@azure/msal-common 16.0.0-beta.0 → 16.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +11 -7
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.d.ts.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Token.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +63 -20
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +18 -13
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +48 -27
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/dist/request/CommonEndSessionRequest.d.ts +21 -7
- package/dist/request/CommonEndSessionRequest.d.ts.map +1 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +12 -10
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +12 -14
- package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +2 -1
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +3 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist-browser/account/AccountInfo.d.ts +71 -0
- package/dist-browser/account/AccountInfo.d.ts.map +1 -0
- package/dist-browser/account/AccountInfo.mjs +85 -0
- package/dist-browser/account/AccountInfo.mjs.map +1 -0
- package/dist-browser/account/AuthToken.d.ts +24 -0
- package/dist-browser/account/AuthToken.d.ts.map +1 -0
- package/dist-browser/account/AuthToken.mjs +85 -0
- package/dist-browser/account/AuthToken.mjs.map +1 -0
- package/dist-browser/account/CcsCredential.d.ts +10 -0
- package/dist-browser/account/CcsCredential.d.ts.map +1 -0
- package/dist-browser/account/CcsCredential.mjs +13 -0
- package/dist-browser/account/CcsCredential.mjs.map +1 -0
- package/dist-browser/account/ClientCredentials.d.ts +20 -0
- package/dist-browser/account/ClientCredentials.d.ts.map +1 -0
- package/dist-browser/account/ClientInfo.d.ts +23 -0
- package/dist-browser/account/ClientInfo.d.ts.map +1 -0
- package/dist-browser/account/ClientInfo.mjs +44 -0
- package/dist-browser/account/ClientInfo.mjs.map +1 -0
- package/dist-browser/account/TokenClaims.d.ts +88 -0
- package/dist-browser/account/TokenClaims.d.ts.map +1 -0
- package/dist-browser/account/TokenClaims.mjs +25 -0
- package/dist-browser/account/TokenClaims.mjs.map +1 -0
- package/dist-browser/authority/Authority.d.ts +255 -0
- package/dist-browser/authority/Authority.d.ts.map +1 -0
- package/dist-browser/authority/Authority.mjs +841 -0
- package/dist-browser/authority/Authority.mjs.map +1 -0
- package/dist-browser/authority/AuthorityFactory.d.ts +23 -0
- package/dist-browser/authority/AuthorityFactory.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityFactory.mjs +42 -0
- package/dist-browser/authority/AuthorityFactory.mjs.map +1 -0
- package/dist-browser/authority/AuthorityMetadata.d.ts +44 -0
- package/dist-browser/authority/AuthorityMetadata.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityMetadata.mjs +146 -0
- package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -0
- package/dist-browser/authority/AuthorityOptions.d.ts +27 -0
- package/dist-browser/authority/AuthorityOptions.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityOptions.mjs +23 -0
- package/dist-browser/authority/AuthorityOptions.mjs.map +1 -0
- package/dist-browser/authority/AuthorityType.d.ts +11 -0
- package/dist-browser/authority/AuthorityType.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityType.mjs +18 -0
- package/dist-browser/authority/AuthorityType.mjs.map +1 -0
- package/dist-browser/authority/AzureRegion.d.ts +2 -0
- package/dist-browser/authority/AzureRegion.d.ts.map +1 -0
- package/dist-browser/authority/AzureRegionConfiguration.d.ts +6 -0
- package/dist-browser/authority/AzureRegionConfiguration.d.ts.map +1 -0
- package/dist-browser/authority/CloudDiscoveryMetadata.d.ts +6 -0
- package/dist-browser/authority/CloudDiscoveryMetadata.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts +14 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +13 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts +10 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +13 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs.map +1 -0
- package/dist-browser/authority/ImdsOptions.d.ts +6 -0
- package/dist-browser/authority/ImdsOptions.d.ts.map +1 -0
- package/dist-browser/authority/OIDCOptions.d.ts +9 -0
- package/dist-browser/authority/OIDCOptions.d.ts.map +1 -0
- package/dist-browser/authority/OpenIdConfigResponse.d.ts +12 -0
- package/dist-browser/authority/OpenIdConfigResponse.d.ts.map +1 -0
- package/dist-browser/authority/OpenIdConfigResponse.mjs +15 -0
- package/dist-browser/authority/OpenIdConfigResponse.mjs.map +1 -0
- package/dist-browser/authority/ProtocolMode.d.ts +20 -0
- package/dist-browser/authority/ProtocolMode.d.ts.map +1 -0
- package/dist-browser/authority/ProtocolMode.mjs +27 -0
- package/dist-browser/authority/ProtocolMode.mjs.map +1 -0
- package/dist-browser/authority/RegionDiscovery.d.ts +33 -0
- package/dist-browser/authority/RegionDiscovery.d.ts.map +1 -0
- package/dist-browser/authority/RegionDiscovery.mjs +111 -0
- package/dist-browser/authority/RegionDiscovery.mjs.map +1 -0
- package/dist-browser/authority/RegionDiscoveryMetadata.d.ts +7 -0
- package/dist-browser/authority/RegionDiscoveryMetadata.d.ts.map +1 -0
- package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts +17 -0
- package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -0
- package/dist-browser/cache/CacheManager.d.ts +478 -0
- package/dist-browser/cache/CacheManager.d.ts.map +1 -0
- package/dist-browser/cache/CacheManager.mjs +1111 -0
- package/dist-browser/cache/CacheManager.mjs.map +1 -0
- package/dist-browser/cache/entities/AccessTokenEntity.d.ts +22 -0
- package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AccountEntity.d.ts +45 -0
- package/dist-browser/cache/entities/AccountEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AppMetadataEntity.d.ts +12 -0
- package/dist-browser/cache/entities/AppMetadataEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts +16 -0
- package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/CacheRecord.d.ts +14 -0
- package/dist-browser/cache/entities/CacheRecord.d.ts.map +1 -0
- package/dist-browser/cache/entities/CredentialEntity.d.ts +31 -0
- package/dist-browser/cache/entities/CredentialEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/IdTokenEntity.d.ts +9 -0
- package/dist-browser/cache/entities/IdTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/RefreshTokenEntity.d.ts +8 -0
- package/dist-browser/cache/entities/RefreshTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts +7 -0
- package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/ThrottlingEntity.d.ts +8 -0
- package/dist-browser/cache/entities/ThrottlingEntity.d.ts.map +1 -0
- package/dist-browser/cache/interface/ICacheManager.d.ts +188 -0
- package/dist-browser/cache/interface/ICacheManager.d.ts.map +1 -0
- package/dist-browser/cache/interface/ICachePlugin.d.ts +6 -0
- package/dist-browser/cache/interface/ICachePlugin.d.ts.map +1 -0
- package/dist-browser/cache/interface/ISerializableTokenCache.d.ts +5 -0
- package/dist-browser/cache/interface/ISerializableTokenCache.d.ts.map +1 -0
- package/dist-browser/cache/persistence/TokenCacheContext.d.ts +24 -0
- package/dist-browser/cache/persistence/TokenCacheContext.d.ts.map +1 -0
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +30 -0
- package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -0
- package/dist-browser/cache/utils/AccountEntityUtils.d.ts +53 -0
- package/dist-browser/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +192 -0
- package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -0
- package/dist-browser/cache/utils/CacheHelpers.d.ts +86 -0
- package/dist-browser/cache/utils/CacheHelpers.d.ts.map +1 -0
- package/dist-browser/cache/utils/CacheHelpers.mjs +267 -0
- package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -0
- package/dist-browser/cache/utils/CacheTypes.d.ts +69 -0
- package/dist-browser/cache/utils/CacheTypes.d.ts.map +1 -0
- package/dist-browser/client/AuthorizationCodeClient.d.ts +64 -0
- package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -0
- package/dist-browser/client/AuthorizationCodeClient.mjs +287 -0
- package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -0
- package/dist-browser/client/RefreshTokenClient.d.ts +49 -0
- package/dist-browser/client/RefreshTokenClient.d.ts.map +1 -0
- package/dist-browser/client/RefreshTokenClient.mjs +254 -0
- package/dist-browser/client/RefreshTokenClient.mjs.map +1 -0
- package/dist-browser/client/SilentFlowClient.d.ts +35 -0
- package/dist-browser/client/SilentFlowClient.d.ts.map +1 -0
- package/dist-browser/client/SilentFlowClient.mjs +125 -0
- package/dist-browser/client/SilentFlowClient.mjs.map +1 -0
- package/dist-browser/config/AppTokenProvider.d.ts +39 -0
- package/dist-browser/config/AppTokenProvider.d.ts.map +1 -0
- package/dist-browser/config/ClientConfiguration.d.ts +143 -0
- package/dist-browser/config/ClientConfiguration.d.ts.map +1 -0
- package/dist-browser/config/ClientConfiguration.mjs +107 -0
- package/dist-browser/config/ClientConfiguration.mjs.map +1 -0
- package/dist-browser/constants/AADServerParamKeys.d.ts +59 -0
- package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -0
- package/dist-browser/constants/AADServerParamKeys.mjs +67 -0
- package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -0
- package/dist-browser/crypto/ICrypto.d.ts +71 -0
- package/dist-browser/crypto/ICrypto.d.ts.map +1 -0
- package/dist-browser/crypto/ICrypto.mjs +44 -0
- package/dist-browser/crypto/ICrypto.mjs.map +1 -0
- package/dist-browser/crypto/IGuidGenerator.d.ts +5 -0
- package/dist-browser/crypto/IGuidGenerator.d.ts.map +1 -0
- package/dist-browser/crypto/JoseHeader.d.ts +23 -0
- package/dist-browser/crypto/JoseHeader.d.ts.map +1 -0
- package/dist-browser/crypto/JoseHeader.mjs +46 -0
- package/dist-browser/crypto/JoseHeader.mjs.map +1 -0
- package/dist-browser/crypto/PopTokenGenerator.d.ts +60 -0
- package/dist-browser/crypto/PopTokenGenerator.d.ts.map +1 -0
- package/dist-browser/crypto/PopTokenGenerator.mjs +87 -0
- package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -0
- package/dist-browser/crypto/SignedHttpRequest.d.ts +16 -0
- package/dist-browser/crypto/SignedHttpRequest.d.ts.map +1 -0
- package/dist-browser/error/AuthError.d.ts +33 -0
- package/dist-browser/error/AuthError.d.ts.map +1 -0
- package/dist-browser/error/AuthError.mjs +34 -0
- package/dist-browser/error/AuthError.mjs.map +1 -0
- package/dist-browser/error/AuthErrorCodes.d.ts +6 -0
- package/dist-browser/error/AuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/AuthErrorCodes.mjs +14 -0
- package/dist-browser/error/AuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/CacheError.d.ts +23 -0
- package/dist-browser/error/CacheError.d.ts.map +1 -0
- package/dist-browser/error/CacheError.mjs +45 -0
- package/dist-browser/error/CacheError.mjs.map +1 -0
- package/dist-browser/error/CacheErrorCodes.d.ts +3 -0
- package/dist-browser/error/CacheErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/CacheErrorCodes.mjs +11 -0
- package/dist-browser/error/CacheErrorCodes.mjs.map +1 -0
- package/dist-browser/error/ClientAuthError.d.ts +14 -0
- package/dist-browser/error/ClientAuthError.d.ts.map +1 -0
- package/dist-browser/error/ClientAuthError.mjs +27 -0
- package/dist-browser/error/ClientAuthError.mjs.map +1 -0
- package/dist-browser/error/ClientAuthErrorCodes.d.ts +38 -0
- package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/ClientAuthErrorCodes.mjs +46 -0
- package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/ClientConfigurationError.d.ts +11 -0
- package/dist-browser/error/ClientConfigurationError.d.ts.map +1 -0
- package/dist-browser/error/ClientConfigurationError.mjs +24 -0
- package/dist-browser/error/ClientConfigurationError.mjs.map +1 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.d.ts +23 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +31 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthError.d.ts +48 -0
- package/dist-browser/error/InteractionRequiredAuthError.d.ts.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthError.mjs +73 -0
- package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts +9 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +19 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/JoseHeaderError.d.ts +12 -0
- package/dist-browser/error/JoseHeaderError.d.ts.map +1 -0
- package/dist-browser/error/JoseHeaderError.mjs +25 -0
- package/dist-browser/error/JoseHeaderError.mjs.map +1 -0
- package/dist-browser/error/JoseHeaderErrorCodes.d.ts +3 -0
- package/dist-browser/error/JoseHeaderErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +11 -0
- package/dist-browser/error/JoseHeaderErrorCodes.mjs.map +1 -0
- package/dist-browser/error/NetworkError.d.ts +19 -0
- package/dist-browser/error/NetworkError.d.ts.map +1 -0
- package/dist-browser/error/NetworkError.mjs +35 -0
- package/dist-browser/error/NetworkError.mjs.map +1 -0
- package/dist-browser/error/PlatformBrokerError.d.ts +16 -0
- package/dist-browser/error/PlatformBrokerError.d.ts.map +1 -0
- package/dist-browser/error/PlatformBrokerError.mjs +49 -0
- package/dist-browser/error/PlatformBrokerError.mjs.map +1 -0
- package/dist-browser/error/ServerError.d.ts +16 -0
- package/dist-browser/error/ServerError.d.ts.map +1 -0
- package/dist-browser/error/ServerError.mjs +23 -0
- package/dist-browser/error/ServerError.mjs.map +1 -0
- package/dist-browser/exports-browser-only.d.ts +11 -0
- package/dist-browser/exports-browser-only.d.ts.map +1 -0
- package/dist-browser/exports-common.d.ts +86 -0
- package/dist-browser/exports-common.d.ts.map +1 -0
- package/dist-browser/exports-node-only.d.ts +16 -0
- package/dist-browser/exports-node-only.d.ts.map +1 -0
- package/dist-browser/index-browser.d.ts +7 -0
- package/dist-browser/index-browser.d.ts.map +1 -0
- package/dist-browser/index-browser.mjs +78 -0
- package/dist-browser/index-browser.mjs.map +1 -0
- package/dist-browser/index-node.d.ts +7 -0
- package/dist-browser/index-node.d.ts.map +1 -0
- package/dist-browser/index.d.ts +12 -0
- package/dist-browser/index.d.ts.map +1 -0
- package/dist-browser/index.mjs +82 -0
- package/dist-browser/index.mjs.map +1 -0
- package/dist-browser/log-strings-mapping.json +383 -0
- package/dist-browser/logger/Logger.d.ts +119 -0
- package/dist-browser/logger/Logger.d.ts.map +1 -0
- package/dist-browser/logger/Logger.mjs +278 -0
- package/dist-browser/logger/Logger.mjs.map +1 -0
- package/dist-browser/network/INetworkModule.d.ts +30 -0
- package/dist-browser/network/INetworkModule.d.ts.map +1 -0
- package/dist-browser/network/INetworkModule.mjs +20 -0
- package/dist-browser/network/INetworkModule.mjs.map +1 -0
- package/dist-browser/network/NetworkResponse.d.ts +6 -0
- package/dist-browser/network/NetworkResponse.d.ts.map +1 -0
- package/dist-browser/network/RequestThumbprint.d.ts +22 -0
- package/dist-browser/network/RequestThumbprint.d.ts.map +1 -0
- package/dist-browser/network/RequestThumbprint.mjs +24 -0
- package/dist-browser/network/RequestThumbprint.mjs.map +1 -0
- package/dist-browser/network/ThrottlingUtils.d.ts +43 -0
- package/dist-browser/network/ThrottlingUtils.d.ts.map +1 -0
- package/dist-browser/network/ThrottlingUtils.mjs +92 -0
- package/dist-browser/network/ThrottlingUtils.mjs.map +1 -0
- package/dist-browser/packageMetadata.d.ts +3 -0
- package/dist-browser/packageMetadata.d.ts.map +1 -0
- package/dist-browser/packageMetadata.mjs +8 -0
- package/dist-browser/packageMetadata.mjs.map +1 -0
- package/dist-browser/protocol/Authorize.d.ts +37 -0
- package/dist-browser/protocol/Authorize.d.ts.map +1 -0
- package/dist-browser/protocol/Authorize.mjs +237 -0
- package/dist-browser/protocol/Authorize.mjs.map +1 -0
- package/dist-browser/protocol/Token.d.ts +40 -0
- package/dist-browser/protocol/Token.d.ts.map +1 -0
- package/dist-browser/protocol/Token.mjs +129 -0
- package/dist-browser/protocol/Token.mjs.map +1 -0
- package/dist-browser/request/AuthenticationHeaderParser.d.ts +20 -0
- package/dist-browser/request/AuthenticationHeaderParser.d.ts.map +1 -0
- package/dist-browser/request/AuthenticationHeaderParser.mjs +64 -0
- package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -0
- package/dist-browser/request/BaseAuthRequest.d.ts +95 -0
- package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts +32 -0
- package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts +71 -0
- package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonEndSessionRequest.d.ts +36 -0
- package/dist-browser/request/CommonEndSessionRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonRefreshTokenRequest.d.ts +24 -0
- package/dist-browser/request/CommonRefreshTokenRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonSilentFlowRequest.d.ts +24 -0
- package/dist-browser/request/CommonSilentFlowRequest.d.ts.map +1 -0
- package/dist-browser/request/NativeRequest.d.ts +20 -0
- package/dist-browser/request/NativeRequest.d.ts.map +1 -0
- package/dist-browser/request/NativeSignOutRequest.d.ts +6 -0
- package/dist-browser/request/NativeSignOutRequest.d.ts.map +1 -0
- package/dist-browser/request/RequestParameterBuilder.d.ts +217 -0
- package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -0
- package/dist-browser/request/RequestParameterBuilder.mjs +410 -0
- package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -0
- package/dist-browser/request/ScopeSet.d.ts +83 -0
- package/dist-browser/request/ScopeSet.d.ts.map +1 -0
- package/dist-browser/request/ScopeSet.mjs +204 -0
- package/dist-browser/request/ScopeSet.mjs.map +1 -0
- package/dist-browser/request/StoreInCache.d.ts +9 -0
- package/dist-browser/request/StoreInCache.d.ts.map +1 -0
- package/dist-browser/response/AuthenticationResult.d.ts +42 -0
- package/dist-browser/response/AuthenticationResult.d.ts.map +1 -0
- package/dist-browser/response/AuthorizationCodePayload.d.ts +14 -0
- package/dist-browser/response/AuthorizationCodePayload.d.ts.map +1 -0
- package/dist-browser/response/AuthorizeResponse.d.ts +76 -0
- package/dist-browser/response/AuthorizeResponse.d.ts.map +1 -0
- package/dist-browser/response/DeviceCodeResponse.d.ts +26 -0
- package/dist-browser/response/DeviceCodeResponse.d.ts.map +1 -0
- package/dist-browser/response/ExternalTokenResponse.d.ts +16 -0
- package/dist-browser/response/ExternalTokenResponse.d.ts.map +1 -0
- package/dist-browser/response/IMDSBadResponse.d.ts +5 -0
- package/dist-browser/response/IMDSBadResponse.d.ts.map +1 -0
- package/dist-browser/response/ResponseHandler.d.ts +63 -0
- package/dist-browser/response/ResponseHandler.d.ts.map +1 -0
- package/dist-browser/response/ResponseHandler.mjs +349 -0
- package/dist-browser/response/ResponseHandler.mjs.map +1 -0
- package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts +48 -0
- package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/IPerformanceClient.d.ts +30 -0
- package/dist-browser/telemetry/performance/IPerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts +6 -0
- package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceClient.d.ts +170 -0
- package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +490 -0
- package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +286 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +45 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.d.ts +66 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +74 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs.map +1 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts +21 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +59 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts +79 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +266 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts +9 -0
- package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts.map +1 -0
- package/dist-browser/url/IUri.d.ts +13 -0
- package/dist-browser/url/IUri.d.ts.map +1 -0
- package/dist-browser/url/UrlString.d.ts +44 -0
- package/dist-browser/url/UrlString.d.ts.map +1 -0
- package/dist-browser/url/UrlString.mjs +164 -0
- package/dist-browser/url/UrlString.mjs.map +1 -0
- package/dist-browser/utils/ClientAssertionUtils.d.ts +3 -0
- package/dist-browser/utils/ClientAssertionUtils.d.ts.map +1 -0
- package/dist-browser/utils/ClientAssertionUtils.mjs +21 -0
- package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -0
- package/dist-browser/utils/Constants.d.ts +283 -0
- package/dist-browser/utils/Constants.d.ts.map +1 -0
- package/dist-browser/utils/Constants.mjs +298 -0
- package/dist-browser/utils/Constants.mjs.map +1 -0
- package/dist-browser/utils/FunctionWrappers.d.ts +28 -0
- package/dist-browser/utils/FunctionWrappers.d.ts.map +1 -0
- package/dist-browser/utils/FunctionWrappers.mjs +98 -0
- package/dist-browser/utils/FunctionWrappers.mjs.map +1 -0
- package/dist-browser/utils/MsalTypes.d.ts +7 -0
- package/dist-browser/utils/MsalTypes.d.ts.map +1 -0
- package/dist-browser/utils/ProtocolUtils.d.ts +22 -0
- package/dist-browser/utils/ProtocolUtils.d.ts.map +1 -0
- package/dist-browser/utils/ProtocolUtils.mjs +74 -0
- package/dist-browser/utils/ProtocolUtils.mjs.map +1 -0
- package/dist-browser/utils/StateTypes.d.ts +15 -0
- package/dist-browser/utils/StateTypes.d.ts.map +1 -0
- package/dist-browser/utils/StringUtils.d.ts +41 -0
- package/dist-browser/utils/StringUtils.d.ts.map +1 -0
- package/dist-browser/utils/StringUtils.mjs +100 -0
- package/dist-browser/utils/StringUtils.mjs.map +1 -0
- package/dist-browser/utils/TimeUtils.d.ts +43 -0
- package/dist-browser/utils/TimeUtils.d.ts.map +1 -0
- package/dist-browser/utils/TimeUtils.mjs +76 -0
- package/dist-browser/utils/TimeUtils.mjs.map +1 -0
- package/dist-browser/utils/UrlUtils.d.ts +23 -0
- package/dist-browser/utils/UrlUtils.d.ts.map +1 -0
- package/dist-browser/utils/UrlUtils.mjs +115 -0
- package/dist-browser/utils/UrlUtils.mjs.map +1 -0
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-B7mR4APO.js → index-node-A5mPbLhz.js} +14 -9
- package/lib/{index-node-B7mR4APO.js.map → index-node-A5mPbLhz.js.map} +1 -1
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/packageMetadata.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +63 -20
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +18 -13
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +48 -27
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
- package/lib/types/request/CommonEndSessionRequest.d.ts +21 -7
- package/lib/types/request/CommonEndSessionRequest.d.ts.map +1 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +12 -10
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +12 -14
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +3 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/package.json +5 -3
- package/src/client/RefreshTokenClient.ts +13 -16
- package/src/packageMetadata.ts +1 -1
- package/src/request/BaseAuthRequest.ts +63 -20
- package/src/request/CommonAuthorizationCodeRequest.ts +18 -13
- package/src/request/CommonAuthorizationUrlRequest.ts +48 -27
- package/src/request/CommonEndSessionRequest.ts +21 -7
- package/src/request/CommonRefreshTokenRequest.ts +12 -10
- package/src/request/CommonSilentFlowRequest.ts +12 -14
- package/src/response/ResponseHandler.ts +5 -0
- package/src/telemetry/performance/PerformanceEvent.ts +3 -1
|
@@ -0,0 +1,237 @@
|
|
|
1
|
+
/*! @azure/msal-common v16.0.2 2026-01-17 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { addClientId, addScopes, addRedirectUri, addCorrelationId, addResponseMode, addClientInfo, addPrompt, addDomainHint, addSid, addLoginHint, addCcsOid, addCcsUpn, addNonce, addState, addClaims, addBrokerParameters, addInstanceAware } from '../request/RequestParameterBuilder.mjs';
|
|
4
|
+
import { INSTANCE_AWARE, CLIENT_ID } from '../constants/AADServerParamKeys.mjs';
|
|
5
|
+
import { PromptValue } from '../utils/Constants.mjs';
|
|
6
|
+
import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
|
|
7
|
+
import { mapToQueryString } from '../utils/UrlUtils.mjs';
|
|
8
|
+
import { UrlString } from '../url/UrlString.mjs';
|
|
9
|
+
import { createClientAuthError } from '../error/ClientAuthError.mjs';
|
|
10
|
+
import { isInteractionRequiredError, InteractionRequiredAuthError } from '../error/InteractionRequiredAuthError.mjs';
|
|
11
|
+
import { ServerError } from '../error/ServerError.mjs';
|
|
12
|
+
import { authorizationCodeMissingFromServerResponse, stateNotFound, invalidState, stateMismatch } from '../error/ClientAuthErrorCodes.mjs';
|
|
13
|
+
|
|
14
|
+
/*
|
|
15
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
16
|
+
* Licensed under the MIT License.
|
|
17
|
+
*/
|
|
18
|
+
/**
|
|
19
|
+
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
20
|
+
* @param config
|
|
21
|
+
* @param request
|
|
22
|
+
* @param logger
|
|
23
|
+
* @param performanceClient
|
|
24
|
+
* @returns
|
|
25
|
+
*/
|
|
26
|
+
function getStandardAuthorizeRequestParameters(authOptions, request, logger, performanceClient) {
|
|
27
|
+
// generate the correlationId if not set by the user and add
|
|
28
|
+
const correlationId = request.correlationId;
|
|
29
|
+
const parameters = new Map();
|
|
30
|
+
addClientId(parameters, request.embeddedClientId ||
|
|
31
|
+
request.extraQueryParameters?.[CLIENT_ID] ||
|
|
32
|
+
authOptions.clientId);
|
|
33
|
+
const requestScopes = [
|
|
34
|
+
...(request.scopes || []),
|
|
35
|
+
...(request.extraScopesToConsent || []),
|
|
36
|
+
];
|
|
37
|
+
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
38
|
+
addRedirectUri(parameters, request.redirectUri);
|
|
39
|
+
addCorrelationId(parameters, correlationId);
|
|
40
|
+
// add response_mode. If not passed in it defaults to query.
|
|
41
|
+
addResponseMode(parameters, request.responseMode);
|
|
42
|
+
// add client_info=1
|
|
43
|
+
addClientInfo(parameters);
|
|
44
|
+
if (request.prompt) {
|
|
45
|
+
addPrompt(parameters, request.prompt);
|
|
46
|
+
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
47
|
+
}
|
|
48
|
+
if (request.domainHint) {
|
|
49
|
+
addDomainHint(parameters, request.domainHint);
|
|
50
|
+
performanceClient?.addFields({ domainHintFromRequest: true }, correlationId);
|
|
51
|
+
}
|
|
52
|
+
// Add sid or loginHint with preference for login_hint claim (in request) -> sid -> loginHint (upn/email) -> username of AccountInfo object
|
|
53
|
+
if (request.prompt !== PromptValue.SELECT_ACCOUNT) {
|
|
54
|
+
// AAD will throw if prompt=select_account is passed with an account hint
|
|
55
|
+
if (request.sid && request.prompt === PromptValue.NONE) {
|
|
56
|
+
// SessionID is only used in silent calls
|
|
57
|
+
logger.verbose("1tvqyx", request.correlationId);
|
|
58
|
+
addSid(parameters, request.sid);
|
|
59
|
+
performanceClient?.addFields({ sidFromRequest: true }, correlationId);
|
|
60
|
+
}
|
|
61
|
+
else if (request.account) {
|
|
62
|
+
const accountSid = extractAccountSid(request.account);
|
|
63
|
+
let accountLoginHintClaim = extractLoginHint(request.account);
|
|
64
|
+
if (accountLoginHintClaim && request.domainHint) {
|
|
65
|
+
logger.warning("0wkg3v", request.correlationId);
|
|
66
|
+
accountLoginHintClaim = null;
|
|
67
|
+
}
|
|
68
|
+
// If login_hint claim is present, use it over sid/username
|
|
69
|
+
if (accountLoginHintClaim) {
|
|
70
|
+
logger.verbose("1eyfsw", request.correlationId);
|
|
71
|
+
addLoginHint(parameters, accountLoginHintClaim);
|
|
72
|
+
performanceClient?.addFields({ loginHintFromClaim: true }, correlationId);
|
|
73
|
+
try {
|
|
74
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
75
|
+
addCcsOid(parameters, clientInfo);
|
|
76
|
+
}
|
|
77
|
+
catch (e) {
|
|
78
|
+
logger.verbose("12ugck", request.correlationId);
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
else if (accountSid && request.prompt === PromptValue.NONE) {
|
|
82
|
+
/*
|
|
83
|
+
* If account and loginHint are provided, we will check account first for sid before adding loginHint
|
|
84
|
+
* SessionId is only used in silent calls
|
|
85
|
+
*/
|
|
86
|
+
logger.verbose("1rmd8s", request.correlationId);
|
|
87
|
+
addSid(parameters, accountSid);
|
|
88
|
+
performanceClient?.addFields({ sidFromClaim: true }, correlationId);
|
|
89
|
+
try {
|
|
90
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
91
|
+
addCcsOid(parameters, clientInfo);
|
|
92
|
+
}
|
|
93
|
+
catch (e) {
|
|
94
|
+
logger.verbose("12ugck", request.correlationId);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
else if (request.loginHint) {
|
|
98
|
+
logger.verbose("0y3007", request.correlationId);
|
|
99
|
+
addLoginHint(parameters, request.loginHint);
|
|
100
|
+
addCcsUpn(parameters, request.loginHint);
|
|
101
|
+
performanceClient?.addFields({ loginHintFromRequest: true }, correlationId);
|
|
102
|
+
}
|
|
103
|
+
else if (request.account.username) {
|
|
104
|
+
// Fallback to account username if provided
|
|
105
|
+
logger.verbose("02f507", request.correlationId);
|
|
106
|
+
addLoginHint(parameters, request.account.username);
|
|
107
|
+
performanceClient?.addFields({ loginHintFromUpn: true }, correlationId);
|
|
108
|
+
try {
|
|
109
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
110
|
+
addCcsOid(parameters, clientInfo);
|
|
111
|
+
}
|
|
112
|
+
catch (e) {
|
|
113
|
+
logger.verbose("12ugck", request.correlationId);
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
else if (request.loginHint) {
|
|
118
|
+
logger.verbose("0g01ey", request.correlationId);
|
|
119
|
+
addLoginHint(parameters, request.loginHint);
|
|
120
|
+
addCcsUpn(parameters, request.loginHint);
|
|
121
|
+
performanceClient?.addFields({ loginHintFromRequest: true }, correlationId);
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
else {
|
|
125
|
+
logger.verbose("169k9v", request.correlationId);
|
|
126
|
+
}
|
|
127
|
+
if (request.nonce) {
|
|
128
|
+
addNonce(parameters, request.nonce);
|
|
129
|
+
}
|
|
130
|
+
if (request.state) {
|
|
131
|
+
addState(parameters, request.state);
|
|
132
|
+
}
|
|
133
|
+
if (request.claims ||
|
|
134
|
+
(authOptions.clientCapabilities &&
|
|
135
|
+
authOptions.clientCapabilities.length > 0)) {
|
|
136
|
+
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
137
|
+
}
|
|
138
|
+
if (request.embeddedClientId) {
|
|
139
|
+
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
140
|
+
}
|
|
141
|
+
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
142
|
+
if (authOptions.instanceAware &&
|
|
143
|
+
(!request.extraQueryParameters ||
|
|
144
|
+
!Object.keys(request.extraQueryParameters).includes(INSTANCE_AWARE))) {
|
|
145
|
+
addInstanceAware(parameters);
|
|
146
|
+
}
|
|
147
|
+
return parameters;
|
|
148
|
+
}
|
|
149
|
+
/**
|
|
150
|
+
* Returns authorize endpoint with given request parameters in the query string
|
|
151
|
+
* @param authority
|
|
152
|
+
* @param requestParameters
|
|
153
|
+
* @returns
|
|
154
|
+
*/
|
|
155
|
+
function getAuthorizeUrl(authority, requestParameters) {
|
|
156
|
+
const queryString = mapToQueryString(requestParameters);
|
|
157
|
+
return UrlString.appendQueryString(authority.authorizationEndpoint, queryString);
|
|
158
|
+
}
|
|
159
|
+
/**
|
|
160
|
+
* Handles the hash fragment response from public client code request. Returns a code response used by
|
|
161
|
+
* the client to exchange for a token in acquireToken.
|
|
162
|
+
* @param serverParams
|
|
163
|
+
* @param cachedState
|
|
164
|
+
*/
|
|
165
|
+
function getAuthorizationCodePayload(serverParams, cachedState) {
|
|
166
|
+
// Get code response
|
|
167
|
+
validateAuthorizationResponse(serverParams, cachedState);
|
|
168
|
+
// throw when there is no auth code in the response
|
|
169
|
+
if (!serverParams.code) {
|
|
170
|
+
throw createClientAuthError(authorizationCodeMissingFromServerResponse);
|
|
171
|
+
}
|
|
172
|
+
return serverParams;
|
|
173
|
+
}
|
|
174
|
+
/**
|
|
175
|
+
* Function which validates server authorization code response.
|
|
176
|
+
* @param serverResponseHash
|
|
177
|
+
* @param requestState
|
|
178
|
+
*/
|
|
179
|
+
function validateAuthorizationResponse(serverResponse, requestState) {
|
|
180
|
+
if (!serverResponse.state || !requestState) {
|
|
181
|
+
throw serverResponse.state
|
|
182
|
+
? createClientAuthError(stateNotFound, "Cached State")
|
|
183
|
+
: createClientAuthError(stateNotFound, "Server State");
|
|
184
|
+
}
|
|
185
|
+
let decodedServerResponseState;
|
|
186
|
+
let decodedRequestState;
|
|
187
|
+
try {
|
|
188
|
+
decodedServerResponseState = decodeURIComponent(serverResponse.state);
|
|
189
|
+
}
|
|
190
|
+
catch (e) {
|
|
191
|
+
throw createClientAuthError(invalidState, serverResponse.state);
|
|
192
|
+
}
|
|
193
|
+
try {
|
|
194
|
+
decodedRequestState = decodeURIComponent(requestState);
|
|
195
|
+
}
|
|
196
|
+
catch (e) {
|
|
197
|
+
throw createClientAuthError(invalidState, serverResponse.state);
|
|
198
|
+
}
|
|
199
|
+
if (decodedServerResponseState !== decodedRequestState) {
|
|
200
|
+
throw createClientAuthError(stateMismatch);
|
|
201
|
+
}
|
|
202
|
+
// Check for error
|
|
203
|
+
if (serverResponse.error ||
|
|
204
|
+
serverResponse.error_description ||
|
|
205
|
+
serverResponse.suberror) {
|
|
206
|
+
const serverErrorNo = parseServerErrorNo(serverResponse);
|
|
207
|
+
if (isInteractionRequiredError(serverResponse.error, serverResponse.error_description, serverResponse.suberror)) {
|
|
208
|
+
throw new InteractionRequiredAuthError(serverResponse.error || "", serverResponse.error_description, serverResponse.suberror, serverResponse.timestamp || "", serverResponse.trace_id || "", serverResponse.correlation_id || "", serverResponse.claims || "", serverErrorNo);
|
|
209
|
+
}
|
|
210
|
+
throw new ServerError(serverResponse.error || "", serverResponse.error_description, serverResponse.suberror, serverErrorNo);
|
|
211
|
+
}
|
|
212
|
+
}
|
|
213
|
+
/**
|
|
214
|
+
* Get server error No from the error_uri
|
|
215
|
+
* @param serverResponse
|
|
216
|
+
* @returns
|
|
217
|
+
*/
|
|
218
|
+
function parseServerErrorNo(serverResponse) {
|
|
219
|
+
const errorCodePrefix = "code=";
|
|
220
|
+
const errorCodePrefixIndex = serverResponse.error_uri?.lastIndexOf(errorCodePrefix);
|
|
221
|
+
return errorCodePrefixIndex && errorCodePrefixIndex >= 0
|
|
222
|
+
? serverResponse.error_uri?.substring(errorCodePrefixIndex + errorCodePrefix.length)
|
|
223
|
+
: undefined;
|
|
224
|
+
}
|
|
225
|
+
/**
|
|
226
|
+
* Helper to get sid from account. Returns null if idTokenClaims are not present or sid is not present.
|
|
227
|
+
* @param account
|
|
228
|
+
*/
|
|
229
|
+
function extractAccountSid(account) {
|
|
230
|
+
return account.idTokenClaims?.sid || null;
|
|
231
|
+
}
|
|
232
|
+
function extractLoginHint(account) {
|
|
233
|
+
return account.loginHint || account.idTokenClaims?.login_hint || null;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
export { getAuthorizationCodePayload, getAuthorizeUrl, getStandardAuthorizeRequestParameters, validateAuthorizationResponse };
|
|
237
|
+
//# sourceMappingURL=Authorize.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Authorize.mjs","sources":["../../src/protocol/Authorize.ts"],"sourcesContent":[null],"names":["RequestParameterBuilder.addClientId","AADServerParamKeys.CLIENT_ID","RequestParameterBuilder.addScopes","RequestParameterBuilder.addRedirectUri","RequestParameterBuilder.addCorrelationId","RequestParameterBuilder.addResponseMode","RequestParameterBuilder.addClientInfo","RequestParameterBuilder.addPrompt","RequestParameterBuilder.addDomainHint","RequestParameterBuilder.addSid","RequestParameterBuilder.addLoginHint","RequestParameterBuilder.addCcsOid","RequestParameterBuilder.addCcsUpn","RequestParameterBuilder.addNonce","RequestParameterBuilder.addState","RequestParameterBuilder.addClaims","RequestParameterBuilder.addBrokerParameters","AADServerParamKeys.INSTANCE_AWARE","RequestParameterBuilder.addInstanceAware","ClientAuthErrorCodes.authorizationCodeMissingFromServerResponse","ClientAuthErrorCodes.stateNotFound","ClientAuthErrorCodes.invalidState","ClientAuthErrorCodes.stateMismatch"],"mappings":";;;;;;;;;;;;;AAAA;;;AAGG;AA0BH;;;;;;;AAOG;AACG,SAAU,qCAAqC,CACjD,WAAwB,EACxB,OAAsC,EACtC,MAAc,EACd,iBAAsC,EAAA;;AAGtC,IAAA,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;AAE5C,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE7C,IAAAA,WAAmC,CAC/B,UAAU,EACV,OAAO,CAAC,gBAAgB;AACpB,QAAA,OAAO,CAAC,oBAAoB,GAAGC,SAA4B,CAAC;QAC5D,WAAW,CAAC,QAAQ,CAC3B,CAAC;AAEF,IAAA,MAAM,aAAa,GAAG;AAClB,QAAA,IAAI,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;AACzB,QAAA,IAAI,OAAO,CAAC,oBAAoB,IAAI,EAAE,CAAC;KAC1C,CAAC;AACF,IAAAC,SAAiC,CAC7B,UAAU,EACV,aAAa,EACb,IAAI,EACJ,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CAC3D,CAAC;IAEFC,cAAsC,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;AAExE,IAAAC,gBAAwC,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;;IAGpEC,eAAuC,CAAC,UAAU,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;;AAG1E,IAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;IAElD,IAAI,OAAO,CAAC,MAAM,EAAE;QAChBC,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AAC9D,QAAA,iBAAiB,EAAE,SAAS,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAC3E,KAAA;IAED,IAAI,OAAO,CAAC,UAAU,EAAE;QACpBC,aAAqC,CAAC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACtE,iBAAiB,EAAE,SAAS,CACxB,EAAE,qBAAqB,EAAE,IAAI,EAAE,EAC/B,aAAa,CAChB,CAAC;AACL,KAAA;;AAGD,IAAA,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,cAAc,EAAE;;QAE/C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE;;YAEpD,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;YAGJC,MAA8B,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,iBAAiB,EAAE,SAAS,CACxB,EAAE,cAAc,EAAE,IAAI,EAAE,EACxB,aAAa,CAChB,CAAC;AACL,SAAA;aAAM,IAAI,OAAO,CAAC,OAAO,EAAE;YACxB,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACtD,IAAI,qBAAqB,GAAG,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;AAE9D,YAAA,IAAI,qBAAqB,IAAI,OAAO,CAAC,UAAU,EAAE;gBAC7C,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;gBAGJ,qBAAqB,GAAG,IAAI,CAAC;AAChC,aAAA;;AAGD,YAAA,IAAI,qBAAqB,EAAE;gBACvB,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGJ,gBAAAC,YAAoC,CAChC,UAAU,EACV,qBAAqB,CACxB,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,kBAAkB,EAAE,IAAI,EAAE,EAC5B,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAC,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;oBACR,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,iBAAA;AACJ,aAAA;iBAAM,IAAI,UAAU,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE;AAC1D;;;AAGG;gBACH,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGJ,gBAAAF,MAA8B,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;gBACvD,iBAAiB,EAAE,SAAS,CACxB,EAAE,YAAY,EAAE,IAAI,EAAE,EACtB,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAE,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;oBACR,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,iBAAA;AACJ,aAAA;iBAAM,IAAI,OAAO,CAAC,SAAS,EAAE;gBAC1B,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;gBAGJD,YAAoC,CAChC,UAAU,EACV,OAAO,CAAC,SAAS,CACpB,CAAC;gBACFE,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,SAAS,CACpB,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,oBAAoB,EAAE,IAAI,EAAE,EAC9B,aAAa,CAChB,CAAC;AACL,aAAA;AAAM,iBAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE;;gBAEjC,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;gBAGJF,YAAoC,CAChC,UAAU,EACV,OAAO,CAAC,OAAO,CAAC,QAAQ,CAC3B,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAC1B,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAC,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;oBACR,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,iBAAA;AACJ,aAAA;AACJ,SAAA;aAAM,IAAI,OAAO,CAAC,SAAS,EAAE;YAC1B,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;YAGJD,YAAoC,CAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;YACpEE,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;YACjE,iBAAiB,EAAE,SAAS,CACxB,EAAE,oBAAoB,EAAE,IAAI,EAAE,EAC9B,aAAa,CAChB,CAAC;AACL,SAAA;AACJ,KAAA;AAAM,SAAA;QACH,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,KAAA;IAED,IAAI,OAAO,CAAC,KAAK,EAAE;QACfC,QAAgC,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/D,KAAA;IAED,IAAI,OAAO,CAAC,KAAK,EAAE;QACfC,QAAgC,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/D,KAAA;IAED,IACI,OAAO,CAAC,MAAM;SACb,WAAW,CAAC,kBAAkB;AAC3B,YAAA,WAAW,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,EAChD;AACE,QAAAC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,WAAW,CAAC,kBAAkB,CACjC,CAAC;AACL,KAAA;IAED,IAAI,OAAO,CAAC,gBAAgB,EAAE;AAC1B,QAAAC,mBAA2C,CACvC,UAAU,EACV,WAAW,CAAC,QAAQ,EACpB,WAAW,CAAC,WAAW,CAC1B,CAAC;AACL,KAAA;;IAGD,IACI,WAAW,CAAC,aAAa;SACxB,CAAC,OAAO,CAAC,oBAAoB;AAC1B,YAAA,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC,QAAQ,CAC/CC,cAAiC,CACpC,CAAC,EACR;AACE,QAAAC,gBAAwC,CAAC,UAAU,CAAC,CAAC;AACxD,KAAA;AAED,IAAA,OAAO,UAAU,CAAC;AACtB,CAAC;AAED;;;;;AAKG;AACa,SAAA,eAAe,CAC3B,SAAoB,EACpB,iBAAsC,EAAA;AAEtC,IAAA,MAAM,WAAW,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;IACxD,OAAO,SAAS,CAAC,iBAAiB,CAC9B,SAAS,CAAC,qBAAqB,EAC/B,WAAW,CACd,CAAC;AACN,CAAC;AAED;;;;;AAKG;AACa,SAAA,2BAA2B,CACvC,YAA+B,EAC/B,WAAmB,EAAA;;AAGnB,IAAA,6BAA6B,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;;AAGzD,IAAA,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE;AACpB,QAAA,MAAM,qBAAqB,CACvBC,0CAA+D,CAClE,CAAC;AACL,KAAA;AAED,IAAA,OAAO,YAAwC,CAAC;AACpD,CAAC;AAED;;;;AAIG;AACa,SAAA,6BAA6B,CACzC,cAAiC,EACjC,YAAoB,EAAA;AAEpB,IAAA,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,YAAY,EAAE;QACxC,MAAM,cAAc,CAAC,KAAK;cACpB,qBAAqB,CACjBC,aAAkC,EAClC,cAAc,CACjB;cACD,qBAAqB,CACjBA,aAAkC,EAClC,cAAc,CACjB,CAAC;AACX,KAAA;AAED,IAAA,IAAI,0BAAkC,CAAC;AACvC,IAAA,IAAI,mBAA2B,CAAC;IAEhC,IAAI;AACA,QAAA,0BAA0B,GAAG,kBAAkB,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;AACzE,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;QACR,MAAM,qBAAqB,CACvBC,YAAiC,EACjC,cAAc,CAAC,KAAK,CACvB,CAAC;AACL,KAAA;IAED,IAAI;AACA,QAAA,mBAAmB,GAAG,kBAAkB,CAAC,YAAY,CAAC,CAAC;AAC1D,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;QACR,MAAM,qBAAqB,CACvBA,YAAiC,EACjC,cAAc,CAAC,KAAK,CACvB,CAAC;AACL,KAAA;IAED,IAAI,0BAA0B,KAAK,mBAAmB,EAAE;AACpD,QAAA,MAAM,qBAAqB,CAACC,aAAkC,CAAC,CAAC;AACnE,KAAA;;IAGD,IACI,cAAc,CAAC,KAAK;AACpB,QAAA,cAAc,CAAC,iBAAiB;QAChC,cAAc,CAAC,QAAQ,EACzB;AACE,QAAA,MAAM,aAAa,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;AACzD,QAAA,IACI,0BAA0B,CACtB,cAAc,CAAC,KAAK,EACpB,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,CAC1B,EACH;AACE,YAAA,MAAM,IAAI,4BAA4B,CAClC,cAAc,CAAC,KAAK,IAAI,EAAE,EAC1B,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,EACvB,cAAc,CAAC,SAAS,IAAI,EAAE,EAC9B,cAAc,CAAC,QAAQ,IAAI,EAAE,EAC7B,cAAc,CAAC,cAAc,IAAI,EAAE,EACnC,cAAc,CAAC,MAAM,IAAI,EAAE,EAC3B,aAAa,CAChB,CAAC;AACL,SAAA;AAED,QAAA,MAAM,IAAI,WAAW,CACjB,cAAc,CAAC,KAAK,IAAI,EAAE,EAC1B,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,EACvB,aAAa,CAChB,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;;AAIG;AACH,SAAS,kBAAkB,CACvB,cAAiC,EAAA;IAEjC,MAAM,eAAe,GAAG,OAAO,CAAC;IAChC,MAAM,oBAAoB,GACtB,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,eAAe,CAAC,CAAC;AAC3D,IAAA,OAAO,oBAAoB,IAAI,oBAAoB,IAAI,CAAC;AACpD,UAAE,cAAc,CAAC,SAAS,EAAE,SAAS,CAC/B,oBAAoB,GAAG,eAAe,CAAC,MAAM,CAChD;UACD,SAAS,CAAC;AACpB,CAAC;AAED;;;AAGG;AACH,SAAS,iBAAiB,CAAC,OAAoB,EAAA;AAC3C,IAAA,OAAO,OAAO,CAAC,aAAa,EAAE,GAAG,IAAI,IAAI,CAAC;AAC9C,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAoB,EAAA;IAC1C,OAAO,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,aAAa,EAAE,UAAU,IAAI,IAAI,CAAC;AAC1E;;;;"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import { CcsCredential } from "../account/CcsCredential.js";
|
|
2
|
+
import { Logger } from "../logger/Logger.js";
|
|
3
|
+
import { BaseAuthRequest } from "../request/BaseAuthRequest.js";
|
|
4
|
+
import { IPerformanceClient } from "../exports-browser-only.js";
|
|
5
|
+
import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse.js";
|
|
6
|
+
import { RequestThumbprint } from "../network/RequestThumbprint.js";
|
|
7
|
+
import { INetworkModule, NetworkRequestOptions } from "../network/INetworkModule.js";
|
|
8
|
+
import { NetworkResponse } from "../network/NetworkResponse.js";
|
|
9
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
10
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
11
|
+
/**
|
|
12
|
+
* Creates default headers for requests to token endpoint
|
|
13
|
+
*/
|
|
14
|
+
export declare function createTokenRequestHeaders(logger: Logger, preventCorsPreflight: boolean, ccsCred?: CcsCredential): Record<string, string>;
|
|
15
|
+
/**
|
|
16
|
+
* Creates query string for the /token request
|
|
17
|
+
* @param request
|
|
18
|
+
*/
|
|
19
|
+
export declare function createTokenQueryParameters(request: BaseAuthRequest, clientId: string, redirectUri: string, performanceClient: IPerformanceClient): string;
|
|
20
|
+
/**
|
|
21
|
+
* Http post to token endpoint
|
|
22
|
+
* @param tokenEndpoint
|
|
23
|
+
* @param queryString
|
|
24
|
+
* @param headers
|
|
25
|
+
* @param thumbprint
|
|
26
|
+
*/
|
|
27
|
+
export declare function executePostToTokenEndpoint(tokenEndpoint: string, queryString: string, headers: Record<string, string>, thumbprint: RequestThumbprint, correlationId: string, cacheManager: CacheManager, networkClient: INetworkModule, logger: Logger, performanceClient: IPerformanceClient, serverTelemetryManager: ServerTelemetryManager | null): Promise<NetworkResponse<ServerAuthorizationTokenResponse>>;
|
|
28
|
+
/**
|
|
29
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
30
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
31
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
32
|
+
* @param options - Body and Headers to include on the POST request
|
|
33
|
+
* @param correlationId - CorrelationId for telemetry
|
|
34
|
+
* @param cacheManager - Cache manager instance
|
|
35
|
+
* @param networkClient - Network module instance
|
|
36
|
+
* @param logger - Logger instance
|
|
37
|
+
* @param performanceClient - Performance client instance
|
|
38
|
+
*/
|
|
39
|
+
export declare function sendPostRequest<T extends ServerAuthorizationTokenResponse>(thumbprint: RequestThumbprint, tokenEndpoint: string, options: NetworkRequestOptions, correlationId: string, cacheManager: CacheManager, networkClient: INetworkModule, logger: Logger, performanceClient: IPerformanceClient): Promise<NetworkResponse<T>>;
|
|
40
|
+
//# sourceMappingURL=Token.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Token.d.ts","sourceRoot":"","sources":["../../src/protocol/Token.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAqB,MAAM,6BAA6B,CAAC;AAE/E,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAIhE,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,gCAAgC,EAAE,MAAM,iDAAiD,CAAC;AACnG,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EACH,cAAc,EACd,qBAAqB,EACxB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAUhE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,+CAA+C,CAAC;AAEvF;;GAEG;AACH,wBAAgB,yBAAyB,CACrC,MAAM,EAAE,MAAM,EACd,oBAAoB,EAAE,OAAO,EAC7B,OAAO,CAAC,EAAE,aAAa,GACxB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CA0BxB;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CACtC,OAAO,EAAE,eAAe,EACxB,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,iBAAiB,EAAE,kBAAkB,GACtC,MAAM,CA0BR;AAED;;;;;;GAMG;AACH,wBAAsB,0BAA0B,CAC5C,aAAa,EAAE,MAAM,EACrB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,UAAU,EAAE,iBAAiB,EAC7B,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,YAAY,EAC1B,aAAa,EAAE,cAAc,EAC7B,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,EACrC,sBAAsB,EAAE,sBAAsB,GAAG,IAAI,GACtD,OAAO,CAAC,eAAe,CAAC,gCAAgC,CAAC,CAAC,CAsB5D;AAED;;;;;;;;;;GAUG;AACH,wBAAsB,eAAe,CACjC,CAAC,SAAS,gCAAgC,EAE1C,UAAU,EAAE,iBAAiB,EAC7B,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,qBAAqB,EAC9B,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,YAAY,EAC1B,aAAa,EAAE,cAAc,EAC7B,MAAM,EAAE,MAAM,EACd,iBAAiB,EAAE,kBAAkB,GACtC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CA6D7B"}
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
/*! @azure/msal-common v16.0.2 2026-01-17 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { CcsCredentialType } from '../account/CcsCredential.mjs';
|
|
4
|
+
import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
|
|
5
|
+
import { URL_FORM_CONTENT_TYPE, HeaderNames } from '../utils/Constants.mjs';
|
|
6
|
+
import { addBrokerParameters, addExtraParameters, addCorrelationId, instrumentBrokerParams } from '../request/RequestParameterBuilder.mjs';
|
|
7
|
+
import { mapToQueryString } from '../utils/UrlUtils.mjs';
|
|
8
|
+
import { ThrottlingUtils } from '../network/ThrottlingUtils.mjs';
|
|
9
|
+
import { NetworkError } from '../error/NetworkError.mjs';
|
|
10
|
+
import { AuthError } from '../error/AuthError.mjs';
|
|
11
|
+
import { createClientAuthError } from '../error/ClientAuthError.mjs';
|
|
12
|
+
import { invokeAsync } from '../utils/FunctionWrappers.mjs';
|
|
13
|
+
import { NetworkClientSendPostRequestAsync } from '../telemetry/performance/PerformanceEvents.mjs';
|
|
14
|
+
import { networkError } from '../error/ClientAuthErrorCodes.mjs';
|
|
15
|
+
|
|
16
|
+
/*
|
|
17
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
18
|
+
* Licensed under the MIT License.
|
|
19
|
+
*/
|
|
20
|
+
/**
|
|
21
|
+
* Creates default headers for requests to token endpoint
|
|
22
|
+
*/
|
|
23
|
+
function createTokenRequestHeaders(logger, preventCorsPreflight, ccsCred) {
|
|
24
|
+
const headers = {};
|
|
25
|
+
headers[HeaderNames.CONTENT_TYPE] = URL_FORM_CONTENT_TYPE;
|
|
26
|
+
if (!preventCorsPreflight && ccsCred) {
|
|
27
|
+
switch (ccsCred.type) {
|
|
28
|
+
case CcsCredentialType.HOME_ACCOUNT_ID:
|
|
29
|
+
try {
|
|
30
|
+
const clientInfo = buildClientInfoFromHomeAccountId(ccsCred.credential);
|
|
31
|
+
headers[HeaderNames.CCS_HEADER] = `Oid:${clientInfo.uid}@${clientInfo.utid}`;
|
|
32
|
+
}
|
|
33
|
+
catch (e) {
|
|
34
|
+
logger.verbose("1qhtee", "");
|
|
35
|
+
}
|
|
36
|
+
break;
|
|
37
|
+
case CcsCredentialType.UPN:
|
|
38
|
+
headers[HeaderNames.CCS_HEADER] = `UPN: ${ccsCred.credential}`;
|
|
39
|
+
break;
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
return headers;
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Creates query string for the /token request
|
|
46
|
+
* @param request
|
|
47
|
+
*/
|
|
48
|
+
function createTokenQueryParameters(request, clientId, redirectUri, performanceClient) {
|
|
49
|
+
const parameters = new Map();
|
|
50
|
+
if (request.embeddedClientId) {
|
|
51
|
+
addBrokerParameters(parameters, clientId, redirectUri);
|
|
52
|
+
}
|
|
53
|
+
if (request.extraQueryParameters) {
|
|
54
|
+
addExtraParameters(parameters, request.extraQueryParameters);
|
|
55
|
+
}
|
|
56
|
+
addCorrelationId(parameters, request.correlationId);
|
|
57
|
+
instrumentBrokerParams(parameters, request.correlationId, performanceClient);
|
|
58
|
+
return mapToQueryString(parameters);
|
|
59
|
+
}
|
|
60
|
+
/**
|
|
61
|
+
* Http post to token endpoint
|
|
62
|
+
* @param tokenEndpoint
|
|
63
|
+
* @param queryString
|
|
64
|
+
* @param headers
|
|
65
|
+
* @param thumbprint
|
|
66
|
+
*/
|
|
67
|
+
async function executePostToTokenEndpoint(tokenEndpoint, queryString, headers, thumbprint, correlationId, cacheManager, networkClient, logger, performanceClient, serverTelemetryManager) {
|
|
68
|
+
const response = await sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId, cacheManager, networkClient, logger, performanceClient);
|
|
69
|
+
if (serverTelemetryManager &&
|
|
70
|
+
response.status < 500 &&
|
|
71
|
+
response.status !== 429) {
|
|
72
|
+
// Telemetry data successfully logged by server, clear Telemetry cache
|
|
73
|
+
serverTelemetryManager.clearTelemetryCache();
|
|
74
|
+
}
|
|
75
|
+
return response;
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* Wraps sendPostRequestAsync with necessary preflight and postflight logic
|
|
79
|
+
* @param thumbprint - Request thumbprint for throttling
|
|
80
|
+
* @param tokenEndpoint - Endpoint to make the POST to
|
|
81
|
+
* @param options - Body and Headers to include on the POST request
|
|
82
|
+
* @param correlationId - CorrelationId for telemetry
|
|
83
|
+
* @param cacheManager - Cache manager instance
|
|
84
|
+
* @param networkClient - Network module instance
|
|
85
|
+
* @param logger - Logger instance
|
|
86
|
+
* @param performanceClient - Performance client instance
|
|
87
|
+
*/
|
|
88
|
+
async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId, cacheManager, networkClient, logger, performanceClient) {
|
|
89
|
+
ThrottlingUtils.preProcess(cacheManager, thumbprint, correlationId);
|
|
90
|
+
let response;
|
|
91
|
+
try {
|
|
92
|
+
response = await invokeAsync((networkClient.sendPostRequestAsync.bind(networkClient)), NetworkClientSendPostRequestAsync, logger, performanceClient, correlationId)(tokenEndpoint, options);
|
|
93
|
+
const responseHeaders = response.headers || {};
|
|
94
|
+
performanceClient?.addFields({
|
|
95
|
+
refreshTokenSize: response.body.refresh_token?.length || 0,
|
|
96
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] || "",
|
|
97
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
98
|
+
}, correlationId);
|
|
99
|
+
}
|
|
100
|
+
catch (e) {
|
|
101
|
+
if (e instanceof NetworkError) {
|
|
102
|
+
const responseHeaders = e.responseHeaders;
|
|
103
|
+
if (responseHeaders) {
|
|
104
|
+
performanceClient?.addFields({
|
|
105
|
+
httpVerToken: responseHeaders[HeaderNames.X_MS_HTTP_VERSION] ||
|
|
106
|
+
"",
|
|
107
|
+
requestId: responseHeaders[HeaderNames.X_MS_REQUEST_ID] || "",
|
|
108
|
+
contentTypeHeader: responseHeaders[HeaderNames.CONTENT_TYPE] ||
|
|
109
|
+
undefined,
|
|
110
|
+
contentLengthHeader: responseHeaders[HeaderNames.CONTENT_LENGTH] ||
|
|
111
|
+
undefined,
|
|
112
|
+
httpStatus: e.httpStatus,
|
|
113
|
+
}, correlationId);
|
|
114
|
+
}
|
|
115
|
+
throw e.error;
|
|
116
|
+
}
|
|
117
|
+
if (e instanceof AuthError) {
|
|
118
|
+
throw e;
|
|
119
|
+
}
|
|
120
|
+
else {
|
|
121
|
+
throw createClientAuthError(networkError);
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
ThrottlingUtils.postProcess(cacheManager, thumbprint, response, correlationId);
|
|
125
|
+
return response;
|
|
126
|
+
}
|
|
127
|
+
|
|
128
|
+
export { createTokenQueryParameters, createTokenRequestHeaders, executePostToTokenEndpoint, sendPostRequest };
|
|
129
|
+
//# sourceMappingURL=Token.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Token.mjs","sources":["../../src/protocol/Token.ts"],"sourcesContent":[null],"names":["RequestParameterBuilder.addBrokerParameters","RequestParameterBuilder.addExtraParameters","RequestParameterBuilder.addCorrelationId","RequestParameterBuilder.instrumentBrokerParams","UrlUtils.mapToQueryString","PerformanceEvents.NetworkClientSendPostRequestAsync","ClientAuthErrorCodes.networkError"],"mappings":";;;;;;;;;;;;;;;AAAA;;;AAGG;AA6BH;;AAEG;SACa,yBAAyB,CACrC,MAAc,EACd,oBAA6B,EAC7B,OAAuB,EAAA;IAEvB,MAAM,OAAO,GAA2B,EAAE,CAAC;AAC3C,IAAA,OAAO,CAAC,WAAW,CAAC,YAAY,CAAC,GAAG,qBAAqB,CAAC;AAC1D,IAAA,IAAI,CAAC,oBAAoB,IAAI,OAAO,EAAE;QAClC,QAAQ,OAAO,CAAC,IAAI;YAChB,KAAK,iBAAiB,CAAC,eAAe;gBAClC,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,UAAU,CACrB,CAAC;AACF,oBAAA,OAAO,CACH,WAAW,CAAC,UAAU,CACzB,GAAG,CAAA,IAAA,EAAO,UAAU,CAAC,GAAG,CAAI,CAAA,EAAA,UAAU,CAAC,IAAI,EAAE,CAAC;AAClD,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;oBACR,MAAM,CAAC,OAAO,CACV,QAAA,EAAA,EAAA,CAAA,CAAA;AAGP,iBAAA;gBACD,MAAM;YACV,KAAK,iBAAiB,CAAC,GAAG;gBACtB,OAAO,CAAC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAA,KAAA,EAAQ,OAAO,CAAC,UAAU,CAAA,CAAE,CAAC;gBAC/D,MAAM;AACb,SAAA;AACJ,KAAA;AACD,IAAA,OAAO,OAAO,CAAC;AACnB,CAAC;AAED;;;AAGG;AACG,SAAU,0BAA0B,CACtC,OAAwB,EACxB,QAAgB,EAChB,WAAmB,EACnB,iBAAqC,EAAA;AAErC,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE7C,IAAI,OAAO,CAAC,gBAAgB,EAAE;QAC1BA,mBAA2C,CACvC,UAAU,EACV,QAAQ,EACR,WAAW,CACd,CAAC;AACL,KAAA;IAED,IAAI,OAAO,CAAC,oBAAoB,EAAE;QAC9BC,kBAA0C,CACtC,UAAU,EACV,OAAO,CAAC,oBAAoB,CAC/B,CAAC;AACL,KAAA;IAEDC,gBAAwC,CAAC,UAAU,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;IAE5EC,sBAA8C,CAC1C,UAAU,EACV,OAAO,CAAC,aAAa,EACrB,iBAAiB,CACpB,CAAC;AACF,IAAA,OAAOC,gBAAyB,CAAC,UAAU,CAAC,CAAC;AACjD,CAAC;AAED;;;;;;AAMG;AACI,eAAe,0BAA0B,CAC5C,aAAqB,EACrB,WAAmB,EACnB,OAA+B,EAC/B,UAA6B,EAC7B,aAAqB,EACrB,YAA0B,EAC1B,aAA6B,EAC7B,MAAc,EACd,iBAAqC,EACrC,sBAAqD,EAAA;AAErD,IAAA,MAAM,QAAQ,GAAG,MAAM,eAAe,CAClC,UAAU,EACV,aAAa,EACb,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,EACvC,aAAa,EACb,YAAY,EACZ,aAAa,EACb,MAAM,EACN,iBAAiB,CACpB,CAAC;AAEF,IAAA,IACI,sBAAsB;QACtB,QAAQ,CAAC,MAAM,GAAG,GAAG;AACrB,QAAA,QAAQ,CAAC,MAAM,KAAK,GAAG,EACzB;;QAEE,sBAAsB,CAAC,mBAAmB,EAAE,CAAC;AAChD,KAAA;AAED,IAAA,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;;;;;;;;;AAUG;AACI,eAAe,eAAe,CAGjC,UAA6B,EAC7B,aAAqB,EACrB,OAA8B,EAC9B,aAAqB,EACrB,YAA0B,EAC1B,aAA6B,EAC7B,MAAc,EACd,iBAAqC,EAAA;IAErC,eAAe,CAAC,UAAU,CAAC,YAAY,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;AAEpE,IAAA,IAAI,QAAQ,CAAC;IACb,IAAI;AACA,QAAA,QAAQ,GAAG,MAAM,WAAW,EACxB,aAAa,CAAC,oBAAoB,CAAC,IAAI,CAAC,aAAa,CAAI,GACzDC,iCAAmD,EACnD,MAAM,EACN,iBAAiB,EACjB,aAAa,CAChB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;AAC1B,QAAA,MAAM,eAAe,GAAG,QAAQ,CAAC,OAAO,IAAI,EAAE,CAAC;QAC/C,iBAAiB,EAAE,SAAS,CACxB;YACI,gBAAgB,EAAE,QAAQ,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,IAAI,CAAC;YAC1D,YAAY,EACR,eAAe,CAAC,WAAW,CAAC,iBAAiB,CAAC,IAAI,EAAE;YACxD,SAAS,EAAE,eAAe,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,EAAE;SAChE,EACD,aAAa,CAChB,CAAC;AACL,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;QACR,IAAI,CAAC,YAAY,YAAY,EAAE;AAC3B,YAAA,MAAM,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;AAC1C,YAAA,IAAI,eAAe,EAAE;gBACjB,iBAAiB,EAAE,SAAS,CACxB;AACI,oBAAA,YAAY,EACR,eAAe,CAAC,WAAW,CAAC,iBAAiB,CAAC;wBAC9C,EAAE;oBACN,SAAS,EACL,eAAe,CAAC,WAAW,CAAC,eAAe,CAAC,IAAI,EAAE;AACtD,oBAAA,iBAAiB,EACb,eAAe,CAAC,WAAW,CAAC,YAAY,CAAC;wBACzC,SAAS;AACb,oBAAA,mBAAmB,EACf,eAAe,CAAC,WAAW,CAAC,cAAc,CAAC;wBAC3C,SAAS;oBACb,UAAU,EAAE,CAAC,CAAC,UAAU;iBAC3B,EACD,aAAa,CAChB,CAAC;AACL,aAAA;YACD,MAAM,CAAC,CAAC,KAAK,CAAC;AACjB,SAAA;QACD,IAAI,CAAC,YAAY,SAAS,EAAE;AACxB,YAAA,MAAM,CAAC,CAAC;AACX,SAAA;AAAM,aAAA;AACH,YAAA,MAAM,qBAAqB,CAACC,YAAiC,CAAC,CAAC;AAClE,SAAA;AACJ,KAAA;IAED,eAAe,CAAC,WAAW,CACvB,YAAY,EACZ,UAAU,EACV,QAAQ,EACR,aAAa,CAChB,CAAC;AAEF,IAAA,OAAO,QAAQ,CAAC;AACpB;;;;"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* This is a helper class that parses supported HTTP response authentication headers to extract and return
|
|
3
|
+
* header challenge values that can be used outside the basic authorization flows.
|
|
4
|
+
*/
|
|
5
|
+
export declare class AuthenticationHeaderParser {
|
|
6
|
+
private headers;
|
|
7
|
+
constructor(headers: Record<string, string>);
|
|
8
|
+
/**
|
|
9
|
+
* This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
|
|
10
|
+
* @returns
|
|
11
|
+
*/
|
|
12
|
+
getShrNonce(): string;
|
|
13
|
+
/**
|
|
14
|
+
* Parses an HTTP header's challenge set into a key/value map.
|
|
15
|
+
* @param header
|
|
16
|
+
* @returns
|
|
17
|
+
*/
|
|
18
|
+
private parseChallenges;
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=AuthenticationHeaderParser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthenticationHeaderParser.d.ts","sourceRoot":"","sources":["../../src/request/AuthenticationHeaderParser.ts"],"names":[],"mappings":"AAmBA;;;GAGG;AACH,qBAAa,0BAA0B;IACnC,OAAO,CAAC,OAAO,CAAyB;gBAE5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAI3C;;;OAGG;IACH,WAAW,IAAI,MAAM;IAqCrB;;;;OAIG;IACH,OAAO,CAAC,eAAe;CAa1B"}
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
/*! @azure/msal-common v16.0.2 2026-01-17 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
|
|
4
|
+
import { HeaderNames } from '../utils/Constants.mjs';
|
|
5
|
+
import { invalidAuthenticationHeader, missingNonceAuthenticationHeader } from '../error/ClientConfigurationErrorCodes.mjs';
|
|
6
|
+
|
|
7
|
+
/*
|
|
8
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
9
|
+
* Licensed under the MIT License.
|
|
10
|
+
*/
|
|
11
|
+
/**
|
|
12
|
+
* This is a helper class that parses supported HTTP response authentication headers to extract and return
|
|
13
|
+
* header challenge values that can be used outside the basic authorization flows.
|
|
14
|
+
*/
|
|
15
|
+
class AuthenticationHeaderParser {
|
|
16
|
+
constructor(headers) {
|
|
17
|
+
this.headers = headers;
|
|
18
|
+
}
|
|
19
|
+
/**
|
|
20
|
+
* This method parses the SHR nonce value out of either the Authentication-Info or WWW-Authenticate authentication headers.
|
|
21
|
+
* @returns
|
|
22
|
+
*/
|
|
23
|
+
getShrNonce() {
|
|
24
|
+
// Attempt to parse nonce from Authentiacation-Info
|
|
25
|
+
const authenticationInfo = this.headers[HeaderNames.AuthenticationInfo];
|
|
26
|
+
if (authenticationInfo) {
|
|
27
|
+
const authenticationInfoChallenges = this.parseChallenges(authenticationInfo);
|
|
28
|
+
if (authenticationInfoChallenges.nextnonce) {
|
|
29
|
+
return authenticationInfoChallenges.nextnonce;
|
|
30
|
+
}
|
|
31
|
+
throw createClientConfigurationError(invalidAuthenticationHeader);
|
|
32
|
+
}
|
|
33
|
+
// Attempt to parse nonce from WWW-Authenticate
|
|
34
|
+
const wwwAuthenticate = this.headers[HeaderNames.WWWAuthenticate];
|
|
35
|
+
if (wwwAuthenticate) {
|
|
36
|
+
const wwwAuthenticateChallenges = this.parseChallenges(wwwAuthenticate);
|
|
37
|
+
if (wwwAuthenticateChallenges.nonce) {
|
|
38
|
+
return wwwAuthenticateChallenges.nonce;
|
|
39
|
+
}
|
|
40
|
+
throw createClientConfigurationError(invalidAuthenticationHeader);
|
|
41
|
+
}
|
|
42
|
+
// If neither header is present, throw missing headers error
|
|
43
|
+
throw createClientConfigurationError(missingNonceAuthenticationHeader);
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Parses an HTTP header's challenge set into a key/value map.
|
|
47
|
+
* @param header
|
|
48
|
+
* @returns
|
|
49
|
+
*/
|
|
50
|
+
parseChallenges(header) {
|
|
51
|
+
const schemeSeparator = header.indexOf(" ");
|
|
52
|
+
const challenges = header.substr(schemeSeparator + 1).split(",");
|
|
53
|
+
const challengeMap = {};
|
|
54
|
+
challenges.forEach((challenge) => {
|
|
55
|
+
const [key, value] = challenge.split("=");
|
|
56
|
+
// Remove escaped quotation marks (', ") from challenge string to keep only the challenge value
|
|
57
|
+
challengeMap[key] = unescape(value.replace(/['"]+/g, ""));
|
|
58
|
+
});
|
|
59
|
+
return challengeMap;
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
export { AuthenticationHeaderParser };
|
|
64
|
+
//# sourceMappingURL=AuthenticationHeaderParser.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthenticationHeaderParser.mjs","sources":["../../src/request/AuthenticationHeaderParser.ts"],"sourcesContent":[null],"names":["ClientConfigurationErrorCodes.invalidAuthenticationHeader","ClientConfigurationErrorCodes.missingNonceAuthenticationHeader"],"mappings":";;;;;;AAAA;;;AAGG;AAgBH;;;AAGG;MACU,0BAA0B,CAAA;AAGnC,IAAA,WAAA,CAAY,OAA+B,EAAA;AACvC,QAAA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;KAC1B;AAED;;;AAGG;IACH,WAAW,GAAA;;QAEP,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC;AACxE,QAAA,IAAI,kBAAkB,EAAE;YACpB,MAAM,4BAA4B,GAC9B,IAAI,CAAC,eAAe,CAChB,kBAAkB,CACrB,CAAC;YACN,IAAI,4BAA4B,CAAC,SAAS,EAAE;gBACxC,OAAO,4BAA4B,CAAC,SAAS,CAAC;AACjD,aAAA;AACD,YAAA,MAAM,8BAA8B,CAChCA,2BAAyD,CAC5D,CAAC;AACL,SAAA;;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;AAClE,QAAA,IAAI,eAAe,EAAE;YACjB,MAAM,yBAAyB,GAC3B,IAAI,CAAC,eAAe,CAChB,eAAe,CAClB,CAAC;YACN,IAAI,yBAAyB,CAAC,KAAK,EAAE;gBACjC,OAAO,yBAAyB,CAAC,KAAK,CAAC;AAC1C,aAAA;AACD,YAAA,MAAM,8BAA8B,CAChCA,2BAAyD,CAC5D,CAAC;AACL,SAAA;;AAGD,QAAA,MAAM,8BAA8B,CAChCC,gCAA8D,CACjE,CAAC;KACL;AAED;;;;AAIG;AACK,IAAA,eAAe,CAAI,MAAc,EAAA;QACrC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC5C,QAAA,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,EAAO,CAAC;AAE7B,QAAA,UAAU,CAAC,OAAO,CAAC,CAAC,SAAiB,KAAI;AACrC,YAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;;AAE1C,YAAA,YAAY,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC;AAC9D,SAAC,CAAC,CAAC;AAEH,QAAA,OAAO,YAAY,CAAC;KACvB;AACJ;;;;"}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import { AuthenticationScheme, HttpMethod } from "../utils/Constants.js";
|
|
2
|
+
import type { AzureCloudOptions } from "../config/ClientConfiguration.js";
|
|
3
|
+
import { StringDict } from "../utils/MsalTypes.js";
|
|
4
|
+
import { StoreInCache } from "./StoreInCache.js";
|
|
5
|
+
import { ShrOptions } from "../crypto/SignedHttpRequest.js";
|
|
6
|
+
/**
|
|
7
|
+
* BaseAuthRequest
|
|
8
|
+
*/
|
|
9
|
+
export type BaseAuthRequest = {
|
|
10
|
+
/**
|
|
11
|
+
* URL of the authority, the security token service (STS) from which MSAL will acquire tokens. Defaults to https://login.microsoftonline.com/common. If using the same authority for all request, authority should set on client application object and not request, to avoid resolving authority endpoints multiple times.
|
|
12
|
+
*/
|
|
13
|
+
authority: string;
|
|
14
|
+
/**
|
|
15
|
+
* Unique GUID set per request to trace a request end-to-end for telemetry purposes.
|
|
16
|
+
*/
|
|
17
|
+
correlationId: string;
|
|
18
|
+
/**
|
|
19
|
+
* Array of scopes the application is requesting access to.
|
|
20
|
+
*/
|
|
21
|
+
scopes: Array<string>;
|
|
22
|
+
/**
|
|
23
|
+
* The type of token retrieved. Defaults to "Bearer". Can also be type "pop" or "SSH".
|
|
24
|
+
*/
|
|
25
|
+
authenticationScheme?: AuthenticationScheme;
|
|
26
|
+
/**
|
|
27
|
+
* A stringified claims request which will be added to all /authorize and /token calls
|
|
28
|
+
*/
|
|
29
|
+
claims?: string;
|
|
30
|
+
/**
|
|
31
|
+
* A stringified claims object which will be added to a Signed HTTP Request
|
|
32
|
+
*/
|
|
33
|
+
shrClaims?: string;
|
|
34
|
+
/**
|
|
35
|
+
* A server-generated timestamp that has been encrypted and base64URL encoded, which will be added to a Signed HTTP Request.
|
|
36
|
+
*/
|
|
37
|
+
shrNonce?: string;
|
|
38
|
+
/**
|
|
39
|
+
* An object containing options for the Signed HTTP Request
|
|
40
|
+
*/
|
|
41
|
+
shrOptions?: ShrOptions;
|
|
42
|
+
/**
|
|
43
|
+
* HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
|
|
44
|
+
*/
|
|
45
|
+
resourceRequestMethod?: string;
|
|
46
|
+
/**
|
|
47
|
+
* URI that token will be used for. Used for proof-of-possession flows.
|
|
48
|
+
*/
|
|
49
|
+
resourceRequestUri?: string;
|
|
50
|
+
/**
|
|
51
|
+
* A stringified JSON Web Key representing a public key that can be signed by an SSH certificate.
|
|
52
|
+
*/
|
|
53
|
+
sshJwk?: string;
|
|
54
|
+
/**
|
|
55
|
+
* Key ID that uniquely identifies the SSH public key mentioned above.
|
|
56
|
+
*/
|
|
57
|
+
sshKid?: string;
|
|
58
|
+
/**
|
|
59
|
+
* Convenience string enums for users to provide public/sovereign cloud ids
|
|
60
|
+
*/
|
|
61
|
+
azureCloudOptions?: AzureCloudOptions;
|
|
62
|
+
/**
|
|
63
|
+
* Maximum allowed age, in milliseconds, of the user's authentication before a new sign-in is required.
|
|
64
|
+
*/
|
|
65
|
+
maxAge?: number;
|
|
66
|
+
/**
|
|
67
|
+
* Object containing boolean values indicating whether to store tokens in the cache or not (default is true)
|
|
68
|
+
*/
|
|
69
|
+
storeInCache?: StoreInCache;
|
|
70
|
+
/**
|
|
71
|
+
* Scenario id to track custom user prompts
|
|
72
|
+
*/
|
|
73
|
+
scenarioId?: string;
|
|
74
|
+
/**
|
|
75
|
+
* Key ID to identify the public key for PoP token request
|
|
76
|
+
*/
|
|
77
|
+
popKid?: string;
|
|
78
|
+
/**
|
|
79
|
+
* Embedded client id. When specified, broker client id (brk_client_id) and redirect uri (brk_redirect_uri) params are set with values from the config, overriding the corresponding extra parameters, if present.
|
|
80
|
+
*/
|
|
81
|
+
embeddedClientId?: string;
|
|
82
|
+
/**
|
|
83
|
+
* HTTP method to use for the /authorize request. Defaults to GET, but can be set to POST if the request requires body parameters.
|
|
84
|
+
*/
|
|
85
|
+
httpMethod?: HttpMethod;
|
|
86
|
+
/**
|
|
87
|
+
* String to string map of custom query parameters added to outgoing token service requests. Unless the parameter is only supported on query strings use extraParameters instead
|
|
88
|
+
*/
|
|
89
|
+
extraQueryParameters?: StringDict;
|
|
90
|
+
/**
|
|
91
|
+
* String to string map of custom parameters added to outgoing token service requests.
|
|
92
|
+
*/
|
|
93
|
+
extraParameters?: StringDict;
|
|
94
|
+
};
|
|
95
|
+
//# sourceMappingURL=BaseAuthRequest.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"BaseAuthRequest.d.ts","sourceRoot":"","sources":["../../src/request/BaseAuthRequest.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,gCAAgC,CAAC;AAE5D;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC1B;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,aAAa,EAAE,MAAM,CAAC;IACtB;;OAEG;IACH,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACtB;;OAEG;IACH,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB;;OAEG;IACH,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B;;OAEG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B;;OAEG;IACH,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;OAEG;IACH,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB;;OAEG;IACH,oBAAoB,CAAC,EAAE,UAAU,CAAC;IAClC;;OAEG;IACH,eAAe,CAAC,EAAE,UAAU,CAAC;CAChC,CAAC"}
|