@azure/msal-common 15.13.0 → 16.0.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +0 -4
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.d.ts +1 -5
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +4 -6
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.d.ts +2 -2
- package/dist/authority/Authority.d.ts.map +1 -1
- package/dist/authority/Authority.mjs +89 -105
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.d.ts +6 -2
- package/dist/authority/AuthorityFactory.d.ts.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +8 -5
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts +2 -2
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +8 -8
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.d.ts +0 -1
- package/dist/authority/AuthorityOptions.d.ts.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OIDCOptions.d.ts +2 -2
- package/dist/authority/OIDCOptions.d.ts.map +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.d.ts +3 -3
- package/dist/authority/RegionDiscovery.d.ts.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +14 -15
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +25 -17
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +69 -80
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/dist/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +4 -57
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +0 -2
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +41 -12
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +60 -0
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/dist/cache/utils/AccountEntityUtils.mjs +212 -0
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -0
- package/dist/cache/utils/CacheHelpers.d.ts +2 -2
- package/dist/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +10 -13
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/cache/utils/CacheTypes.d.ts +0 -1
- package/dist/cache/utils/CacheTypes.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +16 -20
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts +3 -3
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +7 -12
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +22 -27
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +1 -1
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +8 -12
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -22
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +9 -15
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.d.ts +5 -3
- package/dist/crypto/ICrypto.d.ts.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.d.ts +2 -2
- package/dist/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +3 -5
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +1 -18
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +12 -34
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +1 -6
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +6 -13
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.d.ts +0 -224
- package/dist/error/ClientAuthError.d.ts.map +1 -1
- package/dist/error/ClientAuthError.mjs +3 -235
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +0 -8
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +2 -10
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.d.ts +0 -123
- package/dist/error/ClientConfigurationError.d.ts.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +3 -129
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +3 -5
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.d.ts +1 -19
- package/dist/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +10 -35
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.d.ts +0 -4
- package/dist/error/JoseHeaderError.d.ts.map +1 -1
- package/dist/error/JoseHeaderError.mjs +3 -8
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/exports-browser-only.d.ts +4 -3
- package/dist/exports-browser-only.d.ts.map +1 -1
- package/dist/exports-common.d.ts +8 -6
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +1 -4
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-browser.mjs +12 -8
- package/dist/index-browser.mjs.map +1 -1
- package/dist/index-node.mjs +10 -7
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +12 -8
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +12 -13
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +16 -21
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -7
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +1 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +14 -14
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +3 -3
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +1 -7
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +3 -9
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +7 -20
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +5 -5
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/AuthenticationResult.d.ts +1 -1
- package/dist/response/AuthenticationResult.d.ts.map +1 -1
- package/dist/response/ResponseHandler.d.ts +6 -5
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +39 -41
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +1 -31
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +6 -85
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +28 -188
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +0 -282
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +2 -483
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +65 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs +73 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -0
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/dist/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +2 -26
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +28 -30
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.d.ts +0 -5
- package/dist/url/UrlString.d.ts.map +1 -1
- package/dist/url/UrlString.mjs +5 -13
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.d.ts +81 -117
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +100 -131
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.d.ts +2 -2
- package/dist/utils/FunctionWrappers.d.ts.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +19 -20
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +7 -7
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.d.ts +1 -2
- package/dist/utils/UrlUtils.d.ts.map +1 -1
- package/dist/utils/UrlUtils.mjs +3 -10
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +29 -222
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-D8Iaiqq3.js → index-node-FrCFfFuh.js} +1606 -2493
- package/lib/index-node-FrCFfFuh.js.map +1 -0
- package/lib/index-node.cjs +4 -33
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -33
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +0 -4
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts +1 -5
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/authority/Authority.d.ts +2 -2
- package/lib/types/authority/Authority.d.ts.map +1 -1
- package/lib/types/authority/AuthorityFactory.d.ts +6 -2
- package/lib/types/authority/AuthorityFactory.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts +2 -2
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/authority/AuthorityOptions.d.ts +0 -1
- package/lib/types/authority/AuthorityOptions.d.ts.map +1 -1
- package/lib/types/authority/OIDCOptions.d.ts +2 -2
- package/lib/types/authority/OIDCOptions.d.ts.map +1 -1
- package/lib/types/authority/RegionDiscovery.d.ts +3 -3
- package/lib/types/authority/RegionDiscovery.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +25 -17
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +4 -57
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +0 -2
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +41 -12
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +60 -0
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/lib/types/cache/utils/CacheHelpers.d.ts +2 -2
- package/lib/types/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/lib/types/cache/utils/CacheTypes.d.ts +0 -1
- package/lib/types/cache/utils/CacheTypes.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts +3 -3
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +1 -1
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -22
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/crypto/ICrypto.d.ts +5 -3
- package/lib/types/crypto/ICrypto.d.ts.map +1 -1
- package/lib/types/crypto/PopTokenGenerator.d.ts +2 -2
- package/lib/types/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +1 -18
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +1 -6
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthError.d.ts +0 -224
- package/lib/types/error/ClientAuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +0 -8
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +0 -123
- package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/InteractionRequiredAuthError.d.ts +1 -19
- package/lib/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/lib/types/error/JoseHeaderError.d.ts +0 -4
- package/lib/types/error/JoseHeaderError.d.ts.map +1 -1
- package/lib/types/exports-browser-only.d.ts +4 -3
- package/lib/types/exports-browser-only.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +8 -6
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +1 -4
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +12 -13
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Authorize.d.ts +1 -2
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +1 -7
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +3 -9
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/AuthenticationResult.d.ts +1 -1
- package/lib/types/response/AuthenticationResult.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +6 -5
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +1 -31
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +6 -85
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +0 -282
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +65 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/lib/types/url/UrlString.d.ts +0 -5
- package/lib/types/url/UrlString.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +81 -117
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/FunctionWrappers.d.ts +2 -2
- package/lib/types/utils/FunctionWrappers.d.ts.map +1 -1
- package/lib/types/utils/UrlUtils.d.ts +1 -2
- package/lib/types/utils/UrlUtils.d.ts.map +1 -1
- package/package.json +120 -122
- package/src/account/AccountInfo.ts +0 -6
- package/src/account/ClientInfo.ts +4 -11
- package/src/authority/Authority.ts +145 -146
- package/src/authority/AuthorityFactory.ts +7 -7
- package/src/authority/AuthorityMetadata.ts +21 -12
- package/src/authority/AuthorityOptions.ts +0 -1
- package/src/authority/OIDCOptions.ts +2 -2
- package/src/authority/RegionDiscovery.ts +20 -33
- package/src/cache/CacheManager.ts +176 -126
- package/src/cache/entities/AccessTokenEntity.ts +0 -4
- package/src/cache/entities/AccountEntity.ts +4 -293
- package/src/cache/entities/CredentialEntity.ts +0 -2
- package/src/cache/interface/ICacheManager.ts +61 -15
- package/src/cache/utils/AccountEntityUtils.ts +287 -0
- package/src/cache/utils/CacheHelpers.ts +23 -37
- package/src/cache/utils/CacheTypes.ts +0 -1
- package/src/client/AuthorizationCodeClient.ts +28 -49
- package/src/client/BaseClient.ts +8 -20
- package/src/client/RefreshTokenClient.ts +29 -61
- package/src/client/SilentFlowClient.ts +11 -20
- package/src/config/ClientConfiguration.ts +9 -37
- package/src/crypto/ICrypto.ts +5 -3
- package/src/crypto/PopTokenGenerator.ts +3 -13
- package/src/error/AuthError.ts +11 -30
- package/src/error/CacheError.ts +4 -15
- package/src/error/ClientAuthError.ts +1 -311
- package/src/error/ClientAuthErrorCodes.ts +0 -8
- package/src/error/ClientConfigurationError.ts +1 -194
- package/src/error/ClientConfigurationErrorCodes.ts +0 -3
- package/src/error/InteractionRequiredAuthError.ts +8 -48
- package/src/error/JoseHeaderError.ts +1 -8
- package/src/exports-browser-only.ts +2 -6
- package/src/exports-common.ts +4 -34
- package/src/exports-node-only.ts +1 -4
- package/src/logger/Logger.ts +26 -39
- package/src/network/ThrottlingUtils.ts +12 -15
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +24 -20
- package/src/request/AuthenticationHeaderParser.ts +2 -4
- package/src/request/BaseAuthRequest.ts +1 -7
- package/src/request/RequestParameterBuilder.ts +30 -45
- package/src/request/ScopeSet.ts +4 -4
- package/src/response/AuthenticationResult.ts +1 -1
- package/src/response/ResponseHandler.ts +53 -58
- package/src/telemetry/performance/IPerformanceClient.ts +1 -43
- package/src/telemetry/performance/PerformanceClient.ts +32 -295
- package/src/telemetry/performance/PerformanceEvent.ts +0 -586
- package/src/telemetry/performance/PerformanceEvents.ts +97 -0
- package/src/telemetry/performance/StubPerformanceClient.ts +0 -16
- package/src/telemetry/server/ServerTelemetryManager.ts +33 -44
- package/src/url/UrlString.ts +3 -12
- package/src/utils/Constants.ts +103 -146
- package/src/utils/FunctionWrappers.ts +28 -29
- package/src/utils/ProtocolUtils.ts +6 -6
- package/src/utils/UrlUtils.ts +2 -15
- package/dist/cache/entities/AccountEntity.mjs +0 -232
- package/dist/cache/entities/AccountEntity.mjs.map +0 -1
- package/dist/request/CommonClientCredentialRequest.d.ts +0 -18
- package/dist/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/dist/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/dist/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/dist/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/dist/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/dist/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/dist/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/lib/index-node-D8Iaiqq3.js.map +0 -1
- package/lib/types/request/CommonClientCredentialRequest.d.ts +0 -18
- package/lib/types/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/lib/types/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/lib/types/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/src/request/CommonClientCredentialRequest.ts +0 -23
- package/src/request/CommonDeviceCodeRequest.ts +0 -31
- package/src/request/CommonOnBehalfOfRequest.ts +0 -19
- package/src/request/CommonUsernamePasswordRequest.ts +0 -23
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import { AuthenticationScheme
|
|
6
|
+
import { AuthenticationScheme } from "../utils/Constants.js";
|
|
7
7
|
import type { AzureCloudOptions } from "../config/ClientConfiguration.js";
|
|
8
8
|
import { StringDict } from "../utils/MsalTypes.js";
|
|
9
9
|
import { StoreInCache } from "./StoreInCache.js";
|
|
@@ -24,15 +24,12 @@ import { ShrOptions } from "../crypto/SignedHttpRequest.js";
|
|
|
24
24
|
* - sshJwk - A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
|
|
25
25
|
* - sshKid - Key ID that uniquely identifies the SSH public key mentioned above.
|
|
26
26
|
* - azureCloudOptions - Convenience string enums for users to provide public/sovereign cloud ids
|
|
27
|
-
* - requestedClaimsHash - SHA 256 hash string of the requested claims string, used as part of an access token cache key so tokens can be filtered by requested claims
|
|
28
27
|
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
29
28
|
* - tokenBodyParameters - String to string map of custom parameters added to the body of the /token call
|
|
30
29
|
* - storeInCache - Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
|
|
31
30
|
* - scenarioId - Scenario id to track custom user prompts
|
|
32
31
|
* - popKid - Key ID to identify the public key for PoP token request
|
|
33
32
|
* - embeddedClientId - Embedded client id. When specified, broker client id (brk_client_id) and redirect uri (brk_redirect_uri) params are set with values from the config, overriding the corresponding extra parameters, if present.
|
|
34
|
-
* - httpMethod - HTTP method to use for the /authorize request. Defaults to GET, but can be set to POST if the request requires body parameters
|
|
35
|
-
* - authorizePostBodyParameters - String to string map of custom parameters added to the body of the /authorize call when httpMethod is set to POST
|
|
36
33
|
*/
|
|
37
34
|
export type BaseAuthRequest = {
|
|
38
35
|
authority: string;
|
|
@@ -48,7 +45,6 @@ export type BaseAuthRequest = {
|
|
|
48
45
|
sshJwk?: string;
|
|
49
46
|
sshKid?: string;
|
|
50
47
|
azureCloudOptions?: AzureCloudOptions;
|
|
51
|
-
requestedClaimsHash?: string;
|
|
52
48
|
maxAge?: number;
|
|
53
49
|
tokenBodyParameters?: StringDict;
|
|
54
50
|
tokenQueryParameters?: StringDict;
|
|
@@ -56,6 +52,4 @@ export type BaseAuthRequest = {
|
|
|
56
52
|
scenarioId?: string;
|
|
57
53
|
popKid?: string;
|
|
58
54
|
embeddedClientId?: string;
|
|
59
|
-
httpMethod?: HttpMethod;
|
|
60
|
-
authorizePostBodyParameters?: StringDict;
|
|
61
55
|
};
|
|
@@ -3,17 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import
|
|
7
|
-
ResponseMode,
|
|
8
|
-
CLIENT_INFO,
|
|
9
|
-
AuthenticationScheme,
|
|
10
|
-
ClaimsRequestKeys,
|
|
11
|
-
PasswordGrantConstants,
|
|
12
|
-
OIDC_DEFAULT_SCOPES,
|
|
13
|
-
ThrottlingConstants,
|
|
14
|
-
HeaderNames,
|
|
15
|
-
OAuthResponseType,
|
|
16
|
-
} from "../utils/Constants.js";
|
|
6
|
+
import * as Constants from "../utils/Constants.js";
|
|
17
7
|
import * as AADServerParamKeys from "../constants/AADServerParamKeys.js";
|
|
18
8
|
import { ScopeSet } from "./ScopeSet.js";
|
|
19
9
|
import {
|
|
@@ -59,7 +49,7 @@ export function instrumentBrokerParams(
|
|
|
59
49
|
*/
|
|
60
50
|
export function addResponseType(
|
|
61
51
|
parameters: Map<string, string>,
|
|
62
|
-
responseType: OAuthResponseType
|
|
52
|
+
responseType: Constants.OAuthResponseType
|
|
63
53
|
): void {
|
|
64
54
|
parameters.set(AADServerParamKeys.RESPONSE_TYPE, responseType);
|
|
65
55
|
}
|
|
@@ -70,11 +60,11 @@ export function addResponseType(
|
|
|
70
60
|
*/
|
|
71
61
|
export function addResponseMode(
|
|
72
62
|
parameters: Map<string, string>,
|
|
73
|
-
responseMode?: ResponseMode
|
|
63
|
+
responseMode?: Constants.ResponseMode
|
|
74
64
|
): void {
|
|
75
65
|
parameters.set(
|
|
76
66
|
AADServerParamKeys.RESPONSE_MODE,
|
|
77
|
-
responseMode ? responseMode : ResponseMode.QUERY
|
|
67
|
+
responseMode ? responseMode : Constants.ResponseMode.QUERY
|
|
78
68
|
);
|
|
79
69
|
}
|
|
80
70
|
|
|
@@ -94,7 +84,7 @@ export function addScopes(
|
|
|
94
84
|
parameters: Map<string, string>,
|
|
95
85
|
scopes: string[],
|
|
96
86
|
addOidcScopes: boolean = true,
|
|
97
|
-
defaultScopes: Array<string> = OIDC_DEFAULT_SCOPES
|
|
87
|
+
defaultScopes: Array<string> = Constants.OIDC_DEFAULT_SCOPES
|
|
98
88
|
): void {
|
|
99
89
|
// Always add openid to the scopes when adding OIDC scopes
|
|
100
90
|
if (
|
|
@@ -185,7 +175,7 @@ export function addCcsUpn(
|
|
|
185
175
|
parameters: Map<string, string>,
|
|
186
176
|
loginHint: string
|
|
187
177
|
): void {
|
|
188
|
-
parameters.set(HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
|
|
178
|
+
parameters.set(Constants.HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
|
|
189
179
|
}
|
|
190
180
|
|
|
191
181
|
/**
|
|
@@ -197,7 +187,7 @@ export function addCcsOid(
|
|
|
197
187
|
clientInfo: ClientInfo
|
|
198
188
|
): void {
|
|
199
189
|
parameters.set(
|
|
200
|
-
HeaderNames.CCS_HEADER,
|
|
190
|
+
Constants.HeaderNames.CCS_HEADER,
|
|
201
191
|
`Oid:${clientInfo.uid}@${clientInfo.utid}`
|
|
202
192
|
);
|
|
203
193
|
}
|
|
@@ -455,7 +445,7 @@ export function addGrantType(
|
|
|
455
445
|
*
|
|
456
446
|
*/
|
|
457
447
|
export function addClientInfo(parameters: Map<string, string>): void {
|
|
458
|
-
parameters.set(CLIENT_INFO, "1");
|
|
448
|
+
parameters.set(Constants.CLIENT_INFO, "1");
|
|
459
449
|
}
|
|
460
450
|
|
|
461
451
|
export function addInstanceAware(parameters: Map<string, string>): void {
|
|
@@ -499,16 +489,21 @@ export function addClientCapabilitiesToClaims(
|
|
|
499
489
|
}
|
|
500
490
|
|
|
501
491
|
if (clientCapabilities && clientCapabilities.length > 0) {
|
|
502
|
-
if (
|
|
492
|
+
if (
|
|
493
|
+
!mergedClaims.hasOwnProperty(
|
|
494
|
+
Constants.ClaimsRequestKeys.ACCESS_TOKEN
|
|
495
|
+
)
|
|
496
|
+
) {
|
|
503
497
|
// Add access_token key to claims object
|
|
504
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
498
|
+
mergedClaims[Constants.ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
505
499
|
}
|
|
506
500
|
|
|
507
501
|
// Add xms_cc claim with provided clientCapabilities to access_token key
|
|
508
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
502
|
+
mergedClaims[Constants.ClaimsRequestKeys.ACCESS_TOKEN][
|
|
503
|
+
Constants.ClaimsRequestKeys.XMS_CC
|
|
504
|
+
] = {
|
|
505
|
+
values: clientCapabilities,
|
|
506
|
+
};
|
|
512
507
|
}
|
|
513
508
|
|
|
514
509
|
return JSON.stringify(mergedClaims);
|
|
@@ -522,7 +517,7 @@ export function addUsername(
|
|
|
522
517
|
parameters: Map<string, string>,
|
|
523
518
|
username: string
|
|
524
519
|
): void {
|
|
525
|
-
parameters.set(PasswordGrantConstants.username, username);
|
|
520
|
+
parameters.set(Constants.PasswordGrantConstants.username, username);
|
|
526
521
|
}
|
|
527
522
|
|
|
528
523
|
/**
|
|
@@ -533,7 +528,7 @@ export function addPassword(
|
|
|
533
528
|
parameters: Map<string, string>,
|
|
534
529
|
password: string
|
|
535
530
|
): void {
|
|
536
|
-
parameters.set(PasswordGrantConstants.password, password);
|
|
531
|
+
parameters.set(Constants.PasswordGrantConstants.password, password);
|
|
537
532
|
}
|
|
538
533
|
|
|
539
534
|
/**
|
|
@@ -545,7 +540,10 @@ export function addPopToken(
|
|
|
545
540
|
cnfString: string
|
|
546
541
|
): void {
|
|
547
542
|
if (cnfString) {
|
|
548
|
-
parameters.set(
|
|
543
|
+
parameters.set(
|
|
544
|
+
AADServerParamKeys.TOKEN_TYPE,
|
|
545
|
+
Constants.AuthenticationScheme.POP
|
|
546
|
+
);
|
|
549
547
|
parameters.set(AADServerParamKeys.REQ_CNF, cnfString);
|
|
550
548
|
}
|
|
551
549
|
}
|
|
@@ -558,7 +556,10 @@ export function addSshJwk(
|
|
|
558
556
|
sshJwkString: string
|
|
559
557
|
): void {
|
|
560
558
|
if (sshJwkString) {
|
|
561
|
-
parameters.set(
|
|
559
|
+
parameters.set(
|
|
560
|
+
AADServerParamKeys.TOKEN_TYPE,
|
|
561
|
+
Constants.AuthenticationScheme.SSH
|
|
562
|
+
);
|
|
562
563
|
parameters.set(AADServerParamKeys.REQ_CNF, sshJwkString);
|
|
563
564
|
}
|
|
564
565
|
}
|
|
@@ -587,7 +588,7 @@ export function addServerTelemetry(
|
|
|
587
588
|
export function addThrottling(parameters: Map<string, string>): void {
|
|
588
589
|
parameters.set(
|
|
589
590
|
AADServerParamKeys.X_MS_LIB_CAPABILITY,
|
|
590
|
-
|
|
591
|
+
Constants.X_MS_LIB_CAPABILITY_VALUE
|
|
591
592
|
);
|
|
592
593
|
}
|
|
593
594
|
|
|
@@ -632,19 +633,3 @@ export function addEARParameters(
|
|
|
632
633
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
633
634
|
parameters.set(AADServerParamKeys.EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
634
635
|
}
|
|
635
|
-
|
|
636
|
-
/**
|
|
637
|
-
* Adds authorize body parameters to the request parameters
|
|
638
|
-
* @param parameters
|
|
639
|
-
* @param bodyParameters
|
|
640
|
-
*/
|
|
641
|
-
export function addPostBodyParameters(
|
|
642
|
-
parameters: Map<string, string>,
|
|
643
|
-
bodyParameters: StringDict
|
|
644
|
-
): void {
|
|
645
|
-
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
646
|
-
if (value) {
|
|
647
|
-
parameters.set(key, value);
|
|
648
|
-
}
|
|
649
|
-
});
|
|
650
|
-
}
|
package/src/request/ScopeSet.ts
CHANGED
|
@@ -13,9 +13,9 @@ import {
|
|
|
13
13
|
createClientAuthError,
|
|
14
14
|
} from "../error/ClientAuthError.js";
|
|
15
15
|
import {
|
|
16
|
-
Constants,
|
|
17
16
|
OIDC_SCOPES,
|
|
18
17
|
OIDC_DEFAULT_SCOPES,
|
|
18
|
+
OFFLINE_ACCESS_SCOPE,
|
|
19
19
|
} from "../utils/Constants.js";
|
|
20
20
|
|
|
21
21
|
/**
|
|
@@ -54,7 +54,7 @@ export class ScopeSet {
|
|
|
54
54
|
* @param scopesRequired
|
|
55
55
|
*/
|
|
56
56
|
static fromString(inputScopeString: string): ScopeSet {
|
|
57
|
-
const scopeString = inputScopeString ||
|
|
57
|
+
const scopeString = inputScopeString || "";
|
|
58
58
|
const inputScopes: Array<string> = scopeString.split(" ");
|
|
59
59
|
return new ScopeSet(inputScopes);
|
|
60
60
|
}
|
|
@@ -75,7 +75,7 @@ export class ScopeSet {
|
|
|
75
75
|
if (!scopeSet.containsOnlyOIDCScopes()) {
|
|
76
76
|
scopeSet.removeOIDCScopes();
|
|
77
77
|
} else {
|
|
78
|
-
scopeSet.removeScope(
|
|
78
|
+
scopeSet.removeScope(OFFLINE_ACCESS_SCOPE);
|
|
79
79
|
}
|
|
80
80
|
|
|
81
81
|
return scopeSet;
|
|
@@ -234,7 +234,7 @@ export class ScopeSet {
|
|
|
234
234
|
const scopeArr = this.asArray();
|
|
235
235
|
return scopeArr.join(" ");
|
|
236
236
|
}
|
|
237
|
-
return
|
|
237
|
+
return "";
|
|
238
238
|
}
|
|
239
239
|
|
|
240
240
|
/**
|
|
@@ -25,12 +25,7 @@ import {
|
|
|
25
25
|
import { CacheRecord } from "../cache/entities/CacheRecord.js";
|
|
26
26
|
import { CacheManager } from "../cache/CacheManager.js";
|
|
27
27
|
import { ProtocolUtils, RequestStateObject } from "../utils/ProtocolUtils.js";
|
|
28
|
-
import
|
|
29
|
-
AuthenticationScheme,
|
|
30
|
-
Constants,
|
|
31
|
-
THE_FAMILY_ID,
|
|
32
|
-
HttpStatus,
|
|
33
|
-
} from "../utils/Constants.js";
|
|
28
|
+
import * as Constants from "../utils/Constants.js";
|
|
34
29
|
import { PopTokenGenerator } from "../crypto/PopTokenGenerator.js";
|
|
35
30
|
import { AppMetadataEntity } from "../cache/entities/AppMetadataEntity.js";
|
|
36
31
|
import { ICachePlugin } from "../cache/interface/ICachePlugin.js";
|
|
@@ -38,8 +33,6 @@ import { TokenCacheContext } from "../cache/persistence/TokenCacheContext.js";
|
|
|
38
33
|
import { ISerializableTokenCache } from "../cache/interface/ISerializableTokenCache.js";
|
|
39
34
|
import { AuthorizationCodePayload } from "./AuthorizationCodePayload.js";
|
|
40
35
|
import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
|
|
41
|
-
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
42
|
-
import { PerformanceEvents } from "../telemetry/performance/PerformanceEvent.js";
|
|
43
36
|
import { checkMaxAge, extractTokenClaims } from "../account/AuthToken.js";
|
|
44
37
|
import {
|
|
45
38
|
TokenClaims,
|
|
@@ -52,6 +45,8 @@ import {
|
|
|
52
45
|
} from "../account/AccountInfo.js";
|
|
53
46
|
import * as CacheHelpers from "../cache/utils/CacheHelpers.js";
|
|
54
47
|
import * as TimeUtils from "../utils/TimeUtils.js";
|
|
48
|
+
import * as AccountEntityUtils from "../cache/utils/AccountEntityUtils.js";
|
|
49
|
+
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
55
50
|
|
|
56
51
|
/**
|
|
57
52
|
* Class that handles response parsing.
|
|
@@ -63,35 +58,37 @@ export class ResponseHandler {
|
|
|
63
58
|
private cryptoObj: ICrypto;
|
|
64
59
|
private logger: Logger;
|
|
65
60
|
private homeAccountIdentifier: string;
|
|
61
|
+
private performanceClient: IPerformanceClient;
|
|
66
62
|
private serializableCache: ISerializableTokenCache | null;
|
|
67
63
|
private persistencePlugin: ICachePlugin | null;
|
|
68
|
-
private performanceClient?: IPerformanceClient;
|
|
69
64
|
|
|
70
65
|
constructor(
|
|
71
66
|
clientId: string,
|
|
72
67
|
cacheStorage: CacheManager,
|
|
73
68
|
cryptoObj: ICrypto,
|
|
74
69
|
logger: Logger,
|
|
70
|
+
performanceClient: IPerformanceClient,
|
|
75
71
|
serializableCache: ISerializableTokenCache | null,
|
|
76
|
-
persistencePlugin: ICachePlugin | null
|
|
77
|
-
performanceClient?: IPerformanceClient
|
|
72
|
+
persistencePlugin: ICachePlugin | null
|
|
78
73
|
) {
|
|
79
74
|
this.clientId = clientId;
|
|
80
75
|
this.cacheStorage = cacheStorage;
|
|
81
76
|
this.cryptoObj = cryptoObj;
|
|
82
77
|
this.logger = logger;
|
|
78
|
+
this.performanceClient = performanceClient;
|
|
83
79
|
this.serializableCache = serializableCache;
|
|
84
80
|
this.persistencePlugin = persistencePlugin;
|
|
85
|
-
this.performanceClient = performanceClient;
|
|
86
81
|
}
|
|
87
82
|
|
|
88
83
|
/**
|
|
89
84
|
* Function which validates server authorization token response.
|
|
90
85
|
* @param serverResponse
|
|
86
|
+
* @param correlationId
|
|
91
87
|
* @param refreshAccessToken
|
|
92
88
|
*/
|
|
93
89
|
validateTokenResponse(
|
|
94
90
|
serverResponse: ServerAuthorizationTokenResponse,
|
|
91
|
+
correlationId: string,
|
|
95
92
|
refreshAccessToken?: boolean
|
|
96
93
|
): void {
|
|
97
94
|
// Check for error
|
|
@@ -126,11 +123,13 @@ export class ResponseHandler {
|
|
|
126
123
|
if (
|
|
127
124
|
refreshAccessToken &&
|
|
128
125
|
serverResponse.status &&
|
|
129
|
-
serverResponse.status >=
|
|
130
|
-
|
|
126
|
+
serverResponse.status >=
|
|
127
|
+
Constants.HTTP_SERVER_ERROR_RANGE_START &&
|
|
128
|
+
serverResponse.status <= Constants.HTTP_SERVER_ERROR_RANGE_END
|
|
131
129
|
) {
|
|
132
130
|
this.logger.warning(
|
|
133
|
-
`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.\n${serverError}
|
|
131
|
+
`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.\n${serverError}`,
|
|
132
|
+
correlationId
|
|
134
133
|
);
|
|
135
134
|
|
|
136
135
|
// don't throw an exception, but alert the user via a log that the token was unable to be refreshed
|
|
@@ -139,11 +138,13 @@ export class ResponseHandler {
|
|
|
139
138
|
} else if (
|
|
140
139
|
refreshAccessToken &&
|
|
141
140
|
serverResponse.status &&
|
|
142
|
-
serverResponse.status >=
|
|
143
|
-
|
|
141
|
+
serverResponse.status >=
|
|
142
|
+
Constants.HTTP_CLIENT_ERROR_RANGE_START &&
|
|
143
|
+
serverResponse.status <= Constants.HTTP_CLIENT_ERROR_RANGE_END
|
|
144
144
|
) {
|
|
145
145
|
this.logger.warning(
|
|
146
|
-
`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.\n${serverError}
|
|
146
|
+
`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.\n${serverError}`,
|
|
147
|
+
correlationId
|
|
147
148
|
);
|
|
148
149
|
|
|
149
150
|
// don't throw an exception, but alert the user via a log that the token was unable to be refreshed
|
|
@@ -161,10 +162,10 @@ export class ResponseHandler {
|
|
|
161
162
|
serverResponse.error,
|
|
162
163
|
serverResponse.error_description,
|
|
163
164
|
serverResponse.suberror,
|
|
164
|
-
serverResponse.timestamp ||
|
|
165
|
-
serverResponse.trace_id ||
|
|
166
|
-
serverResponse.correlation_id ||
|
|
167
|
-
serverResponse.claims ||
|
|
165
|
+
serverResponse.timestamp || "",
|
|
166
|
+
serverResponse.trace_id || "",
|
|
167
|
+
serverResponse.correlation_id || "",
|
|
168
|
+
serverResponse.claims || "",
|
|
168
169
|
serverErrorNo
|
|
169
170
|
);
|
|
170
171
|
}
|
|
@@ -189,16 +190,11 @@ export class ResponseHandler {
|
|
|
189
190
|
forceCacheRefreshTokenResponse?: boolean,
|
|
190
191
|
serverRequestId?: string
|
|
191
192
|
): Promise<AuthenticationResult> {
|
|
192
|
-
this.performanceClient?.addQueueMeasurement(
|
|
193
|
-
PerformanceEvents.HandleServerTokenResponse,
|
|
194
|
-
serverTokenResponse.correlation_id
|
|
195
|
-
);
|
|
196
|
-
|
|
197
193
|
// create an idToken object (not entity)
|
|
198
194
|
let idTokenClaims: TokenClaims | undefined;
|
|
199
195
|
if (serverTokenResponse.id_token) {
|
|
200
196
|
idTokenClaims = extractTokenClaims(
|
|
201
|
-
serverTokenResponse.id_token ||
|
|
197
|
+
serverTokenResponse.id_token || "",
|
|
202
198
|
this.cryptoObj.base64Decode
|
|
203
199
|
);
|
|
204
200
|
|
|
@@ -225,11 +221,12 @@ export class ResponseHandler {
|
|
|
225
221
|
}
|
|
226
222
|
|
|
227
223
|
// generate homeAccountId
|
|
228
|
-
this.homeAccountIdentifier =
|
|
229
|
-
serverTokenResponse.client_info ||
|
|
224
|
+
this.homeAccountIdentifier = AccountEntityUtils.generateHomeAccountId(
|
|
225
|
+
serverTokenResponse.client_info || "",
|
|
230
226
|
authority.authorityType,
|
|
231
227
|
this.logger,
|
|
232
228
|
this.cryptoObj,
|
|
229
|
+
request.correlationId,
|
|
233
230
|
idTokenClaims
|
|
234
231
|
);
|
|
235
232
|
|
|
@@ -259,7 +256,8 @@ export class ResponseHandler {
|
|
|
259
256
|
try {
|
|
260
257
|
if (this.persistencePlugin && this.serializableCache) {
|
|
261
258
|
this.logger.verbose(
|
|
262
|
-
"Persistence enabled, calling beforeCacheAccess"
|
|
259
|
+
"Persistence enabled, calling beforeCacheAccess",
|
|
260
|
+
request.correlationId
|
|
263
261
|
);
|
|
264
262
|
cacheContext = new TokenCacheContext(
|
|
265
263
|
this.serializableCache,
|
|
@@ -279,7 +277,7 @@ export class ResponseHandler {
|
|
|
279
277
|
cacheRecord.account
|
|
280
278
|
) {
|
|
281
279
|
const key = this.cacheStorage.generateAccountKey(
|
|
282
|
-
cacheRecord.account
|
|
280
|
+
AccountEntityUtils.getAccountInfo(cacheRecord.account)
|
|
283
281
|
);
|
|
284
282
|
const account = this.cacheStorage.getAccount(
|
|
285
283
|
key,
|
|
@@ -287,7 +285,8 @@ export class ResponseHandler {
|
|
|
287
285
|
);
|
|
288
286
|
if (!account) {
|
|
289
287
|
this.logger.warning(
|
|
290
|
-
"Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"
|
|
288
|
+
"Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache",
|
|
289
|
+
request.correlationId
|
|
291
290
|
);
|
|
292
291
|
return await ResponseHandler.generateAuthenticationResult(
|
|
293
292
|
this.cryptoObj,
|
|
@@ -295,6 +294,7 @@ export class ResponseHandler {
|
|
|
295
294
|
cacheRecord,
|
|
296
295
|
false,
|
|
297
296
|
request,
|
|
297
|
+
this.performanceClient,
|
|
298
298
|
idTokenClaims,
|
|
299
299
|
requestStateObj,
|
|
300
300
|
undefined,
|
|
@@ -314,7 +314,8 @@ export class ResponseHandler {
|
|
|
314
314
|
cacheContext
|
|
315
315
|
) {
|
|
316
316
|
this.logger.verbose(
|
|
317
|
-
"Persistence enabled, calling afterCacheAccess"
|
|
317
|
+
"Persistence enabled, calling afterCacheAccess",
|
|
318
|
+
request.correlationId
|
|
318
319
|
);
|
|
319
320
|
await this.persistencePlugin.afterCacheAccess(cacheContext);
|
|
320
321
|
}
|
|
@@ -326,6 +327,7 @@ export class ResponseHandler {
|
|
|
326
327
|
cacheRecord,
|
|
327
328
|
false,
|
|
328
329
|
request,
|
|
330
|
+
this.performanceClient,
|
|
329
331
|
idTokenClaims,
|
|
330
332
|
requestStateObj,
|
|
331
333
|
serverTokenResponse,
|
|
@@ -431,9 +433,7 @@ export class ResponseHandler {
|
|
|
431
433
|
refreshOnSeconds,
|
|
432
434
|
serverTokenResponse.token_type,
|
|
433
435
|
userAssertionHash,
|
|
434
|
-
serverTokenResponse.key_id
|
|
435
|
-
request.claims,
|
|
436
|
-
request.requestedClaimsHash
|
|
436
|
+
serverTokenResponse.key_id
|
|
437
437
|
);
|
|
438
438
|
}
|
|
439
439
|
|
|
@@ -498,17 +498,18 @@ export class ResponseHandler {
|
|
|
498
498
|
cacheRecord: CacheRecord,
|
|
499
499
|
fromTokenCache: boolean,
|
|
500
500
|
request: BaseAuthRequest,
|
|
501
|
+
performanceClient: IPerformanceClient,
|
|
501
502
|
idTokenClaims?: TokenClaims,
|
|
502
503
|
requestState?: RequestStateObject,
|
|
503
504
|
serverTokenResponse?: ServerAuthorizationTokenResponse,
|
|
504
505
|
requestId?: string
|
|
505
506
|
): Promise<AuthenticationResult> {
|
|
506
|
-
let accessToken: string =
|
|
507
|
+
let accessToken: string = "";
|
|
507
508
|
let responseScopes: Array<string> = [];
|
|
508
509
|
let expiresOn: Date | null = null;
|
|
509
510
|
let extExpiresOn: Date | undefined;
|
|
510
511
|
let refreshOn: Date | undefined;
|
|
511
|
-
let familyId: string =
|
|
512
|
+
let familyId: string = "";
|
|
512
513
|
|
|
513
514
|
if (cacheRecord.accessToken) {
|
|
514
515
|
/*
|
|
@@ -517,11 +518,11 @@ export class ResponseHandler {
|
|
|
517
518
|
*/
|
|
518
519
|
if (
|
|
519
520
|
cacheRecord.accessToken.tokenType ===
|
|
520
|
-
AuthenticationScheme.POP &&
|
|
521
|
+
Constants.AuthenticationScheme.POP &&
|
|
521
522
|
!request.popKid
|
|
522
523
|
) {
|
|
523
524
|
const popTokenGenerator: PopTokenGenerator =
|
|
524
|
-
new PopTokenGenerator(cryptoObj);
|
|
525
|
+
new PopTokenGenerator(cryptoObj, performanceClient);
|
|
525
526
|
const { secret, keyId } = cacheRecord.accessToken;
|
|
526
527
|
|
|
527
528
|
if (!keyId) {
|
|
@@ -557,8 +558,8 @@ export class ResponseHandler {
|
|
|
557
558
|
|
|
558
559
|
if (cacheRecord.appMetadata) {
|
|
559
560
|
familyId =
|
|
560
|
-
cacheRecord.appMetadata.familyId === THE_FAMILY_ID
|
|
561
|
-
? THE_FAMILY_ID
|
|
561
|
+
cacheRecord.appMetadata.familyId === Constants.THE_FAMILY_ID
|
|
562
|
+
? Constants.THE_FAMILY_ID
|
|
562
563
|
: "";
|
|
563
564
|
}
|
|
564
565
|
const uid = idTokenClaims?.oid || idTokenClaims?.sub || "";
|
|
@@ -572,7 +573,7 @@ export class ResponseHandler {
|
|
|
572
573
|
|
|
573
574
|
const accountInfo: AccountInfo | null = cacheRecord.account
|
|
574
575
|
? updateAccountTenantProfileData(
|
|
575
|
-
cacheRecord.account
|
|
576
|
+
AccountEntityUtils.getAccountInfo(cacheRecord.account),
|
|
576
577
|
undefined, // tenantProfile optional
|
|
577
578
|
idTokenClaims,
|
|
578
579
|
cacheRecord.idToken?.secret
|
|
@@ -593,20 +594,14 @@ export class ResponseHandler {
|
|
|
593
594
|
extExpiresOn: extExpiresOn,
|
|
594
595
|
refreshOn: refreshOn,
|
|
595
596
|
correlationId: request.correlationId,
|
|
596
|
-
requestId: requestId ||
|
|
597
|
+
requestId: requestId || "",
|
|
597
598
|
familyId: familyId,
|
|
598
|
-
tokenType:
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
: Constants.EMPTY_STRING,
|
|
603
|
-
cloudGraphHostName:
|
|
604
|
-
cacheRecord.account?.cloudGraphHostName ||
|
|
605
|
-
Constants.EMPTY_STRING,
|
|
606
|
-
msGraphHost:
|
|
607
|
-
cacheRecord.account?.msGraphHost || Constants.EMPTY_STRING,
|
|
599
|
+
tokenType: cacheRecord.accessToken?.tokenType || "",
|
|
600
|
+
state: requestState ? requestState.userRequestState : "",
|
|
601
|
+
cloudGraphHostName: cacheRecord.account?.cloudGraphHostName || "",
|
|
602
|
+
msGraphHost: cacheRecord.account?.msGraphHost || "",
|
|
608
603
|
code: serverTokenResponse?.spa_code,
|
|
609
|
-
|
|
604
|
+
fromPlatformBroker: false,
|
|
610
605
|
};
|
|
611
606
|
}
|
|
612
607
|
}
|
|
@@ -625,7 +620,7 @@ export function buildAccountToCache(
|
|
|
625
620
|
nativeAccountId?: string,
|
|
626
621
|
logger?: Logger
|
|
627
622
|
): AccountEntity {
|
|
628
|
-
logger?.verbose("setCachedAccount called");
|
|
623
|
+
logger?.verbose("setCachedAccount called", correlationId);
|
|
629
624
|
|
|
630
625
|
// Check if base account is already cached
|
|
631
626
|
const accountKeys = cacheStorage.getAccountKeys();
|
|
@@ -640,7 +635,7 @@ export function buildAccountToCache(
|
|
|
640
635
|
|
|
641
636
|
const baseAccount =
|
|
642
637
|
cachedAccount ||
|
|
643
|
-
|
|
638
|
+
AccountEntityUtils.createAccountEntity(
|
|
644
639
|
{
|
|
645
640
|
homeAccountId,
|
|
646
641
|
idTokenClaims,
|
|
@@ -4,25 +4,18 @@
|
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
6
|
import { PerformanceEvent } from "./PerformanceEvent.js";
|
|
7
|
-
import { IPerformanceMeasurement } from "./IPerformanceMeasurement.js";
|
|
8
|
-
import { AccountInfo } from "../../account/AccountInfo.js";
|
|
9
7
|
|
|
10
8
|
export type PerformanceCallbackFunction = (events: PerformanceEvent[]) => void;
|
|
11
9
|
|
|
12
10
|
export type InProgressPerformanceEvent = {
|
|
13
11
|
end: (
|
|
14
12
|
event?: Partial<PerformanceEvent>,
|
|
15
|
-
error?: unknown
|
|
16
|
-
account?: AccountInfo
|
|
13
|
+
error?: unknown
|
|
17
14
|
) => PerformanceEvent | null;
|
|
18
15
|
discard: () => void;
|
|
19
16
|
add: (fields: { [key: string]: {} | undefined }) => void;
|
|
20
17
|
increment: (fields: { [key: string]: number | undefined }) => void;
|
|
21
18
|
event: PerformanceEvent;
|
|
22
|
-
/**
|
|
23
|
-
* @deprecated This attribute will be removed in the next major version
|
|
24
|
-
*/
|
|
25
|
-
measurement: IPerformanceMeasurement;
|
|
26
19
|
};
|
|
27
20
|
|
|
28
21
|
export interface IPerformanceClient {
|
|
@@ -43,40 +36,5 @@ export interface IPerformanceClient {
|
|
|
43
36
|
removePerformanceCallback(callbackId: string): boolean;
|
|
44
37
|
addPerformanceCallback(callback: PerformanceCallbackFunction): string;
|
|
45
38
|
emitEvents(events: PerformanceEvent[], correlationId: string): void;
|
|
46
|
-
/**
|
|
47
|
-
* @deprecated This method will be removed in the next major version
|
|
48
|
-
*/
|
|
49
|
-
startPerformanceMeasurement(
|
|
50
|
-
measureName: string,
|
|
51
|
-
correlationId: string
|
|
52
|
-
): IPerformanceMeasurement;
|
|
53
39
|
generateId(): string;
|
|
54
|
-
calculateQueuedTime(preQueueTime: number, currentTime: number): number;
|
|
55
|
-
addQueueMeasurement(
|
|
56
|
-
eventName: string,
|
|
57
|
-
correlationId?: string,
|
|
58
|
-
queueTime?: number,
|
|
59
|
-
manuallyCompleted?: boolean
|
|
60
|
-
): void;
|
|
61
|
-
setPreQueueTime(eventName: string, correlationId?: string): void;
|
|
62
40
|
}
|
|
63
|
-
|
|
64
|
-
/**
|
|
65
|
-
* Queue measurement type
|
|
66
|
-
*/
|
|
67
|
-
export type QueueMeasurement = {
|
|
68
|
-
/**
|
|
69
|
-
* Name of performance event
|
|
70
|
-
*/
|
|
71
|
-
eventName: string;
|
|
72
|
-
|
|
73
|
-
/**
|
|
74
|
-
* Time spent in JS queue
|
|
75
|
-
*/
|
|
76
|
-
queueTime: number;
|
|
77
|
-
|
|
78
|
-
/**
|
|
79
|
-
* Incomplete pre-queue events are instrumentation bugs that should be fixed.
|
|
80
|
-
*/
|
|
81
|
-
manuallyCompleted?: boolean;
|
|
82
|
-
};
|