@azure/msal-common 15.2.1 → 15.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (170) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +3 -3
  7. package/dist/authority/Authority.mjs.map +1 -1
  8. package/dist/authority/AuthorityFactory.mjs +1 -1
  9. package/dist/authority/AuthorityMetadata.mjs +1 -1
  10. package/dist/authority/AuthorityOptions.mjs +1 -1
  11. package/dist/authority/AuthorityType.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  13. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  14. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  15. package/dist/authority/ProtocolMode.d.ts +11 -0
  16. package/dist/authority/ProtocolMode.d.ts.map +1 -1
  17. package/dist/authority/ProtocolMode.mjs +12 -1
  18. package/dist/authority/ProtocolMode.mjs.map +1 -1
  19. package/dist/authority/RegionDiscovery.mjs +1 -1
  20. package/dist/cache/CacheManager.mjs +1 -1
  21. package/dist/cache/entities/AccountEntity.mjs +4 -4
  22. package/dist/cache/entities/AccountEntity.mjs.map +1 -1
  23. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  24. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  25. package/dist/client/AuthorizationCodeClient.d.ts +0 -31
  26. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  27. package/dist/client/AuthorizationCodeClient.mjs +41 -246
  28. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  29. package/dist/client/BaseClient.d.ts.map +1 -1
  30. package/dist/client/BaseClient.mjs +9 -10
  31. package/dist/client/BaseClient.mjs.map +1 -1
  32. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  33. package/dist/client/RefreshTokenClient.mjs +27 -29
  34. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  35. package/dist/client/SilentFlowClient.mjs +1 -1
  36. package/dist/config/ClientConfiguration.mjs +1 -1
  37. package/dist/constants/AADServerParamKeys.d.ts +3 -0
  38. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  39. package/dist/constants/AADServerParamKeys.mjs +6 -3
  40. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  41. package/dist/crypto/ICrypto.mjs +1 -1
  42. package/dist/crypto/JoseHeader.mjs +1 -1
  43. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  44. package/dist/error/AuthError.mjs +1 -1
  45. package/dist/error/AuthErrorCodes.mjs +1 -1
  46. package/dist/error/CacheError.mjs +1 -1
  47. package/dist/error/CacheErrorCodes.mjs +1 -1
  48. package/dist/error/ClientAuthError.mjs +1 -1
  49. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  50. package/dist/error/ClientConfigurationError.mjs +1 -1
  51. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  52. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  53. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  54. package/dist/error/JoseHeaderError.mjs +1 -1
  55. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  56. package/dist/error/NetworkError.mjs +1 -1
  57. package/dist/error/ServerError.mjs +1 -1
  58. package/dist/exports-common.d.ts +4 -3
  59. package/dist/exports-common.d.ts.map +1 -1
  60. package/dist/index-browser.mjs +6 -3
  61. package/dist/index-browser.mjs.map +1 -1
  62. package/dist/index-node.mjs +6 -3
  63. package/dist/index-node.mjs.map +1 -1
  64. package/dist/index.mjs +6 -3
  65. package/dist/index.mjs.map +1 -1
  66. package/dist/logger/Logger.mjs +1 -1
  67. package/dist/network/INetworkModule.mjs +1 -1
  68. package/dist/network/RequestThumbprint.mjs +1 -1
  69. package/dist/network/ThrottlingUtils.mjs +1 -1
  70. package/dist/packageMetadata.d.ts +1 -1
  71. package/dist/packageMetadata.mjs +2 -2
  72. package/dist/protocol/Authorize.d.ts +37 -0
  73. package/dist/protocol/Authorize.d.ts.map +1 -0
  74. package/dist/protocol/Authorize.mjs +237 -0
  75. package/dist/protocol/Authorize.mjs.map +1 -0
  76. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  77. package/dist/request/CommonAuthorizationUrlRequest.d.ts +3 -2
  78. package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  79. package/dist/request/RequestParameterBuilder.d.ts +211 -219
  80. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  81. package/dist/request/RequestParameterBuilder.mjs +364 -370
  82. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  83. package/dist/request/RequestValidator.mjs +1 -1
  84. package/dist/request/ScopeSet.mjs +1 -1
  85. package/dist/response/AuthorizeResponse.d.ts +76 -0
  86. package/dist/response/AuthorizeResponse.d.ts.map +1 -0
  87. package/dist/response/ResponseHandler.d.ts +0 -8
  88. package/dist/response/ResponseHandler.d.ts.map +1 -1
  89. package/dist/response/ResponseHandler.mjs +2 -49
  90. package/dist/response/ResponseHandler.mjs.map +1 -1
  91. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  92. package/dist/telemetry/performance/PerformanceEvent.d.ts +6 -2
  93. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  94. package/dist/telemetry/performance/PerformanceEvent.mjs +15 -11
  95. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  96. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  97. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  98. package/dist/url/UrlString.mjs +1 -1
  99. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  100. package/dist/utils/Constants.d.ts +11 -5
  101. package/dist/utils/Constants.d.ts.map +1 -1
  102. package/dist/utils/Constants.mjs +13 -8
  103. package/dist/utils/Constants.mjs.map +1 -1
  104. package/dist/utils/FunctionWrappers.mjs +1 -1
  105. package/dist/utils/ProtocolUtils.mjs +1 -1
  106. package/dist/utils/StringUtils.mjs +1 -1
  107. package/dist/utils/TimeUtils.mjs +1 -1
  108. package/dist/utils/UrlUtils.d.ts +6 -2
  109. package/dist/utils/UrlUtils.d.ts.map +1 -1
  110. package/dist/utils/UrlUtils.mjs +13 -2
  111. package/dist/utils/UrlUtils.mjs.map +1 -1
  112. package/lib/index-browser.cjs +4 -2
  113. package/lib/index-browser.cjs.map +1 -1
  114. package/lib/{index-node--LMD5Re1.js → index-node-C56U0Gkp.js} +833 -777
  115. package/lib/index-node-C56U0Gkp.js.map +1 -0
  116. package/lib/index-node.cjs +4 -2
  117. package/lib/index-node.cjs.map +1 -1
  118. package/lib/index.cjs +4 -2
  119. package/lib/index.cjs.map +1 -1
  120. package/lib/types/authority/ProtocolMode.d.ts +11 -0
  121. package/lib/types/authority/ProtocolMode.d.ts.map +1 -1
  122. package/lib/types/client/AuthorizationCodeClient.d.ts +0 -31
  123. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  124. package/lib/types/client/BaseClient.d.ts.map +1 -1
  125. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  126. package/lib/types/constants/AADServerParamKeys.d.ts +3 -0
  127. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  128. package/lib/types/exports-common.d.ts +4 -3
  129. package/lib/types/exports-common.d.ts.map +1 -1
  130. package/lib/types/packageMetadata.d.ts +1 -1
  131. package/lib/types/protocol/Authorize.d.ts +37 -0
  132. package/lib/types/protocol/Authorize.d.ts.map +1 -0
  133. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +3 -2
  134. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  135. package/lib/types/request/RequestParameterBuilder.d.ts +211 -219
  136. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  137. package/lib/types/response/AuthorizeResponse.d.ts +76 -0
  138. package/lib/types/response/AuthorizeResponse.d.ts.map +1 -0
  139. package/lib/types/response/ResponseHandler.d.ts +0 -8
  140. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  141. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +6 -2
  142. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  143. package/lib/types/utils/Constants.d.ts +11 -5
  144. package/lib/types/utils/Constants.d.ts.map +1 -1
  145. package/lib/types/utils/UrlUtils.d.ts +6 -2
  146. package/lib/types/utils/UrlUtils.d.ts.map +1 -1
  147. package/package.json +1 -1
  148. package/src/authority/Authority.ts +2 -2
  149. package/src/authority/ProtocolMode.ts +11 -0
  150. package/src/cache/entities/AccountEntity.ts +3 -3
  151. package/src/client/AuthorizationCodeClient.ts +84 -395
  152. package/src/client/BaseClient.ts +20 -12
  153. package/src/client/RefreshTokenClient.ts +60 -30
  154. package/src/constants/AADServerParamKeys.ts +3 -0
  155. package/src/exports-common.ts +5 -2
  156. package/src/packageMetadata.ts +1 -1
  157. package/src/protocol/Authorize.ts +409 -0
  158. package/src/request/CommonAuthorizationUrlRequest.ts +3 -2
  159. package/src/request/RequestParameterBuilder.ts +516 -545
  160. package/src/response/AuthorizeResponse.ts +80 -0
  161. package/src/response/ResponseHandler.ts +0 -98
  162. package/src/telemetry/performance/PerformanceEvent.ts +14 -11
  163. package/src/utils/Constants.ts +14 -6
  164. package/src/utils/UrlUtils.ts +19 -4
  165. package/dist/response/ServerAuthorizationCodeResponse.d.ts +0 -27
  166. package/dist/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
  167. package/lib/index-node--LMD5Re1.js.map +0 -1
  168. package/lib/types/response/ServerAuthorizationCodeResponse.d.ts +0 -27
  169. package/lib/types/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
  170. package/src/response/ServerAuthorizationCodeResponse.ts +0 -34
@@ -1,11 +1,10 @@
1
- /*! @azure/msal-common v15.2.1 2025-03-11 */
1
+ /*! @azure/msal-common v15.4.0 2025-03-25 */
2
2
  'use strict';
3
- import { Constants, ResponseMode, OIDC_DEFAULT_SCOPES, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
4
- import { RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, CLIENT_ID, REDIRECT_URI, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_CLIENT_ID, BROKER_REDIRECT_URI } from '../constants/AADServerParamKeys.mjs';
3
+ import { ResponseMode, OIDC_DEFAULT_SCOPES, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
4
+ import { CLIENT_ID, BROKER_CLIENT_ID, REDIRECT_URI, RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, INSTANCE_AWARE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_REDIRECT_URI, EAR_JWK, EAR_JWE_CRYPTO } from '../constants/AADServerParamKeys.mjs';
5
5
  import { ScopeSet } from './ScopeSet.mjs';
6
6
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
7
- import { RequestValidator } from './RequestValidator.mjs';
8
- import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
7
+ import { invalidClaims, pkceParamsMissing } from '../error/ClientConfigurationErrorCodes.mjs';
9
8
 
10
9
  /*
11
10
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -23,395 +22,390 @@ function instrumentBrokerParams(parameters, correlationId, performanceClient) {
23
22
  }, correlationId);
24
23
  }
25
24
  }
26
- /** @internal */
27
- class RequestParameterBuilder {
28
- constructor(correlationId, performanceClient) {
29
- this.parameters = new Map();
30
- this.performanceClient = performanceClient;
31
- this.correlationId = correlationId;
32
- }
33
- /**
34
- * add response_type = code
35
- */
36
- addResponseTypeCode() {
37
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
38
- }
39
- /**
40
- * add response_type = token id_token
41
- */
42
- addResponseTypeForTokenAndIdToken() {
43
- this.parameters.set(RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
44
- }
45
- /**
46
- * add response_mode. defaults to query.
47
- * @param responseMode
48
- */
49
- addResponseMode(responseMode) {
50
- this.parameters.set(RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
51
- }
52
- /**
53
- * Add flag to indicate STS should attempt to use WAM if available
54
- */
55
- addNativeBroker() {
56
- this.parameters.set(NATIVE_BROKER, encodeURIComponent("1"));
57
- }
58
- /**
59
- * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
60
- * @param scopeSet
61
- * @param addOidcScopes
62
- */
63
- addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
64
- // Always add openid to the scopes when adding OIDC scopes
65
- if (addOidcScopes &&
66
- !defaultScopes.includes("openid") &&
67
- !scopes.includes("openid")) {
68
- defaultScopes.push("openid");
69
- }
70
- const requestScopes = addOidcScopes
71
- ? [...(scopes || []), ...defaultScopes]
72
- : scopes || [];
73
- const scopeSet = new ScopeSet(requestScopes);
74
- this.parameters.set(SCOPE, encodeURIComponent(scopeSet.printScopes()));
75
- }
76
- /**
77
- * add clientId
78
- * @param clientId
79
- */
80
- addClientId(clientId) {
81
- this.parameters.set(CLIENT_ID, encodeURIComponent(clientId));
82
- }
83
- /**
84
- * add redirect_uri
85
- * @param redirectUri
86
- */
87
- addRedirectUri(redirectUri) {
88
- RequestValidator.validateRedirectUri(redirectUri);
89
- this.parameters.set(REDIRECT_URI, encodeURIComponent(redirectUri));
90
- }
91
- /**
92
- * add post logout redirectUri
93
- * @param redirectUri
94
- */
95
- addPostLogoutRedirectUri(redirectUri) {
96
- RequestValidator.validateRedirectUri(redirectUri);
97
- this.parameters.set(POST_LOGOUT_URI, encodeURIComponent(redirectUri));
98
- }
99
- /**
100
- * add id_token_hint to logout request
101
- * @param idTokenHint
102
- */
103
- addIdTokenHint(idTokenHint) {
104
- this.parameters.set(ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
105
- }
106
- /**
107
- * add domain_hint
108
- * @param domainHint
109
- */
110
- addDomainHint(domainHint) {
111
- this.parameters.set(DOMAIN_HINT, encodeURIComponent(domainHint));
25
+ /**
26
+ * Add the given response_type
27
+ * @param parameters
28
+ * @param responseType
29
+ */
30
+ function addResponseType(parameters, responseType) {
31
+ parameters.set(RESPONSE_TYPE, responseType);
32
+ }
33
+ /**
34
+ * add response_mode. defaults to query.
35
+ * @param responseMode
36
+ */
37
+ function addResponseMode(parameters, responseMode) {
38
+ parameters.set(RESPONSE_MODE, responseMode ? responseMode : ResponseMode.QUERY);
39
+ }
40
+ /**
41
+ * Add flag to indicate STS should attempt to use WAM if available
42
+ */
43
+ function addNativeBroker(parameters) {
44
+ parameters.set(NATIVE_BROKER, "1");
45
+ }
46
+ /**
47
+ * add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
48
+ * @param scopeSet
49
+ * @param addOidcScopes
50
+ */
51
+ function addScopes(parameters, scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
52
+ // Always add openid to the scopes when adding OIDC scopes
53
+ if (addOidcScopes &&
54
+ !defaultScopes.includes("openid") &&
55
+ !scopes.includes("openid")) {
56
+ defaultScopes.push("openid");
57
+ }
58
+ const requestScopes = addOidcScopes
59
+ ? [...(scopes || []), ...defaultScopes]
60
+ : scopes || [];
61
+ const scopeSet = new ScopeSet(requestScopes);
62
+ parameters.set(SCOPE, scopeSet.printScopes());
63
+ }
64
+ /**
65
+ * add clientId
66
+ * @param clientId
67
+ */
68
+ function addClientId(parameters, clientId) {
69
+ parameters.set(CLIENT_ID, clientId);
70
+ }
71
+ /**
72
+ * add redirect_uri
73
+ * @param redirectUri
74
+ */
75
+ function addRedirectUri(parameters, redirectUri) {
76
+ parameters.set(REDIRECT_URI, redirectUri);
77
+ }
78
+ /**
79
+ * add post logout redirectUri
80
+ * @param redirectUri
81
+ */
82
+ function addPostLogoutRedirectUri(parameters, redirectUri) {
83
+ parameters.set(POST_LOGOUT_URI, redirectUri);
84
+ }
85
+ /**
86
+ * add id_token_hint to logout request
87
+ * @param idTokenHint
88
+ */
89
+ function addIdTokenHint(parameters, idTokenHint) {
90
+ parameters.set(ID_TOKEN_HINT, idTokenHint);
91
+ }
92
+ /**
93
+ * add domain_hint
94
+ * @param domainHint
95
+ */
96
+ function addDomainHint(parameters, domainHint) {
97
+ parameters.set(DOMAIN_HINT, domainHint);
98
+ }
99
+ /**
100
+ * add login_hint
101
+ * @param loginHint
102
+ */
103
+ function addLoginHint(parameters, loginHint) {
104
+ parameters.set(LOGIN_HINT, loginHint);
105
+ }
106
+ /**
107
+ * Adds the CCS (Cache Credential Service) query parameter for login_hint
108
+ * @param loginHint
109
+ */
110
+ function addCcsUpn(parameters, loginHint) {
111
+ parameters.set(HeaderNames.CCS_HEADER, `UPN:${loginHint}`);
112
+ }
113
+ /**
114
+ * Adds the CCS (Cache Credential Service) query parameter for account object
115
+ * @param loginHint
116
+ */
117
+ function addCcsOid(parameters, clientInfo) {
118
+ parameters.set(HeaderNames.CCS_HEADER, `Oid:${clientInfo.uid}@${clientInfo.utid}`);
119
+ }
120
+ /**
121
+ * add sid
122
+ * @param sid
123
+ */
124
+ function addSid(parameters, sid) {
125
+ parameters.set(SID, sid);
126
+ }
127
+ /**
128
+ * add claims
129
+ * @param claims
130
+ */
131
+ function addClaims(parameters, claims, clientCapabilities) {
132
+ const mergedClaims = addClientCapabilitiesToClaims(claims, clientCapabilities);
133
+ try {
134
+ JSON.parse(mergedClaims);
112
135
  }
113
- /**
114
- * add login_hint
115
- * @param loginHint
116
- */
117
- addLoginHint(loginHint) {
118
- this.parameters.set(LOGIN_HINT, encodeURIComponent(loginHint));
136
+ catch (e) {
137
+ throw createClientConfigurationError(invalidClaims);
119
138
  }
120
- /**
121
- * Adds the CCS (Cache Credential Service) query parameter for login_hint
122
- * @param loginHint
123
- */
124
- addCcsUpn(loginHint) {
125
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
139
+ parameters.set(CLAIMS, mergedClaims);
140
+ }
141
+ /**
142
+ * add correlationId
143
+ * @param correlationId
144
+ */
145
+ function addCorrelationId(parameters, correlationId) {
146
+ parameters.set(CLIENT_REQUEST_ID, correlationId);
147
+ }
148
+ /**
149
+ * add library info query params
150
+ * @param libraryInfo
151
+ */
152
+ function addLibraryInfo(parameters, libraryInfo) {
153
+ // Telemetry Info
154
+ parameters.set(X_CLIENT_SKU, libraryInfo.sku);
155
+ parameters.set(X_CLIENT_VER, libraryInfo.version);
156
+ if (libraryInfo.os) {
157
+ parameters.set(X_CLIENT_OS, libraryInfo.os);
126
158
  }
127
- /**
128
- * Adds the CCS (Cache Credential Service) query parameter for account object
129
- * @param loginHint
130
- */
131
- addCcsOid(clientInfo) {
132
- this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
159
+ if (libraryInfo.cpu) {
160
+ parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
133
161
  }
134
- /**
135
- * add sid
136
- * @param sid
137
- */
138
- addSid(sid) {
139
- this.parameters.set(SID, encodeURIComponent(sid));
162
+ }
163
+ /**
164
+ * Add client telemetry parameters
165
+ * @param appTelemetry
166
+ */
167
+ function addApplicationTelemetry(parameters, appTelemetry) {
168
+ if (appTelemetry?.appName) {
169
+ parameters.set(X_APP_NAME, appTelemetry.appName);
140
170
  }
141
- /**
142
- * add claims
143
- * @param claims
144
- */
145
- addClaims(claims, clientCapabilities) {
146
- const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
147
- RequestValidator.validateClaims(mergedClaims);
148
- this.parameters.set(CLAIMS, encodeURIComponent(mergedClaims));
171
+ if (appTelemetry?.appVersion) {
172
+ parameters.set(X_APP_VER, appTelemetry.appVersion);
149
173
  }
150
- /**
151
- * add correlationId
152
- * @param correlationId
153
- */
154
- addCorrelationId(correlationId) {
155
- this.parameters.set(CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
174
+ }
175
+ /**
176
+ * add prompt
177
+ * @param prompt
178
+ */
179
+ function addPrompt(parameters, prompt) {
180
+ parameters.set(PROMPT, prompt);
181
+ }
182
+ /**
183
+ * add state
184
+ * @param state
185
+ */
186
+ function addState(parameters, state) {
187
+ if (state) {
188
+ parameters.set(STATE, state);
156
189
  }
157
- /**
158
- * add library info query params
159
- * @param libraryInfo
160
- */
161
- addLibraryInfo(libraryInfo) {
162
- // Telemetry Info
163
- this.parameters.set(X_CLIENT_SKU, libraryInfo.sku);
164
- this.parameters.set(X_CLIENT_VER, libraryInfo.version);
165
- if (libraryInfo.os) {
166
- this.parameters.set(X_CLIENT_OS, libraryInfo.os);
167
- }
168
- if (libraryInfo.cpu) {
169
- this.parameters.set(X_CLIENT_CPU, libraryInfo.cpu);
170
- }
190
+ }
191
+ /**
192
+ * add nonce
193
+ * @param nonce
194
+ */
195
+ function addNonce(parameters, nonce) {
196
+ parameters.set(NONCE, nonce);
197
+ }
198
+ /**
199
+ * add code_challenge and code_challenge_method
200
+ * - throw if either of them are not passed
201
+ * @param codeChallenge
202
+ * @param codeChallengeMethod
203
+ */
204
+ function addCodeChallengeParams(parameters, codeChallenge, codeChallengeMethod) {
205
+ if (codeChallenge && codeChallengeMethod) {
206
+ parameters.set(CODE_CHALLENGE, codeChallenge);
207
+ parameters.set(CODE_CHALLENGE_METHOD, codeChallengeMethod);
171
208
  }
172
- /**
173
- * Add client telemetry parameters
174
- * @param appTelemetry
175
- */
176
- addApplicationTelemetry(appTelemetry) {
177
- if (appTelemetry?.appName) {
178
- this.parameters.set(X_APP_NAME, appTelemetry.appName);
179
- }
180
- if (appTelemetry?.appVersion) {
181
- this.parameters.set(X_APP_VER, appTelemetry.appVersion);
182
- }
209
+ else {
210
+ throw createClientConfigurationError(pkceParamsMissing);
183
211
  }
184
- /**
185
- * add prompt
186
- * @param prompt
187
- */
188
- addPrompt(prompt) {
189
- RequestValidator.validatePrompt(prompt);
190
- this.parameters.set(`${PROMPT}`, encodeURIComponent(prompt));
212
+ }
213
+ /**
214
+ * add the `authorization_code` passed by the user to exchange for a token
215
+ * @param code
216
+ */
217
+ function addAuthorizationCode(parameters, code) {
218
+ parameters.set(CODE, code);
219
+ }
220
+ /**
221
+ * add the `authorization_code` passed by the user to exchange for a token
222
+ * @param code
223
+ */
224
+ function addDeviceCode(parameters, code) {
225
+ parameters.set(DEVICE_CODE, code);
226
+ }
227
+ /**
228
+ * add the `refreshToken` passed by the user
229
+ * @param refreshToken
230
+ */
231
+ function addRefreshToken(parameters, refreshToken) {
232
+ parameters.set(REFRESH_TOKEN, refreshToken);
233
+ }
234
+ /**
235
+ * add the `code_verifier` passed by the user to exchange for a token
236
+ * @param codeVerifier
237
+ */
238
+ function addCodeVerifier(parameters, codeVerifier) {
239
+ parameters.set(CODE_VERIFIER, codeVerifier);
240
+ }
241
+ /**
242
+ * add client_secret
243
+ * @param clientSecret
244
+ */
245
+ function addClientSecret(parameters, clientSecret) {
246
+ parameters.set(CLIENT_SECRET, clientSecret);
247
+ }
248
+ /**
249
+ * add clientAssertion for confidential client flows
250
+ * @param clientAssertion
251
+ */
252
+ function addClientAssertion(parameters, clientAssertion) {
253
+ if (clientAssertion) {
254
+ parameters.set(CLIENT_ASSERTION, clientAssertion);
191
255
  }
192
- /**
193
- * add state
194
- * @param state
195
- */
196
- addState(state) {
197
- if (state) {
198
- this.parameters.set(STATE, encodeURIComponent(state));
199
- }
256
+ }
257
+ /**
258
+ * add clientAssertionType for confidential client flows
259
+ * @param clientAssertionType
260
+ */
261
+ function addClientAssertionType(parameters, clientAssertionType) {
262
+ if (clientAssertionType) {
263
+ parameters.set(CLIENT_ASSERTION_TYPE, clientAssertionType);
200
264
  }
201
- /**
202
- * add nonce
203
- * @param nonce
204
- */
205
- addNonce(nonce) {
206
- this.parameters.set(NONCE, encodeURIComponent(nonce));
265
+ }
266
+ /**
267
+ * add OBO assertion for confidential client flows
268
+ * @param clientAssertion
269
+ */
270
+ function addOboAssertion(parameters, oboAssertion) {
271
+ parameters.set(OBO_ASSERTION, oboAssertion);
272
+ }
273
+ /**
274
+ * add grant type
275
+ * @param grantType
276
+ */
277
+ function addRequestTokenUse(parameters, tokenUse) {
278
+ parameters.set(REQUESTED_TOKEN_USE, tokenUse);
279
+ }
280
+ /**
281
+ * add grant type
282
+ * @param grantType
283
+ */
284
+ function addGrantType(parameters, grantType) {
285
+ parameters.set(GRANT_TYPE, grantType);
286
+ }
287
+ /**
288
+ * add client info
289
+ *
290
+ */
291
+ function addClientInfo(parameters) {
292
+ parameters.set(CLIENT_INFO, "1");
293
+ }
294
+ function addInstanceAware(parameters) {
295
+ if (!parameters.has(INSTANCE_AWARE)) {
296
+ parameters.set(INSTANCE_AWARE, "true");
207
297
  }
208
- /**
209
- * add code_challenge and code_challenge_method
210
- * - throw if either of them are not passed
211
- * @param codeChallenge
212
- * @param codeChallengeMethod
213
- */
214
- addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
215
- RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
216
- if (codeChallenge && codeChallengeMethod) {
217
- this.parameters.set(CODE_CHALLENGE, encodeURIComponent(codeChallenge));
218
- this.parameters.set(CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
298
+ }
299
+ /**
300
+ * add extraQueryParams
301
+ * @param eQParams
302
+ */
303
+ function addExtraQueryParameters(parameters, eQParams) {
304
+ Object.entries(eQParams).forEach(([key, value]) => {
305
+ if (!parameters.has(key) && value) {
306
+ parameters.set(key, value);
219
307
  }
220
- else {
221
- throw createClientConfigurationError(pkceParamsMissing);
308
+ });
309
+ }
310
+ function addClientCapabilitiesToClaims(claims, clientCapabilities) {
311
+ let mergedClaims;
312
+ // Parse provided claims into JSON object or initialize empty object
313
+ if (!claims) {
314
+ mergedClaims = {};
315
+ }
316
+ else {
317
+ try {
318
+ mergedClaims = JSON.parse(claims);
222
319
  }
223
- }
224
- /**
225
- * add the `authorization_code` passed by the user to exchange for a token
226
- * @param code
227
- */
228
- addAuthorizationCode(code) {
229
- this.parameters.set(CODE, encodeURIComponent(code));
230
- }
231
- /**
232
- * add the `authorization_code` passed by the user to exchange for a token
233
- * @param code
234
- */
235
- addDeviceCode(code) {
236
- this.parameters.set(DEVICE_CODE, encodeURIComponent(code));
237
- }
238
- /**
239
- * add the `refreshToken` passed by the user
240
- * @param refreshToken
241
- */
242
- addRefreshToken(refreshToken) {
243
- this.parameters.set(REFRESH_TOKEN, encodeURIComponent(refreshToken));
244
- }
245
- /**
246
- * add the `code_verifier` passed by the user to exchange for a token
247
- * @param codeVerifier
248
- */
249
- addCodeVerifier(codeVerifier) {
250
- this.parameters.set(CODE_VERIFIER, encodeURIComponent(codeVerifier));
251
- }
252
- /**
253
- * add client_secret
254
- * @param clientSecret
255
- */
256
- addClientSecret(clientSecret) {
257
- this.parameters.set(CLIENT_SECRET, encodeURIComponent(clientSecret));
258
- }
259
- /**
260
- * add clientAssertion for confidential client flows
261
- * @param clientAssertion
262
- */
263
- addClientAssertion(clientAssertion) {
264
- if (clientAssertion) {
265
- this.parameters.set(CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
320
+ catch (e) {
321
+ throw createClientConfigurationError(invalidClaims);
266
322
  }
267
323
  }
268
- /**
269
- * add clientAssertionType for confidential client flows
270
- * @param clientAssertionType
271
- */
272
- addClientAssertionType(clientAssertionType) {
273
- if (clientAssertionType) {
274
- this.parameters.set(CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
324
+ if (clientCapabilities && clientCapabilities.length > 0) {
325
+ if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
326
+ // Add access_token key to claims object
327
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
275
328
  }
276
- }
277
- /**
278
- * add OBO assertion for confidential client flows
279
- * @param clientAssertion
280
- */
281
- addOboAssertion(oboAssertion) {
282
- this.parameters.set(OBO_ASSERTION, encodeURIComponent(oboAssertion));
283
- }
284
- /**
285
- * add grant type
286
- * @param grantType
287
- */
288
- addRequestTokenUse(tokenUse) {
289
- this.parameters.set(REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
290
- }
291
- /**
292
- * add grant type
293
- * @param grantType
294
- */
295
- addGrantType(grantType) {
296
- this.parameters.set(GRANT_TYPE, encodeURIComponent(grantType));
297
- }
298
- /**
299
- * add client info
300
- *
301
- */
302
- addClientInfo() {
303
- this.parameters.set(CLIENT_INFO, "1");
304
- }
305
- /**
306
- * add extraQueryParams
307
- * @param eQParams
308
- */
309
- addExtraQueryParameters(eQParams) {
310
- Object.entries(eQParams).forEach(([key, value]) => {
311
- if (!this.parameters.has(key) && value) {
312
- this.parameters.set(key, value);
313
- }
314
- });
315
- }
316
- addClientCapabilitiesToClaims(claims, clientCapabilities) {
317
- let mergedClaims;
318
- // Parse provided claims into JSON object or initialize empty object
319
- if (!claims) {
320
- mergedClaims = {};
321
- }
322
- else {
323
- try {
324
- mergedClaims = JSON.parse(claims);
325
- }
326
- catch (e) {
327
- throw createClientConfigurationError(invalidClaims);
328
- }
329
- }
330
- if (clientCapabilities && clientCapabilities.length > 0) {
331
- if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
332
- // Add access_token key to claims object
333
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
334
- }
335
- // Add xms_cc claim with provided clientCapabilities to access_token key
336
- mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
329
+ // Add xms_cc claim with provided clientCapabilities to access_token key
330
+ mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] =
331
+ {
337
332
  values: clientCapabilities,
338
333
  };
339
- }
340
- return JSON.stringify(mergedClaims);
341
- }
342
- /**
343
- * adds `username` for Password Grant flow
344
- * @param username
345
- */
346
- addUsername(username) {
347
- this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
348
- }
349
- /**
350
- * adds `password` for Password Grant flow
351
- * @param password
352
- */
353
- addPassword(password) {
354
- this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
355
334
  }
356
- /**
357
- * add pop_jwk to query params
358
- * @param cnfString
359
- */
360
- addPopToken(cnfString) {
361
- if (cnfString) {
362
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
363
- this.parameters.set(REQ_CNF, encodeURIComponent(cnfString));
364
- }
365
- }
366
- /**
367
- * add SSH JWK and key ID to query params
368
- */
369
- addSshJwk(sshJwkString) {
370
- if (sshJwkString) {
371
- this.parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
372
- this.parameters.set(REQ_CNF, encodeURIComponent(sshJwkString));
373
- }
374
- }
375
- /**
376
- * add server telemetry fields
377
- * @param serverTelemetryManager
378
- */
379
- addServerTelemetry(serverTelemetryManager) {
380
- this.parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
381
- this.parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
382
- }
383
- /**
384
- * Adds parameter that indicates to the server that throttling is supported
385
- */
386
- addThrottling() {
387
- this.parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
335
+ return JSON.stringify(mergedClaims);
336
+ }
337
+ /**
338
+ * adds `username` for Password Grant flow
339
+ * @param username
340
+ */
341
+ function addUsername(parameters, username) {
342
+ parameters.set(PasswordGrantConstants.username, username);
343
+ }
344
+ /**
345
+ * adds `password` for Password Grant flow
346
+ * @param password
347
+ */
348
+ function addPassword(parameters, password) {
349
+ parameters.set(PasswordGrantConstants.password, password);
350
+ }
351
+ /**
352
+ * add pop_jwk to query params
353
+ * @param cnfString
354
+ */
355
+ function addPopToken(parameters, cnfString) {
356
+ if (cnfString) {
357
+ parameters.set(TOKEN_TYPE, AuthenticationScheme.POP);
358
+ parameters.set(REQ_CNF, cnfString);
388
359
  }
389
- /**
390
- * Adds logout_hint parameter for "silent" logout which prevent server account picker
391
- */
392
- addLogoutHint(logoutHint) {
393
- this.parameters.set(LOGOUT_HINT, encodeURIComponent(logoutHint));
360
+ }
361
+ /**
362
+ * add SSH JWK and key ID to query params
363
+ */
364
+ function addSshJwk(parameters, sshJwkString) {
365
+ if (sshJwkString) {
366
+ parameters.set(TOKEN_TYPE, AuthenticationScheme.SSH);
367
+ parameters.set(REQ_CNF, sshJwkString);
394
368
  }
395
- addBrokerParameters(params) {
396
- const brokerParams = {};
397
- brokerParams[BROKER_CLIENT_ID] =
398
- params.brokerClientId;
399
- brokerParams[BROKER_REDIRECT_URI] =
400
- params.brokerRedirectUri;
401
- this.addExtraQueryParameters(brokerParams);
369
+ }
370
+ /**
371
+ * add server telemetry fields
372
+ * @param serverTelemetryManager
373
+ */
374
+ function addServerTelemetry(parameters, serverTelemetryManager) {
375
+ parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
376
+ parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
377
+ }
378
+ /**
379
+ * Adds parameter that indicates to the server that throttling is supported
380
+ */
381
+ function addThrottling(parameters) {
382
+ parameters.set(X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
383
+ }
384
+ /**
385
+ * Adds logout_hint parameter for "silent" logout which prevent server account picker
386
+ */
387
+ function addLogoutHint(parameters, logoutHint) {
388
+ parameters.set(LOGOUT_HINT, logoutHint);
389
+ }
390
+ function addBrokerParameters(parameters, brokerClientId, brokerRedirectUri) {
391
+ if (!parameters.has(BROKER_CLIENT_ID)) {
392
+ parameters.set(BROKER_CLIENT_ID, brokerClientId);
402
393
  }
403
- /**
404
- * Utility to create a URL from the params map
405
- */
406
- createQueryString() {
407
- const queryParameterArray = new Array();
408
- this.parameters.forEach((value, key) => {
409
- queryParameterArray.push(`${key}=${value}`);
410
- });
411
- instrumentBrokerParams(this.parameters, this.correlationId, this.performanceClient);
412
- return queryParameterArray.join("&");
394
+ if (!parameters.has(BROKER_REDIRECT_URI)) {
395
+ parameters.set(BROKER_REDIRECT_URI, brokerRedirectUri);
413
396
  }
397
+ }
398
+ /**
399
+ * Add EAR (Encrypted Authorize Response) request parameters
400
+ * @param parameters
401
+ * @param jwk
402
+ */
403
+ function addEARParameters(parameters, jwk) {
404
+ parameters.set(EAR_JWK, encodeURIComponent(jwk));
405
+ // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
406
+ const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
407
+ parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
414
408
  }
415
409
 
416
- export { RequestParameterBuilder };
410
+ export { addApplicationTelemetry, addAuthorizationCode, addBrokerParameters, addCcsOid, addCcsUpn, addClaims, addClientAssertion, addClientAssertionType, addClientCapabilitiesToClaims, addClientId, addClientInfo, addClientSecret, addCodeChallengeParams, addCodeVerifier, addCorrelationId, addDeviceCode, addDomainHint, addEARParameters, addExtraQueryParameters, addGrantType, addIdTokenHint, addInstanceAware, addLibraryInfo, addLoginHint, addLogoutHint, addNativeBroker, addNonce, addOboAssertion, addPassword, addPopToken, addPostLogoutRedirectUri, addPrompt, addRedirectUri, addRefreshToken, addRequestTokenUse, addResponseMode, addResponseType, addScopes, addServerTelemetry, addSid, addSshJwk, addState, addThrottling, addUsername, instrumentBrokerParams };
417
411
  //# sourceMappingURL=RequestParameterBuilder.mjs.map