@azure/msal-common 15.8.0 → 15.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (125) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.mjs +1 -1
  17. package/dist/cache/entities/AccountEntity.mjs +1 -1
  18. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  19. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  20. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  21. package/dist/client/AuthorizationCodeClient.mjs +5 -4
  22. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  23. package/dist/client/BaseClient.mjs +1 -1
  24. package/dist/client/RefreshTokenClient.mjs +1 -1
  25. package/dist/client/SilentFlowClient.mjs +1 -1
  26. package/dist/config/ClientConfiguration.mjs +1 -1
  27. package/dist/constants/AADServerParamKeys.mjs +1 -1
  28. package/dist/crypto/ICrypto.mjs +1 -1
  29. package/dist/crypto/JoseHeader.mjs +1 -1
  30. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  31. package/dist/error/AuthError.mjs +1 -1
  32. package/dist/error/AuthErrorCodes.mjs +1 -1
  33. package/dist/error/CacheError.mjs +1 -1
  34. package/dist/error/CacheErrorCodes.mjs +1 -1
  35. package/dist/error/ClientAuthError.mjs +1 -1
  36. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  37. package/dist/error/ClientConfigurationError.d.ts +10 -5
  38. package/dist/error/ClientConfigurationError.d.ts.map +1 -1
  39. package/dist/error/ClientConfigurationError.mjs +12 -7
  40. package/dist/error/ClientConfigurationError.mjs.map +1 -1
  41. package/dist/error/ClientConfigurationErrorCodes.d.ts +2 -1
  42. package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
  43. package/dist/error/ClientConfigurationErrorCodes.mjs +5 -4
  44. package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  45. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  46. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  47. package/dist/error/JoseHeaderError.mjs +1 -1
  48. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  49. package/dist/error/NetworkError.mjs +1 -1
  50. package/dist/error/ServerError.mjs +1 -1
  51. package/dist/exports-common.d.ts +1 -1
  52. package/dist/exports-common.d.ts.map +1 -1
  53. package/dist/index-browser.mjs +2 -2
  54. package/dist/index-node.mjs +2 -2
  55. package/dist/index.mjs +2 -2
  56. package/dist/logger/Logger.mjs +1 -1
  57. package/dist/network/INetworkModule.mjs +1 -1
  58. package/dist/network/RequestThumbprint.mjs +1 -1
  59. package/dist/network/ThrottlingUtils.mjs +1 -1
  60. package/dist/packageMetadata.d.ts +1 -1
  61. package/dist/packageMetadata.mjs +2 -2
  62. package/dist/protocol/Authorize.mjs +1 -1
  63. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  64. package/dist/request/BaseAuthRequest.d.ts +5 -1
  65. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  66. package/dist/request/RequestParameterBuilder.d.ts +6 -0
  67. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  68. package/dist/request/RequestParameterBuilder.mjs +14 -2
  69. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  70. package/dist/request/ScopeSet.mjs +1 -1
  71. package/dist/response/ResponseHandler.mjs +1 -1
  72. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  73. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  74. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  75. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  76. package/dist/url/UrlString.mjs +1 -1
  77. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  78. package/dist/utils/Constants.d.ts +5 -0
  79. package/dist/utils/Constants.d.ts.map +1 -1
  80. package/dist/utils/Constants.mjs +6 -2
  81. package/dist/utils/Constants.mjs.map +1 -1
  82. package/dist/utils/FunctionWrappers.mjs +1 -1
  83. package/dist/utils/ProtocolUtils.mjs +1 -1
  84. package/dist/utils/StringUtils.mjs +1 -1
  85. package/dist/utils/TimeUtils.mjs +1 -1
  86. package/dist/utils/UrlUtils.mjs +1 -1
  87. package/lib/index-browser.cjs +3 -2
  88. package/lib/index-browser.cjs.map +1 -1
  89. package/lib/{index-node-2PsHlOld.js → index-node-C5c-lcoe.js} +39 -77
  90. package/lib/index-node-C5c-lcoe.js.map +1 -0
  91. package/lib/index-node.cjs +3 -2
  92. package/lib/index-node.cjs.map +1 -1
  93. package/lib/index.cjs +3 -2
  94. package/lib/index.cjs.map +1 -1
  95. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  96. package/lib/types/error/ClientConfigurationError.d.ts +10 -5
  97. package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
  98. package/lib/types/error/ClientConfigurationErrorCodes.d.ts +2 -1
  99. package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
  100. package/lib/types/exports-common.d.ts +1 -1
  101. package/lib/types/exports-common.d.ts.map +1 -1
  102. package/lib/types/packageMetadata.d.ts +1 -1
  103. package/lib/types/request/BaseAuthRequest.d.ts +5 -1
  104. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  105. package/lib/types/request/RequestParameterBuilder.d.ts +6 -0
  106. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  107. package/lib/types/utils/Constants.d.ts +5 -0
  108. package/lib/types/utils/Constants.d.ts.map +1 -1
  109. package/package.json +1 -1
  110. package/src/client/AuthorizationCodeClient.ts +5 -2
  111. package/src/error/ClientConfigurationError.ts +16 -8
  112. package/src/error/ClientConfigurationErrorCodes.ts +3 -1
  113. package/src/exports-common.ts +1 -0
  114. package/src/packageMetadata.ts +1 -1
  115. package/src/request/BaseAuthRequest.ts +5 -1
  116. package/src/request/RequestParameterBuilder.ts +16 -0
  117. package/src/utils/Constants.ts +6 -0
  118. package/dist/request/RequestValidator.d.ts +0 -28
  119. package/dist/request/RequestValidator.d.ts.map +0 -1
  120. package/dist/request/RequestValidator.mjs +0 -73
  121. package/dist/request/RequestValidator.mjs.map +0 -1
  122. package/lib/index-node-2PsHlOld.js.map +0 -1
  123. package/lib/types/request/RequestValidator.d.ts +0 -28
  124. package/lib/types/request/RequestValidator.d.ts.map +0 -1
  125. package/src/request/RequestValidator.ts +0 -90
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v15.8.0 2025-07-01 */
1
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -81,6 +81,10 @@ const HttpStatus = {
81
81
  SERVER_ERROR_RANGE_END: 599,
82
82
  MULTI_SIDED_ERROR: 600,
83
83
  };
84
+ const HttpMethod = {
85
+ GET: "GET",
86
+ POST: "POST",
87
+ };
84
88
  const OIDC_DEFAULT_SCOPES = [
85
89
  Constants.OPENID_SCOPE,
86
90
  Constants.PROFILE_SCOPE,
@@ -832,7 +836,6 @@ const authorityUriInsecure = "authority_uri_insecure";
832
836
  const urlParseError = "url_parse_error";
833
837
  const urlEmptyError = "empty_url_error";
834
838
  const emptyInputScopesError = "empty_input_scopes_error";
835
- const invalidPromptValue = "invalid_prompt_value";
836
839
  const invalidClaims = "invalid_claims";
837
840
  const tokenRequestEmpty = "token_request_empty";
838
841
  const logoutRequestEmpty = "logout_request_empty";
@@ -847,7 +850,9 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
847
850
  const invalidAuthenticationHeader = "invalid_authentication_header";
848
851
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
849
852
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
850
- const authorityMismatch = "authority_mismatch";
853
+ const authorityMismatch = "authority_mismatch";
854
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
855
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
851
856
 
852
857
  var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
853
858
  __proto__: null,
@@ -859,10 +864,11 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
859
864
  emptyInputScopesError: emptyInputScopesError,
860
865
  invalidAuthenticationHeader: invalidAuthenticationHeader,
861
866
  invalidAuthorityMetadata: invalidAuthorityMetadata,
867
+ invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
862
868
  invalidClaims: invalidClaims,
863
869
  invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
864
870
  invalidCodeChallengeMethod: invalidCodeChallengeMethod,
865
- invalidPromptValue: invalidPromptValue,
871
+ invalidRequestMethodForEAR: invalidRequestMethodForEAR,
866
872
  logoutRequestEmpty: logoutRequestEmpty,
867
873
  missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
868
874
  missingSshJwk: missingSshJwk,
@@ -886,7 +892,6 @@ const ClientConfigurationErrorMessages = {
886
892
  [urlParseError]: "URL could not be parsed into appropriate segments.",
887
893
  [urlEmptyError]: "URL was empty or null.",
888
894
  [emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
889
- [invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
890
895
  [invalidClaims]: "Given claims parameter must be a stringified JSON object.",
891
896
  [tokenRequestEmpty]: "Token request was empty and not found in cache.",
892
897
  [logoutRequestEmpty]: "The logout request was null or undefined.",
@@ -902,6 +907,8 @@ const ClientConfigurationErrorMessages = {
902
907
  [cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
903
908
  [cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
904
909
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
910
+ [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
911
+ [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
905
912
  };
906
913
  /**
907
914
  * ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
@@ -932,10 +939,6 @@ const ClientConfigurationErrorMessage = {
932
939
  code: emptyInputScopesError,
933
940
  desc: ClientConfigurationErrorMessages[emptyInputScopesError],
934
941
  },
935
- invalidPrompt: {
936
- code: invalidPromptValue,
937
- desc: ClientConfigurationErrorMessages[invalidPromptValue],
938
- },
939
942
  invalidClaimsRequest: {
940
943
  code: invalidClaims,
941
944
  desc: ClientConfigurationErrorMessages[invalidClaims],
@@ -996,6 +999,14 @@ const ClientConfigurationErrorMessage = {
996
999
  code: authorityMismatch,
997
1000
  desc: ClientConfigurationErrorMessages[authorityMismatch],
998
1001
  },
1002
+ invalidAuthorizePostBodyParameters: {
1003
+ code: invalidAuthorizePostBodyParameters,
1004
+ desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
1005
+ },
1006
+ invalidRequestMethodForEAR: {
1007
+ code: invalidRequestMethodForEAR,
1008
+ desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
1009
+ },
999
1010
  };
1000
1011
  /**
1001
1012
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -3889,7 +3900,7 @@ class Logger {
3889
3900
 
3890
3901
  /* eslint-disable header/header */
3891
3902
  const name = "@azure/msal-common";
3892
- const version = "15.8.0";
3903
+ const version = "15.9.0";
3893
3904
 
3894
3905
  /*
3895
3906
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -6262,6 +6273,18 @@ function addEARParameters(parameters, jwk) {
6262
6273
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
6263
6274
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
6264
6275
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
6276
+ }
6277
+ /**
6278
+ * Adds authorize body parameters to the request parameters
6279
+ * @param parameters
6280
+ * @param bodyParameters
6281
+ */
6282
+ function addPostBodyParameters(parameters, bodyParameters) {
6283
+ Object.entries(bodyParameters).forEach(([key, value]) => {
6284
+ if (value) {
6285
+ parameters.set(key, value);
6286
+ }
6287
+ });
6265
6288
  }
6266
6289
 
6267
6290
  var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
@@ -6296,6 +6319,7 @@ var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
6296
6319
  addOboAssertion: addOboAssertion,
6297
6320
  addPassword: addPassword,
6298
6321
  addPopToken: addPopToken,
6322
+ addPostBodyParameters: addPostBodyParameters,
6299
6323
  addPostLogoutRedirectUri: addPostLogoutRedirectUri,
6300
6324
  addPrompt: addPrompt,
6301
6325
  addRedirectUri: addRedirectUri,
@@ -7230,71 +7254,6 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
7230
7254
  return baseAccount;
7231
7255
  }
7232
7256
 
7233
- /*
7234
- * Copyright (c) Microsoft Corporation. All rights reserved.
7235
- * Licensed under the MIT License.
7236
- */
7237
- /**
7238
- * Validates server consumable params from the "request" objects
7239
- */
7240
- class RequestValidator {
7241
- /**
7242
- * Utility to check if the `redirectUri` in the request is a non-null value
7243
- * @param redirectUri
7244
- */
7245
- static validateRedirectUri(redirectUri) {
7246
- if (!redirectUri) {
7247
- throw createClientConfigurationError(redirectUriEmpty);
7248
- }
7249
- }
7250
- /**
7251
- * Utility to validate prompt sent by the user in the request
7252
- * @param prompt
7253
- */
7254
- static validatePrompt(prompt) {
7255
- const promptValues = [];
7256
- for (const value in PromptValue) {
7257
- promptValues.push(PromptValue[value]);
7258
- }
7259
- if (promptValues.indexOf(prompt) < 0) {
7260
- throw createClientConfigurationError(invalidPromptValue);
7261
- }
7262
- }
7263
- static validateClaims(claims) {
7264
- try {
7265
- JSON.parse(claims);
7266
- }
7267
- catch (e) {
7268
- throw createClientConfigurationError(invalidClaims);
7269
- }
7270
- }
7271
- /**
7272
- * Utility to validate code_challenge and code_challenge_method
7273
- * @param codeChallenge
7274
- * @param codeChallengeMethod
7275
- */
7276
- static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
7277
- if (!codeChallenge || !codeChallengeMethod) {
7278
- throw createClientConfigurationError(pkceParamsMissing);
7279
- }
7280
- else {
7281
- this.validateCodeChallengeMethod(codeChallengeMethod);
7282
- }
7283
- }
7284
- /**
7285
- * Utility to validate code_challenge_method
7286
- * @param codeChallengeMethod
7287
- */
7288
- static validateCodeChallengeMethod(codeChallengeMethod) {
7289
- if ([
7290
- CodeChallengeMethodValues.PLAIN,
7291
- CodeChallengeMethodValues.S256,
7292
- ].indexOf(codeChallengeMethod) < 0) {
7293
- throw createClientConfigurationError(invalidCodeChallengeMethod);
7294
- }
7295
- }
7296
- }
7297
-
7298
7257
  /*
7299
7258
  * Copyright (c) Microsoft Corporation. All rights reserved.
7300
7259
  * Licensed under the MIT License.
@@ -7409,7 +7368,9 @@ class AuthorizationCodeClient extends BaseClient {
7409
7368
  */
7410
7369
  if (!this.includeRedirectUri) {
7411
7370
  // Just validate
7412
- RequestValidator.validateRedirectUri(request.redirectUri);
7371
+ if (!request.redirectUri) {
7372
+ throw createClientConfigurationError(redirectUriEmpty);
7373
+ }
7413
7374
  }
7414
7375
  else {
7415
7376
  // Validate and include redirect uri
@@ -8454,6 +8415,7 @@ exports.EncodingTypes = EncodingTypes;
8454
8415
  exports.Errors = Errors;
8455
8416
  exports.GrantType = GrantType;
8456
8417
  exports.HeaderNames = HeaderNames;
8418
+ exports.HttpMethod = HttpMethod;
8457
8419
  exports.HttpStatus = HttpStatus;
8458
8420
  exports.IntFields = IntFields;
8459
8421
  exports.InteractionRequiredAuthError = InteractionRequiredAuthError;
@@ -8514,4 +8476,4 @@ exports.invokeAsync = invokeAsync;
8514
8476
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
8515
8477
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
8516
8478
  exports.version = version;
8517
- //# sourceMappingURL=index-node-2PsHlOld.js.map
8479
+ //# sourceMappingURL=index-node-C5c-lcoe.js.map