@azure/msal-common 15.11.0 → 15.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/BaseClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-browser.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/ScopeSet.d.ts.map +1 -1
- package/dist/request/ScopeSet.mjs +7 -3
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +7 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.d.ts +8 -0
- package/dist/utils/UrlUtils.d.ts.map +1 -1
- package/dist/utils/UrlUtils.mjs +54 -2
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-CtW_2rqJ.js → index-node-C8h2xZEM.js} +60 -4
- package/lib/index-node-C8h2xZEM.js.map +1 -0
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/request/ScopeSet.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +7 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/utils/UrlUtils.d.ts +8 -0
- package/lib/types/utils/UrlUtils.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/request/ScopeSet.ts +12 -2
- package/src/telemetry/performance/PerformanceEvent.ts +8 -0
- package/src/utils/UrlUtils.ts +60 -0
- package/lib/index-node-CtW_2rqJ.js.map +0 -1
|
@@ -13,4 +13,12 @@ export declare function getDeserializedResponse(responseString: string): Authori
|
|
|
13
13
|
* Utility to create a URL from the params map
|
|
14
14
|
*/
|
|
15
15
|
export declare function mapToQueryString(parameters: Map<string, string>, encodeExtraParams?: boolean, extraQueryParameters?: StringDict): string;
|
|
16
|
+
/**
|
|
17
|
+
* Normalizes URLs for comparison by removing hash, canonicalizing,
|
|
18
|
+
* and ensuring consistent URL encoding in query parameters.
|
|
19
|
+
* This fixes redirect loops when URLs contain encoded characters like apostrophes (%27).
|
|
20
|
+
* @param url - URL to normalize
|
|
21
|
+
* @returns Normalized URL string for comparison
|
|
22
|
+
*/
|
|
23
|
+
export declare function normalizeUrlForComparison(url: string): string;
|
|
16
24
|
//# sourceMappingURL=UrlUtils.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"UrlUtils.d.ts","sourceRoot":"","sources":["../../../src/utils/UrlUtils.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAKrE,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"UrlUtils.d.ts","sourceRoot":"","sources":["../../../src/utils/UrlUtils.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAKrE,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AA6B5C;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,cAAc,EAAE,MAAM,GAAG,MAAM,CAWtE;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,cAAc,EAAE,MAAM,GACvB,iBAAiB,GAAG,IAAI,CA4B1B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC5B,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,iBAAiB,GAAE,OAAc,EACjC,oBAAoB,CAAC,EAAE,UAAU,GAClC,MAAM,CAgBR;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAwB7D"}
|
package/package.json
CHANGED
package/src/packageMetadata.ts
CHANGED
package/src/request/ScopeSet.ts
CHANGED
|
@@ -12,7 +12,11 @@ import {
|
|
|
12
12
|
ClientAuthErrorCodes,
|
|
13
13
|
createClientAuthError,
|
|
14
14
|
} from "../error/ClientAuthError.js";
|
|
15
|
-
import {
|
|
15
|
+
import {
|
|
16
|
+
Constants,
|
|
17
|
+
OIDC_SCOPES,
|
|
18
|
+
OIDC_DEFAULT_SCOPES,
|
|
19
|
+
} from "../utils/Constants.js";
|
|
16
20
|
|
|
17
21
|
/**
|
|
18
22
|
* The ScopeSet class creates a set of scopes. Scopes are case-insensitive, unique values, so the Set object in JS makes
|
|
@@ -61,7 +65,13 @@ export class ScopeSet {
|
|
|
61
65
|
* @returns
|
|
62
66
|
*/
|
|
63
67
|
static createSearchScopes(inputScopeString: Array<string>): ScopeSet {
|
|
64
|
-
|
|
68
|
+
// Handle empty scopes by using default OIDC scopes for cache lookup
|
|
69
|
+
const scopesToUse =
|
|
70
|
+
inputScopeString && inputScopeString.length > 0
|
|
71
|
+
? inputScopeString
|
|
72
|
+
: [...OIDC_DEFAULT_SCOPES];
|
|
73
|
+
|
|
74
|
+
const scopeSet = new ScopeSet(scopesToUse);
|
|
65
75
|
if (!scopeSet.containsOnlyOIDCScopes()) {
|
|
66
76
|
scopeSet.removeOIDCScopes();
|
|
67
77
|
} else {
|
|
@@ -715,6 +715,14 @@ export type PerformanceEvent = {
|
|
|
715
715
|
*/
|
|
716
716
|
isNativeBroker?: boolean;
|
|
717
717
|
|
|
718
|
+
/**
|
|
719
|
+
* Platform-specific fields, when calling STS and/or broker for token requests
|
|
720
|
+
*/
|
|
721
|
+
isPlatformAuthorizeRequest?: boolean;
|
|
722
|
+
isPlatformBrokerRequest?: boolean;
|
|
723
|
+
brokerErrorName?: string;
|
|
724
|
+
brokerErrorCode?: string;
|
|
725
|
+
|
|
718
726
|
/**
|
|
719
727
|
* Request ID returned from the response
|
|
720
728
|
*
|
package/src/utils/UrlUtils.ts
CHANGED
|
@@ -9,6 +9,33 @@ import {
|
|
|
9
9
|
createClientAuthError,
|
|
10
10
|
} from "../error/ClientAuthError.js";
|
|
11
11
|
import { StringDict } from "./MsalTypes.js";
|
|
12
|
+
import { StringUtils } from "./StringUtils.js";
|
|
13
|
+
|
|
14
|
+
/**
|
|
15
|
+
* Canonicalizes a URL by making it lowercase and ensuring it ends with /
|
|
16
|
+
* Inlined version of UrlString.canonicalizeUri to avoid circular dependency
|
|
17
|
+
* @param url - URL to canonicalize
|
|
18
|
+
* @returns Canonicalized URL
|
|
19
|
+
*/
|
|
20
|
+
function canonicalizeUrl(url: string): string {
|
|
21
|
+
if (!url) {
|
|
22
|
+
return url;
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
let lowerCaseUrl = url.toLowerCase();
|
|
26
|
+
|
|
27
|
+
if (StringUtils.endsWith(lowerCaseUrl, "?")) {
|
|
28
|
+
lowerCaseUrl = lowerCaseUrl.slice(0, -1);
|
|
29
|
+
} else if (StringUtils.endsWith(lowerCaseUrl, "?/")) {
|
|
30
|
+
lowerCaseUrl = lowerCaseUrl.slice(0, -2);
|
|
31
|
+
}
|
|
32
|
+
|
|
33
|
+
if (!StringUtils.endsWith(lowerCaseUrl, "/")) {
|
|
34
|
+
lowerCaseUrl += "/";
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
return lowerCaseUrl;
|
|
38
|
+
}
|
|
12
39
|
|
|
13
40
|
/**
|
|
14
41
|
* Parses hash string from given string. Returns empty string if no hash symbol is found.
|
|
@@ -86,3 +113,36 @@ export function mapToQueryString(
|
|
|
86
113
|
|
|
87
114
|
return queryParameterArray.join("&");
|
|
88
115
|
}
|
|
116
|
+
|
|
117
|
+
/**
|
|
118
|
+
* Normalizes URLs for comparison by removing hash, canonicalizing,
|
|
119
|
+
* and ensuring consistent URL encoding in query parameters.
|
|
120
|
+
* This fixes redirect loops when URLs contain encoded characters like apostrophes (%27).
|
|
121
|
+
* @param url - URL to normalize
|
|
122
|
+
* @returns Normalized URL string for comparison
|
|
123
|
+
*/
|
|
124
|
+
export function normalizeUrlForComparison(url: string): string {
|
|
125
|
+
if (!url) {
|
|
126
|
+
return url;
|
|
127
|
+
}
|
|
128
|
+
|
|
129
|
+
// Remove hash first
|
|
130
|
+
const urlWithoutHash = url.split("#")[0];
|
|
131
|
+
|
|
132
|
+
try {
|
|
133
|
+
// Parse the URL to handle encoding consistently
|
|
134
|
+
const urlObj = new URL(urlWithoutHash);
|
|
135
|
+
|
|
136
|
+
/*
|
|
137
|
+
* Reconstruct the URL with properly decoded query parameters
|
|
138
|
+
* This ensures that %27 and ' are treated as equivalent
|
|
139
|
+
*/
|
|
140
|
+
const normalizedUrl = urlObj.origin + urlObj.pathname + urlObj.search;
|
|
141
|
+
|
|
142
|
+
// Apply canonicalization logic inline to avoid circular dependency
|
|
143
|
+
return canonicalizeUrl(normalizedUrl);
|
|
144
|
+
} catch (e) {
|
|
145
|
+
// Fallback to original logic if URL parsing fails
|
|
146
|
+
return canonicalizeUrl(urlWithoutHash);
|
|
147
|
+
}
|
|
148
|
+
}
|