@azure/msal-common 14.16.0 → 15.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/dist/cache/CacheManager.d.ts +15 -35
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +13 -77
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +5 -5
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +2 -2
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.d.ts +2 -2
- package/dist/error/ClientConfigurationError.mjs +6 -6
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +3 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-browser.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +4 -4
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +11 -2
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +21 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +0 -6
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +1 -7
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-C9XsExml.js → index-node-uiuRUOAe.js} +44 -94
- package/lib/index-node-uiuRUOAe.js.map +1 -0
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +1 -0
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +15 -35
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +5 -5
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +2 -2
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +11 -2
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +0 -6
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/cache/CacheManager.ts +44 -128
- package/src/cache/interface/ICacheManager.ts +14 -4
- package/src/client/AuthorizationCodeClient.ts +1 -1
- package/src/error/ClientConfigurationError.ts +5 -5
- package/src/error/ClientConfigurationErrorCodes.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/request/CommonAuthorizationUrlRequest.ts +1 -1
- package/src/response/ResponseHandler.ts +4 -4
- package/src/telemetry/performance/PerformanceEvent.ts +23 -2
- package/src/utils/Constants.ts +0 -6
- package/lib/index-node-C9XsExml.js.map +0 -1
|
@@ -36,7 +36,6 @@ import {
|
|
|
36
36
|
import {
|
|
37
37
|
AccountInfo,
|
|
38
38
|
TenantProfile,
|
|
39
|
-
tenantIdMatchesHomeTenant,
|
|
40
39
|
updateAccountTenantProfileData,
|
|
41
40
|
} from "../account/AccountInfo.js";
|
|
42
41
|
import { AppMetadataEntity } from "./entities/AppMetadataEntity.js";
|
|
@@ -87,21 +86,15 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
87
86
|
logger?: Logger
|
|
88
87
|
): AccountEntity | null;
|
|
89
88
|
|
|
90
|
-
/**
|
|
91
|
-
* Returns deserialized account if found in the cache, otherwiser returns null
|
|
92
|
-
*/
|
|
93
|
-
abstract getCachedAccountEntity(accountKey: string): AccountEntity | null;
|
|
94
|
-
|
|
95
89
|
/**
|
|
96
90
|
* set account entity in the platform cache
|
|
97
91
|
* @param account
|
|
92
|
+
* @param correlationId
|
|
98
93
|
*/
|
|
99
|
-
abstract setAccount(
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
*/
|
|
104
|
-
abstract removeOutdatedAccount(accountKey: string): void;
|
|
94
|
+
abstract setAccount(
|
|
95
|
+
account: AccountEntity,
|
|
96
|
+
correlationId: string
|
|
97
|
+
): Promise<void>;
|
|
105
98
|
|
|
106
99
|
/**
|
|
107
100
|
* fetch the idToken entity from the platform cache
|
|
@@ -112,8 +105,12 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
112
105
|
/**
|
|
113
106
|
* set idToken entity to the platform cache
|
|
114
107
|
* @param idToken
|
|
108
|
+
* @param correlationId
|
|
115
109
|
*/
|
|
116
|
-
abstract setIdTokenCredential(
|
|
110
|
+
abstract setIdTokenCredential(
|
|
111
|
+
idToken: IdTokenEntity,
|
|
112
|
+
correlationId: string
|
|
113
|
+
): Promise<void>;
|
|
117
114
|
|
|
118
115
|
/**
|
|
119
116
|
* fetch the idToken entity from the platform cache
|
|
@@ -124,10 +121,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
124
121
|
): AccessTokenEntity | null;
|
|
125
122
|
|
|
126
123
|
/**
|
|
127
|
-
* set
|
|
124
|
+
* set accessToken entity to the platform cache
|
|
128
125
|
* @param accessToken
|
|
126
|
+
* @param correlationId
|
|
129
127
|
*/
|
|
130
|
-
abstract setAccessTokenCredential(
|
|
128
|
+
abstract setAccessTokenCredential(
|
|
129
|
+
accessToken: AccessTokenEntity,
|
|
130
|
+
correlationId: string
|
|
131
|
+
): Promise<void>;
|
|
131
132
|
|
|
132
133
|
/**
|
|
133
134
|
* fetch the idToken entity from the platform cache
|
|
@@ -138,10 +139,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
138
139
|
): RefreshTokenEntity | null;
|
|
139
140
|
|
|
140
141
|
/**
|
|
141
|
-
* set
|
|
142
|
+
* set refreshToken entity to the platform cache
|
|
142
143
|
* @param refreshToken
|
|
144
|
+
* @param correlationId
|
|
143
145
|
*/
|
|
144
|
-
abstract setRefreshTokenCredential(
|
|
146
|
+
abstract setRefreshTokenCredential(
|
|
147
|
+
refreshToken: RefreshTokenEntity,
|
|
148
|
+
correlationId: string
|
|
149
|
+
): Promise<void>;
|
|
145
150
|
|
|
146
151
|
/**
|
|
147
152
|
* fetch appMetadata entity from the platform cache
|
|
@@ -233,14 +238,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
233
238
|
*/
|
|
234
239
|
abstract getTokenKeys(): TokenKeys;
|
|
235
240
|
|
|
236
|
-
/**
|
|
237
|
-
* Function which updates an outdated credential cache key
|
|
238
|
-
*/
|
|
239
|
-
abstract updateCredentialCacheKey(
|
|
240
|
-
currentCacheKey: string,
|
|
241
|
-
credential: ValidCredentialType
|
|
242
|
-
): string;
|
|
243
|
-
|
|
244
241
|
/**
|
|
245
242
|
* Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned.
|
|
246
243
|
* @param accountFilter - (Optional) filter to narrow down the accounts returned
|
|
@@ -493,8 +490,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
493
490
|
*/
|
|
494
491
|
async saveCacheRecord(
|
|
495
492
|
cacheRecord: CacheRecord,
|
|
496
|
-
|
|
497
|
-
|
|
493
|
+
correlationId: string,
|
|
494
|
+
storeInCache?: StoreInCache
|
|
498
495
|
): Promise<void> {
|
|
499
496
|
if (!cacheRecord) {
|
|
500
497
|
throw createClientAuthError(
|
|
@@ -504,25 +501,34 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
504
501
|
|
|
505
502
|
try {
|
|
506
503
|
if (!!cacheRecord.account) {
|
|
507
|
-
this.setAccount(cacheRecord.account);
|
|
504
|
+
await this.setAccount(cacheRecord.account, correlationId);
|
|
508
505
|
}
|
|
509
506
|
|
|
510
507
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
511
|
-
this.setIdTokenCredential(
|
|
508
|
+
await this.setIdTokenCredential(
|
|
509
|
+
cacheRecord.idToken,
|
|
510
|
+
correlationId
|
|
511
|
+
);
|
|
512
512
|
}
|
|
513
513
|
|
|
514
514
|
if (
|
|
515
515
|
!!cacheRecord.accessToken &&
|
|
516
516
|
storeInCache?.accessToken !== false
|
|
517
517
|
) {
|
|
518
|
-
await this.saveAccessToken(
|
|
518
|
+
await this.saveAccessToken(
|
|
519
|
+
cacheRecord.accessToken,
|
|
520
|
+
correlationId
|
|
521
|
+
);
|
|
519
522
|
}
|
|
520
523
|
|
|
521
524
|
if (
|
|
522
525
|
!!cacheRecord.refreshToken &&
|
|
523
526
|
storeInCache?.refreshToken !== false
|
|
524
527
|
) {
|
|
525
|
-
this.setRefreshTokenCredential(
|
|
528
|
+
await this.setRefreshTokenCredential(
|
|
529
|
+
cacheRecord.refreshToken,
|
|
530
|
+
correlationId
|
|
531
|
+
);
|
|
526
532
|
}
|
|
527
533
|
|
|
528
534
|
if (!!cacheRecord.appMetadata) {
|
|
@@ -566,7 +572,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
566
572
|
* @param credential
|
|
567
573
|
*/
|
|
568
574
|
private async saveAccessToken(
|
|
569
|
-
credential: AccessTokenEntity
|
|
575
|
+
credential: AccessTokenEntity,
|
|
576
|
+
correlationId: string
|
|
570
577
|
): Promise<void> {
|
|
571
578
|
const accessTokenFilter: CredentialFilter = {
|
|
572
579
|
clientId: credential.clientId,
|
|
@@ -602,7 +609,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
602
609
|
}
|
|
603
610
|
});
|
|
604
611
|
await Promise.all(removedAccessTokens);
|
|
605
|
-
this.setAccessTokenCredential(credential);
|
|
612
|
+
await this.setAccessTokenCredential(credential, correlationId);
|
|
606
613
|
}
|
|
607
614
|
|
|
608
615
|
/**
|
|
@@ -1006,88 +1013,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1006
1013
|
await Promise.all(removedCredentials);
|
|
1007
1014
|
}
|
|
1008
1015
|
|
|
1009
|
-
/**
|
|
1010
|
-
* Migrates a single-tenant account and all it's associated alternate cross-tenant account objects in the
|
|
1011
|
-
* cache into a condensed multi-tenant account object with tenant profiles.
|
|
1012
|
-
* @param accountKey
|
|
1013
|
-
* @param accountEntity
|
|
1014
|
-
* @param logger
|
|
1015
|
-
* @returns
|
|
1016
|
-
*/
|
|
1017
|
-
protected updateOutdatedCachedAccount(
|
|
1018
|
-
accountKey: string,
|
|
1019
|
-
accountEntity: AccountEntity | null,
|
|
1020
|
-
logger?: Logger
|
|
1021
|
-
): AccountEntity | null {
|
|
1022
|
-
// Only update if account entity is defined and has no tenantProfiles object (is outdated)
|
|
1023
|
-
if (accountEntity && accountEntity.isSingleTenant()) {
|
|
1024
|
-
this.commonLogger?.verbose(
|
|
1025
|
-
"updateOutdatedCachedAccount: Found a single-tenant (outdated) account entity in the cache, migrating to multi-tenant account entity"
|
|
1026
|
-
);
|
|
1027
|
-
|
|
1028
|
-
// Get keys of all accounts belonging to user
|
|
1029
|
-
const matchingAccountKeys = this.getAccountKeys().filter(
|
|
1030
|
-
(key: string) => {
|
|
1031
|
-
return key.startsWith(accountEntity.homeAccountId);
|
|
1032
|
-
}
|
|
1033
|
-
);
|
|
1034
|
-
|
|
1035
|
-
// Get all account entities belonging to user
|
|
1036
|
-
const accountsToMerge: AccountEntity[] = [];
|
|
1037
|
-
matchingAccountKeys.forEach((key: string) => {
|
|
1038
|
-
const account = this.getCachedAccountEntity(key);
|
|
1039
|
-
if (account) {
|
|
1040
|
-
accountsToMerge.push(account);
|
|
1041
|
-
}
|
|
1042
|
-
});
|
|
1043
|
-
|
|
1044
|
-
// Set base account to home account if available, any account if not
|
|
1045
|
-
const baseAccount =
|
|
1046
|
-
accountsToMerge.find((account) => {
|
|
1047
|
-
return tenantIdMatchesHomeTenant(
|
|
1048
|
-
account.realm,
|
|
1049
|
-
account.homeAccountId
|
|
1050
|
-
);
|
|
1051
|
-
}) || accountsToMerge[0];
|
|
1052
|
-
|
|
1053
|
-
// Populate tenant profiles built from each account entity belonging to the user
|
|
1054
|
-
baseAccount.tenantProfiles = accountsToMerge.map(
|
|
1055
|
-
(account: AccountEntity) => {
|
|
1056
|
-
return {
|
|
1057
|
-
tenantId: account.realm,
|
|
1058
|
-
localAccountId: account.localAccountId,
|
|
1059
|
-
name: account.name,
|
|
1060
|
-
isHomeTenant: tenantIdMatchesHomeTenant(
|
|
1061
|
-
account.realm,
|
|
1062
|
-
account.homeAccountId
|
|
1063
|
-
),
|
|
1064
|
-
};
|
|
1065
|
-
}
|
|
1066
|
-
);
|
|
1067
|
-
|
|
1068
|
-
const updatedAccount = CacheManager.toObject(new AccountEntity(), {
|
|
1069
|
-
...baseAccount,
|
|
1070
|
-
});
|
|
1071
|
-
|
|
1072
|
-
const newAccountKey = updatedAccount.generateAccountKey();
|
|
1073
|
-
|
|
1074
|
-
// Clear cache of legacy account objects that have been collpsed into tenant profiles
|
|
1075
|
-
matchingAccountKeys.forEach((key: string) => {
|
|
1076
|
-
if (key !== newAccountKey) {
|
|
1077
|
-
this.removeOutdatedAccount(accountKey);
|
|
1078
|
-
}
|
|
1079
|
-
});
|
|
1080
|
-
|
|
1081
|
-
// Cache updated account object
|
|
1082
|
-
this.setAccount(updatedAccount);
|
|
1083
|
-
logger?.verbose("Updated an outdated account entity in the cache");
|
|
1084
|
-
return updatedAccount;
|
|
1085
|
-
}
|
|
1086
|
-
|
|
1087
|
-
// No update is necessary
|
|
1088
|
-
return accountEntity;
|
|
1089
|
-
}
|
|
1090
|
-
|
|
1091
1016
|
/**
|
|
1092
1017
|
* returns a boolean if the given credential is removed
|
|
1093
1018
|
* @param credential
|
|
@@ -1934,28 +1859,25 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1934
1859
|
|
|
1935
1860
|
/** @internal */
|
|
1936
1861
|
export class DefaultStorageClass extends CacheManager {
|
|
1937
|
-
setAccount(): void {
|
|
1862
|
+
async setAccount(): Promise<void> {
|
|
1938
1863
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1939
1864
|
}
|
|
1940
1865
|
getAccount(): AccountEntity {
|
|
1941
1866
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1942
1867
|
}
|
|
1943
|
-
|
|
1944
|
-
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1945
|
-
}
|
|
1946
|
-
setIdTokenCredential(): void {
|
|
1868
|
+
async setIdTokenCredential(): Promise<void> {
|
|
1947
1869
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1948
1870
|
}
|
|
1949
1871
|
getIdTokenCredential(): IdTokenEntity {
|
|
1950
1872
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1951
1873
|
}
|
|
1952
|
-
setAccessTokenCredential(): void {
|
|
1874
|
+
async setAccessTokenCredential(): Promise<void> {
|
|
1953
1875
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1954
1876
|
}
|
|
1955
1877
|
getAccessTokenCredential(): AccessTokenEntity {
|
|
1956
1878
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1957
1879
|
}
|
|
1958
|
-
setRefreshTokenCredential(): void {
|
|
1880
|
+
async setRefreshTokenCredential(): Promise<void> {
|
|
1959
1881
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
1960
1882
|
}
|
|
1961
1883
|
getRefreshTokenCredential(): RefreshTokenEntity {
|
|
@@ -2000,10 +1922,4 @@ export class DefaultStorageClass extends CacheManager {
|
|
|
2000
1922
|
getTokenKeys(): TokenKeys {
|
|
2001
1923
|
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
2002
1924
|
}
|
|
2003
|
-
updateCredentialCacheKey(): string {
|
|
2004
|
-
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
2005
|
-
}
|
|
2006
|
-
removeOutdatedAccount(): void {
|
|
2007
|
-
throw createClientAuthError(ClientAuthErrorCodes.methodNotImplemented);
|
|
2008
|
-
}
|
|
2009
1925
|
}
|
|
@@ -27,7 +27,7 @@ export interface ICacheManager {
|
|
|
27
27
|
* set account entity in the platform cache
|
|
28
28
|
* @param account
|
|
29
29
|
*/
|
|
30
|
-
setAccount(account: AccountEntity): void
|
|
30
|
+
setAccount(account: AccountEntity, correlationId: string): Promise<void>;
|
|
31
31
|
|
|
32
32
|
/**
|
|
33
33
|
* Returns true if the given key matches our account key schema. Also matches homeAccountId and/or tenantId if provided
|
|
@@ -52,7 +52,10 @@ export interface ICacheManager {
|
|
|
52
52
|
* set idToken entity to the platform cache
|
|
53
53
|
* @param idToken
|
|
54
54
|
*/
|
|
55
|
-
setIdTokenCredential(
|
|
55
|
+
setIdTokenCredential(
|
|
56
|
+
idToken: IdTokenEntity,
|
|
57
|
+
correlationId: string
|
|
58
|
+
): Promise<void>;
|
|
56
59
|
|
|
57
60
|
/**
|
|
58
61
|
* fetch the idToken entity from the platform cache
|
|
@@ -64,7 +67,10 @@ export interface ICacheManager {
|
|
|
64
67
|
* set idToken entity to the platform cache
|
|
65
68
|
* @param accessToken
|
|
66
69
|
*/
|
|
67
|
-
setAccessTokenCredential(
|
|
70
|
+
setAccessTokenCredential(
|
|
71
|
+
accessToken: AccessTokenEntity,
|
|
72
|
+
correlationId: string
|
|
73
|
+
): Promise<void>;
|
|
68
74
|
|
|
69
75
|
/**
|
|
70
76
|
* fetch the idToken entity from the platform cache
|
|
@@ -78,7 +84,10 @@ export interface ICacheManager {
|
|
|
78
84
|
* set idToken entity to the platform cache
|
|
79
85
|
* @param refreshToken
|
|
80
86
|
*/
|
|
81
|
-
setRefreshTokenCredential(
|
|
87
|
+
setRefreshTokenCredential(
|
|
88
|
+
refreshToken: RefreshTokenEntity,
|
|
89
|
+
correlationId: string
|
|
90
|
+
): Promise<void>;
|
|
82
91
|
|
|
83
92
|
/**
|
|
84
93
|
* fetch appMetadata entity from the platform cache
|
|
@@ -167,6 +176,7 @@ export interface ICacheManager {
|
|
|
167
176
|
*/
|
|
168
177
|
saveCacheRecord(
|
|
169
178
|
cacheRecord: CacheRecord,
|
|
179
|
+
correlationId: string,
|
|
170
180
|
storeInCache?: StoreInCache
|
|
171
181
|
): Promise<void>;
|
|
172
182
|
|
|
@@ -694,7 +694,7 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
694
694
|
|
|
695
695
|
this.addExtraQueryParams(request, parameterBuilder);
|
|
696
696
|
|
|
697
|
-
if (request.
|
|
697
|
+
if (request.platformBroker) {
|
|
698
698
|
// signal ests that this is a WAM call
|
|
699
699
|
parameterBuilder.addNativeBroker();
|
|
700
700
|
|
|
@@ -47,8 +47,8 @@ export const ClientConfigurationErrorMessages = {
|
|
|
47
47
|
"Invalid authentication header provided",
|
|
48
48
|
[ClientConfigurationErrorCodes.cannotSetOIDCOptions]:
|
|
49
49
|
"Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
50
|
-
[ClientConfigurationErrorCodes.
|
|
51
|
-
"Cannot set
|
|
50
|
+
[ClientConfigurationErrorCodes.cannotAllowPlatformBroker]:
|
|
51
|
+
"Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
52
52
|
[ClientConfigurationErrorCodes.authorityMismatch]:
|
|
53
53
|
"Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
54
54
|
};
|
|
@@ -178,10 +178,10 @@ export const ClientConfigurationErrorMessage = {
|
|
|
178
178
|
ClientConfigurationErrorCodes.cannotSetOIDCOptions
|
|
179
179
|
],
|
|
180
180
|
},
|
|
181
|
-
|
|
182
|
-
code: ClientConfigurationErrorCodes.
|
|
181
|
+
cannotAllowPlatformBroker: {
|
|
182
|
+
code: ClientConfigurationErrorCodes.cannotAllowPlatformBroker,
|
|
183
183
|
desc: ClientConfigurationErrorMessages[
|
|
184
|
-
ClientConfigurationErrorCodes.
|
|
184
|
+
ClientConfigurationErrorCodes.cannotAllowPlatformBroker
|
|
185
185
|
],
|
|
186
186
|
},
|
|
187
187
|
authorityMismatch: {
|
|
@@ -24,5 +24,5 @@ export const missingNonceAuthenticationHeader =
|
|
|
24
24
|
"missing_nonce_authentication_header";
|
|
25
25
|
export const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
26
26
|
export const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
27
|
-
export const
|
|
27
|
+
export const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
28
28
|
export const authorityMismatch = "authority_mismatch";
|
package/src/packageMetadata.ts
CHANGED
|
@@ -376,7 +376,7 @@ export class ResponseHandler {
|
|
|
376
376
|
cacheRecord.account
|
|
377
377
|
) {
|
|
378
378
|
const key = cacheRecord.account.generateAccountKey();
|
|
379
|
-
const account = this.cacheStorage.getAccount(key
|
|
379
|
+
const account = this.cacheStorage.getAccount(key);
|
|
380
380
|
if (!account) {
|
|
381
381
|
this.logger.warning(
|
|
382
382
|
"Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"
|
|
@@ -396,8 +396,8 @@ export class ResponseHandler {
|
|
|
396
396
|
}
|
|
397
397
|
await this.cacheStorage.saveCacheRecord(
|
|
398
398
|
cacheRecord,
|
|
399
|
-
request.
|
|
400
|
-
request.
|
|
399
|
+
request.correlationId,
|
|
400
|
+
request.storeInCache
|
|
401
401
|
);
|
|
402
402
|
} finally {
|
|
403
403
|
if (
|
|
@@ -724,7 +724,7 @@ export function buildAccountToCache(
|
|
|
724
724
|
|
|
725
725
|
let cachedAccount: AccountEntity | null = null;
|
|
726
726
|
if (baseAccountKey) {
|
|
727
|
-
cachedAccount = cacheStorage.getAccount(baseAccountKey
|
|
727
|
+
cachedAccount = cacheStorage.getAccount(baseAccountKey);
|
|
728
728
|
}
|
|
729
729
|
|
|
730
730
|
const baseAccount =
|
|
@@ -190,6 +190,8 @@ export const PerformanceEvents = {
|
|
|
190
190
|
|
|
191
191
|
InitializeClientApplication: "initializeClientApplication",
|
|
192
192
|
|
|
193
|
+
InitializeCache: "initializeCache",
|
|
194
|
+
|
|
193
195
|
/**
|
|
194
196
|
* Helper function in SilentIframeClient class (msal-browser).
|
|
195
197
|
*/
|
|
@@ -297,6 +299,8 @@ export const PerformanceEvents = {
|
|
|
297
299
|
*/
|
|
298
300
|
ClearTokensAndKeysWithClaims: "clearTokensAndKeysWithClaims",
|
|
299
301
|
CacheManagerGetRefreshToken: "cacheManagerGetRefreshToken",
|
|
302
|
+
ImportExistingCache: "importExistingCache",
|
|
303
|
+
SetUserData: "setUserData",
|
|
300
304
|
|
|
301
305
|
/**
|
|
302
306
|
* Crypto Operations
|
|
@@ -306,6 +310,12 @@ export const PerformanceEvents = {
|
|
|
306
310
|
GenerateCodeChallengeFromVerifier: "generateCodeChallengeFromVerifier",
|
|
307
311
|
Sha256Digest: "sha256Digest",
|
|
308
312
|
GetRandomValues: "getRandomValues",
|
|
313
|
+
GenerateHKDF: "generateHKDF",
|
|
314
|
+
GenerateBaseKey: "generateBaseKey",
|
|
315
|
+
Base64Decode: "base64Decode",
|
|
316
|
+
UrlEncodeArr: "urlEncodeArr",
|
|
317
|
+
Encrypt: "encrypt",
|
|
318
|
+
Decrypt: "decrypt",
|
|
309
319
|
} as const;
|
|
310
320
|
export type PerformanceEvents =
|
|
311
321
|
(typeof PerformanceEvents)[keyof typeof PerformanceEvents];
|
|
@@ -394,6 +404,9 @@ export const PerformanceEventAbbreviations: ReadonlyMap<string, string> =
|
|
|
394
404
|
PerformanceEvents.InitializeClientApplication,
|
|
395
405
|
"InitClientApplication",
|
|
396
406
|
],
|
|
407
|
+
[PerformanceEvents.InitializeCache, "InitCache"],
|
|
408
|
+
[PerformanceEvents.ImportExistingCache, "importCache"],
|
|
409
|
+
[PerformanceEvents.SetUserData, "setUserData"],
|
|
397
410
|
[PerformanceEvents.SilentIframeClientTokenHelper, "SIClientTHelper"],
|
|
398
411
|
[
|
|
399
412
|
PerformanceEvents.SilentHandlerInitiateAuthRequest,
|
|
@@ -531,6 +544,12 @@ export const PerformanceEventAbbreviations: ReadonlyMap<string, string> =
|
|
|
531
544
|
],
|
|
532
545
|
[PerformanceEvents.Sha256Digest, "Sha256Digest"],
|
|
533
546
|
[PerformanceEvents.GetRandomValues, "GetRandomValues"],
|
|
547
|
+
[PerformanceEvents.GenerateHKDF, "genHKDF"],
|
|
548
|
+
[PerformanceEvents.GenerateBaseKey, "genBaseKey"],
|
|
549
|
+
[PerformanceEvents.Base64Decode, "b64Decode"],
|
|
550
|
+
[PerformanceEvents.UrlEncodeArr, "urlEncArr"],
|
|
551
|
+
[PerformanceEvents.Encrypt, "encrypt"],
|
|
552
|
+
[PerformanceEvents.Decrypt, "decrypt"],
|
|
534
553
|
]);
|
|
535
554
|
|
|
536
555
|
/**
|
|
@@ -805,9 +824,9 @@ export type PerformanceEvent = {
|
|
|
805
824
|
contentLengthHeader?: string;
|
|
806
825
|
|
|
807
826
|
/**
|
|
808
|
-
*
|
|
827
|
+
* Platform broker fields
|
|
809
828
|
*/
|
|
810
|
-
|
|
829
|
+
allowPlatformBroker?: boolean;
|
|
811
830
|
extensionInstalled?: boolean;
|
|
812
831
|
extensionHandshakeTimeoutMs?: number;
|
|
813
832
|
extensionHandshakeTimedOut?: boolean;
|
|
@@ -876,4 +895,6 @@ export const IntFields: ReadonlySet<string> = new Set([
|
|
|
876
895
|
"multiMatchedAT",
|
|
877
896
|
"multiMatchedID",
|
|
878
897
|
"multiMatchedRT",
|
|
898
|
+
"unencryptedCacheCount",
|
|
899
|
+
"encryptedCacheExpiredCount",
|
|
879
900
|
]);
|
package/src/utils/Constants.ts
CHANGED
|
@@ -113,12 +113,6 @@ export type HeaderNames = (typeof HeaderNames)[keyof typeof HeaderNames];
|
|
|
113
113
|
* Persistent cache keys MSAL which stay while user is logged in.
|
|
114
114
|
*/
|
|
115
115
|
export const PersistentCacheKeys = {
|
|
116
|
-
ID_TOKEN: "idtoken",
|
|
117
|
-
CLIENT_INFO: "client.info",
|
|
118
|
-
ADAL_ID_TOKEN: "adal.idtoken",
|
|
119
|
-
ERROR: "error",
|
|
120
|
-
ERROR_DESC: "error.description",
|
|
121
|
-
ACTIVE_ACCOUNT: "active-account", // Legacy active-account cache key, use new key instead
|
|
122
116
|
ACTIVE_ACCOUNT_FILTERS: "active-account-filters", // new cache entry for active_account for a more robust version for browser
|
|
123
117
|
} as const;
|
|
124
118
|
export type PersistentCacheKeys =
|