@azure/msal-common 15.13.3 → 16.0.0-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +0 -1
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.d.ts.map +1 -1
- package/dist/account/AuthToken.mjs +2 -3
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +4 -6
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.d.ts +2 -2
- package/dist/authority/Authority.d.ts.map +1 -1
- package/dist/authority/Authority.mjs +89 -105
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.d.ts +6 -2
- package/dist/authority/AuthorityFactory.d.ts.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +8 -5
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts +2 -2
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +34 -31
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.d.ts +0 -1
- package/dist/authority/AuthorityOptions.d.ts.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OIDCOptions.d.ts +2 -2
- package/dist/authority/OIDCOptions.d.ts.map +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.d.ts +3 -3
- package/dist/authority/RegionDiscovery.d.ts.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +14 -15
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +26 -19
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +70 -83
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/dist/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +4 -56
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +0 -2
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +35 -17
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +53 -0
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/dist/cache/utils/AccountEntityUtils.mjs +192 -0
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -0
- package/dist/cache/utils/CacheHelpers.d.ts +2 -2
- package/dist/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +10 -13
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/cache/utils/CacheTypes.d.ts +0 -1
- package/dist/cache/utils/CacheTypes.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +23 -4
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +63 -35
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +17 -4
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +51 -37
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +17 -4
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +28 -15
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.d.ts +2 -22
- package/dist/config/ClientConfiguration.d.ts.map +1 -1
- package/dist/config/ClientConfiguration.mjs +9 -15
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.d.ts +5 -3
- package/dist/crypto/ICrypto.d.ts.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.d.ts +2 -2
- package/dist/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +3 -5
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +1 -18
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +12 -34
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +1 -6
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +6 -13
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.d.ts +0 -229
- package/dist/error/ClientAuthError.d.ts.map +1 -1
- package/dist/error/ClientAuthError.mjs +3 -240
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +0 -8
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +2 -10
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.d.ts +0 -128
- package/dist/error/ClientConfigurationError.d.ts.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +3 -134
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +3 -5
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.d.ts +1 -19
- package/dist/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +10 -35
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.d.ts +0 -4
- package/dist/error/JoseHeaderError.d.ts.map +1 -1
- package/dist/error/JoseHeaderError.mjs +3 -8
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.d.ts.map +1 -1
- package/dist/error/PlatformBrokerError.mjs +3 -2
- package/dist/error/PlatformBrokerError.mjs.map +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-browser-only.d.ts +4 -3
- package/dist/exports-browser-only.d.ts.map +1 -1
- package/dist/exports-common.d.ts +11 -8
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +2 -4
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-node.mjs +15 -10
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +17 -11
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +36 -13
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +105 -22
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +2 -2
- package/dist/network/RequestThumbprint.mjs.map +1 -1
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -7
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +1 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +14 -14
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.d.ts +40 -0
- package/dist/protocol/Token.d.ts.map +1 -0
- package/dist/protocol/Token.mjs +129 -0
- package/dist/protocol/Token.mjs.map +1 -0
- package/dist/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +3 -3
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +4 -8
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +2 -1
- package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +6 -12
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +11 -24
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +5 -5
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/AuthenticationResult.d.ts +1 -1
- package/dist/response/AuthenticationResult.d.ts.map +1 -1
- package/dist/response/ResponseHandler.d.ts +7 -6
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +41 -43
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +0 -29
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +5 -81
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +24 -170
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +1 -280
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +2 -483
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +66 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs +74 -0
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -0
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/dist/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +2 -26
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +28 -30
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.d.ts +0 -5
- package/dist/url/UrlString.d.ts.map +1 -1
- package/dist/url/UrlString.mjs +5 -13
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +81 -112
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +100 -127
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.d.ts +2 -2
- package/dist/utils/FunctionWrappers.d.ts.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +19 -20
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.d.ts +14 -35
- package/dist/utils/ProtocolUtils.d.ts.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +57 -61
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StateTypes.d.ts +15 -0
- package/dist/utils/StateTypes.d.ts.map +1 -0
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.d.ts +1 -2
- package/dist/utils/UrlUtils.d.ts.map +1 -1
- package/dist/utils/UrlUtils.mjs +3 -10
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +26 -206
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-4Jss3kYh.js → index-node-B7mR4APO.js} +3494 -4270
- package/lib/index-node-B7mR4APO.js.map +1 -0
- package/lib/index-node.cjs +6 -34
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -34
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +0 -1
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/AuthToken.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/authority/Authority.d.ts +2 -2
- package/lib/types/authority/Authority.d.ts.map +1 -1
- package/lib/types/authority/AuthorityFactory.d.ts +6 -2
- package/lib/types/authority/AuthorityFactory.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts +2 -2
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/authority/AuthorityOptions.d.ts +0 -1
- package/lib/types/authority/AuthorityOptions.d.ts.map +1 -1
- package/lib/types/authority/OIDCOptions.d.ts +2 -2
- package/lib/types/authority/OIDCOptions.d.ts.map +1 -1
- package/lib/types/authority/RegionDiscovery.d.ts +3 -3
- package/lib/types/authority/RegionDiscovery.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +26 -19
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccessTokenEntity.d.ts +0 -4
- package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +4 -56
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +0 -2
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +35 -17
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +53 -0
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/lib/types/cache/utils/CacheHelpers.d.ts +2 -2
- package/lib/types/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/lib/types/cache/utils/CacheTypes.d.ts +0 -1
- package/lib/types/cache/utils/CacheTypes.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +23 -4
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +17 -4
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +17 -4
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/config/ClientConfiguration.d.ts +2 -22
- package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
- package/lib/types/crypto/ICrypto.d.ts +5 -3
- package/lib/types/crypto/ICrypto.d.ts.map +1 -1
- package/lib/types/crypto/PopTokenGenerator.d.ts +2 -2
- package/lib/types/crypto/PopTokenGenerator.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +1 -18
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +1 -6
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthError.d.ts +0 -229
- package/lib/types/error/ClientAuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +0 -8
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +0 -128
- package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +0 -2
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/InteractionRequiredAuthError.d.ts +1 -19
- package/lib/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/lib/types/error/JoseHeaderError.d.ts +0 -4
- package/lib/types/error/JoseHeaderError.d.ts.map +1 -1
- package/lib/types/error/PlatformBrokerError.d.ts.map +1 -1
- package/lib/types/exports-browser-only.d.ts +4 -3
- package/lib/types/exports-browser-only.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +11 -8
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +2 -4
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +36 -13
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Authorize.d.ts +1 -2
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/protocol/Token.d.ts +40 -0
- package/lib/types/protocol/Token.d.ts.map +1 -0
- package/lib/types/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +4 -8
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +2 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +6 -12
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/AuthenticationResult.d.ts +1 -1
- package/lib/types/response/AuthenticationResult.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +7 -6
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +0 -29
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +5 -81
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +1 -280
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +66 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts +0 -4
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts +2 -2
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/lib/types/url/UrlString.d.ts +0 -5
- package/lib/types/url/UrlString.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +81 -112
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/FunctionWrappers.d.ts +2 -2
- package/lib/types/utils/FunctionWrappers.d.ts.map +1 -1
- package/lib/types/utils/ProtocolUtils.d.ts +14 -35
- package/lib/types/utils/ProtocolUtils.d.ts.map +1 -1
- package/lib/types/utils/StateTypes.d.ts +15 -0
- package/lib/types/utils/StateTypes.d.ts.map +1 -0
- package/lib/types/utils/UrlUtils.d.ts +1 -2
- package/lib/types/utils/UrlUtils.d.ts.map +1 -1
- package/package.json +7 -7
- package/src/account/AccountInfo.ts +0 -1
- package/src/account/AuthToken.ts +1 -2
- package/src/account/ClientInfo.ts +3 -6
- package/src/authority/Authority.ts +145 -146
- package/src/authority/AuthorityFactory.ts +7 -7
- package/src/authority/AuthorityMetadata.ts +54 -47
- package/src/authority/AuthorityOptions.ts +0 -1
- package/src/authority/OIDCOptions.ts +2 -2
- package/src/authority/RegionDiscovery.ts +20 -33
- package/src/cache/CacheManager.ts +177 -128
- package/src/cache/entities/AccessTokenEntity.ts +0 -4
- package/src/cache/entities/AccountEntity.ts +4 -292
- package/src/cache/entities/CredentialEntity.ts +0 -2
- package/src/cache/interface/ICacheManager.ts +55 -20
- package/src/cache/utils/AccountEntityUtils.ts +258 -0
- package/src/cache/utils/CacheHelpers.ts +23 -37
- package/src/cache/utils/CacheTypes.ts +0 -1
- package/src/client/AuthorizationCodeClient.ts +146 -58
- package/src/client/RefreshTokenClient.ts +108 -65
- package/src/client/SilentFlowClient.ts +74 -25
- package/src/config/ClientConfiguration.ts +9 -37
- package/src/crypto/ICrypto.ts +5 -3
- package/src/crypto/PopTokenGenerator.ts +3 -13
- package/src/error/AuthError.ts +11 -30
- package/src/error/CacheError.ts +4 -15
- package/src/error/ClientAuthError.ts +1 -317
- package/src/error/ClientAuthErrorCodes.ts +0 -8
- package/src/error/ClientConfigurationError.ts +1 -202
- package/src/error/ClientConfigurationErrorCodes.ts +0 -4
- package/src/error/InteractionRequiredAuthError.ts +8 -48
- package/src/error/JoseHeaderError.ts +1 -8
- package/src/error/PlatformBrokerError.ts +2 -1
- package/src/exports-browser-only.ts +2 -6
- package/src/exports-common.ts +8 -40
- package/src/exports-node-only.ts +5 -4
- package/src/logger/Logger.ts +174 -39
- package/src/network/RequestThumbprint.ts +1 -1
- package/src/network/ThrottlingUtils.ts +12 -15
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +24 -20
- package/src/protocol/Token.ts +230 -0
- package/src/request/AuthenticationHeaderParser.ts +2 -4
- package/src/request/BaseAuthRequest.ts +4 -8
- package/src/request/CommonAuthorizationCodeRequest.ts +2 -1
- package/src/request/CommonAuthorizationUrlRequest.ts +2 -4
- package/src/request/CommonRefreshTokenRequest.ts +2 -1
- package/src/request/CommonSilentFlowRequest.ts +2 -1
- package/src/request/RequestParameterBuilder.ts +35 -50
- package/src/request/ScopeSet.ts +4 -4
- package/src/response/AuthenticationResult.ts +1 -1
- package/src/response/ResponseHandler.ts +56 -60
- package/src/telemetry/performance/IPerformanceClient.ts +0 -40
- package/src/telemetry/performance/PerformanceClient.ts +26 -295
- package/src/telemetry/performance/PerformanceEvent.ts +3 -582
- package/src/telemetry/performance/PerformanceEvents.ts +98 -0
- package/src/telemetry/performance/StubPerformanceClient.ts +0 -16
- package/src/telemetry/server/ServerTelemetryManager.ts +33 -44
- package/src/url/UrlString.ts +3 -12
- package/src/utils/Constants.ts +103 -140
- package/src/utils/FunctionWrappers.ts +28 -29
- package/src/utils/ProtocolUtils.ts +67 -93
- package/src/utils/StateTypes.ts +20 -0
- package/src/utils/UrlUtils.ts +2 -15
- package/dist/cache/entities/AccountEntity.mjs +0 -232
- package/dist/cache/entities/AccountEntity.mjs.map +0 -1
- package/dist/client/BaseClient.d.ts +0 -59
- package/dist/client/BaseClient.d.ts.map +0 -1
- package/dist/client/BaseClient.mjs +0 -167
- package/dist/client/BaseClient.mjs.map +0 -1
- package/dist/index-browser.mjs +0 -72
- package/dist/index-browser.mjs.map +0 -1
- package/dist/request/CommonClientCredentialRequest.d.ts +0 -18
- package/dist/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/dist/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/dist/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/dist/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/dist/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/dist/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/dist/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/lib/index-node-4Jss3kYh.js.map +0 -1
- package/lib/types/client/BaseClient.d.ts +0 -59
- package/lib/types/client/BaseClient.d.ts.map +0 -1
- package/lib/types/request/CommonClientCredentialRequest.d.ts +0 -18
- package/lib/types/request/CommonClientCredentialRequest.d.ts.map +0 -1
- package/lib/types/request/CommonDeviceCodeRequest.d.ts +0 -22
- package/lib/types/request/CommonDeviceCodeRequest.d.ts.map +0 -1
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts +0 -14
- package/lib/types/request/CommonOnBehalfOfRequest.d.ts.map +0 -1
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts +0 -18
- package/lib/types/request/CommonUsernamePasswordRequest.d.ts.map +0 -1
- package/src/client/BaseClient.ts +0 -320
- package/src/request/CommonClientCredentialRequest.ts +0 -23
- package/src/request/CommonDeviceCodeRequest.ts +0 -31
- package/src/request/CommonOnBehalfOfRequest.ts +0 -19
- package/src/request/CommonUsernamePasswordRequest.ts +0 -23
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3
|
+
* Licensed under the MIT License.
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { CcsCredential, CcsCredentialType } from "../account/CcsCredential.js";
|
|
7
|
+
import { buildClientInfoFromHomeAccountId } from "../account/ClientInfo.js";
|
|
8
|
+
import { Logger } from "../logger/Logger.js";
|
|
9
|
+
import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
|
|
10
|
+
import { HeaderNames, URL_FORM_CONTENT_TYPE } from "../utils/Constants.js";
|
|
11
|
+
import * as RequestParameterBuilder from "../request/RequestParameterBuilder.js";
|
|
12
|
+
import * as UrlUtils from "../utils/UrlUtils.js";
|
|
13
|
+
import { IPerformanceClient } from "../exports-browser-only.js";
|
|
14
|
+
import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse.js";
|
|
15
|
+
import { RequestThumbprint } from "../network/RequestThumbprint.js";
|
|
16
|
+
import {
|
|
17
|
+
INetworkModule,
|
|
18
|
+
NetworkRequestOptions,
|
|
19
|
+
} from "../network/INetworkModule.js";
|
|
20
|
+
import { NetworkResponse } from "../network/NetworkResponse.js";
|
|
21
|
+
import { ThrottlingUtils } from "../network/ThrottlingUtils.js";
|
|
22
|
+
import { NetworkError } from "../error/NetworkError.js";
|
|
23
|
+
import { AuthError } from "../error/AuthError.js";
|
|
24
|
+
import {
|
|
25
|
+
ClientAuthErrorCodes,
|
|
26
|
+
createClientAuthError,
|
|
27
|
+
} from "../error/ClientAuthError.js";
|
|
28
|
+
import { invokeAsync } from "../utils/FunctionWrappers.js";
|
|
29
|
+
import * as PerformanceEvents from "../telemetry/performance/PerformanceEvents.js";
|
|
30
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
31
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
32
|
+
|
|
33
|
+
/**
|
|
34
|
+
* Creates default headers for requests to token endpoint
|
|
35
|
+
*/
|
|
36
|
+
export function createTokenRequestHeaders(
|
|
37
|
+
logger: Logger,
|
|
38
|
+
preventCorsPreflight: boolean,
|
|
39
|
+
ccsCred?: CcsCredential
|
|
40
|
+
): Record<string, string> {
|
|
41
|
+
const headers: Record<string, string> = {};
|
|
42
|
+
headers[HeaderNames.CONTENT_TYPE] = URL_FORM_CONTENT_TYPE;
|
|
43
|
+
if (!preventCorsPreflight && ccsCred) {
|
|
44
|
+
switch (ccsCred.type) {
|
|
45
|
+
case CcsCredentialType.HOME_ACCOUNT_ID:
|
|
46
|
+
try {
|
|
47
|
+
const clientInfo = buildClientInfoFromHomeAccountId(
|
|
48
|
+
ccsCred.credential
|
|
49
|
+
);
|
|
50
|
+
headers[
|
|
51
|
+
HeaderNames.CCS_HEADER
|
|
52
|
+
] = `Oid:${clientInfo.uid}@${clientInfo.utid}`;
|
|
53
|
+
} catch (e) {
|
|
54
|
+
logger.verbose(
|
|
55
|
+
`Could not parse home account ID for CCS Header: '${e}'`,
|
|
56
|
+
""
|
|
57
|
+
);
|
|
58
|
+
}
|
|
59
|
+
break;
|
|
60
|
+
case CcsCredentialType.UPN:
|
|
61
|
+
headers[HeaderNames.CCS_HEADER] = `UPN: ${ccsCred.credential}`;
|
|
62
|
+
break;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
return headers;
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
/**
|
|
69
|
+
* Creates query string for the /token request
|
|
70
|
+
* @param request
|
|
71
|
+
*/
|
|
72
|
+
export function createTokenQueryParameters(
|
|
73
|
+
request: BaseAuthRequest,
|
|
74
|
+
clientId: string,
|
|
75
|
+
redirectUri: string,
|
|
76
|
+
performanceClient: IPerformanceClient
|
|
77
|
+
): string {
|
|
78
|
+
const parameters = new Map<string, string>();
|
|
79
|
+
|
|
80
|
+
if (request.embeddedClientId) {
|
|
81
|
+
RequestParameterBuilder.addBrokerParameters(
|
|
82
|
+
parameters,
|
|
83
|
+
clientId,
|
|
84
|
+
redirectUri
|
|
85
|
+
);
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
if (request.extraQueryParameters) {
|
|
89
|
+
RequestParameterBuilder.addExtraParameters(
|
|
90
|
+
parameters,
|
|
91
|
+
request.extraQueryParameters
|
|
92
|
+
);
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
RequestParameterBuilder.addCorrelationId(parameters, request.correlationId);
|
|
96
|
+
|
|
97
|
+
RequestParameterBuilder.instrumentBrokerParams(
|
|
98
|
+
parameters,
|
|
99
|
+
request.correlationId,
|
|
100
|
+
performanceClient
|
|
101
|
+
);
|
|
102
|
+
return UrlUtils.mapToQueryString(parameters);
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
/**
|
|
106
|
+
* Http post to token endpoint
|
|
107
|
+
* @param tokenEndpoint
|
|
108
|
+
* @param queryString
|
|
109
|
+
* @param headers
|
|
110
|
+
* @param thumbprint
|
|
111
|
+
*/
|
|
112
|
+
export async function executePostToTokenEndpoint(
|
|
113
|
+
tokenEndpoint: string,
|
|
114
|
+
queryString: string,
|
|
115
|
+
headers: Record<string, string>,
|
|
116
|
+
thumbprint: RequestThumbprint,
|
|
117
|
+
correlationId: string,
|
|
118
|
+
cacheManager: CacheManager,
|
|
119
|
+
networkClient: INetworkModule,
|
|
120
|
+
logger: Logger,
|
|
121
|
+
performanceClient: IPerformanceClient,
|
|
122
|
+
serverTelemetryManager: ServerTelemetryManager | null
|
|
123
|
+
): Promise<NetworkResponse<ServerAuthorizationTokenResponse>> {
|
|
124
|
+
const response = await sendPostRequest<ServerAuthorizationTokenResponse>(
|
|
125
|
+
thumbprint,
|
|
126
|
+
tokenEndpoint,
|
|
127
|
+
{ body: queryString, headers: headers },
|
|
128
|
+
correlationId,
|
|
129
|
+
cacheManager,
|
|
130
|
+
networkClient,
|
|
131
|
+
logger,
|
|
132
|
+
performanceClient
|
|
133
|
+
);
|
|
134
|
+
|
|
135
|
+
if (
|
|
136
|
+
serverTelemetryManager &&
|
|
137
|
+
response.status < 500 &&
|
|
138
|
+
response.status !== 429
|
|
139
|
+
) {
|
|
140
|
+
// Telemetry data successfully logged by server, clear Telemetry cache
|
|
141
|
+
serverTelemetryManager.clearTelemetryCache();
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
return response;
|
|
145
|
+
}
|
|
146
|
+
|
|
147
|
+
/**
|
|
148
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
149
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
150
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
151
|
+
* @param options - Body and Headers to include on the POST request
|
|
152
|
+
* @param correlationId - CorrelationId for telemetry
|
|
153
|
+
* @param cacheManager - Cache manager instance
|
|
154
|
+
* @param networkClient - Network module instance
|
|
155
|
+
* @param logger - Logger instance
|
|
156
|
+
* @param performanceClient - Performance client instance
|
|
157
|
+
*/
|
|
158
|
+
export async function sendPostRequest<
|
|
159
|
+
T extends ServerAuthorizationTokenResponse
|
|
160
|
+
>(
|
|
161
|
+
thumbprint: RequestThumbprint,
|
|
162
|
+
tokenEndpoint: string,
|
|
163
|
+
options: NetworkRequestOptions,
|
|
164
|
+
correlationId: string,
|
|
165
|
+
cacheManager: CacheManager,
|
|
166
|
+
networkClient: INetworkModule,
|
|
167
|
+
logger: Logger,
|
|
168
|
+
performanceClient: IPerformanceClient
|
|
169
|
+
): Promise<NetworkResponse<T>> {
|
|
170
|
+
ThrottlingUtils.preProcess(cacheManager, thumbprint, correlationId);
|
|
171
|
+
|
|
172
|
+
let response;
|
|
173
|
+
try {
|
|
174
|
+
response = await invokeAsync(
|
|
175
|
+
networkClient.sendPostRequestAsync.bind(networkClient)<T>,
|
|
176
|
+
PerformanceEvents.NetworkClientSendPostRequestAsync,
|
|
177
|
+
logger,
|
|
178
|
+
performanceClient,
|
|
179
|
+
correlationId
|
|
180
|
+
)(tokenEndpoint, options);
|
|
181
|
+
const responseHeaders = response.headers || {};
|
|
182
|
+
performanceClient?.addFields(
|
|
183
|
+
{
|
|
184
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
185
|
+
httpVerToken:
|
|
186
|
+
responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
187
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
188
|
+
},
|
|
189
|
+
correlationId
|
|
190
|
+
);
|
|
191
|
+
} catch (e) {
|
|
192
|
+
if (e instanceof NetworkError) {
|
|
193
|
+
const responseHeaders = e.responseHeaders;
|
|
194
|
+
if (responseHeaders) {
|
|
195
|
+
performanceClient?.addFields(
|
|
196
|
+
{
|
|
197
|
+
httpVerToken:
|
|
198
|
+
responseHeaders[HeaderNames.X_MS_HTTP_VERSION] ||
|
|
199
|
+
"",
|
|
200
|
+
requestId:
|
|
201
|
+
responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
202
|
+
contentTypeHeader:
|
|
203
|
+
responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
204
|
+
undefined,
|
|
205
|
+
contentLengthHeader:
|
|
206
|
+
responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
207
|
+
undefined,
|
|
208
|
+
httpStatus: e.httpStatus,
|
|
209
|
+
},
|
|
210
|
+
correlationId
|
|
211
|
+
);
|
|
212
|
+
}
|
|
213
|
+
throw e.error;
|
|
214
|
+
}
|
|
215
|
+
if (e instanceof AuthError) {
|
|
216
|
+
throw e;
|
|
217
|
+
} else {
|
|
218
|
+
throw createClientAuthError(ClientAuthErrorCodes.networkError);
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
|
|
222
|
+
ThrottlingUtils.postProcess(
|
|
223
|
+
cacheManager,
|
|
224
|
+
thumbprint,
|
|
225
|
+
response,
|
|
226
|
+
correlationId
|
|
227
|
+
);
|
|
228
|
+
|
|
229
|
+
return response;
|
|
230
|
+
}
|
|
@@ -7,7 +7,7 @@ import {
|
|
|
7
7
|
createClientConfigurationError,
|
|
8
8
|
ClientConfigurationErrorCodes,
|
|
9
9
|
} from "../error/ClientConfigurationError.js";
|
|
10
|
-
import {
|
|
10
|
+
import { HeaderNames } from "../utils/Constants.js";
|
|
11
11
|
|
|
12
12
|
type WWWAuthenticateChallenges = {
|
|
13
13
|
nonce?: string;
|
|
@@ -82,9 +82,7 @@ export class AuthenticationHeaderParser {
|
|
|
82
82
|
challenges.forEach((challenge: string) => {
|
|
83
83
|
const [key, value] = challenge.split("=");
|
|
84
84
|
// Remove escaped quotation marks (', ") from challenge string to keep only the challenge value
|
|
85
|
-
challengeMap[key] = unescape(
|
|
86
|
-
value.replace(/['"]+/g, Constants.EMPTY_STRING)
|
|
87
|
-
);
|
|
85
|
+
challengeMap[key] = unescape(value.replace(/['"]+/g, ""));
|
|
88
86
|
});
|
|
89
87
|
|
|
90
88
|
return challengeMap;
|
|
@@ -24,15 +24,13 @@ import { ShrOptions } from "../crypto/SignedHttpRequest.js";
|
|
|
24
24
|
* - sshJwk - A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
|
|
25
25
|
* - sshKid - Key ID that uniquely identifies the SSH public key mentioned above.
|
|
26
26
|
* - azureCloudOptions - Convenience string enums for users to provide public/sovereign cloud ids
|
|
27
|
-
* -
|
|
28
|
-
* - tokenQueryParameters - String to string map of custom query parameters added to the /token call
|
|
29
|
-
* - tokenBodyParameters - String to string map of custom parameters added to the body of the /token call
|
|
27
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
30
28
|
* - storeInCache - Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
|
|
31
29
|
* - scenarioId - Scenario id to track custom user prompts
|
|
32
30
|
* - popKid - Key ID to identify the public key for PoP token request
|
|
33
31
|
* - embeddedClientId - Embedded client id. When specified, broker client id (brk_client_id) and redirect uri (brk_redirect_uri) params are set with values from the config, overriding the corresponding extra parameters, if present.
|
|
34
32
|
* - httpMethod - HTTP method to use for the /authorize request. Defaults to GET, but can be set to POST if the request requires body parameters
|
|
35
|
-
* -
|
|
33
|
+
* - extraParameters - String to string map of custom parameters added to outgoing token service requests
|
|
36
34
|
*/
|
|
37
35
|
export type BaseAuthRequest = {
|
|
38
36
|
authority: string;
|
|
@@ -48,14 +46,12 @@ export type BaseAuthRequest = {
|
|
|
48
46
|
sshJwk?: string;
|
|
49
47
|
sshKid?: string;
|
|
50
48
|
azureCloudOptions?: AzureCloudOptions;
|
|
51
|
-
requestedClaimsHash?: string;
|
|
52
49
|
maxAge?: number;
|
|
53
|
-
tokenBodyParameters?: StringDict;
|
|
54
|
-
tokenQueryParameters?: StringDict;
|
|
55
50
|
storeInCache?: StoreInCache;
|
|
56
51
|
scenarioId?: string;
|
|
57
52
|
popKid?: string;
|
|
58
53
|
embeddedClientId?: string;
|
|
59
54
|
httpMethod?: HttpMethod;
|
|
60
|
-
|
|
55
|
+
extraQueryParameters?: StringDict;
|
|
56
|
+
extraParameters?: StringDict;
|
|
61
57
|
};
|
|
@@ -19,7 +19,8 @@ import { CcsCredential } from "../account/CcsCredential.js";
|
|
|
19
19
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
20
20
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
21
21
|
* - enableSpaAuthCode - Enables the acqusition of a spa authorization code (confidential clients only)
|
|
22
|
-
* -
|
|
22
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
23
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
23
24
|
*/
|
|
24
25
|
export type CommonAuthorizationCodeRequest = BaseAuthRequest & {
|
|
25
26
|
code: string;
|
|
@@ -4,7 +4,6 @@
|
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
6
|
import { ResponseMode } from "../utils/Constants.js";
|
|
7
|
-
import { StringDict } from "../utils/MsalTypes.js";
|
|
8
7
|
import { BaseAuthRequest } from "./BaseAuthRequest.js";
|
|
9
8
|
import { AccountInfo } from "../account/AccountInfo.js";
|
|
10
9
|
|
|
@@ -32,8 +31,8 @@ import { AccountInfo } from "../account/AccountInfo.js";
|
|
|
32
31
|
* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
|
|
33
32
|
* - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens.
|
|
34
33
|
* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
|
|
35
|
-
* - extraQueryParameters - String to string map of custom query parameters added to
|
|
36
|
-
* -
|
|
34
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
35
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
37
36
|
* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
|
|
38
37
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
39
38
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
@@ -46,7 +45,6 @@ export type CommonAuthorizationUrlRequest = BaseAuthRequest & {
|
|
|
46
45
|
codeChallenge?: string;
|
|
47
46
|
codeChallengeMethod?: string;
|
|
48
47
|
domainHint?: string;
|
|
49
|
-
extraQueryParameters?: StringDict;
|
|
50
48
|
extraScopesToConsent?: Array<string>;
|
|
51
49
|
loginHint?: string;
|
|
52
50
|
nonce: string;
|
|
@@ -16,7 +16,8 @@ import { CcsCredential } from "../account/CcsCredential.js";
|
|
|
16
16
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
17
17
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
18
18
|
* - forceCache - Force MSAL to cache a refresh token flow response when there is no account in the cache. Used for migration scenarios.
|
|
19
|
-
* -
|
|
19
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
21
|
*/
|
|
21
22
|
export type CommonRefreshTokenRequest = BaseAuthRequest & {
|
|
22
23
|
refreshToken: string;
|
|
@@ -16,7 +16,8 @@ import { BaseAuthRequest } from "./BaseAuthRequest.js";
|
|
|
16
16
|
* - forceRefresh - Forces silent requests to make network calls if true.
|
|
17
17
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
18
18
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
19
|
-
* -
|
|
19
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
21
|
*/
|
|
21
22
|
export type CommonSilentFlowRequest = BaseAuthRequest & {
|
|
22
23
|
/** Account object to lookup the credentials */
|
|
@@ -3,17 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import
|
|
7
|
-
ResponseMode,
|
|
8
|
-
CLIENT_INFO,
|
|
9
|
-
AuthenticationScheme,
|
|
10
|
-
ClaimsRequestKeys,
|
|
11
|
-
PasswordGrantConstants,
|
|
12
|
-
OIDC_DEFAULT_SCOPES,
|
|
13
|
-
ThrottlingConstants,
|
|
14
|
-
HeaderNames,
|
|
15
|
-
OAuthResponseType,
|
|
16
|
-
} from "../utils/Constants.js";
|
|
6
|
+
import * as Constants from "../utils/Constants.js";
|
|
17
7
|
import * as AADServerParamKeys from "../constants/AADServerParamKeys.js";
|
|
18
8
|
import { ScopeSet } from "./ScopeSet.js";
|
|
19
9
|
import {
|
|
@@ -59,7 +49,7 @@ export function instrumentBrokerParams(
|
|
|
59
49
|
*/
|
|
60
50
|
export function addResponseType(
|
|
61
51
|
parameters: Map<string, string>,
|
|
62
|
-
responseType: OAuthResponseType
|
|
52
|
+
responseType: Constants.OAuthResponseType
|
|
63
53
|
): void {
|
|
64
54
|
parameters.set(AADServerParamKeys.RESPONSE_TYPE, responseType);
|
|
65
55
|
}
|
|
@@ -70,11 +60,11 @@ export function addResponseType(
|
|
|
70
60
|
*/
|
|
71
61
|
export function addResponseMode(
|
|
72
62
|
parameters: Map<string, string>,
|
|
73
|
-
responseMode?: ResponseMode
|
|
63
|
+
responseMode?: Constants.ResponseMode
|
|
74
64
|
): void {
|
|
75
65
|
parameters.set(
|
|
76
66
|
AADServerParamKeys.RESPONSE_MODE,
|
|
77
|
-
responseMode ? responseMode : ResponseMode.QUERY
|
|
67
|
+
responseMode ? responseMode : Constants.ResponseMode.QUERY
|
|
78
68
|
);
|
|
79
69
|
}
|
|
80
70
|
|
|
@@ -94,7 +84,7 @@ export function addScopes(
|
|
|
94
84
|
parameters: Map<string, string>,
|
|
95
85
|
scopes: string[],
|
|
96
86
|
addOidcScopes: boolean = true,
|
|
97
|
-
defaultScopes: Array<string> = OIDC_DEFAULT_SCOPES
|
|
87
|
+
defaultScopes: Array<string> = Constants.OIDC_DEFAULT_SCOPES
|
|
98
88
|
): void {
|
|
99
89
|
// Always add openid to the scopes when adding OIDC scopes
|
|
100
90
|
if (
|
|
@@ -185,7 +175,7 @@ export function addCcsUpn(
|
|
|
185
175
|
parameters: Map<string, string>,
|
|
186
176
|
loginHint: string
|
|
187
177
|
): void {
|
|
188
|
-
parameters.set(HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
|
|
178
|
+
parameters.set(Constants.HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
|
|
189
179
|
}
|
|
190
180
|
|
|
191
181
|
/**
|
|
@@ -197,7 +187,7 @@ export function addCcsOid(
|
|
|
197
187
|
clientInfo: ClientInfo
|
|
198
188
|
): void {
|
|
199
189
|
parameters.set(
|
|
200
|
-
HeaderNames.CCS_HEADER,
|
|
190
|
+
Constants.HeaderNames.CCS_HEADER,
|
|
201
191
|
`Oid:${clientInfo.uid}@${clientInfo.utid}`
|
|
202
192
|
);
|
|
203
193
|
}
|
|
@@ -455,7 +445,7 @@ export function addGrantType(
|
|
|
455
445
|
*
|
|
456
446
|
*/
|
|
457
447
|
export function addClientInfo(parameters: Map<string, string>): void {
|
|
458
|
-
parameters.set(CLIENT_INFO, "1");
|
|
448
|
+
parameters.set(Constants.CLIENT_INFO, "1");
|
|
459
449
|
}
|
|
460
450
|
|
|
461
451
|
export function addInstanceAware(parameters: Map<string, string>): void {
|
|
@@ -465,14 +455,14 @@ export function addInstanceAware(parameters: Map<string, string>): void {
|
|
|
465
455
|
}
|
|
466
456
|
|
|
467
457
|
/**
|
|
468
|
-
*
|
|
469
|
-
* @param
|
|
458
|
+
* Add extraParameters
|
|
459
|
+
* @param extraParams - String dictionary containing extra parameters to be added.
|
|
470
460
|
*/
|
|
471
|
-
export function
|
|
461
|
+
export function addExtraParameters(
|
|
472
462
|
parameters: Map<string, string>,
|
|
473
|
-
|
|
463
|
+
extraParams: StringDict
|
|
474
464
|
): void {
|
|
475
|
-
Object.entries(
|
|
465
|
+
Object.entries(extraParams).forEach(([key, value]) => {
|
|
476
466
|
if (!parameters.has(key) && value) {
|
|
477
467
|
parameters.set(key, value);
|
|
478
468
|
}
|
|
@@ -499,16 +489,21 @@ export function addClientCapabilitiesToClaims(
|
|
|
499
489
|
}
|
|
500
490
|
|
|
501
491
|
if (clientCapabilities && clientCapabilities.length > 0) {
|
|
502
|
-
if (
|
|
492
|
+
if (
|
|
493
|
+
!mergedClaims.hasOwnProperty(
|
|
494
|
+
Constants.ClaimsRequestKeys.ACCESS_TOKEN
|
|
495
|
+
)
|
|
496
|
+
) {
|
|
503
497
|
// Add access_token key to claims object
|
|
504
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
498
|
+
mergedClaims[Constants.ClaimsRequestKeys.ACCESS_TOKEN] = {};
|
|
505
499
|
}
|
|
506
500
|
|
|
507
501
|
// Add xms_cc claim with provided clientCapabilities to access_token key
|
|
508
|
-
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
502
|
+
mergedClaims[Constants.ClaimsRequestKeys.ACCESS_TOKEN][
|
|
503
|
+
Constants.ClaimsRequestKeys.XMS_CC
|
|
504
|
+
] = {
|
|
505
|
+
values: clientCapabilities,
|
|
506
|
+
};
|
|
512
507
|
}
|
|
513
508
|
|
|
514
509
|
return JSON.stringify(mergedClaims);
|
|
@@ -522,7 +517,7 @@ export function addUsername(
|
|
|
522
517
|
parameters: Map<string, string>,
|
|
523
518
|
username: string
|
|
524
519
|
): void {
|
|
525
|
-
parameters.set(PasswordGrantConstants.username, username);
|
|
520
|
+
parameters.set(Constants.PasswordGrantConstants.username, username);
|
|
526
521
|
}
|
|
527
522
|
|
|
528
523
|
/**
|
|
@@ -533,7 +528,7 @@ export function addPassword(
|
|
|
533
528
|
parameters: Map<string, string>,
|
|
534
529
|
password: string
|
|
535
530
|
): void {
|
|
536
|
-
parameters.set(PasswordGrantConstants.password, password);
|
|
531
|
+
parameters.set(Constants.PasswordGrantConstants.password, password);
|
|
537
532
|
}
|
|
538
533
|
|
|
539
534
|
/**
|
|
@@ -545,7 +540,10 @@ export function addPopToken(
|
|
|
545
540
|
cnfString: string
|
|
546
541
|
): void {
|
|
547
542
|
if (cnfString) {
|
|
548
|
-
parameters.set(
|
|
543
|
+
parameters.set(
|
|
544
|
+
AADServerParamKeys.TOKEN_TYPE,
|
|
545
|
+
Constants.AuthenticationScheme.POP
|
|
546
|
+
);
|
|
549
547
|
parameters.set(AADServerParamKeys.REQ_CNF, cnfString);
|
|
550
548
|
}
|
|
551
549
|
}
|
|
@@ -558,7 +556,10 @@ export function addSshJwk(
|
|
|
558
556
|
sshJwkString: string
|
|
559
557
|
): void {
|
|
560
558
|
if (sshJwkString) {
|
|
561
|
-
parameters.set(
|
|
559
|
+
parameters.set(
|
|
560
|
+
AADServerParamKeys.TOKEN_TYPE,
|
|
561
|
+
Constants.AuthenticationScheme.SSH
|
|
562
|
+
);
|
|
562
563
|
parameters.set(AADServerParamKeys.REQ_CNF, sshJwkString);
|
|
563
564
|
}
|
|
564
565
|
}
|
|
@@ -587,7 +588,7 @@ export function addServerTelemetry(
|
|
|
587
588
|
export function addThrottling(parameters: Map<string, string>): void {
|
|
588
589
|
parameters.set(
|
|
589
590
|
AADServerParamKeys.X_MS_LIB_CAPABILITY,
|
|
590
|
-
|
|
591
|
+
Constants.X_MS_LIB_CAPABILITY_VALUE
|
|
591
592
|
);
|
|
592
593
|
}
|
|
593
594
|
|
|
@@ -632,19 +633,3 @@ export function addEARParameters(
|
|
|
632
633
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
633
634
|
parameters.set(AADServerParamKeys.EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
634
635
|
}
|
|
635
|
-
|
|
636
|
-
/**
|
|
637
|
-
* Adds authorize body parameters to the request parameters
|
|
638
|
-
* @param parameters
|
|
639
|
-
* @param bodyParameters
|
|
640
|
-
*/
|
|
641
|
-
export function addPostBodyParameters(
|
|
642
|
-
parameters: Map<string, string>,
|
|
643
|
-
bodyParameters: StringDict
|
|
644
|
-
): void {
|
|
645
|
-
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
646
|
-
if (value) {
|
|
647
|
-
parameters.set(key, value);
|
|
648
|
-
}
|
|
649
|
-
});
|
|
650
|
-
}
|
package/src/request/ScopeSet.ts
CHANGED
|
@@ -13,9 +13,9 @@ import {
|
|
|
13
13
|
createClientAuthError,
|
|
14
14
|
} from "../error/ClientAuthError.js";
|
|
15
15
|
import {
|
|
16
|
-
Constants,
|
|
17
16
|
OIDC_SCOPES,
|
|
18
17
|
OIDC_DEFAULT_SCOPES,
|
|
18
|
+
OFFLINE_ACCESS_SCOPE,
|
|
19
19
|
} from "../utils/Constants.js";
|
|
20
20
|
|
|
21
21
|
/**
|
|
@@ -54,7 +54,7 @@ export class ScopeSet {
|
|
|
54
54
|
* @param scopesRequired
|
|
55
55
|
*/
|
|
56
56
|
static fromString(inputScopeString: string): ScopeSet {
|
|
57
|
-
const scopeString = inputScopeString ||
|
|
57
|
+
const scopeString = inputScopeString || "";
|
|
58
58
|
const inputScopes: Array<string> = scopeString.split(" ");
|
|
59
59
|
return new ScopeSet(inputScopes);
|
|
60
60
|
}
|
|
@@ -75,7 +75,7 @@ export class ScopeSet {
|
|
|
75
75
|
if (!scopeSet.containsOnlyOIDCScopes()) {
|
|
76
76
|
scopeSet.removeOIDCScopes();
|
|
77
77
|
} else {
|
|
78
|
-
scopeSet.removeScope(
|
|
78
|
+
scopeSet.removeScope(OFFLINE_ACCESS_SCOPE);
|
|
79
79
|
}
|
|
80
80
|
|
|
81
81
|
return scopeSet;
|
|
@@ -234,7 +234,7 @@ export class ScopeSet {
|
|
|
234
234
|
const scopeArr = this.asArray();
|
|
235
235
|
return scopeArr.join(" ");
|
|
236
236
|
}
|
|
237
|
-
return
|
|
237
|
+
return "";
|
|
238
238
|
}
|
|
239
239
|
|
|
240
240
|
/**
|