@azure/msal-common 15.8.0 → 15.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +5 -4
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.d.ts +10 -5
- package/dist/error/ClientConfigurationError.d.ts.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +12 -7
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +2 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +5 -4
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +1 -1
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +2 -2
- package/dist/index-node.mjs +2 -2
- package/dist/index.mjs +2 -2
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +5 -1
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +6 -0
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +14 -2
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.d.ts +5 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +6 -2
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +3 -2
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-2PsHlOld.js → index-node-C5c-lcoe.js} +39 -77
- package/lib/index-node-C5c-lcoe.js.map +1 -0
- package/lib/index-node.cjs +3 -2
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -2
- package/lib/index.cjs.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationError.d.ts +10 -5
- package/lib/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +2 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +1 -1
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +5 -1
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +6 -0
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +5 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/client/AuthorizationCodeClient.ts +5 -2
- package/src/error/ClientConfigurationError.ts +16 -8
- package/src/error/ClientConfigurationErrorCodes.ts +3 -1
- package/src/exports-common.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/request/BaseAuthRequest.ts +5 -1
- package/src/request/RequestParameterBuilder.ts +16 -0
- package/src/utils/Constants.ts +6 -0
- package/dist/request/RequestValidator.d.ts +0 -28
- package/dist/request/RequestValidator.d.ts.map +0 -1
- package/dist/request/RequestValidator.mjs +0 -73
- package/dist/request/RequestValidator.mjs.map +0 -1
- package/lib/index-node-2PsHlOld.js.map +0 -1
- package/lib/types/request/RequestValidator.d.ts +0 -28
- package/lib/types/request/RequestValidator.d.ts.map +0 -1
- package/src/request/RequestValidator.ts +0 -90
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v15.
|
|
1
|
+
/*! @azure/msal-common v15.9.0 2025-07-23 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -81,6 +81,10 @@ const HttpStatus = {
|
|
|
81
81
|
SERVER_ERROR_RANGE_END: 599,
|
|
82
82
|
MULTI_SIDED_ERROR: 600,
|
|
83
83
|
};
|
|
84
|
+
const HttpMethod = {
|
|
85
|
+
GET: "GET",
|
|
86
|
+
POST: "POST",
|
|
87
|
+
};
|
|
84
88
|
const OIDC_DEFAULT_SCOPES = [
|
|
85
89
|
Constants.OPENID_SCOPE,
|
|
86
90
|
Constants.PROFILE_SCOPE,
|
|
@@ -832,7 +836,6 @@ const authorityUriInsecure = "authority_uri_insecure";
|
|
|
832
836
|
const urlParseError = "url_parse_error";
|
|
833
837
|
const urlEmptyError = "empty_url_error";
|
|
834
838
|
const emptyInputScopesError = "empty_input_scopes_error";
|
|
835
|
-
const invalidPromptValue = "invalid_prompt_value";
|
|
836
839
|
const invalidClaims = "invalid_claims";
|
|
837
840
|
const tokenRequestEmpty = "token_request_empty";
|
|
838
841
|
const logoutRequestEmpty = "logout_request_empty";
|
|
@@ -847,7 +850,9 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
|
|
|
847
850
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
848
851
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
849
852
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
850
|
-
const authorityMismatch = "authority_mismatch";
|
|
853
|
+
const authorityMismatch = "authority_mismatch";
|
|
854
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
855
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
851
856
|
|
|
852
857
|
var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
853
858
|
__proto__: null,
|
|
@@ -859,10 +864,11 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
|
|
|
859
864
|
emptyInputScopesError: emptyInputScopesError,
|
|
860
865
|
invalidAuthenticationHeader: invalidAuthenticationHeader,
|
|
861
866
|
invalidAuthorityMetadata: invalidAuthorityMetadata,
|
|
867
|
+
invalidAuthorizePostBodyParameters: invalidAuthorizePostBodyParameters,
|
|
862
868
|
invalidClaims: invalidClaims,
|
|
863
869
|
invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
|
|
864
870
|
invalidCodeChallengeMethod: invalidCodeChallengeMethod,
|
|
865
|
-
|
|
871
|
+
invalidRequestMethodForEAR: invalidRequestMethodForEAR,
|
|
866
872
|
logoutRequestEmpty: logoutRequestEmpty,
|
|
867
873
|
missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
|
|
868
874
|
missingSshJwk: missingSshJwk,
|
|
@@ -886,7 +892,6 @@ const ClientConfigurationErrorMessages = {
|
|
|
886
892
|
[urlParseError]: "URL could not be parsed into appropriate segments.",
|
|
887
893
|
[urlEmptyError]: "URL was empty or null.",
|
|
888
894
|
[emptyInputScopesError]: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token.",
|
|
889
|
-
[invalidPromptValue]: "Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest",
|
|
890
895
|
[invalidClaims]: "Given claims parameter must be a stringified JSON object.",
|
|
891
896
|
[tokenRequestEmpty]: "Token request was empty and not found in cache.",
|
|
892
897
|
[logoutRequestEmpty]: "The logout request was null or undefined.",
|
|
@@ -902,6 +907,8 @@ const ClientConfigurationErrorMessages = {
|
|
|
902
907
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
903
908
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
904
909
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
910
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
911
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
905
912
|
};
|
|
906
913
|
/**
|
|
907
914
|
* ClientConfigurationErrorMessage class containing string constants used by error codes and messages.
|
|
@@ -932,10 +939,6 @@ const ClientConfigurationErrorMessage = {
|
|
|
932
939
|
code: emptyInputScopesError,
|
|
933
940
|
desc: ClientConfigurationErrorMessages[emptyInputScopesError],
|
|
934
941
|
},
|
|
935
|
-
invalidPrompt: {
|
|
936
|
-
code: invalidPromptValue,
|
|
937
|
-
desc: ClientConfigurationErrorMessages[invalidPromptValue],
|
|
938
|
-
},
|
|
939
942
|
invalidClaimsRequest: {
|
|
940
943
|
code: invalidClaims,
|
|
941
944
|
desc: ClientConfigurationErrorMessages[invalidClaims],
|
|
@@ -996,6 +999,14 @@ const ClientConfigurationErrorMessage = {
|
|
|
996
999
|
code: authorityMismatch,
|
|
997
1000
|
desc: ClientConfigurationErrorMessages[authorityMismatch],
|
|
998
1001
|
},
|
|
1002
|
+
invalidAuthorizePostBodyParameters: {
|
|
1003
|
+
code: invalidAuthorizePostBodyParameters,
|
|
1004
|
+
desc: ClientConfigurationErrorMessages[invalidAuthorizePostBodyParameters],
|
|
1005
|
+
},
|
|
1006
|
+
invalidRequestMethodForEAR: {
|
|
1007
|
+
code: invalidRequestMethodForEAR,
|
|
1008
|
+
desc: ClientConfigurationErrorMessages[invalidRequestMethodForEAR],
|
|
1009
|
+
},
|
|
999
1010
|
};
|
|
1000
1011
|
/**
|
|
1001
1012
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -3889,7 +3900,7 @@ class Logger {
|
|
|
3889
3900
|
|
|
3890
3901
|
/* eslint-disable header/header */
|
|
3891
3902
|
const name = "@azure/msal-common";
|
|
3892
|
-
const version = "15.
|
|
3903
|
+
const version = "15.9.0";
|
|
3893
3904
|
|
|
3894
3905
|
/*
|
|
3895
3906
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -6262,6 +6273,18 @@ function addEARParameters(parameters, jwk) {
|
|
|
6262
6273
|
// ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
|
|
6263
6274
|
const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
|
|
6264
6275
|
parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
|
|
6276
|
+
}
|
|
6277
|
+
/**
|
|
6278
|
+
* Adds authorize body parameters to the request parameters
|
|
6279
|
+
* @param parameters
|
|
6280
|
+
* @param bodyParameters
|
|
6281
|
+
*/
|
|
6282
|
+
function addPostBodyParameters(parameters, bodyParameters) {
|
|
6283
|
+
Object.entries(bodyParameters).forEach(([key, value]) => {
|
|
6284
|
+
if (value) {
|
|
6285
|
+
parameters.set(key, value);
|
|
6286
|
+
}
|
|
6287
|
+
});
|
|
6265
6288
|
}
|
|
6266
6289
|
|
|
6267
6290
|
var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
|
|
@@ -6296,6 +6319,7 @@ var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
|
|
|
6296
6319
|
addOboAssertion: addOboAssertion,
|
|
6297
6320
|
addPassword: addPassword,
|
|
6298
6321
|
addPopToken: addPopToken,
|
|
6322
|
+
addPostBodyParameters: addPostBodyParameters,
|
|
6299
6323
|
addPostLogoutRedirectUri: addPostLogoutRedirectUri,
|
|
6300
6324
|
addPrompt: addPrompt,
|
|
6301
6325
|
addRedirectUri: addRedirectUri,
|
|
@@ -7230,71 +7254,6 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
|
|
|
7230
7254
|
return baseAccount;
|
|
7231
7255
|
}
|
|
7232
7256
|
|
|
7233
|
-
/*
|
|
7234
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7235
|
-
* Licensed under the MIT License.
|
|
7236
|
-
*/
|
|
7237
|
-
/**
|
|
7238
|
-
* Validates server consumable params from the "request" objects
|
|
7239
|
-
*/
|
|
7240
|
-
class RequestValidator {
|
|
7241
|
-
/**
|
|
7242
|
-
* Utility to check if the `redirectUri` in the request is a non-null value
|
|
7243
|
-
* @param redirectUri
|
|
7244
|
-
*/
|
|
7245
|
-
static validateRedirectUri(redirectUri) {
|
|
7246
|
-
if (!redirectUri) {
|
|
7247
|
-
throw createClientConfigurationError(redirectUriEmpty);
|
|
7248
|
-
}
|
|
7249
|
-
}
|
|
7250
|
-
/**
|
|
7251
|
-
* Utility to validate prompt sent by the user in the request
|
|
7252
|
-
* @param prompt
|
|
7253
|
-
*/
|
|
7254
|
-
static validatePrompt(prompt) {
|
|
7255
|
-
const promptValues = [];
|
|
7256
|
-
for (const value in PromptValue) {
|
|
7257
|
-
promptValues.push(PromptValue[value]);
|
|
7258
|
-
}
|
|
7259
|
-
if (promptValues.indexOf(prompt) < 0) {
|
|
7260
|
-
throw createClientConfigurationError(invalidPromptValue);
|
|
7261
|
-
}
|
|
7262
|
-
}
|
|
7263
|
-
static validateClaims(claims) {
|
|
7264
|
-
try {
|
|
7265
|
-
JSON.parse(claims);
|
|
7266
|
-
}
|
|
7267
|
-
catch (e) {
|
|
7268
|
-
throw createClientConfigurationError(invalidClaims);
|
|
7269
|
-
}
|
|
7270
|
-
}
|
|
7271
|
-
/**
|
|
7272
|
-
* Utility to validate code_challenge and code_challenge_method
|
|
7273
|
-
* @param codeChallenge
|
|
7274
|
-
* @param codeChallengeMethod
|
|
7275
|
-
*/
|
|
7276
|
-
static validateCodeChallengeParams(codeChallenge, codeChallengeMethod) {
|
|
7277
|
-
if (!codeChallenge || !codeChallengeMethod) {
|
|
7278
|
-
throw createClientConfigurationError(pkceParamsMissing);
|
|
7279
|
-
}
|
|
7280
|
-
else {
|
|
7281
|
-
this.validateCodeChallengeMethod(codeChallengeMethod);
|
|
7282
|
-
}
|
|
7283
|
-
}
|
|
7284
|
-
/**
|
|
7285
|
-
* Utility to validate code_challenge_method
|
|
7286
|
-
* @param codeChallengeMethod
|
|
7287
|
-
*/
|
|
7288
|
-
static validateCodeChallengeMethod(codeChallengeMethod) {
|
|
7289
|
-
if ([
|
|
7290
|
-
CodeChallengeMethodValues.PLAIN,
|
|
7291
|
-
CodeChallengeMethodValues.S256,
|
|
7292
|
-
].indexOf(codeChallengeMethod) < 0) {
|
|
7293
|
-
throw createClientConfigurationError(invalidCodeChallengeMethod);
|
|
7294
|
-
}
|
|
7295
|
-
}
|
|
7296
|
-
}
|
|
7297
|
-
|
|
7298
7257
|
/*
|
|
7299
7258
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
7300
7259
|
* Licensed under the MIT License.
|
|
@@ -7409,7 +7368,9 @@ class AuthorizationCodeClient extends BaseClient {
|
|
|
7409
7368
|
*/
|
|
7410
7369
|
if (!this.includeRedirectUri) {
|
|
7411
7370
|
// Just validate
|
|
7412
|
-
|
|
7371
|
+
if (!request.redirectUri) {
|
|
7372
|
+
throw createClientConfigurationError(redirectUriEmpty);
|
|
7373
|
+
}
|
|
7413
7374
|
}
|
|
7414
7375
|
else {
|
|
7415
7376
|
// Validate and include redirect uri
|
|
@@ -8454,6 +8415,7 @@ exports.EncodingTypes = EncodingTypes;
|
|
|
8454
8415
|
exports.Errors = Errors;
|
|
8455
8416
|
exports.GrantType = GrantType;
|
|
8456
8417
|
exports.HeaderNames = HeaderNames;
|
|
8418
|
+
exports.HttpMethod = HttpMethod;
|
|
8457
8419
|
exports.HttpStatus = HttpStatus;
|
|
8458
8420
|
exports.IntFields = IntFields;
|
|
8459
8421
|
exports.InteractionRequiredAuthError = InteractionRequiredAuthError;
|
|
@@ -8514,4 +8476,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
8514
8476
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
8515
8477
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
8516
8478
|
exports.version = version;
|
|
8517
|
-
//# sourceMappingURL=index-node-
|
|
8479
|
+
//# sourceMappingURL=index-node-C5c-lcoe.js.map
|