@azure/msal-common 15.2.0 → 15.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (190) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.mjs +1 -1
  17. package/dist/cache/entities/AccountEntity.mjs +1 -1
  18. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  19. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  20. package/dist/client/AuthorizationCodeClient.d.ts +0 -31
  21. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  22. package/dist/client/AuthorizationCodeClient.mjs +43 -258
  23. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  24. package/dist/client/BaseClient.d.ts.map +1 -1
  25. package/dist/client/BaseClient.mjs +9 -10
  26. package/dist/client/BaseClient.mjs.map +1 -1
  27. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  28. package/dist/client/RefreshTokenClient.mjs +29 -41
  29. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  30. package/dist/client/SilentFlowClient.mjs +1 -1
  31. package/dist/config/ClientConfiguration.mjs +1 -1
  32. package/dist/constants/AADServerParamKeys.d.ts +1 -0
  33. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  34. package/dist/constants/AADServerParamKeys.mjs +4 -3
  35. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  36. package/dist/crypto/ICrypto.mjs +1 -1
  37. package/dist/crypto/JoseHeader.mjs +1 -1
  38. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  39. package/dist/error/AuthError.mjs +1 -1
  40. package/dist/error/AuthErrorCodes.mjs +1 -1
  41. package/dist/error/CacheError.mjs +1 -1
  42. package/dist/error/CacheErrorCodes.mjs +1 -1
  43. package/dist/error/ClientAuthError.mjs +1 -1
  44. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  45. package/dist/error/ClientConfigurationError.mjs +1 -1
  46. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  47. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  48. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  49. package/dist/error/JoseHeaderError.mjs +1 -1
  50. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  51. package/dist/error/NetworkError.mjs +1 -1
  52. package/dist/error/ServerError.mjs +1 -1
  53. package/dist/exports-common.d.ts +4 -3
  54. package/dist/exports-common.d.ts.map +1 -1
  55. package/dist/index-browser.mjs +6 -2
  56. package/dist/index-browser.mjs.map +1 -1
  57. package/dist/index-node.mjs +6 -2
  58. package/dist/index-node.mjs.map +1 -1
  59. package/dist/index.mjs +6 -2
  60. package/dist/index.mjs.map +1 -1
  61. package/dist/logger/Logger.mjs +1 -1
  62. package/dist/network/INetworkModule.mjs +1 -1
  63. package/dist/network/RequestThumbprint.d.ts +3 -0
  64. package/dist/network/RequestThumbprint.d.ts.map +1 -1
  65. package/dist/network/RequestThumbprint.mjs +24 -0
  66. package/dist/network/RequestThumbprint.mjs.map +1 -0
  67. package/dist/network/ThrottlingUtils.d.ts.map +1 -1
  68. package/dist/network/ThrottlingUtils.mjs +3 -13
  69. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  70. package/dist/packageMetadata.d.ts +1 -1
  71. package/dist/packageMetadata.mjs +2 -2
  72. package/dist/protocol/Authorize.d.ts +37 -0
  73. package/dist/protocol/Authorize.d.ts.map +1 -0
  74. package/dist/protocol/Authorize.mjs +237 -0
  75. package/dist/protocol/Authorize.mjs.map +1 -0
  76. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  77. package/dist/request/BaseAuthRequest.d.ts +2 -0
  78. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  79. package/dist/request/CommonAuthorizationCodeRequest.d.ts +0 -2
  80. package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  81. package/dist/request/CommonDeviceCodeRequest.d.ts +1 -1
  82. package/dist/request/CommonDeviceCodeRequest.d.ts.map +1 -1
  83. package/dist/request/CommonRefreshTokenRequest.d.ts +0 -2
  84. package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  85. package/dist/request/CommonSilentFlowRequest.d.ts +0 -3
  86. package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
  87. package/dist/request/RequestParameterBuilder.d.ts +206 -218
  88. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  89. package/dist/request/RequestParameterBuilder.mjs +356 -369
  90. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  91. package/dist/request/RequestValidator.mjs +1 -1
  92. package/dist/request/ScopeSet.mjs +1 -1
  93. package/dist/response/AuthorizeResponse.d.ts +72 -0
  94. package/dist/response/AuthorizeResponse.d.ts.map +1 -0
  95. package/dist/response/ResponseHandler.d.ts +0 -8
  96. package/dist/response/ResponseHandler.d.ts.map +1 -1
  97. package/dist/response/ResponseHandler.mjs +7 -52
  98. package/dist/response/ResponseHandler.mjs.map +1 -1
  99. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  100. package/dist/telemetry/performance/PerformanceEvent.d.ts +1 -2
  101. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  102. package/dist/telemetry/performance/PerformanceEvent.mjs +2 -11
  103. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  104. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  105. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  106. package/dist/url/UrlString.mjs +1 -1
  107. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  108. package/dist/utils/Constants.mjs +1 -1
  109. package/dist/utils/FunctionWrappers.mjs +1 -1
  110. package/dist/utils/ProtocolUtils.mjs +1 -1
  111. package/dist/utils/StringUtils.mjs +1 -1
  112. package/dist/utils/TimeUtils.d.ts +10 -0
  113. package/dist/utils/TimeUtils.d.ts.map +1 -1
  114. package/dist/utils/TimeUtils.mjs +20 -2
  115. package/dist/utils/TimeUtils.mjs.map +1 -1
  116. package/dist/utils/UrlUtils.d.ts +6 -2
  117. package/dist/utils/UrlUtils.d.ts.map +1 -1
  118. package/dist/utils/UrlUtils.mjs +12 -2
  119. package/dist/utils/UrlUtils.mjs.map +1 -1
  120. package/lib/index-browser.cjs +4 -2
  121. package/lib/index-browser.cjs.map +1 -1
  122. package/lib/{index-node-0IMDqzO0.js → index-node-BjtDFnOl.js} +828 -805
  123. package/lib/index-node-BjtDFnOl.js.map +1 -0
  124. package/lib/index-node.cjs +4 -2
  125. package/lib/index-node.cjs.map +1 -1
  126. package/lib/index.cjs +4 -2
  127. package/lib/index.cjs.map +1 -1
  128. package/lib/types/client/AuthorizationCodeClient.d.ts +0 -31
  129. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  130. package/lib/types/client/BaseClient.d.ts.map +1 -1
  131. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  132. package/lib/types/constants/AADServerParamKeys.d.ts +1 -0
  133. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  134. package/lib/types/exports-common.d.ts +4 -3
  135. package/lib/types/exports-common.d.ts.map +1 -1
  136. package/lib/types/network/RequestThumbprint.d.ts +3 -0
  137. package/lib/types/network/RequestThumbprint.d.ts.map +1 -1
  138. package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
  139. package/lib/types/packageMetadata.d.ts +1 -1
  140. package/lib/types/protocol/Authorize.d.ts +37 -0
  141. package/lib/types/protocol/Authorize.d.ts.map +1 -0
  142. package/lib/types/request/BaseAuthRequest.d.ts +2 -0
  143. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  144. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +0 -2
  145. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  146. package/lib/types/request/CommonDeviceCodeRequest.d.ts +1 -1
  147. package/lib/types/request/CommonDeviceCodeRequest.d.ts.map +1 -1
  148. package/lib/types/request/CommonRefreshTokenRequest.d.ts +0 -2
  149. package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  150. package/lib/types/request/CommonSilentFlowRequest.d.ts +0 -3
  151. package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
  152. package/lib/types/request/RequestParameterBuilder.d.ts +206 -218
  153. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  154. package/lib/types/response/AuthorizeResponse.d.ts +72 -0
  155. package/lib/types/response/AuthorizeResponse.d.ts.map +1 -0
  156. package/lib/types/response/ResponseHandler.d.ts +0 -8
  157. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  158. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +1 -2
  159. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  160. package/lib/types/utils/TimeUtils.d.ts +10 -0
  161. package/lib/types/utils/TimeUtils.d.ts.map +1 -1
  162. package/lib/types/utils/UrlUtils.d.ts +6 -2
  163. package/lib/types/utils/UrlUtils.d.ts.map +1 -1
  164. package/package.json +1 -1
  165. package/src/client/AuthorizationCodeClient.ts +89 -409
  166. package/src/client/BaseClient.ts +20 -12
  167. package/src/client/RefreshTokenClient.ts +66 -44
  168. package/src/constants/AADServerParamKeys.ts +1 -0
  169. package/src/exports-common.ts +8 -3
  170. package/src/network/RequestThumbprint.ts +23 -0
  171. package/src/network/ThrottlingUtils.ts +9 -14
  172. package/src/packageMetadata.ts +1 -1
  173. package/src/protocol/Authorize.ts +409 -0
  174. package/src/request/BaseAuthRequest.ts +2 -0
  175. package/src/request/CommonAuthorizationCodeRequest.ts +0 -2
  176. package/src/request/CommonDeviceCodeRequest.ts +1 -1
  177. package/src/request/CommonRefreshTokenRequest.ts +0 -2
  178. package/src/request/CommonSilentFlowRequest.ts +0 -3
  179. package/src/request/RequestParameterBuilder.ts +508 -543
  180. package/src/response/AuthorizeResponse.ts +76 -0
  181. package/src/response/ResponseHandler.ts +8 -104
  182. package/src/telemetry/performance/PerformanceEvent.ts +1 -11
  183. package/src/utils/TimeUtils.ts +20 -0
  184. package/src/utils/UrlUtils.ts +18 -4
  185. package/dist/response/ServerAuthorizationCodeResponse.d.ts +0 -27
  186. package/dist/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
  187. package/lib/index-node-0IMDqzO0.js.map +0 -1
  188. package/lib/types/response/ServerAuthorizationCodeResponse.d.ts +0 -27
  189. package/lib/types/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
  190. package/src/response/ServerAuthorizationCodeResponse.ts +0 -34
@@ -1,11 +1,10 @@
1
- /*! @azure/msal-common v15.2.0 2025-02-18 */
1
+ /*! @azure/msal-common v15.3.0 2025-03-20 */
2
2
  'use strict';
3
3
  import { Constants, ResponseMode, OIDC_DEFAULT_SCOPES, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
4
- import { RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, CLIENT_ID, REDIRECT_URI, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_CLIENT_ID, BROKER_REDIRECT_URI } from '../constants/AADServerParamKeys.mjs';
4
+ import { CLIENT_ID, BROKER_CLIENT_ID, REDIRECT_URI, RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, INSTANCE_AWARE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_REDIRECT_URI } from '../constants/AADServerParamKeys.mjs';
5
5
  import { ScopeSet } from './ScopeSet.mjs';
6
6
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
7
- import { RequestValidator } from './RequestValidator.mjs';
8
- import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
7
+ import { invalidClaims, pkceParamsMissing } from '../error/ClientConfigurationErrorCodes.mjs';
9
8
 
10
9
  /*
11
10
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -23,395 +22,383 @@ function instrumentBrokerParams(parameters, correlationId, performanceClient) {
23
22
  }, correlationId);
24
23
  }
25
24
  }
26
- /** @internal */
27
- class RequestParameterBuilder {
28
- constructor(correlationId, performanceClient) {
29
- this.parameters = new Map();
30
- this.performanceClient = performanceClient;
31
- this.correlationId = correlationId;
32
- }
33
- /**
34
- * add response_type = code
35
- */
36
- addResponseTypeCode() {
37
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
38
- }
39
- /**
40
- * add response_type = token id_token
41
- */
42
- addResponseTypeForTokenAndIdToken() {
43
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
44
- }
45
- /**
46
- * add response_mode. defaults to query.
47
- * @param responseMode
48
- */
49
- addResponseMode(responseMode) {
50
- this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
51
- }
52
- /**
53
- * Add flag to indicate STS should attempt to use WAM if available
54
- */
55
- addNativeBroker() {
56
- this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
57
- }
58
- /**
59
- * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
60
- * @param scopeSet
61
- * @param addOidcScopes
62
- */
63
- addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
64
- // Always add openid to the scopes when adding OIDC scopes
65
- if (addOidcScopes &&
66
- !defaultScopes.includes("openid") &&
67
- !scopes.includes("openid")) {
68
- defaultScopes.push("openid");
69
- }
70
- const requestScopes = addOidcScopes
71
- ? [...(scopes || []), ...defaultScopes]
72
- : scopes || [];
73
- const scopeSet = new ScopeSet(requestScopes);
74
- this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
75
- }
76
- /**
77
- * add clientId
78
- * @param clientId
79
- */
80
- addClientId(clientId) {
81
- this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
82
- }
83
- /**
84
- * add redirect_uri
85
- * @param redirectUri
86
- */
87
- addRedirectUri(redirectUri) {
88
- RequestValidator.validateRedirectUri(redirectUri);
89
- this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
90
- }
91
- /**
92
- * add post logout redirectUri
93
- * @param redirectUri
94
- */
95
- addPostLogoutRedirectUri(redirectUri) {
96
- RequestValidator.validateRedirectUri(redirectUri);
97
- this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
98
- }
99
- /**
100
- * add id_token_hint to logout request
101
- * @param idTokenHint
102
- */
103
- addIdTokenHint(idTokenHint) {
104
- this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
105
- }
106
- /**
107
- * add domain_hint
108
- * @param domainHint
109
- */
110
- addDomainHint(domainHint) {
111
- this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
25
+ /**
26
+ * add response_type = code
27
+ */
28
+ function addResponseTypeCode(parameters) {
29
+ parameters.set(RESPONSE_TYPE, Constants.CODE_RESPONSE_TYPE);
30
+ }
31
+ /**
32
+ * add response_type = token id_token
33
+ */
34
+ function addResponseTypeForTokenAndIdToken(parameters) {
35
+ parameters.set(RESPONSE_TYPE, `${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`);
36
+ }
37
+ /**
38
+ * add response_mode. defaults to query.
39
+ * @param responseMode
40
+ */
41
+ function addResponseMode(parameters, responseMode) {
42
+ parameters.set(RESPONSE_MODE, responseMode ? responseMode : ResponseMode.QUERY);
43
+ }
44
+ /**
45
+ * Add flag to indicate STS should attempt to use WAM if available
46
+ */
47
+ function addNativeBroker(parameters) {
48
+ parameters.set(NATIVE_BROKER, "1");
49
+ }
50
+ /**
51
+ * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
52
+ * @param scopeSet
53
+ * @param addOidcScopes
54
+ */
55
+ function addScopes(parameters, scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
56
+ // Always add openid to the scopes when adding OIDC scopes
57
+ if (addOidcScopes &&
58
+ !defaultScopes.includes("openid") &&
59
+ !scopes.includes("openid")) {
60
+ defaultScopes.push("openid");
61
+ }
62
+ const requestScopes = addOidcScopes
63
+ ? [...(scopes || []), ...defaultScopes]
64
+ : scopes || [];
65
+ const scopeSet = new ScopeSet(requestScopes);
66
+ parameters.set(SCOPE, scopeSet.printScopes());
67
+ }
68
+ /**
69
+ * add clientId
70
+ * @param clientId
71
+ */
72
+ function addClientId(parameters, clientId) {
73
+ parameters.set(CLIENT_ID, clientId);
74
+ }
75
+ /**
76
+ * add redirect_uri
77
+ * @param redirectUri
78
+ */
79
+ function addRedirectUri(parameters, redirectUri) {
80
+ parameters.set(REDIRECT_URI, redirectUri);
81
+ }
82
+ /**
83
+ * add post logout redirectUri
84
+ * @param redirectUri
85
+ */
86
+ function addPostLogoutRedirectUri(parameters, redirectUri) {
87
+ parameters.set(POST_LOGOUT_URI, redirectUri);
88
+ }
89
+ /**
90
+ * add id_token_hint to logout request
91
+ * @param idTokenHint
92
+ */
93
+ function addIdTokenHint(parameters, idTokenHint) {
94
+ parameters.set(ID_TOKEN_HINT, idTokenHint);
95
+ }
96
+ /**
97
+ * add domain_hint
98
+ * @param domainHint
99
+ */
100
+ function addDomainHint(parameters, domainHint) {
101
+ parameters.set(DOMAIN_HINT, domainHint);
102
+ }
103
+ /**
104
+ * add login_hint
105
+ * @param loginHint
106
+ */
107
+ function addLoginHint(parameters, loginHint) {
108
+ parameters.set(LOGIN_HINT, loginHint);
109
+ }
110
+ /**
111
+ * Adds the CCS (Cache Credential Service) query parameter for login_hint
112
+ * @param loginHint
113
+ */
114
+ function addCcsUpn(parameters, loginHint) {
115
+ parameters.set(HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
116
+ }
117
+ /**
118
+ * Adds the CCS (Cache Credential Service) query parameter for account object
119
+ * @param loginHint
120
+ */
121
+ function addCcsOid(parameters, clientInfo) {
122
+ parameters.set(HeaderNames.CCS_HEADER, `Oid:${clientInfo.uid}@${clientInfo.utid}`);
123
+ }
124
+ /**
125
+ * add sid
126
+ * @param sid
127
+ */
128
+ function addSid(parameters, sid) {
129
+ parameters.set(SID, sid);
130
+ }
131
+ /**
132
+ * add claims
133
+ * @param claims
134
+ */
135
+ function addClaims(parameters, claims, clientCapabilities) {
136
+ const mergedClaims = addClientCapabilitiesToClaims(claims, clientCapabilities);
137
+ try {
138
+ JSON.parse(mergedClaims);
112
139
  }
113
- /**
114
- * add login_hint
115
- * @param loginHint
116
- */
117
- addLoginHint(loginHint) {
118
- this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
140
+ catch (e) {
141
+ throw createClientConfigurationError(invalidClaims);
119
142
  }
120
- /**
121
- * Adds the CCS (Cache Credential Service) query parameter for login_hint
122
- * @param loginHint
123
- */
124
- addCcsUpn(loginHint) {
125
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
143
+ parameters.set(CLAIMS, mergedClaims);
144
+ }
145
+ /**
146
+ * add correlationId
147
+ * @param correlationId
148
+ */
149
+ function addCorrelationId(parameters, correlationId) {
150
+ parameters.set(CLIENT_REQUEST_ID, correlationId);
151
+ }
152
+ /**
153
+ * add library info query params
154
+ * @param libraryInfo
155
+ */
156
+ function addLibraryInfo(parameters, libraryInfo) {
157
+ // Telemetry Info
158
+ parameters.set(X_CLIENT_SKU, libraryInfo.sku);
159
+ parameters.set(X_CLIENT_VER, libraryInfo.version);
160
+ if (libraryInfo.os) {
161
+ parameters.set(X_CLIENT_OS, libraryInfo.os);
126
162
  }
127
- /**
128
- * Adds the CCS (Cache Credential Service) query parameter for account object
129
- * @param loginHint
130
- */
131
- addCcsOid(clientInfo) {
132
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
163
+ if (libraryInfo.cpu) {
164
+ parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
133
165
  }
134
- /**
135
- * add sid
136
- * @param sid
137
- */
138
- addSid(sid) {
139
- this.parameters.set(SID, encodeURIComponent(sid));
166
+ }
167
+ /**
168
+ * Add client telemetry parameters
169
+ * @param appTelemetry
170
+ */
171
+ function addApplicationTelemetry(parameters, appTelemetry) {
172
+ if (appTelemetry?.appName) {
173
+ parameters.set(X_APP_NAME, appTelemetry.appName);
140
174
  }
141
- /**
142
- * add claims
143
- * @param claims
144
- */
145
- addClaims(claims, clientCapabilities) {
146
- const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
147
- RequestValidator.validateClaims(mergedClaims);
148
- this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
175
+ if (appTelemetry?.appVersion) {
176
+ parameters.set(X_APP_VER, appTelemetry.appVersion);
149
177
  }
150
- /**
151
- * add correlationId
152
- * @param correlationId
153
- */
154
- addCorrelationId(correlationId) {
155
- this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
178
+ }
179
+ /**
180
+ * add prompt
181
+ * @param prompt
182
+ */
183
+ function addPrompt(parameters, prompt) {
184
+ parameters.set(PROMPT, prompt);
185
+ }
186
+ /**
187
+ * add state
188
+ * @param state
189
+ */
190
+ function addState(parameters, state) {
191
+ if (state) {
192
+ parameters.set(STATE, state);
156
193
  }
157
- /**
158
- * add library info query params
159
- * @param libraryInfo
160
- */
161
- addLibraryInfo(libraryInfo) {
162
- // Telemetry Info
163
- this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
164
- this.parameters.set(X_CLIENT_VER, libraryInfo.version);
165
- if (libraryInfo.os) {
166
- this.parameters.set(X_CLIENT_OS, libraryInfo.os);
167
- }
168
- if (libraryInfo.cpu) {
169
- this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
170
- }
194
+ }
195
+ /**
196
+ * add nonce
197
+ * @param nonce
198
+ */
199
+ function addNonce(parameters, nonce) {
200
+ parameters.set(NONCE, nonce);
201
+ }
202
+ /**
203
+ * add code_challenge and code_challenge_method
204
+ * - throw if either of them are not passed
205
+ * @param codeChallenge
206
+ * @param codeChallengeMethod
207
+ */
208
+ function addCodeChallengeParams(parameters, codeChallenge, codeChallengeMethod) {
209
+ if (codeChallenge && codeChallengeMethod) {
210
+ parameters.set(CODE_CHALLENGE, codeChallenge);
211
+ parameters.set(CODE_CHALLENGE_METHOD, codeChallengeMethod);
171
212
  }
172
- /**
173
- * Add client telemetry parameters
174
- * @param appTelemetry
175
- */
176
- addApplicationTelemetry(appTelemetry) {
177
- if (appTelemetry?.appName) {
178
- this.parameters.set(X_APP_NAME, appTelemetry.appName);
179
- }
180
- if (appTelemetry?.appVersion) {
181
- this.parameters.set(X_APP_VER, appTelemetry.appVersion);
182
- }
213
+ else {
214
+ throw createClientConfigurationError(pkceParamsMissing);
183
215
  }
184
- /**
185
- * add prompt
186
- * @param prompt
187
- */
188
- addPrompt(prompt) {
189
- RequestValidator.validatePrompt(prompt);
190
- this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
216
+ }
217
+ /**
218
+ * add the `authorization_code` passed by the user to exchange for a token
219
+ * @param code
220
+ */
221
+ function addAuthorizationCode(parameters, code) {
222
+ parameters.set(CODE, code);
223
+ }
224
+ /**
225
+ * add the `authorization_code` passed by the user to exchange for a token
226
+ * @param code
227
+ */
228
+ function addDeviceCode(parameters, code) {
229
+ parameters.set(DEVICE_CODE, code);
230
+ }
231
+ /**
232
+ * add the `refreshToken` passed by the user
233
+ * @param refreshToken
234
+ */
235
+ function addRefreshToken(parameters, refreshToken) {
236
+ parameters.set(REFRESH_TOKEN, refreshToken);
237
+ }
238
+ /**
239
+ * add the `code_verifier` passed by the user to exchange for a token
240
+ * @param codeVerifier
241
+ */
242
+ function addCodeVerifier(parameters, codeVerifier) {
243
+ parameters.set(CODE_VERIFIER, codeVerifier);
244
+ }
245
+ /**
246
+ * add client_secret
247
+ * @param clientSecret
248
+ */
249
+ function addClientSecret(parameters, clientSecret) {
250
+ parameters.set(CLIENT_SECRET, clientSecret);
251
+ }
252
+ /**
253
+ * add clientAssertion for confidential client flows
254
+ * @param clientAssertion
255
+ */
256
+ function addClientAssertion(parameters, clientAssertion) {
257
+ if (clientAssertion) {
258
+ parameters.set(CLIENT_ASSERTION, clientAssertion);
191
259
  }
192
- /**
193
- * add state
194
- * @param state
195
- */
196
- addState(state) {
197
- if (state) {
198
- this.parameters.set(STATE, encodeURIComponent(state));
199
- }
260
+ }
261
+ /**
262
+ * add clientAssertionType for confidential client flows
263
+ * @param clientAssertionType
264
+ */
265
+ function addClientAssertionType(parameters, clientAssertionType) {
266
+ if (clientAssertionType) {
267
+ parameters.set(CLIENT_ASSERTION_TYPE, clientAssertionType);
200
268
  }
201
- /**
202
- * add nonce
203
- * @param nonce
204
- */
205
- addNonce(nonce) {
206
- this.parameters.set(NONCE, encodeURIComponent(nonce));
269
+ }
270
+ /**
271
+ * add OBO assertion for confidential client flows
272
+ * @param clientAssertion
273
+ */
274
+ function addOboAssertion(parameters, oboAssertion) {
275
+ parameters.set(OBO_ASSERTION, oboAssertion);
276
+ }
277
+ /**
278
+ * add grant type
279
+ * @param grantType
280
+ */
281
+ function addRequestTokenUse(parameters, tokenUse) {
282
+ parameters.set(REQUESTED_TOKEN_USE, tokenUse);
283
+ }
284
+ /**
285
+ * add grant type
286
+ * @param grantType
287
+ */
288
+ function addGrantType(parameters, grantType) {
289
+ parameters.set(GRANT_TYPE, grantType);
290
+ }
291
+ /**
292
+ * add client info
293
+ *
294
+ */
295
+ function addClientInfo(parameters) {
296
+ parameters.set(CLIENT_INFO, "1");
297
+ }
298
+ function addInstanceAware(parameters) {
299
+ if (!parameters.has(INSTANCE_AWARE)) {
300
+ parameters.set(INSTANCE_AWARE, "true");
207
301
  }
208
- /**
209
- * add code_challenge and code_challenge_method
210
- * - throw if either of them are not passed
211
- * @param codeChallenge
212
- * @param codeChallengeMethod
213
- */
214
- addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
215
- RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
216
- if (codeChallenge && codeChallengeMethod) {
217
- this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
218
- this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
302
+ }
303
+ /**
304
+ * add extraQueryParams
305
+ * @param eQParams
306
+ */
307
+ function addExtraQueryParameters(parameters, eQParams) {
308
+ Object.entries(eQParams).forEach(([key, value]) => {
309
+ if (!parameters.has(key) && value) {
310
+ parameters.set(key, value);
219
311
  }
220
- else {
221
- throw createClientConfigurationError(pkceParamsMissing);
312
+ });
313
+ }
314
+ function addClientCapabilitiesToClaims(claims, clientCapabilities) {
315
+ let mergedClaims;
316
+ // Parse provided claims into JSON object or initialize empty object
317
+ if (!claims) {
318
+ mergedClaims = {};
319
+ }
320
+ else {
321
+ try {
322
+ mergedClaims = JSON.parse(claims);
222
323
  }
223
- }
224
- /**
225
- * add the `authorization_code` passed by the user to exchange for a token
226
- * @param code
227
- */
228
- addAuthorizationCode(code) {
229
- this.parameters.set(CODE, encodeURIComponent(code));
230
- }
231
- /**
232
- * add the `authorization_code` passed by the user to exchange for a token
233
- * @param code
234
- */
235
- addDeviceCode(code) {
236
- this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
237
- }
238
- /**
239
- * add the `refreshToken` passed by the user
240
- * @param refreshToken
241
- */
242
- addRefreshToken(refreshToken) {
243
- this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
244
- }
245
- /**
246
- * add the `code_verifier` passed by the user to exchange for a token
247
- * @param codeVerifier
248
- */
249
- addCodeVerifier(codeVerifier) {
250
- this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
251
- }
252
- /**
253
- * add client_secret
254
- * @param clientSecret
255
- */
256
- addClientSecret(clientSecret) {
257
- this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
258
- }
259
- /**
260
- * add clientAssertion for confidential client flows
261
- * @param clientAssertion
262
- */
263
- addClientAssertion(clientAssertion) {
264
- if (clientAssertion) {
265
- this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
324
+ catch (e) {
325
+ throw createClientConfigurationError(invalidClaims);
266
326
  }
267
327
  }
268
- /**
269
- * add clientAssertionType for confidential client flows
270
- * @param clientAssertionType
271
- */
272
- addClientAssertionType(clientAssertionType) {
273
- if (clientAssertionType) {
274
- this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
328
+ if (clientCapabilities && clientCapabilities.length > 0) {
329
+ if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
330
+ // Add access_token key to claims object
331
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
275
332
  }
276
- }
277
- /**
278
- * add OBO assertion for confidential client flows
279
- * @param clientAssertion
280
- */
281
- addOboAssertion(oboAssertion) {
282
- this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
283
- }
284
- /**
285
- * add grant type
286
- * @param grantType
287
- */
288
- addRequestTokenUse(tokenUse) {
289
- this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
290
- }
291
- /**
292
- * add grant type
293
- * @param grantType
294
- */
295
- addGrantType(grantType) {
296
- this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
297
- }
298
- /**
299
- * add client info
300
- *
301
- */
302
- addClientInfo() {
303
- this.parameters.set(CLIENT_INFO, "1");
304
- }
305
- /**
306
- * add extraQueryParams
307
- * @param eQParams
308
- */
309
- addExtraQueryParameters(eQParams) {
310
- Object.entries(eQParams).forEach(([key, value]) => {
311
- if (!this.parameters.has(key) && value) {
312
- this.parameters.set(key, value);
313
- }
314
- });
315
- }
316
- addClientCapabilitiesToClaims(claims, clientCapabilities) {
317
- let mergedClaims;
318
- // Parse provided claims into JSON object or initialize empty object
319
- if (!claims) {
320
- mergedClaims = {};
321
- }
322
- else {
323
- try {
324
- mergedClaims = JSON.parse(claims);
325
- }
326
- catch (e) {
327
- throw createClientConfigurationError(invalidClaims);
328
- }
329
- }
330
- if (clientCapabilities && clientCapabilities.length > 0) {
331
- if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
332
- // Add access_token key to claims object
333
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
334
- }
335
- // Add xms_cc claim with provided clientCapabilities to access_token key
336
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
333
+ // Add xms_cc claim with provided clientCapabilities to access_token key
334
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] =
335
+ {
337
336
  values: clientCapabilities,
338
337
  };
339
- }
340
- return JSON.stringify(mergedClaims);
341
- }
342
- /**
343
- * adds `username` for Password Grant flow
344
- * @param username
345
- */
346
- addUsername(username) {
347
- this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
348
- }
349
- /**
350
- * adds `password` for Password Grant flow
351
- * @param password
352
- */
353
- addPassword(password) {
354
- this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
355
- }
356
- /**
357
- * add pop_jwk to query params
358
- * @param cnfString
359
- */
360
- addPopToken(cnfString) {
361
- if (cnfString) {
362
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
363
- this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
364
- }
365
- }
366
- /**
367
- * add SSH JWK and key ID to query params
368
- */
369
- addSshJwk(sshJwkString) {
370
- if (sshJwkString) {
371
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
372
- this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
373
- }
374
- }
375
- /**
376
- * add server telemetry fields
377
- * @param serverTelemetryManager
378
- */
379
- addServerTelemetry(serverTelemetryManager) {
380
- this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
381
- this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
382
338
  }
383
- /**
384
- * Adds parameter that indicates to the server that throttling is supported
385
- */
386
- addThrottling() {
387
- this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
339
+ return JSON.stringify(mergedClaims);
340
+ }
341
+ /**
342
+ * adds `username` for Password Grant flow
343
+ * @param username
344
+ */
345
+ function addUsername(parameters, username) {
346
+ parameters.set(PasswordGrantConstants.username, username);
347
+ }
348
+ /**
349
+ * adds `password` for Password Grant flow
350
+ * @param password
351
+ */
352
+ function addPassword(parameters, password) {
353
+ parameters.set(PasswordGrantConstants.password, password);
354
+ }
355
+ /**
356
+ * add pop_jwk to query params
357
+ * @param cnfString
358
+ */
359
+ function addPopToken(parameters, cnfString) {
360
+ if (cnfString) {
361
+ parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
362
+ parameters.set(REQ_CNF, cnfString);
388
363
  }
389
- /**
390
- * Adds logout_hint parameter for "silent" logout which prevent server account picker
391
- */
392
- addLogoutHint(logoutHint) {
393
- this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
364
+ }
365
+ /**
366
+ * add SSH JWK and key ID to query params
367
+ */
368
+ function addSshJwk(parameters, sshJwkString) {
369
+ if (sshJwkString) {
370
+ parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
371
+ parameters.set(REQ_CNF, sshJwkString);
394
372
  }
395
- addBrokerParameters(params) {
396
- const brokerParams = {};
397
- brokerParams[BROKER_CLIENT_ID] =
398
- params.brokerClientId;
399
- brokerParams[BROKER_REDIRECT_URI] =
400
- params.brokerRedirectUri;
401
- this.addExtraQueryParameters(brokerParams);
373
+ }
374
+ /**
375
+ * add server telemetry fields
376
+ * @param serverTelemetryManager
377
+ */
378
+ function addServerTelemetry(parameters, serverTelemetryManager) {
379
+ parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
380
+ parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
381
+ }
382
+ /**
383
+ * Adds parameter that indicates to the server that throttling is supported
384
+ */
385
+ function addThrottling(parameters) {
386
+ parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
387
+ }
388
+ /**
389
+ * Adds logout_hint parameter for "silent" logout which prevent server account picker
390
+ */
391
+ function addLogoutHint(parameters, logoutHint) {
392
+ parameters.set(LOGOUT_HINT, logoutHint);
393
+ }
394
+ function addBrokerParameters(parameters, brokerClientId, brokerRedirectUri) {
395
+ if (!parameters.has(BROKER_CLIENT_ID)) {
396
+ parameters.set(BROKER_CLIENT_ID, brokerClientId);
402
397
  }
403
- /**
404
- * Utility to create a URL from the params map
405
- */
406
- createQueryString() {
407
- const queryParameterArray = new Array();
408
- this.parameters.forEach((value, key) => {
409
- queryParameterArray.push(`${key}=${value}`);
410
- });
411
- instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
412
- return queryParameterArray.join("&");
398
+ if (!parameters.has(BROKER_REDIRECT_URI)) {
399
+ parameters.set(BROKER_REDIRECT_URI, brokerRedirectUri);
413
400
  }
414
401
  }
415
402
 
416
- export { RequestParameterBuilder };
403
+ export { addApplicationTelemetry, addAuthorizationCode, addBrokerParameters, addCcsOid, addCcsUpn, addClaims, addClientAssertion, addClientAssertionType, addClientCapabilitiesToClaims, addClientId, addClientInfo, addClientSecret, addCodeChallengeParams, addCodeVerifier, addCorrelationId, addDeviceCode, addDomainHint, addExtraQueryParameters, addGrantType, addIdTokenHint, addInstanceAware, addLibraryInfo, addLoginHint, addLogoutHint, addNativeBroker, addNonce, addOboAssertion, addPassword, addPopToken, addPostLogoutRedirectUri, addPrompt, addRedirectUri, addRefreshToken, addRequestTokenUse, addResponseMode, addResponseTypeCode, addResponseTypeForTokenAndIdToken, addScopes, addServerTelemetry, addSid, addSshJwk, addState, addThrottling, addUsername, instrumentBrokerParams };
417
404
  //# sourceMappingURL=RequestParameterBuilder.mjs.map