@azure/msal-common 16.0.0-alpha.0 → 16.0.0-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +3 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.d.ts +6 -0
- package/dist/account/AuthToken.d.ts.map +1 -1
- package/dist/account/AuthToken.mjs +21 -2
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.d.ts +5 -1
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.d.ts +4 -0
- package/dist/account/TokenClaims.d.ts.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +27 -24
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +5 -5
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +8 -8
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +2 -1
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +5 -5
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +9 -29
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +22 -3
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +51 -19
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +16 -3
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +31 -12
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +16 -3
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +21 -4
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +5 -0
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +1 -0
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +4 -3
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +4 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/PlatformBrokerError.d.ts +16 -0
- package/dist/error/PlatformBrokerError.d.ts.map +1 -0
- package/dist/error/PlatformBrokerError.mjs +49 -0
- package/dist/error/PlatformBrokerError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/exports-common.d.ts +4 -2
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +1 -0
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-node.mjs +7 -4
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +7 -4
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +24 -0
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +92 -4
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +2 -2
- package/dist/network/RequestThumbprint.mjs.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.d.ts +40 -0
- package/dist/protocol/Token.d.ts.map +1 -0
- package/dist/protocol/Token.mjs +129 -0
- package/dist/protocol/Token.mjs.map +1 -0
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +7 -5
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +2 -1
- package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +3 -3
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +6 -6
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +5 -5
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +30 -16
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +3 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +3 -2
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.d.ts +5 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +6 -2
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.d.ts +14 -35
- package/dist/utils/ProtocolUtils.d.ts.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +56 -60
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StateTypes.d.ts +15 -0
- package/dist/utils/StateTypes.d.ts.map +1 -0
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +31 -17
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-FrCFfFuh.js → index-node-B7mR4APO.js} +2427 -2237
- package/lib/index-node-B7mR4APO.js.map +1 -0
- package/lib/index-node.cjs +5 -3
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -3
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +3 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/AuthToken.d.ts +6 -0
- package/lib/types/account/AuthToken.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts +5 -1
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/account/TokenClaims.d.ts +4 -0
- package/lib/types/account/TokenClaims.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +5 -5
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +2 -1
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +5 -5
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +22 -3
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +16 -3
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +16 -3
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +5 -0
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/PlatformBrokerError.d.ts +16 -0
- package/lib/types/error/PlatformBrokerError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +4 -2
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +1 -0
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +24 -0
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Token.d.ts +40 -0
- package/lib/types/protocol/Token.d.ts.map +1 -0
- package/lib/types/request/BaseAuthRequest.d.ts +7 -5
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +2 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +3 -3
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +3 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +5 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/ProtocolUtils.d.ts +14 -35
- package/lib/types/utils/ProtocolUtils.d.ts.map +1 -1
- package/lib/types/utils/StateTypes.d.ts +15 -0
- package/lib/types/utils/StateTypes.d.ts.map +1 -0
- package/package.json +122 -120
- package/src/account/AccountInfo.ts +5 -0
- package/src/account/AuthToken.ts +22 -0
- package/src/account/ClientInfo.ts +5 -1
- package/src/account/TokenClaims.ts +4 -0
- package/src/authority/AuthorityMetadata.ts +33 -35
- package/src/cache/CacheManager.ts +19 -10
- package/src/cache/entities/AccountEntity.ts +2 -1
- package/src/cache/interface/ICacheManager.ts +12 -4
- package/src/cache/utils/AccountEntityUtils.ts +8 -37
- package/src/client/AuthorizationCodeClient.ts +128 -19
- package/src/client/RefreshTokenClient.ts +88 -13
- package/src/client/SilentFlowClient.ts +63 -5
- package/src/error/AuthError.ts +6 -0
- package/src/error/ClientAuthErrorCodes.ts +1 -0
- package/src/error/ClientConfigurationErrorCodes.ts +1 -0
- package/src/error/PlatformBrokerError.ts +67 -0
- package/src/exports-common.ts +5 -6
- package/src/exports-node-only.ts +4 -0
- package/src/logger/Logger.ts +150 -2
- package/src/network/RequestThumbprint.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Token.ts +230 -0
- package/src/request/BaseAuthRequest.ts +7 -5
- package/src/request/CommonAuthorizationCodeRequest.ts +2 -1
- package/src/request/CommonAuthorizationUrlRequest.ts +2 -4
- package/src/request/CommonRefreshTokenRequest.ts +2 -1
- package/src/request/CommonSilentFlowRequest.ts +2 -1
- package/src/request/RequestParameterBuilder.ts +5 -5
- package/src/response/ResponseHandler.ts +9 -3
- package/src/telemetry/performance/IPerformanceClient.ts +3 -1
- package/src/telemetry/performance/PerformanceClient.ts +39 -45
- package/src/telemetry/performance/PerformanceEvent.ts +7 -0
- package/src/telemetry/performance/PerformanceEvents.ts +1 -0
- package/src/utils/Constants.ts +6 -0
- package/src/utils/ProtocolUtils.ts +66 -92
- package/src/utils/StateTypes.ts +20 -0
- package/dist/client/BaseClient.d.ts +0 -59
- package/dist/client/BaseClient.d.ts.map +0 -1
- package/dist/client/BaseClient.mjs +0 -162
- package/dist/client/BaseClient.mjs.map +0 -1
- package/dist/index-browser.mjs +0 -75
- package/dist/index-browser.mjs.map +0 -1
- package/lib/index-node-FrCFfFuh.js.map +0 -1
- package/lib/types/client/BaseClient.d.ts +0 -59
- package/lib/types/client/BaseClient.d.ts.map +0 -1
- package/src/client/BaseClient.ts +0 -308
package/package.json
CHANGED
|
@@ -1,125 +1,127 @@
|
|
|
1
1
|
{
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
2
|
+
"name": "@azure/msal-common",
|
|
3
|
+
"author": {
|
|
4
|
+
"name": "Microsoft",
|
|
5
|
+
"email": "nugetaad@microsoft.com",
|
|
6
|
+
"url": "https://www.microsoft.com"
|
|
7
|
+
},
|
|
8
|
+
"license": "MIT",
|
|
9
|
+
"repository": {
|
|
10
|
+
"type": "git",
|
|
11
|
+
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
|
|
12
|
+
},
|
|
13
|
+
"version": "16.0.0-beta.0",
|
|
14
|
+
"description": "Microsoft Authentication Library for js",
|
|
15
|
+
"keywords": [
|
|
16
|
+
"implicit",
|
|
17
|
+
"authorization code",
|
|
18
|
+
"PKCE",
|
|
19
|
+
"js",
|
|
20
|
+
"AAD",
|
|
21
|
+
"msal",
|
|
22
|
+
"oauth"
|
|
23
|
+
],
|
|
24
|
+
"sideEffects": false,
|
|
25
|
+
"type": "module",
|
|
26
|
+
"main": "./lib/index.cjs",
|
|
27
|
+
"module": "./dist/index.mjs",
|
|
28
|
+
"types": "./dist/index.d.ts",
|
|
29
|
+
"exports": {
|
|
30
|
+
"./browser": {
|
|
31
|
+
"import": {
|
|
32
|
+
"types": "./dist-browser/index-browser.d.ts",
|
|
33
|
+
"default": "./dist-browser/index-browser.mjs"
|
|
34
|
+
},
|
|
35
|
+
"require": {
|
|
36
|
+
"types": "./lib/types/index-browser.d.ts",
|
|
37
|
+
"default": "./lib/index-browser.cjs"
|
|
38
|
+
}
|
|
7
39
|
},
|
|
8
|
-
"
|
|
9
|
-
|
|
10
|
-
"
|
|
11
|
-
"
|
|
40
|
+
"./node": {
|
|
41
|
+
"import": {
|
|
42
|
+
"types": "./dist/index-node.d.ts",
|
|
43
|
+
"default": "./dist/index-node.mjs"
|
|
44
|
+
},
|
|
45
|
+
"require": {
|
|
46
|
+
"types": "./lib/types/index-node.d.ts",
|
|
47
|
+
"default": "./lib/index-node.cjs"
|
|
48
|
+
}
|
|
12
49
|
},
|
|
13
|
-
"
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
"
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
"
|
|
20
|
-
"
|
|
21
|
-
|
|
22
|
-
"oauth"
|
|
23
|
-
],
|
|
24
|
-
"sideEffects": false,
|
|
25
|
-
"type": "module",
|
|
26
|
-
"main": "./lib/index.cjs",
|
|
27
|
-
"module": "./dist/index.mjs",
|
|
28
|
-
"types": "./dist/index.d.ts",
|
|
29
|
-
"exports": {
|
|
30
|
-
"./browser": {
|
|
31
|
-
"import": {
|
|
32
|
-
"types": "./dist/index-browser.d.ts",
|
|
33
|
-
"default": "./dist/index-browser.mjs"
|
|
34
|
-
},
|
|
35
|
-
"require": {
|
|
36
|
-
"types": "./lib/types/index-browser.d.ts",
|
|
37
|
-
"default": "./lib/index-browser.cjs"
|
|
38
|
-
}
|
|
39
|
-
},
|
|
40
|
-
"./node": {
|
|
41
|
-
"import": {
|
|
42
|
-
"types": "./dist/index-node.d.ts",
|
|
43
|
-
"default": "./dist/index-node.mjs"
|
|
44
|
-
},
|
|
45
|
-
"require": {
|
|
46
|
-
"types": "./lib/types/index-node.d.ts",
|
|
47
|
-
"default": "./lib/index-node.cjs"
|
|
48
|
-
}
|
|
49
|
-
},
|
|
50
|
-
".": {
|
|
51
|
-
"import": {
|
|
52
|
-
"types": "./dist/index.d.ts",
|
|
53
|
-
"default": "./dist/index.mjs"
|
|
54
|
-
},
|
|
55
|
-
"require": {
|
|
56
|
-
"types": "./lib/types/index.d.ts",
|
|
57
|
-
"default": "./lib/index.cjs"
|
|
58
|
-
}
|
|
59
|
-
},
|
|
60
|
-
"./package.json": "./package.json"
|
|
50
|
+
".": {
|
|
51
|
+
"import": {
|
|
52
|
+
"types": "./dist/index.d.ts",
|
|
53
|
+
"default": "./dist/index.mjs"
|
|
54
|
+
},
|
|
55
|
+
"require": {
|
|
56
|
+
"types": "./lib/types/index.d.ts",
|
|
57
|
+
"default": "./lib/index.cjs"
|
|
58
|
+
}
|
|
61
59
|
},
|
|
62
|
-
"
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
"
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
"
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
"
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
"
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
60
|
+
"./package.json": "./package.json"
|
|
61
|
+
},
|
|
62
|
+
"engines": {
|
|
63
|
+
"node": ">=0.8.0"
|
|
64
|
+
},
|
|
65
|
+
"directories": {
|
|
66
|
+
"test": "test"
|
|
67
|
+
},
|
|
68
|
+
"files": [
|
|
69
|
+
"dist",
|
|
70
|
+
"lib",
|
|
71
|
+
"src",
|
|
72
|
+
"node",
|
|
73
|
+
"browser"
|
|
74
|
+
],
|
|
75
|
+
"scripts": {
|
|
76
|
+
"clean": "shx rm -rf dist dist-browser lib",
|
|
77
|
+
"clean:coverage": "rimraf ../../.nyc_output/*",
|
|
78
|
+
"lint": "eslint src --ext .ts",
|
|
79
|
+
"lint:fix": "npm run lint -- --fix",
|
|
80
|
+
"test": "jest",
|
|
81
|
+
"test:coverage": "jest --coverage",
|
|
82
|
+
"test:coverage:only": "npm run clean:coverage && npm run test:coverage",
|
|
83
|
+
"build:modules": "rollup -c --strictDeprecations --bundleConfigAsCjs",
|
|
84
|
+
"build:modules:watch": "rollup -cw --bundleConfigAsCjs",
|
|
85
|
+
"build": "npm run clean && npm run build:modules",
|
|
86
|
+
"build:debug": "npm run clean && MSAL_MINIFY_LOGS=false npm run build:modules",
|
|
87
|
+
"build:all": "npm run build",
|
|
88
|
+
"build:all:debug": "MSAL_MINIFY_LOGS=false npm run build",
|
|
89
|
+
"prepack": "npm run build",
|
|
90
|
+
"metadata:check": "ts-node scripts/metadata.ts",
|
|
91
|
+
"format:check": "prettier --ignore-path .gitignore --check src test",
|
|
92
|
+
"format:fix": "prettier --ignore-path .gitignore --write src test",
|
|
93
|
+
"apiExtractor": "api-extractor run"
|
|
94
|
+
},
|
|
95
|
+
"beachball": {
|
|
96
|
+
"disallowedChangeTypes": []
|
|
97
|
+
},
|
|
98
|
+
"devDependencies": {
|
|
99
|
+
"@babel/core": "^7.7.2",
|
|
100
|
+
"@babel/plugin-proposal-class-properties": "^7.7.0",
|
|
101
|
+
"@babel/plugin-proposal-object-rest-spread": "^7.6.2",
|
|
102
|
+
"@babel/preset-env": "^7.7.1",
|
|
103
|
+
"@babel/preset-typescript": "^7.7.2",
|
|
104
|
+
"@microsoft/api-extractor": "^7.43.4",
|
|
105
|
+
"@rollup/plugin-typescript": "^11.0.0",
|
|
106
|
+
"@types/debug": "^4.1.5",
|
|
107
|
+
"@types/jest": "^29.5.0",
|
|
108
|
+
"@types/lodash": "^4.14.182",
|
|
109
|
+
"@types/node": "^20.3.1",
|
|
110
|
+
"eslint-config-msal": "file:../../shared-configs/eslint-config-msal",
|
|
111
|
+
"jest": "^29.5.0",
|
|
112
|
+
"jest-junit": "^16.0.0",
|
|
113
|
+
"lodash": "^4.17.21",
|
|
114
|
+
"msal-test-utils": "file:../../shared-test-utils",
|
|
115
|
+
"prettier": "2.8.7",
|
|
116
|
+
"rimraf": "^3.0.2",
|
|
117
|
+
"rollup": "^4.22.4",
|
|
118
|
+
"rollup-msal": "file:../../shared-configs/rollup-msal",
|
|
119
|
+
"shx": "^0.3.2",
|
|
120
|
+
"ts-jest": "^29.1.0",
|
|
121
|
+
"ts-jest-resolver": "^2.0.1",
|
|
122
|
+
"ts-node": "^10.9.1",
|
|
123
|
+
"tslib": "^1.10.0",
|
|
124
|
+
"typescript": "^4.9.5",
|
|
125
|
+
"yargs": "^17.5.1"
|
|
126
|
+
}
|
|
125
127
|
}
|
|
@@ -4,6 +4,9 @@
|
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
6
|
import { TokenClaims } from "./TokenClaims.js";
|
|
7
|
+
|
|
8
|
+
export type DataBoundary = "EU" | "None";
|
|
9
|
+
|
|
7
10
|
/**
|
|
8
11
|
* Account object with the following signature:
|
|
9
12
|
* - homeAccountId - Home account identifier for this account object
|
|
@@ -16,6 +19,7 @@ import { TokenClaims } from "./TokenClaims.js";
|
|
|
16
19
|
* - idTokenClaims - Object contains claims from ID token
|
|
17
20
|
* - nativeAccountId - The user's native account ID
|
|
18
21
|
* - tenantProfiles - Map of tenant profile objects for each tenant that the account has authenticated with in the browser
|
|
22
|
+
* - dataBoundary - Data boundary extracted from clientInfo
|
|
19
23
|
*/
|
|
20
24
|
export type AccountInfo = {
|
|
21
25
|
homeAccountId: string;
|
|
@@ -38,6 +42,7 @@ export type AccountInfo = {
|
|
|
38
42
|
nativeAccountId?: string;
|
|
39
43
|
authorityType?: string;
|
|
40
44
|
tenantProfiles?: Map<string, TenantProfile>;
|
|
45
|
+
dataBoundary?: DataBoundary;
|
|
41
46
|
};
|
|
42
47
|
|
|
43
48
|
/**
|
package/src/account/AuthToken.ts
CHANGED
|
@@ -30,6 +30,28 @@ export function extractTokenClaims(
|
|
|
30
30
|
}
|
|
31
31
|
}
|
|
32
32
|
|
|
33
|
+
/**
|
|
34
|
+
* Check if the signin_state claim contains "kmsi"
|
|
35
|
+
* @param idTokenClaims
|
|
36
|
+
* @returns
|
|
37
|
+
*/
|
|
38
|
+
export function isKmsi(idTokenClaims: TokenClaims): boolean {
|
|
39
|
+
if (!idTokenClaims.signin_state) {
|
|
40
|
+
return false;
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Signin_state claim known values:
|
|
44
|
+
* dvc_mngd - device is managed
|
|
45
|
+
* dvc_dmjd - device is domain joined
|
|
46
|
+
* kmsi - user opted to "keep me signed in"
|
|
47
|
+
* inknownntwk - Request made inside a known network. Don't use this, use CAE instead.
|
|
48
|
+
*/
|
|
49
|
+
const kmsiClaims = ["kmsi", "dvc_dmjd"]; // There are some cases where kmsi may not be returned but persistent storage is still OK - allow dvc_dmjd as well
|
|
50
|
+
return idTokenClaims.signin_state.some((value) =>
|
|
51
|
+
kmsiClaims.includes(value.trim().toLowerCase())
|
|
52
|
+
);
|
|
53
|
+
}
|
|
54
|
+
|
|
33
55
|
/**
|
|
34
56
|
* decode a JWT
|
|
35
57
|
*
|
|
@@ -10,11 +10,15 @@ import {
|
|
|
10
10
|
import * as Constants from "../utils/Constants.js";
|
|
11
11
|
|
|
12
12
|
/**
|
|
13
|
-
* Client info object which consists of
|
|
13
|
+
* Client info object which consists of:
|
|
14
|
+
* uid: user id
|
|
15
|
+
* utid: tenant id
|
|
16
|
+
* xms_tdbr: optional, only for non-US tenants
|
|
14
17
|
*/
|
|
15
18
|
export type ClientInfo = {
|
|
16
19
|
uid: string;
|
|
17
20
|
utid: string;
|
|
21
|
+
xms_tdbr?: string;
|
|
18
22
|
};
|
|
19
23
|
|
|
20
24
|
/**
|
|
@@ -47,6 +47,10 @@ export type TokenClaims = {
|
|
|
47
47
|
upn?: string;
|
|
48
48
|
preferred_username?: string;
|
|
49
49
|
login_hint?: string;
|
|
50
|
+
/**
|
|
51
|
+
* Contains KMSI (Keep Me Signed In) status among other things
|
|
52
|
+
*/
|
|
53
|
+
signin_state?: Array<string>;
|
|
50
54
|
emails?: string[];
|
|
51
55
|
name?: string;
|
|
52
56
|
nonce?: string;
|
|
@@ -16,42 +16,40 @@ type RawMetadata = {
|
|
|
16
16
|
instanceDiscoveryMetadata: CloudInstanceDiscoveryResponse;
|
|
17
17
|
};
|
|
18
18
|
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
"https://login.microsoftonline.com/{tenantid}/discovery/v2.0/keys",
|
|
26
|
-
issuer: "https://login.microsoftonline.com/{tenantid}/v2.0",
|
|
27
|
-
authorization_endpoint:
|
|
28
|
-
"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/authorize",
|
|
29
|
-
end_session_endpoint:
|
|
30
|
-
"https://login.microsoftonline.com/{tenantid}/oauth2/v2.0/logout",
|
|
31
|
-
},
|
|
32
|
-
"login.chinacloudapi.cn": {
|
|
33
|
-
token_endpoint:
|
|
34
|
-
"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/token",
|
|
35
|
-
jwks_uri:
|
|
36
|
-
"https://login.chinacloudapi.cn/{tenantid}/discovery/v2.0/keys",
|
|
37
|
-
issuer: "https://login.partner.microsoftonline.cn/{tenantid}/v2.0",
|
|
38
|
-
authorization_endpoint:
|
|
39
|
-
"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/authorize",
|
|
40
|
-
end_session_endpoint:
|
|
41
|
-
"https://login.chinacloudapi.cn/{tenantid}/oauth2/v2.0/logout",
|
|
42
|
-
},
|
|
43
|
-
"login.microsoftonline.us": {
|
|
44
|
-
token_endpoint:
|
|
45
|
-
"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/token",
|
|
46
|
-
jwks_uri:
|
|
47
|
-
"https://login.microsoftonline.us/{tenantid}/discovery/v2.0/keys",
|
|
48
|
-
issuer: "https://login.microsoftonline.us/{tenantid}/v2.0",
|
|
49
|
-
authorization_endpoint:
|
|
50
|
-
"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/authorize",
|
|
51
|
-
end_session_endpoint:
|
|
52
|
-
"https://login.microsoftonline.us/{tenantid}/oauth2/v2.0/logout",
|
|
53
|
-
},
|
|
19
|
+
// Build endpoint metadata dynamically to avoid string duplication
|
|
20
|
+
const endpointHosts: Array<{ host: string; issuerHost?: string }> = [
|
|
21
|
+
{ host: "login.microsoftonline.com" },
|
|
22
|
+
{
|
|
23
|
+
host: "login.chinacloudapi.cn",
|
|
24
|
+
issuerHost: "login.partner.microsoftonline.cn", // Issuer differs
|
|
54
25
|
},
|
|
26
|
+
{ host: "login.microsoftonline.us" },
|
|
27
|
+
{ host: "login.sovcloud-identity.fr" },
|
|
28
|
+
{ host: "login.sovcloud-identity.de" },
|
|
29
|
+
{ host: "login.sovcloud-identity.sg" },
|
|
30
|
+
];
|
|
31
|
+
|
|
32
|
+
function buildOpenIdConfig(
|
|
33
|
+
host: string,
|
|
34
|
+
issuerHost: string
|
|
35
|
+
): OpenIdConfigResponse {
|
|
36
|
+
return {
|
|
37
|
+
token_endpoint: `https://${host}/{tenantid}/oauth2/v2.0/token`,
|
|
38
|
+
jwks_uri: `https://${host}/{tenantid}/discovery/v2.0/keys`,
|
|
39
|
+
issuer: `https://${issuerHost}/{tenantid}/v2.0`,
|
|
40
|
+
authorization_endpoint: `https://${host}/{tenantid}/oauth2/v2.0/authorize`,
|
|
41
|
+
end_session_endpoint: `https://${host}/{tenantid}/oauth2/v2.0/logout`,
|
|
42
|
+
};
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
const dynamicEndpointMetadata: RawMetadata["endpointMetadata"] =
|
|
46
|
+
endpointHosts.reduce((acc, { host, issuerHost }) => {
|
|
47
|
+
acc[host] = buildOpenIdConfig(host, issuerHost || host);
|
|
48
|
+
return acc;
|
|
49
|
+
}, {} as Record<string, OpenIdConfigResponse>);
|
|
50
|
+
|
|
51
|
+
export const rawMetdataJSON: RawMetadata = {
|
|
52
|
+
endpointMetadata: dynamicEndpointMetadata,
|
|
55
53
|
instanceDiscoveryMetadata: {
|
|
56
54
|
tenant_discovery_endpoint:
|
|
57
55
|
"https://{canonicalAuthority}/v2.0/.well-known/openid-configuration",
|
|
@@ -90,7 +90,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
90
90
|
*/
|
|
91
91
|
abstract setAccount(
|
|
92
92
|
account: AccountEntity,
|
|
93
|
-
correlationId: string
|
|
93
|
+
correlationId: string,
|
|
94
|
+
kmsi: boolean
|
|
94
95
|
): Promise<void>;
|
|
95
96
|
|
|
96
97
|
/**
|
|
@@ -109,7 +110,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
109
110
|
*/
|
|
110
111
|
abstract setIdTokenCredential(
|
|
111
112
|
idToken: IdTokenEntity,
|
|
112
|
-
correlationId: string
|
|
113
|
+
correlationId: string,
|
|
114
|
+
kmsi: boolean
|
|
113
115
|
): Promise<void>;
|
|
114
116
|
|
|
115
117
|
/**
|
|
@@ -128,7 +130,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
128
130
|
*/
|
|
129
131
|
abstract setAccessTokenCredential(
|
|
130
132
|
accessToken: AccessTokenEntity,
|
|
131
|
-
correlationId: string
|
|
133
|
+
correlationId: string,
|
|
134
|
+
kmsi: boolean
|
|
132
135
|
): Promise<void>;
|
|
133
136
|
|
|
134
137
|
/**
|
|
@@ -147,7 +150,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
147
150
|
*/
|
|
148
151
|
abstract setRefreshTokenCredential(
|
|
149
152
|
refreshToken: RefreshTokenEntity,
|
|
150
|
-
correlationId: string
|
|
153
|
+
correlationId: string,
|
|
154
|
+
kmsi: boolean
|
|
151
155
|
): Promise<void>;
|
|
152
156
|
|
|
153
157
|
/**
|
|
@@ -544,6 +548,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
544
548
|
async saveCacheRecord(
|
|
545
549
|
cacheRecord: CacheRecord,
|
|
546
550
|
correlationId: string,
|
|
551
|
+
kmsi: boolean,
|
|
547
552
|
storeInCache?: StoreInCache
|
|
548
553
|
): Promise<void> {
|
|
549
554
|
if (!cacheRecord) {
|
|
@@ -554,13 +559,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
554
559
|
|
|
555
560
|
try {
|
|
556
561
|
if (!!cacheRecord.account) {
|
|
557
|
-
await this.setAccount(cacheRecord.account, correlationId);
|
|
562
|
+
await this.setAccount(cacheRecord.account, correlationId, kmsi);
|
|
558
563
|
}
|
|
559
564
|
|
|
560
565
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
561
566
|
await this.setIdTokenCredential(
|
|
562
567
|
cacheRecord.idToken,
|
|
563
|
-
correlationId
|
|
568
|
+
correlationId,
|
|
569
|
+
kmsi
|
|
564
570
|
);
|
|
565
571
|
}
|
|
566
572
|
|
|
@@ -570,7 +576,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
570
576
|
) {
|
|
571
577
|
await this.saveAccessToken(
|
|
572
578
|
cacheRecord.accessToken,
|
|
573
|
-
correlationId
|
|
579
|
+
correlationId,
|
|
580
|
+
kmsi
|
|
574
581
|
);
|
|
575
582
|
}
|
|
576
583
|
|
|
@@ -580,7 +587,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
580
587
|
) {
|
|
581
588
|
await this.setRefreshTokenCredential(
|
|
582
589
|
cacheRecord.refreshToken,
|
|
583
|
-
correlationId
|
|
590
|
+
correlationId,
|
|
591
|
+
kmsi
|
|
584
592
|
);
|
|
585
593
|
}
|
|
586
594
|
|
|
@@ -606,7 +614,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
606
614
|
*/
|
|
607
615
|
private async saveAccessToken(
|
|
608
616
|
credential: AccessTokenEntity,
|
|
609
|
-
correlationId: string
|
|
617
|
+
correlationId: string,
|
|
618
|
+
kmsi: boolean
|
|
610
619
|
): Promise<void> {
|
|
611
620
|
const accessTokenFilter: CredentialFilter = {
|
|
612
621
|
clientId: credential.clientId,
|
|
@@ -646,7 +655,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
646
655
|
}
|
|
647
656
|
}
|
|
648
657
|
});
|
|
649
|
-
await this.setAccessTokenCredential(credential, correlationId);
|
|
658
|
+
await this.setAccessTokenCredential(credential, correlationId, kmsi);
|
|
650
659
|
}
|
|
651
660
|
|
|
652
661
|
/**
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import { TenantProfile } from "../../account/AccountInfo.js";
|
|
6
|
+
import { TenantProfile, DataBoundary } from "../../account/AccountInfo.js";
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* Type that defines required and optional parameters for an Account field (based on universal cache schema implemented by all MSALs).
|
|
@@ -46,4 +46,5 @@ export type AccountEntity = {
|
|
|
46
46
|
tenantProfiles?: Array<TenantProfile>;
|
|
47
47
|
/** Timestamp when the entry was last updated */
|
|
48
48
|
lastUpdatedAt: string;
|
|
49
|
+
dataBoundary?: DataBoundary;
|
|
49
50
|
};
|
|
@@ -29,7 +29,11 @@ export interface ICacheManager {
|
|
|
29
29
|
* @param account
|
|
30
30
|
* @param correlationId
|
|
31
31
|
*/
|
|
32
|
-
setAccount(
|
|
32
|
+
setAccount(
|
|
33
|
+
account: AccountEntity,
|
|
34
|
+
correlationId: string,
|
|
35
|
+
kmsi: boolean
|
|
36
|
+
): Promise<void>;
|
|
33
37
|
|
|
34
38
|
/**
|
|
35
39
|
* fetch the idToken entity from the platform cache
|
|
@@ -48,7 +52,8 @@ export interface ICacheManager {
|
|
|
48
52
|
*/
|
|
49
53
|
setIdTokenCredential(
|
|
50
54
|
idToken: IdTokenEntity,
|
|
51
|
-
correlationId: string
|
|
55
|
+
correlationId: string,
|
|
56
|
+
kmsi: boolean
|
|
52
57
|
): Promise<void>;
|
|
53
58
|
|
|
54
59
|
/**
|
|
@@ -68,7 +73,8 @@ export interface ICacheManager {
|
|
|
68
73
|
*/
|
|
69
74
|
setAccessTokenCredential(
|
|
70
75
|
accessToken: AccessTokenEntity,
|
|
71
|
-
correlationId: string
|
|
76
|
+
correlationId: string,
|
|
77
|
+
kmsi: boolean
|
|
72
78
|
): Promise<void>;
|
|
73
79
|
|
|
74
80
|
/**
|
|
@@ -88,7 +94,8 @@ export interface ICacheManager {
|
|
|
88
94
|
*/
|
|
89
95
|
setRefreshTokenCredential(
|
|
90
96
|
refreshToken: RefreshTokenEntity,
|
|
91
|
-
correlationId: string
|
|
97
|
+
correlationId: string,
|
|
98
|
+
kmsi: boolean
|
|
92
99
|
): Promise<void>;
|
|
93
100
|
|
|
94
101
|
/**
|
|
@@ -216,6 +223,7 @@ export interface ICacheManager {
|
|
|
216
223
|
saveCacheRecord(
|
|
217
224
|
cacheRecord: CacheRecord,
|
|
218
225
|
correlationId: string,
|
|
226
|
+
kmsi: boolean,
|
|
219
227
|
storeInCache?: StoreInCache
|
|
220
228
|
): Promise<void>;
|
|
221
229
|
|
|
@@ -11,6 +11,7 @@ import {
|
|
|
11
11
|
AccountInfo,
|
|
12
12
|
TenantProfile,
|
|
13
13
|
buildTenantProfile,
|
|
14
|
+
DataBoundary,
|
|
14
15
|
} from "../../account/AccountInfo.js";
|
|
15
16
|
import {
|
|
16
17
|
createClientAuthError,
|
|
@@ -56,6 +57,7 @@ export function getAccountInfo(accountEntity: AccountEntity): AccountInfo {
|
|
|
56
57
|
return [tenantProfile.tenantId, tenantProfile];
|
|
57
58
|
})
|
|
58
59
|
),
|
|
60
|
+
dataBoundary: accountEntity.dataBoundary,
|
|
59
61
|
};
|
|
60
62
|
}
|
|
61
63
|
|
|
@@ -94,9 +96,13 @@ export function createAccountEntity(
|
|
|
94
96
|
}
|
|
95
97
|
|
|
96
98
|
let clientInfo: ClientInfo | undefined;
|
|
99
|
+
let dataBoundary: DataBoundary | undefined;
|
|
97
100
|
|
|
98
101
|
if (accountDetails.clientInfo && base64Decode) {
|
|
99
102
|
clientInfo = buildClientInfo(accountDetails.clientInfo, base64Decode);
|
|
103
|
+
if (clientInfo.xms_tdbr) {
|
|
104
|
+
dataBoundary = clientInfo.xms_tdbr === "EU" ? "EU" : "None";
|
|
105
|
+
}
|
|
100
106
|
}
|
|
101
107
|
|
|
102
108
|
const env =
|
|
@@ -164,6 +170,7 @@ export function createAccountEntity(
|
|
|
164
170
|
msGraphHost: accountDetails.msGraphHost,
|
|
165
171
|
nativeAccountId: accountDetails.nativeAccountId,
|
|
166
172
|
tenantProfiles: tenantProfiles,
|
|
173
|
+
dataBoundary,
|
|
167
174
|
} as AccountEntity;
|
|
168
175
|
}
|
|
169
176
|
|
|
@@ -193,6 +200,7 @@ export function createAccountEntityFromAccountInfo(
|
|
|
193
200
|
cloudGraphHostName: cloudGraphHostName,
|
|
194
201
|
msGraphHost: msGraphHost,
|
|
195
202
|
tenantProfiles: Array.from(accountInfo.tenantProfiles?.values() || []),
|
|
203
|
+
dataBoundary: accountInfo.dataBoundary,
|
|
196
204
|
} as AccountEntity;
|
|
197
205
|
}
|
|
198
206
|
|
|
@@ -248,40 +256,3 @@ export function isAccountEntity(entity: object): entity is AccountEntity {
|
|
|
248
256
|
entity.hasOwnProperty("authorityType")
|
|
249
257
|
);
|
|
250
258
|
}
|
|
251
|
-
|
|
252
|
-
/**
|
|
253
|
-
* Helper function to determine whether 2 accountInfo objects represent the same account
|
|
254
|
-
* @param accountA
|
|
255
|
-
* @param accountB
|
|
256
|
-
* @param compareClaims - If set to true idTokenClaims will also be compared to determine account equality
|
|
257
|
-
*/
|
|
258
|
-
export function accountInfoIsEqual(
|
|
259
|
-
accountA: AccountInfo | null,
|
|
260
|
-
accountB: AccountInfo | null,
|
|
261
|
-
compareClaims?: boolean
|
|
262
|
-
): boolean {
|
|
263
|
-
if (!accountA || !accountB) {
|
|
264
|
-
return false;
|
|
265
|
-
}
|
|
266
|
-
|
|
267
|
-
let claimsMatch = true; // default to true so as to not fail comparison below if compareClaims: false
|
|
268
|
-
if (compareClaims) {
|
|
269
|
-
const accountAClaims = (accountA.idTokenClaims || {}) as TokenClaims;
|
|
270
|
-
const accountBClaims = (accountB.idTokenClaims || {}) as TokenClaims;
|
|
271
|
-
|
|
272
|
-
// issued at timestamp and nonce are expected to change each time a new id token is acquired
|
|
273
|
-
claimsMatch =
|
|
274
|
-
accountAClaims.iat === accountBClaims.iat &&
|
|
275
|
-
accountAClaims.nonce === accountBClaims.nonce;
|
|
276
|
-
}
|
|
277
|
-
|
|
278
|
-
return (
|
|
279
|
-
accountA.homeAccountId === accountB.homeAccountId &&
|
|
280
|
-
accountA.localAccountId === accountB.localAccountId &&
|
|
281
|
-
accountA.username === accountB.username &&
|
|
282
|
-
accountA.tenantId === accountB.tenantId &&
|
|
283
|
-
accountA.environment === accountB.environment &&
|
|
284
|
-
accountA.nativeAccountId === accountB.nativeAccountId &&
|
|
285
|
-
claimsMatch
|
|
286
|
-
);
|
|
287
|
-
}
|