@azure/msal-common 16.0.0-beta.0 → 16.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (500) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.mjs +1 -1
  17. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  18. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  19. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  20. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  21. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  22. package/dist/client/RefreshTokenClient.mjs +11 -7
  23. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  24. package/dist/client/SilentFlowClient.mjs +1 -1
  25. package/dist/config/ClientConfiguration.mjs +1 -1
  26. package/dist/constants/AADServerParamKeys.mjs +1 -1
  27. package/dist/crypto/ICrypto.mjs +1 -1
  28. package/dist/crypto/JoseHeader.mjs +1 -1
  29. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  30. package/dist/error/AuthError.mjs +1 -1
  31. package/dist/error/AuthErrorCodes.mjs +1 -1
  32. package/dist/error/CacheError.mjs +1 -1
  33. package/dist/error/CacheErrorCodes.mjs +1 -1
  34. package/dist/error/ClientAuthError.mjs +1 -1
  35. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  36. package/dist/error/ClientConfigurationError.mjs +1 -1
  37. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  38. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  39. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  40. package/dist/error/JoseHeaderError.mjs +1 -1
  41. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  42. package/dist/error/NetworkError.mjs +1 -1
  43. package/dist/error/PlatformBrokerError.mjs +1 -1
  44. package/dist/error/ServerError.mjs +1 -1
  45. package/dist/index-node.mjs +1 -1
  46. package/dist/index.mjs +1 -1
  47. package/dist/logger/Logger.mjs +1 -1
  48. package/dist/network/INetworkModule.mjs +1 -1
  49. package/dist/network/RequestThumbprint.mjs +1 -1
  50. package/dist/network/ThrottlingUtils.mjs +1 -1
  51. package/dist/packageMetadata.d.ts +1 -1
  52. package/dist/packageMetadata.d.ts.map +1 -1
  53. package/dist/packageMetadata.mjs +2 -2
  54. package/dist/protocol/Authorize.mjs +1 -1
  55. package/dist/protocol/Token.mjs +1 -1
  56. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  57. package/dist/request/BaseAuthRequest.d.ts +63 -20
  58. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  59. package/dist/request/CommonAuthorizationCodeRequest.d.ts +18 -13
  60. package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  61. package/dist/request/CommonAuthorizationUrlRequest.d.ts +48 -27
  62. package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  63. package/dist/request/CommonEndSessionRequest.d.ts +21 -7
  64. package/dist/request/CommonEndSessionRequest.d.ts.map +1 -1
  65. package/dist/request/CommonRefreshTokenRequest.d.ts +12 -10
  66. package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  67. package/dist/request/CommonSilentFlowRequest.d.ts +12 -14
  68. package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
  69. package/dist/request/RequestParameterBuilder.mjs +1 -1
  70. package/dist/request/ScopeSet.mjs +1 -1
  71. package/dist/response/ResponseHandler.d.ts.map +1 -1
  72. package/dist/response/ResponseHandler.mjs +2 -1
  73. package/dist/response/ResponseHandler.mjs.map +1 -1
  74. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  75. package/dist/telemetry/performance/PerformanceEvent.d.ts +3 -1
  76. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  77. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  78. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  79. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  80. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  81. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  82. package/dist/url/UrlString.mjs +1 -1
  83. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  84. package/dist/utils/Constants.mjs +1 -1
  85. package/dist/utils/FunctionWrappers.mjs +1 -1
  86. package/dist/utils/ProtocolUtils.mjs +1 -1
  87. package/dist/utils/StringUtils.mjs +1 -1
  88. package/dist/utils/TimeUtils.mjs +1 -1
  89. package/dist/utils/UrlUtils.mjs +1 -1
  90. package/dist-browser/account/AccountInfo.d.ts +71 -0
  91. package/dist-browser/account/AccountInfo.d.ts.map +1 -0
  92. package/dist-browser/account/AccountInfo.mjs +85 -0
  93. package/dist-browser/account/AccountInfo.mjs.map +1 -0
  94. package/dist-browser/account/AuthToken.d.ts +24 -0
  95. package/dist-browser/account/AuthToken.d.ts.map +1 -0
  96. package/dist-browser/account/AuthToken.mjs +85 -0
  97. package/dist-browser/account/AuthToken.mjs.map +1 -0
  98. package/dist-browser/account/CcsCredential.d.ts +10 -0
  99. package/dist-browser/account/CcsCredential.d.ts.map +1 -0
  100. package/dist-browser/account/CcsCredential.mjs +13 -0
  101. package/dist-browser/account/CcsCredential.mjs.map +1 -0
  102. package/dist-browser/account/ClientCredentials.d.ts +20 -0
  103. package/dist-browser/account/ClientCredentials.d.ts.map +1 -0
  104. package/dist-browser/account/ClientInfo.d.ts +23 -0
  105. package/dist-browser/account/ClientInfo.d.ts.map +1 -0
  106. package/dist-browser/account/ClientInfo.mjs +44 -0
  107. package/dist-browser/account/ClientInfo.mjs.map +1 -0
  108. package/dist-browser/account/TokenClaims.d.ts +88 -0
  109. package/dist-browser/account/TokenClaims.d.ts.map +1 -0
  110. package/dist-browser/account/TokenClaims.mjs +25 -0
  111. package/dist-browser/account/TokenClaims.mjs.map +1 -0
  112. package/dist-browser/authority/Authority.d.ts +255 -0
  113. package/dist-browser/authority/Authority.d.ts.map +1 -0
  114. package/dist-browser/authority/Authority.mjs +841 -0
  115. package/dist-browser/authority/Authority.mjs.map +1 -0
  116. package/dist-browser/authority/AuthorityFactory.d.ts +23 -0
  117. package/dist-browser/authority/AuthorityFactory.d.ts.map +1 -0
  118. package/dist-browser/authority/AuthorityFactory.mjs +42 -0
  119. package/dist-browser/authority/AuthorityFactory.mjs.map +1 -0
  120. package/dist-browser/authority/AuthorityMetadata.d.ts +44 -0
  121. package/dist-browser/authority/AuthorityMetadata.d.ts.map +1 -0
  122. package/dist-browser/authority/AuthorityMetadata.mjs +146 -0
  123. package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -0
  124. package/dist-browser/authority/AuthorityOptions.d.ts +27 -0
  125. package/dist-browser/authority/AuthorityOptions.d.ts.map +1 -0
  126. package/dist-browser/authority/AuthorityOptions.mjs +23 -0
  127. package/dist-browser/authority/AuthorityOptions.mjs.map +1 -0
  128. package/dist-browser/authority/AuthorityType.d.ts +11 -0
  129. package/dist-browser/authority/AuthorityType.d.ts.map +1 -0
  130. package/dist-browser/authority/AuthorityType.mjs +18 -0
  131. package/dist-browser/authority/AuthorityType.mjs.map +1 -0
  132. package/dist-browser/authority/AzureRegion.d.ts +2 -0
  133. package/dist-browser/authority/AzureRegion.d.ts.map +1 -0
  134. package/dist-browser/authority/AzureRegionConfiguration.d.ts +6 -0
  135. package/dist-browser/authority/AzureRegionConfiguration.d.ts.map +1 -0
  136. package/dist-browser/authority/CloudDiscoveryMetadata.d.ts +6 -0
  137. package/dist-browser/authority/CloudDiscoveryMetadata.d.ts.map +1 -0
  138. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts +14 -0
  139. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +1 -0
  140. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +13 -0
  141. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs.map +1 -0
  142. package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts +10 -0
  143. package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts.map +1 -0
  144. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +13 -0
  145. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs.map +1 -0
  146. package/dist-browser/authority/ImdsOptions.d.ts +6 -0
  147. package/dist-browser/authority/ImdsOptions.d.ts.map +1 -0
  148. package/dist-browser/authority/OIDCOptions.d.ts +9 -0
  149. package/dist-browser/authority/OIDCOptions.d.ts.map +1 -0
  150. package/dist-browser/authority/OpenIdConfigResponse.d.ts +12 -0
  151. package/dist-browser/authority/OpenIdConfigResponse.d.ts.map +1 -0
  152. package/dist-browser/authority/OpenIdConfigResponse.mjs +15 -0
  153. package/dist-browser/authority/OpenIdConfigResponse.mjs.map +1 -0
  154. package/dist-browser/authority/ProtocolMode.d.ts +20 -0
  155. package/dist-browser/authority/ProtocolMode.d.ts.map +1 -0
  156. package/dist-browser/authority/ProtocolMode.mjs +27 -0
  157. package/dist-browser/authority/ProtocolMode.mjs.map +1 -0
  158. package/dist-browser/authority/RegionDiscovery.d.ts +33 -0
  159. package/dist-browser/authority/RegionDiscovery.d.ts.map +1 -0
  160. package/dist-browser/authority/RegionDiscovery.mjs +111 -0
  161. package/dist-browser/authority/RegionDiscovery.mjs.map +1 -0
  162. package/dist-browser/authority/RegionDiscoveryMetadata.d.ts +7 -0
  163. package/dist-browser/authority/RegionDiscoveryMetadata.d.ts.map +1 -0
  164. package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts +17 -0
  165. package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -0
  166. package/dist-browser/cache/CacheManager.d.ts +478 -0
  167. package/dist-browser/cache/CacheManager.d.ts.map +1 -0
  168. package/dist-browser/cache/CacheManager.mjs +1111 -0
  169. package/dist-browser/cache/CacheManager.mjs.map +1 -0
  170. package/dist-browser/cache/entities/AccessTokenEntity.d.ts +22 -0
  171. package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -0
  172. package/dist-browser/cache/entities/AccountEntity.d.ts +45 -0
  173. package/dist-browser/cache/entities/AccountEntity.d.ts.map +1 -0
  174. package/dist-browser/cache/entities/AppMetadataEntity.d.ts +12 -0
  175. package/dist-browser/cache/entities/AppMetadataEntity.d.ts.map +1 -0
  176. package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts +16 -0
  177. package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts.map +1 -0
  178. package/dist-browser/cache/entities/CacheRecord.d.ts +14 -0
  179. package/dist-browser/cache/entities/CacheRecord.d.ts.map +1 -0
  180. package/dist-browser/cache/entities/CredentialEntity.d.ts +31 -0
  181. package/dist-browser/cache/entities/CredentialEntity.d.ts.map +1 -0
  182. package/dist-browser/cache/entities/IdTokenEntity.d.ts +9 -0
  183. package/dist-browser/cache/entities/IdTokenEntity.d.ts.map +1 -0
  184. package/dist-browser/cache/entities/RefreshTokenEntity.d.ts +8 -0
  185. package/dist-browser/cache/entities/RefreshTokenEntity.d.ts.map +1 -0
  186. package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts +7 -0
  187. package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts.map +1 -0
  188. package/dist-browser/cache/entities/ThrottlingEntity.d.ts +8 -0
  189. package/dist-browser/cache/entities/ThrottlingEntity.d.ts.map +1 -0
  190. package/dist-browser/cache/interface/ICacheManager.d.ts +188 -0
  191. package/dist-browser/cache/interface/ICacheManager.d.ts.map +1 -0
  192. package/dist-browser/cache/interface/ICachePlugin.d.ts +6 -0
  193. package/dist-browser/cache/interface/ICachePlugin.d.ts.map +1 -0
  194. package/dist-browser/cache/interface/ISerializableTokenCache.d.ts +5 -0
  195. package/dist-browser/cache/interface/ISerializableTokenCache.d.ts.map +1 -0
  196. package/dist-browser/cache/persistence/TokenCacheContext.d.ts +24 -0
  197. package/dist-browser/cache/persistence/TokenCacheContext.d.ts.map +1 -0
  198. package/dist-browser/cache/persistence/TokenCacheContext.mjs +30 -0
  199. package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -0
  200. package/dist-browser/cache/utils/AccountEntityUtils.d.ts +53 -0
  201. package/dist-browser/cache/utils/AccountEntityUtils.d.ts.map +1 -0
  202. package/dist-browser/cache/utils/AccountEntityUtils.mjs +192 -0
  203. package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -0
  204. package/dist-browser/cache/utils/CacheHelpers.d.ts +86 -0
  205. package/dist-browser/cache/utils/CacheHelpers.d.ts.map +1 -0
  206. package/dist-browser/cache/utils/CacheHelpers.mjs +267 -0
  207. package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -0
  208. package/dist-browser/cache/utils/CacheTypes.d.ts +69 -0
  209. package/dist-browser/cache/utils/CacheTypes.d.ts.map +1 -0
  210. package/dist-browser/client/AuthorizationCodeClient.d.ts +64 -0
  211. package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -0
  212. package/dist-browser/client/AuthorizationCodeClient.mjs +287 -0
  213. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -0
  214. package/dist-browser/client/RefreshTokenClient.d.ts +49 -0
  215. package/dist-browser/client/RefreshTokenClient.d.ts.map +1 -0
  216. package/dist-browser/client/RefreshTokenClient.mjs +254 -0
  217. package/dist-browser/client/RefreshTokenClient.mjs.map +1 -0
  218. package/dist-browser/client/SilentFlowClient.d.ts +35 -0
  219. package/dist-browser/client/SilentFlowClient.d.ts.map +1 -0
  220. package/dist-browser/client/SilentFlowClient.mjs +125 -0
  221. package/dist-browser/client/SilentFlowClient.mjs.map +1 -0
  222. package/dist-browser/config/AppTokenProvider.d.ts +39 -0
  223. package/dist-browser/config/AppTokenProvider.d.ts.map +1 -0
  224. package/dist-browser/config/ClientConfiguration.d.ts +143 -0
  225. package/dist-browser/config/ClientConfiguration.d.ts.map +1 -0
  226. package/dist-browser/config/ClientConfiguration.mjs +107 -0
  227. package/dist-browser/config/ClientConfiguration.mjs.map +1 -0
  228. package/dist-browser/constants/AADServerParamKeys.d.ts +59 -0
  229. package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -0
  230. package/dist-browser/constants/AADServerParamKeys.mjs +67 -0
  231. package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -0
  232. package/dist-browser/crypto/ICrypto.d.ts +71 -0
  233. package/dist-browser/crypto/ICrypto.d.ts.map +1 -0
  234. package/dist-browser/crypto/ICrypto.mjs +44 -0
  235. package/dist-browser/crypto/ICrypto.mjs.map +1 -0
  236. package/dist-browser/crypto/IGuidGenerator.d.ts +5 -0
  237. package/dist-browser/crypto/IGuidGenerator.d.ts.map +1 -0
  238. package/dist-browser/crypto/JoseHeader.d.ts +23 -0
  239. package/dist-browser/crypto/JoseHeader.d.ts.map +1 -0
  240. package/dist-browser/crypto/JoseHeader.mjs +46 -0
  241. package/dist-browser/crypto/JoseHeader.mjs.map +1 -0
  242. package/dist-browser/crypto/PopTokenGenerator.d.ts +60 -0
  243. package/dist-browser/crypto/PopTokenGenerator.d.ts.map +1 -0
  244. package/dist-browser/crypto/PopTokenGenerator.mjs +87 -0
  245. package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -0
  246. package/dist-browser/crypto/SignedHttpRequest.d.ts +16 -0
  247. package/dist-browser/crypto/SignedHttpRequest.d.ts.map +1 -0
  248. package/dist-browser/error/AuthError.d.ts +33 -0
  249. package/dist-browser/error/AuthError.d.ts.map +1 -0
  250. package/dist-browser/error/AuthError.mjs +34 -0
  251. package/dist-browser/error/AuthError.mjs.map +1 -0
  252. package/dist-browser/error/AuthErrorCodes.d.ts +6 -0
  253. package/dist-browser/error/AuthErrorCodes.d.ts.map +1 -0
  254. package/dist-browser/error/AuthErrorCodes.mjs +14 -0
  255. package/dist-browser/error/AuthErrorCodes.mjs.map +1 -0
  256. package/dist-browser/error/CacheError.d.ts +23 -0
  257. package/dist-browser/error/CacheError.d.ts.map +1 -0
  258. package/dist-browser/error/CacheError.mjs +45 -0
  259. package/dist-browser/error/CacheError.mjs.map +1 -0
  260. package/dist-browser/error/CacheErrorCodes.d.ts +3 -0
  261. package/dist-browser/error/CacheErrorCodes.d.ts.map +1 -0
  262. package/dist-browser/error/CacheErrorCodes.mjs +11 -0
  263. package/dist-browser/error/CacheErrorCodes.mjs.map +1 -0
  264. package/dist-browser/error/ClientAuthError.d.ts +14 -0
  265. package/dist-browser/error/ClientAuthError.d.ts.map +1 -0
  266. package/dist-browser/error/ClientAuthError.mjs +27 -0
  267. package/dist-browser/error/ClientAuthError.mjs.map +1 -0
  268. package/dist-browser/error/ClientAuthErrorCodes.d.ts +38 -0
  269. package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -0
  270. package/dist-browser/error/ClientAuthErrorCodes.mjs +46 -0
  271. package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -0
  272. package/dist-browser/error/ClientConfigurationError.d.ts +11 -0
  273. package/dist-browser/error/ClientConfigurationError.d.ts.map +1 -0
  274. package/dist-browser/error/ClientConfigurationError.mjs +24 -0
  275. package/dist-browser/error/ClientConfigurationError.mjs.map +1 -0
  276. package/dist-browser/error/ClientConfigurationErrorCodes.d.ts +23 -0
  277. package/dist-browser/error/ClientConfigurationErrorCodes.d.ts.map +1 -0
  278. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +31 -0
  279. package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -0
  280. package/dist-browser/error/InteractionRequiredAuthError.d.ts +48 -0
  281. package/dist-browser/error/InteractionRequiredAuthError.d.ts.map +1 -0
  282. package/dist-browser/error/InteractionRequiredAuthError.mjs +73 -0
  283. package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -0
  284. package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts +9 -0
  285. package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -0
  286. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +19 -0
  287. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs.map +1 -0
  288. package/dist-browser/error/JoseHeaderError.d.ts +12 -0
  289. package/dist-browser/error/JoseHeaderError.d.ts.map +1 -0
  290. package/dist-browser/error/JoseHeaderError.mjs +25 -0
  291. package/dist-browser/error/JoseHeaderError.mjs.map +1 -0
  292. package/dist-browser/error/JoseHeaderErrorCodes.d.ts +3 -0
  293. package/dist-browser/error/JoseHeaderErrorCodes.d.ts.map +1 -0
  294. package/dist-browser/error/JoseHeaderErrorCodes.mjs +11 -0
  295. package/dist-browser/error/JoseHeaderErrorCodes.mjs.map +1 -0
  296. package/dist-browser/error/NetworkError.d.ts +19 -0
  297. package/dist-browser/error/NetworkError.d.ts.map +1 -0
  298. package/dist-browser/error/NetworkError.mjs +35 -0
  299. package/dist-browser/error/NetworkError.mjs.map +1 -0
  300. package/dist-browser/error/PlatformBrokerError.d.ts +16 -0
  301. package/dist-browser/error/PlatformBrokerError.d.ts.map +1 -0
  302. package/dist-browser/error/PlatformBrokerError.mjs +49 -0
  303. package/dist-browser/error/PlatformBrokerError.mjs.map +1 -0
  304. package/dist-browser/error/ServerError.d.ts +16 -0
  305. package/dist-browser/error/ServerError.d.ts.map +1 -0
  306. package/dist-browser/error/ServerError.mjs +23 -0
  307. package/dist-browser/error/ServerError.mjs.map +1 -0
  308. package/dist-browser/exports-browser-only.d.ts +11 -0
  309. package/dist-browser/exports-browser-only.d.ts.map +1 -0
  310. package/dist-browser/exports-common.d.ts +86 -0
  311. package/dist-browser/exports-common.d.ts.map +1 -0
  312. package/dist-browser/exports-node-only.d.ts +16 -0
  313. package/dist-browser/exports-node-only.d.ts.map +1 -0
  314. package/dist-browser/index-browser.d.ts +7 -0
  315. package/dist-browser/index-browser.d.ts.map +1 -0
  316. package/dist-browser/index-browser.mjs +78 -0
  317. package/dist-browser/index-browser.mjs.map +1 -0
  318. package/dist-browser/index-node.d.ts +7 -0
  319. package/dist-browser/index-node.d.ts.map +1 -0
  320. package/dist-browser/index.d.ts +12 -0
  321. package/dist-browser/index.d.ts.map +1 -0
  322. package/dist-browser/index.mjs +82 -0
  323. package/dist-browser/index.mjs.map +1 -0
  324. package/dist-browser/log-strings-mapping.json +383 -0
  325. package/dist-browser/logger/Logger.d.ts +119 -0
  326. package/dist-browser/logger/Logger.d.ts.map +1 -0
  327. package/dist-browser/logger/Logger.mjs +278 -0
  328. package/dist-browser/logger/Logger.mjs.map +1 -0
  329. package/dist-browser/network/INetworkModule.d.ts +30 -0
  330. package/dist-browser/network/INetworkModule.d.ts.map +1 -0
  331. package/dist-browser/network/INetworkModule.mjs +20 -0
  332. package/dist-browser/network/INetworkModule.mjs.map +1 -0
  333. package/dist-browser/network/NetworkResponse.d.ts +6 -0
  334. package/dist-browser/network/NetworkResponse.d.ts.map +1 -0
  335. package/dist-browser/network/RequestThumbprint.d.ts +22 -0
  336. package/dist-browser/network/RequestThumbprint.d.ts.map +1 -0
  337. package/dist-browser/network/RequestThumbprint.mjs +24 -0
  338. package/dist-browser/network/RequestThumbprint.mjs.map +1 -0
  339. package/dist-browser/network/ThrottlingUtils.d.ts +43 -0
  340. package/dist-browser/network/ThrottlingUtils.d.ts.map +1 -0
  341. package/dist-browser/network/ThrottlingUtils.mjs +92 -0
  342. package/dist-browser/network/ThrottlingUtils.mjs.map +1 -0
  343. package/dist-browser/packageMetadata.d.ts +3 -0
  344. package/dist-browser/packageMetadata.d.ts.map +1 -0
  345. package/dist-browser/packageMetadata.mjs +8 -0
  346. package/dist-browser/packageMetadata.mjs.map +1 -0
  347. package/dist-browser/protocol/Authorize.d.ts +37 -0
  348. package/dist-browser/protocol/Authorize.d.ts.map +1 -0
  349. package/dist-browser/protocol/Authorize.mjs +237 -0
  350. package/dist-browser/protocol/Authorize.mjs.map +1 -0
  351. package/dist-browser/protocol/Token.d.ts +40 -0
  352. package/dist-browser/protocol/Token.d.ts.map +1 -0
  353. package/dist-browser/protocol/Token.mjs +129 -0
  354. package/dist-browser/protocol/Token.mjs.map +1 -0
  355. package/dist-browser/request/AuthenticationHeaderParser.d.ts +20 -0
  356. package/dist-browser/request/AuthenticationHeaderParser.d.ts.map +1 -0
  357. package/dist-browser/request/AuthenticationHeaderParser.mjs +64 -0
  358. package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -0
  359. package/dist-browser/request/BaseAuthRequest.d.ts +95 -0
  360. package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -0
  361. package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts +32 -0
  362. package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts.map +1 -0
  363. package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts +71 -0
  364. package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts.map +1 -0
  365. package/dist-browser/request/CommonEndSessionRequest.d.ts +36 -0
  366. package/dist-browser/request/CommonEndSessionRequest.d.ts.map +1 -0
  367. package/dist-browser/request/CommonRefreshTokenRequest.d.ts +24 -0
  368. package/dist-browser/request/CommonRefreshTokenRequest.d.ts.map +1 -0
  369. package/dist-browser/request/CommonSilentFlowRequest.d.ts +24 -0
  370. package/dist-browser/request/CommonSilentFlowRequest.d.ts.map +1 -0
  371. package/dist-browser/request/NativeRequest.d.ts +20 -0
  372. package/dist-browser/request/NativeRequest.d.ts.map +1 -0
  373. package/dist-browser/request/NativeSignOutRequest.d.ts +6 -0
  374. package/dist-browser/request/NativeSignOutRequest.d.ts.map +1 -0
  375. package/dist-browser/request/RequestParameterBuilder.d.ts +217 -0
  376. package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -0
  377. package/dist-browser/request/RequestParameterBuilder.mjs +410 -0
  378. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -0
  379. package/dist-browser/request/ScopeSet.d.ts +83 -0
  380. package/dist-browser/request/ScopeSet.d.ts.map +1 -0
  381. package/dist-browser/request/ScopeSet.mjs +204 -0
  382. package/dist-browser/request/ScopeSet.mjs.map +1 -0
  383. package/dist-browser/request/StoreInCache.d.ts +9 -0
  384. package/dist-browser/request/StoreInCache.d.ts.map +1 -0
  385. package/dist-browser/response/AuthenticationResult.d.ts +42 -0
  386. package/dist-browser/response/AuthenticationResult.d.ts.map +1 -0
  387. package/dist-browser/response/AuthorizationCodePayload.d.ts +14 -0
  388. package/dist-browser/response/AuthorizationCodePayload.d.ts.map +1 -0
  389. package/dist-browser/response/AuthorizeResponse.d.ts +76 -0
  390. package/dist-browser/response/AuthorizeResponse.d.ts.map +1 -0
  391. package/dist-browser/response/DeviceCodeResponse.d.ts +26 -0
  392. package/dist-browser/response/DeviceCodeResponse.d.ts.map +1 -0
  393. package/dist-browser/response/ExternalTokenResponse.d.ts +16 -0
  394. package/dist-browser/response/ExternalTokenResponse.d.ts.map +1 -0
  395. package/dist-browser/response/IMDSBadResponse.d.ts +5 -0
  396. package/dist-browser/response/IMDSBadResponse.d.ts.map +1 -0
  397. package/dist-browser/response/ResponseHandler.d.ts +63 -0
  398. package/dist-browser/response/ResponseHandler.d.ts.map +1 -0
  399. package/dist-browser/response/ResponseHandler.mjs +349 -0
  400. package/dist-browser/response/ResponseHandler.mjs.map +1 -0
  401. package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts +48 -0
  402. package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts.map +1 -0
  403. package/dist-browser/telemetry/performance/IPerformanceClient.d.ts +30 -0
  404. package/dist-browser/telemetry/performance/IPerformanceClient.d.ts.map +1 -0
  405. package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts +6 -0
  406. package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts.map +1 -0
  407. package/dist-browser/telemetry/performance/PerformanceClient.d.ts +170 -0
  408. package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -0
  409. package/dist-browser/telemetry/performance/PerformanceClient.mjs +490 -0
  410. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -0
  411. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +286 -0
  412. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -0
  413. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +45 -0
  414. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -0
  415. package/dist-browser/telemetry/performance/PerformanceEvents.d.ts +66 -0
  416. package/dist-browser/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
  417. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +74 -0
  418. package/dist-browser/telemetry/performance/PerformanceEvents.mjs.map +1 -0
  419. package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts +21 -0
  420. package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts.map +1 -0
  421. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +59 -0
  422. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -0
  423. package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts +79 -0
  424. package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts.map +1 -0
  425. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +266 -0
  426. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -0
  427. package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts +9 -0
  428. package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts.map +1 -0
  429. package/dist-browser/url/IUri.d.ts +13 -0
  430. package/dist-browser/url/IUri.d.ts.map +1 -0
  431. package/dist-browser/url/UrlString.d.ts +44 -0
  432. package/dist-browser/url/UrlString.d.ts.map +1 -0
  433. package/dist-browser/url/UrlString.mjs +164 -0
  434. package/dist-browser/url/UrlString.mjs.map +1 -0
  435. package/dist-browser/utils/ClientAssertionUtils.d.ts +3 -0
  436. package/dist-browser/utils/ClientAssertionUtils.d.ts.map +1 -0
  437. package/dist-browser/utils/ClientAssertionUtils.mjs +21 -0
  438. package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -0
  439. package/dist-browser/utils/Constants.d.ts +283 -0
  440. package/dist-browser/utils/Constants.d.ts.map +1 -0
  441. package/dist-browser/utils/Constants.mjs +298 -0
  442. package/dist-browser/utils/Constants.mjs.map +1 -0
  443. package/dist-browser/utils/FunctionWrappers.d.ts +28 -0
  444. package/dist-browser/utils/FunctionWrappers.d.ts.map +1 -0
  445. package/dist-browser/utils/FunctionWrappers.mjs +98 -0
  446. package/dist-browser/utils/FunctionWrappers.mjs.map +1 -0
  447. package/dist-browser/utils/MsalTypes.d.ts +7 -0
  448. package/dist-browser/utils/MsalTypes.d.ts.map +1 -0
  449. package/dist-browser/utils/ProtocolUtils.d.ts +22 -0
  450. package/dist-browser/utils/ProtocolUtils.d.ts.map +1 -0
  451. package/dist-browser/utils/ProtocolUtils.mjs +74 -0
  452. package/dist-browser/utils/ProtocolUtils.mjs.map +1 -0
  453. package/dist-browser/utils/StateTypes.d.ts +15 -0
  454. package/dist-browser/utils/StateTypes.d.ts.map +1 -0
  455. package/dist-browser/utils/StringUtils.d.ts +41 -0
  456. package/dist-browser/utils/StringUtils.d.ts.map +1 -0
  457. package/dist-browser/utils/StringUtils.mjs +100 -0
  458. package/dist-browser/utils/StringUtils.mjs.map +1 -0
  459. package/dist-browser/utils/TimeUtils.d.ts +43 -0
  460. package/dist-browser/utils/TimeUtils.d.ts.map +1 -0
  461. package/dist-browser/utils/TimeUtils.mjs +76 -0
  462. package/dist-browser/utils/TimeUtils.mjs.map +1 -0
  463. package/dist-browser/utils/UrlUtils.d.ts +23 -0
  464. package/dist-browser/utils/UrlUtils.d.ts.map +1 -0
  465. package/dist-browser/utils/UrlUtils.mjs +115 -0
  466. package/dist-browser/utils/UrlUtils.mjs.map +1 -0
  467. package/lib/index-browser.cjs +2 -2
  468. package/lib/{index-node-B7mR4APO.js → index-node-A5mPbLhz.js} +14 -9
  469. package/lib/{index-node-B7mR4APO.js.map → index-node-A5mPbLhz.js.map} +1 -1
  470. package/lib/index-node.cjs +2 -2
  471. package/lib/index.cjs +2 -2
  472. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  473. package/lib/types/packageMetadata.d.ts +1 -1
  474. package/lib/types/packageMetadata.d.ts.map +1 -1
  475. package/lib/types/request/BaseAuthRequest.d.ts +63 -20
  476. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  477. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +18 -13
  478. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  479. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +48 -27
  480. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  481. package/lib/types/request/CommonEndSessionRequest.d.ts +21 -7
  482. package/lib/types/request/CommonEndSessionRequest.d.ts.map +1 -1
  483. package/lib/types/request/CommonRefreshTokenRequest.d.ts +12 -10
  484. package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  485. package/lib/types/request/CommonSilentFlowRequest.d.ts +12 -14
  486. package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
  487. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  488. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +3 -1
  489. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  490. package/package.json +5 -3
  491. package/src/client/RefreshTokenClient.ts +13 -16
  492. package/src/packageMetadata.ts +1 -1
  493. package/src/request/BaseAuthRequest.ts +63 -20
  494. package/src/request/CommonAuthorizationCodeRequest.ts +18 -13
  495. package/src/request/CommonAuthorizationUrlRequest.ts +48 -27
  496. package/src/request/CommonEndSessionRequest.ts +21 -7
  497. package/src/request/CommonRefreshTokenRequest.ts +12 -10
  498. package/src/request/CommonSilentFlowRequest.ts +12 -14
  499. package/src/response/ResponseHandler.ts +5 -0
  500. package/src/telemetry/performance/PerformanceEvent.ts +3 -1
@@ -0,0 +1,254 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ import { buildClientConfiguration, isOidcProtocolMode } from '../config/ClientConfiguration.mjs';
4
+ import { addClientId, addRedirectUri, addScopes, addGrantType, addClientInfo, addLibraryInfo, addApplicationTelemetry, addThrottling, addServerTelemetry, addRefreshToken, addClientSecret, addClientAssertion, addClientAssertionType, addPopToken, addSshJwk, addClaims, addCcsUpn, addCcsOid, addBrokerParameters, addExtraParameters, instrumentBrokerParams } from '../request/RequestParameterBuilder.mjs';
5
+ import { mapToQueryString } from '../utils/UrlUtils.mjs';
6
+ import { AuthenticationScheme, HeaderNames, INVALID_GRANT_ERROR, CLIENT_MISMATCH_ERROR, GrantType } from '../utils/Constants.mjs';
7
+ import { CLIENT_ID } from '../constants/AADServerParamKeys.mjs';
8
+ import { ResponseHandler } from '../response/ResponseHandler.mjs';
9
+ import { PopTokenGenerator } from '../crypto/PopTokenGenerator.mjs';
10
+ import { StringUtils } from '../utils/StringUtils.mjs';
11
+ import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
12
+ import { createClientAuthError } from '../error/ClientAuthError.mjs';
13
+ import { ServerError } from '../error/ServerError.mjs';
14
+ import { nowSeconds, isTokenExpired } from '../utils/TimeUtils.mjs';
15
+ import { UrlString } from '../url/UrlString.mjs';
16
+ import { CcsCredentialType } from '../account/CcsCredential.mjs';
17
+ import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
18
+ import { createInteractionRequiredAuthError, InteractionRequiredAuthError } from '../error/InteractionRequiredAuthError.mjs';
19
+ import { RefreshTokenClientAcquireTokenWithCachedRefreshToken, RefreshTokenClientAcquireToken, RefreshTokenClientExecuteTokenRequest, HandleServerTokenResponse, CacheManagerGetRefreshToken, RefreshTokenClientCreateTokenRequestBody, RefreshTokenClientExecutePostToTokenEndpoint, PopTokenGenerateCnf } from '../telemetry/performance/PerformanceEvents.mjs';
20
+ import { invokeAsync, invoke } from '../utils/FunctionWrappers.mjs';
21
+ import { getClientAssertion } from '../utils/ClientAssertionUtils.mjs';
22
+ import { getRequestThumbprint } from '../network/RequestThumbprint.mjs';
23
+ import { createTokenQueryParameters, createTokenRequestHeaders, executePostToTokenEndpoint } from '../protocol/Token.mjs';
24
+ import { Logger } from '../logger/Logger.mjs';
25
+ import { name, version } from '../packageMetadata.mjs';
26
+ import { badToken, noTokensFound, refreshTokenExpired } from '../error/InteractionRequiredAuthErrorCodes.mjs';
27
+ import { tokenRequestEmpty, missingSshJwk } from '../error/ClientConfigurationErrorCodes.mjs';
28
+ import { noAccountInSilentRequest } from '../error/ClientAuthErrorCodes.mjs';
29
+
30
+ /*
31
+ * Copyright (c) Microsoft Corporation. All rights reserved.
32
+ * Licensed under the MIT License.
33
+ */
34
+ const DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS = 300; // 5 Minutes
35
+ /**
36
+ * OAuth2.0 refresh token client
37
+ * @internal
38
+ */
39
+ class RefreshTokenClient {
40
+ constructor(configuration, performanceClient) {
41
+ // Set the configuration
42
+ this.config = buildClientConfiguration(configuration);
43
+ // Initialize the logger
44
+ this.logger = new Logger(this.config.loggerOptions, name, version);
45
+ // Initialize crypto
46
+ this.cryptoUtils = this.config.cryptoInterface;
47
+ // Initialize storage interface
48
+ this.cacheManager = this.config.storageInterface;
49
+ // Set the network interface
50
+ this.networkClient = this.config.networkInterface;
51
+ // Set TelemetryManager
52
+ this.serverTelemetryManager = this.config.serverTelemetryManager;
53
+ // set Authority
54
+ this.authority = this.config.authOptions.authority;
55
+ // set performance telemetry client
56
+ this.performanceClient = performanceClient;
57
+ }
58
+ async acquireToken(request) {
59
+ const reqTimestamp = nowSeconds();
60
+ const response = await invokeAsync(this.executeTokenRequest.bind(this), RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
61
+ // Retrieve requestId from response headers
62
+ const requestId = response.headers?.[HeaderNames.X_MS_REQUEST_ID];
63
+ const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.performanceClient, this.config.serializableCache, this.config.persistencePlugin);
64
+ responseHandler.validateTokenResponse(response.body, request.correlationId);
65
+ return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId);
66
+ }
67
+ /**
68
+ * Gets cached refresh token and attaches to request, then calls acquireToken API
69
+ * @param request
70
+ */
71
+ async acquireTokenByRefreshToken(request) {
72
+ // Cannot renew token if no request object is given.
73
+ if (!request) {
74
+ throw createClientConfigurationError(tokenRequestEmpty);
75
+ }
76
+ // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases
77
+ if (!request.account) {
78
+ throw createClientAuthError(noAccountInSilentRequest);
79
+ }
80
+ // try checking if FOCI is enabled for the given application
81
+ const isFOCI = this.cacheManager.isAppMetadataFOCI(request.account.environment, request.correlationId);
82
+ // if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest
83
+ if (isFOCI) {
84
+ try {
85
+ return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true);
86
+ }
87
+ catch (e) {
88
+ const noFamilyRTInCache = e instanceof InteractionRequiredAuthError &&
89
+ e.errorCode ===
90
+ noTokensFound;
91
+ const clientMismatchErrorWithFamilyRT = e instanceof ServerError &&
92
+ e.errorCode === INVALID_GRANT_ERROR &&
93
+ e.subError === CLIENT_MISMATCH_ERROR;
94
+ // if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)
95
+ if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {
96
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
97
+ // throw in all other cases
98
+ }
99
+ else {
100
+ throw e;
101
+ }
102
+ }
103
+ }
104
+ // fall back to application refresh token acquisition
105
+ return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
106
+ }
107
+ /**
108
+ * makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached
109
+ * @param request
110
+ */
111
+ async acquireTokenWithCachedRefreshToken(request, foci) {
112
+ // fetches family RT or application RT based on FOCI value
113
+ const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined);
114
+ if (!refreshToken) {
115
+ throw createInteractionRequiredAuthError(noTokensFound);
116
+ }
117
+ if (refreshToken.expiresOn) {
118
+ const offset = request.refreshTokenExpirationOffsetSeconds ||
119
+ DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS;
120
+ this.performanceClient?.addFields({
121
+ cacheRtExpiresOnSeconds: Number(refreshToken.expiresOn),
122
+ rtOffsetSeconds: offset,
123
+ }, request.correlationId);
124
+ if (isTokenExpired(refreshToken.expiresOn, offset)) {
125
+ throw createInteractionRequiredAuthError(refreshTokenExpired);
126
+ }
127
+ }
128
+ // attach cached RT size to the current measurement
129
+ const refreshTokenRequest = {
130
+ ...request,
131
+ refreshToken: refreshToken.secret,
132
+ authenticationScheme: request.authenticationScheme ||
133
+ AuthenticationScheme.BEARER,
134
+ ccsCredential: {
135
+ credential: request.account.homeAccountId,
136
+ type: CcsCredentialType.HOME_ACCOUNT_ID,
137
+ },
138
+ };
139
+ try {
140
+ return await invokeAsync(this.acquireToken.bind(this), RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest);
141
+ }
142
+ catch (e) {
143
+ if (e instanceof InteractionRequiredAuthError) {
144
+ if (e.subError === badToken) {
145
+ // Remove bad refresh token from cache
146
+ this.logger.verbose("1pg3ap", request.correlationId);
147
+ const badRefreshTokenKey = this.cacheManager.generateCredentialKey(refreshToken);
148
+ this.cacheManager.removeRefreshToken(badRefreshTokenKey, request.correlationId);
149
+ }
150
+ }
151
+ throw e;
152
+ }
153
+ }
154
+ /**
155
+ * Constructs the network message and makes a NW call to the underlying secure token service
156
+ * @param request
157
+ * @param authority
158
+ */
159
+ async executeTokenRequest(request, authority) {
160
+ const queryParametersString = createTokenQueryParameters(request, this.config.authOptions.clientId, this.config.authOptions.redirectUri, this.performanceClient);
161
+ const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
162
+ const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), RefreshTokenClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
163
+ const headers = createTokenRequestHeaders(this.logger, this.config.systemOptions.preventCorsPreflight, request.ccsCredential);
164
+ const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
165
+ return invokeAsync(executePostToTokenEndpoint, RefreshTokenClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, this.cacheManager, this.networkClient, this.logger, this.performanceClient, this.serverTelemetryManager);
166
+ }
167
+ /**
168
+ * Helper function to create the token request body
169
+ * @param request
170
+ */
171
+ async createTokenRequestBody(request) {
172
+ const parameters = new Map();
173
+ addClientId(parameters, request.embeddedClientId ||
174
+ request.extraParameters?.[CLIENT_ID] ||
175
+ this.config.authOptions.clientId);
176
+ if (request.redirectUri) {
177
+ addRedirectUri(parameters, request.redirectUri);
178
+ }
179
+ addScopes(parameters, request.scopes, true, this.config.authOptions.authority.options.OIDCOptions?.defaultScopes);
180
+ addGrantType(parameters, GrantType.REFRESH_TOKEN_GRANT);
181
+ addClientInfo(parameters);
182
+ addLibraryInfo(parameters, this.config.libraryInfo);
183
+ addApplicationTelemetry(parameters, this.config.telemetry.application);
184
+ addThrottling(parameters);
185
+ if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
186
+ addServerTelemetry(parameters, this.serverTelemetryManager);
187
+ }
188
+ addRefreshToken(parameters, request.refreshToken);
189
+ if (this.config.clientCredentials.clientSecret) {
190
+ addClientSecret(parameters, this.config.clientCredentials.clientSecret);
191
+ }
192
+ if (this.config.clientCredentials.clientAssertion) {
193
+ const clientAssertion = this.config.clientCredentials.clientAssertion;
194
+ addClientAssertion(parameters, await getClientAssertion(clientAssertion.assertion, this.config.authOptions.clientId, request.resourceRequestUri));
195
+ addClientAssertionType(parameters, clientAssertion.assertionType);
196
+ }
197
+ if (request.authenticationScheme === AuthenticationScheme.POP) {
198
+ const popTokenGenerator = new PopTokenGenerator(this.cryptoUtils, this.performanceClient);
199
+ let reqCnfData;
200
+ if (!request.popKid) {
201
+ const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PopTokenGenerateCnf, this.logger, this.performanceClient, request.correlationId)(request, this.logger);
202
+ reqCnfData = generatedReqCnfData.reqCnfString;
203
+ }
204
+ else {
205
+ reqCnfData = this.cryptoUtils.encodeKid(request.popKid);
206
+ }
207
+ // SPA PoP requires full Base64Url encoded req_cnf string (unhashed)
208
+ addPopToken(parameters, reqCnfData);
209
+ }
210
+ else if (request.authenticationScheme === AuthenticationScheme.SSH) {
211
+ if (request.sshJwk) {
212
+ addSshJwk(parameters, request.sshJwk);
213
+ }
214
+ else {
215
+ throw createClientConfigurationError(missingSshJwk);
216
+ }
217
+ }
218
+ if (!StringUtils.isEmptyObj(request.claims) ||
219
+ (this.config.authOptions.clientCapabilities &&
220
+ this.config.authOptions.clientCapabilities.length > 0)) {
221
+ addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
222
+ }
223
+ if (this.config.systemOptions.preventCorsPreflight &&
224
+ request.ccsCredential) {
225
+ switch (request.ccsCredential.type) {
226
+ case CcsCredentialType.HOME_ACCOUNT_ID:
227
+ try {
228
+ const clientInfo = buildClientInfoFromHomeAccountId(request.ccsCredential.credential);
229
+ addCcsOid(parameters, clientInfo);
230
+ }
231
+ catch (e) {
232
+ this.logger.verbose("1qhtee", request.correlationId);
233
+ }
234
+ break;
235
+ case CcsCredentialType.UPN:
236
+ addCcsUpn(parameters, request.ccsCredential.credential);
237
+ break;
238
+ }
239
+ }
240
+ if (request.embeddedClientId) {
241
+ addBrokerParameters(parameters, this.config.authOptions.clientId, this.config.authOptions.redirectUri);
242
+ }
243
+ if (request.extraParameters) {
244
+ addExtraParameters(parameters, {
245
+ ...request.extraParameters,
246
+ });
247
+ }
248
+ instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
249
+ return mapToQueryString(parameters);
250
+ }
251
+ }
252
+
253
+ export { RefreshTokenClient };
254
+ //# sourceMappingURL=RefreshTokenClient.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"RefreshTokenClient.mjs","sources":["../../src/client/RefreshTokenClient.ts"],"sourcesContent":[null],"names":["TimeUtils.nowSeconds","PerformanceEvents.RefreshTokenClientExecuteTokenRequest","Constants.HeaderNames","PerformanceEvents.HandleServerTokenResponse","ClientConfigurationErrorCodes.tokenRequestEmpty","ClientAuthErrorCodes.noAccountInSilentRequest","PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken","InteractionRequiredAuthErrorCodes.noTokensFound","Constants.INVALID_GRANT_ERROR","Constants.CLIENT_MISMATCH_ERROR","PerformanceEvents.CacheManagerGetRefreshToken","TimeUtils.isTokenExpired","InteractionRequiredAuthErrorCodes.refreshTokenExpired","Constants.AuthenticationScheme","PerformanceEvents.RefreshTokenClientAcquireToken","InteractionRequiredAuthErrorCodes.badToken","PerformanceEvents.RefreshTokenClientCreateTokenRequestBody","PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint","RequestParameterBuilder.addClientId","AADServerParamKeys.CLIENT_ID","RequestParameterBuilder.addRedirectUri","RequestParameterBuilder.addScopes","RequestParameterBuilder.addGrantType","Constants.GrantType","RequestParameterBuilder.addClientInfo","RequestParameterBuilder.addLibraryInfo","RequestParameterBuilder.addApplicationTelemetry","RequestParameterBuilder.addThrottling","RequestParameterBuilder.addServerTelemetry","RequestParameterBuilder.addRefreshToken","RequestParameterBuilder.addClientSecret","RequestParameterBuilder.addClientAssertion","RequestParameterBuilder.addClientAssertionType","PerformanceEvents.PopTokenGenerateCnf","RequestParameterBuilder.addPopToken","RequestParameterBuilder.addSshJwk","ClientConfigurationErrorCodes.missingSshJwk","RequestParameterBuilder.addClaims","RequestParameterBuilder.addCcsOid","RequestParameterBuilder.addCcsUpn","RequestParameterBuilder.addBrokerParameters","RequestParameterBuilder.addExtraParameters","RequestParameterBuilder.instrumentBrokerParams","UrlUtils.mapToQueryString"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;AAGG;AAyDH,MAAM,+CAA+C,GAAG,GAAG,CAAC;AAE5D;;;AAGG;MACU,kBAAkB,CAAA;IAyB3B,WACI,CAAA,aAAkC,EAClC,iBAAqC,EAAA;;AAGrC,QAAA,IAAI,CAAC,MAAM,GAAG,wBAAwB,CAAC,aAAa,CAAC,CAAC;;AAGtD,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;;QAGnE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;;QAG/C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGjD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGlD,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;;QAGjE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;;AAGnD,QAAA,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KAC9C;IACM,MAAM,YAAY,CACrB,OAAkC,EAAA;AAElC,QAAA,MAAM,YAAY,GAAGA,UAAoB,EAAE,CAAC;AAC5C,QAAA,MAAM,QAAQ,GAAG,MAAM,WAAW,CAC9B,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EACnCC,qCAAuD,EACvD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;;AAG3B,QAAA,MAAM,SAAS,GACX,QAAQ,CAAC,OAAO,GAAGC,WAAqB,CAAC,eAAe,CAAC,CAAC;AAC9D,QAAA,MAAM,eAAe,GAAG,IAAI,eAAe,CACvC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAC7B,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAChC,CAAC;QACF,eAAe,CAAC,qBAAqB,CACjC,QAAQ,CAAC,IAAI,EACb,OAAO,CAAC,aAAa,CACxB,CAAC;QAEF,OAAO,WAAW,CACd,eAAe,CAAC,yBAAyB,CAAC,IAAI,CAAC,eAAe,CAAC,EAC/DC,yBAA2C,EAC3C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CACG,QAAQ,CAAC,IAAI,EACb,IAAI,CAAC,SAAS,EACd,YAAY,EACZ,OAAO,EACP,SAAS,EACT,SAAS,EACT,IAAI,EACJ,OAAO,CAAC,UAAU,EAClB,SAAS,CACZ,CAAC;KACL;AAED;;;AAGG;IACI,MAAM,0BAA0B,CACnC,OAAgC,EAAA;;QAGhC,IAAI,CAAC,OAAO,EAAE;AACV,YAAA,MAAM,8BAA8B,CAChCC,iBAA+C,CAClD,CAAC;AACL,SAAA;;AAED,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;AAClB,YAAA,MAAM,qBAAqB,CACvBC,wBAA6C,CAChD,CAAC;AACL,SAAA;;AAGD,QAAA,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAC9C,OAAO,CAAC,OAAO,CAAC,WAAW,EAC3B,OAAO,CAAC,aAAa,CACxB,CAAC;;AAGF,QAAA,IAAI,MAAM,EAAE;YACR,IAAI;AACA,gBAAA,OAAO,MAAM,WAAW,CACpB,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDC,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACpB,aAAA;AAAC,YAAA,OAAO,CAAC,EAAE;AACR,gBAAA,MAAM,iBAAiB,GACnB,CAAC,YAAY,4BAA4B;AACzC,oBAAA,CAAC,CAAC,SAAS;wBACPC,aAA+C,CAAC;AACxD,gBAAA,MAAM,+BAA+B,GACjC,CAAC,YAAY,WAAW;AACxB,oBAAA,CAAC,CAAC,SAAS,KAAKC,mBAA6B;AAC7C,oBAAA,CAAC,CAAC,QAAQ,KAAKC,qBAA+B,CAAC;;gBAGnD,IAAI,iBAAiB,IAAI,+BAA+B,EAAE;AACtD,oBAAA,OAAO,WAAW,CACd,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDH,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;;AAErB,iBAAA;AAAM,qBAAA;AACH,oBAAA,MAAM,CAAC,CAAC;AACX,iBAAA;AACJ,aAAA;AACJ,SAAA;;AAED,QAAA,OAAO,WAAW,CACd,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDA,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;KACrB;AAED;;;AAGG;AACK,IAAA,MAAM,kCAAkC,CAC5C,OAAgC,EAChC,IAAa,EAAA;;QAGb,MAAM,YAAY,GAAG,MAAM,CACvB,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,EACzDI,2BAA6C,EAC7C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;QAE3D,IAAI,CAAC,YAAY,EAAE;AACf,YAAA,MAAM,kCAAkC,CACpCH,aAA+C,CAClD,CAAC;AACL,SAAA;QAED,IAAI,YAAY,CAAC,SAAS,EAAE;AACxB,YAAA,MAAM,MAAM,GACR,OAAO,CAAC,mCAAmC;AAC3C,gBAAA,+CAA+C,CAAC;AACpD,YAAA,IAAI,CAAC,iBAAiB,EAAE,SAAS,CAC7B;AACI,gBAAA,uBAAuB,EAAE,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC;AACvD,gBAAA,eAAe,EAAE,MAAM;AAC1B,aAAA,EACD,OAAO,CAAC,aAAa,CACxB,CAAC;YAEF,IAAII,cAAwB,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE;AAC1D,gBAAA,MAAM,kCAAkC,CACpCC,mBAAqD,CACxD,CAAC;AACL,aAAA;AACJ,SAAA;;AAGD,QAAA,MAAM,mBAAmB,GAA8B;AACnD,YAAA,GAAG,OAAO;YACV,YAAY,EAAE,YAAY,CAAC,MAAM;YACjC,oBAAoB,EAChB,OAAO,CAAC,oBAAoB;gBAC5BC,oBAA8B,CAAC,MAAM;AACzC,YAAA,aAAa,EAAE;AACX,gBAAA,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,aAAa;gBACzC,IAAI,EAAE,iBAAiB,CAAC,eAAe;AAC1C,aAAA;SACJ,CAAC;QAEF,IAAI;AACA,YAAA,OAAO,MAAM,WAAW,CACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5BC,8BAAgD,EAChD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,mBAAmB,CAAC,CAAC;AAC1B,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,IAAI,CAAC,YAAY,4BAA4B,EAAE;AAC3C,gBAAA,IAAI,CAAC,CAAC,QAAQ,KAAKC,QAA0C,EAAE;;oBAE3D,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,QAAsE,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;oBAG1E,MAAM,kBAAkB,GACpB,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;oBAC1D,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAChC,kBAAkB,EAClB,OAAO,CAAC,aAAa,CACxB,CAAC;AACL,iBAAA;AACJ,aAAA;AAED,YAAA,MAAM,CAAC,CAAC;AACX,SAAA;KACJ;AAED;;;;AAIG;AACK,IAAA,MAAM,mBAAmB,CAC7B,OAAkC,EAClC,SAAoB,EAAA;QAEpB,MAAM,qBAAqB,GAAG,0BAA0B,CACpD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,EACnC,IAAI,CAAC,iBAAiB,CACzB,CAAC;AACF,QAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,iBAAiB,CACxC,SAAS,CAAC,aAAa,EACvB,qBAAqB,CACxB,CAAC;AAEF,QAAA,MAAM,WAAW,GAAG,MAAM,WAAW,CACjC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,EACtCC,wCAA0D,EAC1D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,CAAC,CAAC;QACX,MAAM,OAAO,GAA2B,yBAAyB,CAC7D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,oBAAoB,EAC9C,OAAO,CAAC,aAAa,CACxB,CAAC;AAEF,QAAA,MAAM,UAAU,GAAG,oBAAoB,CACnC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,OAAO,CACV,CAAC;QAEF,OAAO,WAAW,CACd,0BAA0B,EAC1BC,4CAA8D,EAC9D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CACG,QAAQ,EACR,WAAW,EACX,OAAO,EACP,UAAU,EACV,OAAO,CAAC,aAAa,EACrB,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,sBAAsB,CAC9B,CAAC;KACL;AAED;;;AAGG;IACK,MAAM,sBAAsB,CAChC,OAAkC,EAAA;AAElC,QAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE7C,QAAAC,WAAmC,CAC/B,UAAU,EACV,OAAO,CAAC,gBAAgB;AACpB,YAAA,OAAO,CAAC,eAAe,GAAGC,SAA4B,CAAC;AACvD,YAAA,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CACvC,CAAC;QAEF,IAAI,OAAO,CAAC,WAAW,EAAE;YACrBC,cAAsC,CAClC,UAAU,EACV,OAAO,CAAC,WAAW,CACtB,CAAC;AACL,SAAA;QAEDC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,IAAI,EACJ,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CACvE,CAAC;QAEFC,YAAoC,CAChC,UAAU,EACVC,SAAmB,CAAC,mBAAmB,CAC1C,CAAC;AAEF,QAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;QAElDC,cAAsC,CAClC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,WAAW,CAC1B,CAAC;AACF,QAAAC,uBAA+C,CAC3C,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,WAAW,CACpC,CAAC;AACF,QAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;QAElD,IAAI,IAAI,CAAC,sBAAsB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACjEC,kBAA0C,CACtC,UAAU,EACV,IAAI,CAAC,sBAAsB,CAC9B,CAAC;AACL,SAAA;QAEDC,eAAuC,CACnC,UAAU,EACV,OAAO,CAAC,YAAY,CACvB,CAAC;AAEF,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,YAAY,EAAE;AAC5C,YAAAC,eAAuC,CACnC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,YAAY,CAC7C,CAAC;AACL,SAAA;AAED,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,eAAe,EAAE;YAC/C,MAAM,eAAe,GACjB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,eAAe,CAAC;YAElDC,kBAA0C,CACtC,UAAU,EACV,MAAM,kBAAkB,CACpB,eAAe,CAAC,SAAS,EACzB,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,OAAO,CAAC,kBAAkB,CAC7B,CACJ,CAAC;YACFC,sBAA8C,CAC1C,UAAU,EACV,eAAe,CAAC,aAAa,CAChC,CAAC;AACL,SAAA;QAED,IACI,OAAO,CAAC,oBAAoB,KAAKnB,oBAA8B,CAAC,GAAG,EACrE;AACE,YAAA,MAAM,iBAAiB,GAAG,IAAI,iBAAiB,CAC3C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,iBAAiB,CACzB,CAAC;AAEF,YAAA,IAAI,UAAU,CAAC;AACf,YAAA,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE;AACjB,gBAAA,MAAM,mBAAmB,GAAG,MAAM,WAAW,CACzC,iBAAiB,CAAC,WAAW,CAAC,IAAI,CAAC,iBAAiB,CAAC,EACrDoB,mBAAqC,EACrC,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;AAExB,gBAAA,UAAU,GAAG,mBAAmB,CAAC,YAAY,CAAC;AACjD,aAAA;AAAM,iBAAA;gBACH,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAC3D,aAAA;;AAGD,YAAAC,WAAmC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC/D,SAAA;aAAM,IACH,OAAO,CAAC,oBAAoB,KAAKrB,oBAA8B,CAAC,GAAG,EACrE;YACE,IAAI,OAAO,CAAC,MAAM,EAAE;gBAChBsB,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AACjE,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,8BAA8B,CAChCC,aAA2C,CAC9C,CAAC;AACL,aAAA;AACJ,SAAA;QAED,IACI,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC;AACvC,aAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,EAC5D;AACE,YAAAC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAC7C,CAAC;AACL,SAAA;AAED,QAAA,IACI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,oBAAoB;YAC9C,OAAO,CAAC,aAAa,EACvB;AACE,YAAA,QAAQ,OAAO,CAAC,aAAa,CAAC,IAAI;gBAC9B,KAAK,iBAAiB,CAAC,eAAe;oBAClC,IAAI;wBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,aAAa,CAAC,UAAU,CACnC,CAAC;AACF,wBAAAC,SAAiC,CAC7B,UAAU,EACV,UAAU,CACb,CAAC;AACL,qBAAA;AAAC,oBAAA,OAAO,CAAC,EAAE;AACR,wBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,qBAAA;oBACD,MAAM;gBACV,KAAK,iBAAiB,CAAC,GAAG;oBACtBC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,aAAa,CAAC,UAAU,CACnC,CAAC;oBACF,MAAM;AACb,aAAA;AACJ,SAAA;QAED,IAAI,OAAO,CAAC,gBAAgB,EAAE;YAC1BC,mBAA2C,CACvC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,CACtC,CAAC;AACL,SAAA;QAED,IAAI,OAAO,CAAC,eAAe,EAAE;AACzB,YAAAC,kBAA0C,CAAC,UAAU,EAAE;gBACnD,GAAG,OAAO,CAAC,eAAe;AAC7B,aAAA,CAAC,CAAC;AACN,SAAA;AAED,QAAAC,sBAA8C,CAC1C,UAAU,EACV,OAAO,CAAC,aAAa,EACrB,IAAI,CAAC,iBAAiB,CACzB,CAAC;AACF,QAAA,OAAOC,gBAAyB,CAAC,UAAU,CAAC,CAAC;KAChD;AACJ;;;;"}
@@ -0,0 +1,35 @@
1
+ import { ClientConfiguration, CommonClientConfiguration } from "../config/ClientConfiguration.js";
2
+ import { CommonSilentFlowRequest } from "../request/CommonSilentFlowRequest.js";
3
+ import { AuthenticationResult } from "../response/AuthenticationResult.js";
4
+ import { CacheOutcome } from "../utils/Constants.js";
5
+ import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
6
+ import { Authority } from "../authority/Authority.js";
7
+ import { Logger } from "../logger/Logger.js";
8
+ import { ICrypto } from "../crypto/ICrypto.js";
9
+ import { CacheManager } from "../cache/CacheManager.js";
10
+ import { INetworkModule } from "../network/INetworkModule.js";
11
+ import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
12
+ /** @internal */
13
+ export declare class SilentFlowClient {
14
+ logger: Logger;
15
+ protected config: CommonClientConfiguration;
16
+ protected cryptoUtils: ICrypto;
17
+ protected cacheManager: CacheManager;
18
+ protected networkClient: INetworkModule;
19
+ protected serverTelemetryManager: ServerTelemetryManager | null;
20
+ authority: Authority;
21
+ protected performanceClient: IPerformanceClient;
22
+ constructor(configuration: ClientConfiguration, performanceClient: IPerformanceClient);
23
+ /**
24
+ * Retrieves token from cache or throws an error if it must be refreshed.
25
+ * @param request
26
+ */
27
+ acquireCachedToken(request: CommonSilentFlowRequest): Promise<[AuthenticationResult, CacheOutcome]>;
28
+ private setCacheOutcome;
29
+ /**
30
+ * Helper function to build response object from the CacheRecord
31
+ * @param cacheRecord
32
+ */
33
+ private generateResultFromCacheRecord;
34
+ }
35
+ //# sourceMappingURL=SilentFlowClient.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"SilentFlowClient.d.ts","sourceRoot":"","sources":["../../src/client/SilentFlowClient.ts"],"names":[],"mappings":"AAKA,OAAO,EAEH,mBAAmB,EACnB,yBAAyB,EAC5B,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAQ3E,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AAMpF,OAAO,EACH,SAAS,EAEZ,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,+CAA+C,CAAC;AAGvF,gBAAgB;AAChB,qBAAa,gBAAgB;IAElB,MAAM,EAAE,MAAM,CAAC;IAGtB,SAAS,CAAC,MAAM,EAAE,yBAAyB,CAAC;IAG5C,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,SAAS,CAAC,YAAY,EAAE,YAAY,CAAC;IAGrC,SAAS,CAAC,aAAa,EAAE,cAAc,CAAC;IAGxC,SAAS,CAAC,sBAAsB,EAAE,sBAAsB,GAAG,IAAI,CAAC;IAGzD,SAAS,EAAE,SAAS,CAAC;IAG5B,SAAS,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;gBAG5C,aAAa,EAAE,mBAAmB,EAClC,iBAAiB,EAAE,kBAAkB;IA2BzC;;;OAGG;IACG,kBAAkB,CACpB,OAAO,EAAE,uBAAuB,GACjC,OAAO,CAAC,CAAC,oBAAoB,EAAE,YAAY,CAAC,CAAC;IAyGhD,OAAO,CAAC,eAAe;IAmBvB;;;OAGG;YACW,6BAA6B;CAkC9C"}
@@ -0,0 +1,125 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ import { buildClientConfiguration } from '../config/ClientConfiguration.mjs';
4
+ import { wasClockTurnedBack, isTokenExpired } from '../utils/TimeUtils.mjs';
5
+ import { createClientAuthError } from '../error/ClientAuthError.mjs';
6
+ import { ResponseHandler } from '../response/ResponseHandler.mjs';
7
+ import { CacheOutcome } from '../utils/Constants.mjs';
8
+ import { StringUtils } from '../utils/StringUtils.mjs';
9
+ import { extractTokenClaims, checkMaxAge } from '../account/AuthToken.mjs';
10
+ import { SilentFlowClientGenerateResultFromCacheRecord } from '../telemetry/performance/PerformanceEvents.mjs';
11
+ import { invokeAsync } from '../utils/FunctionWrappers.mjs';
12
+ import { getTenantFromAuthorityString } from '../authority/Authority.mjs';
13
+ import { Logger } from '../logger/Logger.mjs';
14
+ import { name, version } from '../packageMetadata.mjs';
15
+ import { tokenRefreshRequired, noAccountInSilentRequest, authTimeNotFound } from '../error/ClientAuthErrorCodes.mjs';
16
+
17
+ /*
18
+ * Copyright (c) Microsoft Corporation. All rights reserved.
19
+ * Licensed under the MIT License.
20
+ */
21
+ /** @internal */
22
+ class SilentFlowClient {
23
+ constructor(configuration, performanceClient) {
24
+ // Set the configuration
25
+ this.config = buildClientConfiguration(configuration);
26
+ // Initialize the logger
27
+ this.logger = new Logger(this.config.loggerOptions, name, version);
28
+ // Initialize crypto
29
+ this.cryptoUtils = this.config.cryptoInterface;
30
+ // Initialize storage interface
31
+ this.cacheManager = this.config.storageInterface;
32
+ // Set the network interface
33
+ this.networkClient = this.config.networkInterface;
34
+ // Set TelemetryManager
35
+ this.serverTelemetryManager = this.config.serverTelemetryManager;
36
+ // set Authority
37
+ this.authority = this.config.authOptions.authority;
38
+ // set performance telemetry client
39
+ this.performanceClient = performanceClient;
40
+ }
41
+ /**
42
+ * Retrieves token from cache or throws an error if it must be refreshed.
43
+ * @param request
44
+ */
45
+ async acquireCachedToken(request) {
46
+ let lastCacheOutcome = CacheOutcome.NOT_APPLICABLE;
47
+ if (request.forceRefresh || !StringUtils.isEmptyObj(request.claims)) {
48
+ // Must refresh due to present force_refresh flag.
49
+ this.setCacheOutcome(CacheOutcome.FORCE_REFRESH_OR_CLAIMS, request.correlationId);
50
+ throw createClientAuthError(tokenRefreshRequired);
51
+ }
52
+ // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases
53
+ if (!request.account) {
54
+ throw createClientAuthError(noAccountInSilentRequest);
55
+ }
56
+ const requestTenantId = request.account.tenantId ||
57
+ getTenantFromAuthorityString(request.authority);
58
+ const tokenKeys = this.cacheManager.getTokenKeys();
59
+ const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId);
60
+ if (!cachedAccessToken) {
61
+ // must refresh due to non-existent access_token
62
+ this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
63
+ throw createClientAuthError(tokenRefreshRequired);
64
+ }
65
+ else if (wasClockTurnedBack(cachedAccessToken.cachedAt) ||
66
+ isTokenExpired(cachedAccessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {
67
+ // must refresh due to the expires_in value
68
+ this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
69
+ throw createClientAuthError(tokenRefreshRequired);
70
+ }
71
+ else if (cachedAccessToken.refreshOn &&
72
+ isTokenExpired(cachedAccessToken.refreshOn, 0)) {
73
+ // must refresh (in the background) due to the refresh_in value
74
+ lastCacheOutcome = CacheOutcome.PROACTIVELY_REFRESHED;
75
+ // don't throw ClientAuthError.createRefreshRequiredError(), return cached token instead
76
+ }
77
+ const environment = request.authority || this.authority.getPreferredCache();
78
+ const cacheRecord = {
79
+ account: this.cacheManager.getAccount(this.cacheManager.generateAccountKey(request.account), request.correlationId),
80
+ accessToken: cachedAccessToken,
81
+ idToken: this.cacheManager.getIdToken(request.account, request.correlationId, tokenKeys, requestTenantId),
82
+ refreshToken: null,
83
+ appMetadata: this.cacheManager.readAppMetadataFromCache(environment, request.correlationId),
84
+ };
85
+ this.setCacheOutcome(lastCacheOutcome, request.correlationId);
86
+ if (this.config.serverTelemetryManager) {
87
+ this.config.serverTelemetryManager.incrementCacheHits();
88
+ }
89
+ return [
90
+ await invokeAsync(this.generateResultFromCacheRecord.bind(this), SilentFlowClientGenerateResultFromCacheRecord, this.logger, this.performanceClient, request.correlationId)(cacheRecord, request),
91
+ lastCacheOutcome,
92
+ ];
93
+ }
94
+ setCacheOutcome(cacheOutcome, correlationId) {
95
+ this.serverTelemetryManager?.setCacheOutcome(cacheOutcome);
96
+ this.performanceClient?.addFields({
97
+ cacheOutcome: cacheOutcome,
98
+ }, correlationId);
99
+ if (cacheOutcome !== CacheOutcome.NOT_APPLICABLE) {
100
+ this.logger.info("09ingz", correlationId);
101
+ }
102
+ }
103
+ /**
104
+ * Helper function to build response object from the CacheRecord
105
+ * @param cacheRecord
106
+ */
107
+ async generateResultFromCacheRecord(cacheRecord, request) {
108
+ let idTokenClaims;
109
+ if (cacheRecord.idToken) {
110
+ idTokenClaims = extractTokenClaims(cacheRecord.idToken.secret, this.config.cryptoInterface.base64Decode);
111
+ }
112
+ // token max_age check
113
+ if (request.maxAge || request.maxAge === 0) {
114
+ const authTime = idTokenClaims?.auth_time;
115
+ if (!authTime) {
116
+ throw createClientAuthError(authTimeNotFound);
117
+ }
118
+ checkMaxAge(authTime, request.maxAge);
119
+ }
120
+ return ResponseHandler.generateAuthenticationResult(this.cryptoUtils, this.authority, cacheRecord, true, request, this.performanceClient, idTokenClaims);
121
+ }
122
+ }
123
+
124
+ export { SilentFlowClient };
125
+ //# sourceMappingURL=SilentFlowClient.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"SilentFlowClient.mjs","sources":["../../src/client/SilentFlowClient.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.tokenRefreshRequired","ClientAuthErrorCodes.noAccountInSilentRequest","TimeUtils.wasClockTurnedBack","TimeUtils.isTokenExpired","PerformanceEvents.SilentFlowClientGenerateResultFromCacheRecord","ClientAuthErrorCodes.authTimeNotFound"],"mappings":";;;;;;;;;;;;;;;;AAAA;;;AAGG;AAkCH;MACa,gBAAgB,CAAA;IAyBzB,WACI,CAAA,aAAkC,EAClC,iBAAqC,EAAA;;AAGrC,QAAA,IAAI,CAAC,MAAM,GAAG,wBAAwB,CAAC,aAAa,CAAC,CAAC;;AAGtD,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;;QAGnE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;;QAG/C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGjD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGlD,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;;QAGjE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;;AAGnD,QAAA,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KAC9C;AAED;;;AAGG;IACH,MAAM,kBAAkB,CACpB,OAAgC,EAAA;AAEhC,QAAA,IAAI,gBAAgB,GAAiB,YAAY,CAAC,cAAc,CAAC;AAEjE,QAAA,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;;YAEjE,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,uBAAuB,EACpC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBA,oBAAyC,CAC5C,CAAC;AACL,SAAA;;AAGD,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;AAClB,YAAA,MAAM,qBAAqB,CACvBC,wBAA6C,CAChD,CAAC;AACL,SAAA;AAED,QAAA,MAAM,eAAe,GACjB,OAAO,CAAC,OAAO,CAAC,QAAQ;AACxB,YAAA,4BAA4B,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE,CAAC;AACnD,QAAA,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,cAAc,CACtD,OAAO,CAAC,OAAO,EACf,OAAO,EACP,SAAS,EACT,eAAe,CAClB,CAAC;QAEF,IAAI,CAAC,iBAAiB,EAAE;;YAEpB,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,sBAAsB,EACnC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBD,oBAAyC,CAC5C,CAAC;AACL,SAAA;AAAM,aAAA,IACHE,kBAA4B,CAAC,iBAAiB,CAAC,QAAQ,CAAC;AACxD,YAAAC,cAAwB,CACpB,iBAAiB,CAAC,SAAS,EAC3B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,yBAAyB,CACtD,EACH;;YAEE,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,2BAA2B,EACxC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBH,oBAAyC,CAC5C,CAAC;AACL,SAAA;aAAM,IACH,iBAAiB,CAAC,SAAS;YAC3BG,cAAwB,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC,CAAC,EAC1D;;AAEE,YAAA,gBAAgB,GAAG,YAAY,CAAC,qBAAqB,CAAC;;AAGzD,SAAA;AAED,QAAA,MAAM,WAAW,GACb,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC;AAC5D,QAAA,MAAM,WAAW,GAAgB;YAC7B,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,CACjC,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,EACrD,OAAO,CAAC,aAAa,CACxB;AACD,YAAA,WAAW,EAAE,iBAAiB;AAC9B,YAAA,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,CACjC,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,aAAa,EACrB,SAAS,EACT,eAAe,CAClB;AACD,YAAA,YAAY,EAAE,IAAI;AAClB,YAAA,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,wBAAwB,CACnD,WAAW,EACX,OAAO,CAAC,aAAa,CACxB;SACJ,CAAC;QAEF,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;AAE9D,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;AACpC,YAAA,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,kBAAkB,EAAE,CAAC;AAC3D,SAAA;QAED,OAAO;AACH,YAAA,MAAM,WAAW,CACb,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,EAC7CC,6CAA+D,EAC/D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,WAAW,EAAE,OAAO,CAAC;YACvB,gBAAgB;SACnB,CAAC;KACL;IAEO,eAAe,CACnB,YAA0B,EAC1B,aAAqB,EAAA;AAErB,QAAA,IAAI,CAAC,sBAAsB,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;AAC3D,QAAA,IAAI,CAAC,iBAAiB,EAAE,SAAS,CAC7B;AACI,YAAA,YAAY,EAAE,YAAY;SAC7B,EACD,aAAa,CAChB,CAAC;AACF,QAAA,IAAI,YAAY,KAAK,YAAY,CAAC,cAAc,EAAE;YAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,QAAoD,EAAA,aAAA,CAAA,CAAA;AAG3D,SAAA;KACJ;AAED;;;AAGG;AACK,IAAA,MAAM,6BAA6B,CACvC,WAAwB,EACxB,OAAgC,EAAA;AAEhC,QAAA,IAAI,aAAsC,CAAC;QAC3C,IAAI,WAAW,CAAC,OAAO,EAAE;AACrB,YAAA,aAAa,GAAG,kBAAkB,CAC9B,WAAW,CAAC,OAAO,CAAC,MAAM,EAC1B,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,YAAY,CAC3C,CAAC;AACL,SAAA;;QAGD,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;AACxC,YAAA,MAAM,QAAQ,GAAG,aAAa,EAAE,SAAS,CAAC;YAC1C,IAAI,CAAC,QAAQ,EAAE;AACX,gBAAA,MAAM,qBAAqB,CACvBC,gBAAqC,CACxC,CAAC;AACL,aAAA;AAED,YAAA,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AACzC,SAAA;QAED,OAAO,eAAe,CAAC,4BAA4B,CAC/C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAS,EACd,WAAW,EACX,IAAI,EACJ,OAAO,EACP,IAAI,CAAC,iBAAiB,EACtB,aAAa,CAChB,CAAC;KACL;AACJ;;;;"}
@@ -0,0 +1,39 @@
1
+ /**
2
+ * Extensibility interface, which allows the app developer to return a token, based on the passed-in parameters, instead of fetching tokens from
3
+ * the Identity Provider (AAD).
4
+ * Developers need to construct and return an AppTokenProviderResult object back to MSAL. MSAL will cache the token response
5
+ * in the same way it would do if the result were comming from AAD.
6
+ * This extensibility point is only defined for the client_credential flow, i.e. acquireTokenByClientCredential and
7
+ * meant for Azure SDK to enhance Managed Identity support.
8
+ */
9
+ export interface IAppTokenProvider {
10
+ (appTokenProviderParameters: AppTokenProviderParameters): Promise<AppTokenProviderResult>;
11
+ }
12
+ /**
13
+ * Input object for the IAppTokenProvider extensiblity. MSAL will create this object, which can be used
14
+ * to help create an AppTokenProviderResult.
15
+ *
16
+ * - correlationId - the correlation Id associated with the request
17
+ * - tenantId - the tenant Id for which the token must be provided
18
+ * - scopes - the scopes for which the token must be provided
19
+ * - claims - any extra claims that the token must satisfy
20
+ */
21
+ export type AppTokenProviderParameters = {
22
+ readonly correlationId?: string;
23
+ readonly tenantId: string;
24
+ readonly scopes: Array<string>;
25
+ readonly claims?: string;
26
+ };
27
+ /**
28
+ * Output object for IAppTokenProvider extensiblity.
29
+ *
30
+ * - accessToken - the actual access token, typically in JWT format, that satisfies the request data AppTokenProviderParameters
31
+ * - expiresInSeconds - how long the tokens has before expiry, in seconds. Similar to the "expires_in" field in an AAD token response.
32
+ * - refreshInSeconds - how long the token has before it should be proactively refreshed. Similar to the "refresh_in" field in an AAD token response.
33
+ */
34
+ export type AppTokenProviderResult = {
35
+ accessToken: string;
36
+ expiresInSeconds: number;
37
+ refreshInSeconds?: number;
38
+ };
39
+ //# sourceMappingURL=AppTokenProvider.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AppTokenProvider.d.ts","sourceRoot":"","sources":["../../src/config/AppTokenProvider.ts"],"names":[],"mappings":"AAKA;;;;;;;GAOG;AACH,MAAM,WAAW,iBAAiB;IAC9B,CACI,0BAA0B,EAAE,0BAA0B,GACvD,OAAO,CAAC,sBAAsB,CAAC,CAAC;CACtC;AAED;;;;;;;;GAQG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC"}
@@ -0,0 +1,143 @@
1
+ import { INetworkModule } from "../network/INetworkModule.js";
2
+ import { ICrypto } from "../crypto/ICrypto.js";
3
+ import { ILoggerCallback, LogLevel } from "../logger/Logger.js";
4
+ import type { Authority } from "../authority/Authority.js";
5
+ import { AzureCloudInstance } from "../authority/AuthorityOptions.js";
6
+ import { CacheManager } from "../cache/CacheManager.js";
7
+ import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
8
+ import { ICachePlugin } from "../cache/interface/ICachePlugin.js";
9
+ import { ISerializableTokenCache } from "../cache/interface/ISerializableTokenCache.js";
10
+ import { ClientCredentials } from "../account/ClientCredentials.js";
11
+ /**
12
+ * Use the configuration object to configure MSAL Modules and initialize the base interfaces for MSAL.
13
+ *
14
+ * This object allows you to configure important elements of MSAL functionality:
15
+ * - authOptions - Authentication for application
16
+ * - cryptoInterface - Implementation of crypto functions
17
+ * - libraryInfo - Library metadata
18
+ * - telemetry - Telemetry options and data
19
+ * - loggerOptions - Logging for application
20
+ * - networkInterface - Network implementation
21
+ * - storageInterface - Storage implementation
22
+ * - systemOptions - Additional library options
23
+ * - clientCredentials - Credentials options for confidential clients
24
+ * @internal
25
+ */
26
+ export type ClientConfiguration = {
27
+ authOptions: AuthOptions;
28
+ systemOptions?: SystemOptions;
29
+ loggerOptions?: LoggerOptions;
30
+ storageInterface?: CacheManager;
31
+ networkInterface?: INetworkModule;
32
+ cryptoInterface?: ICrypto;
33
+ clientCredentials?: ClientCredentials;
34
+ libraryInfo?: LibraryInfo;
35
+ telemetry?: TelemetryOptions;
36
+ serverTelemetryManager?: ServerTelemetryManager | null;
37
+ persistencePlugin?: ICachePlugin | null;
38
+ serializableCache?: ISerializableTokenCache | null;
39
+ };
40
+ export type CommonClientConfiguration = {
41
+ authOptions: Required<AuthOptions>;
42
+ systemOptions: Required<SystemOptions>;
43
+ loggerOptions: Required<LoggerOptions>;
44
+ storageInterface: CacheManager;
45
+ networkInterface: INetworkModule;
46
+ cryptoInterface: Required<ICrypto>;
47
+ libraryInfo: LibraryInfo;
48
+ telemetry: Required<TelemetryOptions>;
49
+ serverTelemetryManager: ServerTelemetryManager | null;
50
+ clientCredentials: ClientCredentials;
51
+ persistencePlugin: ICachePlugin | null;
52
+ serializableCache: ISerializableTokenCache | null;
53
+ };
54
+ /**
55
+ * Use this to configure the auth options in the ClientConfiguration object
56
+ *
57
+ * - clientId - Client ID of your app registered with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview in Microsoft Identity Platform
58
+ * - authority - You can configure a specific authority, defaults to " " or "https://login.microsoftonline.com/common"
59
+ * - knownAuthorities - An array of URIs that are known to be valid. Used in B2C scenarios.
60
+ * - cloudDiscoveryMetadata - A string containing the cloud discovery response. Used in AAD scenarios.
61
+ * - clientCapabilities - Array of capabilities which will be added to the claims.access_token.xms_cc request property on every network request.
62
+ * - instanceAware - A flag of whether the STS will send back additional parameters to specify where the tokens should be retrieved from.
63
+ * - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
64
+ * @internal
65
+ */
66
+ export type AuthOptions = {
67
+ clientId: string;
68
+ authority: Authority;
69
+ redirectUri: string;
70
+ clientCapabilities?: Array<string>;
71
+ azureCloudOptions?: AzureCloudOptions;
72
+ instanceAware?: boolean;
73
+ };
74
+ /**
75
+ * Use this to configure token renewal info in the Configuration object
76
+ *
77
+ * - tokenRenewalOffsetSeconds - Sets the window of offset needed to renew the token before expiry
78
+ * - protocolMode - Enum that represents the protocol that msal follows. Used for configuring proper endpoints.
79
+ */
80
+ export type SystemOptions = {
81
+ tokenRenewalOffsetSeconds?: number;
82
+ preventCorsPreflight?: boolean;
83
+ };
84
+ /**
85
+ * Use this to configure the logging that MSAL does, by configuring logger options in the Configuration object
86
+ *
87
+ * - loggerCallback - Callback for logger
88
+ * - piiLoggingEnabled - Sets whether pii logging is enabled
89
+ * - logLevel - Sets the level at which logging happens
90
+ * - correlationId - Sets the correlationId printed by the logger
91
+ */
92
+ export type LoggerOptions = {
93
+ loggerCallback?: ILoggerCallback;
94
+ piiLoggingEnabled?: boolean;
95
+ logLevel?: LogLevel;
96
+ correlationId?: string;
97
+ };
98
+ /**
99
+ * Library-specific options
100
+ */
101
+ export type LibraryInfo = {
102
+ sku: string;
103
+ version: string;
104
+ cpu: string;
105
+ os: string;
106
+ };
107
+ /**
108
+ * AzureCloudInstance specific options
109
+ *
110
+ * - azureCloudInstance - string enum providing short notation for soverign and public cloud authorities
111
+ * - tenant - provision to provide the tenant info
112
+ */
113
+ export type AzureCloudOptions = {
114
+ azureCloudInstance: AzureCloudInstance;
115
+ tenant?: string;
116
+ };
117
+ export type TelemetryOptions = {
118
+ application: ApplicationTelemetry;
119
+ };
120
+ /**
121
+ * Telemetry information sent on request
122
+ * - appName: Unique string name of an application
123
+ * - appVersion: Version of the application using MSAL
124
+ */
125
+ export type ApplicationTelemetry = {
126
+ appName: string;
127
+ appVersion: string;
128
+ };
129
+ export declare const DEFAULT_SYSTEM_OPTIONS: Required<SystemOptions>;
130
+ /**
131
+ * Function that sets the default options when not explicitly configured from app developer
132
+ *
133
+ * @param Configuration
134
+ *
135
+ * @returns Configuration
136
+ */
137
+ export declare function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions: userSystemOptions, loggerOptions: userLoggerOption, storageInterface: storageImplementation, networkInterface: networkImplementation, cryptoInterface: cryptoImplementation, clientCredentials: clientCredentials, libraryInfo: libraryInfo, telemetry: telemetry, serverTelemetryManager: serverTelemetryManager, persistencePlugin: persistencePlugin, serializableCache: serializableCache, }: ClientConfiguration): CommonClientConfiguration;
138
+ /**
139
+ * Returns true if config has protocolMode set to ProtocolMode.OIDC, false otherwise
140
+ * @param ClientConfiguration
141
+ */
142
+ export declare function isOidcProtocolMode(config: ClientConfiguration): boolean;
143
+ //# sourceMappingURL=ClientConfiguration.d.ts.map