@azure/msal-common 15.13.0 → 16.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +0 -4
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.d.ts +1 -5
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +4 -6
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.d.ts +2 -2
- package/dist/authority/Authority.d.ts.map +1 -1
- package/dist/authority/Authority.mjs +89 -105
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.d.ts +6 -2
- package/dist/authority/AuthorityFactory.d.ts.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +8 -5
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts +2 -2
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +8 -8
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.d.ts +0 -1
- package/dist/authority/AuthorityOptions.d.ts.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OIDCOptions.d.ts +2 -2
- package/dist/authority/OIDCOptions.d.ts.map +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.d.ts +3 -3
- package/dist/authority/RegionDiscovery.d.ts.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +14 -15
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +25 -17
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +69 -80
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/dist/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +4 -57
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +0 -2
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +41 -12
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +60 -0
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/dist/cache/utils/AccountEntityUtils.mjs +212 -0
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -0
- package/dist/cache/utils/CacheHelpers.d.ts +2 -2
- package/dist/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +10 -13
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/cache/utils/CacheTypes.d.ts +0 -1
- package/dist/cache/utils/CacheTypes.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +16 -20
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts +3 -3
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +7 -12
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +22 -27
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +1 -1
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +8 -12
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -22
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +9 -15
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.d.ts +5 -3
- package/dist/crypto/ICrypto.d.ts.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.d.ts +2 -2
- package/dist/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +3 -5
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +1 -18
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +12 -34
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +1 -6
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +6 -13
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.d.ts +0 -224
- package/dist/error/ClientAuthError.d.ts.map +1 -1
- package/dist/error/ClientAuthError.mjs +3 -235
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +0 -8
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +2 -10
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.d.ts +0 -123
- package/dist/error/ClientConfigurationError.d.ts.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +3 -129
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +3 -5
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.d.ts +1 -19
- package/dist/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +10 -35
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.d.ts +0 -4
- package/dist/error/JoseHeaderError.d.ts.map +1 -1
- package/dist/error/JoseHeaderError.mjs +3 -8
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/exports-browser-only.d.ts +4 -3
- package/dist/exports-browser-only.d.ts.map +1 -1
- package/dist/exports-common.d.ts +8 -6
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +1 -4
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-browser.mjs +12 -8
- package/dist/index-browser.mjs.map +1 -1
- package/dist/index-node.mjs +10 -7
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +12 -8
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +12 -13
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +16 -21
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -7
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +1 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +14 -14
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +3 -3
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +1 -7
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +3 -9
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +7 -20
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +5 -5
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/AuthenticationResult.d.ts +1 -1
- package/dist/response/AuthenticationResult.d.ts.map +1 -1
- package/dist/response/ResponseHandler.d.ts +6 -5
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +39 -41
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +1 -31
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +6 -85
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +28 -188
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +0 -282
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +2 -483
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +65 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs +73 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -0
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/dist/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +2 -26
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +28 -30
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.d.ts +0 -5
- package/dist/url/UrlString.d.ts.map +1 -1
- package/dist/url/UrlString.mjs +5 -13
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.d.ts +81 -117
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +100 -131
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.d.ts +2 -2
- package/dist/utils/FunctionWrappers.d.ts.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +19 -20
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +7 -7
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.d.ts +1 -2
- package/dist/utils/UrlUtils.d.ts.map +1 -1
- package/dist/utils/UrlUtils.mjs +3 -10
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +29 -222
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-D8Iaiqq3.js → index-node-FrCFfFuh.js} +1606 -2493
- package/lib/index-node-FrCFfFuh.js.map +1 -0
- package/lib/index-node.cjs +4 -33
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -33
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +0 -4
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts +1 -5
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/authority/Authority.d.ts +2 -2
- package/lib/types/authority/Authority.d.ts.map +1 -1
- package/lib/types/authority/AuthorityFactory.d.ts +6 -2
- package/lib/types/authority/AuthorityFactory.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts +2 -2
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/authority/AuthorityOptions.d.ts +0 -1
- package/lib/types/authority/AuthorityOptions.d.ts.map +1 -1
- package/lib/types/authority/OIDCOptions.d.ts +2 -2
- package/lib/types/authority/OIDCOptions.d.ts.map +1 -1
- package/lib/types/authority/RegionDiscovery.d.ts +3 -3
- package/lib/types/authority/RegionDiscovery.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +25 -17
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +4 -57
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +0 -2
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +41 -12
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +60 -0
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/lib/types/cache/utils/CacheHelpers.d.ts +2 -2
- package/lib/types/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/lib/types/cache/utils/CacheTypes.d.ts +0 -1
- package/lib/types/cache/utils/CacheTypes.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts +3 -3
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +1 -1
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -22
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/crypto/ICrypto.d.ts +5 -3
- package/lib/types/crypto/ICrypto.d.ts.map +1 -1
- package/lib/types/crypto/PopTokenGenerator.d.ts +2 -2
- package/lib/types/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +1 -18
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +1 -6
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthError.d.ts +0 -224
- package/lib/types/error/ClientAuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +0 -8
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +0 -123
- package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/InteractionRequiredAuthError.d.ts +1 -19
- package/lib/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/lib/types/error/JoseHeaderError.d.ts +0 -4
- package/lib/types/error/JoseHeaderError.d.ts.map +1 -1
- package/lib/types/exports-browser-only.d.ts +4 -3
- package/lib/types/exports-browser-only.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +8 -6
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +1 -4
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +12 -13
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Authorize.d.ts +1 -2
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +1 -7
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +3 -9
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/AuthenticationResult.d.ts +1 -1
- package/lib/types/response/AuthenticationResult.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +6 -5
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +1 -31
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +6 -85
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +0 -282
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +65 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/lib/types/url/UrlString.d.ts +0 -5
- package/lib/types/url/UrlString.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +81 -117
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/FunctionWrappers.d.ts +2 -2
- package/lib/types/utils/FunctionWrappers.d.ts.map +1 -1
- package/lib/types/utils/UrlUtils.d.ts +1 -2
- package/lib/types/utils/UrlUtils.d.ts.map +1 -1
- package/package.json +120 -122
- package/src/account/AccountInfo.ts +0 -6
- package/src/account/ClientInfo.ts +4 -11
- package/src/authority/Authority.ts +145 -146
- package/src/authority/AuthorityFactory.ts +7 -7
- package/src/authority/AuthorityMetadata.ts +21 -12
- package/src/authority/AuthorityOptions.ts +0 -1
- package/src/authority/OIDCOptions.ts +2 -2
- package/src/authority/RegionDiscovery.ts +20 -33
- package/src/cache/CacheManager.ts +176 -126
- package/src/cache/entities/AccessTokenEntity.ts +0 -4
- package/src/cache/entities/AccountEntity.ts +4 -293
- package/src/cache/entities/CredentialEntity.ts +0 -2
- package/src/cache/interface/ICacheManager.ts +61 -15
- package/src/cache/utils/AccountEntityUtils.ts +287 -0
- package/src/cache/utils/CacheHelpers.ts +23 -37
- package/src/cache/utils/CacheTypes.ts +0 -1
- package/src/client/AuthorizationCodeClient.ts +28 -49
- package/src/client/BaseClient.ts +8 -20
- package/src/client/RefreshTokenClient.ts +29 -61
- package/src/client/SilentFlowClient.ts +11 -20
- package/src/config/ClientConfiguration.ts +9 -37
- package/src/crypto/ICrypto.ts +5 -3
- package/src/crypto/PopTokenGenerator.ts +3 -13
- package/src/error/AuthError.ts +11 -30
- package/src/error/CacheError.ts +4 -15
- package/src/error/ClientAuthError.ts +1 -311
- package/src/error/ClientAuthErrorCodes.ts +0 -8
- package/src/error/ClientConfigurationError.ts +1 -194
- package/src/error/ClientConfigurationErrorCodes.ts +0 -3
- package/src/error/InteractionRequiredAuthError.ts +8 -48
- package/src/error/JoseHeaderError.ts +1 -8
- package/src/exports-browser-only.ts +2 -6
- package/src/exports-common.ts +4 -34
- package/src/exports-node-only.ts +1 -4
- package/src/logger/Logger.ts +26 -39
- package/src/network/ThrottlingUtils.ts +12 -15
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +24 -20
- package/src/request/AuthenticationHeaderParser.ts +2 -4
- package/src/request/BaseAuthRequest.ts +1 -7
- package/src/request/RequestParameterBuilder.ts +30 -45
- package/src/request/ScopeSet.ts +4 -4
- package/src/response/AuthenticationResult.ts +1 -1
- package/src/response/ResponseHandler.ts +53 -58
- package/src/telemetry/performance/IPerformanceClient.ts +1 -43
- package/src/telemetry/performance/PerformanceClient.ts +32 -295
- package/src/telemetry/performance/PerformanceEvent.ts +0 -586
- package/src/telemetry/performance/PerformanceEvents.ts +97 -0
- package/src/telemetry/performance/StubPerformanceClient.ts +0 -16
- package/src/telemetry/server/ServerTelemetryManager.ts +33 -44
- package/src/url/UrlString.ts +3 -12
- package/src/utils/Constants.ts +103 -146
- package/src/utils/FunctionWrappers.ts +28 -29
- package/src/utils/ProtocolUtils.ts +6 -6
- package/src/utils/UrlUtils.ts +2 -15
- package/dist/cache/entities/AccountEntity.mjs +0 -232
- package/dist/cache/entities/AccountEntity.mjs.map +0 -1
- package/dist/request/CommonClientCredentialRequest.d.ts +0 -18
- package/dist/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/dist/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/dist/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/dist/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/dist/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/dist/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/dist/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/lib/index-node-D8Iaiqq3.js.map +0 -1
- package/lib/types/request/CommonClientCredentialRequest.d.ts +0 -18
- package/lib/types/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/lib/types/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/lib/types/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/src/request/CommonClientCredentialRequest.ts +0 -23
- package/src/request/CommonDeviceCodeRequest.ts +0 -31
- package/src/request/CommonOnBehalfOfRequest.ts +0 -19
- package/src/request/CommonUsernamePasswordRequest.ts +0 -23
|
@@ -13,13 +13,7 @@ import {
|
|
|
13
13
|
TenantProfileFilter,
|
|
14
14
|
} from "./utils/CacheTypes.js";
|
|
15
15
|
import { CacheRecord } from "./entities/CacheRecord.js";
|
|
16
|
-
import
|
|
17
|
-
CredentialType,
|
|
18
|
-
APP_METADATA,
|
|
19
|
-
THE_FAMILY_ID,
|
|
20
|
-
AUTHORITY_METADATA_CONSTANTS,
|
|
21
|
-
AuthenticationScheme,
|
|
22
|
-
} from "../utils/Constants.js";
|
|
16
|
+
import * as Constants from "../utils/Constants.js";
|
|
23
17
|
import { CredentialEntity } from "./entities/CredentialEntity.js";
|
|
24
18
|
import { ScopeSet } from "../request/ScopeSet.js";
|
|
25
19
|
import { AccountEntity } from "./entities/AccountEntity.js";
|
|
@@ -51,6 +45,7 @@ import { StaticAuthorityOptions } from "../authority/AuthorityOptions.js";
|
|
|
51
45
|
import { TokenClaims } from "../account/TokenClaims.js";
|
|
52
46
|
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
53
47
|
import { createCacheError } from "../error/CacheError.js";
|
|
48
|
+
import * as AccountEntityUtils from "./utils/AccountEntityUtils.js";
|
|
54
49
|
import { AuthError } from "../error/AuthError.js";
|
|
55
50
|
|
|
56
51
|
/**
|
|
@@ -158,8 +153,12 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
158
153
|
/**
|
|
159
154
|
* fetch appMetadata entity from the platform cache
|
|
160
155
|
* @param appMetadataKey
|
|
156
|
+
* @param correlationId
|
|
161
157
|
*/
|
|
162
|
-
abstract getAppMetadata(
|
|
158
|
+
abstract getAppMetadata(
|
|
159
|
+
appMetadataKey: string,
|
|
160
|
+
correlationId: string
|
|
161
|
+
): AppMetadataEntity | null;
|
|
163
162
|
|
|
164
163
|
/**
|
|
165
164
|
* set appMetadata entity to the platform cache
|
|
@@ -173,15 +172,18 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
173
172
|
/**
|
|
174
173
|
* fetch server telemetry entity from the platform cache
|
|
175
174
|
* @param serverTelemetryKey
|
|
175
|
+
* @param correlationId
|
|
176
176
|
*/
|
|
177
177
|
abstract getServerTelemetry(
|
|
178
|
-
serverTelemetryKey: string
|
|
178
|
+
serverTelemetryKey: string,
|
|
179
|
+
correlationId: string
|
|
179
180
|
): ServerTelemetryEntity | null;
|
|
180
181
|
|
|
181
182
|
/**
|
|
182
183
|
* set server telemetry entity to the platform cache
|
|
183
184
|
* @param serverTelemetryKey
|
|
184
185
|
* @param serverTelemetry
|
|
186
|
+
* @param correlationId
|
|
185
187
|
*/
|
|
186
188
|
abstract setServerTelemetry(
|
|
187
189
|
serverTelemetryKey: string,
|
|
@@ -192,8 +194,12 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
192
194
|
/**
|
|
193
195
|
* fetch cloud discovery metadata entity from the platform cache
|
|
194
196
|
* @param key
|
|
197
|
+
* @param correlationId
|
|
195
198
|
*/
|
|
196
|
-
abstract getAuthorityMetadata(
|
|
199
|
+
abstract getAuthorityMetadata(
|
|
200
|
+
key: string,
|
|
201
|
+
correlationId: string
|
|
202
|
+
): AuthorityMetadataEntity | null;
|
|
197
203
|
|
|
198
204
|
/**
|
|
199
205
|
*
|
|
@@ -204,18 +210,22 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
204
210
|
* set cloud discovery metadata entity to the platform cache
|
|
205
211
|
* @param key
|
|
206
212
|
* @param value
|
|
213
|
+
* @param correlationId
|
|
207
214
|
*/
|
|
208
215
|
abstract setAuthorityMetadata(
|
|
209
216
|
key: string,
|
|
210
|
-
value: AuthorityMetadataEntity
|
|
217
|
+
value: AuthorityMetadataEntity,
|
|
218
|
+
correlationId: string
|
|
211
219
|
): void;
|
|
212
220
|
|
|
213
221
|
/**
|
|
214
222
|
* fetch throttling entity from the platform cache
|
|
215
223
|
* @param throttlingCacheKey
|
|
224
|
+
* @param correlationId
|
|
216
225
|
*/
|
|
217
226
|
abstract getThrottlingCache(
|
|
218
|
-
throttlingCacheKey: string
|
|
227
|
+
throttlingCacheKey: string,
|
|
228
|
+
correlationId: string
|
|
219
229
|
): ThrottlingEntity | null;
|
|
220
230
|
|
|
221
231
|
/**
|
|
@@ -268,7 +278,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
268
278
|
* @returns Array of AccountInfo objects in cache
|
|
269
279
|
*/
|
|
270
280
|
getAllAccounts(
|
|
271
|
-
accountFilter: AccountFilter,
|
|
281
|
+
accountFilter: AccountFilter = {},
|
|
272
282
|
correlationId: string
|
|
273
283
|
): AccountInfo[] {
|
|
274
284
|
return this.buildTenantProfiles(
|
|
@@ -285,15 +295,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
285
295
|
accountFilter: AccountFilter,
|
|
286
296
|
correlationId: string
|
|
287
297
|
): AccountInfo | null {
|
|
288
|
-
if (
|
|
289
|
-
Object.keys(accountFilter).length === 0 ||
|
|
290
|
-
Object.values(accountFilter).every((value) => !value)
|
|
291
|
-
) {
|
|
292
|
-
this.commonLogger.warning(
|
|
293
|
-
"getAccountInfoFilteredBy: Account filter is empty or invalid, returning null"
|
|
294
|
-
);
|
|
295
|
-
return null;
|
|
296
|
-
}
|
|
297
298
|
const allAccounts = this.getAllAccounts(accountFilter, correlationId);
|
|
298
299
|
if (allAccounts.length > 1) {
|
|
299
300
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
@@ -323,7 +324,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
323
324
|
correlationId
|
|
324
325
|
);
|
|
325
326
|
if (accountEntities.length > 0) {
|
|
326
|
-
return accountEntities[0]
|
|
327
|
+
return AccountEntityUtils.getAccountInfo(accountEntities[0]);
|
|
327
328
|
} else {
|
|
328
329
|
return null;
|
|
329
330
|
}
|
|
@@ -413,7 +414,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
413
414
|
targetTenantId?: string,
|
|
414
415
|
tenantProfileFilter?: TenantProfileFilter
|
|
415
416
|
): AccountInfo[] {
|
|
416
|
-
const accountInfo =
|
|
417
|
+
const accountInfo = AccountEntityUtils.getAccountInfo(accountEntity);
|
|
417
418
|
let searchTenantProfiles: Map<string, TenantProfile> =
|
|
418
419
|
accountInfo.tenantProfiles || new Map<string, TenantProfile>();
|
|
419
420
|
const tokenKeys = this.getTokenKeys();
|
|
@@ -587,7 +588,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
587
588
|
this.setAppMetadata(cacheRecord.appMetadata, correlationId);
|
|
588
589
|
}
|
|
589
590
|
} catch (e: unknown) {
|
|
590
|
-
this.commonLogger?.error(
|
|
591
|
+
this.commonLogger?.error(
|
|
592
|
+
`CacheManager.saveCacheRecord: failed`,
|
|
593
|
+
correlationId
|
|
594
|
+
);
|
|
591
595
|
if (e instanceof AuthError) {
|
|
592
596
|
throw e;
|
|
593
597
|
} else {
|
|
@@ -611,7 +615,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
611
615
|
homeAccountId: credential.homeAccountId,
|
|
612
616
|
realm: credential.realm,
|
|
613
617
|
tokenType: credential.tokenType,
|
|
614
|
-
requestedClaimsHash: credential.requestedClaimsHash,
|
|
615
618
|
};
|
|
616
619
|
|
|
617
620
|
const tokenKeys = this.getTokenKeys();
|
|
@@ -631,7 +634,11 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
631
634
|
|
|
632
635
|
if (
|
|
633
636
|
tokenEntity &&
|
|
634
|
-
this.credentialMatchesFilter(
|
|
637
|
+
this.credentialMatchesFilter(
|
|
638
|
+
tokenEntity,
|
|
639
|
+
accessTokenFilter,
|
|
640
|
+
correlationId
|
|
641
|
+
)
|
|
635
642
|
) {
|
|
636
643
|
const tokenScopeSet = ScopeSet.fromString(tokenEntity.target);
|
|
637
644
|
if (tokenScopeSet.intersectingScopeSets(currentScopes)) {
|
|
@@ -681,7 +688,11 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
681
688
|
|
|
682
689
|
if (
|
|
683
690
|
!!accountFilter.environment &&
|
|
684
|
-
!this.matchEnvironment(
|
|
691
|
+
!this.matchEnvironment(
|
|
692
|
+
entity,
|
|
693
|
+
accountFilter.environment,
|
|
694
|
+
correlationId
|
|
695
|
+
)
|
|
685
696
|
) {
|
|
686
697
|
return;
|
|
687
698
|
}
|
|
@@ -740,11 +751,13 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
740
751
|
* Returns whether or not the given credential entity matches the filter
|
|
741
752
|
* @param entity
|
|
742
753
|
* @param filter
|
|
754
|
+
* @param correlationId
|
|
743
755
|
* @returns
|
|
744
756
|
*/
|
|
745
757
|
credentialMatchesFilter(
|
|
746
758
|
entity: ValidCredentialType,
|
|
747
|
-
filter: CredentialFilter
|
|
759
|
+
filter: CredentialFilter,
|
|
760
|
+
correlationId: string
|
|
748
761
|
): boolean {
|
|
749
762
|
if (!!filter.clientId && !this.matchClientId(entity, filter.clientId)) {
|
|
750
763
|
return false;
|
|
@@ -770,7 +783,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
770
783
|
|
|
771
784
|
if (
|
|
772
785
|
!!filter.environment &&
|
|
773
|
-
!this.matchEnvironment(entity, filter.environment)
|
|
786
|
+
!this.matchEnvironment(entity, filter.environment, correlationId)
|
|
774
787
|
) {
|
|
775
788
|
return false;
|
|
776
789
|
}
|
|
@@ -798,18 +811,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
798
811
|
return false;
|
|
799
812
|
}
|
|
800
813
|
|
|
801
|
-
// If request OR cached entity has requested Claims Hash, check if they match
|
|
802
|
-
if (filter.requestedClaimsHash || entity.requestedClaimsHash) {
|
|
803
|
-
// Don't match if either is undefined or they are different
|
|
804
|
-
if (entity.requestedClaimsHash !== filter.requestedClaimsHash) {
|
|
805
|
-
return false;
|
|
806
|
-
}
|
|
807
|
-
}
|
|
808
|
-
|
|
809
814
|
// Access Token with Auth Scheme specific matching
|
|
810
815
|
if (
|
|
811
816
|
entity.credentialType ===
|
|
812
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME
|
|
817
|
+
Constants.CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME
|
|
813
818
|
) {
|
|
814
819
|
if (
|
|
815
820
|
!!filter.tokenType &&
|
|
@@ -819,7 +824,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
819
824
|
}
|
|
820
825
|
|
|
821
826
|
// KeyId (sshKid) in request must match cached SSH certificate keyId because SSH cert is bound to a specific key
|
|
822
|
-
if (filter.tokenType === AuthenticationScheme.SSH) {
|
|
827
|
+
if (filter.tokenType === Constants.AuthenticationScheme.SSH) {
|
|
823
828
|
if (filter.keyId && !this.matchKeyId(entity, filter.keyId)) {
|
|
824
829
|
return false;
|
|
825
830
|
}
|
|
@@ -832,8 +837,12 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
832
837
|
/**
|
|
833
838
|
* retrieve appMetadata matching all provided filters; if no filter is set, get all appMetadata
|
|
834
839
|
* @param filter
|
|
840
|
+
* @param correlationId
|
|
835
841
|
*/
|
|
836
|
-
getAppMetadataFilteredBy(
|
|
842
|
+
getAppMetadataFilteredBy(
|
|
843
|
+
filter: AppMetadataFilter,
|
|
844
|
+
correlationId: string
|
|
845
|
+
): AppMetadataCache {
|
|
837
846
|
const allCacheKeys = this.getKeys();
|
|
838
847
|
const matchingAppMetadata: AppMetadataCache = {};
|
|
839
848
|
|
|
@@ -844,7 +853,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
844
853
|
}
|
|
845
854
|
|
|
846
855
|
// Attempt retrieval
|
|
847
|
-
const entity = this.getAppMetadata(cacheKey);
|
|
856
|
+
const entity = this.getAppMetadata(cacheKey, correlationId);
|
|
848
857
|
|
|
849
858
|
if (!entity) {
|
|
850
859
|
return;
|
|
@@ -852,7 +861,11 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
852
861
|
|
|
853
862
|
if (
|
|
854
863
|
!!filter.environment &&
|
|
855
|
-
!this.matchEnvironment(
|
|
864
|
+
!this.matchEnvironment(
|
|
865
|
+
entity,
|
|
866
|
+
filter.environment,
|
|
867
|
+
correlationId
|
|
868
|
+
)
|
|
856
869
|
) {
|
|
857
870
|
return;
|
|
858
871
|
}
|
|
@@ -872,9 +885,13 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
872
885
|
|
|
873
886
|
/**
|
|
874
887
|
* retrieve authorityMetadata that contains a matching alias
|
|
875
|
-
* @param
|
|
888
|
+
* @param host
|
|
889
|
+
* @param correlationId
|
|
876
890
|
*/
|
|
877
|
-
getAuthorityMetadataByAlias(
|
|
891
|
+
getAuthorityMetadataByAlias(
|
|
892
|
+
host: string,
|
|
893
|
+
correlationId: string
|
|
894
|
+
): AuthorityMetadataEntity | null {
|
|
878
895
|
const allCacheKeys = this.getAuthorityMetadataKeys();
|
|
879
896
|
let matchedEntity = null;
|
|
880
897
|
|
|
@@ -888,7 +905,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
888
905
|
}
|
|
889
906
|
|
|
890
907
|
// Attempt retrieval
|
|
891
|
-
const entity = this.getAuthorityMetadata(cacheKey);
|
|
908
|
+
const entity = this.getAuthorityMetadata(cacheKey, correlationId);
|
|
892
909
|
|
|
893
910
|
if (!entity) {
|
|
894
911
|
return;
|
|
@@ -963,42 +980,47 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
963
980
|
}
|
|
964
981
|
|
|
965
982
|
/**
|
|
966
|
-
*
|
|
983
|
+
* returns a boolean if the given credential is removed
|
|
967
984
|
* @param key
|
|
968
985
|
* @param correlationId
|
|
969
986
|
*/
|
|
970
987
|
removeAccessToken(key: string, correlationId: string): void {
|
|
971
988
|
const credential = this.getAccessTokenCredential(key, correlationId);
|
|
989
|
+
if (!credential) {
|
|
990
|
+
return;
|
|
991
|
+
}
|
|
992
|
+
|
|
972
993
|
this.removeItem(key, correlationId);
|
|
973
994
|
this.performanceClient.incrementFields(
|
|
974
995
|
{ accessTokensRemoved: 1 },
|
|
975
996
|
correlationId
|
|
976
997
|
);
|
|
977
998
|
|
|
999
|
+
// Remove Token Binding Key from key store for PoP Tokens Credentials
|
|
978
1000
|
if (
|
|
979
|
-
|
|
980
|
-
|
|
981
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
|
|
982
|
-
credential.tokenType !== AuthenticationScheme.POP
|
|
1001
|
+
credential.credentialType.toLowerCase() ===
|
|
1002
|
+
Constants.CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()
|
|
983
1003
|
) {
|
|
984
|
-
|
|
985
|
-
|
|
986
|
-
|
|
987
|
-
|
|
988
|
-
|
|
989
|
-
|
|
990
|
-
|
|
991
|
-
|
|
992
|
-
|
|
993
|
-
|
|
994
|
-
|
|
995
|
-
|
|
996
|
-
|
|
997
|
-
|
|
998
|
-
|
|
999
|
-
|
|
1000
|
-
|
|
1001
|
-
|
|
1004
|
+
if (credential.tokenType === Constants.AuthenticationScheme.POP) {
|
|
1005
|
+
const accessTokenWithAuthSchemeEntity =
|
|
1006
|
+
credential as AccessTokenEntity;
|
|
1007
|
+
const kid = accessTokenWithAuthSchemeEntity.keyId;
|
|
1008
|
+
|
|
1009
|
+
if (kid) {
|
|
1010
|
+
void this.cryptoImpl
|
|
1011
|
+
.removeTokenBindingKey(kid, correlationId)
|
|
1012
|
+
.catch(() => {
|
|
1013
|
+
this.commonLogger.error(
|
|
1014
|
+
`Failed to remove token binding key '${kid}'`,
|
|
1015
|
+
correlationId
|
|
1016
|
+
);
|
|
1017
|
+
this.performanceClient?.incrementFields(
|
|
1018
|
+
{ removeTokenBindingKeyFailure: 1 },
|
|
1019
|
+
correlationId
|
|
1020
|
+
);
|
|
1021
|
+
});
|
|
1022
|
+
}
|
|
1023
|
+
}
|
|
1002
1024
|
}
|
|
1003
1025
|
}
|
|
1004
1026
|
|
|
@@ -1028,14 +1050,16 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1028
1050
|
account: AccountInfo,
|
|
1029
1051
|
correlationId: string,
|
|
1030
1052
|
tokenKeys?: TokenKeys,
|
|
1031
|
-
targetRealm?: string
|
|
1032
|
-
performanceClient?: IPerformanceClient
|
|
1053
|
+
targetRealm?: string
|
|
1033
1054
|
): IdTokenEntity | null {
|
|
1034
|
-
this.commonLogger.trace(
|
|
1055
|
+
this.commonLogger.trace(
|
|
1056
|
+
"CacheManager - getIdToken called",
|
|
1057
|
+
correlationId
|
|
1058
|
+
);
|
|
1035
1059
|
const idTokenFilter: CredentialFilter = {
|
|
1036
1060
|
homeAccountId: account.homeAccountId,
|
|
1037
1061
|
environment: account.environment,
|
|
1038
|
-
credentialType: CredentialType.ID_TOKEN,
|
|
1062
|
+
credentialType: Constants.CredentialType.ID_TOKEN,
|
|
1039
1063
|
clientId: this.clientId,
|
|
1040
1064
|
realm: targetRealm,
|
|
1041
1065
|
};
|
|
@@ -1049,7 +1073,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1049
1073
|
const numIdTokens = idTokenMap.size;
|
|
1050
1074
|
|
|
1051
1075
|
if (numIdTokens < 1) {
|
|
1052
|
-
this.commonLogger.info(
|
|
1076
|
+
this.commonLogger.info(
|
|
1077
|
+
"CacheManager:getIdToken - No token found",
|
|
1078
|
+
correlationId
|
|
1079
|
+
);
|
|
1053
1080
|
return null;
|
|
1054
1081
|
} else if (numIdTokens > 1) {
|
|
1055
1082
|
let tokensToBeRemoved: Map<string, IdTokenEntity> = idTokenMap;
|
|
@@ -1067,12 +1094,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1067
1094
|
const numHomeIdTokens = homeIdTokenMap.size;
|
|
1068
1095
|
if (numHomeIdTokens < 1) {
|
|
1069
1096
|
this.commonLogger.info(
|
|
1070
|
-
"CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result"
|
|
1097
|
+
"CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result",
|
|
1098
|
+
correlationId
|
|
1071
1099
|
);
|
|
1072
1100
|
return idTokenMap.values().next().value;
|
|
1073
1101
|
} else if (numHomeIdTokens === 1) {
|
|
1074
1102
|
this.commonLogger.info(
|
|
1075
|
-
"CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile"
|
|
1103
|
+
"CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile",
|
|
1104
|
+
correlationId
|
|
1076
1105
|
);
|
|
1077
1106
|
return homeIdTokenMap.values().next().value;
|
|
1078
1107
|
} else {
|
|
@@ -1082,21 +1111,23 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1082
1111
|
}
|
|
1083
1112
|
// Multiple tokens for a single tenant profile, remove all and return null
|
|
1084
1113
|
this.commonLogger.info(
|
|
1085
|
-
"CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"
|
|
1114
|
+
"CacheManager:getIdToken - Multiple matching ID tokens found, clearing them",
|
|
1115
|
+
correlationId
|
|
1086
1116
|
);
|
|
1087
1117
|
tokensToBeRemoved.forEach((idToken, key) => {
|
|
1088
1118
|
this.removeIdToken(key, correlationId);
|
|
1089
1119
|
});
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
);
|
|
1095
|
-
}
|
|
1120
|
+
this.performanceClient.addFields(
|
|
1121
|
+
{ multiMatchedID: idTokenMap.size },
|
|
1122
|
+
correlationId
|
|
1123
|
+
);
|
|
1096
1124
|
return null;
|
|
1097
1125
|
}
|
|
1098
1126
|
|
|
1099
|
-
this.commonLogger.info(
|
|
1127
|
+
this.commonLogger.info(
|
|
1128
|
+
"CacheManager:getIdToken - Returning ID token",
|
|
1129
|
+
correlationId
|
|
1130
|
+
);
|
|
1100
1131
|
return idTokenMap.values().next().value;
|
|
1101
1132
|
}
|
|
1102
1133
|
|
|
@@ -1127,7 +1158,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1127
1158
|
return;
|
|
1128
1159
|
}
|
|
1129
1160
|
const idToken = this.getIdTokenCredential(key, correlationId);
|
|
1130
|
-
if (
|
|
1161
|
+
if (
|
|
1162
|
+
idToken &&
|
|
1163
|
+
this.credentialMatchesFilter(idToken, filter, correlationId)
|
|
1164
|
+
) {
|
|
1131
1165
|
idTokens.set(key, idToken);
|
|
1132
1166
|
}
|
|
1133
1167
|
});
|
|
@@ -1183,7 +1217,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1183
1217
|
* Retrieve AccessTokenEntity from cache
|
|
1184
1218
|
* @param account {AccountInfo}
|
|
1185
1219
|
* @param request {BaseAuthRequest}
|
|
1186
|
-
* @param correlationId {?string}
|
|
1187
1220
|
* @param tokenKeys {?TokenKeys}
|
|
1188
1221
|
* @param performanceClient {?IPerformanceClient}
|
|
1189
1222
|
*/
|
|
@@ -1200,7 +1233,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1200
1233
|
);
|
|
1201
1234
|
const scopes = ScopeSet.createSearchScopes(request.scopes);
|
|
1202
1235
|
const authScheme =
|
|
1203
|
-
request.authenticationScheme ||
|
|
1236
|
+
request.authenticationScheme ||
|
|
1237
|
+
Constants.AuthenticationScheme.BEARER;
|
|
1204
1238
|
/*
|
|
1205
1239
|
* Distinguish between Bearer and PoP/SSH token cache types
|
|
1206
1240
|
* Cast to lowercase to handle "bearer" from ADFS
|
|
@@ -1208,9 +1242,9 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1208
1242
|
const credentialType =
|
|
1209
1243
|
authScheme &&
|
|
1210
1244
|
authScheme.toLowerCase() !==
|
|
1211
|
-
AuthenticationScheme.BEARER.toLowerCase()
|
|
1212
|
-
? CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME
|
|
1213
|
-
: CredentialType.ACCESS_TOKEN;
|
|
1245
|
+
Constants.AuthenticationScheme.BEARER.toLowerCase()
|
|
1246
|
+
? Constants.CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME
|
|
1247
|
+
: Constants.CredentialType.ACCESS_TOKEN;
|
|
1214
1248
|
|
|
1215
1249
|
const accessTokenFilter: CredentialFilter = {
|
|
1216
1250
|
homeAccountId: account.homeAccountId,
|
|
@@ -1221,7 +1255,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1221
1255
|
target: scopes,
|
|
1222
1256
|
tokenType: authScheme,
|
|
1223
1257
|
keyId: request.sshKid,
|
|
1224
|
-
requestedClaimsHash: request.requestedClaimsHash,
|
|
1225
1258
|
};
|
|
1226
1259
|
|
|
1227
1260
|
const accessTokenKeys =
|
|
@@ -1242,7 +1275,11 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1242
1275
|
// Validate value
|
|
1243
1276
|
if (
|
|
1244
1277
|
accessToken &&
|
|
1245
|
-
this.credentialMatchesFilter(
|
|
1278
|
+
this.credentialMatchesFilter(
|
|
1279
|
+
accessToken,
|
|
1280
|
+
accessTokenFilter,
|
|
1281
|
+
correlationId
|
|
1282
|
+
)
|
|
1246
1283
|
) {
|
|
1247
1284
|
accessTokens.push(accessToken);
|
|
1248
1285
|
}
|
|
@@ -1312,13 +1349,6 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1312
1349
|
return false;
|
|
1313
1350
|
}
|
|
1314
1351
|
|
|
1315
|
-
if (
|
|
1316
|
-
filter.requestedClaimsHash &&
|
|
1317
|
-
key.indexOf(filter.requestedClaimsHash.toLowerCase()) === -1
|
|
1318
|
-
) {
|
|
1319
|
-
return false;
|
|
1320
|
-
}
|
|
1321
|
-
|
|
1322
1352
|
if (filter.target) {
|
|
1323
1353
|
const scopes = filter.target.asArray();
|
|
1324
1354
|
for (let i = 0; i < scopes.length; i++) {
|
|
@@ -1364,7 +1394,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1364
1394
|
);
|
|
1365
1395
|
if (
|
|
1366
1396
|
accessToken &&
|
|
1367
|
-
this.credentialMatchesFilter(accessToken, filter)
|
|
1397
|
+
this.credentialMatchesFilter(accessToken, filter, correlationId)
|
|
1368
1398
|
) {
|
|
1369
1399
|
accessTokens.push(accessToken);
|
|
1370
1400
|
}
|
|
@@ -1377,23 +1407,25 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1377
1407
|
* Helper to retrieve the appropriate refresh token from cache
|
|
1378
1408
|
* @param account {AccountInfo}
|
|
1379
1409
|
* @param familyRT {boolean}
|
|
1380
|
-
* @param correlationId {?string}
|
|
1381
1410
|
* @param tokenKeys {?TokenKeys}
|
|
1382
1411
|
* @param performanceClient {?IPerformanceClient}
|
|
1412
|
+
* @param correlationId {?string}
|
|
1383
1413
|
*/
|
|
1384
1414
|
getRefreshToken(
|
|
1385
1415
|
account: AccountInfo,
|
|
1386
1416
|
familyRT: boolean,
|
|
1387
1417
|
correlationId: string,
|
|
1388
|
-
tokenKeys?: TokenKeys
|
|
1389
|
-
performanceClient?: IPerformanceClient
|
|
1418
|
+
tokenKeys?: TokenKeys
|
|
1390
1419
|
): RefreshTokenEntity | null {
|
|
1391
|
-
this.commonLogger.trace(
|
|
1392
|
-
|
|
1420
|
+
this.commonLogger.trace(
|
|
1421
|
+
"CacheManager - getRefreshToken called",
|
|
1422
|
+
correlationId
|
|
1423
|
+
);
|
|
1424
|
+
const id = familyRT ? Constants.THE_FAMILY_ID : undefined;
|
|
1393
1425
|
const refreshTokenFilter: CredentialFilter = {
|
|
1394
1426
|
homeAccountId: account.homeAccountId,
|
|
1395
1427
|
environment: account.environment,
|
|
1396
|
-
credentialType: CredentialType.REFRESH_TOKEN,
|
|
1428
|
+
credentialType: Constants.CredentialType.REFRESH_TOKEN,
|
|
1397
1429
|
clientId: this.clientId,
|
|
1398
1430
|
familyId: id,
|
|
1399
1431
|
};
|
|
@@ -1415,7 +1447,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1415
1447
|
refreshToken &&
|
|
1416
1448
|
this.credentialMatchesFilter(
|
|
1417
1449
|
refreshToken,
|
|
1418
|
-
refreshTokenFilter
|
|
1450
|
+
refreshTokenFilter,
|
|
1451
|
+
correlationId
|
|
1419
1452
|
)
|
|
1420
1453
|
) {
|
|
1421
1454
|
refreshTokens.push(refreshToken);
|
|
@@ -1426,21 +1459,23 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1426
1459
|
const numRefreshTokens = refreshTokens.length;
|
|
1427
1460
|
if (numRefreshTokens < 1) {
|
|
1428
1461
|
this.commonLogger.info(
|
|
1429
|
-
"CacheManager:getRefreshToken - No refresh token found."
|
|
1462
|
+
"CacheManager:getRefreshToken - No refresh token found.",
|
|
1463
|
+
correlationId
|
|
1430
1464
|
);
|
|
1431
1465
|
return null;
|
|
1432
1466
|
}
|
|
1433
1467
|
// address the else case after remove functions address environment aliases
|
|
1434
1468
|
|
|
1435
|
-
if (numRefreshTokens > 1
|
|
1436
|
-
performanceClient.addFields(
|
|
1469
|
+
if (numRefreshTokens > 1) {
|
|
1470
|
+
this.performanceClient.addFields(
|
|
1437
1471
|
{ multiMatchedRT: numRefreshTokens },
|
|
1438
1472
|
correlationId
|
|
1439
1473
|
);
|
|
1440
1474
|
}
|
|
1441
1475
|
|
|
1442
1476
|
this.commonLogger.info(
|
|
1443
|
-
"CacheManager:getRefreshToken - returning refresh token"
|
|
1477
|
+
"CacheManager:getRefreshToken - returning refresh token",
|
|
1478
|
+
correlationId
|
|
1444
1479
|
);
|
|
1445
1480
|
return refreshTokens[0] as RefreshTokenEntity;
|
|
1446
1481
|
}
|
|
@@ -1484,14 +1519,19 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1484
1519
|
/**
|
|
1485
1520
|
* Retrieve AppMetadataEntity from cache
|
|
1486
1521
|
*/
|
|
1487
|
-
readAppMetadataFromCache(
|
|
1522
|
+
readAppMetadataFromCache(
|
|
1523
|
+
environment: string,
|
|
1524
|
+
correlationId: string
|
|
1525
|
+
): AppMetadataEntity | null {
|
|
1488
1526
|
const appMetadataFilter: AppMetadataFilter = {
|
|
1489
1527
|
environment,
|
|
1490
1528
|
clientId: this.clientId,
|
|
1491
1529
|
};
|
|
1492
1530
|
|
|
1493
|
-
const appMetadata: AppMetadataCache =
|
|
1494
|
-
|
|
1531
|
+
const appMetadata: AppMetadataCache = this.getAppMetadataFilteredBy(
|
|
1532
|
+
appMetadataFilter,
|
|
1533
|
+
correlationId
|
|
1534
|
+
);
|
|
1495
1535
|
const appMetadataEntries: AppMetadataEntity[] = Object.keys(
|
|
1496
1536
|
appMetadata
|
|
1497
1537
|
).map((key) => appMetadata[key]);
|
|
@@ -1513,9 +1553,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1513
1553
|
* @param environment
|
|
1514
1554
|
* @param clientId
|
|
1515
1555
|
*/
|
|
1516
|
-
isAppMetadataFOCI(environment: string): boolean {
|
|
1517
|
-
const appMetadata = this.readAppMetadataFromCache(
|
|
1518
|
-
|
|
1556
|
+
isAppMetadataFOCI(environment: string, correlationId: string): boolean {
|
|
1557
|
+
const appMetadata = this.readAppMetadataFromCache(
|
|
1558
|
+
environment,
|
|
1559
|
+
correlationId
|
|
1560
|
+
);
|
|
1561
|
+
return !!(
|
|
1562
|
+
appMetadata && appMetadata.familyId === Constants.THE_FAMILY_ID
|
|
1563
|
+
);
|
|
1519
1564
|
}
|
|
1520
1565
|
|
|
1521
1566
|
/**
|
|
@@ -1603,13 +1648,15 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1603
1648
|
*/
|
|
1604
1649
|
private matchEnvironment(
|
|
1605
1650
|
entity: AccountEntity | CredentialEntity | AppMetadataEntity,
|
|
1606
|
-
environment: string
|
|
1651
|
+
environment: string,
|
|
1652
|
+
correlationId: string
|
|
1607
1653
|
): boolean {
|
|
1608
1654
|
// Check static authority options first for cases where authority metadata has not been resolved and cached yet
|
|
1609
1655
|
if (this.staticAuthorityOptions) {
|
|
1610
1656
|
const staticAliases = getAliasesFromStaticSources(
|
|
1611
1657
|
this.staticAuthorityOptions,
|
|
1612
|
-
this.commonLogger
|
|
1658
|
+
this.commonLogger,
|
|
1659
|
+
correlationId
|
|
1613
1660
|
);
|
|
1614
1661
|
if (
|
|
1615
1662
|
staticAliases.includes(environment) &&
|
|
@@ -1620,7 +1667,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1620
1667
|
}
|
|
1621
1668
|
|
|
1622
1669
|
// Query metadata cache if no static authority configuration has aliases that match enviroment
|
|
1623
|
-
const cloudMetadata = this.getAuthorityMetadataByAlias(
|
|
1670
|
+
const cloudMetadata = this.getAuthorityMetadataByAlias(
|
|
1671
|
+
environment,
|
|
1672
|
+
correlationId
|
|
1673
|
+
);
|
|
1624
1674
|
if (
|
|
1625
1675
|
cloudMetadata &&
|
|
1626
1676
|
cloudMetadata.aliases.indexOf(entity.environment) > -1
|
|
@@ -1751,9 +1801,9 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1751
1801
|
*/
|
|
1752
1802
|
private matchTarget(entity: CredentialEntity, target: ScopeSet): boolean {
|
|
1753
1803
|
const isNotAccessTokenCredential =
|
|
1754
|
-
entity.credentialType !== CredentialType.ACCESS_TOKEN &&
|
|
1804
|
+
entity.credentialType !== Constants.CredentialType.ACCESS_TOKEN &&
|
|
1755
1805
|
entity.credentialType !==
|
|
1756
|
-
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
1806
|
+
Constants.CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME;
|
|
1757
1807
|
|
|
1758
1808
|
if (isNotAccessTokenCredential || !entity.target) {
|
|
1759
1809
|
return false;
|
|
@@ -1771,7 +1821,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1771
1821
|
*/
|
|
1772
1822
|
private matchTokenType(
|
|
1773
1823
|
entity: CredentialEntity,
|
|
1774
|
-
tokenType: AuthenticationScheme
|
|
1824
|
+
tokenType: Constants.AuthenticationScheme
|
|
1775
1825
|
): boolean {
|
|
1776
1826
|
return !!(entity.tokenType && entity.tokenType === tokenType);
|
|
1777
1827
|
}
|
|
@@ -1790,7 +1840,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1790
1840
|
* @param key
|
|
1791
1841
|
*/
|
|
1792
1842
|
private isAppMetadata(key: string): boolean {
|
|
1793
|
-
return key.indexOf(APP_METADATA) !== -1;
|
|
1843
|
+
return key.indexOf(Constants.APP_METADATA) !== -1;
|
|
1794
1844
|
}
|
|
1795
1845
|
|
|
1796
1846
|
/**
|
|
@@ -1798,14 +1848,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1798
1848
|
* @param key
|
|
1799
1849
|
*/
|
|
1800
1850
|
protected isAuthorityMetadata(key: string): boolean {
|
|
1801
|
-
return key.indexOf(
|
|
1851
|
+
return key.indexOf(Constants.AUTHORITY_METADATA_CACHE_KEY) !== -1;
|
|
1802
1852
|
}
|
|
1803
1853
|
|
|
1804
1854
|
/**
|
|
1805
1855
|
* returns cache key used for cloud instance metadata
|
|
1806
1856
|
*/
|
|
1807
1857
|
generateAuthorityMetadataCacheKey(authority: string): string {
|
|
1808
|
-
return `${
|
|
1858
|
+
return `${Constants.AUTHORITY_METADATA_CACHE_KEY}-${this.clientId}-${authority}`;
|
|
1809
1859
|
}
|
|
1810
1860
|
|
|
1811
1861
|
/**
|