@azure/msal-common 16.0.0-beta.0 → 16.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (500) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.mjs +1 -1
  17. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  18. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  19. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  20. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  21. package/dist/client/RefreshTokenClient.d.ts.map +1 -1
  22. package/dist/client/RefreshTokenClient.mjs +11 -7
  23. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  24. package/dist/client/SilentFlowClient.mjs +1 -1
  25. package/dist/config/ClientConfiguration.mjs +1 -1
  26. package/dist/constants/AADServerParamKeys.mjs +1 -1
  27. package/dist/crypto/ICrypto.mjs +1 -1
  28. package/dist/crypto/JoseHeader.mjs +1 -1
  29. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  30. package/dist/error/AuthError.mjs +1 -1
  31. package/dist/error/AuthErrorCodes.mjs +1 -1
  32. package/dist/error/CacheError.mjs +1 -1
  33. package/dist/error/CacheErrorCodes.mjs +1 -1
  34. package/dist/error/ClientAuthError.mjs +1 -1
  35. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  36. package/dist/error/ClientConfigurationError.mjs +1 -1
  37. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  38. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  39. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  40. package/dist/error/JoseHeaderError.mjs +1 -1
  41. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  42. package/dist/error/NetworkError.mjs +1 -1
  43. package/dist/error/PlatformBrokerError.mjs +1 -1
  44. package/dist/error/ServerError.mjs +1 -1
  45. package/dist/index-node.mjs +1 -1
  46. package/dist/index.mjs +1 -1
  47. package/dist/logger/Logger.mjs +1 -1
  48. package/dist/network/INetworkModule.mjs +1 -1
  49. package/dist/network/RequestThumbprint.mjs +1 -1
  50. package/dist/network/ThrottlingUtils.mjs +1 -1
  51. package/dist/packageMetadata.d.ts +1 -1
  52. package/dist/packageMetadata.d.ts.map +1 -1
  53. package/dist/packageMetadata.mjs +2 -2
  54. package/dist/protocol/Authorize.mjs +1 -1
  55. package/dist/protocol/Token.mjs +1 -1
  56. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  57. package/dist/request/BaseAuthRequest.d.ts +63 -20
  58. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  59. package/dist/request/CommonAuthorizationCodeRequest.d.ts +18 -13
  60. package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  61. package/dist/request/CommonAuthorizationUrlRequest.d.ts +48 -27
  62. package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  63. package/dist/request/CommonEndSessionRequest.d.ts +21 -7
  64. package/dist/request/CommonEndSessionRequest.d.ts.map +1 -1
  65. package/dist/request/CommonRefreshTokenRequest.d.ts +12 -10
  66. package/dist/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  67. package/dist/request/CommonSilentFlowRequest.d.ts +12 -14
  68. package/dist/request/CommonSilentFlowRequest.d.ts.map +1 -1
  69. package/dist/request/RequestParameterBuilder.mjs +1 -1
  70. package/dist/request/ScopeSet.mjs +1 -1
  71. package/dist/response/ResponseHandler.d.ts.map +1 -1
  72. package/dist/response/ResponseHandler.mjs +2 -1
  73. package/dist/response/ResponseHandler.mjs.map +1 -1
  74. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  75. package/dist/telemetry/performance/PerformanceEvent.d.ts +3 -1
  76. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  77. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  78. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  79. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  80. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  81. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  82. package/dist/url/UrlString.mjs +1 -1
  83. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  84. package/dist/utils/Constants.mjs +1 -1
  85. package/dist/utils/FunctionWrappers.mjs +1 -1
  86. package/dist/utils/ProtocolUtils.mjs +1 -1
  87. package/dist/utils/StringUtils.mjs +1 -1
  88. package/dist/utils/TimeUtils.mjs +1 -1
  89. package/dist/utils/UrlUtils.mjs +1 -1
  90. package/dist-browser/account/AccountInfo.d.ts +71 -0
  91. package/dist-browser/account/AccountInfo.d.ts.map +1 -0
  92. package/dist-browser/account/AccountInfo.mjs +85 -0
  93. package/dist-browser/account/AccountInfo.mjs.map +1 -0
  94. package/dist-browser/account/AuthToken.d.ts +24 -0
  95. package/dist-browser/account/AuthToken.d.ts.map +1 -0
  96. package/dist-browser/account/AuthToken.mjs +85 -0
  97. package/dist-browser/account/AuthToken.mjs.map +1 -0
  98. package/dist-browser/account/CcsCredential.d.ts +10 -0
  99. package/dist-browser/account/CcsCredential.d.ts.map +1 -0
  100. package/dist-browser/account/CcsCredential.mjs +13 -0
  101. package/dist-browser/account/CcsCredential.mjs.map +1 -0
  102. package/dist-browser/account/ClientCredentials.d.ts +20 -0
  103. package/dist-browser/account/ClientCredentials.d.ts.map +1 -0
  104. package/dist-browser/account/ClientInfo.d.ts +23 -0
  105. package/dist-browser/account/ClientInfo.d.ts.map +1 -0
  106. package/dist-browser/account/ClientInfo.mjs +44 -0
  107. package/dist-browser/account/ClientInfo.mjs.map +1 -0
  108. package/dist-browser/account/TokenClaims.d.ts +88 -0
  109. package/dist-browser/account/TokenClaims.d.ts.map +1 -0
  110. package/dist-browser/account/TokenClaims.mjs +25 -0
  111. package/dist-browser/account/TokenClaims.mjs.map +1 -0
  112. package/dist-browser/authority/Authority.d.ts +255 -0
  113. package/dist-browser/authority/Authority.d.ts.map +1 -0
  114. package/dist-browser/authority/Authority.mjs +841 -0
  115. package/dist-browser/authority/Authority.mjs.map +1 -0
  116. package/dist-browser/authority/AuthorityFactory.d.ts +23 -0
  117. package/dist-browser/authority/AuthorityFactory.d.ts.map +1 -0
  118. package/dist-browser/authority/AuthorityFactory.mjs +42 -0
  119. package/dist-browser/authority/AuthorityFactory.mjs.map +1 -0
  120. package/dist-browser/authority/AuthorityMetadata.d.ts +44 -0
  121. package/dist-browser/authority/AuthorityMetadata.d.ts.map +1 -0
  122. package/dist-browser/authority/AuthorityMetadata.mjs +146 -0
  123. package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -0
  124. package/dist-browser/authority/AuthorityOptions.d.ts +27 -0
  125. package/dist-browser/authority/AuthorityOptions.d.ts.map +1 -0
  126. package/dist-browser/authority/AuthorityOptions.mjs +23 -0
  127. package/dist-browser/authority/AuthorityOptions.mjs.map +1 -0
  128. package/dist-browser/authority/AuthorityType.d.ts +11 -0
  129. package/dist-browser/authority/AuthorityType.d.ts.map +1 -0
  130. package/dist-browser/authority/AuthorityType.mjs +18 -0
  131. package/dist-browser/authority/AuthorityType.mjs.map +1 -0
  132. package/dist-browser/authority/AzureRegion.d.ts +2 -0
  133. package/dist-browser/authority/AzureRegion.d.ts.map +1 -0
  134. package/dist-browser/authority/AzureRegionConfiguration.d.ts +6 -0
  135. package/dist-browser/authority/AzureRegionConfiguration.d.ts.map +1 -0
  136. package/dist-browser/authority/CloudDiscoveryMetadata.d.ts +6 -0
  137. package/dist-browser/authority/CloudDiscoveryMetadata.d.ts.map +1 -0
  138. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts +14 -0
  139. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +1 -0
  140. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +13 -0
  141. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs.map +1 -0
  142. package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts +10 -0
  143. package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts.map +1 -0
  144. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +13 -0
  145. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs.map +1 -0
  146. package/dist-browser/authority/ImdsOptions.d.ts +6 -0
  147. package/dist-browser/authority/ImdsOptions.d.ts.map +1 -0
  148. package/dist-browser/authority/OIDCOptions.d.ts +9 -0
  149. package/dist-browser/authority/OIDCOptions.d.ts.map +1 -0
  150. package/dist-browser/authority/OpenIdConfigResponse.d.ts +12 -0
  151. package/dist-browser/authority/OpenIdConfigResponse.d.ts.map +1 -0
  152. package/dist-browser/authority/OpenIdConfigResponse.mjs +15 -0
  153. package/dist-browser/authority/OpenIdConfigResponse.mjs.map +1 -0
  154. package/dist-browser/authority/ProtocolMode.d.ts +20 -0
  155. package/dist-browser/authority/ProtocolMode.d.ts.map +1 -0
  156. package/dist-browser/authority/ProtocolMode.mjs +27 -0
  157. package/dist-browser/authority/ProtocolMode.mjs.map +1 -0
  158. package/dist-browser/authority/RegionDiscovery.d.ts +33 -0
  159. package/dist-browser/authority/RegionDiscovery.d.ts.map +1 -0
  160. package/dist-browser/authority/RegionDiscovery.mjs +111 -0
  161. package/dist-browser/authority/RegionDiscovery.mjs.map +1 -0
  162. package/dist-browser/authority/RegionDiscoveryMetadata.d.ts +7 -0
  163. package/dist-browser/authority/RegionDiscoveryMetadata.d.ts.map +1 -0
  164. package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts +17 -0
  165. package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -0
  166. package/dist-browser/cache/CacheManager.d.ts +478 -0
  167. package/dist-browser/cache/CacheManager.d.ts.map +1 -0
  168. package/dist-browser/cache/CacheManager.mjs +1111 -0
  169. package/dist-browser/cache/CacheManager.mjs.map +1 -0
  170. package/dist-browser/cache/entities/AccessTokenEntity.d.ts +22 -0
  171. package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -0
  172. package/dist-browser/cache/entities/AccountEntity.d.ts +45 -0
  173. package/dist-browser/cache/entities/AccountEntity.d.ts.map +1 -0
  174. package/dist-browser/cache/entities/AppMetadataEntity.d.ts +12 -0
  175. package/dist-browser/cache/entities/AppMetadataEntity.d.ts.map +1 -0
  176. package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts +16 -0
  177. package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts.map +1 -0
  178. package/dist-browser/cache/entities/CacheRecord.d.ts +14 -0
  179. package/dist-browser/cache/entities/CacheRecord.d.ts.map +1 -0
  180. package/dist-browser/cache/entities/CredentialEntity.d.ts +31 -0
  181. package/dist-browser/cache/entities/CredentialEntity.d.ts.map +1 -0
  182. package/dist-browser/cache/entities/IdTokenEntity.d.ts +9 -0
  183. package/dist-browser/cache/entities/IdTokenEntity.d.ts.map +1 -0
  184. package/dist-browser/cache/entities/RefreshTokenEntity.d.ts +8 -0
  185. package/dist-browser/cache/entities/RefreshTokenEntity.d.ts.map +1 -0
  186. package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts +7 -0
  187. package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts.map +1 -0
  188. package/dist-browser/cache/entities/ThrottlingEntity.d.ts +8 -0
  189. package/dist-browser/cache/entities/ThrottlingEntity.d.ts.map +1 -0
  190. package/dist-browser/cache/interface/ICacheManager.d.ts +188 -0
  191. package/dist-browser/cache/interface/ICacheManager.d.ts.map +1 -0
  192. package/dist-browser/cache/interface/ICachePlugin.d.ts +6 -0
  193. package/dist-browser/cache/interface/ICachePlugin.d.ts.map +1 -0
  194. package/dist-browser/cache/interface/ISerializableTokenCache.d.ts +5 -0
  195. package/dist-browser/cache/interface/ISerializableTokenCache.d.ts.map +1 -0
  196. package/dist-browser/cache/persistence/TokenCacheContext.d.ts +24 -0
  197. package/dist-browser/cache/persistence/TokenCacheContext.d.ts.map +1 -0
  198. package/dist-browser/cache/persistence/TokenCacheContext.mjs +30 -0
  199. package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -0
  200. package/dist-browser/cache/utils/AccountEntityUtils.d.ts +53 -0
  201. package/dist-browser/cache/utils/AccountEntityUtils.d.ts.map +1 -0
  202. package/dist-browser/cache/utils/AccountEntityUtils.mjs +192 -0
  203. package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -0
  204. package/dist-browser/cache/utils/CacheHelpers.d.ts +86 -0
  205. package/dist-browser/cache/utils/CacheHelpers.d.ts.map +1 -0
  206. package/dist-browser/cache/utils/CacheHelpers.mjs +267 -0
  207. package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -0
  208. package/dist-browser/cache/utils/CacheTypes.d.ts +69 -0
  209. package/dist-browser/cache/utils/CacheTypes.d.ts.map +1 -0
  210. package/dist-browser/client/AuthorizationCodeClient.d.ts +64 -0
  211. package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -0
  212. package/dist-browser/client/AuthorizationCodeClient.mjs +287 -0
  213. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -0
  214. package/dist-browser/client/RefreshTokenClient.d.ts +49 -0
  215. package/dist-browser/client/RefreshTokenClient.d.ts.map +1 -0
  216. package/dist-browser/client/RefreshTokenClient.mjs +254 -0
  217. package/dist-browser/client/RefreshTokenClient.mjs.map +1 -0
  218. package/dist-browser/client/SilentFlowClient.d.ts +35 -0
  219. package/dist-browser/client/SilentFlowClient.d.ts.map +1 -0
  220. package/dist-browser/client/SilentFlowClient.mjs +125 -0
  221. package/dist-browser/client/SilentFlowClient.mjs.map +1 -0
  222. package/dist-browser/config/AppTokenProvider.d.ts +39 -0
  223. package/dist-browser/config/AppTokenProvider.d.ts.map +1 -0
  224. package/dist-browser/config/ClientConfiguration.d.ts +143 -0
  225. package/dist-browser/config/ClientConfiguration.d.ts.map +1 -0
  226. package/dist-browser/config/ClientConfiguration.mjs +107 -0
  227. package/dist-browser/config/ClientConfiguration.mjs.map +1 -0
  228. package/dist-browser/constants/AADServerParamKeys.d.ts +59 -0
  229. package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -0
  230. package/dist-browser/constants/AADServerParamKeys.mjs +67 -0
  231. package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -0
  232. package/dist-browser/crypto/ICrypto.d.ts +71 -0
  233. package/dist-browser/crypto/ICrypto.d.ts.map +1 -0
  234. package/dist-browser/crypto/ICrypto.mjs +44 -0
  235. package/dist-browser/crypto/ICrypto.mjs.map +1 -0
  236. package/dist-browser/crypto/IGuidGenerator.d.ts +5 -0
  237. package/dist-browser/crypto/IGuidGenerator.d.ts.map +1 -0
  238. package/dist-browser/crypto/JoseHeader.d.ts +23 -0
  239. package/dist-browser/crypto/JoseHeader.d.ts.map +1 -0
  240. package/dist-browser/crypto/JoseHeader.mjs +46 -0
  241. package/dist-browser/crypto/JoseHeader.mjs.map +1 -0
  242. package/dist-browser/crypto/PopTokenGenerator.d.ts +60 -0
  243. package/dist-browser/crypto/PopTokenGenerator.d.ts.map +1 -0
  244. package/dist-browser/crypto/PopTokenGenerator.mjs +87 -0
  245. package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -0
  246. package/dist-browser/crypto/SignedHttpRequest.d.ts +16 -0
  247. package/dist-browser/crypto/SignedHttpRequest.d.ts.map +1 -0
  248. package/dist-browser/error/AuthError.d.ts +33 -0
  249. package/dist-browser/error/AuthError.d.ts.map +1 -0
  250. package/dist-browser/error/AuthError.mjs +34 -0
  251. package/dist-browser/error/AuthError.mjs.map +1 -0
  252. package/dist-browser/error/AuthErrorCodes.d.ts +6 -0
  253. package/dist-browser/error/AuthErrorCodes.d.ts.map +1 -0
  254. package/dist-browser/error/AuthErrorCodes.mjs +14 -0
  255. package/dist-browser/error/AuthErrorCodes.mjs.map +1 -0
  256. package/dist-browser/error/CacheError.d.ts +23 -0
  257. package/dist-browser/error/CacheError.d.ts.map +1 -0
  258. package/dist-browser/error/CacheError.mjs +45 -0
  259. package/dist-browser/error/CacheError.mjs.map +1 -0
  260. package/dist-browser/error/CacheErrorCodes.d.ts +3 -0
  261. package/dist-browser/error/CacheErrorCodes.d.ts.map +1 -0
  262. package/dist-browser/error/CacheErrorCodes.mjs +11 -0
  263. package/dist-browser/error/CacheErrorCodes.mjs.map +1 -0
  264. package/dist-browser/error/ClientAuthError.d.ts +14 -0
  265. package/dist-browser/error/ClientAuthError.d.ts.map +1 -0
  266. package/dist-browser/error/ClientAuthError.mjs +27 -0
  267. package/dist-browser/error/ClientAuthError.mjs.map +1 -0
  268. package/dist-browser/error/ClientAuthErrorCodes.d.ts +38 -0
  269. package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -0
  270. package/dist-browser/error/ClientAuthErrorCodes.mjs +46 -0
  271. package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -0
  272. package/dist-browser/error/ClientConfigurationError.d.ts +11 -0
  273. package/dist-browser/error/ClientConfigurationError.d.ts.map +1 -0
  274. package/dist-browser/error/ClientConfigurationError.mjs +24 -0
  275. package/dist-browser/error/ClientConfigurationError.mjs.map +1 -0
  276. package/dist-browser/error/ClientConfigurationErrorCodes.d.ts +23 -0
  277. package/dist-browser/error/ClientConfigurationErrorCodes.d.ts.map +1 -0
  278. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +31 -0
  279. package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -0
  280. package/dist-browser/error/InteractionRequiredAuthError.d.ts +48 -0
  281. package/dist-browser/error/InteractionRequiredAuthError.d.ts.map +1 -0
  282. package/dist-browser/error/InteractionRequiredAuthError.mjs +73 -0
  283. package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -0
  284. package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts +9 -0
  285. package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -0
  286. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +19 -0
  287. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs.map +1 -0
  288. package/dist-browser/error/JoseHeaderError.d.ts +12 -0
  289. package/dist-browser/error/JoseHeaderError.d.ts.map +1 -0
  290. package/dist-browser/error/JoseHeaderError.mjs +25 -0
  291. package/dist-browser/error/JoseHeaderError.mjs.map +1 -0
  292. package/dist-browser/error/JoseHeaderErrorCodes.d.ts +3 -0
  293. package/dist-browser/error/JoseHeaderErrorCodes.d.ts.map +1 -0
  294. package/dist-browser/error/JoseHeaderErrorCodes.mjs +11 -0
  295. package/dist-browser/error/JoseHeaderErrorCodes.mjs.map +1 -0
  296. package/dist-browser/error/NetworkError.d.ts +19 -0
  297. package/dist-browser/error/NetworkError.d.ts.map +1 -0
  298. package/dist-browser/error/NetworkError.mjs +35 -0
  299. package/dist-browser/error/NetworkError.mjs.map +1 -0
  300. package/dist-browser/error/PlatformBrokerError.d.ts +16 -0
  301. package/dist-browser/error/PlatformBrokerError.d.ts.map +1 -0
  302. package/dist-browser/error/PlatformBrokerError.mjs +49 -0
  303. package/dist-browser/error/PlatformBrokerError.mjs.map +1 -0
  304. package/dist-browser/error/ServerError.d.ts +16 -0
  305. package/dist-browser/error/ServerError.d.ts.map +1 -0
  306. package/dist-browser/error/ServerError.mjs +23 -0
  307. package/dist-browser/error/ServerError.mjs.map +1 -0
  308. package/dist-browser/exports-browser-only.d.ts +11 -0
  309. package/dist-browser/exports-browser-only.d.ts.map +1 -0
  310. package/dist-browser/exports-common.d.ts +86 -0
  311. package/dist-browser/exports-common.d.ts.map +1 -0
  312. package/dist-browser/exports-node-only.d.ts +16 -0
  313. package/dist-browser/exports-node-only.d.ts.map +1 -0
  314. package/dist-browser/index-browser.d.ts +7 -0
  315. package/dist-browser/index-browser.d.ts.map +1 -0
  316. package/dist-browser/index-browser.mjs +78 -0
  317. package/dist-browser/index-browser.mjs.map +1 -0
  318. package/dist-browser/index-node.d.ts +7 -0
  319. package/dist-browser/index-node.d.ts.map +1 -0
  320. package/dist-browser/index.d.ts +12 -0
  321. package/dist-browser/index.d.ts.map +1 -0
  322. package/dist-browser/index.mjs +82 -0
  323. package/dist-browser/index.mjs.map +1 -0
  324. package/dist-browser/log-strings-mapping.json +383 -0
  325. package/dist-browser/logger/Logger.d.ts +119 -0
  326. package/dist-browser/logger/Logger.d.ts.map +1 -0
  327. package/dist-browser/logger/Logger.mjs +278 -0
  328. package/dist-browser/logger/Logger.mjs.map +1 -0
  329. package/dist-browser/network/INetworkModule.d.ts +30 -0
  330. package/dist-browser/network/INetworkModule.d.ts.map +1 -0
  331. package/dist-browser/network/INetworkModule.mjs +20 -0
  332. package/dist-browser/network/INetworkModule.mjs.map +1 -0
  333. package/dist-browser/network/NetworkResponse.d.ts +6 -0
  334. package/dist-browser/network/NetworkResponse.d.ts.map +1 -0
  335. package/dist-browser/network/RequestThumbprint.d.ts +22 -0
  336. package/dist-browser/network/RequestThumbprint.d.ts.map +1 -0
  337. package/dist-browser/network/RequestThumbprint.mjs +24 -0
  338. package/dist-browser/network/RequestThumbprint.mjs.map +1 -0
  339. package/dist-browser/network/ThrottlingUtils.d.ts +43 -0
  340. package/dist-browser/network/ThrottlingUtils.d.ts.map +1 -0
  341. package/dist-browser/network/ThrottlingUtils.mjs +92 -0
  342. package/dist-browser/network/ThrottlingUtils.mjs.map +1 -0
  343. package/dist-browser/packageMetadata.d.ts +3 -0
  344. package/dist-browser/packageMetadata.d.ts.map +1 -0
  345. package/dist-browser/packageMetadata.mjs +8 -0
  346. package/dist-browser/packageMetadata.mjs.map +1 -0
  347. package/dist-browser/protocol/Authorize.d.ts +37 -0
  348. package/dist-browser/protocol/Authorize.d.ts.map +1 -0
  349. package/dist-browser/protocol/Authorize.mjs +237 -0
  350. package/dist-browser/protocol/Authorize.mjs.map +1 -0
  351. package/dist-browser/protocol/Token.d.ts +40 -0
  352. package/dist-browser/protocol/Token.d.ts.map +1 -0
  353. package/dist-browser/protocol/Token.mjs +129 -0
  354. package/dist-browser/protocol/Token.mjs.map +1 -0
  355. package/dist-browser/request/AuthenticationHeaderParser.d.ts +20 -0
  356. package/dist-browser/request/AuthenticationHeaderParser.d.ts.map +1 -0
  357. package/dist-browser/request/AuthenticationHeaderParser.mjs +64 -0
  358. package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -0
  359. package/dist-browser/request/BaseAuthRequest.d.ts +95 -0
  360. package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -0
  361. package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts +32 -0
  362. package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts.map +1 -0
  363. package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts +71 -0
  364. package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts.map +1 -0
  365. package/dist-browser/request/CommonEndSessionRequest.d.ts +36 -0
  366. package/dist-browser/request/CommonEndSessionRequest.d.ts.map +1 -0
  367. package/dist-browser/request/CommonRefreshTokenRequest.d.ts +24 -0
  368. package/dist-browser/request/CommonRefreshTokenRequest.d.ts.map +1 -0
  369. package/dist-browser/request/CommonSilentFlowRequest.d.ts +24 -0
  370. package/dist-browser/request/CommonSilentFlowRequest.d.ts.map +1 -0
  371. package/dist-browser/request/NativeRequest.d.ts +20 -0
  372. package/dist-browser/request/NativeRequest.d.ts.map +1 -0
  373. package/dist-browser/request/NativeSignOutRequest.d.ts +6 -0
  374. package/dist-browser/request/NativeSignOutRequest.d.ts.map +1 -0
  375. package/dist-browser/request/RequestParameterBuilder.d.ts +217 -0
  376. package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -0
  377. package/dist-browser/request/RequestParameterBuilder.mjs +410 -0
  378. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -0
  379. package/dist-browser/request/ScopeSet.d.ts +83 -0
  380. package/dist-browser/request/ScopeSet.d.ts.map +1 -0
  381. package/dist-browser/request/ScopeSet.mjs +204 -0
  382. package/dist-browser/request/ScopeSet.mjs.map +1 -0
  383. package/dist-browser/request/StoreInCache.d.ts +9 -0
  384. package/dist-browser/request/StoreInCache.d.ts.map +1 -0
  385. package/dist-browser/response/AuthenticationResult.d.ts +42 -0
  386. package/dist-browser/response/AuthenticationResult.d.ts.map +1 -0
  387. package/dist-browser/response/AuthorizationCodePayload.d.ts +14 -0
  388. package/dist-browser/response/AuthorizationCodePayload.d.ts.map +1 -0
  389. package/dist-browser/response/AuthorizeResponse.d.ts +76 -0
  390. package/dist-browser/response/AuthorizeResponse.d.ts.map +1 -0
  391. package/dist-browser/response/DeviceCodeResponse.d.ts +26 -0
  392. package/dist-browser/response/DeviceCodeResponse.d.ts.map +1 -0
  393. package/dist-browser/response/ExternalTokenResponse.d.ts +16 -0
  394. package/dist-browser/response/ExternalTokenResponse.d.ts.map +1 -0
  395. package/dist-browser/response/IMDSBadResponse.d.ts +5 -0
  396. package/dist-browser/response/IMDSBadResponse.d.ts.map +1 -0
  397. package/dist-browser/response/ResponseHandler.d.ts +63 -0
  398. package/dist-browser/response/ResponseHandler.d.ts.map +1 -0
  399. package/dist-browser/response/ResponseHandler.mjs +349 -0
  400. package/dist-browser/response/ResponseHandler.mjs.map +1 -0
  401. package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts +48 -0
  402. package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts.map +1 -0
  403. package/dist-browser/telemetry/performance/IPerformanceClient.d.ts +30 -0
  404. package/dist-browser/telemetry/performance/IPerformanceClient.d.ts.map +1 -0
  405. package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts +6 -0
  406. package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts.map +1 -0
  407. package/dist-browser/telemetry/performance/PerformanceClient.d.ts +170 -0
  408. package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -0
  409. package/dist-browser/telemetry/performance/PerformanceClient.mjs +490 -0
  410. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -0
  411. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +286 -0
  412. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -0
  413. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +45 -0
  414. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -0
  415. package/dist-browser/telemetry/performance/PerformanceEvents.d.ts +66 -0
  416. package/dist-browser/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
  417. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +74 -0
  418. package/dist-browser/telemetry/performance/PerformanceEvents.mjs.map +1 -0
  419. package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts +21 -0
  420. package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts.map +1 -0
  421. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +59 -0
  422. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -0
  423. package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts +79 -0
  424. package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts.map +1 -0
  425. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +266 -0
  426. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -0
  427. package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts +9 -0
  428. package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts.map +1 -0
  429. package/dist-browser/url/IUri.d.ts +13 -0
  430. package/dist-browser/url/IUri.d.ts.map +1 -0
  431. package/dist-browser/url/UrlString.d.ts +44 -0
  432. package/dist-browser/url/UrlString.d.ts.map +1 -0
  433. package/dist-browser/url/UrlString.mjs +164 -0
  434. package/dist-browser/url/UrlString.mjs.map +1 -0
  435. package/dist-browser/utils/ClientAssertionUtils.d.ts +3 -0
  436. package/dist-browser/utils/ClientAssertionUtils.d.ts.map +1 -0
  437. package/dist-browser/utils/ClientAssertionUtils.mjs +21 -0
  438. package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -0
  439. package/dist-browser/utils/Constants.d.ts +283 -0
  440. package/dist-browser/utils/Constants.d.ts.map +1 -0
  441. package/dist-browser/utils/Constants.mjs +298 -0
  442. package/dist-browser/utils/Constants.mjs.map +1 -0
  443. package/dist-browser/utils/FunctionWrappers.d.ts +28 -0
  444. package/dist-browser/utils/FunctionWrappers.d.ts.map +1 -0
  445. package/dist-browser/utils/FunctionWrappers.mjs +98 -0
  446. package/dist-browser/utils/FunctionWrappers.mjs.map +1 -0
  447. package/dist-browser/utils/MsalTypes.d.ts +7 -0
  448. package/dist-browser/utils/MsalTypes.d.ts.map +1 -0
  449. package/dist-browser/utils/ProtocolUtils.d.ts +22 -0
  450. package/dist-browser/utils/ProtocolUtils.d.ts.map +1 -0
  451. package/dist-browser/utils/ProtocolUtils.mjs +74 -0
  452. package/dist-browser/utils/ProtocolUtils.mjs.map +1 -0
  453. package/dist-browser/utils/StateTypes.d.ts +15 -0
  454. package/dist-browser/utils/StateTypes.d.ts.map +1 -0
  455. package/dist-browser/utils/StringUtils.d.ts +41 -0
  456. package/dist-browser/utils/StringUtils.d.ts.map +1 -0
  457. package/dist-browser/utils/StringUtils.mjs +100 -0
  458. package/dist-browser/utils/StringUtils.mjs.map +1 -0
  459. package/dist-browser/utils/TimeUtils.d.ts +43 -0
  460. package/dist-browser/utils/TimeUtils.d.ts.map +1 -0
  461. package/dist-browser/utils/TimeUtils.mjs +76 -0
  462. package/dist-browser/utils/TimeUtils.mjs.map +1 -0
  463. package/dist-browser/utils/UrlUtils.d.ts +23 -0
  464. package/dist-browser/utils/UrlUtils.d.ts.map +1 -0
  465. package/dist-browser/utils/UrlUtils.mjs +115 -0
  466. package/dist-browser/utils/UrlUtils.mjs.map +1 -0
  467. package/lib/index-browser.cjs +2 -2
  468. package/lib/{index-node-B7mR4APO.js → index-node-A5mPbLhz.js} +14 -9
  469. package/lib/{index-node-B7mR4APO.js.map → index-node-A5mPbLhz.js.map} +1 -1
  470. package/lib/index-node.cjs +2 -2
  471. package/lib/index.cjs +2 -2
  472. package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
  473. package/lib/types/packageMetadata.d.ts +1 -1
  474. package/lib/types/packageMetadata.d.ts.map +1 -1
  475. package/lib/types/request/BaseAuthRequest.d.ts +63 -20
  476. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  477. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +18 -13
  478. package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +1 -1
  479. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +48 -27
  480. package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +1 -1
  481. package/lib/types/request/CommonEndSessionRequest.d.ts +21 -7
  482. package/lib/types/request/CommonEndSessionRequest.d.ts.map +1 -1
  483. package/lib/types/request/CommonRefreshTokenRequest.d.ts +12 -10
  484. package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +1 -1
  485. package/lib/types/request/CommonSilentFlowRequest.d.ts +12 -14
  486. package/lib/types/request/CommonSilentFlowRequest.d.ts.map +1 -1
  487. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  488. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +3 -1
  489. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  490. package/package.json +5 -3
  491. package/src/client/RefreshTokenClient.ts +13 -16
  492. package/src/packageMetadata.ts +1 -1
  493. package/src/request/BaseAuthRequest.ts +63 -20
  494. package/src/request/CommonAuthorizationCodeRequest.ts +18 -13
  495. package/src/request/CommonAuthorizationUrlRequest.ts +48 -27
  496. package/src/request/CommonEndSessionRequest.ts +21 -7
  497. package/src/request/CommonRefreshTokenRequest.ts +12 -10
  498. package/src/request/CommonSilentFlowRequest.ts +12 -14
  499. package/src/response/ResponseHandler.ts +5 -0
  500. package/src/telemetry/performance/PerformanceEvent.ts +3 -1
@@ -0,0 +1,71 @@
1
+ import { TokenClaims } from "./TokenClaims.js";
2
+ export type DataBoundary = "EU" | "None";
3
+ /**
4
+ * Account object with the following signature:
5
+ * - homeAccountId - Home account identifier for this account object
6
+ * - environment - Entity which issued the token represented by the domain of the issuer (e.g. login.microsoftonline.com)
7
+ * - tenantId - Full tenant or organizational id that this account belongs to
8
+ * - username - preferred_username claim of the id_token that represents this account
9
+ * - localAccountId - Local, tenant-specific account identifer for this account object, usually used in legacy cases
10
+ * - name - Full name for the account, including given name and family name
11
+ * - idToken - raw ID token
12
+ * - idTokenClaims - Object contains claims from ID token
13
+ * - nativeAccountId - The user's native account ID
14
+ * - tenantProfiles - Map of tenant profile objects for each tenant that the account has authenticated with in the browser
15
+ * - dataBoundary - Data boundary extracted from clientInfo
16
+ */
17
+ export type AccountInfo = {
18
+ homeAccountId: string;
19
+ environment: string;
20
+ tenantId: string;
21
+ username: string;
22
+ localAccountId: string;
23
+ loginHint?: string;
24
+ name?: string;
25
+ idToken?: string;
26
+ idTokenClaims?: TokenClaims & {
27
+ [key: string]: string | number | string[] | object | undefined | unknown;
28
+ };
29
+ nativeAccountId?: string;
30
+ authorityType?: string;
31
+ tenantProfiles?: Map<string, TenantProfile>;
32
+ dataBoundary?: DataBoundary;
33
+ };
34
+ /**
35
+ * Account details that vary across tenants for the same user
36
+ */
37
+ export type TenantProfile = Pick<AccountInfo, "tenantId" | "localAccountId" | "name" | "username" | "loginHint"> & {
38
+ /**
39
+ * - isHomeTenant - True if this is the home tenant profile of the account, false if it's a guest tenant profile
40
+ */
41
+ isHomeTenant?: boolean;
42
+ };
43
+ export type ActiveAccountFilters = {
44
+ homeAccountId: string;
45
+ localAccountId: string;
46
+ tenantId?: string;
47
+ };
48
+ /**
49
+ * Returns true if tenantId matches the utid portion of homeAccountId
50
+ * @param tenantId
51
+ * @param homeAccountId
52
+ * @returns
53
+ */
54
+ export declare function tenantIdMatchesHomeTenant(tenantId?: string, homeAccountId?: string): boolean;
55
+ /**
56
+ * Build tenant profile
57
+ * @param homeAccountId - Home account identifier for this account object
58
+ * @param localAccountId - Local account identifer for this account object
59
+ * @param tenantId - Full tenant or organizational id that this account belongs to
60
+ * @param idTokenClaims - Claims from the ID token
61
+ * @returns
62
+ */
63
+ export declare function buildTenantProfile(homeAccountId: string, localAccountId: string, tenantId: string, idTokenClaims?: TokenClaims): TenantProfile;
64
+ /**
65
+ * Replaces account info that varies by tenant profile sourced from the ID token claims passed in with the tenant-specific account info
66
+ * @param baseAccountInfo
67
+ * @param idTokenClaims
68
+ * @returns
69
+ */
70
+ export declare function updateAccountTenantProfileData(baseAccountInfo: AccountInfo, tenantProfile?: TenantProfile, idTokenClaims?: TokenClaims, idTokenSecret?: string): AccountInfo;
71
+ //# sourceMappingURL=AccountInfo.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AccountInfo.d.ts","sourceRoot":"","sources":["../../src/account/AccountInfo.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,MAAM,MAAM,YAAY,GAAG,IAAI,GAAG,MAAM,CAAC;AAEzC;;;;;;;;;;;;;GAaG;AACH,MAAM,MAAM,WAAW,GAAG;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,WAAW,GAAG;QAC1B,CAAC,GAAG,EAAE,MAAM,GACN,MAAM,GACN,MAAM,GACN,MAAM,EAAE,GACR,MAAM,GACN,SAAS,GACT,OAAO,CAAC;KACjB,CAAC;IACF,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC5C,YAAY,CAAC,EAAE,YAAY,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,IAAI,CAC5B,WAAW,EACX,UAAU,GAAG,gBAAgB,GAAG,MAAM,GAAG,UAAU,GAAG,WAAW,CACpE,GAAG;IACA;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACrC,QAAQ,CAAC,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAMT;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAC9B,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,aAAa,CAAC,EAAE,WAAW,GAC5B,aAAa,CAsCf;AAED;;;;;GAKG;AACH,wBAAgB,8BAA8B,CAC1C,eAAe,EAAE,WAAW,EAC5B,aAAa,CAAC,EAAE,aAAa,EAC7B,aAAa,CAAC,EAAE,WAAW,EAC3B,aAAa,CAAC,EAAE,MAAM,GACvB,WAAW,CAgCb"}
@@ -0,0 +1,85 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ /*
4
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5
+ * Licensed under the MIT License.
6
+ */
7
+ /**
8
+ * Returns true if tenantId matches the utid portion of homeAccountId
9
+ * @param tenantId
10
+ * @param homeAccountId
11
+ * @returns
12
+ */
13
+ function tenantIdMatchesHomeTenant(tenantId, homeAccountId) {
14
+ return (!!tenantId &&
15
+ !!homeAccountId &&
16
+ tenantId === homeAccountId.split(".")[1]);
17
+ }
18
+ /**
19
+ * Build tenant profile
20
+ * @param homeAccountId - Home account identifier for this account object
21
+ * @param localAccountId - Local account identifer for this account object
22
+ * @param tenantId - Full tenant or organizational id that this account belongs to
23
+ * @param idTokenClaims - Claims from the ID token
24
+ * @returns
25
+ */
26
+ function buildTenantProfile(homeAccountId, localAccountId, tenantId, idTokenClaims) {
27
+ if (idTokenClaims) {
28
+ const { oid, sub, tid, name, tfp, acr, preferred_username, upn, login_hint, } = idTokenClaims;
29
+ /**
30
+ * Since there is no way to determine if the authority is AAD or B2C, we exhaust all the possible claims that can serve as tenant ID with the following precedence:
31
+ * tid - TenantID claim that identifies the tenant that issued the token in AAD. Expected in all AAD ID tokens, not present in B2C ID Tokens.
32
+ * tfp - Trust Framework Policy claim that identifies the policy that was used to authenticate the user. Functions as tenant for B2C scenarios.
33
+ * acr - Authentication Context Class Reference claim used only with older B2C policies. Fallback in case tfp is not present, but likely won't be present anyway.
34
+ */
35
+ const tenantId = tid || tfp || acr || "";
36
+ return {
37
+ tenantId: tenantId,
38
+ localAccountId: oid || sub || "",
39
+ name: name,
40
+ username: preferred_username || upn || "",
41
+ loginHint: login_hint,
42
+ isHomeTenant: tenantIdMatchesHomeTenant(tenantId, homeAccountId),
43
+ };
44
+ }
45
+ else {
46
+ return {
47
+ tenantId,
48
+ localAccountId,
49
+ username: "",
50
+ isHomeTenant: tenantIdMatchesHomeTenant(tenantId, homeAccountId),
51
+ };
52
+ }
53
+ }
54
+ /**
55
+ * Replaces account info that varies by tenant profile sourced from the ID token claims passed in with the tenant-specific account info
56
+ * @param baseAccountInfo
57
+ * @param idTokenClaims
58
+ * @returns
59
+ */
60
+ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenClaims, idTokenSecret) {
61
+ let updatedAccountInfo = baseAccountInfo;
62
+ // Tenant Profile overrides passed in account info
63
+ if (tenantProfile) {
64
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
65
+ const { isHomeTenant, ...tenantProfileOverride } = tenantProfile;
66
+ updatedAccountInfo = { ...baseAccountInfo, ...tenantProfileOverride };
67
+ }
68
+ // ID token claims override passed in account info and tenant profile
69
+ if (idTokenClaims) {
70
+ // Ignore isHomeTenant, loginHint, and sid which are part of tenant profile but not base account info
71
+ // eslint-disable-next-line @typescript-eslint/no-unused-vars
72
+ const { isHomeTenant, ...claimsSourcedTenantProfile } = buildTenantProfile(baseAccountInfo.homeAccountId, baseAccountInfo.localAccountId, baseAccountInfo.tenantId, idTokenClaims);
73
+ updatedAccountInfo = {
74
+ ...updatedAccountInfo,
75
+ ...claimsSourcedTenantProfile,
76
+ idTokenClaims: idTokenClaims,
77
+ idToken: idTokenSecret,
78
+ };
79
+ return updatedAccountInfo;
80
+ }
81
+ return updatedAccountInfo;
82
+ }
83
+
84
+ export { buildTenantProfile, tenantIdMatchesHomeTenant, updateAccountTenantProfileData };
85
+ //# sourceMappingURL=AccountInfo.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AccountInfo.mjs","sources":["../../src/account/AccountInfo.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AA+DH;;;;;AAKG;AACa,SAAA,yBAAyB,CACrC,QAAiB,EACjB,aAAsB,EAAA;IAEtB,QACI,CAAC,CAAC,QAAQ;AACV,QAAA,CAAC,CAAC,aAAa;QACf,QAAQ,KAAK,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAC1C;AACN,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,kBAAkB,CAC9B,aAAqB,EACrB,cAAsB,EACtB,QAAgB,EAChB,aAA2B,EAAA;AAE3B,IAAA,IAAI,aAAa,EAAE;QACf,MAAM,EACF,GAAG,EACH,GAAG,EACH,GAAG,EACH,IAAI,EACJ,GAAG,EACH,GAAG,EACH,kBAAkB,EAClB,GAAG,EACH,UAAU,GACb,GAAG,aAAa,CAAC;AAElB;;;;;AAKG;QACH,MAAM,QAAQ,GAAG,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;QAEzC,OAAO;AACH,YAAA,QAAQ,EAAE,QAAQ;AAClB,YAAA,cAAc,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE;AAChC,YAAA,IAAI,EAAE,IAAI;AACV,YAAA,QAAQ,EAAE,kBAAkB,IAAI,GAAG,IAAI,EAAE;AACzC,YAAA,SAAS,EAAE,UAAU;AACrB,YAAA,YAAY,EAAE,yBAAyB,CAAC,QAAQ,EAAE,aAAa,CAAC;SACnE,CAAC;AACL,KAAA;AAAM,SAAA;QACH,OAAO;YACH,QAAQ;YACR,cAAc;AACd,YAAA,QAAQ,EAAE,EAAE;AACZ,YAAA,YAAY,EAAE,yBAAyB,CAAC,QAAQ,EAAE,aAAa,CAAC;SACnE,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;;;AAKG;AACG,SAAU,8BAA8B,CAC1C,eAA4B,EAC5B,aAA6B,EAC7B,aAA2B,EAC3B,aAAsB,EAAA;IAEtB,IAAI,kBAAkB,GAAG,eAAe,CAAC;;AAEzC,IAAA,IAAI,aAAa,EAAE;;QAEf,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,EAAE,GAAG,aAAa,CAAC;QACjE,kBAAkB,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,qBAAqB,EAAE,CAAC;AACzE,KAAA;;AAGD,IAAA,IAAI,aAAa,EAAE;;;QAGf,MAAM,EAAE,YAAY,EAAE,GAAG,0BAA0B,EAAE,GACjD,kBAAkB,CACd,eAAe,CAAC,aAAa,EAC7B,eAAe,CAAC,cAAc,EAC9B,eAAe,CAAC,QAAQ,EACxB,aAAa,CAChB,CAAC;AAEN,QAAA,kBAAkB,GAAG;AACjB,YAAA,GAAG,kBAAkB;AACrB,YAAA,GAAG,0BAA0B;AAC7B,YAAA,aAAa,EAAE,aAAa;AAC5B,YAAA,OAAO,EAAE,aAAa;SACzB,CAAC;AAEF,QAAA,OAAO,kBAAkB,CAAC;AAC7B,KAAA;AAED,IAAA,OAAO,kBAAkB,CAAC;AAC9B;;;;"}
@@ -0,0 +1,24 @@
1
+ import { TokenClaims } from "./TokenClaims.js";
2
+ /**
3
+ * Extract token by decoding the rawToken
4
+ *
5
+ * @param encodedToken
6
+ */
7
+ export declare function extractTokenClaims(encodedToken: string, base64Decode: (input: string) => string): TokenClaims;
8
+ /**
9
+ * Check if the signin_state claim contains "kmsi"
10
+ * @param idTokenClaims
11
+ * @returns
12
+ */
13
+ export declare function isKmsi(idTokenClaims: TokenClaims): boolean;
14
+ /**
15
+ * decode a JWT
16
+ *
17
+ * @param authToken
18
+ */
19
+ export declare function getJWSPayload(authToken: string): string;
20
+ /**
21
+ * Determine if the token's max_age has transpired
22
+ */
23
+ export declare function checkMaxAge(authTime: number, maxAge: number): void;
24
+ //# sourceMappingURL=AuthToken.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AuthToken.d.ts","sourceRoot":"","sources":["../../src/account/AuthToken.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAM/C;;;;GAIG;AACH,wBAAgB,kBAAkB,CAC9B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GACxC,WAAW,CAWb;AAED;;;;GAIG;AACH,wBAAgB,MAAM,CAAC,aAAa,EAAE,WAAW,GAAG,OAAO,CAe1D;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAkBvD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAUlE"}
@@ -0,0 +1,85 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
+ import { tokenParsingError, nullOrEmptyToken, maxAgeTranspired } from '../error/ClientAuthErrorCodes.mjs';
5
+
6
+ /*
7
+ * Copyright (c) Microsoft Corporation. All rights reserved.
8
+ * Licensed under the MIT License.
9
+ */
10
+ /**
11
+ * Extract token by decoding the rawToken
12
+ *
13
+ * @param encodedToken
14
+ */
15
+ function extractTokenClaims(encodedToken, base64Decode) {
16
+ const jswPayload = getJWSPayload(encodedToken);
17
+ // token will be decoded to get the username
18
+ try {
19
+ // base64Decode() should throw an error if there is an issue
20
+ const base64Decoded = base64Decode(jswPayload);
21
+ return JSON.parse(base64Decoded);
22
+ }
23
+ catch (err) {
24
+ throw createClientAuthError(tokenParsingError);
25
+ }
26
+ }
27
+ /**
28
+ * Check if the signin_state claim contains "kmsi"
29
+ * @param idTokenClaims
30
+ * @returns
31
+ */
32
+ function isKmsi(idTokenClaims) {
33
+ if (!idTokenClaims.signin_state) {
34
+ return false;
35
+ }
36
+ /**
37
+ * Signin_state claim known values:
38
+ * dvc_mngd - device is managed
39
+ * dvc_dmjd - device is domain joined
40
+ * kmsi - user opted to "keep me signed in"
41
+ * inknownntwk - Request made inside a known network. Don't use this, use CAE instead.
42
+ */
43
+ const kmsiClaims = ["kmsi", "dvc_dmjd"]; // There are some cases where kmsi may not be returned but persistent storage is still OK - allow dvc_dmjd as well
44
+ return idTokenClaims.signin_state.some((value) => kmsiClaims.includes(value.trim().toLowerCase()));
45
+ }
46
+ /**
47
+ * decode a JWT
48
+ *
49
+ * @param authToken
50
+ */
51
+ function getJWSPayload(authToken) {
52
+ if (!authToken) {
53
+ throw createClientAuthError(nullOrEmptyToken);
54
+ }
55
+ const tokenPartsRegex = /^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/;
56
+ const matches = tokenPartsRegex.exec(authToken);
57
+ if (!matches || matches.length < 4) {
58
+ throw createClientAuthError(tokenParsingError);
59
+ }
60
+ /**
61
+ * const crackedToken = {
62
+ * header: matches[1],
63
+ * JWSPayload: matches[2],
64
+ * JWSSig: matches[3],
65
+ * };
66
+ */
67
+ return matches[2];
68
+ }
69
+ /**
70
+ * Determine if the token's max_age has transpired
71
+ */
72
+ function checkMaxAge(authTime, maxAge) {
73
+ /*
74
+ * per https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
75
+ * To force an immediate re-authentication: If an app requires that a user re-authenticate prior to access,
76
+ * provide a value of 0 for the max_age parameter and the AS will force a fresh login.
77
+ */
78
+ const fiveMinuteSkew = 300000; // five minutes in milliseconds
79
+ if (maxAge === 0 || Date.now() - fiveMinuteSkew > authTime + maxAge) {
80
+ throw createClientAuthError(maxAgeTranspired);
81
+ }
82
+ }
83
+
84
+ export { checkMaxAge, extractTokenClaims, getJWSPayload, isKmsi };
85
+ //# sourceMappingURL=AuthToken.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"AuthToken.mjs","sources":["../../src/account/AuthToken.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.tokenParsingError","ClientAuthErrorCodes.nullOrEmptyToken","ClientAuthErrorCodes.maxAgeTranspired"],"mappings":";;;;;AAAA;;;AAGG;AAQH;;;;AAIG;AACa,SAAA,kBAAkB,CAC9B,YAAoB,EACpB,YAAuC,EAAA;AAEvC,IAAA,MAAM,UAAU,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC;;IAG/C,IAAI;;AAEA,QAAA,MAAM,aAAa,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC;AAC/C,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAgB,CAAC;AACnD,KAAA;AAAC,IAAA,OAAO,GAAG,EAAE;AACV,QAAA,MAAM,qBAAqB,CAACA,iBAAsC,CAAC,CAAC;AACvE,KAAA;AACL,CAAC;AAED;;;;AAIG;AACG,SAAU,MAAM,CAAC,aAA0B,EAAA;AAC7C,IAAA,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE;AAC7B,QAAA,OAAO,KAAK,CAAC;AAChB,KAAA;AACD;;;;;;AAMG;IACH,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACxC,OAAO,aAAa,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,KACzC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAClD,CAAC;AACN,CAAC;AAED;;;;AAIG;AACG,SAAU,aAAa,CAAC,SAAiB,EAAA;IAC3C,IAAI,CAAC,SAAS,EAAE;AACZ,QAAA,MAAM,qBAAqB,CAACC,gBAAqC,CAAC,CAAC;AACtE,KAAA;IACD,MAAM,eAAe,GAAG,sCAAsC,CAAC;IAC/D,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;AAChC,QAAA,MAAM,qBAAqB,CAACD,iBAAsC,CAAC,CAAC;AACvE,KAAA;AACD;;;;;;AAMG;AAEH,IAAA,OAAO,OAAO,CAAC,CAAC,CAAC,CAAC;AACtB,CAAC;AAED;;AAEG;AACa,SAAA,WAAW,CAAC,QAAgB,EAAE,MAAc,EAAA;AACxD;;;;AAIG;AACH,IAAA,MAAM,cAAc,GAAG,MAAM,CAAC;AAC9B,IAAA,IAAI,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,GAAG,QAAQ,GAAG,MAAM,EAAE;AACjE,QAAA,MAAM,qBAAqB,CAACE,gBAAqC,CAAC,CAAC;AACtE,KAAA;AACL;;;;"}
@@ -0,0 +1,10 @@
1
+ export type CcsCredential = {
2
+ credential: string;
3
+ type: CcsCredentialType;
4
+ };
5
+ export declare const CcsCredentialType: {
6
+ readonly HOME_ACCOUNT_ID: "home_account_id";
7
+ readonly UPN: "UPN";
8
+ };
9
+ export type CcsCredentialType = (typeof CcsCredentialType)[keyof typeof CcsCredentialType];
10
+ //# sourceMappingURL=CcsCredential.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CcsCredential.d.ts","sourceRoot":"","sources":["../../src/account/CcsCredential.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,aAAa,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,iBAAiB,CAAC;CAC3B,CAAC;AAEF,eAAO,MAAM,iBAAiB;;;CAGpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC"}
@@ -0,0 +1,13 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ /*
4
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5
+ * Licensed under the MIT License.
6
+ */
7
+ const CcsCredentialType = {
8
+ HOME_ACCOUNT_ID: "home_account_id",
9
+ UPN: "UPN",
10
+ };
11
+
12
+ export { CcsCredentialType };
13
+ //# sourceMappingURL=CcsCredential.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"CcsCredential.mjs","sources":["../../src/account/CcsCredential.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAOU,MAAA,iBAAiB,GAAG;AAC7B,IAAA,eAAe,EAAE,iBAAiB;AAClC,IAAA,GAAG,EAAE,KAAK;;;;;"}
@@ -0,0 +1,20 @@
1
+ export type ClientAssertionConfig = {
2
+ clientId: string;
3
+ tokenEndpoint?: string;
4
+ };
5
+ export type ClientAssertionCallback = (config: ClientAssertionConfig) => Promise<string>;
6
+ /**
7
+ * Client Assertion credential for Confidential Clients
8
+ */
9
+ export type ClientAssertion = {
10
+ assertion: string | ClientAssertionCallback;
11
+ assertionType: string;
12
+ };
13
+ /**
14
+ * Client Credentials set for Confidential Clients
15
+ */
16
+ export type ClientCredentials = {
17
+ clientSecret?: string;
18
+ clientAssertion?: ClientAssertion;
19
+ };
20
+ //# sourceMappingURL=ClientCredentials.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ClientCredentials.d.ts","sourceRoot":"","sources":["../../src/account/ClientCredentials.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,qBAAqB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG,CAClC,MAAM,EAAE,qBAAqB,KAC5B,OAAO,CAAC,MAAM,CAAC,CAAC;AAErB;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC1B,SAAS,EAAE,MAAM,GAAG,uBAAuB,CAAC;IAC5C,aAAa,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,eAAe,CAAC;CACrC,CAAC"}
@@ -0,0 +1,23 @@
1
+ /**
2
+ * Client info object which consists of:
3
+ * uid: user id
4
+ * utid: tenant id
5
+ * xms_tdbr: optional, only for non-US tenants
6
+ */
7
+ export type ClientInfo = {
8
+ uid: string;
9
+ utid: string;
10
+ xms_tdbr?: string;
11
+ };
12
+ /**
13
+ * Function to build a client info object from server clientInfo string
14
+ * @param rawClientInfo
15
+ * @param crypto
16
+ */
17
+ export declare function buildClientInfo(rawClientInfo: string, base64Decode: (input: string) => string): ClientInfo;
18
+ /**
19
+ * Function to build a client info object from cached homeAccountId string
20
+ * @param homeAccountId
21
+ */
22
+ export declare function buildClientInfoFromHomeAccountId(homeAccountId: string): ClientInfo;
23
+ //# sourceMappingURL=ClientInfo.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ClientInfo.d.ts","sourceRoot":"","sources":["../../src/account/ClientInfo.ts"],"names":[],"mappings":"AAWA;;;;;GAKG;AACH,MAAM,MAAM,UAAU,GAAG;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,eAAe,CAC3B,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GACxC,UAAU,CAaZ;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAC5C,aAAa,EAAE,MAAM,GACtB,UAAU,CAcZ"}
@@ -0,0 +1,44 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
+ import { CLIENT_INFO_SEPARATOR } from '../utils/Constants.mjs';
5
+ import { clientInfoEmptyError, clientInfoDecodingError } from '../error/ClientAuthErrorCodes.mjs';
6
+
7
+ /*
8
+ * Copyright (c) Microsoft Corporation. All rights reserved.
9
+ * Licensed under the MIT License.
10
+ */
11
+ /**
12
+ * Function to build a client info object from server clientInfo string
13
+ * @param rawClientInfo
14
+ * @param crypto
15
+ */
16
+ function buildClientInfo(rawClientInfo, base64Decode) {
17
+ if (!rawClientInfo) {
18
+ throw createClientAuthError(clientInfoEmptyError);
19
+ }
20
+ try {
21
+ const decodedClientInfo = base64Decode(rawClientInfo);
22
+ return JSON.parse(decodedClientInfo);
23
+ }
24
+ catch (e) {
25
+ throw createClientAuthError(clientInfoDecodingError);
26
+ }
27
+ }
28
+ /**
29
+ * Function to build a client info object from cached homeAccountId string
30
+ * @param homeAccountId
31
+ */
32
+ function buildClientInfoFromHomeAccountId(homeAccountId) {
33
+ if (!homeAccountId) {
34
+ throw createClientAuthError(clientInfoDecodingError);
35
+ }
36
+ const clientInfoParts = homeAccountId.split(CLIENT_INFO_SEPARATOR, 2);
37
+ return {
38
+ uid: clientInfoParts[0],
39
+ utid: clientInfoParts.length < 2 ? "" : clientInfoParts[1],
40
+ };
41
+ }
42
+
43
+ export { buildClientInfo, buildClientInfoFromHomeAccountId };
44
+ //# sourceMappingURL=ClientInfo.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"ClientInfo.mjs","sources":["../../src/account/ClientInfo.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.clientInfoEmptyError","ClientAuthErrorCodes.clientInfoDecodingError","Constants.CLIENT_INFO_SEPARATOR"],"mappings":";;;;;;AAAA;;;AAGG;AAoBH;;;;AAIG;AACa,SAAA,eAAe,CAC3B,aAAqB,EACrB,YAAuC,EAAA;IAEvC,IAAI,CAAC,aAAa,EAAE;AAChB,QAAA,MAAM,qBAAqB,CAACA,oBAAyC,CAAC,CAAC;AAC1E,KAAA;IAED,IAAI;AACA,QAAA,MAAM,iBAAiB,GAAW,YAAY,CAAC,aAAa,CAAC,CAAC;AAC9D,QAAA,OAAO,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAe,CAAC;AACtD,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;AACR,QAAA,MAAM,qBAAqB,CACvBC,uBAA4C,CAC/C,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,gCAAgC,CAC5C,aAAqB,EAAA;IAErB,IAAI,CAAC,aAAa,EAAE;AAChB,QAAA,MAAM,qBAAqB,CACvBA,uBAA4C,CAC/C,CAAC;AACL,KAAA;AACD,IAAA,MAAM,eAAe,GAAa,aAAa,CAAC,KAAK,CACjDC,qBAA+B,EAC/B,CAAC,CACJ,CAAC;IACF,OAAO;AACH,QAAA,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC;AACvB,QAAA,IAAI,EAAE,eAAe,CAAC,MAAM,GAAG,CAAC,GAAG,EAAE,GAAG,eAAe,CAAC,CAAC,CAAC;KAC7D,CAAC;AACN;;;;"}
@@ -0,0 +1,88 @@
1
+ /**
2
+ * Type which describes Id Token claims known by MSAL.
3
+ */
4
+ export type TokenClaims = {
5
+ /**
6
+ * Audience
7
+ */
8
+ aud?: string;
9
+ /**
10
+ * Issuer
11
+ */
12
+ iss?: string;
13
+ /**
14
+ * Issued at
15
+ */
16
+ iat?: number;
17
+ /**
18
+ * Not valid before
19
+ */
20
+ nbf?: number;
21
+ /**
22
+ * Immutable object identifier, this ID uniquely identifies the user across applications
23
+ */
24
+ oid?: string;
25
+ /**
26
+ * Immutable subject identifier, this is a pairwise identifier - it is unique to a particular application ID
27
+ */
28
+ sub?: string;
29
+ /**
30
+ * Users' tenant or '9188040d-6c67-4c5b-b112-36a304b66dad' for personal accounts.
31
+ */
32
+ tid?: string;
33
+ /**
34
+ * Trusted Framework Policy (B2C) The name of the policy that was used to acquire the ID token.
35
+ */
36
+ tfp?: string;
37
+ /**
38
+ * Authentication Context Class Reference (B2C) Used only with older policies.
39
+ */
40
+ acr?: string;
41
+ ver?: string;
42
+ upn?: string;
43
+ preferred_username?: string;
44
+ login_hint?: string;
45
+ /**
46
+ * Contains KMSI (Keep Me Signed In) status among other things
47
+ */
48
+ signin_state?: Array<string>;
49
+ emails?: string[];
50
+ name?: string;
51
+ nonce?: string;
52
+ /**
53
+ * Expiration
54
+ */
55
+ exp?: number;
56
+ home_oid?: string;
57
+ sid?: string;
58
+ cloud_instance_host_name?: string;
59
+ cnf?: {
60
+ kid: string;
61
+ };
62
+ x5c_ca?: string[];
63
+ ts?: number;
64
+ at?: string;
65
+ u?: string;
66
+ p?: string;
67
+ m?: string;
68
+ roles?: string[];
69
+ amr?: string[];
70
+ idp?: string;
71
+ auth_time?: number;
72
+ /**
73
+ * Region of the resource tenant
74
+ */
75
+ tenant_region_scope?: string;
76
+ tenant_region_sub_scope?: string;
77
+ };
78
+ /**
79
+ * Gets tenantId from available ID token claims to set as credential realm with the following precedence:
80
+ * 1. tid - if the token is acquired from an Azure AD tenant tid will be present
81
+ * 2. tfp - if the token is acquired from a modern B2C tenant tfp should be present
82
+ * 3. acr - if the token is acquired from a legacy B2C tenant acr should be present
83
+ * Downcased to match the realm case-insensitive comparison requirements
84
+ * @param idTokenClaims
85
+ * @returns
86
+ */
87
+ export declare function getTenantIdFromIdTokenClaims(idTokenClaims?: TokenClaims): string | null;
88
+ //# sourceMappingURL=TokenClaims.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"TokenClaims.d.ts","sourceRoot":"","sources":["../../src/account/TokenClaims.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG;IACtB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,GAAG,CAAC,EAAE;QACF,GAAG,EAAE,MAAM,CAAC;KACf,CAAC;IACF,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,MAAM,CAAC;CACpC,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,4BAA4B,CACxC,aAAa,CAAC,EAAE,WAAW,GAC5B,MAAM,GAAG,IAAI,CAOf"}
@@ -0,0 +1,25 @@
1
+ /*! @azure/msal-common v16.0.2 2026-01-17 */
2
+ 'use strict';
3
+ /*
4
+ * Copyright (c) Microsoft Corporation. All rights reserved.
5
+ * Licensed under the MIT License.
6
+ */
7
+ /**
8
+ * Gets tenantId from available ID token claims to set as credential realm with the following precedence:
9
+ * 1. tid - if the token is acquired from an Azure AD tenant tid will be present
10
+ * 2. tfp - if the token is acquired from a modern B2C tenant tfp should be present
11
+ * 3. acr - if the token is acquired from a legacy B2C tenant acr should be present
12
+ * Downcased to match the realm case-insensitive comparison requirements
13
+ * @param idTokenClaims
14
+ * @returns
15
+ */
16
+ function getTenantIdFromIdTokenClaims(idTokenClaims) {
17
+ if (idTokenClaims) {
18
+ const tenantId = idTokenClaims.tid || idTokenClaims.tfp || idTokenClaims.acr;
19
+ return tenantId || null;
20
+ }
21
+ return null;
22
+ }
23
+
24
+ export { getTenantIdFromIdTokenClaims };
25
+ //# sourceMappingURL=TokenClaims.mjs.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"TokenClaims.mjs","sources":["../../src/account/TokenClaims.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;AAGG;AAgFH;;;;;;;;AAQG;AACG,SAAU,4BAA4B,CACxC,aAA2B,EAAA;AAE3B,IAAA,IAAI,aAAa,EAAE;AACf,QAAA,MAAM,QAAQ,GACV,aAAa,CAAC,GAAG,IAAI,aAAa,CAAC,GAAG,IAAI,aAAa,CAAC,GAAG,CAAC;QAChE,OAAO,QAAQ,IAAI,IAAI,CAAC;AAC3B,KAAA;AACD,IAAA,OAAO,IAAI,CAAC;AAChB;;;;"}