
8351
|
delete lastRequests.nativeBrokerErrorCode;
|
|
8349
|
-
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
|
|
8352
|
+
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
|
|
8350
8353
|
}
|
|
8351
8354
|
static makeExtraSkuString(params) {
|
|
8352
8355
|
return makeExtraSkuString(params);
|
|
@@ -8437,6 +8440,7 @@ exports.buildClientInfoFromHomeAccountId = buildClientInfoFromHomeAccountId;
|
|
|
8437
8440
|
exports.buildStaticAuthorityOptions = buildStaticAuthorityOptions;
|
|
8438
8441
|
exports.buildTenantProfile = buildTenantProfile;
|
|
8439
8442
|
exports.createAuthError = createAuthError;
|
|
8443
|
+
exports.createCacheError = createCacheError;
|
|
8440
8444
|
exports.createClientAuthError = createClientAuthError;
|
|
8441
8445
|
exports.createClientConfigurationError = createClientConfigurationError;
|
|
8442
8446
|
exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
|
|
@@ -8449,4 +8453,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
8449
8453
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
8450
8454
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
8451
8455
|
exports.version = version;
|
|
8452
|
-
//# sourceMappingURL=index-node-
|
|
8456
|
+
//# sourceMappingURL=index-node-CebvEPer.js.map
|