@azure/msal-common 16.0.0-alpha.0 → 16.0.0-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +3 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.d.ts +6 -0
- package/dist/account/AuthToken.d.ts.map +1 -1
- package/dist/account/AuthToken.mjs +21 -2
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.d.ts +5 -1
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.d.ts +4 -0
- package/dist/account/TokenClaims.d.ts.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +27 -24
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +5 -5
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +8 -8
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +2 -1
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +5 -5
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +9 -29
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +22 -3
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +51 -19
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +16 -3
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +31 -12
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +16 -3
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +21 -4
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +5 -0
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +1 -0
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +4 -3
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +4 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/PlatformBrokerError.d.ts +16 -0
- package/dist/error/PlatformBrokerError.d.ts.map +1 -0
- package/dist/error/PlatformBrokerError.mjs +49 -0
- package/dist/error/PlatformBrokerError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/exports-common.d.ts +4 -2
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +1 -0
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-node.mjs +7 -4
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +7 -4
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +24 -0
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +92 -4
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +2 -2
- package/dist/network/RequestThumbprint.mjs.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.d.ts +40 -0
- package/dist/protocol/Token.d.ts.map +1 -0
- package/dist/protocol/Token.mjs +129 -0
- package/dist/protocol/Token.mjs.map +1 -0
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +7 -5
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +2 -1
- package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +3 -3
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +6 -6
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +5 -5
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +30 -16
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +3 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +3 -2
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.d.ts +5 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +6 -2
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.d.ts +14 -35
- package/dist/utils/ProtocolUtils.d.ts.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +56 -60
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StateTypes.d.ts +15 -0
- package/dist/utils/StateTypes.d.ts.map +1 -0
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +31 -17
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-FrCFfFuh.js → index-node-B7mR4APO.js} +2427 -2237
- package/lib/index-node-B7mR4APO.js.map +1 -0
- package/lib/index-node.cjs +5 -3
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -3
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +3 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/AuthToken.d.ts +6 -0
- package/lib/types/account/AuthToken.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts +5 -1
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/account/TokenClaims.d.ts +4 -0
- package/lib/types/account/TokenClaims.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +5 -5
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +2 -1
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +5 -5
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +22 -3
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +16 -3
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +16 -3
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +5 -0
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/PlatformBrokerError.d.ts +16 -0
- package/lib/types/error/PlatformBrokerError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +4 -2
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +1 -0
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +24 -0
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Token.d.ts +40 -0
- package/lib/types/protocol/Token.d.ts.map +1 -0
- package/lib/types/request/BaseAuthRequest.d.ts +7 -5
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +2 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +2 -4
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +2 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +2 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +3 -3
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +3 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +5 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/ProtocolUtils.d.ts +14 -35
- package/lib/types/utils/ProtocolUtils.d.ts.map +1 -1
- package/lib/types/utils/StateTypes.d.ts +15 -0
- package/lib/types/utils/StateTypes.d.ts.map +1 -0
- package/package.json +122 -120
- package/src/account/AccountInfo.ts +5 -0
- package/src/account/AuthToken.ts +22 -0
- package/src/account/ClientInfo.ts +5 -1
- package/src/account/TokenClaims.ts +4 -0
- package/src/authority/AuthorityMetadata.ts +33 -35
- package/src/cache/CacheManager.ts +19 -10
- package/src/cache/entities/AccountEntity.ts +2 -1
- package/src/cache/interface/ICacheManager.ts +12 -4
- package/src/cache/utils/AccountEntityUtils.ts +8 -37
- package/src/client/AuthorizationCodeClient.ts +128 -19
- package/src/client/RefreshTokenClient.ts +88 -13
- package/src/client/SilentFlowClient.ts +63 -5
- package/src/error/AuthError.ts +6 -0
- package/src/error/ClientAuthErrorCodes.ts +1 -0
- package/src/error/ClientConfigurationErrorCodes.ts +1 -0
- package/src/error/PlatformBrokerError.ts +67 -0
- package/src/exports-common.ts +5 -6
- package/src/exports-node-only.ts +4 -0
- package/src/logger/Logger.ts +150 -2
- package/src/network/RequestThumbprint.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Token.ts +230 -0
- package/src/request/BaseAuthRequest.ts +7 -5
- package/src/request/CommonAuthorizationCodeRequest.ts +2 -1
- package/src/request/CommonAuthorizationUrlRequest.ts +2 -4
- package/src/request/CommonRefreshTokenRequest.ts +2 -1
- package/src/request/CommonSilentFlowRequest.ts +2 -1
- package/src/request/RequestParameterBuilder.ts +5 -5
- package/src/response/ResponseHandler.ts +9 -3
- package/src/telemetry/performance/IPerformanceClient.ts +3 -1
- package/src/telemetry/performance/PerformanceClient.ts +39 -45
- package/src/telemetry/performance/PerformanceEvent.ts +7 -0
- package/src/telemetry/performance/PerformanceEvents.ts +1 -0
- package/src/utils/Constants.ts +6 -0
- package/src/utils/ProtocolUtils.ts +66 -92
- package/src/utils/StateTypes.ts +20 -0
- package/dist/client/BaseClient.d.ts +0 -59
- package/dist/client/BaseClient.d.ts.map +0 -1
- package/dist/client/BaseClient.mjs +0 -162
- package/dist/client/BaseClient.mjs.map +0 -1
- package/dist/index-browser.mjs +0 -75
- package/dist/index-browser.mjs.map +0 -1
- package/lib/index-node-FrCFfFuh.js.map +0 -1
- package/lib/types/client/BaseClient.d.ts +0 -59
- package/lib/types/client/BaseClient.d.ts.map +0 -1
- package/src/client/BaseClient.ts +0 -308
package/src/logger/Logger.ts
CHANGED
|
@@ -33,6 +33,141 @@ export interface ILoggerCallback {
|
|
|
33
33
|
(level: LogLevel, message: string, containsPii: boolean): void;
|
|
34
34
|
}
|
|
35
35
|
|
|
36
|
+
/**
|
|
37
|
+
* Represents a single logged message with metadata
|
|
38
|
+
*/
|
|
39
|
+
export interface LoggedMessage {
|
|
40
|
+
hash: string;
|
|
41
|
+
level: LogLevel;
|
|
42
|
+
containsPii: boolean;
|
|
43
|
+
milliseconds: number;
|
|
44
|
+
}
|
|
45
|
+
|
|
46
|
+
/**
|
|
47
|
+
* LRU cache node for correlation ID management
|
|
48
|
+
*/
|
|
49
|
+
interface CorrelationLogData {
|
|
50
|
+
logs: LoggedMessage[];
|
|
51
|
+
firstEventTime: number;
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
// Shared cache state for better minification - using Map's insertion order for LRU
|
|
55
|
+
const CACHE_CAPACITY = 50;
|
|
56
|
+
const MAX_LOGS_PER_CORRELATION = 500;
|
|
57
|
+
const correlationCache = new Map<string, CorrelationLogData>();
|
|
58
|
+
|
|
59
|
+
/**
|
|
60
|
+
* Mark correlation ID as recently used by moving it to end of Map
|
|
61
|
+
* @param correlationId
|
|
62
|
+
* @param {CorrelationLogData} data
|
|
63
|
+
*/
|
|
64
|
+
function markAsRecentlyUsed(
|
|
65
|
+
correlationId: string,
|
|
66
|
+
data: CorrelationLogData
|
|
67
|
+
): void {
|
|
68
|
+
correlationCache.delete(correlationId);
|
|
69
|
+
correlationCache.set(correlationId, data);
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
/**
|
|
73
|
+
* Add log message to cache for specific correlation ID
|
|
74
|
+
* @param correlationId
|
|
75
|
+
* @param {LoggedMessage} loggedMessage
|
|
76
|
+
*/
|
|
77
|
+
function addLogToCache(
|
|
78
|
+
correlationId: string,
|
|
79
|
+
loggedMessage: LoggedMessage
|
|
80
|
+
): void {
|
|
81
|
+
const currentTime = Date.now();
|
|
82
|
+
|
|
83
|
+
let data = correlationCache.get(correlationId);
|
|
84
|
+
|
|
85
|
+
if (data) {
|
|
86
|
+
// Mark as recently used
|
|
87
|
+
markAsRecentlyUsed(correlationId, data);
|
|
88
|
+
} else {
|
|
89
|
+
// Create new entry
|
|
90
|
+
data = { logs: [], firstEventTime: currentTime };
|
|
91
|
+
correlationCache.set(correlationId, data);
|
|
92
|
+
|
|
93
|
+
// Remove LRU (first entry) if capacity exceeded
|
|
94
|
+
if (correlationCache.size > CACHE_CAPACITY) {
|
|
95
|
+
const firstKey = correlationCache.keys().next().value;
|
|
96
|
+
if (firstKey) {
|
|
97
|
+
correlationCache.delete(firstKey);
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
|
|
102
|
+
// Add log to the data, maintaining max logs per correlation
|
|
103
|
+
data.logs.push({
|
|
104
|
+
...loggedMessage,
|
|
105
|
+
milliseconds: currentTime - data.firstEventTime,
|
|
106
|
+
});
|
|
107
|
+
if (data.logs.length > MAX_LOGS_PER_CORRELATION) {
|
|
108
|
+
data.logs.shift(); // Remove oldest log
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
|
|
112
|
+
/**
|
|
113
|
+
* Get all logs for specific correlation ID
|
|
114
|
+
* @param correlationId
|
|
115
|
+
*/
|
|
116
|
+
export function getLogsFromCache(correlationId: string): LoggedMessage[] {
|
|
117
|
+
const data = correlationCache.get(correlationId);
|
|
118
|
+
if (data) {
|
|
119
|
+
markAsRecentlyUsed(correlationId, data);
|
|
120
|
+
return [...data.logs]; // Return copy
|
|
121
|
+
}
|
|
122
|
+
return [];
|
|
123
|
+
}
|
|
124
|
+
|
|
125
|
+
/**
|
|
126
|
+
* Get logs for correlation ID and flush them from cache
|
|
127
|
+
* Attaches logs with empty correlation id to the requested correlation logs
|
|
128
|
+
* @param correlationId
|
|
129
|
+
*/
|
|
130
|
+
export function getAndFlushLogsFromCache(
|
|
131
|
+
correlationId: string
|
|
132
|
+
): LoggedMessage[] {
|
|
133
|
+
const res: LoggedMessage[] = [];
|
|
134
|
+
for (const id of ["", correlationId]) {
|
|
135
|
+
const data = correlationCache.get(id);
|
|
136
|
+
res.push(...(data?.logs ?? []));
|
|
137
|
+
correlationCache.delete(id); // Remove the correlation ID completely from cache
|
|
138
|
+
}
|
|
139
|
+
return res;
|
|
140
|
+
}
|
|
141
|
+
|
|
142
|
+
/**
|
|
143
|
+
* Get all correlation IDs that have logs
|
|
144
|
+
*/
|
|
145
|
+
export function getCachedCorrelationIds(): string[] {
|
|
146
|
+
return Array.from(correlationCache.keys());
|
|
147
|
+
}
|
|
148
|
+
|
|
149
|
+
/**
|
|
150
|
+
* Checks if a string is already a hashed logging string (6 alphanumeric characters)
|
|
151
|
+
*/
|
|
152
|
+
function isHashedString(str: string): boolean {
|
|
153
|
+
if (str.length !== 6) {
|
|
154
|
+
return false;
|
|
155
|
+
}
|
|
156
|
+
|
|
157
|
+
for (let i = 0; i < str.length; i++) {
|
|
158
|
+
const char = str[i];
|
|
159
|
+
const isAlphaNumeric =
|
|
160
|
+
(char >= "a" && char <= "z") ||
|
|
161
|
+
(char >= "A" && char <= "Z") ||
|
|
162
|
+
(char >= "0" && char <= "9");
|
|
163
|
+
if (!isAlphaNumeric) {
|
|
164
|
+
return false;
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
|
|
168
|
+
return true;
|
|
169
|
+
}
|
|
170
|
+
|
|
36
171
|
/**
|
|
37
172
|
* Class which facilitates logging of messages to a specific place.
|
|
38
173
|
*/
|
|
@@ -105,6 +240,19 @@ export class Logger {
|
|
|
105
240
|
logMessage: string,
|
|
106
241
|
options: LoggerMessageOptions
|
|
107
242
|
): void {
|
|
243
|
+
const correlationId = options.correlationId;
|
|
244
|
+
const isHashedInput = isHashedString(logMessage);
|
|
245
|
+
|
|
246
|
+
if (isHashedInput) {
|
|
247
|
+
const loggedMessage: LoggedMessage = {
|
|
248
|
+
hash: logMessage,
|
|
249
|
+
level: options.logLevel,
|
|
250
|
+
containsPii: options.containsPii || false,
|
|
251
|
+
milliseconds: 0, // Will be calculated in addLogToCache
|
|
252
|
+
};
|
|
253
|
+
addLogToCache(correlationId, loggedMessage);
|
|
254
|
+
}
|
|
255
|
+
|
|
108
256
|
if (
|
|
109
257
|
options.logLevel > this.level ||
|
|
110
258
|
(!this.piiLoggingEnabled && options.containsPii)
|
|
@@ -114,12 +262,12 @@ export class Logger {
|
|
|
114
262
|
const timestamp = new Date().toUTCString();
|
|
115
263
|
|
|
116
264
|
// Add correlationId to logs if set, correlationId provided on log messages take precedence
|
|
117
|
-
const logHeader = `[${timestamp}] : [${
|
|
265
|
+
const logHeader = `[${timestamp}] : [${correlationId}]`;
|
|
118
266
|
|
|
119
267
|
const log = `${logHeader} : ${this.packageName}@${
|
|
120
268
|
this.packageVersion
|
|
121
269
|
} : ${LogLevel[options.logLevel]} - ${logMessage}`;
|
|
122
|
-
|
|
270
|
+
|
|
123
271
|
this.executeCallback(
|
|
124
272
|
options.logLevel,
|
|
125
273
|
log,
|
|
@@ -42,6 +42,6 @@ export function getRequestThumbprint(
|
|
|
42
42
|
shrClaims: request.shrClaims,
|
|
43
43
|
sshKid: request.sshKid,
|
|
44
44
|
embeddedClientId:
|
|
45
|
-
request.embeddedClientId || request.
|
|
45
|
+
request.embeddedClientId || request.extraParameters?.clientId,
|
|
46
46
|
};
|
|
47
47
|
}
|
package/src/packageMetadata.ts
CHANGED
|
@@ -0,0 +1,230 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
3
|
+
* Licensed under the MIT License.
|
|
4
|
+
*/
|
|
5
|
+
|
|
6
|
+
import { CcsCredential, CcsCredentialType } from "../account/CcsCredential.js";
|
|
7
|
+
import { buildClientInfoFromHomeAccountId } from "../account/ClientInfo.js";
|
|
8
|
+
import { Logger } from "../logger/Logger.js";
|
|
9
|
+
import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
|
|
10
|
+
import { HeaderNames, URL_FORM_CONTENT_TYPE } from "../utils/Constants.js";
|
|
11
|
+
import * as RequestParameterBuilder from "../request/RequestParameterBuilder.js";
|
|
12
|
+
import * as UrlUtils from "../utils/UrlUtils.js";
|
|
13
|
+
import { IPerformanceClient } from "../exports-browser-only.js";
|
|
14
|
+
import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse.js";
|
|
15
|
+
import { RequestThumbprint } from "../network/RequestThumbprint.js";
|
|
16
|
+
import {
|
|
17
|
+
INetworkModule,
|
|
18
|
+
NetworkRequestOptions,
|
|
19
|
+
} from "../network/INetworkModule.js";
|
|
20
|
+
import { NetworkResponse } from "../network/NetworkResponse.js";
|
|
21
|
+
import { ThrottlingUtils } from "../network/ThrottlingUtils.js";
|
|
22
|
+
import { NetworkError } from "../error/NetworkError.js";
|
|
23
|
+
import { AuthError } from "../error/AuthError.js";
|
|
24
|
+
import {
|
|
25
|
+
ClientAuthErrorCodes,
|
|
26
|
+
createClientAuthError,
|
|
27
|
+
} from "../error/ClientAuthError.js";
|
|
28
|
+
import { invokeAsync } from "../utils/FunctionWrappers.js";
|
|
29
|
+
import * as PerformanceEvents from "../telemetry/performance/PerformanceEvents.js";
|
|
30
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
31
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
32
|
+
|
|
33
|
+
/**
|
|
34
|
+
* Creates default headers for requests to token endpoint
|
|
35
|
+
*/
|
|
36
|
+
export function createTokenRequestHeaders(
|
|
37
|
+
logger: Logger,
|
|
38
|
+
preventCorsPreflight: boolean,
|
|
39
|
+
ccsCred?: CcsCredential
|
|
40
|
+
): Record<string, string> {
|
|
41
|
+
const headers: Record<string, string> = {};
|
|
42
|
+
headers[HeaderNames.CONTENT_TYPE] = URL_FORM_CONTENT_TYPE;
|
|
43
|
+
if (!preventCorsPreflight && ccsCred) {
|
|
44
|
+
switch (ccsCred.type) {
|
|
45
|
+
case CcsCredentialType.HOME_ACCOUNT_ID:
|
|
46
|
+
try {
|
|
47
|
+
const clientInfo = buildClientInfoFromHomeAccountId(
|
|
48
|
+
ccsCred.credential
|
|
49
|
+
);
|
|
50
|
+
headers[
|
|
51
|
+
HeaderNames.CCS_HEADER
|
|
52
|
+
] = `Oid:${clientInfo.uid}@${clientInfo.utid}`;
|
|
53
|
+
} catch (e) {
|
|
54
|
+
logger.verbose(
|
|
55
|
+
`Could not parse home account ID for CCS Header: '${e}'`,
|
|
56
|
+
""
|
|
57
|
+
);
|
|
58
|
+
}
|
|
59
|
+
break;
|
|
60
|
+
case CcsCredentialType.UPN:
|
|
61
|
+
headers[HeaderNames.CCS_HEADER] = `UPN: ${ccsCred.credential}`;
|
|
62
|
+
break;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
return headers;
|
|
66
|
+
}
|
|
67
|
+
|
|
68
|
+
/**
|
|
69
|
+
* Creates query string for the /token request
|
|
70
|
+
* @param request
|
|
71
|
+
*/
|
|
72
|
+
export function createTokenQueryParameters(
|
|
73
|
+
request: BaseAuthRequest,
|
|
74
|
+
clientId: string,
|
|
75
|
+
redirectUri: string,
|
|
76
|
+
performanceClient: IPerformanceClient
|
|
77
|
+
): string {
|
|
78
|
+
const parameters = new Map<string, string>();
|
|
79
|
+
|
|
80
|
+
if (request.embeddedClientId) {
|
|
81
|
+
RequestParameterBuilder.addBrokerParameters(
|
|
82
|
+
parameters,
|
|
83
|
+
clientId,
|
|
84
|
+
redirectUri
|
|
85
|
+
);
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
if (request.extraQueryParameters) {
|
|
89
|
+
RequestParameterBuilder.addExtraParameters(
|
|
90
|
+
parameters,
|
|
91
|
+
request.extraQueryParameters
|
|
92
|
+
);
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
RequestParameterBuilder.addCorrelationId(parameters, request.correlationId);
|
|
96
|
+
|
|
97
|
+
RequestParameterBuilder.instrumentBrokerParams(
|
|
98
|
+
parameters,
|
|
99
|
+
request.correlationId,
|
|
100
|
+
performanceClient
|
|
101
|
+
);
|
|
102
|
+
return UrlUtils.mapToQueryString(parameters);
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
/**
|
|
106
|
+
* Http post to token endpoint
|
|
107
|
+
* @param tokenEndpoint
|
|
108
|
+
* @param queryString
|
|
109
|
+
* @param headers
|
|
110
|
+
* @param thumbprint
|
|
111
|
+
*/
|
|
112
|
+
export async function executePostToTokenEndpoint(
|
|
113
|
+
tokenEndpoint: string,
|
|
114
|
+
queryString: string,
|
|
115
|
+
headers: Record<string, string>,
|
|
116
|
+
thumbprint: RequestThumbprint,
|
|
117
|
+
correlationId: string,
|
|
118
|
+
cacheManager: CacheManager,
|
|
119
|
+
networkClient: INetworkModule,
|
|
120
|
+
logger: Logger,
|
|
121
|
+
performanceClient: IPerformanceClient,
|
|
122
|
+
serverTelemetryManager: ServerTelemetryManager | null
|
|
123
|
+
): Promise<NetworkResponse<ServerAuthorizationTokenResponse>> {
|
|
124
|
+
const response = await sendPostRequest<ServerAuthorizationTokenResponse>(
|
|
125
|
+
thumbprint,
|
|
126
|
+
tokenEndpoint,
|
|
127
|
+
{ body: queryString, headers: headers },
|
|
128
|
+
correlationId,
|
|
129
|
+
cacheManager,
|
|
130
|
+
networkClient,
|
|
131
|
+
logger,
|
|
132
|
+
performanceClient
|
|
133
|
+
);
|
|
134
|
+
|
|
135
|
+
if (
|
|
136
|
+
serverTelemetryManager &&
|
|
137
|
+
response.status < 500 &&
|
|
138
|
+
response.status !== 429
|
|
139
|
+
) {
|
|
140
|
+
// Telemetry data successfully logged by server, clear Telemetry cache
|
|
141
|
+
serverTelemetryManager.clearTelemetryCache();
|
|
142
|
+
}
|
|
143
|
+
|
|
144
|
+
return response;
|
|
145
|
+
}
|
|
146
|
+
|
|
147
|
+
/**
|
|
148
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
149
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
150
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
151
|
+
* @param options - Body and Headers to include on the POST request
|
|
152
|
+
* @param correlationId - CorrelationId for telemetry
|
|
153
|
+
* @param cacheManager - Cache manager instance
|
|
154
|
+
* @param networkClient - Network module instance
|
|
155
|
+
* @param logger - Logger instance
|
|
156
|
+
* @param performanceClient - Performance client instance
|
|
157
|
+
*/
|
|
158
|
+
export async function sendPostRequest<
|
|
159
|
+
T extends ServerAuthorizationTokenResponse
|
|
160
|
+
>(
|
|
161
|
+
thumbprint: RequestThumbprint,
|
|
162
|
+
tokenEndpoint: string,
|
|
163
|
+
options: NetworkRequestOptions,
|
|
164
|
+
correlationId: string,
|
|
165
|
+
cacheManager: CacheManager,
|
|
166
|
+
networkClient: INetworkModule,
|
|
167
|
+
logger: Logger,
|
|
168
|
+
performanceClient: IPerformanceClient
|
|
169
|
+
): Promise<NetworkResponse<T>> {
|
|
170
|
+
ThrottlingUtils.preProcess(cacheManager, thumbprint, correlationId);
|
|
171
|
+
|
|
172
|
+
let response;
|
|
173
|
+
try {
|
|
174
|
+
response = await invokeAsync(
|
|
175
|
+
networkClient.sendPostRequestAsync.bind(networkClient)<T>,
|
|
176
|
+
PerformanceEvents.NetworkClientSendPostRequestAsync,
|
|
177
|
+
logger,
|
|
178
|
+
performanceClient,
|
|
179
|
+
correlationId
|
|
180
|
+
)(tokenEndpoint, options);
|
|
181
|
+
const responseHeaders = response.headers || {};
|
|
182
|
+
performanceClient?.addFields(
|
|
183
|
+
{
|
|
184
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
185
|
+
httpVerToken:
|
|
186
|
+
responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
187
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
188
|
+
},
|
|
189
|
+
correlationId
|
|
190
|
+
);
|
|
191
|
+
} catch (e) {
|
|
192
|
+
if (e instanceof NetworkError) {
|
|
193
|
+
const responseHeaders = e.responseHeaders;
|
|
194
|
+
if (responseHeaders) {
|
|
195
|
+
performanceClient?.addFields(
|
|
196
|
+
{
|
|
197
|
+
httpVerToken:
|
|
198
|
+
responseHeaders[HeaderNames.X_MS_HTTP_VERSION] ||
|
|
199
|
+
"",
|
|
200
|
+
requestId:
|
|
201
|
+
responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
202
|
+
contentTypeHeader:
|
|
203
|
+
responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
204
|
+
undefined,
|
|
205
|
+
contentLengthHeader:
|
|
206
|
+
responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
207
|
+
undefined,
|
|
208
|
+
httpStatus: e.httpStatus,
|
|
209
|
+
},
|
|
210
|
+
correlationId
|
|
211
|
+
);
|
|
212
|
+
}
|
|
213
|
+
throw e.error;
|
|
214
|
+
}
|
|
215
|
+
if (e instanceof AuthError) {
|
|
216
|
+
throw e;
|
|
217
|
+
} else {
|
|
218
|
+
throw createClientAuthError(ClientAuthErrorCodes.networkError);
|
|
219
|
+
}
|
|
220
|
+
}
|
|
221
|
+
|
|
222
|
+
ThrottlingUtils.postProcess(
|
|
223
|
+
cacheManager,
|
|
224
|
+
thumbprint,
|
|
225
|
+
response,
|
|
226
|
+
correlationId
|
|
227
|
+
);
|
|
228
|
+
|
|
229
|
+
return response;
|
|
230
|
+
}
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import { AuthenticationScheme } from "../utils/Constants.js";
|
|
6
|
+
import { AuthenticationScheme, HttpMethod } from "../utils/Constants.js";
|
|
7
7
|
import type { AzureCloudOptions } from "../config/ClientConfiguration.js";
|
|
8
8
|
import { StringDict } from "../utils/MsalTypes.js";
|
|
9
9
|
import { StoreInCache } from "./StoreInCache.js";
|
|
@@ -24,12 +24,13 @@ import { ShrOptions } from "../crypto/SignedHttpRequest.js";
|
|
|
24
24
|
* - sshJwk - A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
|
|
25
25
|
* - sshKid - Key ID that uniquely identifies the SSH public key mentioned above.
|
|
26
26
|
* - azureCloudOptions - Convenience string enums for users to provide public/sovereign cloud ids
|
|
27
|
-
* -
|
|
28
|
-
* - tokenBodyParameters - String to string map of custom parameters added to the body of the /token call
|
|
27
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
29
28
|
* - storeInCache - Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
|
|
30
29
|
* - scenarioId - Scenario id to track custom user prompts
|
|
31
30
|
* - popKid - Key ID to identify the public key for PoP token request
|
|
32
31
|
* - embeddedClientId - Embedded client id. When specified, broker client id (brk_client_id) and redirect uri (brk_redirect_uri) params are set with values from the config, overriding the corresponding extra parameters, if present.
|
|
32
|
+
* - httpMethod - HTTP method to use for the /authorize request. Defaults to GET, but can be set to POST if the request requires body parameters
|
|
33
|
+
* - extraParameters - String to string map of custom parameters added to outgoing token service requests
|
|
33
34
|
*/
|
|
34
35
|
export type BaseAuthRequest = {
|
|
35
36
|
authority: string;
|
|
@@ -46,10 +47,11 @@ export type BaseAuthRequest = {
|
|
|
46
47
|
sshKid?: string;
|
|
47
48
|
azureCloudOptions?: AzureCloudOptions;
|
|
48
49
|
maxAge?: number;
|
|
49
|
-
tokenBodyParameters?: StringDict;
|
|
50
|
-
tokenQueryParameters?: StringDict;
|
|
51
50
|
storeInCache?: StoreInCache;
|
|
52
51
|
scenarioId?: string;
|
|
53
52
|
popKid?: string;
|
|
54
53
|
embeddedClientId?: string;
|
|
54
|
+
httpMethod?: HttpMethod;
|
|
55
|
+
extraQueryParameters?: StringDict;
|
|
56
|
+
extraParameters?: StringDict;
|
|
55
57
|
};
|
|
@@ -19,7 +19,8 @@ import { CcsCredential } from "../account/CcsCredential.js";
|
|
|
19
19
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
20
20
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
21
21
|
* - enableSpaAuthCode - Enables the acqusition of a spa authorization code (confidential clients only)
|
|
22
|
-
* -
|
|
22
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
23
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
23
24
|
*/
|
|
24
25
|
export type CommonAuthorizationCodeRequest = BaseAuthRequest & {
|
|
25
26
|
code: string;
|
|
@@ -4,7 +4,6 @@
|
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
6
|
import { ResponseMode } from "../utils/Constants.js";
|
|
7
|
-
import { StringDict } from "../utils/MsalTypes.js";
|
|
8
7
|
import { BaseAuthRequest } from "./BaseAuthRequest.js";
|
|
9
8
|
import { AccountInfo } from "../account/AccountInfo.js";
|
|
10
9
|
|
|
@@ -32,8 +31,8 @@ import { AccountInfo } from "../account/AccountInfo.js";
|
|
|
32
31
|
* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
|
|
33
32
|
* - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens.
|
|
34
33
|
* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
|
|
35
|
-
* - extraQueryParameters - String to string map of custom query parameters added to
|
|
36
|
-
* -
|
|
34
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
35
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
37
36
|
* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
|
|
38
37
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
39
38
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
@@ -46,7 +45,6 @@ export type CommonAuthorizationUrlRequest = BaseAuthRequest & {
|
|
|
46
45
|
codeChallenge?: string;
|
|
47
46
|
codeChallengeMethod?: string;
|
|
48
47
|
domainHint?: string;
|
|
49
|
-
extraQueryParameters?: StringDict;
|
|
50
48
|
extraScopesToConsent?: Array<string>;
|
|
51
49
|
loginHint?: string;
|
|
52
50
|
nonce: string;
|
|
@@ -16,7 +16,8 @@ import { CcsCredential } from "../account/CcsCredential.js";
|
|
|
16
16
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
17
17
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
18
18
|
* - forceCache - Force MSAL to cache a refresh token flow response when there is no account in the cache. Used for migration scenarios.
|
|
19
|
-
* -
|
|
19
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
21
|
*/
|
|
21
22
|
export type CommonRefreshTokenRequest = BaseAuthRequest & {
|
|
22
23
|
refreshToken: string;
|
|
@@ -16,7 +16,8 @@ import { BaseAuthRequest } from "./BaseAuthRequest.js";
|
|
|
16
16
|
* - forceRefresh - Forces silent requests to make network calls if true.
|
|
17
17
|
* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
18
18
|
* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
|
|
19
|
-
* -
|
|
19
|
+
* - extraQueryParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
|
+
* - extraParameters - String to string map of custom query parameters added to outgoing token service requests
|
|
20
21
|
*/
|
|
21
22
|
export type CommonSilentFlowRequest = BaseAuthRequest & {
|
|
22
23
|
/** Account object to lookup the credentials */
|
|
@@ -455,14 +455,14 @@ export function addInstanceAware(parameters: Map<string, string>): void {
|
|
|
455
455
|
}
|
|
456
456
|
|
|
457
457
|
/**
|
|
458
|
-
*
|
|
459
|
-
* @param
|
|
458
|
+
* Add extraParameters
|
|
459
|
+
* @param extraParams - String dictionary containing extra parameters to be added.
|
|
460
460
|
*/
|
|
461
|
-
export function
|
|
461
|
+
export function addExtraParameters(
|
|
462
462
|
parameters: Map<string, string>,
|
|
463
|
-
|
|
463
|
+
extraParams: StringDict
|
|
464
464
|
): void {
|
|
465
|
-
Object.entries(
|
|
465
|
+
Object.entries(extraParams).forEach(([key, value]) => {
|
|
466
466
|
if (!parameters.has(key) && value) {
|
|
467
467
|
parameters.set(key, value);
|
|
468
468
|
}
|
|
@@ -24,7 +24,7 @@ import {
|
|
|
24
24
|
} from "../error/InteractionRequiredAuthError.js";
|
|
25
25
|
import { CacheRecord } from "../cache/entities/CacheRecord.js";
|
|
26
26
|
import { CacheManager } from "../cache/CacheManager.js";
|
|
27
|
-
import
|
|
27
|
+
import * as ProtocolUtils from "../utils/ProtocolUtils.js";
|
|
28
28
|
import * as Constants from "../utils/Constants.js";
|
|
29
29
|
import { PopTokenGenerator } from "../crypto/PopTokenGenerator.js";
|
|
30
30
|
import { AppMetadataEntity } from "../cache/entities/AppMetadataEntity.js";
|
|
@@ -33,7 +33,11 @@ import { TokenCacheContext } from "../cache/persistence/TokenCacheContext.js";
|
|
|
33
33
|
import { ISerializableTokenCache } from "../cache/interface/ISerializableTokenCache.js";
|
|
34
34
|
import { AuthorizationCodePayload } from "./AuthorizationCodePayload.js";
|
|
35
35
|
import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
|
|
36
|
-
import {
|
|
36
|
+
import {
|
|
37
|
+
checkMaxAge,
|
|
38
|
+
extractTokenClaims,
|
|
39
|
+
isKmsi,
|
|
40
|
+
} from "../account/AuthToken.js";
|
|
37
41
|
import {
|
|
38
42
|
TokenClaims,
|
|
39
43
|
getTenantIdFromIdTokenClaims,
|
|
@@ -47,6 +51,7 @@ import * as CacheHelpers from "../cache/utils/CacheHelpers.js";
|
|
|
47
51
|
import * as TimeUtils from "../utils/TimeUtils.js";
|
|
48
52
|
import * as AccountEntityUtils from "../cache/utils/AccountEntityUtils.js";
|
|
49
53
|
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
54
|
+
import { RequestStateObject } from "../utils/StateTypes.js";
|
|
50
55
|
|
|
51
56
|
/**
|
|
52
57
|
* Class that handles response parsing.
|
|
@@ -234,7 +239,7 @@ export class ResponseHandler {
|
|
|
234
239
|
let requestStateObj: RequestStateObject | undefined;
|
|
235
240
|
if (!!authCodePayload && !!authCodePayload.state) {
|
|
236
241
|
requestStateObj = ProtocolUtils.parseRequestState(
|
|
237
|
-
this.cryptoObj,
|
|
242
|
+
this.cryptoObj.base64Decode,
|
|
238
243
|
authCodePayload.state
|
|
239
244
|
);
|
|
240
245
|
}
|
|
@@ -305,6 +310,7 @@ export class ResponseHandler {
|
|
|
305
310
|
await this.cacheStorage.saveCacheRecord(
|
|
306
311
|
cacheRecord,
|
|
307
312
|
request.correlationId,
|
|
313
|
+
isKmsi(idTokenClaims || {}),
|
|
308
314
|
request.storeInCache
|
|
309
315
|
);
|
|
310
316
|
} finally {
|
|
@@ -4,13 +4,15 @@
|
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
6
|
import { PerformanceEvent } from "./PerformanceEvent.js";
|
|
7
|
+
import { AccountInfo } from "../../account/AccountInfo.js";
|
|
7
8
|
|
|
8
9
|
export type PerformanceCallbackFunction = (events: PerformanceEvent[]) => void;
|
|
9
10
|
|
|
10
11
|
export type InProgressPerformanceEvent = {
|
|
11
12
|
end: (
|
|
12
13
|
event?: Partial<PerformanceEvent>,
|
|
13
|
-
error?: unknown
|
|
14
|
+
error?: unknown,
|
|
15
|
+
account?: AccountInfo
|
|
14
16
|
) => PerformanceEvent | null;
|
|
15
17
|
discard: () => void;
|
|
16
18
|
add: (fields: { [key: string]: {} | undefined }) => void;
|