@azure/msal-common 15.7.0 → 15.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (176) hide show
  1. package/dist/account/AccountInfo.d.ts +1 -0
  2. package/dist/account/AccountInfo.d.ts.map +1 -1
  3. package/dist/account/AccountInfo.mjs +1 -1
  4. package/dist/account/AccountInfo.mjs.map +1 -1
  5. package/dist/account/AuthToken.mjs +1 -1
  6. package/dist/account/CcsCredential.mjs +1 -1
  7. package/dist/account/ClientInfo.mjs +1 -1
  8. package/dist/account/TokenClaims.mjs +1 -1
  9. package/dist/authority/Authority.mjs +1 -1
  10. package/dist/authority/AuthorityFactory.mjs +1 -1
  11. package/dist/authority/AuthorityMetadata.mjs +1 -2
  12. package/dist/authority/AuthorityMetadata.mjs.map +1 -1
  13. package/dist/authority/AuthorityOptions.mjs +1 -1
  14. package/dist/authority/AuthorityType.mjs +1 -1
  15. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  16. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  17. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  18. package/dist/authority/ProtocolMode.mjs +1 -1
  19. package/dist/authority/RegionDiscovery.mjs +1 -1
  20. package/dist/cache/CacheManager.d.ts +32 -30
  21. package/dist/cache/CacheManager.d.ts.map +1 -1
  22. package/dist/cache/CacheManager.mjs +83 -101
  23. package/dist/cache/CacheManager.mjs.map +1 -1
  24. package/dist/cache/entities/AccountEntity.d.ts +1 -0
  25. package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
  26. package/dist/cache/entities/AccountEntity.mjs +1 -1
  27. package/dist/cache/entities/AccountEntity.mjs.map +1 -1
  28. package/dist/cache/entities/CredentialEntity.d.ts +2 -0
  29. package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
  30. package/dist/cache/interface/ICacheManager.d.ts +16 -16
  31. package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
  32. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  33. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  34. package/dist/client/AuthorizationCodeClient.mjs +3 -3
  35. package/dist/client/BaseClient.d.ts.map +1 -1
  36. package/dist/client/BaseClient.mjs +4 -4
  37. package/dist/client/BaseClient.mjs.map +1 -1
  38. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  39. package/dist/client/RefreshTokenClient.mjs +5 -5
  40. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  41. package/dist/client/SilentFlowClient.d.ts.map +1 -1
  42. package/dist/client/SilentFlowClient.mjs +4 -4
  43. package/dist/client/SilentFlowClient.mjs.map +1 -1
  44. package/dist/config/ClientConfiguration.d.ts.map +1 -1
  45. package/dist/config/ClientConfiguration.mjs +4 -3
  46. package/dist/config/ClientConfiguration.mjs.map +1 -1
  47. package/dist/constants/AADServerParamKeys.mjs +1 -1
  48. package/dist/crypto/ICrypto.d.ts +1 -1
  49. package/dist/crypto/ICrypto.d.ts.map +1 -1
  50. package/dist/crypto/ICrypto.mjs +1 -1
  51. package/dist/crypto/JoseHeader.mjs +1 -1
  52. package/dist/crypto/PopTokenGenerator.mjs +2 -4
  53. package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
  54. package/dist/error/AuthError.mjs +2 -2
  55. package/dist/error/AuthErrorCodes.mjs +1 -1
  56. package/dist/error/CacheError.d.ts +8 -1
  57. package/dist/error/CacheError.d.ts.map +1 -1
  58. package/dist/error/CacheError.mjs +26 -7
  59. package/dist/error/CacheError.mjs.map +1 -1
  60. package/dist/error/CacheErrorCodes.d.ts +2 -2
  61. package/dist/error/CacheErrorCodes.d.ts.map +1 -1
  62. package/dist/error/CacheErrorCodes.mjs +4 -4
  63. package/dist/error/CacheErrorCodes.mjs.map +1 -1
  64. package/dist/error/ClientAuthError.mjs +2 -2
  65. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  66. package/dist/error/ClientConfigurationError.mjs +2 -2
  67. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  68. package/dist/error/InteractionRequiredAuthError.d.ts.map +1 -1
  69. package/dist/error/InteractionRequiredAuthError.mjs +4 -2
  70. package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  71. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +1 -0
  72. package/dist/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -1
  73. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +3 -2
  74. package/dist/error/InteractionRequiredAuthErrorCodes.mjs.map +1 -1
  75. package/dist/error/JoseHeaderError.mjs +2 -2
  76. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  77. package/dist/error/NetworkError.mjs +1 -1
  78. package/dist/error/ServerError.mjs +1 -1
  79. package/dist/exports-common.d.ts +1 -1
  80. package/dist/exports-common.d.ts.map +1 -1
  81. package/dist/index-browser.mjs +2 -2
  82. package/dist/index-node.mjs +2 -2
  83. package/dist/index.mjs +2 -2
  84. package/dist/logger/Logger.mjs +1 -1
  85. package/dist/network/INetworkModule.mjs +1 -1
  86. package/dist/network/RequestThumbprint.mjs +1 -1
  87. package/dist/network/ThrottlingUtils.d.ts +2 -2
  88. package/dist/network/ThrottlingUtils.d.ts.map +1 -1
  89. package/dist/network/ThrottlingUtils.mjs +6 -6
  90. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  91. package/dist/packageMetadata.d.ts +1 -1
  92. package/dist/packageMetadata.mjs +2 -2
  93. package/dist/protocol/Authorize.mjs +2 -2
  94. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  95. package/dist/request/RequestParameterBuilder.mjs +2 -2
  96. package/dist/request/RequestValidator.mjs +1 -1
  97. package/dist/request/ScopeSet.mjs +1 -1
  98. package/dist/response/ResponseHandler.d.ts +1 -1
  99. package/dist/response/ResponseHandler.d.ts.map +1 -1
  100. package/dist/response/ResponseHandler.mjs +6 -6
  101. package/dist/response/ResponseHandler.mjs.map +1 -1
  102. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  103. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  104. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  105. package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  106. package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
  107. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  108. package/dist/url/UrlString.mjs +1 -1
  109. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  110. package/dist/utils/Constants.mjs +1 -4
  111. package/dist/utils/Constants.mjs.map +1 -1
  112. package/dist/utils/FunctionWrappers.mjs +1 -1
  113. package/dist/utils/ProtocolUtils.mjs +1 -1
  114. package/dist/utils/StringUtils.mjs +1 -1
  115. package/dist/utils/TimeUtils.mjs +1 -1
  116. package/dist/utils/UrlUtils.mjs +1 -1
  117. package/lib/index-browser.cjs +5 -81
  118. package/lib/index-browser.cjs.map +1 -1
  119. package/lib/{index-node-DNGOJ4N7.js → index-node-2PsHlOld.js} +217 -139
  120. package/lib/index-node-2PsHlOld.js.map +1 -0
  121. package/lib/index-node.cjs +3 -2
  122. package/lib/index-node.cjs.map +1 -1
  123. package/lib/index.cjs +4 -3
  124. package/lib/index.cjs.map +1 -1
  125. package/lib/types/account/AccountInfo.d.ts +1 -0
  126. package/lib/types/account/AccountInfo.d.ts.map +1 -1
  127. package/lib/types/cache/CacheManager.d.ts +32 -30
  128. package/lib/types/cache/CacheManager.d.ts.map +1 -1
  129. package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
  130. package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
  131. package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
  132. package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
  133. package/lib/types/cache/interface/ICacheManager.d.ts +16 -16
  134. package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
  135. package/lib/types/client/BaseClient.d.ts.map +1 -1
  136. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  137. package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
  138. package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
  139. package/lib/types/crypto/ICrypto.d.ts +1 -1
  140. package/lib/types/crypto/ICrypto.d.ts.map +1 -1
  141. package/lib/types/error/CacheError.d.ts +8 -1
  142. package/lib/types/error/CacheError.d.ts.map +1 -1
  143. package/lib/types/error/CacheErrorCodes.d.ts +2 -2
  144. package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
  145. package/lib/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
  146. package/lib/types/error/InteractionRequiredAuthErrorCodes.d.ts +1 -0
  147. package/lib/types/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -1
  148. package/lib/types/exports-common.d.ts +1 -1
  149. package/lib/types/exports-common.d.ts.map +1 -1
  150. package/lib/types/network/ThrottlingUtils.d.ts +2 -2
  151. package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
  152. package/lib/types/packageMetadata.d.ts +1 -1
  153. package/lib/types/response/ResponseHandler.d.ts +1 -1
  154. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  155. package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  156. package/package.json +1 -1
  157. package/src/account/AccountInfo.ts +1 -0
  158. package/src/cache/CacheManager.ts +159 -123
  159. package/src/cache/entities/AccountEntity.ts +1 -0
  160. package/src/cache/entities/CredentialEntity.ts +2 -0
  161. package/src/cache/interface/ICacheManager.ts +34 -16
  162. package/src/client/BaseClient.ts +11 -2
  163. package/src/client/RefreshTokenClient.ts +6 -3
  164. package/src/client/SilentFlowClient.ts +7 -6
  165. package/src/config/ClientConfiguration.ts +3 -1
  166. package/src/crypto/ICrypto.ts +2 -2
  167. package/src/error/CacheError.ts +26 -5
  168. package/src/error/CacheErrorCodes.ts +2 -2
  169. package/src/error/InteractionRequiredAuthError.ts +3 -0
  170. package/src/error/InteractionRequiredAuthErrorCodes.ts +1 -0
  171. package/src/exports-common.ts +5 -1
  172. package/src/network/ThrottlingUtils.ts +8 -5
  173. package/src/packageMetadata.ts +1 -1
  174. package/src/response/ResponseHandler.ts +7 -2
  175. package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
  176. package/lib/index-node-DNGOJ4N7.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v15.7.0 2025-05-30 */
1
+ /*! @azure/msal-common v15.8.0 2025-07-01 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -234,7 +234,6 @@ const AuthorityMetadataSource = {
234
234
  };
235
235
  const SERVER_TELEM_CONSTANTS = {
236
236
  SCHEMA_VERSION: 5,
237
- MAX_CUR_HEADER_BYTES: 80,
238
237
  MAX_LAST_HEADER_BYTES: 330,
239
238
  MAX_CACHED_ERRORS: 50,
240
239
  CACHE_KEY: "server-telemetry",
@@ -289,9 +288,7 @@ const RegionDiscoverySources = {
289
288
  * Region Discovery Outcomes
290
289
  */
291
290
  const RegionDiscoveryOutcomes = {
292
- CONFIGURED_MATCHES_DETECTED: "1",
293
291
  CONFIGURED_NO_AUTO_DETECTION: "2",
294
- CONFIGURED_NOT_DETECTED: "3",
295
292
  AUTO_DETECTION_REQUESTED_SUCCESSFUL: "4",
296
293
  AUTO_DETECTION_REQUESTED_FAILED: "5",
297
294
  };
@@ -1371,7 +1368,6 @@ const rawMetdataJSON = {
1371
1368
  },
1372
1369
  },
1373
1370
  instanceDiscoveryMetadata: {
1374
- tenant_discovery_endpoint: "https://{canonicalAuthority}/v2.0/.well-known/openid-configuration",
1375
1371
  metadata: [
1376
1372
  {
1377
1373
  preferred_network: "login.microsoftonline.com",
@@ -3893,7 +3889,7 @@ class Logger {
3893
3889
 
3894
3890
  /* eslint-disable header/header */
3895
3891
  const name = "@azure/msal-common";
3896
- const version = "15.7.0";
3892
+ const version = "15.8.0";
3897
3893
 
3898
3894
  /*
3899
3895
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4466,13 +4462,13 @@ class AccountEntity {
4466
4462
  * Copyright (c) Microsoft Corporation. All rights reserved.
4467
4463
  * Licensed under the MIT License.
4468
4464
  */
4469
- const cacheQuotaExceededErrorCode = "cache_quota_exceeded";
4470
- const cacheUnknownErrorCode = "cache_error_unknown";
4465
+ const cacheQuotaExceeded = "cache_quota_exceeded";
4466
+ const cacheErrorUnknown = "cache_error_unknown";
4471
4467
 
4472
4468
  var CacheErrorCodes = /*#__PURE__*/Object.freeze({
4473
4469
  __proto__: null,
4474
- cacheQuotaExceededErrorCode: cacheQuotaExceededErrorCode,
4475
- cacheUnknownErrorCode: cacheUnknownErrorCode
4470
+ cacheErrorUnknown: cacheErrorUnknown,
4471
+ cacheQuotaExceeded: cacheQuotaExceeded
4476
4472
  });
4477
4473
 
4478
4474
  /*
@@ -4480,24 +4476,42 @@ var CacheErrorCodes = /*#__PURE__*/Object.freeze({
4480
4476
  * Licensed under the MIT License.
4481
4477
  */
4482
4478
  const CacheErrorMessages = {
4483
- [cacheQuotaExceededErrorCode]: "Exceeded cache storage capacity.",
4484
- [cacheUnknownErrorCode]: "Unexpected error occurred when using cache storage.",
4479
+ [cacheQuotaExceeded]: "Exceeded cache storage capacity.",
4480
+ [cacheErrorUnknown]: "Unexpected error occurred when using cache storage.",
4485
4481
  };
4486
4482
  /**
4487
4483
  * Error thrown when there is an error with the cache
4488
4484
  */
4489
- class CacheError extends Error {
4485
+ class CacheError extends AuthError {
4490
4486
  constructor(errorCode, errorMessage) {
4491
4487
  const message = errorMessage ||
4492
4488
  (CacheErrorMessages[errorCode]
4493
4489
  ? CacheErrorMessages[errorCode]
4494
- : CacheErrorMessages[cacheUnknownErrorCode]);
4490
+ : CacheErrorMessages[cacheErrorUnknown]);
4495
4491
  super(`${errorCode}: ${message}`);
4496
4492
  Object.setPrototypeOf(this, CacheError.prototype);
4497
4493
  this.name = "CacheError";
4498
4494
  this.errorCode = errorCode;
4499
4495
  this.errorMessage = message;
4500
4496
  }
4497
+ }
4498
+ /**
4499
+ * Helper function to wrap browser errors in a CacheError object
4500
+ * @param e
4501
+ * @returns
4502
+ */
4503
+ function createCacheError(e) {
4504
+ if (!(e instanceof Error)) {
4505
+ return new CacheError(cacheErrorUnknown);
4506
+ }
4507
+ if (e.name === "QuotaExceededError" ||
4508
+ e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
4509
+ e.message.includes("exceeded the quota")) {
4510
+ return new CacheError(cacheQuotaExceeded);
4511
+ }
4512
+ else {
4513
+ return new CacheError(e.name, e.message);
4514
+ }
4501
4515
  }
4502
4516
 
4503
4517
  /*
@@ -4509,25 +4523,26 @@ class CacheError extends Error {
4509
4523
  * @internal
4510
4524
  */
4511
4525
  class CacheManager {
4512
- constructor(clientId, cryptoImpl, logger, staticAuthorityOptions) {
4526
+ constructor(clientId, cryptoImpl, logger, performanceClient, staticAuthorityOptions) {
4513
4527
  this.clientId = clientId;
4514
4528
  this.cryptoImpl = cryptoImpl;
4515
4529
  this.commonLogger = logger.clone(name, version);
4516
4530
  this.staticAuthorityOptions = staticAuthorityOptions;
4531
+ this.performanceClient = performanceClient;
4517
4532
  }
4518
4533
  /**
4519
4534
  * Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned.
4520
4535
  * @param accountFilter - (Optional) filter to narrow down the accounts returned
4521
4536
  * @returns Array of AccountInfo objects in cache
4522
4537
  */
4523
- getAllAccounts(accountFilter) {
4524
- return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter || {}), accountFilter);
4538
+ getAllAccounts(accountFilter, correlationId) {
4539
+ return this.buildTenantProfiles(this.getAccountsFilteredBy(accountFilter, correlationId), correlationId, accountFilter);
4525
4540
  }
4526
4541
  /**
4527
4542
  * Gets first tenanted AccountInfo object found based on provided filters
4528
4543
  */
4529
- getAccountInfoFilteredBy(accountFilter) {
4530
- const allAccounts = this.getAllAccounts(accountFilter);
4544
+ getAccountInfoFilteredBy(accountFilter, correlationId) {
4545
+ const allAccounts = this.getAllAccounts(accountFilter, correlationId);
4531
4546
  if (allAccounts.length > 1) {
4532
4547
  // If one or more accounts are found, prioritize accounts that have an ID token
4533
4548
  const sortedAccounts = allAccounts.sort((account) => {
@@ -4548,8 +4563,8 @@ class CacheManager {
4548
4563
  * @param accountFilter
4549
4564
  * @returns
4550
4565
  */
4551
- getBaseAccountInfo(accountFilter) {
4552
- const accountEntities = this.getAccountsFilteredBy(accountFilter);
4566
+ getBaseAccountInfo(accountFilter, correlationId) {
4567
+ const accountEntities = this.getAccountsFilteredBy(accountFilter, correlationId);
4553
4568
  if (accountEntities.length > 0) {
4554
4569
  return accountEntities[0].getAccountInfo();
4555
4570
  }
@@ -4564,12 +4579,12 @@ class CacheManager {
4564
4579
  * @param accountFilter
4565
4580
  * @returns Array of AccountInfo objects that match account and tenant profile filters
4566
4581
  */
4567
- buildTenantProfiles(cachedAccounts, accountFilter) {
4582
+ buildTenantProfiles(cachedAccounts, correlationId, accountFilter) {
4568
4583
  return cachedAccounts.flatMap((accountEntity) => {
4569
- return this.getTenantProfilesFromAccountEntity(accountEntity, accountFilter?.tenantId, accountFilter);
4584
+ return this.getTenantProfilesFromAccountEntity(accountEntity, correlationId, accountFilter?.tenantId, accountFilter);
4570
4585
  });
4571
4586
  }
4572
- getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter) {
4587
+ getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter) {
4573
4588
  let tenantedAccountInfo = null;
4574
4589
  let idTokenClaims;
4575
4590
  if (tenantProfileFilter) {
@@ -4577,7 +4592,7 @@ class CacheManager {
4577
4592
  return null;
4578
4593
  }
4579
4594
  }
4580
- const idToken = this.getIdToken(accountInfo, tokenKeys, tenantProfile.tenantId);
4595
+ const idToken = this.getIdToken(accountInfo, correlationId, tokenKeys, tenantProfile.tenantId);
4581
4596
  if (idToken) {
4582
4597
  idTokenClaims = extractTokenClaims(idToken.secret, this.cryptoImpl.base64Decode);
4583
4598
  if (!this.idTokenClaimsMatchTenantProfileFilter(idTokenClaims, tenantProfileFilter)) {
@@ -4589,7 +4604,7 @@ class CacheManager {
4589
4604
  tenantedAccountInfo = updateAccountTenantProfileData(accountInfo, tenantProfile, idTokenClaims, idToken?.secret);
4590
4605
  return tenantedAccountInfo;
4591
4606
  }
4592
- getTenantProfilesFromAccountEntity(accountEntity, targetTenantId, tenantProfileFilter) {
4607
+ getTenantProfilesFromAccountEntity(accountEntity, correlationId, targetTenantId, tenantProfileFilter) {
4593
4608
  const accountInfo = accountEntity.getAccountInfo();
4594
4609
  let searchTenantProfiles = accountInfo.tenantProfiles || new Map();
4595
4610
  const tokenKeys = this.getTokenKeys();
@@ -4609,7 +4624,7 @@ class CacheManager {
4609
4624
  }
4610
4625
  const matchingTenantProfiles = [];
4611
4626
  searchTenantProfiles.forEach((tenantProfile) => {
4612
- const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, tenantProfileFilter);
4627
+ const tenantedAccountInfo = this.getTenantedAccountInfoByFilter(accountInfo, tokenKeys, tenantProfile, correlationId, tenantProfileFilter);
4613
4628
  if (tenantedAccountInfo) {
4614
4629
  matchingTenantProfiles.push(tenantedAccountInfo);
4615
4630
  }
@@ -4683,26 +4698,16 @@ class CacheManager {
4683
4698
  await this.setRefreshTokenCredential(cacheRecord.refreshToken, correlationId);
4684
4699
  }
4685
4700
  if (!!cacheRecord.appMetadata) {
4686
- this.setAppMetadata(cacheRecord.appMetadata);
4701
+ this.setAppMetadata(cacheRecord.appMetadata, correlationId);
4687
4702
  }
4688
4703
  }
4689
4704
  catch (e) {
4690
4705
  this.commonLogger?.error(`CacheManager.saveCacheRecord: failed`);
4691
- if (e instanceof Error) {
4692
- this.commonLogger?.errorPii(`CacheManager.saveCacheRecord: ${e.message}`, correlationId);
4693
- if (e.name === "QuotaExceededError" ||
4694
- e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
4695
- e.message.includes("exceeded the quota")) {
4696
- this.commonLogger?.error(`CacheManager.saveCacheRecord: exceeded storage quota`, correlationId);
4697
- throw new CacheError(cacheQuotaExceededErrorCode);
4698
- }
4699
- else {
4700
- throw new CacheError(e.name, e.message);
4701
- }
4706
+ if (e instanceof AuthError) {
4707
+ throw e;
4702
4708
  }
4703
4709
  else {
4704
- this.commonLogger?.errorPii(`CacheManager.saveCacheRecord: ${e}`, correlationId);
4705
- throw new CacheError(cacheUnknownErrorCode);
4710
+ throw createCacheError(e);
4706
4711
  }
4707
4712
  }
4708
4713
  }
@@ -4722,21 +4727,19 @@ class CacheManager {
4722
4727
  };
4723
4728
  const tokenKeys = this.getTokenKeys();
4724
4729
  const currentScopes = ScopeSet.fromString(credential.target);
4725
- const removedAccessTokens = [];
4726
4730
  tokenKeys.accessToken.forEach((key) => {
4727
4731
  if (!this.accessTokenKeyMatchesFilter(key, accessTokenFilter, false)) {
4728
4732
  return;
4729
4733
  }
4730
- const tokenEntity = this.getAccessTokenCredential(key);
4734
+ const tokenEntity = this.getAccessTokenCredential(key, correlationId);
4731
4735
  if (tokenEntity &&
4732
4736
  this.credentialMatchesFilter(tokenEntity, accessTokenFilter)) {
4733
4737
  const tokenScopeSet = ScopeSet.fromString(tokenEntity.target);
4734
4738
  if (tokenScopeSet.intersectingScopeSets(currentScopes)) {
4735
- removedAccessTokens.push(this.removeAccessToken(key));
4739
+ this.removeAccessToken(key, correlationId);
4736
4740
  }
4737
4741
  }
4738
4742
  });
4739
- await Promise.all(removedAccessTokens);
4740
4743
  await this.setAccessTokenCredential(credential, correlationId);
4741
4744
  }
4742
4745
  /**
@@ -4744,7 +4747,7 @@ class CacheManager {
4744
4747
  * Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared
4745
4748
  * @param accountFilter - An object containing Account properties to filter by
4746
4749
  */
4747
- getAccountsFilteredBy(accountFilter) {
4750
+ getAccountsFilteredBy(accountFilter, correlationId) {
4748
4751
  const allAccountKeys = this.getAccountKeys();
4749
4752
  const matchingAccounts = [];
4750
4753
  allAccountKeys.forEach((cacheKey) => {
@@ -4752,7 +4755,7 @@ class CacheManager {
4752
4755
  // Don't parse value if the key doesn't match the account filters
4753
4756
  return;
4754
4757
  }
4755
- const entity = this.getAccount(cacheKey, this.commonLogger);
4758
+ const entity = this.getAccount(cacheKey, correlationId);
4756
4759
  // Match base account fields
4757
4760
  if (!entity) {
4758
4761
  return;
@@ -4978,86 +4981,80 @@ class CacheManager {
4978
4981
  /**
4979
4982
  * Removes all accounts and related tokens from cache.
4980
4983
  */
4981
- async removeAllAccounts() {
4984
+ removeAllAccounts(correlationId) {
4982
4985
  const allAccountKeys = this.getAccountKeys();
4983
- const removedAccounts = [];
4984
4986
  allAccountKeys.forEach((cacheKey) => {
4985
- removedAccounts.push(this.removeAccount(cacheKey));
4987
+ this.removeAccount(cacheKey, correlationId);
4986
4988
  });
4987
- await Promise.all(removedAccounts);
4988
4989
  }
4989
4990
  /**
4990
4991
  * Removes the account and related tokens for a given account key
4991
4992
  * @param account
4992
4993
  */
4993
- async removeAccount(accountKey) {
4994
- const account = this.getAccount(accountKey, this.commonLogger);
4994
+ removeAccount(accountKey, correlationId) {
4995
+ const account = this.getAccount(accountKey, correlationId);
4995
4996
  if (!account) {
4996
4997
  return;
4997
4998
  }
4998
- await this.removeAccountContext(account);
4999
- this.removeItem(accountKey);
4999
+ this.removeAccountContext(account, correlationId);
5000
+ this.removeItem(accountKey, correlationId);
5000
5001
  }
5001
5002
  /**
5002
5003
  * Removes credentials associated with the provided account
5003
5004
  * @param account
5004
5005
  */
5005
- async removeAccountContext(account) {
5006
+ removeAccountContext(account, correlationId) {
5006
5007
  const allTokenKeys = this.getTokenKeys();
5007
5008
  const accountId = account.generateAccountId();
5008
- const removedCredentials = [];
5009
5009
  allTokenKeys.idToken.forEach((key) => {
5010
5010
  if (key.indexOf(accountId) === 0) {
5011
- this.removeIdToken(key);
5011
+ this.removeIdToken(key, correlationId);
5012
5012
  }
5013
5013
  });
5014
5014
  allTokenKeys.accessToken.forEach((key) => {
5015
5015
  if (key.indexOf(accountId) === 0) {
5016
- removedCredentials.push(this.removeAccessToken(key));
5016
+ this.removeAccessToken(key, correlationId);
5017
5017
  }
5018
5018
  });
5019
5019
  allTokenKeys.refreshToken.forEach((key) => {
5020
5020
  if (key.indexOf(accountId) === 0) {
5021
- this.removeRefreshToken(key);
5021
+ this.removeRefreshToken(key, correlationId);
5022
5022
  }
5023
5023
  });
5024
- await Promise.all(removedCredentials);
5025
5024
  }
5026
5025
  /**
5027
- * returns a boolean if the given credential is removed
5028
- * @param credential
5029
- */
5030
- async removeAccessToken(key) {
5031
- const credential = this.getAccessTokenCredential(key);
5032
- if (!credential) {
5026
+ * Removes accessToken from the cache
5027
+ * @param key
5028
+ * @param correlationId
5029
+ */
5030
+ removeAccessToken(key, correlationId) {
5031
+ const credential = this.getAccessTokenCredential(key, correlationId);
5032
+ this.removeItem(key, correlationId);
5033
+ this.performanceClient.incrementFields({ accessTokensRemoved: 1 }, correlationId);
5034
+ if (!credential ||
5035
+ credential.credentialType.toLowerCase() !==
5036
+ CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
5037
+ credential.tokenType !== AuthenticationScheme.POP) {
5038
+ // If the credential is not a PoP token, we can return
5033
5039
  return;
5034
5040
  }
5035
5041
  // Remove Token Binding Key from key store for PoP Tokens Credentials
5036
- if (credential.credentialType.toLowerCase() ===
5037
- CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()) {
5038
- if (credential.tokenType === AuthenticationScheme.POP) {
5039
- const accessTokenWithAuthSchemeEntity = credential;
5040
- const kid = accessTokenWithAuthSchemeEntity.keyId;
5041
- if (kid) {
5042
- try {
5043
- await this.cryptoImpl.removeTokenBindingKey(kid);
5044
- }
5045
- catch (error) {
5046
- throw createClientAuthError(bindingKeyNotRemoved);
5047
- }
5048
- }
5049
- }
5042
+ const kid = credential.keyId;
5043
+ if (kid) {
5044
+ void this.cryptoImpl.removeTokenBindingKey(kid).catch(() => {
5045
+ this.commonLogger.error(`Failed to remove token binding key ${kid}`, correlationId);
5046
+ this.performanceClient?.incrementFields({ removeTokenBindingKeyFailure: 1 }, correlationId);
5047
+ });
5050
5048
  }
5051
- return this.removeItem(key);
5052
5049
  }
5053
5050
  /**
5054
5051
  * Removes all app metadata objects from cache.
5055
5052
  */
5056
- removeAppMetadata() {
5053
+ removeAppMetadata(correlationId) {
5057
5054
  const allCacheKeys = this.getKeys();
5058
5055
  allCacheKeys.forEach((cacheKey) => {
5059
5056
  if (this.isAppMetadata(cacheKey)) {
5060
- this.removeItem(cacheKey);
5057
+ this.removeItem(cacheKey, correlationId);
5061
5058
  }
5062
5059
  });
5063
5060
  return true;
@@ -5066,9 +5063,9 @@ class CacheManager {
5066
5063
  * Retrieve AccountEntity from cache
5067
5064
  * @param account
5068
5065
  */
5069
- readAccountFromCache(account) {
5066
+ readAccountFromCache(account, correlationId) {
5070
5067
  const accountKey = AccountEntity.generateAccountCacheKey(account);
5071
- return this.getAccount(accountKey, this.commonLogger);
5068
+ return this.getAccount(accountKey, correlationId);
5072
5069
  }
5073
5070
  /**
5074
5071
  * Retrieve IdTokenEntity from cache
@@ -5078,7 +5075,7 @@ class CacheManager {
5078
5075
  * @param performanceClient {?IPerformanceClient}
5079
5076
  * @param correlationId {?string}
5080
5077
  */
5081
- getIdToken(account, tokenKeys, targetRealm, performanceClient, correlationId) {
5078
+ getIdToken(account, correlationId, tokenKeys, targetRealm, performanceClient) {
5082
5079
  this.commonLogger.trace("CacheManager - getIdToken called");
5083
5080
  const idTokenFilter = {
5084
5081
  homeAccountId: account.homeAccountId,
@@ -5087,7 +5084,7 @@ class CacheManager {
5087
5084
  clientId: this.clientId,
5088
5085
  realm: targetRealm,
5089
5086
  };
5090
- const idTokenMap = this.getIdTokensByFilter(idTokenFilter, tokenKeys);
5087
+ const idTokenMap = this.getIdTokensByFilter(idTokenFilter, correlationId, tokenKeys);
5091
5088
  const numIdTokens = idTokenMap.size;
5092
5089
  if (numIdTokens < 1) {
5093
5090
  this.commonLogger.info("CacheManager:getIdToken - No token found");
@@ -5120,7 +5117,7 @@ class CacheManager {
5120
5117
  // Multiple tokens for a single tenant profile, remove all and return null
5121
5118
  this.commonLogger.info("CacheManager:getIdToken - Multiple matching ID tokens found, clearing them");
5122
5119
  tokensToBeRemoved.forEach((idToken, key) => {
5123
- this.removeIdToken(key);
5120
+ this.removeIdToken(key, correlationId);
5124
5121
  });
5125
5122
  if (performanceClient && correlationId) {
5126
5123
  performanceClient.addFields({ multiMatchedID: idTokenMap.size }, correlationId);
@@ -5135,7 +5132,7 @@ class CacheManager {
5135
5132
  * @param filter
5136
5133
  * @returns
5137
5134
  */
5138
- getIdTokensByFilter(filter, tokenKeys) {
5135
+ getIdTokensByFilter(filter, correlationId, tokenKeys) {
5139
5136
  const idTokenKeys = (tokenKeys && tokenKeys.idToken) || this.getTokenKeys().idToken;
5140
5137
  const idTokens = new Map();
5141
5138
  idTokenKeys.forEach((key) => {
@@ -5145,7 +5142,7 @@ class CacheManager {
5145
5142
  })) {
5146
5143
  return;
5147
5144
  }
5148
- const idToken = this.getIdTokenCredential(key);
5145
+ const idToken = this.getIdTokenCredential(key, correlationId);
5149
5146
  if (idToken && this.credentialMatchesFilter(idToken, filter)) {
5150
5147
  idTokens.set(key, idToken);
5151
5148
  }
@@ -5174,26 +5171,27 @@ class CacheManager {
5174
5171
  * Removes idToken from the cache
5175
5172
  * @param key
5176
5173
  */
5177
- removeIdToken(key) {
5178
- this.removeItem(key);
5174
+ removeIdToken(key, correlationId) {
5175
+ this.removeItem(key, correlationId);
5179
5176
  }
5180
5177
  /**
5181
5178
  * Removes refresh token from the cache
5182
5179
  * @param key
5183
5180
  */
5184
- removeRefreshToken(key) {
5185
- this.removeItem(key);
5181
+ removeRefreshToken(key, correlationId) {
5182
+ this.removeItem(key, correlationId);
5186
5183
  }
5187
5184
  /**
5188
5185
  * Retrieve AccessTokenEntity from cache
5189
5186
  * @param account {AccountInfo}
5190
5187
  * @param request {BaseAuthRequest}
5188
+ * @param correlationId {?string}
5191
5189
  * @param tokenKeys {?TokenKeys}
5192
5190
  * @param performanceClient {?IPerformanceClient}
5193
- * @param correlationId {?string}
5194
5191
  */
5195
- getAccessToken(account, request, tokenKeys, targetRealm, performanceClient, correlationId) {
5196
- this.commonLogger.trace("CacheManager - getAccessToken called");
5192
+ getAccessToken(account, request, tokenKeys, targetRealm) {
5193
+ const correlationId = request.correlationId;
5194
+ this.commonLogger.trace("CacheManager - getAccessToken called", correlationId);
5197
5195
  const scopes = ScopeSet.createSearchScopes(request.scopes);
5198
5196
  const authScheme = request.authenticationScheme || AuthenticationScheme.BEARER;
5199
5197
  /*
@@ -5222,7 +5220,7 @@ class CacheManager {
5222
5220
  accessTokenKeys.forEach((key) => {
5223
5221
  // Validate key
5224
5222
  if (this.accessTokenKeyMatchesFilter(key, accessTokenFilter, true)) {
5225
- const accessToken = this.getAccessTokenCredential(key);
5223
+ const accessToken = this.getAccessTokenCredential(key, correlationId);
5226
5224
  // Validate value
5227
5225
  if (accessToken &&
5228
5226
  this.credentialMatchesFilter(accessToken, accessTokenFilter)) {
@@ -5232,20 +5230,18 @@ class CacheManager {
5232
5230
  });
5233
5231
  const numAccessTokens = accessTokens.length;
5234
5232
  if (numAccessTokens < 1) {
5235
- this.commonLogger.info("CacheManager:getAccessToken - No token found");
5233
+ this.commonLogger.info("CacheManager:getAccessToken - No token found", correlationId);
5236
5234
  return null;
5237
5235
  }
5238
5236
  else if (numAccessTokens > 1) {
5239
- this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them");
5237
+ this.commonLogger.info("CacheManager:getAccessToken - Multiple access tokens found, clearing them", correlationId);
5240
5238
  accessTokens.forEach((accessToken) => {
5241
- void this.removeAccessToken(generateCredentialKey(accessToken));
5239
+ this.removeAccessToken(generateCredentialKey(accessToken), correlationId);
5242
5240
  });
5243
- if (performanceClient && correlationId) {
5244
- performanceClient.addFields({ multiMatchedAT: accessTokens.length }, correlationId);
5245
- }
5241
+ this.performanceClient.addFields({ multiMatchedAT: accessTokens.length }, correlationId);
5246
5242
  return null;
5247
5243
  }
5248
- this.commonLogger.info("CacheManager:getAccessToken - Returning access token");
5244
+ this.commonLogger.info("CacheManager:getAccessToken - Returning access token", correlationId);
5249
5245
  return accessTokens[0];
5250
5246
  }
5251
5247
  /**
@@ -5294,14 +5290,14 @@ class CacheManager {
5294
5290
  * @param filter
5295
5291
  * @returns
5296
5292
  */
5297
- getAccessTokensByFilter(filter) {
5293
+ getAccessTokensByFilter(filter, correlationId) {
5298
5294
  const tokenKeys = this.getTokenKeys();
5299
5295
  const accessTokens = [];
5300
5296
  tokenKeys.accessToken.forEach((key) => {
5301
5297
  if (!this.accessTokenKeyMatchesFilter(key, filter, true)) {
5302
5298
  return;
5303
5299
  }
5304
- const accessToken = this.getAccessTokenCredential(key);
5300
+ const accessToken = this.getAccessTokenCredential(key, correlationId);
5305
5301
  if (accessToken &&
5306
5302
  this.credentialMatchesFilter(accessToken, filter)) {
5307
5303
  accessTokens.push(accessToken);
@@ -5313,11 +5309,11 @@ class CacheManager {
5313
5309
  * Helper to retrieve the appropriate refresh token from cache
5314
5310
  * @param account {AccountInfo}
5315
5311
  * @param familyRT {boolean}
5312
+ * @param correlationId {?string}
5316
5313
  * @param tokenKeys {?TokenKeys}
5317
5314
  * @param performanceClient {?IPerformanceClient}
5318
- * @param correlationId {?string}
5319
5315
  */
5320
- getRefreshToken(account, familyRT, tokenKeys, performanceClient, correlationId) {
5316
+ getRefreshToken(account, familyRT, correlationId, tokenKeys, performanceClient) {
5321
5317
  this.commonLogger.trace("CacheManager - getRefreshToken called");
5322
5318
  const id = familyRT ? THE_FAMILY_ID : undefined;
5323
5319
  const refreshTokenFilter = {
@@ -5333,7 +5329,7 @@ class CacheManager {
5333
5329
  refreshTokenKeys.forEach((key) => {
5334
5330
  // Validate key
5335
5331
  if (this.refreshTokenKeyMatchesFilter(key, refreshTokenFilter)) {
5336
- const refreshToken = this.getRefreshTokenCredential(key);
5332
+ const refreshToken = this.getRefreshTokenCredential(key, correlationId);
5337
5333
  // Validate value
5338
5334
  if (refreshToken &&
5339
5335
  this.credentialMatchesFilter(refreshToken, refreshTokenFilter)) {
@@ -5683,6 +5679,83 @@ class DefaultStorageClass extends CacheManager {
5683
5679
  }
5684
5680
  }
5685
5681
 
5682
+ /*
5683
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5684
+ * Licensed under the MIT License.
5685
+ */
5686
+ class StubPerformanceMeasurement {
5687
+ startMeasurement() {
5688
+ return;
5689
+ }
5690
+ endMeasurement() {
5691
+ return;
5692
+ }
5693
+ flushMeasurement() {
5694
+ return null;
5695
+ }
5696
+ }
5697
+ class StubPerformanceClient {
5698
+ generateId() {
5699
+ return "callback-id";
5700
+ }
5701
+ startMeasurement(measureName, correlationId) {
5702
+ return {
5703
+ end: () => null,
5704
+ discard: () => { },
5705
+ add: () => { },
5706
+ increment: () => { },
5707
+ event: {
5708
+ eventId: this.generateId(),
5709
+ status: PerformanceEventStatus.InProgress,
5710
+ authority: "",
5711
+ libraryName: "",
5712
+ libraryVersion: "",
5713
+ clientId: "",
5714
+ name: measureName,
5715
+ startTimeMs: Date.now(),
5716
+ correlationId: correlationId || "",
5717
+ },
5718
+ measurement: new StubPerformanceMeasurement(),
5719
+ };
5720
+ }
5721
+ startPerformanceMeasurement() {
5722
+ return new StubPerformanceMeasurement();
5723
+ }
5724
+ calculateQueuedTime() {
5725
+ return 0;
5726
+ }
5727
+ addQueueMeasurement() {
5728
+ return;
5729
+ }
5730
+ setPreQueueTime() {
5731
+ return;
5732
+ }
5733
+ endMeasurement() {
5734
+ return null;
5735
+ }
5736
+ discardMeasurements() {
5737
+ return;
5738
+ }
5739
+ removePerformanceCallback() {
5740
+ return true;
5741
+ }
5742
+ addPerformanceCallback() {
5743
+ return "";
5744
+ }
5745
+ emitEvents() {
5746
+ return;
5747
+ }
5748
+ addFields() {
5749
+ return;
5750
+ }
5751
+ incrementFields() {
5752
+ return;
5753
+ }
5754
+ cacheEventByCorrelationId() {
5755
+ return;
5756
+ }
5757
+ }
5758
+
5686
5759
  /*
5687
5760
  * Copyright (c) Microsoft Corporation. All rights reserved.
5688
5761
  * Licensed under the MIT License.
@@ -5748,7 +5821,7 @@ function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions:
5748
5821
  loggerOptions: loggerOptions,
5749
5822
  cacheOptions: { ...DEFAULT_CACHE_OPTIONS, ...userCacheOptions },
5750
5823
  storageInterface: storageImplementation ||
5751
- new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION, new Logger(loggerOptions)),
5824
+ new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION, new Logger(loggerOptions), new StubPerformanceClient()),
5752
5825
  networkInterface: networkImplementation || DEFAULT_NETWORK_IMPLEMENTATION,
5753
5826
  cryptoInterface: cryptoImplementation || DEFAULT_CRYPTO_IMPLEMENTATION,
5754
5827
  clientCredentials: clientCredentials || DEFAULT_CLIENT_CREDENTIALS,
@@ -6295,12 +6368,12 @@ class ThrottlingUtils {
6295
6368
  * @param cacheManager
6296
6369
  * @param thumbprint
6297
6370
  */
6298
- static preProcess(cacheManager, thumbprint) {
6371
+ static preProcess(cacheManager, thumbprint, correlationId) {
6299
6372
  const key = ThrottlingUtils.generateThrottlingStorageKey(thumbprint);
6300
6373
  const value = cacheManager.getThrottlingCache(key);
6301
6374
  if (value) {
6302
6375
  if (value.throttleTime < Date.now()) {
6303
- cacheManager.removeItem(key);
6376
+ cacheManager.removeItem(key, correlationId);
6304
6377
  return;
6305
6378
  }
6306
6379
  throw new ServerError(value.errorCodes?.join(" ") || Constants.EMPTY_STRING, value.errorMessage, value.subError);
@@ -6312,7 +6385,7 @@ class ThrottlingUtils {
6312
6385
  * @param thumbprint
6313
6386
  * @param response
6314
6387
  */
6315
- static postProcess(cacheManager, thumbprint, response) {
6388
+ static postProcess(cacheManager, thumbprint, response, correlationId) {
6316
6389
  if (ThrottlingUtils.checkResponseStatus(response) ||
6317
6390
  ThrottlingUtils.checkResponseForRetryAfter(response)) {
6318
6391
  const thumbprintValue = {
@@ -6322,7 +6395,7 @@ class ThrottlingUtils {
6322
6395
  errorMessage: response.body.error_description,
6323
6396
  subError: response.body.suberror,
6324
6397
  };
6325
- cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue);
6398
+ cacheManager.setThrottlingCache(ThrottlingUtils.generateThrottlingStorageKey(thumbprint), thumbprintValue, correlationId);
6326
6399
  }
6327
6400
  }
6328
6401
  /**
@@ -6358,7 +6431,7 @@ class ThrottlingUtils {
6358
6431
  static removeThrottle(cacheManager, clientId, request, homeAccountIdentifier) {
6359
6432
  const thumbprint = getRequestThumbprint(clientId, request, homeAccountIdentifier);
6360
6433
  const key = this.generateThrottlingStorageKey(thumbprint);
6361
- cacheManager.removeItem(key);
6434
+ cacheManager.removeItem(key, request.correlationId);
6362
6435
  }
6363
6436
  }
6364
6437
 
@@ -6471,7 +6544,7 @@ class BaseClient {
6471
6544
  * @param correlationId - CorrelationId for telemetry
6472
6545
  */
6473
6546
  async sendPostRequest(thumbprint, tokenEndpoint, options, correlationId) {
6474
- ThrottlingUtils.preProcess(this.cacheManager, thumbprint);
6547
+ ThrottlingUtils.preProcess(this.cacheManager, thumbprint, correlationId);
6475
6548
  let response;
6476
6549
  try {
6477
6550
  response = await invokeAsync((this.networkClient.sendPostRequestAsync.bind(this.networkClient)), PerformanceEvents.NetworkClientSendPostRequestAsync, this.logger, this.performanceClient, correlationId)(tokenEndpoint, options);
@@ -6506,7 +6579,7 @@ class BaseClient {
6506
6579
  throw createClientAuthError(networkError);
6507
6580
  }
6508
6581
  }
6509
- ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response);
6582
+ ThrottlingUtils.postProcess(this.cacheManager, thumbprint, response, correlationId);
6510
6583
  return response;
6511
6584
  }
6512
6585
  /**
@@ -6545,6 +6618,7 @@ class BaseClient {
6545
6618
  const noTokensFound = "no_tokens_found";
6546
6619
  const nativeAccountUnavailable = "native_account_unavailable";
6547
6620
  const refreshTokenExpired = "refresh_token_expired";
6621
+ const uxNotAllowed = "ux_not_allowed";
6548
6622
  // Codes potentially returned by server
6549
6623
  const interactionRequired = "interaction_required";
6550
6624
  const consentRequired = "consent_required";
@@ -6559,7 +6633,8 @@ var InteractionRequiredAuthErrorCodes = /*#__PURE__*/Object.freeze({
6559
6633
  loginRequired: loginRequired,
6560
6634
  nativeAccountUnavailable: nativeAccountUnavailable,
6561
6635
  noTokensFound: noTokensFound,
6562
- refreshTokenExpired: refreshTokenExpired
6636
+ refreshTokenExpired: refreshTokenExpired,
6637
+ uxNotAllowed: uxNotAllowed
6563
6638
  });
6564
6639
 
6565
6640
  /*
@@ -6574,6 +6649,7 @@ const InteractionRequiredServerErrorMessage = [
6574
6649
  consentRequired,
6575
6650
  loginRequired,
6576
6651
  badToken,
6652
+ uxNotAllowed,
6577
6653
  ];
6578
6654
  const InteractionRequiredAuthSubErrorMessage = [
6579
6655
  "message_only",
@@ -6588,6 +6664,7 @@ const InteractionRequiredAuthErrorMessages = {
6588
6664
  [nativeAccountUnavailable]: "The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",
6589
6665
  [refreshTokenExpired]: "Refresh token has expired.",
6590
6666
  [badToken]: "Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",
6667
+ [uxNotAllowed]: "`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve.",
6591
6668
  };
6592
6669
  /**
6593
6670
  * Interaction required errors defined by the SDK
@@ -6723,9 +6800,7 @@ class ProtocolUtils {
6723
6800
  * Licensed under the MIT License.
6724
6801
  */
6725
6802
  const KeyLocation = {
6726
- SW: "sw",
6727
- UHW: "uhw",
6728
- };
6803
+ SW: "sw"};
6729
6804
  /** @internal */
6730
6805
  class PopTokenGenerator {
6731
6806
  constructor(cryptoUtils, performanceClient) {
@@ -6937,7 +7012,7 @@ class ResponseHandler {
6937
7012
  !forceCacheRefreshTokenResponse &&
6938
7013
  cacheRecord.account) {
6939
7014
  const key = cacheRecord.account.generateAccountKey();
6940
- const account = this.cacheStorage.getAccount(key);
7015
+ const account = this.cacheStorage.getAccount(key, request.correlationId);
6941
7016
  if (!account) {
6942
7017
  this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache");
6943
7018
  return await ResponseHandler.generateAuthenticationResult(this.cryptoObj, authority, cacheRecord, false, request, idTokenClaims, requestStateObj, undefined, serverRequestId);
@@ -6972,7 +7047,7 @@ class ResponseHandler {
6972
7047
  let cachedAccount;
6973
7048
  if (serverTokenResponse.id_token && !!idTokenClaims) {
6974
7049
  cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
6975
- cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
7050
+ cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
6976
7051
  this.logger);
6977
7052
  }
6978
7053
  // AccessToken
@@ -7121,7 +7196,7 @@ class ResponseHandler {
7121
7196
  };
7122
7197
  }
7123
7198
  }
7124
- function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
7199
+ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
7125
7200
  logger?.verbose("setCachedAccount called");
7126
7201
  // Check if base account is already cached
7127
7202
  const accountKeys = cacheStorage.getAccountKeys();
@@ -7130,7 +7205,7 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7130
7205
  });
7131
7206
  let cachedAccount = null;
7132
7207
  if (baseAccountKey) {
7133
- cachedAccount = cacheStorage.getAccount(baseAccountKey);
7208
+ cachedAccount = cacheStorage.getAccount(baseAccountKey, correlationId);
7134
7209
  }
7135
7210
  const baseAccount = cachedAccount ||
7136
7211
  AccountEntity.createAccount({
@@ -7544,7 +7619,7 @@ class RefreshTokenClient extends BaseClient {
7544
7619
  async acquireTokenWithCachedRefreshToken(request, foci) {
7545
7620
  this.performanceClient?.addQueueMeasurement(PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken, request.correlationId);
7546
7621
  // fetches family RT or application RT based on FOCI value
7547
- const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, undefined, this.performanceClient, request.correlationId);
7622
+ const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), PerformanceEvents.CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined, this.performanceClient);
7548
7623
  if (!refreshToken) {
7549
7624
  throw createInteractionRequiredAuthError(noTokensFound);
7550
7625
  }
@@ -7574,7 +7649,7 @@ class RefreshTokenClient extends BaseClient {
7574
7649
  // Remove bad refresh token from cache
7575
7650
  this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");
7576
7651
  const badRefreshTokenKey = generateCredentialKey(refreshToken);
7577
- this.cacheManager.removeRefreshToken(badRefreshTokenKey);
7652
+ this.cacheManager.removeRefreshToken(badRefreshTokenKey, request.correlationId);
7578
7653
  }
7579
7654
  }
7580
7655
  throw e;
@@ -7710,7 +7785,7 @@ class SilentFlowClient extends BaseClient {
7710
7785
  const requestTenantId = request.account.tenantId ||
7711
7786
  getTenantFromAuthorityString(request.authority);
7712
7787
  const tokenKeys = this.cacheManager.getTokenKeys();
7713
- const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId, this.performanceClient, request.correlationId);
7788
+ const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId);
7714
7789
  if (!cachedAccessToken) {
7715
7790
  // must refresh due to non-existent access_token
7716
7791
  this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
@@ -7730,9 +7805,9 @@ class SilentFlowClient extends BaseClient {
7730
7805
  }
7731
7806
  const environment = request.authority || this.authority.getPreferredCache();
7732
7807
  const cacheRecord = {
7733
- account: this.cacheManager.readAccountFromCache(request.account),
7808
+ account: this.cacheManager.readAccountFromCache(request.account, request.correlationId),
7734
7809
  accessToken: cachedAccessToken,
7735
- idToken: this.cacheManager.getIdToken(request.account, tokenKeys, requestTenantId, this.performanceClient, request.correlationId),
7810
+ idToken: this.cacheManager.getIdToken(request.account, request.correlationId, tokenKeys, requestTenantId, this.performanceClient),
7736
7811
  refreshToken: null,
7737
7812
  appMetadata: this.cacheManager.readAppMetadataFromCache(environment),
7738
7813
  };
@@ -8212,7 +8287,7 @@ class ServerTelemetryManager {
8212
8287
  else {
8213
8288
  lastRequests.errors.push(SERVER_TELEM_CONSTANTS.UNKNOWN_ERROR);
8214
8289
  }
8215
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
8290
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
8216
8291
  return;
8217
8292
  }
8218
8293
  /**
@@ -8221,7 +8296,7 @@ class ServerTelemetryManager {
8221
8296
  incrementCacheHits() {
8222
8297
  const lastRequests = this.getLastRequests();
8223
8298
  lastRequests.cacheHits += 1;
8224
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
8299
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
8225
8300
  return lastRequests.cacheHits;
8226
8301
  }
8227
8302
  /**
@@ -8245,7 +8320,7 @@ class ServerTelemetryManager {
8245
8320
  const errorCount = lastRequests.errors.length;
8246
8321
  if (numErrorsFlushed === errorCount) {
8247
8322
  // All errors were sent on last request, clear Telemetry cache
8248
- this.cacheManager.removeItem(this.telemetryCacheKey);
8323
+ this.cacheManager.removeItem(this.telemetryCacheKey, this.correlationId);
8249
8324
  }
8250
8325
  else {
8251
8326
  // Partial data was flushed to server, construct a new telemetry cache item with errors that were not flushed
@@ -8254,7 +8329,7 @@ class ServerTelemetryManager {
8254
8329
  errors: lastRequests.errors.slice(numErrorsFlushed),
8255
8330
  cacheHits: 0,
8256
8331
  };
8257
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity);
8332
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, serverTelemEntity, this.correlationId);
8258
8333
  }
8259
8334
  }
8260
8335
  /**
@@ -8321,7 +8396,7 @@ class ServerTelemetryManager {
8321
8396
  setNativeBrokerErrorCode(errorCode) {
8322
8397
  const lastRequests = this.getLastRequests();
8323
8398
  lastRequests.nativeBrokerErrorCode = errorCode;
8324
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
8399
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
8325
8400
  }
8326
8401
  getNativeBrokerErrorCode() {
8327
8402
  return this.getLastRequests().nativeBrokerErrorCode;
@@ -8329,7 +8404,7 @@ class ServerTelemetryManager {
8329
8404
  clearNativeBrokerErrorCode() {
8330
8405
  const lastRequests = this.getLastRequests();
8331
8406
  delete lastRequests.nativeBrokerErrorCode;
8332
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests);
8407
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
8333
8408
  }
8334
8409
  static makeExtraSkuString(params) {
8335
8410
  return makeExtraSkuString(params);
@@ -8409,6 +8484,8 @@ exports.ServerResponseType = ServerResponseType;
8409
8484
  exports.ServerTelemetryManager = ServerTelemetryManager;
8410
8485
  exports.SilentFlowClient = SilentFlowClient;
8411
8486
  exports.StringUtils = StringUtils;
8487
+ exports.StubPerformanceClient = StubPerformanceClient;
8488
+ exports.StubPerformanceMeasurement = StubPerformanceMeasurement;
8412
8489
  exports.StubbedNetworkModule = StubbedNetworkModule;
8413
8490
  exports.THE_FAMILY_ID = THE_FAMILY_ID;
8414
8491
  exports.ThrottlingConstants = ThrottlingConstants;
@@ -8423,6 +8500,7 @@ exports.buildClientInfoFromHomeAccountId = buildClientInfoFromHomeAccountId;
8423
8500
  exports.buildStaticAuthorityOptions = buildStaticAuthorityOptions;
8424
8501
  exports.buildTenantProfile = buildTenantProfile;
8425
8502
  exports.createAuthError = createAuthError;
8503
+ exports.createCacheError = createCacheError;
8426
8504
  exports.createClientAuthError = createClientAuthError;
8427
8505
  exports.createClientConfigurationError = createClientConfigurationError;
8428
8506
  exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
@@ -8436,4 +8514,4 @@ exports.invokeAsync = invokeAsync;
8436
8514
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
8437
8515
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
8438
8516
  exports.version = version;
8439
- //# sourceMappingURL=index-node-DNGOJ4N7.js.map
8517
+ //# sourceMappingURL=index-node-2PsHlOld.js.map