@azure/msal-common 16.0.0-alpha.0 → 16.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +3 -0
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.d.ts +6 -0
- package/dist/account/AuthToken.d.ts.map +1 -1
- package/dist/account/AuthToken.mjs +21 -2
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.d.ts +5 -1
- package/dist/account/ClientInfo.d.ts.map +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.d.ts +4 -0
- package/dist/account/TokenClaims.d.ts.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.d.ts.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +27 -24
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.d.ts +5 -5
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +8 -8
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/entities/AccountEntity.d.ts +2 -1
- package/dist/cache/entities/AccountEntity.d.ts.map +1 -1
- package/dist/cache/interface/ICacheManager.d.ts +5 -5
- package/dist/cache/interface/ICacheManager.d.ts.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +9 -29
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +22 -3
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +51 -19
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts +16 -3
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +41 -18
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.d.ts +16 -3
- package/dist/client/SilentFlowClient.d.ts.map +1 -1
- package/dist/client/SilentFlowClient.mjs +21 -4
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.d.ts +5 -0
- package/dist/error/AuthError.d.ts.map +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +1 -0
- package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +4 -3
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +4 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/PlatformBrokerError.d.ts +16 -0
- package/dist/error/PlatformBrokerError.d.ts.map +1 -0
- package/dist/error/PlatformBrokerError.mjs +49 -0
- package/dist/error/PlatformBrokerError.mjs.map +1 -0
- package/dist/error/ServerError.mjs +1 -1
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/exports-common.d.ts +4 -2
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/exports-node-only.d.ts +1 -0
- package/dist/exports-node-only.d.ts.map +1 -1
- package/dist/index-node.mjs +7 -4
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +7 -4
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.d.ts +24 -0
- package/dist/logger/Logger.d.ts.map +1 -1
- package/dist/logger/Logger.mjs +92 -4
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +2 -2
- package/dist/network/RequestThumbprint.mjs.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.d.ts +40 -0
- package/dist/protocol/Token.d.ts.map +1 -0
- package/dist/protocol/Token.mjs +129 -0
- package/dist/protocol/Token.mjs.map +1 -0
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.d.ts +67 -22
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +18 -12
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +48 -29
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/CommonEndSessionRequest.d.ts +21 -7
- package/dist/request/CommonEndSessionRequest.d.ts.map +1 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +12 -9
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +12 -13
- package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +3 -3
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +6 -6
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/ResponseHandler.d.ts +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +6 -5
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +30 -16
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +6 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +3 -2
- package/dist/telemetry/performance/PerformanceEvents.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.d.ts +5 -0
- package/dist/utils/Constants.d.ts.map +1 -1
- package/dist/utils/Constants.mjs +6 -2
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.d.ts +14 -35
- package/dist/utils/ProtocolUtils.d.ts.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +56 -60
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StateTypes.d.ts +15 -0
- package/dist/utils/StateTypes.d.ts.map +1 -0
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +31 -17
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-FrCFfFuh.js → index-node-Dwr2_mSO.js} +2437 -2242
- package/lib/index-node-Dwr2_mSO.js.map +1 -0
- package/lib/index-node.cjs +5 -3
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +5 -3
- package/lib/index.cjs.map +1 -1
- package/lib/types/account/AccountInfo.d.ts +3 -0
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/account/AuthToken.d.ts +6 -0
- package/lib/types/account/AuthToken.d.ts.map +1 -1
- package/lib/types/account/ClientInfo.d.ts +5 -1
- package/lib/types/account/ClientInfo.d.ts.map +1 -1
- package/lib/types/account/TokenClaims.d.ts +4 -0
- package/lib/types/account/TokenClaims.d.ts.map +1 -1
- package/lib/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +5 -5
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +2 -1
- package/lib/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +5 -5
- package/lib/types/cache/interface/ICacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +0 -7
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +22 -3
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts +16 -3
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/client/SilentFlowClient.d.ts +16 -3
- package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
- package/lib/types/error/AuthError.d.ts +5 -0
- package/lib/types/error/AuthError.d.ts.map +1 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/lib/types/error/PlatformBrokerError.d.ts +16 -0
- package/lib/types/error/PlatformBrokerError.d.ts.map +1 -0
- package/lib/types/exports-common.d.ts +4 -2
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/exports-node-only.d.ts +1 -0
- package/lib/types/exports-node-only.d.ts.map +1 -1
- package/lib/types/logger/Logger.d.ts +24 -0
- package/lib/types/logger/Logger.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/protocol/Token.d.ts +40 -0
- package/lib/types/protocol/Token.d.ts.map +1 -0
- package/lib/types/request/BaseAuthRequest.d.ts +67 -22
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +18 -12
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +48 -29
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/CommonEndSessionRequest.d.ts +21 -7
- package/lib/types/request/CommonEndSessionRequest.d.ts.map +1 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +12 -9
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +12 -13
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +3 -3
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +2 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +4 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +6 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +1 -0
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +1 -1
- package/lib/types/utils/Constants.d.ts +5 -0
- package/lib/types/utils/Constants.d.ts.map +1 -1
- package/lib/types/utils/ProtocolUtils.d.ts +14 -35
- package/lib/types/utils/ProtocolUtils.d.ts.map +1 -1
- package/lib/types/utils/StateTypes.d.ts +15 -0
- package/lib/types/utils/StateTypes.d.ts.map +1 -0
- package/package.json +123 -120
- package/src/account/AccountInfo.ts +5 -0
- package/src/account/AuthToken.ts +22 -0
- package/src/account/ClientInfo.ts +5 -1
- package/src/account/TokenClaims.ts +4 -0
- package/src/authority/AuthorityMetadata.ts +33 -35
- package/src/cache/CacheManager.ts +19 -10
- package/src/cache/entities/AccountEntity.ts +2 -1
- package/src/cache/interface/ICacheManager.ts +12 -4
- package/src/cache/utils/AccountEntityUtils.ts +8 -37
- package/src/client/AuthorizationCodeClient.ts +128 -19
- package/src/client/RefreshTokenClient.ts +101 -29
- package/src/client/SilentFlowClient.ts +63 -5
- package/src/error/AuthError.ts +6 -0
- package/src/error/ClientAuthErrorCodes.ts +1 -0
- package/src/error/ClientConfigurationErrorCodes.ts +1 -0
- package/src/error/PlatformBrokerError.ts +67 -0
- package/src/exports-common.ts +5 -6
- package/src/exports-node-only.ts +4 -0
- package/src/logger/Logger.ts +150 -2
- package/src/network/RequestThumbprint.ts +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Token.ts +230 -0
- package/src/request/BaseAuthRequest.ts +67 -22
- package/src/request/CommonAuthorizationCodeRequest.ts +18 -12
- package/src/request/CommonAuthorizationUrlRequest.ts +48 -29
- package/src/request/CommonEndSessionRequest.ts +21 -7
- package/src/request/CommonRefreshTokenRequest.ts +12 -9
- package/src/request/CommonSilentFlowRequest.ts +12 -13
- package/src/request/RequestParameterBuilder.ts +5 -5
- package/src/response/ResponseHandler.ts +14 -3
- package/src/telemetry/performance/IPerformanceClient.ts +3 -1
- package/src/telemetry/performance/PerformanceClient.ts +39 -45
- package/src/telemetry/performance/PerformanceEvent.ts +10 -1
- package/src/telemetry/performance/PerformanceEvents.ts +1 -0
- package/src/utils/Constants.ts +6 -0
- package/src/utils/ProtocolUtils.ts +66 -92
- package/src/utils/StateTypes.ts +20 -0
- package/dist/client/BaseClient.d.ts +0 -59
- package/dist/client/BaseClient.d.ts.map +0 -1
- package/dist/client/BaseClient.mjs +0 -162
- package/dist/client/BaseClient.mjs.map +0 -1
- package/dist/index-browser.mjs +0 -75
- package/dist/index-browser.mjs.map +0 -1
- package/lib/index-node-FrCFfFuh.js.map +0 -1
- package/lib/types/client/BaseClient.d.ts +0 -59
- package/lib/types/client/BaseClient.d.ts.map +0 -1
- package/src/client/BaseClient.ts +0 -308
|
@@ -90,7 +90,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
90
90
|
*/
|
|
91
91
|
abstract setAccount(
|
|
92
92
|
account: AccountEntity,
|
|
93
|
-
correlationId: string
|
|
93
|
+
correlationId: string,
|
|
94
|
+
kmsi: boolean
|
|
94
95
|
): Promise<void>;
|
|
95
96
|
|
|
96
97
|
/**
|
|
@@ -109,7 +110,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
109
110
|
*/
|
|
110
111
|
abstract setIdTokenCredential(
|
|
111
112
|
idToken: IdTokenEntity,
|
|
112
|
-
correlationId: string
|
|
113
|
+
correlationId: string,
|
|
114
|
+
kmsi: boolean
|
|
113
115
|
): Promise<void>;
|
|
114
116
|
|
|
115
117
|
/**
|
|
@@ -128,7 +130,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
128
130
|
*/
|
|
129
131
|
abstract setAccessTokenCredential(
|
|
130
132
|
accessToken: AccessTokenEntity,
|
|
131
|
-
correlationId: string
|
|
133
|
+
correlationId: string,
|
|
134
|
+
kmsi: boolean
|
|
132
135
|
): Promise<void>;
|
|
133
136
|
|
|
134
137
|
/**
|
|
@@ -147,7 +150,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
147
150
|
*/
|
|
148
151
|
abstract setRefreshTokenCredential(
|
|
149
152
|
refreshToken: RefreshTokenEntity,
|
|
150
|
-
correlationId: string
|
|
153
|
+
correlationId: string,
|
|
154
|
+
kmsi: boolean
|
|
151
155
|
): Promise<void>;
|
|
152
156
|
|
|
153
157
|
/**
|
|
@@ -544,6 +548,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
544
548
|
async saveCacheRecord(
|
|
545
549
|
cacheRecord: CacheRecord,
|
|
546
550
|
correlationId: string,
|
|
551
|
+
kmsi: boolean,
|
|
547
552
|
storeInCache?: StoreInCache
|
|
548
553
|
): Promise<void> {
|
|
549
554
|
if (!cacheRecord) {
|
|
@@ -554,13 +559,14 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
554
559
|
|
|
555
560
|
try {
|
|
556
561
|
if (!!cacheRecord.account) {
|
|
557
|
-
await this.setAccount(cacheRecord.account, correlationId);
|
|
562
|
+
await this.setAccount(cacheRecord.account, correlationId, kmsi);
|
|
558
563
|
}
|
|
559
564
|
|
|
560
565
|
if (!!cacheRecord.idToken && storeInCache?.idToken !== false) {
|
|
561
566
|
await this.setIdTokenCredential(
|
|
562
567
|
cacheRecord.idToken,
|
|
563
|
-
correlationId
|
|
568
|
+
correlationId,
|
|
569
|
+
kmsi
|
|
564
570
|
);
|
|
565
571
|
}
|
|
566
572
|
|
|
@@ -570,7 +576,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
570
576
|
) {
|
|
571
577
|
await this.saveAccessToken(
|
|
572
578
|
cacheRecord.accessToken,
|
|
573
|
-
correlationId
|
|
579
|
+
correlationId,
|
|
580
|
+
kmsi
|
|
574
581
|
);
|
|
575
582
|
}
|
|
576
583
|
|
|
@@ -580,7 +587,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
580
587
|
) {
|
|
581
588
|
await this.setRefreshTokenCredential(
|
|
582
589
|
cacheRecord.refreshToken,
|
|
583
|
-
correlationId
|
|
590
|
+
correlationId,
|
|
591
|
+
kmsi
|
|
584
592
|
);
|
|
585
593
|
}
|
|
586
594
|
|
|
@@ -606,7 +614,8 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
606
614
|
*/
|
|
607
615
|
private async saveAccessToken(
|
|
608
616
|
credential: AccessTokenEntity,
|
|
609
|
-
correlationId: string
|
|
617
|
+
correlationId: string,
|
|
618
|
+
kmsi: boolean
|
|
610
619
|
): Promise<void> {
|
|
611
620
|
const accessTokenFilter: CredentialFilter = {
|
|
612
621
|
clientId: credential.clientId,
|
|
@@ -646,7 +655,7 @@ export abstract class CacheManager implements ICacheManager {
|
|
|
646
655
|
}
|
|
647
656
|
}
|
|
648
657
|
});
|
|
649
|
-
await this.setAccessTokenCredential(credential, correlationId);
|
|
658
|
+
await this.setAccessTokenCredential(credential, correlationId, kmsi);
|
|
650
659
|
}
|
|
651
660
|
|
|
652
661
|
/**
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import { TenantProfile } from "../../account/AccountInfo.js";
|
|
6
|
+
import { TenantProfile, DataBoundary } from "../../account/AccountInfo.js";
|
|
7
7
|
|
|
8
8
|
/**
|
|
9
9
|
* Type that defines required and optional parameters for an Account field (based on universal cache schema implemented by all MSALs).
|
|
@@ -46,4 +46,5 @@ export type AccountEntity = {
|
|
|
46
46
|
tenantProfiles?: Array<TenantProfile>;
|
|
47
47
|
/** Timestamp when the entry was last updated */
|
|
48
48
|
lastUpdatedAt: string;
|
|
49
|
+
dataBoundary?: DataBoundary;
|
|
49
50
|
};
|
|
@@ -29,7 +29,11 @@ export interface ICacheManager {
|
|
|
29
29
|
* @param account
|
|
30
30
|
* @param correlationId
|
|
31
31
|
*/
|
|
32
|
-
setAccount(
|
|
32
|
+
setAccount(
|
|
33
|
+
account: AccountEntity,
|
|
34
|
+
correlationId: string,
|
|
35
|
+
kmsi: boolean
|
|
36
|
+
): Promise<void>;
|
|
33
37
|
|
|
34
38
|
/**
|
|
35
39
|
* fetch the idToken entity from the platform cache
|
|
@@ -48,7 +52,8 @@ export interface ICacheManager {
|
|
|
48
52
|
*/
|
|
49
53
|
setIdTokenCredential(
|
|
50
54
|
idToken: IdTokenEntity,
|
|
51
|
-
correlationId: string
|
|
55
|
+
correlationId: string,
|
|
56
|
+
kmsi: boolean
|
|
52
57
|
): Promise<void>;
|
|
53
58
|
|
|
54
59
|
/**
|
|
@@ -68,7 +73,8 @@ export interface ICacheManager {
|
|
|
68
73
|
*/
|
|
69
74
|
setAccessTokenCredential(
|
|
70
75
|
accessToken: AccessTokenEntity,
|
|
71
|
-
correlationId: string
|
|
76
|
+
correlationId: string,
|
|
77
|
+
kmsi: boolean
|
|
72
78
|
): Promise<void>;
|
|
73
79
|
|
|
74
80
|
/**
|
|
@@ -88,7 +94,8 @@ export interface ICacheManager {
|
|
|
88
94
|
*/
|
|
89
95
|
setRefreshTokenCredential(
|
|
90
96
|
refreshToken: RefreshTokenEntity,
|
|
91
|
-
correlationId: string
|
|
97
|
+
correlationId: string,
|
|
98
|
+
kmsi: boolean
|
|
92
99
|
): Promise<void>;
|
|
93
100
|
|
|
94
101
|
/**
|
|
@@ -216,6 +223,7 @@ export interface ICacheManager {
|
|
|
216
223
|
saveCacheRecord(
|
|
217
224
|
cacheRecord: CacheRecord,
|
|
218
225
|
correlationId: string,
|
|
226
|
+
kmsi: boolean,
|
|
219
227
|
storeInCache?: StoreInCache
|
|
220
228
|
): Promise<void>;
|
|
221
229
|
|
|
@@ -11,6 +11,7 @@ import {
|
|
|
11
11
|
AccountInfo,
|
|
12
12
|
TenantProfile,
|
|
13
13
|
buildTenantProfile,
|
|
14
|
+
DataBoundary,
|
|
14
15
|
} from "../../account/AccountInfo.js";
|
|
15
16
|
import {
|
|
16
17
|
createClientAuthError,
|
|
@@ -56,6 +57,7 @@ export function getAccountInfo(accountEntity: AccountEntity): AccountInfo {
|
|
|
56
57
|
return [tenantProfile.tenantId, tenantProfile];
|
|
57
58
|
})
|
|
58
59
|
),
|
|
60
|
+
dataBoundary: accountEntity.dataBoundary,
|
|
59
61
|
};
|
|
60
62
|
}
|
|
61
63
|
|
|
@@ -94,9 +96,13 @@ export function createAccountEntity(
|
|
|
94
96
|
}
|
|
95
97
|
|
|
96
98
|
let clientInfo: ClientInfo | undefined;
|
|
99
|
+
let dataBoundary: DataBoundary | undefined;
|
|
97
100
|
|
|
98
101
|
if (accountDetails.clientInfo && base64Decode) {
|
|
99
102
|
clientInfo = buildClientInfo(accountDetails.clientInfo, base64Decode);
|
|
103
|
+
if (clientInfo.xms_tdbr) {
|
|
104
|
+
dataBoundary = clientInfo.xms_tdbr === "EU" ? "EU" : "None";
|
|
105
|
+
}
|
|
100
106
|
}
|
|
101
107
|
|
|
102
108
|
const env =
|
|
@@ -164,6 +170,7 @@ export function createAccountEntity(
|
|
|
164
170
|
msGraphHost: accountDetails.msGraphHost,
|
|
165
171
|
nativeAccountId: accountDetails.nativeAccountId,
|
|
166
172
|
tenantProfiles: tenantProfiles,
|
|
173
|
+
dataBoundary,
|
|
167
174
|
} as AccountEntity;
|
|
168
175
|
}
|
|
169
176
|
|
|
@@ -193,6 +200,7 @@ export function createAccountEntityFromAccountInfo(
|
|
|
193
200
|
cloudGraphHostName: cloudGraphHostName,
|
|
194
201
|
msGraphHost: msGraphHost,
|
|
195
202
|
tenantProfiles: Array.from(accountInfo.tenantProfiles?.values() || []),
|
|
203
|
+
dataBoundary: accountInfo.dataBoundary,
|
|
196
204
|
} as AccountEntity;
|
|
197
205
|
}
|
|
198
206
|
|
|
@@ -248,40 +256,3 @@ export function isAccountEntity(entity: object): entity is AccountEntity {
|
|
|
248
256
|
entity.hasOwnProperty("authorityType")
|
|
249
257
|
);
|
|
250
258
|
}
|
|
251
|
-
|
|
252
|
-
/**
|
|
253
|
-
* Helper function to determine whether 2 accountInfo objects represent the same account
|
|
254
|
-
* @param accountA
|
|
255
|
-
* @param accountB
|
|
256
|
-
* @param compareClaims - If set to true idTokenClaims will also be compared to determine account equality
|
|
257
|
-
*/
|
|
258
|
-
export function accountInfoIsEqual(
|
|
259
|
-
accountA: AccountInfo | null,
|
|
260
|
-
accountB: AccountInfo | null,
|
|
261
|
-
compareClaims?: boolean
|
|
262
|
-
): boolean {
|
|
263
|
-
if (!accountA || !accountB) {
|
|
264
|
-
return false;
|
|
265
|
-
}
|
|
266
|
-
|
|
267
|
-
let claimsMatch = true; // default to true so as to not fail comparison below if compareClaims: false
|
|
268
|
-
if (compareClaims) {
|
|
269
|
-
const accountAClaims = (accountA.idTokenClaims || {}) as TokenClaims;
|
|
270
|
-
const accountBClaims = (accountB.idTokenClaims || {}) as TokenClaims;
|
|
271
|
-
|
|
272
|
-
// issued at timestamp and nonce are expected to change each time a new id token is acquired
|
|
273
|
-
claimsMatch =
|
|
274
|
-
accountAClaims.iat === accountBClaims.iat &&
|
|
275
|
-
accountAClaims.nonce === accountBClaims.nonce;
|
|
276
|
-
}
|
|
277
|
-
|
|
278
|
-
return (
|
|
279
|
-
accountA.homeAccountId === accountB.homeAccountId &&
|
|
280
|
-
accountA.localAccountId === accountB.localAccountId &&
|
|
281
|
-
accountA.username === accountB.username &&
|
|
282
|
-
accountA.tenantId === accountB.tenantId &&
|
|
283
|
-
accountA.environment === accountB.environment &&
|
|
284
|
-
accountA.nativeAccountId === accountB.nativeAccountId &&
|
|
285
|
-
claimsMatch
|
|
286
|
-
);
|
|
287
|
-
}
|
|
@@ -3,7 +3,6 @@
|
|
|
3
3
|
* Licensed under the MIT License.
|
|
4
4
|
*/
|
|
5
5
|
|
|
6
|
-
import { BaseClient } from "./BaseClient.js";
|
|
7
6
|
import { CommonAuthorizationCodeRequest } from "../request/CommonAuthorizationCodeRequest.js";
|
|
8
7
|
import { Authority } from "../authority/Authority.js";
|
|
9
8
|
import * as RequestParameterBuilder from "../request/RequestParameterBuilder.js";
|
|
@@ -11,7 +10,9 @@ import * as UrlUtils from "../utils/UrlUtils.js";
|
|
|
11
10
|
import * as Constants from "../utils/Constants.js";
|
|
12
11
|
import * as AADServerParamKeys from "../constants/AADServerParamKeys.js";
|
|
13
12
|
import {
|
|
13
|
+
buildClientConfiguration,
|
|
14
14
|
ClientConfiguration,
|
|
15
|
+
CommonClientConfiguration,
|
|
15
16
|
isOidcProtocolMode,
|
|
16
17
|
} from "../config/ClientConfiguration.js";
|
|
17
18
|
import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse.js";
|
|
@@ -43,21 +44,79 @@ import { invokeAsync } from "../utils/FunctionWrappers.js";
|
|
|
43
44
|
import { ClientAssertion } from "../account/ClientCredentials.js";
|
|
44
45
|
import { getClientAssertion } from "../utils/ClientAssertionUtils.js";
|
|
45
46
|
import { getRequestThumbprint } from "../network/RequestThumbprint.js";
|
|
47
|
+
import {
|
|
48
|
+
createTokenQueryParameters,
|
|
49
|
+
createTokenRequestHeaders,
|
|
50
|
+
executePostToTokenEndpoint,
|
|
51
|
+
} from "../protocol/Token.js";
|
|
52
|
+
import { createDiscoveredInstance } from "../authority/AuthorityFactory.js";
|
|
53
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
54
|
+
import { Logger } from "../logger/Logger.js";
|
|
55
|
+
import { ICrypto } from "../crypto/ICrypto.js";
|
|
56
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
57
|
+
import { INetworkModule } from "../network/INetworkModule.js";
|
|
58
|
+
import { version, name } from "../packageMetadata.js";
|
|
46
59
|
|
|
47
60
|
/**
|
|
48
61
|
* Oauth2.0 Authorization Code client
|
|
49
62
|
* @internal
|
|
50
63
|
*/
|
|
51
|
-
export class AuthorizationCodeClient
|
|
64
|
+
export class AuthorizationCodeClient {
|
|
52
65
|
// Flag to indicate if client is for hybrid spa auth code redemption
|
|
53
66
|
protected includeRedirectUri: boolean = true;
|
|
54
67
|
private oidcDefaultScopes;
|
|
55
68
|
|
|
69
|
+
// Logger object
|
|
70
|
+
public logger: Logger;
|
|
71
|
+
|
|
72
|
+
// Application config
|
|
73
|
+
protected config: CommonClientConfiguration;
|
|
74
|
+
|
|
75
|
+
// Crypto Interface
|
|
76
|
+
protected cryptoUtils: ICrypto;
|
|
77
|
+
|
|
78
|
+
// Storage Interface
|
|
79
|
+
protected cacheManager: CacheManager;
|
|
80
|
+
|
|
81
|
+
// Network Interface
|
|
82
|
+
protected networkClient: INetworkModule;
|
|
83
|
+
|
|
84
|
+
// Server Telemetry Manager
|
|
85
|
+
protected serverTelemetryManager: ServerTelemetryManager | null;
|
|
86
|
+
|
|
87
|
+
// Default authority object
|
|
88
|
+
public authority: Authority;
|
|
89
|
+
|
|
90
|
+
// Performance telemetry client
|
|
91
|
+
protected performanceClient: IPerformanceClient;
|
|
92
|
+
|
|
56
93
|
constructor(
|
|
57
94
|
configuration: ClientConfiguration,
|
|
58
95
|
performanceClient: IPerformanceClient
|
|
59
96
|
) {
|
|
60
|
-
|
|
97
|
+
// Set the configuration
|
|
98
|
+
this.config = buildClientConfiguration(configuration);
|
|
99
|
+
|
|
100
|
+
// Initialize the logger
|
|
101
|
+
this.logger = new Logger(this.config.loggerOptions, name, version);
|
|
102
|
+
|
|
103
|
+
// Initialize crypto
|
|
104
|
+
this.cryptoUtils = this.config.cryptoInterface;
|
|
105
|
+
|
|
106
|
+
// Initialize storage interface
|
|
107
|
+
this.cacheManager = this.config.storageInterface;
|
|
108
|
+
|
|
109
|
+
// Set the network interface
|
|
110
|
+
this.networkClient = this.config.networkInterface;
|
|
111
|
+
|
|
112
|
+
// Set TelemetryManager
|
|
113
|
+
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
114
|
+
|
|
115
|
+
// set Authority
|
|
116
|
+
this.authority = this.config.authOptions.authority;
|
|
117
|
+
|
|
118
|
+
// set performance telemetry client
|
|
119
|
+
this.performanceClient = performanceClient;
|
|
61
120
|
this.oidcDefaultScopes =
|
|
62
121
|
this.config.authOptions.authority.options.OIDCOptions?.defaultScopes;
|
|
63
122
|
}
|
|
@@ -77,6 +136,17 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
77
136
|
);
|
|
78
137
|
}
|
|
79
138
|
|
|
139
|
+
// Check for new cloud instance
|
|
140
|
+
if (authCodePayload && authCodePayload.cloud_instance_host_name) {
|
|
141
|
+
await invokeAsync(
|
|
142
|
+
this.updateTokenEndpointAuthority.bind(this),
|
|
143
|
+
PerformanceEvents.UpdateTokenEndpointAuthority,
|
|
144
|
+
this.logger,
|
|
145
|
+
this.performanceClient,
|
|
146
|
+
request.correlationId
|
|
147
|
+
)(authCodePayload.cloud_instance_host_name, request.correlationId);
|
|
148
|
+
}
|
|
149
|
+
|
|
80
150
|
const reqTimestamp = TimeUtils.nowSeconds();
|
|
81
151
|
const response = await invokeAsync(
|
|
82
152
|
this.executeTokenRequest.bind(this),
|
|
@@ -84,7 +154,7 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
84
154
|
this.logger,
|
|
85
155
|
this.performanceClient,
|
|
86
156
|
request.correlationId
|
|
87
|
-
)(this.authority, request);
|
|
157
|
+
)(this.authority, request, this.serverTelemetryManager);
|
|
88
158
|
|
|
89
159
|
// Retrieve requestId from response headers
|
|
90
160
|
const requestId =
|
|
@@ -153,9 +223,15 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
153
223
|
*/
|
|
154
224
|
private async executeTokenRequest(
|
|
155
225
|
authority: Authority,
|
|
156
|
-
request: CommonAuthorizationCodeRequest
|
|
226
|
+
request: CommonAuthorizationCodeRequest,
|
|
227
|
+
serverTelemetryManager: ServerTelemetryManager | null
|
|
157
228
|
): Promise<NetworkResponse<ServerAuthorizationTokenResponse>> {
|
|
158
|
-
const queryParametersString =
|
|
229
|
+
const queryParametersString = createTokenQueryParameters(
|
|
230
|
+
request,
|
|
231
|
+
this.config.authOptions.clientId,
|
|
232
|
+
this.config.authOptions.redirectUri,
|
|
233
|
+
this.performanceClient
|
|
234
|
+
);
|
|
159
235
|
const endpoint = UrlString.appendQueryString(
|
|
160
236
|
authority.tokenEndpoint,
|
|
161
237
|
queryParametersString
|
|
@@ -187,7 +263,9 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
187
263
|
);
|
|
188
264
|
}
|
|
189
265
|
}
|
|
190
|
-
const headers: Record<string, string> =
|
|
266
|
+
const headers: Record<string, string> = createTokenRequestHeaders(
|
|
267
|
+
this.logger,
|
|
268
|
+
this.config.systemOptions.preventCorsPreflight,
|
|
191
269
|
ccsCredential || request.ccsCredential
|
|
192
270
|
);
|
|
193
271
|
|
|
@@ -197,12 +275,23 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
197
275
|
);
|
|
198
276
|
|
|
199
277
|
return invokeAsync(
|
|
200
|
-
|
|
278
|
+
executePostToTokenEndpoint,
|
|
201
279
|
PerformanceEvents.AuthorizationCodeClientExecutePostToTokenEndpoint,
|
|
202
280
|
this.logger,
|
|
203
281
|
this.performanceClient,
|
|
204
282
|
request.correlationId
|
|
205
|
-
)(
|
|
283
|
+
)(
|
|
284
|
+
endpoint,
|
|
285
|
+
requestBody,
|
|
286
|
+
headers,
|
|
287
|
+
thumbprint,
|
|
288
|
+
request.correlationId,
|
|
289
|
+
this.cacheManager,
|
|
290
|
+
this.networkClient,
|
|
291
|
+
this.logger,
|
|
292
|
+
this.performanceClient,
|
|
293
|
+
serverTelemetryManager
|
|
294
|
+
);
|
|
206
295
|
}
|
|
207
296
|
|
|
208
297
|
/**
|
|
@@ -217,7 +306,7 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
217
306
|
RequestParameterBuilder.addClientId(
|
|
218
307
|
parameters,
|
|
219
308
|
request.embeddedClientId ||
|
|
220
|
-
request.
|
|
309
|
+
request.extraParameters?.[AADServerParamKeys.CLIENT_ID] ||
|
|
221
310
|
this.config.authOptions.clientId
|
|
222
311
|
);
|
|
223
312
|
|
|
@@ -413,22 +502,20 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
413
502
|
);
|
|
414
503
|
}
|
|
415
504
|
|
|
416
|
-
if (request.
|
|
417
|
-
RequestParameterBuilder.
|
|
505
|
+
if (request.extraParameters) {
|
|
506
|
+
RequestParameterBuilder.addExtraParameters(
|
|
418
507
|
parameters,
|
|
419
|
-
request.
|
|
508
|
+
request.extraParameters
|
|
420
509
|
);
|
|
421
510
|
}
|
|
422
511
|
|
|
423
512
|
// Add hybrid spa parameters if not already provided
|
|
424
513
|
if (
|
|
425
514
|
request.enableSpaAuthorizationCode &&
|
|
426
|
-
(!request.
|
|
427
|
-
!request.
|
|
428
|
-
AADServerParamKeys.RETURN_SPA_CODE
|
|
429
|
-
])
|
|
515
|
+
(!request.extraParameters ||
|
|
516
|
+
!request.extraParameters[AADServerParamKeys.RETURN_SPA_CODE])
|
|
430
517
|
) {
|
|
431
|
-
RequestParameterBuilder.
|
|
518
|
+
RequestParameterBuilder.addExtraParameters(parameters, {
|
|
432
519
|
[AADServerParamKeys.RETURN_SPA_CODE]: "1",
|
|
433
520
|
});
|
|
434
521
|
}
|
|
@@ -483,7 +570,7 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
483
570
|
}
|
|
484
571
|
|
|
485
572
|
if (request.extraQueryParameters) {
|
|
486
|
-
RequestParameterBuilder.
|
|
573
|
+
RequestParameterBuilder.addExtraParameters(
|
|
487
574
|
parameters,
|
|
488
575
|
request.extraQueryParameters
|
|
489
576
|
);
|
|
@@ -495,4 +582,26 @@ export class AuthorizationCodeClient extends BaseClient {
|
|
|
495
582
|
|
|
496
583
|
return UrlUtils.mapToQueryString(parameters);
|
|
497
584
|
}
|
|
585
|
+
|
|
586
|
+
/**
|
|
587
|
+
* Updates the authority to the cloud instance provided in the authorization response
|
|
588
|
+
* @param cloudInstanceHostName - cloud instance host name from authorization code payload
|
|
589
|
+
* @param correlationId - request correlation id
|
|
590
|
+
*/
|
|
591
|
+
private async updateTokenEndpointAuthority(
|
|
592
|
+
cloudInstanceHostName: string,
|
|
593
|
+
correlationId: string
|
|
594
|
+
): Promise<void> {
|
|
595
|
+
const cloudInstanceAuthorityUri = `https://${cloudInstanceHostName}/${this.authority.tenant}/`;
|
|
596
|
+
const cloudInstanceAuthority = await createDiscoveredInstance(
|
|
597
|
+
cloudInstanceAuthorityUri,
|
|
598
|
+
this.networkClient,
|
|
599
|
+
this.cacheManager,
|
|
600
|
+
this.authority.options,
|
|
601
|
+
this.logger,
|
|
602
|
+
correlationId,
|
|
603
|
+
this.performanceClient
|
|
604
|
+
);
|
|
605
|
+
this.authority = cloudInstanceAuthority;
|
|
606
|
+
}
|
|
498
607
|
}
|