@azure/msal-common 15.7.1 → 15.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +1 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -2
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.d.ts +25 -23
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +64 -75
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +1 -0
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs.map +1 -1
- package/dist/cache/entities/CredentialEntity.d.ts +2 -0
- package/dist/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +12 -12
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +7 -6
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +4 -4
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +5 -5
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +3 -3
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +2 -2
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +2 -4
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.mjs +2 -2
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.d.ts +8 -1
- package/dist/error/CacheError.d.ts.map +1 -1
- package/dist/error/CacheError.mjs +26 -7
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.d.ts +2 -2
- package/dist/error/CacheErrorCodes.d.ts.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +4 -4
- package/dist/error/CacheErrorCodes.mjs.map +1 -1
- package/dist/error/ClientAuthError.mjs +2 -2
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.d.ts +0 -5
- package/dist/error/ClientConfigurationError.d.ts.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +2 -7
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +0 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +2 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +2 -2
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +2 -2
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +1 -1
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +2 -2
- package/dist/index-node.mjs +2 -2
- package/dist/index.mjs +2 -2
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.d.ts +2 -2
- package/dist/network/ThrottlingUtils.d.ts.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +6 -6
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +2 -2
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +2 -2
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +6 -6
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +7 -7
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -4
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +3 -2
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-B6ITzmFz.js → index-node-BCM1mkg5.js} +115 -183
- package/lib/index-node-BCM1mkg5.js.map +1 -0
- package/lib/index-node.cjs +3 -2
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -2
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +1 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +25 -23
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +1 -0
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +2 -0
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +12 -12
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/error/CacheError.d.ts +8 -1
- package/lib/types/error/CacheError.d.ts.map +1 -1
- package/lib/types/error/CacheErrorCodes.d.ts +2 -2
- package/lib/types/error/CacheErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +0 -5
- package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +0 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +1 -1
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/network/ThrottlingUtils.d.ts +2 -2
- package/lib/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/account/AccountInfo.ts +1 -0
- package/src/cache/CacheManager.ts +129 -98
- package/src/cache/entities/AccountEntity.ts +1 -0
- package/src/cache/entities/CredentialEntity.ts +2 -0
- package/src/cache/interface/ICacheManager.ts +30 -12
- package/src/client/AuthorizationCodeClient.ts +5 -2
- package/src/client/BaseClient.ts +11 -2
- package/src/client/RefreshTokenClient.ts +6 -3
- package/src/client/SilentFlowClient.ts +6 -3
- package/src/error/CacheError.ts +26 -5
- package/src/error/CacheErrorCodes.ts +2 -2
- package/src/error/ClientConfigurationError.ts +0 -8
- package/src/error/ClientConfigurationErrorCodes.ts +0 -1
- package/src/exports-common.ts +5 -1
- package/src/network/ThrottlingUtils.ts +8 -5
- package/src/packageMetadata.ts +1 -1
- package/src/response/ResponseHandler.ts +7 -2
- package/src/telemetry/server/ServerTelemetryManager.ts +14 -6
- package/dist/request/RequestValidator.d.ts +0 -28
- package/dist/request/RequestValidator.d.ts.map +0 -1
- package/dist/request/RequestValidator.mjs +0 -73
- package/dist/request/RequestValidator.mjs.map +0 -1
- package/lib/index-node-B6ITzmFz.js.map +0 -1
- package/lib/types/request/RequestValidator.d.ts +0 -28
- package/lib/types/request/RequestValidator.d.ts.map +0 -1
- package/src/request/RequestValidator.ts +0 -90
|
@@ -52,7 +52,8 @@ import { getAliasesFromStaticSources } from "../authority/AuthorityMetadata.js";
|
|
|
52
52
|
import { StaticAuthorityOptions } from "../authority/AuthorityOptions.js";
|
|
53
53
|
import { TokenClaims } from "../account/TokenClaims.js";
|
|
54
54
|
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
55
|
-
import {
|
|
55
|
+
import { createCacheError } from "../error/CacheError.js";
|
|
56
|
+
import { AuthError } from "../error/AuthError.js";
|
|
56
57
|
|
|
57
58
|
/**
|
|
58
59
|
* Interface class which implement cache storage functions used by MSAL to perform validity checks, and store tokens.
|
|
@@ -86,7 +87,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
86
87
|
*/
|
|
87
88
|
abstract getAccount(
|
|
88
89
|
accountKey: string,
|
|
89
|
-
|
|
90
|
+
correlationId: string
|
|
90
91
|
): AccountEntity | null;
|
|
91
92
|
|
|
92
93
|
/**
|
|
@@ -103,7 +104,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
103
104
|
* fetch the idToken entity from the platform cache
|
|
104
105
|
* @param idTokenKey
|
|
105
106
|
*/
|
|
106
|
-
abstract getIdTokenCredential(
|
|
107
|
+
abstract getIdTokenCredential(
|
|
108
|
+
idTokenKey: string,
|
|
109
|
+
correlationId: string
|
|
110
|
+
): IdTokenEntity | null;
|
|
107
111
|
|
|
108
112
|
/**
|
|
109
113
|
* set idToken entity to the platform cache
|
|
@@ -120,7 +124,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
120
124
|
* @param accessTokenKey
|
|
121
125
|
*/
|
|
122
126
|
abstract getAccessTokenCredential(
|
|
123
|
-
accessTokenKey: string
|
|
127
|
+
accessTokenKey: string,
|
|
128
|
+
correlationId: string
|
|
124
129
|
): AccessTokenEntity | null;
|
|
125
130
|
|
|
126
131
|
/**
|
|
@@ -138,7 +143,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
138
143
|
* @param refreshTokenKey
|
|
139
144
|
*/
|
|
140
145
|
abstract getRefreshTokenCredential(
|
|
141
|
-
refreshTokenKey: string
|
|
146
|
+
refreshTokenKey: string,
|
|
147
|
+
correlationId: string
|
|
142
148
|
): RefreshTokenEntity | null;
|
|
143
149
|
|
|
144
150
|
/**
|
|
@@ -161,7 +167,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
161
167
|
* set appMetadata entity to the platform cache
|
|
162
168
|
* @param appMetadata
|
|
163
169
|
*/
|
|
164
|
-
abstract setAppMetadata(
|
|
170
|
+
abstract setAppMetadata(
|
|
171
|
+
appMetadata: AppMetadataEntity,
|
|
172
|
+
correlationId: string
|
|
173
|
+
): void;
|
|
165
174
|
|
|
166
175
|
/**
|
|
167
176
|
* fetch server telemetry entity from the platform cache
|
|
@@ -178,7 +187,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
178
187
|
*/
|
|
179
188
|
abstract setServerTelemetry(
|
|
180
189
|
serverTelemetryKey: string,
|
|
181
|
-
serverTelemetry: ServerTelemetryEntity
|
|
190
|
+
serverTelemetry: ServerTelemetryEntity,
|
|
191
|
+
correlationId: string
|
|
182
192
|
): void;
|
|
183
193
|
|
|
184
194
|
/**
|
|
@@ -217,14 +227,15 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
217
227
|
*/
|
|
218
228
|
abstract setThrottlingCache(
|
|
219
229
|
throttlingCacheKey: string,
|
|
220
|
-
throttlingCache: ThrottlingEntity
|
|
230
|
+
throttlingCache: ThrottlingEntity,
|
|
231
|
+
correlationId: string
|
|
221
232
|
): void;
|
|
222
233
|
|
|
223
234
|
/**
|
|
224
235
|
* Function to remove an item from cache given its key.
|
|
225
236
|
* @param key
|
|
226
237
|
*/
|
|
227
|
-
abstract removeItem(key: string): void;
|
|
238
|
+
abstract removeItem(key: string, correlationId: string): void;
|
|
228
239
|
|
|
229
240
|
/**
|
|
230
241
|
* Function which retrieves all current keys from the cache.
|
|
@@ -246,9 +257,13 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
246
257
|
* @param accountFilter - (Optional) filter to narrow down the accounts returned
|
|
247
258
|
* @returns Array of AccountInfo objects in cache
|
|
248
259
|
*/
|
|
249
|
-
getAllAccounts(
|
|
260
|
+
getAllAccounts(
|
|
261
|
+
accountFilter: AccountFilter,
|
|
262
|
+
correlationId: string
|
|
263
|
+
): AccountInfo[] {
|
|
250
264
|
return this.buildTenantProfiles(
|
|
251
|
-
this.getAccountsFilteredBy(accountFilter
|
|
265
|
+
this.getAccountsFilteredBy(accountFilter, correlationId),
|
|
266
|
+
correlationId,
|
|
252
267
|
accountFilter
|
|
253
268
|
);
|
|
254
269
|
}
|
|
@@ -256,8 +271,11 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
256
271
|
/**
|
|
257
272
|
* Gets first tenanted AccountInfo object found based on provided filters
|
|
258
273
|
*/
|
|
259
|
-
getAccountInfoFilteredBy(
|
|
260
|
-
|
|
274
|
+
getAccountInfoFilteredBy(
|
|
275
|
+
accountFilter: AccountFilter,
|
|
276
|
+
correlationId: string
|
|
277
|
+
): AccountInfo | null {
|
|
278
|
+
const allAccounts = this.getAllAccounts(accountFilter, correlationId);
|
|
261
279
|
if (allAccounts.length > 1) {
|
|
262
280
|
// If one or more accounts are found, prioritize accounts that have an ID token
|
|
263
281
|
const sortedAccounts = allAccounts.sort((account) => {
|
|
@@ -277,8 +295,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
277
295
|
* @param accountFilter
|
|
278
296
|
* @returns
|
|
279
297
|
*/
|
|
280
|
-
getBaseAccountInfo(
|
|
281
|
-
|
|
298
|
+
getBaseAccountInfo(
|
|
299
|
+
accountFilter: AccountFilter,
|
|
300
|
+
correlationId: string
|
|
301
|
+
): AccountInfo | null {
|
|
302
|
+
const accountEntities = this.getAccountsFilteredBy(
|
|
303
|
+
accountFilter,
|
|
304
|
+
correlationId
|
|
305
|
+
);
|
|
282
306
|
if (accountEntities.length > 0) {
|
|
283
307
|
return accountEntities[0].getAccountInfo();
|
|
284
308
|
} else {
|
|
@@ -295,11 +319,13 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
295
319
|
*/
|
|
296
320
|
private buildTenantProfiles(
|
|
297
321
|
cachedAccounts: AccountEntity[],
|
|
322
|
+
correlationId: string,
|
|
298
323
|
accountFilter?: AccountFilter
|
|
299
324
|
): AccountInfo[] {
|
|
300
325
|
return cachedAccounts.flatMap((accountEntity) => {
|
|
301
326
|
return this.getTenantProfilesFromAccountEntity(
|
|
302
327
|
accountEntity,
|
|
328
|
+
correlationId,
|
|
303
329
|
accountFilter?.tenantId,
|
|
304
330
|
accountFilter
|
|
305
331
|
);
|
|
@@ -310,6 +336,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
310
336
|
accountInfo: AccountInfo,
|
|
311
337
|
tokenKeys: TokenKeys,
|
|
312
338
|
tenantProfile: TenantProfile,
|
|
339
|
+
correlationId: string,
|
|
313
340
|
tenantProfileFilter?: TenantProfileFilter
|
|
314
341
|
): AccountInfo | null {
|
|
315
342
|
let tenantedAccountInfo: AccountInfo | null = null;
|
|
@@ -328,6 +355,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
328
355
|
|
|
329
356
|
const idToken = this.getIdToken(
|
|
330
357
|
accountInfo,
|
|
358
|
+
correlationId,
|
|
331
359
|
tokenKeys,
|
|
332
360
|
tenantProfile.tenantId
|
|
333
361
|
);
|
|
@@ -362,6 +390,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
362
390
|
|
|
363
391
|
private getTenantProfilesFromAccountEntity(
|
|
364
392
|
accountEntity: AccountEntity,
|
|
393
|
+
correlationId: string,
|
|
365
394
|
targetTenantId?: string,
|
|
366
395
|
tenantProfileFilter?: TenantProfileFilter
|
|
367
396
|
): AccountInfo[] {
|
|
@@ -390,6 +419,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
390
419
|
accountInfo,
|
|
391
420
|
tokenKeys,
|
|
392
421
|
tenantProfile,
|
|
422
|
+
correlationId,
|
|
393
423
|
tenantProfileFilter
|
|
394
424
|
);
|
|
395
425
|
if (tenantedAccountInfo) {
|
|
@@ -535,37 +565,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
535
565
|
}
|
|
536
566
|
|
|
537
567
|
if (!!cacheRecord.appMetadata) {
|
|
538
|
-
this.setAppMetadata(cacheRecord.appMetadata);
|
|
568
|
+
this.setAppMetadata(cacheRecord.appMetadata, correlationId);
|
|
539
569
|
}
|
|
540
570
|
} catch (e: unknown) {
|
|
541
571
|
this.commonLogger?.error(`CacheManager.saveCacheRecord: failed`);
|
|
542
|
-
if (e instanceof
|
|
543
|
-
|
|
544
|
-
`CacheManager.saveCacheRecord: ${e.message}`,
|
|
545
|
-
correlationId
|
|
546
|
-
);
|
|
547
|
-
|
|
548
|
-
if (
|
|
549
|
-
e.name === "QuotaExceededError" ||
|
|
550
|
-
e.name === "NS_ERROR_DOM_QUOTA_REACHED" ||
|
|
551
|
-
e.message.includes("exceeded the quota")
|
|
552
|
-
) {
|
|
553
|
-
this.commonLogger?.error(
|
|
554
|
-
`CacheManager.saveCacheRecord: exceeded storage quota`,
|
|
555
|
-
correlationId
|
|
556
|
-
);
|
|
557
|
-
throw new CacheError(
|
|
558
|
-
CacheErrorCodes.cacheQuotaExceededErrorCode
|
|
559
|
-
);
|
|
560
|
-
} else {
|
|
561
|
-
throw new CacheError(e.name, e.message);
|
|
562
|
-
}
|
|
572
|
+
if (e instanceof AuthError) {
|
|
573
|
+
throw e;
|
|
563
574
|
} else {
|
|
564
|
-
|
|
565
|
-
`CacheManager.saveCacheRecord: ${e}`,
|
|
566
|
-
correlationId
|
|
567
|
-
);
|
|
568
|
-
throw new CacheError(CacheErrorCodes.cacheUnknownErrorCode);
|
|
575
|
+
throw createCacheError(e);
|
|
569
576
|
}
|
|
570
577
|
}
|
|
571
578
|
}
|
|
@@ -598,7 +605,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
598
605
|
return;
|
|
599
606
|
}
|
|
600
607
|
|
|
601
|
-
const tokenEntity = this.getAccessTokenCredential(
|
|
608
|
+
const tokenEntity = this.getAccessTokenCredential(
|
|
609
|
+
key,
|
|
610
|
+
correlationId
|
|
611
|
+
);
|
|
602
612
|
|
|
603
613
|
if (
|
|
604
614
|
tokenEntity &&
|
|
@@ -618,7 +628,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
618
628
|
* Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared
|
|
619
629
|
* @param accountFilter - An object containing Account properties to filter by
|
|
620
630
|
*/
|
|
621
|
-
getAccountsFilteredBy(
|
|
631
|
+
getAccountsFilteredBy(
|
|
632
|
+
accountFilter: AccountFilter,
|
|
633
|
+
correlationId: string
|
|
634
|
+
): AccountEntity[] {
|
|
622
635
|
const allAccountKeys = this.getAccountKeys();
|
|
623
636
|
const matchingAccounts: AccountEntity[] = [];
|
|
624
637
|
allAccountKeys.forEach((cacheKey) => {
|
|
@@ -629,7 +642,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
629
642
|
|
|
630
643
|
const entity: AccountEntity | null = this.getAccount(
|
|
631
644
|
cacheKey,
|
|
632
|
-
|
|
645
|
+
correlationId
|
|
633
646
|
);
|
|
634
647
|
|
|
635
648
|
// Match base account fields
|
|
@@ -973,12 +986,12 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
973
986
|
* @param account
|
|
974
987
|
*/
|
|
975
988
|
removeAccount(accountKey: string, correlationId: string): void {
|
|
976
|
-
const account = this.getAccount(accountKey,
|
|
989
|
+
const account = this.getAccount(accountKey, correlationId);
|
|
977
990
|
if (!account) {
|
|
978
991
|
return;
|
|
979
992
|
}
|
|
980
993
|
this.removeAccountContext(account, correlationId);
|
|
981
|
-
this.removeItem(accountKey);
|
|
994
|
+
this.removeItem(accountKey, correlationId);
|
|
982
995
|
}
|
|
983
996
|
|
|
984
997
|
/**
|
|
@@ -991,7 +1004,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
991
1004
|
|
|
992
1005
|
allTokenKeys.idToken.forEach((key) => {
|
|
993
1006
|
if (key.indexOf(accountId) === 0) {
|
|
994
|
-
this.removeIdToken(key);
|
|
1007
|
+
this.removeIdToken(key, correlationId);
|
|
995
1008
|
}
|
|
996
1009
|
});
|
|
997
1010
|
|
|
@@ -1003,59 +1016,59 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1003
1016
|
|
|
1004
1017
|
allTokenKeys.refreshToken.forEach((key) => {
|
|
1005
1018
|
if (key.indexOf(accountId) === 0) {
|
|
1006
|
-
this.removeRefreshToken(key);
|
|
1019
|
+
this.removeRefreshToken(key, correlationId);
|
|
1007
1020
|
}
|
|
1008
1021
|
});
|
|
1009
1022
|
}
|
|
1010
1023
|
|
|
1011
1024
|
/**
|
|
1012
|
-
*
|
|
1013
|
-
* @param
|
|
1025
|
+
* Removes accessToken from the cache
|
|
1026
|
+
* @param key
|
|
1027
|
+
* @param correlationId
|
|
1014
1028
|
*/
|
|
1015
1029
|
removeAccessToken(key: string, correlationId: string): void {
|
|
1016
|
-
const credential = this.getAccessTokenCredential(key);
|
|
1017
|
-
|
|
1030
|
+
const credential = this.getAccessTokenCredential(key, correlationId);
|
|
1031
|
+
this.removeItem(key, correlationId);
|
|
1032
|
+
this.performanceClient.incrementFields(
|
|
1033
|
+
{ accessTokensRemoved: 1 },
|
|
1034
|
+
correlationId
|
|
1035
|
+
);
|
|
1036
|
+
|
|
1037
|
+
if (
|
|
1038
|
+
!credential ||
|
|
1039
|
+
credential.credentialType.toLowerCase() !==
|
|
1040
|
+
CredentialType.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase() ||
|
|
1041
|
+
credential.tokenType !== AuthenticationScheme.POP
|
|
1042
|
+
) {
|
|
1043
|
+
// If the credential is not a PoP token, we can return
|
|
1018
1044
|
return;
|
|
1019
1045
|
}
|
|
1020
1046
|
|
|
1021
|
-
this.removeItem(key);
|
|
1022
|
-
|
|
1023
1047
|
// Remove Token Binding Key from key store for PoP Tokens Credentials
|
|
1024
|
-
|
|
1025
|
-
|
|
1026
|
-
|
|
1027
|
-
|
|
1028
|
-
|
|
1029
|
-
|
|
1030
|
-
|
|
1031
|
-
|
|
1032
|
-
|
|
1033
|
-
|
|
1034
|
-
|
|
1035
|
-
|
|
1036
|
-
|
|
1037
|
-
this.commonLogger.error(
|
|
1038
|
-
`Failed to remove token binding key ${kid}`,
|
|
1039
|
-
correlationId
|
|
1040
|
-
);
|
|
1041
|
-
this.performanceClient?.incrementFields(
|
|
1042
|
-
{ removeTokenBindingKeyFailure: 1 },
|
|
1043
|
-
correlationId
|
|
1044
|
-
);
|
|
1045
|
-
});
|
|
1046
|
-
}
|
|
1047
|
-
}
|
|
1048
|
+
const kid = credential.keyId;
|
|
1049
|
+
|
|
1050
|
+
if (kid) {
|
|
1051
|
+
void this.cryptoImpl.removeTokenBindingKey(kid).catch(() => {
|
|
1052
|
+
this.commonLogger.error(
|
|
1053
|
+
`Failed to remove token binding key ${kid}`,
|
|
1054
|
+
correlationId
|
|
1055
|
+
);
|
|
1056
|
+
this.performanceClient?.incrementFields(
|
|
1057
|
+
{ removeTokenBindingKeyFailure: 1 },
|
|
1058
|
+
correlationId
|
|
1059
|
+
);
|
|
1060
|
+
});
|
|
1048
1061
|
}
|
|
1049
1062
|
}
|
|
1050
1063
|
|
|
1051
1064
|
/**
|
|
1052
1065
|
* Removes all app metadata objects from cache.
|
|
1053
1066
|
*/
|
|
1054
|
-
removeAppMetadata(): boolean {
|
|
1067
|
+
removeAppMetadata(correlationId: string): boolean {
|
|
1055
1068
|
const allCacheKeys = this.getKeys();
|
|
1056
1069
|
allCacheKeys.forEach((cacheKey) => {
|
|
1057
1070
|
if (this.isAppMetadata(cacheKey)) {
|
|
1058
|
-
this.removeItem(cacheKey);
|
|
1071
|
+
this.removeItem(cacheKey, correlationId);
|
|
1059
1072
|
}
|
|
1060
1073
|
});
|
|
1061
1074
|
|
|
@@ -1066,10 +1079,13 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1066
1079
|
* Retrieve AccountEntity from cache
|
|
1067
1080
|
* @param account
|
|
1068
1081
|
*/
|
|
1069
|
-
readAccountFromCache(
|
|
1082
|
+
readAccountFromCache(
|
|
1083
|
+
account: AccountInfo,
|
|
1084
|
+
correlationId: string
|
|
1085
|
+
): AccountEntity | null {
|
|
1070
1086
|
const accountKey: string =
|
|
1071
1087
|
AccountEntity.generateAccountCacheKey(account);
|
|
1072
|
-
return this.getAccount(accountKey,
|
|
1088
|
+
return this.getAccount(accountKey, correlationId);
|
|
1073
1089
|
}
|
|
1074
1090
|
|
|
1075
1091
|
/**
|
|
@@ -1082,10 +1098,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1082
1098
|
*/
|
|
1083
1099
|
getIdToken(
|
|
1084
1100
|
account: AccountInfo,
|
|
1101
|
+
correlationId: string,
|
|
1085
1102
|
tokenKeys?: TokenKeys,
|
|
1086
1103
|
targetRealm?: string,
|
|
1087
|
-
performanceClient?: IPerformanceClient
|
|
1088
|
-
correlationId?: string
|
|
1104
|
+
performanceClient?: IPerformanceClient
|
|
1089
1105
|
): IdTokenEntity | null {
|
|
1090
1106
|
this.commonLogger.trace("CacheManager - getIdToken called");
|
|
1091
1107
|
const idTokenFilter: CredentialFilter = {
|
|
@@ -1098,6 +1114,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1098
1114
|
|
|
1099
1115
|
const idTokenMap: Map<string, IdTokenEntity> = this.getIdTokensByFilter(
|
|
1100
1116
|
idTokenFilter,
|
|
1117
|
+
correlationId,
|
|
1101
1118
|
tokenKeys
|
|
1102
1119
|
);
|
|
1103
1120
|
|
|
@@ -1140,7 +1157,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1140
1157
|
"CacheManager:getIdToken - Multiple matching ID tokens found, clearing them"
|
|
1141
1158
|
);
|
|
1142
1159
|
tokensToBeRemoved.forEach((idToken, key) => {
|
|
1143
|
-
this.removeIdToken(key);
|
|
1160
|
+
this.removeIdToken(key, correlationId);
|
|
1144
1161
|
});
|
|
1145
1162
|
if (performanceClient && correlationId) {
|
|
1146
1163
|
performanceClient.addFields(
|
|
@@ -1162,6 +1179,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1162
1179
|
*/
|
|
1163
1180
|
getIdTokensByFilter(
|
|
1164
1181
|
filter: CredentialFilter,
|
|
1182
|
+
correlationId: string,
|
|
1165
1183
|
tokenKeys?: TokenKeys
|
|
1166
1184
|
): Map<string, IdTokenEntity> {
|
|
1167
1185
|
const idTokenKeys =
|
|
@@ -1180,7 +1198,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1180
1198
|
) {
|
|
1181
1199
|
return;
|
|
1182
1200
|
}
|
|
1183
|
-
const idToken = this.getIdTokenCredential(key);
|
|
1201
|
+
const idToken = this.getIdTokenCredential(key, correlationId);
|
|
1184
1202
|
if (idToken && this.credentialMatchesFilter(idToken, filter)) {
|
|
1185
1203
|
idTokens.set(key, idToken);
|
|
1186
1204
|
}
|
|
@@ -1221,22 +1239,23 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1221
1239
|
* Removes idToken from the cache
|
|
1222
1240
|
* @param key
|
|
1223
1241
|
*/
|
|
1224
|
-
removeIdToken(key: string): void {
|
|
1225
|
-
this.removeItem(key);
|
|
1242
|
+
removeIdToken(key: string, correlationId: string): void {
|
|
1243
|
+
this.removeItem(key, correlationId);
|
|
1226
1244
|
}
|
|
1227
1245
|
|
|
1228
1246
|
/**
|
|
1229
1247
|
* Removes refresh token from the cache
|
|
1230
1248
|
* @param key
|
|
1231
1249
|
*/
|
|
1232
|
-
removeRefreshToken(key: string): void {
|
|
1233
|
-
this.removeItem(key);
|
|
1250
|
+
removeRefreshToken(key: string, correlationId: string): void {
|
|
1251
|
+
this.removeItem(key, correlationId);
|
|
1234
1252
|
}
|
|
1235
1253
|
|
|
1236
1254
|
/**
|
|
1237
1255
|
* Retrieve AccessTokenEntity from cache
|
|
1238
1256
|
* @param account {AccountInfo}
|
|
1239
1257
|
* @param request {BaseAuthRequest}
|
|
1258
|
+
* @param correlationId {?string}
|
|
1240
1259
|
* @param tokenKeys {?TokenKeys}
|
|
1241
1260
|
* @param performanceClient {?IPerformanceClient}
|
|
1242
1261
|
*/
|
|
@@ -1287,7 +1306,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1287
1306
|
if (
|
|
1288
1307
|
this.accessTokenKeyMatchesFilter(key, accessTokenFilter, true)
|
|
1289
1308
|
) {
|
|
1290
|
-
const accessToken = this.getAccessTokenCredential(
|
|
1309
|
+
const accessToken = this.getAccessTokenCredential(
|
|
1310
|
+
key,
|
|
1311
|
+
correlationId
|
|
1312
|
+
);
|
|
1291
1313
|
|
|
1292
1314
|
// Validate value
|
|
1293
1315
|
if (
|
|
@@ -1396,7 +1418,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1396
1418
|
* @param filter
|
|
1397
1419
|
* @returns
|
|
1398
1420
|
*/
|
|
1399
|
-
getAccessTokensByFilter(
|
|
1421
|
+
getAccessTokensByFilter(
|
|
1422
|
+
filter: CredentialFilter,
|
|
1423
|
+
correlationId: string
|
|
1424
|
+
): AccessTokenEntity[] {
|
|
1400
1425
|
const tokenKeys = this.getTokenKeys();
|
|
1401
1426
|
|
|
1402
1427
|
const accessTokens: AccessTokenEntity[] = [];
|
|
@@ -1405,7 +1430,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1405
1430
|
return;
|
|
1406
1431
|
}
|
|
1407
1432
|
|
|
1408
|
-
const accessToken = this.getAccessTokenCredential(
|
|
1433
|
+
const accessToken = this.getAccessTokenCredential(
|
|
1434
|
+
key,
|
|
1435
|
+
correlationId
|
|
1436
|
+
);
|
|
1409
1437
|
if (
|
|
1410
1438
|
accessToken &&
|
|
1411
1439
|
this.credentialMatchesFilter(accessToken, filter)
|
|
@@ -1421,16 +1449,16 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1421
1449
|
* Helper to retrieve the appropriate refresh token from cache
|
|
1422
1450
|
* @param account {AccountInfo}
|
|
1423
1451
|
* @param familyRT {boolean}
|
|
1452
|
+
* @param correlationId {?string}
|
|
1424
1453
|
* @param tokenKeys {?TokenKeys}
|
|
1425
1454
|
* @param performanceClient {?IPerformanceClient}
|
|
1426
|
-
* @param correlationId {?string}
|
|
1427
1455
|
*/
|
|
1428
1456
|
getRefreshToken(
|
|
1429
1457
|
account: AccountInfo,
|
|
1430
1458
|
familyRT: boolean,
|
|
1459
|
+
correlationId: string,
|
|
1431
1460
|
tokenKeys?: TokenKeys,
|
|
1432
|
-
performanceClient?: IPerformanceClient
|
|
1433
|
-
correlationId?: string
|
|
1461
|
+
performanceClient?: IPerformanceClient
|
|
1434
1462
|
): RefreshTokenEntity | null {
|
|
1435
1463
|
this.commonLogger.trace("CacheManager - getRefreshToken called");
|
|
1436
1464
|
const id = familyRT ? THE_FAMILY_ID : undefined;
|
|
@@ -1450,7 +1478,10 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
1450
1478
|
refreshTokenKeys.forEach((key) => {
|
|
1451
1479
|
// Validate key
|
|
1452
1480
|
if (this.refreshTokenKeyMatchesFilter(key, refreshTokenFilter)) {
|
|
1453
|
-
const refreshToken = this.getRefreshTokenCredential(
|
|
1481
|
+
const refreshToken = this.getRefreshTokenCredential(
|
|
1482
|
+
key,
|
|
1483
|
+
correlationId
|
|
1484
|
+
);
|
|
1454
1485
|
// Validate value
|
|
1455
1486
|
if (
|
|
1456
1487
|
refreshToken &&
|
|
@@ -21,7 +21,7 @@ export interface ICacheManager {
|
|
|
21
21
|
* fetch the account entity from the platform cache
|
|
22
22
|
* @param accountKey
|
|
23
23
|
*/
|
|
24
|
-
getAccount(accountKey: string): AccountEntity | null;
|
|
24
|
+
getAccount(accountKey: string, correlationId: string): AccountEntity | null;
|
|
25
25
|
|
|
26
26
|
/**
|
|
27
27
|
* set account entity in the platform cache
|
|
@@ -46,7 +46,10 @@ export interface ICacheManager {
|
|
|
46
46
|
* fetch the idToken entity from the platform cache
|
|
47
47
|
* @param idTokenKey
|
|
48
48
|
*/
|
|
49
|
-
getIdTokenCredential(
|
|
49
|
+
getIdTokenCredential(
|
|
50
|
+
idTokenKey: string,
|
|
51
|
+
correlationId: string
|
|
52
|
+
): IdTokenEntity | null;
|
|
50
53
|
|
|
51
54
|
/**
|
|
52
55
|
* set idToken entity to the platform cache
|
|
@@ -61,7 +64,10 @@ export interface ICacheManager {
|
|
|
61
64
|
* fetch the idToken entity from the platform cache
|
|
62
65
|
* @param accessTokenKey
|
|
63
66
|
*/
|
|
64
|
-
getAccessTokenCredential(
|
|
67
|
+
getAccessTokenCredential(
|
|
68
|
+
accessTokenKey: string,
|
|
69
|
+
correlationId: string
|
|
70
|
+
): AccessTokenEntity | null;
|
|
65
71
|
|
|
66
72
|
/**
|
|
67
73
|
* set idToken entity to the platform cache
|
|
@@ -77,7 +83,8 @@ export interface ICacheManager {
|
|
|
77
83
|
* @param refreshTokenKey
|
|
78
84
|
*/
|
|
79
85
|
getRefreshTokenCredential(
|
|
80
|
-
refreshTokenKey: string
|
|
86
|
+
refreshTokenKey: string,
|
|
87
|
+
correlationId: string
|
|
81
88
|
): RefreshTokenEntity | null;
|
|
82
89
|
|
|
83
90
|
/**
|
|
@@ -99,7 +106,7 @@ export interface ICacheManager {
|
|
|
99
106
|
* set appMetadata entity to the platform cache
|
|
100
107
|
* @param appMetadata
|
|
101
108
|
*/
|
|
102
|
-
setAppMetadata(appMetadata: AppMetadataEntity): void;
|
|
109
|
+
setAppMetadata(appMetadata: AppMetadataEntity, correlationId: string): void;
|
|
103
110
|
|
|
104
111
|
/**
|
|
105
112
|
* fetch server telemetry entity from the platform cache
|
|
@@ -116,7 +123,8 @@ export interface ICacheManager {
|
|
|
116
123
|
*/
|
|
117
124
|
setServerTelemetry(
|
|
118
125
|
serverTelemetryKey: string,
|
|
119
|
-
serverTelemetry: ServerTelemetryEntity
|
|
126
|
+
serverTelemetry: ServerTelemetryEntity,
|
|
127
|
+
correlationId: string
|
|
120
128
|
): void;
|
|
121
129
|
|
|
122
130
|
/**
|
|
@@ -162,13 +170,17 @@ export interface ICacheManager {
|
|
|
162
170
|
*/
|
|
163
171
|
setThrottlingCache(
|
|
164
172
|
throttlingCacheKey: string,
|
|
165
|
-
throttlingCache: ThrottlingEntity
|
|
173
|
+
throttlingCache: ThrottlingEntity,
|
|
174
|
+
correlationId: string
|
|
166
175
|
): void;
|
|
167
176
|
|
|
168
177
|
/**
|
|
169
178
|
* Returns all accounts in cache
|
|
170
179
|
*/
|
|
171
|
-
getAllAccounts(
|
|
180
|
+
getAllAccounts(
|
|
181
|
+
accountFilter: AccountFilter,
|
|
182
|
+
correlationId: string
|
|
183
|
+
): AccountInfo[];
|
|
172
184
|
|
|
173
185
|
/**
|
|
174
186
|
* saves a cache record
|
|
@@ -186,13 +198,19 @@ export interface ICacheManager {
|
|
|
186
198
|
* @param environment
|
|
187
199
|
* @param realm
|
|
188
200
|
*/
|
|
189
|
-
getAccountsFilteredBy(
|
|
201
|
+
getAccountsFilteredBy(
|
|
202
|
+
filter: AccountFilter,
|
|
203
|
+
correlationId: string
|
|
204
|
+
): AccountEntity[];
|
|
190
205
|
|
|
191
206
|
/**
|
|
192
207
|
* Get AccountInfo object based on provided filters
|
|
193
208
|
* @param filter
|
|
194
209
|
*/
|
|
195
|
-
getAccountInfoFilteredBy(
|
|
210
|
+
getAccountInfoFilteredBy(
|
|
211
|
+
filter: AccountFilter,
|
|
212
|
+
correlationId: string
|
|
213
|
+
): AccountInfo | null;
|
|
196
214
|
|
|
197
215
|
/**
|
|
198
216
|
* Removes all accounts and related tokens from cache.
|
|
@@ -214,7 +232,7 @@ export interface ICacheManager {
|
|
|
214
232
|
/**
|
|
215
233
|
* @param key
|
|
216
234
|
*/
|
|
217
|
-
removeIdToken(key: string): void;
|
|
235
|
+
removeIdToken(key: string, correlationId: string): void;
|
|
218
236
|
|
|
219
237
|
/**
|
|
220
238
|
* @param key
|
|
@@ -224,5 +242,5 @@ export interface ICacheManager {
|
|
|
224
242
|
/**
|
|
225
243
|
* @param key
|
|
226
244
|
*/
|
|
227
|
-
removeRefreshToken(key: string): void;
|
|
245
|
+
removeRefreshToken(key: string, correlationId: string): void;
|
|
228
246
|
}
|
|
@@ -42,7 +42,6 @@ import {
|
|
|
42
42
|
createClientConfigurationError,
|
|
43
43
|
ClientConfigurationErrorCodes,
|
|
44
44
|
} from "../error/ClientConfigurationError.js";
|
|
45
|
-
import { RequestValidator } from "../request/RequestValidator.js";
|
|
46
45
|
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
47
46
|
import { PerformanceEvents } from "../telemetry/performance/PerformanceEvent.js";
|
|
48
47
|
import { invokeAsync } from "../utils/FunctionWrappers.js";
|
|
@@ -250,7 +249,11 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
250
249
|
*/
|
|
251
250
|
if (!this.includeRedirectUri) {
|
|
252
251
|
// Just validate
|
|
253
|
-
|
|
252
|
+
if (!request.redirectUri) {
|
|
253
|
+
throw createClientConfigurationError(
|
|
254
|
+
ClientConfigurationErrorCodes.redirectUriEmpty
|
|
255
|
+
);
|
|
256
|
+
}
|
|
254
257
|
} else {
|
|
255
258
|
// Validate and include redirect uri
|
|
256
259
|
RequestParameterBuilder.addRedirectUri(
|