@azure/msal-common 16.0.1 → 16.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Token.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist-browser/account/AccountInfo.d.ts +71 -0
- package/dist-browser/account/AccountInfo.d.ts.map +1 -0
- package/dist-browser/account/AccountInfo.mjs +85 -0
- package/dist-browser/account/AccountInfo.mjs.map +1 -0
- package/dist-browser/account/AuthToken.d.ts +24 -0
- package/dist-browser/account/AuthToken.d.ts.map +1 -0
- package/dist-browser/account/AuthToken.mjs +85 -0
- package/dist-browser/account/AuthToken.mjs.map +1 -0
- package/dist-browser/account/CcsCredential.d.ts +10 -0
- package/dist-browser/account/CcsCredential.d.ts.map +1 -0
- package/dist-browser/account/CcsCredential.mjs +13 -0
- package/dist-browser/account/CcsCredential.mjs.map +1 -0
- package/dist-browser/account/ClientCredentials.d.ts +20 -0
- package/dist-browser/account/ClientCredentials.d.ts.map +1 -0
- package/dist-browser/account/ClientInfo.d.ts +23 -0
- package/dist-browser/account/ClientInfo.d.ts.map +1 -0
- package/dist-browser/account/ClientInfo.mjs +44 -0
- package/dist-browser/account/ClientInfo.mjs.map +1 -0
- package/dist-browser/account/TokenClaims.d.ts +88 -0
- package/dist-browser/account/TokenClaims.d.ts.map +1 -0
- package/dist-browser/account/TokenClaims.mjs +25 -0
- package/dist-browser/account/TokenClaims.mjs.map +1 -0
- package/dist-browser/authority/Authority.d.ts +255 -0
- package/dist-browser/authority/Authority.d.ts.map +1 -0
- package/dist-browser/authority/Authority.mjs +841 -0
- package/dist-browser/authority/Authority.mjs.map +1 -0
- package/dist-browser/authority/AuthorityFactory.d.ts +23 -0
- package/dist-browser/authority/AuthorityFactory.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityFactory.mjs +42 -0
- package/dist-browser/authority/AuthorityFactory.mjs.map +1 -0
- package/dist-browser/authority/AuthorityMetadata.d.ts +44 -0
- package/dist-browser/authority/AuthorityMetadata.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityMetadata.mjs +146 -0
- package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -0
- package/dist-browser/authority/AuthorityOptions.d.ts +27 -0
- package/dist-browser/authority/AuthorityOptions.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityOptions.mjs +23 -0
- package/dist-browser/authority/AuthorityOptions.mjs.map +1 -0
- package/dist-browser/authority/AuthorityType.d.ts +11 -0
- package/dist-browser/authority/AuthorityType.d.ts.map +1 -0
- package/dist-browser/authority/AuthorityType.mjs +18 -0
- package/dist-browser/authority/AuthorityType.mjs.map +1 -0
- package/dist-browser/authority/AzureRegion.d.ts +2 -0
- package/dist-browser/authority/AzureRegion.d.ts.map +1 -0
- package/dist-browser/authority/AzureRegionConfiguration.d.ts +6 -0
- package/dist-browser/authority/AzureRegionConfiguration.d.ts.map +1 -0
- package/dist-browser/authority/CloudDiscoveryMetadata.d.ts +6 -0
- package/dist-browser/authority/CloudDiscoveryMetadata.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts +14 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +13 -0
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts +10 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.d.ts.map +1 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +13 -0
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs.map +1 -0
- package/dist-browser/authority/ImdsOptions.d.ts +6 -0
- package/dist-browser/authority/ImdsOptions.d.ts.map +1 -0
- package/dist-browser/authority/OIDCOptions.d.ts +9 -0
- package/dist-browser/authority/OIDCOptions.d.ts.map +1 -0
- package/dist-browser/authority/OpenIdConfigResponse.d.ts +12 -0
- package/dist-browser/authority/OpenIdConfigResponse.d.ts.map +1 -0
- package/dist-browser/authority/OpenIdConfigResponse.mjs +15 -0
- package/dist-browser/authority/OpenIdConfigResponse.mjs.map +1 -0
- package/dist-browser/authority/ProtocolMode.d.ts +20 -0
- package/dist-browser/authority/ProtocolMode.d.ts.map +1 -0
- package/dist-browser/authority/ProtocolMode.mjs +27 -0
- package/dist-browser/authority/ProtocolMode.mjs.map +1 -0
- package/dist-browser/authority/RegionDiscovery.d.ts +33 -0
- package/dist-browser/authority/RegionDiscovery.d.ts.map +1 -0
- package/dist-browser/authority/RegionDiscovery.mjs +111 -0
- package/dist-browser/authority/RegionDiscovery.mjs.map +1 -0
- package/dist-browser/authority/RegionDiscoveryMetadata.d.ts +7 -0
- package/dist-browser/authority/RegionDiscoveryMetadata.d.ts.map +1 -0
- package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts +17 -0
- package/dist-browser/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +1 -0
- package/dist-browser/cache/CacheManager.d.ts +478 -0
- package/dist-browser/cache/CacheManager.d.ts.map +1 -0
- package/dist-browser/cache/CacheManager.mjs +1111 -0
- package/dist-browser/cache/CacheManager.mjs.map +1 -0
- package/dist-browser/cache/entities/AccessTokenEntity.d.ts +22 -0
- package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AccountEntity.d.ts +45 -0
- package/dist-browser/cache/entities/AccountEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AppMetadataEntity.d.ts +12 -0
- package/dist-browser/cache/entities/AppMetadataEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts +16 -0
- package/dist-browser/cache/entities/AuthorityMetadataEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/CacheRecord.d.ts +14 -0
- package/dist-browser/cache/entities/CacheRecord.d.ts.map +1 -0
- package/dist-browser/cache/entities/CredentialEntity.d.ts +31 -0
- package/dist-browser/cache/entities/CredentialEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/IdTokenEntity.d.ts +9 -0
- package/dist-browser/cache/entities/IdTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/RefreshTokenEntity.d.ts +8 -0
- package/dist-browser/cache/entities/RefreshTokenEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts +7 -0
- package/dist-browser/cache/entities/ServerTelemetryEntity.d.ts.map +1 -0
- package/dist-browser/cache/entities/ThrottlingEntity.d.ts +8 -0
- package/dist-browser/cache/entities/ThrottlingEntity.d.ts.map +1 -0
- package/dist-browser/cache/interface/ICacheManager.d.ts +188 -0
- package/dist-browser/cache/interface/ICacheManager.d.ts.map +1 -0
- package/dist-browser/cache/interface/ICachePlugin.d.ts +6 -0
- package/dist-browser/cache/interface/ICachePlugin.d.ts.map +1 -0
- package/dist-browser/cache/interface/ISerializableTokenCache.d.ts +5 -0
- package/dist-browser/cache/interface/ISerializableTokenCache.d.ts.map +1 -0
- package/dist-browser/cache/persistence/TokenCacheContext.d.ts +24 -0
- package/dist-browser/cache/persistence/TokenCacheContext.d.ts.map +1 -0
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +30 -0
- package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -0
- package/dist-browser/cache/utils/AccountEntityUtils.d.ts +53 -0
- package/dist-browser/cache/utils/AccountEntityUtils.d.ts.map +1 -0
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +192 -0
- package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -0
- package/dist-browser/cache/utils/CacheHelpers.d.ts +86 -0
- package/dist-browser/cache/utils/CacheHelpers.d.ts.map +1 -0
- package/dist-browser/cache/utils/CacheHelpers.mjs +267 -0
- package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -0
- package/dist-browser/cache/utils/CacheTypes.d.ts +69 -0
- package/dist-browser/cache/utils/CacheTypes.d.ts.map +1 -0
- package/dist-browser/client/AuthorizationCodeClient.d.ts +64 -0
- package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -0
- package/dist-browser/client/AuthorizationCodeClient.mjs +287 -0
- package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -0
- package/dist-browser/client/RefreshTokenClient.d.ts +49 -0
- package/dist-browser/client/RefreshTokenClient.d.ts.map +1 -0
- package/dist-browser/client/RefreshTokenClient.mjs +254 -0
- package/dist-browser/client/RefreshTokenClient.mjs.map +1 -0
- package/dist-browser/client/SilentFlowClient.d.ts +35 -0
- package/dist-browser/client/SilentFlowClient.d.ts.map +1 -0
- package/dist-browser/client/SilentFlowClient.mjs +125 -0
- package/dist-browser/client/SilentFlowClient.mjs.map +1 -0
- package/dist-browser/config/AppTokenProvider.d.ts +39 -0
- package/dist-browser/config/AppTokenProvider.d.ts.map +1 -0
- package/dist-browser/config/ClientConfiguration.d.ts +143 -0
- package/dist-browser/config/ClientConfiguration.d.ts.map +1 -0
- package/dist-browser/config/ClientConfiguration.mjs +107 -0
- package/dist-browser/config/ClientConfiguration.mjs.map +1 -0
- package/dist-browser/constants/AADServerParamKeys.d.ts +59 -0
- package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -0
- package/dist-browser/constants/AADServerParamKeys.mjs +67 -0
- package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -0
- package/dist-browser/crypto/ICrypto.d.ts +71 -0
- package/dist-browser/crypto/ICrypto.d.ts.map +1 -0
- package/dist-browser/crypto/ICrypto.mjs +44 -0
- package/dist-browser/crypto/ICrypto.mjs.map +1 -0
- package/dist-browser/crypto/IGuidGenerator.d.ts +5 -0
- package/dist-browser/crypto/IGuidGenerator.d.ts.map +1 -0
- package/dist-browser/crypto/JoseHeader.d.ts +23 -0
- package/dist-browser/crypto/JoseHeader.d.ts.map +1 -0
- package/dist-browser/crypto/JoseHeader.mjs +46 -0
- package/dist-browser/crypto/JoseHeader.mjs.map +1 -0
- package/dist-browser/crypto/PopTokenGenerator.d.ts +60 -0
- package/dist-browser/crypto/PopTokenGenerator.d.ts.map +1 -0
- package/dist-browser/crypto/PopTokenGenerator.mjs +87 -0
- package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -0
- package/dist-browser/crypto/SignedHttpRequest.d.ts +16 -0
- package/dist-browser/crypto/SignedHttpRequest.d.ts.map +1 -0
- package/dist-browser/error/AuthError.d.ts +33 -0
- package/dist-browser/error/AuthError.d.ts.map +1 -0
- package/dist-browser/error/AuthError.mjs +34 -0
- package/dist-browser/error/AuthError.mjs.map +1 -0
- package/dist-browser/error/AuthErrorCodes.d.ts +6 -0
- package/dist-browser/error/AuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/AuthErrorCodes.mjs +14 -0
- package/dist-browser/error/AuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/CacheError.d.ts +23 -0
- package/dist-browser/error/CacheError.d.ts.map +1 -0
- package/dist-browser/error/CacheError.mjs +45 -0
- package/dist-browser/error/CacheError.mjs.map +1 -0
- package/dist-browser/error/CacheErrorCodes.d.ts +3 -0
- package/dist-browser/error/CacheErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/CacheErrorCodes.mjs +11 -0
- package/dist-browser/error/CacheErrorCodes.mjs.map +1 -0
- package/dist-browser/error/ClientAuthError.d.ts +14 -0
- package/dist-browser/error/ClientAuthError.d.ts.map +1 -0
- package/dist-browser/error/ClientAuthError.mjs +27 -0
- package/dist-browser/error/ClientAuthError.mjs.map +1 -0
- package/dist-browser/error/ClientAuthErrorCodes.d.ts +38 -0
- package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/ClientAuthErrorCodes.mjs +46 -0
- package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/ClientConfigurationError.d.ts +11 -0
- package/dist-browser/error/ClientConfigurationError.d.ts.map +1 -0
- package/dist-browser/error/ClientConfigurationError.mjs +24 -0
- package/dist-browser/error/ClientConfigurationError.mjs.map +1 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.d.ts +23 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +31 -0
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthError.d.ts +48 -0
- package/dist-browser/error/InteractionRequiredAuthError.d.ts.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthError.mjs +73 -0
- package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts +9 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +19 -0
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs.map +1 -0
- package/dist-browser/error/JoseHeaderError.d.ts +12 -0
- package/dist-browser/error/JoseHeaderError.d.ts.map +1 -0
- package/dist-browser/error/JoseHeaderError.mjs +25 -0
- package/dist-browser/error/JoseHeaderError.mjs.map +1 -0
- package/dist-browser/error/JoseHeaderErrorCodes.d.ts +3 -0
- package/dist-browser/error/JoseHeaderErrorCodes.d.ts.map +1 -0
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +11 -0
- package/dist-browser/error/JoseHeaderErrorCodes.mjs.map +1 -0
- package/dist-browser/error/NetworkError.d.ts +19 -0
- package/dist-browser/error/NetworkError.d.ts.map +1 -0
- package/dist-browser/error/NetworkError.mjs +35 -0
- package/dist-browser/error/NetworkError.mjs.map +1 -0
- package/dist-browser/error/PlatformBrokerError.d.ts +16 -0
- package/dist-browser/error/PlatformBrokerError.d.ts.map +1 -0
- package/dist-browser/error/PlatformBrokerError.mjs +49 -0
- package/dist-browser/error/PlatformBrokerError.mjs.map +1 -0
- package/dist-browser/error/ServerError.d.ts +16 -0
- package/dist-browser/error/ServerError.d.ts.map +1 -0
- package/dist-browser/error/ServerError.mjs +23 -0
- package/dist-browser/error/ServerError.mjs.map +1 -0
- package/dist-browser/exports-browser-only.d.ts +11 -0
- package/dist-browser/exports-browser-only.d.ts.map +1 -0
- package/dist-browser/exports-common.d.ts +86 -0
- package/dist-browser/exports-common.d.ts.map +1 -0
- package/dist-browser/exports-node-only.d.ts +16 -0
- package/dist-browser/exports-node-only.d.ts.map +1 -0
- package/dist-browser/index-browser.d.ts +7 -0
- package/dist-browser/index-browser.d.ts.map +1 -0
- package/dist-browser/index-browser.mjs +78 -0
- package/dist-browser/index-browser.mjs.map +1 -0
- package/dist-browser/index-node.d.ts +7 -0
- package/dist-browser/index-node.d.ts.map +1 -0
- package/dist-browser/index.d.ts +12 -0
- package/dist-browser/index.d.ts.map +1 -0
- package/dist-browser/index.mjs +82 -0
- package/dist-browser/index.mjs.map +1 -0
- package/dist-browser/log-strings-mapping.json +383 -0
- package/dist-browser/logger/Logger.d.ts +119 -0
- package/dist-browser/logger/Logger.d.ts.map +1 -0
- package/dist-browser/logger/Logger.mjs +278 -0
- package/dist-browser/logger/Logger.mjs.map +1 -0
- package/dist-browser/network/INetworkModule.d.ts +30 -0
- package/dist-browser/network/INetworkModule.d.ts.map +1 -0
- package/dist-browser/network/INetworkModule.mjs +20 -0
- package/dist-browser/network/INetworkModule.mjs.map +1 -0
- package/dist-browser/network/NetworkResponse.d.ts +6 -0
- package/dist-browser/network/NetworkResponse.d.ts.map +1 -0
- package/dist-browser/network/RequestThumbprint.d.ts +22 -0
- package/dist-browser/network/RequestThumbprint.d.ts.map +1 -0
- package/dist-browser/network/RequestThumbprint.mjs +24 -0
- package/dist-browser/network/RequestThumbprint.mjs.map +1 -0
- package/dist-browser/network/ThrottlingUtils.d.ts +43 -0
- package/dist-browser/network/ThrottlingUtils.d.ts.map +1 -0
- package/dist-browser/network/ThrottlingUtils.mjs +92 -0
- package/dist-browser/network/ThrottlingUtils.mjs.map +1 -0
- package/dist-browser/packageMetadata.d.ts +3 -0
- package/dist-browser/packageMetadata.d.ts.map +1 -0
- package/dist-browser/packageMetadata.mjs +8 -0
- package/dist-browser/packageMetadata.mjs.map +1 -0
- package/dist-browser/protocol/Authorize.d.ts +37 -0
- package/dist-browser/protocol/Authorize.d.ts.map +1 -0
- package/dist-browser/protocol/Authorize.mjs +237 -0
- package/dist-browser/protocol/Authorize.mjs.map +1 -0
- package/dist-browser/protocol/Token.d.ts +40 -0
- package/dist-browser/protocol/Token.d.ts.map +1 -0
- package/dist-browser/protocol/Token.mjs +129 -0
- package/dist-browser/protocol/Token.mjs.map +1 -0
- package/dist-browser/request/AuthenticationHeaderParser.d.ts +20 -0
- package/dist-browser/request/AuthenticationHeaderParser.d.ts.map +1 -0
- package/dist-browser/request/AuthenticationHeaderParser.mjs +64 -0
- package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -0
- package/dist-browser/request/BaseAuthRequest.d.ts +95 -0
- package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts +32 -0
- package/dist-browser/request/CommonAuthorizationCodeRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts +71 -0
- package/dist-browser/request/CommonAuthorizationUrlRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonEndSessionRequest.d.ts +36 -0
- package/dist-browser/request/CommonEndSessionRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonRefreshTokenRequest.d.ts +24 -0
- package/dist-browser/request/CommonRefreshTokenRequest.d.ts.map +1 -0
- package/dist-browser/request/CommonSilentFlowRequest.d.ts +24 -0
- package/dist-browser/request/CommonSilentFlowRequest.d.ts.map +1 -0
- package/dist-browser/request/NativeRequest.d.ts +20 -0
- package/dist-browser/request/NativeRequest.d.ts.map +1 -0
- package/dist-browser/request/NativeSignOutRequest.d.ts +6 -0
- package/dist-browser/request/NativeSignOutRequest.d.ts.map +1 -0
- package/dist-browser/request/RequestParameterBuilder.d.ts +217 -0
- package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -0
- package/dist-browser/request/RequestParameterBuilder.mjs +410 -0
- package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -0
- package/dist-browser/request/ScopeSet.d.ts +83 -0
- package/dist-browser/request/ScopeSet.d.ts.map +1 -0
- package/dist-browser/request/ScopeSet.mjs +204 -0
- package/dist-browser/request/ScopeSet.mjs.map +1 -0
- package/dist-browser/request/StoreInCache.d.ts +9 -0
- package/dist-browser/request/StoreInCache.d.ts.map +1 -0
- package/dist-browser/response/AuthenticationResult.d.ts +42 -0
- package/dist-browser/response/AuthenticationResult.d.ts.map +1 -0
- package/dist-browser/response/AuthorizationCodePayload.d.ts +14 -0
- package/dist-browser/response/AuthorizationCodePayload.d.ts.map +1 -0
- package/dist-browser/response/AuthorizeResponse.d.ts +76 -0
- package/dist-browser/response/AuthorizeResponse.d.ts.map +1 -0
- package/dist-browser/response/DeviceCodeResponse.d.ts +26 -0
- package/dist-browser/response/DeviceCodeResponse.d.ts.map +1 -0
- package/dist-browser/response/ExternalTokenResponse.d.ts +16 -0
- package/dist-browser/response/ExternalTokenResponse.d.ts.map +1 -0
- package/dist-browser/response/IMDSBadResponse.d.ts +5 -0
- package/dist-browser/response/IMDSBadResponse.d.ts.map +1 -0
- package/dist-browser/response/ResponseHandler.d.ts +63 -0
- package/dist-browser/response/ResponseHandler.d.ts.map +1 -0
- package/dist-browser/response/ResponseHandler.mjs +349 -0
- package/dist-browser/response/ResponseHandler.mjs.map +1 -0
- package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts +48 -0
- package/dist-browser/response/ServerAuthorizationTokenResponse.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/IPerformanceClient.d.ts +30 -0
- package/dist-browser/telemetry/performance/IPerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts +6 -0
- package/dist-browser/telemetry/performance/IPerformanceMeasurement.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceClient.d.ts +170 -0
- package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +490 -0
- package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +286 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +45 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.d.ts +66 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +74 -0
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs.map +1 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts +21 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.d.ts.map +1 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +59 -0
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts +79 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.d.ts.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +266 -0
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -0
- package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts +9 -0
- package/dist-browser/telemetry/server/ServerTelemetryRequest.d.ts.map +1 -0
- package/dist-browser/url/IUri.d.ts +13 -0
- package/dist-browser/url/IUri.d.ts.map +1 -0
- package/dist-browser/url/UrlString.d.ts +44 -0
- package/dist-browser/url/UrlString.d.ts.map +1 -0
- package/dist-browser/url/UrlString.mjs +164 -0
- package/dist-browser/url/UrlString.mjs.map +1 -0
- package/dist-browser/utils/ClientAssertionUtils.d.ts +3 -0
- package/dist-browser/utils/ClientAssertionUtils.d.ts.map +1 -0
- package/dist-browser/utils/ClientAssertionUtils.mjs +21 -0
- package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -0
- package/dist-browser/utils/Constants.d.ts +283 -0
- package/dist-browser/utils/Constants.d.ts.map +1 -0
- package/dist-browser/utils/Constants.mjs +298 -0
- package/dist-browser/utils/Constants.mjs.map +1 -0
- package/dist-browser/utils/FunctionWrappers.d.ts +28 -0
- package/dist-browser/utils/FunctionWrappers.d.ts.map +1 -0
- package/dist-browser/utils/FunctionWrappers.mjs +98 -0
- package/dist-browser/utils/FunctionWrappers.mjs.map +1 -0
- package/dist-browser/utils/MsalTypes.d.ts +7 -0
- package/dist-browser/utils/MsalTypes.d.ts.map +1 -0
- package/dist-browser/utils/ProtocolUtils.d.ts +22 -0
- package/dist-browser/utils/ProtocolUtils.d.ts.map +1 -0
- package/dist-browser/utils/ProtocolUtils.mjs +74 -0
- package/dist-browser/utils/ProtocolUtils.mjs.map +1 -0
- package/dist-browser/utils/StateTypes.d.ts +15 -0
- package/dist-browser/utils/StateTypes.d.ts.map +1 -0
- package/dist-browser/utils/StringUtils.d.ts +41 -0
- package/dist-browser/utils/StringUtils.d.ts.map +1 -0
- package/dist-browser/utils/StringUtils.mjs +100 -0
- package/dist-browser/utils/StringUtils.mjs.map +1 -0
- package/dist-browser/utils/TimeUtils.d.ts +43 -0
- package/dist-browser/utils/TimeUtils.d.ts.map +1 -0
- package/dist-browser/utils/TimeUtils.mjs +76 -0
- package/dist-browser/utils/TimeUtils.mjs.map +1 -0
- package/dist-browser/utils/UrlUtils.d.ts +23 -0
- package/dist-browser/utils/UrlUtils.d.ts.map +1 -0
- package/dist-browser/utils/UrlUtils.mjs +115 -0
- package/dist-browser/utils/UrlUtils.mjs.map +1 -0
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-Dwr2_mSO.js → index-node-A5mPbLhz.js} +3 -3
- package/lib/{index-node-Dwr2_mSO.js.map → index-node-A5mPbLhz.js.map} +1 -1
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +2 -1
- package/src/packageMetadata.ts +1 -1
|
@@ -0,0 +1,254 @@
|
|
|
1
|
+
/*! @azure/msal-common v16.0.2 2026-01-17 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { buildClientConfiguration, isOidcProtocolMode } from '../config/ClientConfiguration.mjs';
|
|
4
|
+
import { addClientId, addRedirectUri, addScopes, addGrantType, addClientInfo, addLibraryInfo, addApplicationTelemetry, addThrottling, addServerTelemetry, addRefreshToken, addClientSecret, addClientAssertion, addClientAssertionType, addPopToken, addSshJwk, addClaims, addCcsUpn, addCcsOid, addBrokerParameters, addExtraParameters, instrumentBrokerParams } from '../request/RequestParameterBuilder.mjs';
|
|
5
|
+
import { mapToQueryString } from '../utils/UrlUtils.mjs';
|
|
6
|
+
import { AuthenticationScheme, HeaderNames, INVALID_GRANT_ERROR, CLIENT_MISMATCH_ERROR, GrantType } from '../utils/Constants.mjs';
|
|
7
|
+
import { CLIENT_ID } from '../constants/AADServerParamKeys.mjs';
|
|
8
|
+
import { ResponseHandler } from '../response/ResponseHandler.mjs';
|
|
9
|
+
import { PopTokenGenerator } from '../crypto/PopTokenGenerator.mjs';
|
|
10
|
+
import { StringUtils } from '../utils/StringUtils.mjs';
|
|
11
|
+
import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
|
|
12
|
+
import { createClientAuthError } from '../error/ClientAuthError.mjs';
|
|
13
|
+
import { ServerError } from '../error/ServerError.mjs';
|
|
14
|
+
import { nowSeconds, isTokenExpired } from '../utils/TimeUtils.mjs';
|
|
15
|
+
import { UrlString } from '../url/UrlString.mjs';
|
|
16
|
+
import { CcsCredentialType } from '../account/CcsCredential.mjs';
|
|
17
|
+
import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
|
|
18
|
+
import { createInteractionRequiredAuthError, InteractionRequiredAuthError } from '../error/InteractionRequiredAuthError.mjs';
|
|
19
|
+
import { RefreshTokenClientAcquireTokenWithCachedRefreshToken, RefreshTokenClientAcquireToken, RefreshTokenClientExecuteTokenRequest, HandleServerTokenResponse, CacheManagerGetRefreshToken, RefreshTokenClientCreateTokenRequestBody, RefreshTokenClientExecutePostToTokenEndpoint, PopTokenGenerateCnf } from '../telemetry/performance/PerformanceEvents.mjs';
|
|
20
|
+
import { invokeAsync, invoke } from '../utils/FunctionWrappers.mjs';
|
|
21
|
+
import { getClientAssertion } from '../utils/ClientAssertionUtils.mjs';
|
|
22
|
+
import { getRequestThumbprint } from '../network/RequestThumbprint.mjs';
|
|
23
|
+
import { createTokenQueryParameters, createTokenRequestHeaders, executePostToTokenEndpoint } from '../protocol/Token.mjs';
|
|
24
|
+
import { Logger } from '../logger/Logger.mjs';
|
|
25
|
+
import { name, version } from '../packageMetadata.mjs';
|
|
26
|
+
import { badToken, noTokensFound, refreshTokenExpired } from '../error/InteractionRequiredAuthErrorCodes.mjs';
|
|
27
|
+
import { tokenRequestEmpty, missingSshJwk } from '../error/ClientConfigurationErrorCodes.mjs';
|
|
28
|
+
import { noAccountInSilentRequest } from '../error/ClientAuthErrorCodes.mjs';
|
|
29
|
+
|
|
30
|
+
/*
|
|
31
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
32
|
+
* Licensed under the MIT License.
|
|
33
|
+
*/
|
|
34
|
+
const DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS = 300; // 5 Minutes
|
|
35
|
+
/**
|
|
36
|
+
* OAuth2.0 refresh token client
|
|
37
|
+
* @internal
|
|
38
|
+
*/
|
|
39
|
+
class RefreshTokenClient {
|
|
40
|
+
constructor(configuration, performanceClient) {
|
|
41
|
+
// Set the configuration
|
|
42
|
+
this.config = buildClientConfiguration(configuration);
|
|
43
|
+
// Initialize the logger
|
|
44
|
+
this.logger = new Logger(this.config.loggerOptions, name, version);
|
|
45
|
+
// Initialize crypto
|
|
46
|
+
this.cryptoUtils = this.config.cryptoInterface;
|
|
47
|
+
// Initialize storage interface
|
|
48
|
+
this.cacheManager = this.config.storageInterface;
|
|
49
|
+
// Set the network interface
|
|
50
|
+
this.networkClient = this.config.networkInterface;
|
|
51
|
+
// Set TelemetryManager
|
|
52
|
+
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
53
|
+
// set Authority
|
|
54
|
+
this.authority = this.config.authOptions.authority;
|
|
55
|
+
// set performance telemetry client
|
|
56
|
+
this.performanceClient = performanceClient;
|
|
57
|
+
}
|
|
58
|
+
async acquireToken(request) {
|
|
59
|
+
const reqTimestamp = nowSeconds();
|
|
60
|
+
const response = await invokeAsync(this.executeTokenRequest.bind(this), RefreshTokenClientExecuteTokenRequest, this.logger, this.performanceClient, request.correlationId)(request, this.authority);
|
|
61
|
+
// Retrieve requestId from response headers
|
|
62
|
+
const requestId = response.headers?.[HeaderNames.X_MS_REQUEST_ID];
|
|
63
|
+
const responseHandler = new ResponseHandler(this.config.authOptions.clientId, this.cacheManager, this.cryptoUtils, this.logger, this.performanceClient, this.config.serializableCache, this.config.persistencePlugin);
|
|
64
|
+
responseHandler.validateTokenResponse(response.body, request.correlationId);
|
|
65
|
+
return invokeAsync(responseHandler.handleServerTokenResponse.bind(responseHandler), HandleServerTokenResponse, this.logger, this.performanceClient, request.correlationId)(response.body, this.authority, reqTimestamp, request, undefined, undefined, true, request.forceCache, requestId);
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* Gets cached refresh token and attaches to request, then calls acquireToken API
|
|
69
|
+
* @param request
|
|
70
|
+
*/
|
|
71
|
+
async acquireTokenByRefreshToken(request) {
|
|
72
|
+
// Cannot renew token if no request object is given.
|
|
73
|
+
if (!request) {
|
|
74
|
+
throw createClientConfigurationError(tokenRequestEmpty);
|
|
75
|
+
}
|
|
76
|
+
// We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases
|
|
77
|
+
if (!request.account) {
|
|
78
|
+
throw createClientAuthError(noAccountInSilentRequest);
|
|
79
|
+
}
|
|
80
|
+
// try checking if FOCI is enabled for the given application
|
|
81
|
+
const isFOCI = this.cacheManager.isAppMetadataFOCI(request.account.environment, request.correlationId);
|
|
82
|
+
// if the app is part of the family, retrive a Family refresh token if present and make a refreshTokenRequest
|
|
83
|
+
if (isFOCI) {
|
|
84
|
+
try {
|
|
85
|
+
return await invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, true);
|
|
86
|
+
}
|
|
87
|
+
catch (e) {
|
|
88
|
+
const noFamilyRTInCache = e instanceof InteractionRequiredAuthError &&
|
|
89
|
+
e.errorCode ===
|
|
90
|
+
noTokensFound;
|
|
91
|
+
const clientMismatchErrorWithFamilyRT = e instanceof ServerError &&
|
|
92
|
+
e.errorCode === INVALID_GRANT_ERROR &&
|
|
93
|
+
e.subError === CLIENT_MISMATCH_ERROR;
|
|
94
|
+
// if family Refresh Token (FRT) cache acquisition fails or if client_mismatch error is seen with FRT, reattempt with application Refresh Token (ART)
|
|
95
|
+
if (noFamilyRTInCache || clientMismatchErrorWithFamilyRT) {
|
|
96
|
+
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
|
|
97
|
+
// throw in all other cases
|
|
98
|
+
}
|
|
99
|
+
else {
|
|
100
|
+
throw e;
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
// fall back to application refresh token acquisition
|
|
105
|
+
return invokeAsync(this.acquireTokenWithCachedRefreshToken.bind(this), RefreshTokenClientAcquireTokenWithCachedRefreshToken, this.logger, this.performanceClient, request.correlationId)(request, false);
|
|
106
|
+
}
|
|
107
|
+
/**
|
|
108
|
+
* makes a network call to acquire tokens by exchanging RefreshToken available in userCache; throws if refresh token is not cached
|
|
109
|
+
* @param request
|
|
110
|
+
*/
|
|
111
|
+
async acquireTokenWithCachedRefreshToken(request, foci) {
|
|
112
|
+
// fetches family RT or application RT based on FOCI value
|
|
113
|
+
const refreshToken = invoke(this.cacheManager.getRefreshToken.bind(this.cacheManager), CacheManagerGetRefreshToken, this.logger, this.performanceClient, request.correlationId)(request.account, foci, request.correlationId, undefined);
|
|
114
|
+
if (!refreshToken) {
|
|
115
|
+
throw createInteractionRequiredAuthError(noTokensFound);
|
|
116
|
+
}
|
|
117
|
+
if (refreshToken.expiresOn) {
|
|
118
|
+
const offset = request.refreshTokenExpirationOffsetSeconds ||
|
|
119
|
+
DEFAULT_REFRESH_TOKEN_EXPIRATION_OFFSET_SECONDS;
|
|
120
|
+
this.performanceClient?.addFields({
|
|
121
|
+
cacheRtExpiresOnSeconds: Number(refreshToken.expiresOn),
|
|
122
|
+
rtOffsetSeconds: offset,
|
|
123
|
+
}, request.correlationId);
|
|
124
|
+
if (isTokenExpired(refreshToken.expiresOn, offset)) {
|
|
125
|
+
throw createInteractionRequiredAuthError(refreshTokenExpired);
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
// attach cached RT size to the current measurement
|
|
129
|
+
const refreshTokenRequest = {
|
|
130
|
+
...request,
|
|
131
|
+
refreshToken: refreshToken.secret,
|
|
132
|
+
authenticationScheme: request.authenticationScheme ||
|
|
133
|
+
AuthenticationScheme.BEARER,
|
|
134
|
+
ccsCredential: {
|
|
135
|
+
credential: request.account.homeAccountId,
|
|
136
|
+
type: CcsCredentialType.HOME_ACCOUNT_ID,
|
|
137
|
+
},
|
|
138
|
+
};
|
|
139
|
+
try {
|
|
140
|
+
return await invokeAsync(this.acquireToken.bind(this), RefreshTokenClientAcquireToken, this.logger, this.performanceClient, request.correlationId)(refreshTokenRequest);
|
|
141
|
+
}
|
|
142
|
+
catch (e) {
|
|
143
|
+
if (e instanceof InteractionRequiredAuthError) {
|
|
144
|
+
if (e.subError === badToken) {
|
|
145
|
+
// Remove bad refresh token from cache
|
|
146
|
+
this.logger.verbose("1pg3ap", request.correlationId);
|
|
147
|
+
const badRefreshTokenKey = this.cacheManager.generateCredentialKey(refreshToken);
|
|
148
|
+
this.cacheManager.removeRefreshToken(badRefreshTokenKey, request.correlationId);
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
throw e;
|
|
152
|
+
}
|
|
153
|
+
}
|
|
154
|
+
/**
|
|
155
|
+
* Constructs the network message and makes a NW call to the underlying secure token service
|
|
156
|
+
* @param request
|
|
157
|
+
* @param authority
|
|
158
|
+
*/
|
|
159
|
+
async executeTokenRequest(request, authority) {
|
|
160
|
+
const queryParametersString = createTokenQueryParameters(request, this.config.authOptions.clientId, this.config.authOptions.redirectUri, this.performanceClient);
|
|
161
|
+
const endpoint = UrlString.appendQueryString(authority.tokenEndpoint, queryParametersString);
|
|
162
|
+
const requestBody = await invokeAsync(this.createTokenRequestBody.bind(this), RefreshTokenClientCreateTokenRequestBody, this.logger, this.performanceClient, request.correlationId)(request);
|
|
163
|
+
const headers = createTokenRequestHeaders(this.logger, this.config.systemOptions.preventCorsPreflight, request.ccsCredential);
|
|
164
|
+
const thumbprint = getRequestThumbprint(this.config.authOptions.clientId, request);
|
|
165
|
+
return invokeAsync(executePostToTokenEndpoint, RefreshTokenClientExecutePostToTokenEndpoint, this.logger, this.performanceClient, request.correlationId)(endpoint, requestBody, headers, thumbprint, request.correlationId, this.cacheManager, this.networkClient, this.logger, this.performanceClient, this.serverTelemetryManager);
|
|
166
|
+
}
|
|
167
|
+
/**
|
|
168
|
+
* Helper function to create the token request body
|
|
169
|
+
* @param request
|
|
170
|
+
*/
|
|
171
|
+
async createTokenRequestBody(request) {
|
|
172
|
+
const parameters = new Map();
|
|
173
|
+
addClientId(parameters, request.embeddedClientId ||
|
|
174
|
+
request.extraParameters?.[CLIENT_ID] ||
|
|
175
|
+
this.config.authOptions.clientId);
|
|
176
|
+
if (request.redirectUri) {
|
|
177
|
+
addRedirectUri(parameters, request.redirectUri);
|
|
178
|
+
}
|
|
179
|
+
addScopes(parameters, request.scopes, true, this.config.authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
180
|
+
addGrantType(parameters, GrantType.REFRESH_TOKEN_GRANT);
|
|
181
|
+
addClientInfo(parameters);
|
|
182
|
+
addLibraryInfo(parameters, this.config.libraryInfo);
|
|
183
|
+
addApplicationTelemetry(parameters, this.config.telemetry.application);
|
|
184
|
+
addThrottling(parameters);
|
|
185
|
+
if (this.serverTelemetryManager && !isOidcProtocolMode(this.config)) {
|
|
186
|
+
addServerTelemetry(parameters, this.serverTelemetryManager);
|
|
187
|
+
}
|
|
188
|
+
addRefreshToken(parameters, request.refreshToken);
|
|
189
|
+
if (this.config.clientCredentials.clientSecret) {
|
|
190
|
+
addClientSecret(parameters, this.config.clientCredentials.clientSecret);
|
|
191
|
+
}
|
|
192
|
+
if (this.config.clientCredentials.clientAssertion) {
|
|
193
|
+
const clientAssertion = this.config.clientCredentials.clientAssertion;
|
|
194
|
+
addClientAssertion(parameters, await getClientAssertion(clientAssertion.assertion, this.config.authOptions.clientId, request.resourceRequestUri));
|
|
195
|
+
addClientAssertionType(parameters, clientAssertion.assertionType);
|
|
196
|
+
}
|
|
197
|
+
if (request.authenticationScheme === AuthenticationScheme.POP) {
|
|
198
|
+
const popTokenGenerator = new PopTokenGenerator(this.cryptoUtils, this.performanceClient);
|
|
199
|
+
let reqCnfData;
|
|
200
|
+
if (!request.popKid) {
|
|
201
|
+
const generatedReqCnfData = await invokeAsync(popTokenGenerator.generateCnf.bind(popTokenGenerator), PopTokenGenerateCnf, this.logger, this.performanceClient, request.correlationId)(request, this.logger);
|
|
202
|
+
reqCnfData = generatedReqCnfData.reqCnfString;
|
|
203
|
+
}
|
|
204
|
+
else {
|
|
205
|
+
reqCnfData = this.cryptoUtils.encodeKid(request.popKid);
|
|
206
|
+
}
|
|
207
|
+
// SPA PoP requires full Base64Url encoded req_cnf string (unhashed)
|
|
208
|
+
addPopToken(parameters, reqCnfData);
|
|
209
|
+
}
|
|
210
|
+
else if (request.authenticationScheme === AuthenticationScheme.SSH) {
|
|
211
|
+
if (request.sshJwk) {
|
|
212
|
+
addSshJwk(parameters, request.sshJwk);
|
|
213
|
+
}
|
|
214
|
+
else {
|
|
215
|
+
throw createClientConfigurationError(missingSshJwk);
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
219
|
+
(this.config.authOptions.clientCapabilities &&
|
|
220
|
+
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
221
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
222
|
+
}
|
|
223
|
+
if (this.config.systemOptions.preventCorsPreflight &&
|
|
224
|
+
request.ccsCredential) {
|
|
225
|
+
switch (request.ccsCredential.type) {
|
|
226
|
+
case CcsCredentialType.HOME_ACCOUNT_ID:
|
|
227
|
+
try {
|
|
228
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.ccsCredential.credential);
|
|
229
|
+
addCcsOid(parameters, clientInfo);
|
|
230
|
+
}
|
|
231
|
+
catch (e) {
|
|
232
|
+
this.logger.verbose("1qhtee", request.correlationId);
|
|
233
|
+
}
|
|
234
|
+
break;
|
|
235
|
+
case CcsCredentialType.UPN:
|
|
236
|
+
addCcsUpn(parameters, request.ccsCredential.credential);
|
|
237
|
+
break;
|
|
238
|
+
}
|
|
239
|
+
}
|
|
240
|
+
if (request.embeddedClientId) {
|
|
241
|
+
addBrokerParameters(parameters, this.config.authOptions.clientId, this.config.authOptions.redirectUri);
|
|
242
|
+
}
|
|
243
|
+
if (request.extraParameters) {
|
|
244
|
+
addExtraParameters(parameters, {
|
|
245
|
+
...request.extraParameters,
|
|
246
|
+
});
|
|
247
|
+
}
|
|
248
|
+
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
249
|
+
return mapToQueryString(parameters);
|
|
250
|
+
}
|
|
251
|
+
}
|
|
252
|
+
|
|
253
|
+
export { RefreshTokenClient };
|
|
254
|
+
//# sourceMappingURL=RefreshTokenClient.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"RefreshTokenClient.mjs","sources":["../../src/client/RefreshTokenClient.ts"],"sourcesContent":[null],"names":["TimeUtils.nowSeconds","PerformanceEvents.RefreshTokenClientExecuteTokenRequest","Constants.HeaderNames","PerformanceEvents.HandleServerTokenResponse","ClientConfigurationErrorCodes.tokenRequestEmpty","ClientAuthErrorCodes.noAccountInSilentRequest","PerformanceEvents.RefreshTokenClientAcquireTokenWithCachedRefreshToken","InteractionRequiredAuthErrorCodes.noTokensFound","Constants.INVALID_GRANT_ERROR","Constants.CLIENT_MISMATCH_ERROR","PerformanceEvents.CacheManagerGetRefreshToken","TimeUtils.isTokenExpired","InteractionRequiredAuthErrorCodes.refreshTokenExpired","Constants.AuthenticationScheme","PerformanceEvents.RefreshTokenClientAcquireToken","InteractionRequiredAuthErrorCodes.badToken","PerformanceEvents.RefreshTokenClientCreateTokenRequestBody","PerformanceEvents.RefreshTokenClientExecutePostToTokenEndpoint","RequestParameterBuilder.addClientId","AADServerParamKeys.CLIENT_ID","RequestParameterBuilder.addRedirectUri","RequestParameterBuilder.addScopes","RequestParameterBuilder.addGrantType","Constants.GrantType","RequestParameterBuilder.addClientInfo","RequestParameterBuilder.addLibraryInfo","RequestParameterBuilder.addApplicationTelemetry","RequestParameterBuilder.addThrottling","RequestParameterBuilder.addServerTelemetry","RequestParameterBuilder.addRefreshToken","RequestParameterBuilder.addClientSecret","RequestParameterBuilder.addClientAssertion","RequestParameterBuilder.addClientAssertionType","PerformanceEvents.PopTokenGenerateCnf","RequestParameterBuilder.addPopToken","RequestParameterBuilder.addSshJwk","ClientConfigurationErrorCodes.missingSshJwk","RequestParameterBuilder.addClaims","RequestParameterBuilder.addCcsOid","RequestParameterBuilder.addCcsUpn","RequestParameterBuilder.addBrokerParameters","RequestParameterBuilder.addExtraParameters","RequestParameterBuilder.instrumentBrokerParams","UrlUtils.mapToQueryString"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;;;AAGG;AAyDH,MAAM,+CAA+C,GAAG,GAAG,CAAC;AAE5D;;;AAGG;MACU,kBAAkB,CAAA;IAyB3B,WACI,CAAA,aAAkC,EAClC,iBAAqC,EAAA;;AAGrC,QAAA,IAAI,CAAC,MAAM,GAAG,wBAAwB,CAAC,aAAa,CAAC,CAAC;;AAGtD,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;;QAGnE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;;QAG/C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGjD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGlD,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;;QAGjE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;;AAGnD,QAAA,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KAC9C;IACM,MAAM,YAAY,CACrB,OAAkC,EAAA;AAElC,QAAA,MAAM,YAAY,GAAGA,UAAoB,EAAE,CAAC;AAC5C,QAAA,MAAM,QAAQ,GAAG,MAAM,WAAW,CAC9B,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EACnCC,qCAAuD,EACvD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;;AAG3B,QAAA,MAAM,SAAS,GACX,QAAQ,CAAC,OAAO,GAAGC,WAAqB,CAAC,eAAe,CAAC,CAAC;AAC9D,QAAA,MAAM,eAAe,GAAG,IAAI,eAAe,CACvC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAC7B,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAChC,CAAC;QACF,eAAe,CAAC,qBAAqB,CACjC,QAAQ,CAAC,IAAI,EACb,OAAO,CAAC,aAAa,CACxB,CAAC;QAEF,OAAO,WAAW,CACd,eAAe,CAAC,yBAAyB,CAAC,IAAI,CAAC,eAAe,CAAC,EAC/DC,yBAA2C,EAC3C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CACG,QAAQ,CAAC,IAAI,EACb,IAAI,CAAC,SAAS,EACd,YAAY,EACZ,OAAO,EACP,SAAS,EACT,SAAS,EACT,IAAI,EACJ,OAAO,CAAC,UAAU,EAClB,SAAS,CACZ,CAAC;KACL;AAED;;;AAGG;IACI,MAAM,0BAA0B,CACnC,OAAgC,EAAA;;QAGhC,IAAI,CAAC,OAAO,EAAE;AACV,YAAA,MAAM,8BAA8B,CAChCC,iBAA+C,CAClD,CAAC;AACL,SAAA;;AAED,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;AAClB,YAAA,MAAM,qBAAqB,CACvBC,wBAA6C,CAChD,CAAC;AACL,SAAA;;AAGD,QAAA,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,iBAAiB,CAC9C,OAAO,CAAC,OAAO,CAAC,WAAW,EAC3B,OAAO,CAAC,aAAa,CACxB,CAAC;;AAGF,QAAA,IAAI,MAAM,EAAE;YACR,IAAI;AACA,gBAAA,OAAO,MAAM,WAAW,CACpB,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDC,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACpB,aAAA;AAAC,YAAA,OAAO,CAAC,EAAE;AACR,gBAAA,MAAM,iBAAiB,GACnB,CAAC,YAAY,4BAA4B;AACzC,oBAAA,CAAC,CAAC,SAAS;wBACPC,aAA+C,CAAC;AACxD,gBAAA,MAAM,+BAA+B,GACjC,CAAC,YAAY,WAAW;AACxB,oBAAA,CAAC,CAAC,SAAS,KAAKC,mBAA6B;AAC7C,oBAAA,CAAC,CAAC,QAAQ,KAAKC,qBAA+B,CAAC;;gBAGnD,IAAI,iBAAiB,IAAI,+BAA+B,EAAE;AACtD,oBAAA,OAAO,WAAW,CACd,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDH,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;;AAErB,iBAAA;AAAM,qBAAA;AACH,oBAAA,MAAM,CAAC,CAAC;AACX,iBAAA;AACJ,aAAA;AACJ,SAAA;;AAED,QAAA,OAAO,WAAW,CACd,IAAI,CAAC,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,EAClDA,oDAAsE,EACtE,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;KACrB;AAED;;;AAGG;AACK,IAAA,MAAM,kCAAkC,CAC5C,OAAgC,EAChC,IAAa,EAAA;;QAGb,MAAM,YAAY,GAAG,MAAM,CACvB,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,EACzDI,2BAA6C,EAC7C,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;QAE3D,IAAI,CAAC,YAAY,EAAE;AACf,YAAA,MAAM,kCAAkC,CACpCH,aAA+C,CAClD,CAAC;AACL,SAAA;QAED,IAAI,YAAY,CAAC,SAAS,EAAE;AACxB,YAAA,MAAM,MAAM,GACR,OAAO,CAAC,mCAAmC;AAC3C,gBAAA,+CAA+C,CAAC;AACpD,YAAA,IAAI,CAAC,iBAAiB,EAAE,SAAS,CAC7B;AACI,gBAAA,uBAAuB,EAAE,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC;AACvD,gBAAA,eAAe,EAAE,MAAM;AAC1B,aAAA,EACD,OAAO,CAAC,aAAa,CACxB,CAAC;YAEF,IAAII,cAAwB,CAAC,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,EAAE;AAC1D,gBAAA,MAAM,kCAAkC,CACpCC,mBAAqD,CACxD,CAAC;AACL,aAAA;AACJ,SAAA;;AAGD,QAAA,MAAM,mBAAmB,GAA8B;AACnD,YAAA,GAAG,OAAO;YACV,YAAY,EAAE,YAAY,CAAC,MAAM;YACjC,oBAAoB,EAChB,OAAO,CAAC,oBAAoB;gBAC5BC,oBAA8B,CAAC,MAAM;AACzC,YAAA,aAAa,EAAE;AACX,gBAAA,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,aAAa;gBACzC,IAAI,EAAE,iBAAiB,CAAC,eAAe;AAC1C,aAAA;SACJ,CAAC;QAEF,IAAI;AACA,YAAA,OAAO,MAAM,WAAW,CACpB,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAC5BC,8BAAgD,EAChD,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,mBAAmB,CAAC,CAAC;AAC1B,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,IAAI,CAAC,YAAY,4BAA4B,EAAE;AAC3C,gBAAA,IAAI,CAAC,CAAC,QAAQ,KAAKC,QAA0C,EAAE;;oBAE3D,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,QAAsE,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;oBAG1E,MAAM,kBAAkB,GACpB,IAAI,CAAC,YAAY,CAAC,qBAAqB,CAAC,YAAY,CAAC,CAAC;oBAC1D,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAChC,kBAAkB,EAClB,OAAO,CAAC,aAAa,CACxB,CAAC;AACL,iBAAA;AACJ,aAAA;AAED,YAAA,MAAM,CAAC,CAAC;AACX,SAAA;KACJ;AAED;;;;AAIG;AACK,IAAA,MAAM,mBAAmB,CAC7B,OAAkC,EAClC,SAAoB,EAAA;QAEpB,MAAM,qBAAqB,GAAG,0BAA0B,CACpD,OAAO,EACP,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,EACnC,IAAI,CAAC,iBAAiB,CACzB,CAAC;AACF,QAAA,MAAM,QAAQ,GAAG,SAAS,CAAC,iBAAiB,CACxC,SAAS,CAAC,aAAa,EACvB,qBAAqB,CACxB,CAAC;AAEF,QAAA,MAAM,WAAW,GAAG,MAAM,WAAW,CACjC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,EACtCC,wCAA0D,EAC1D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,CAAC,CAAC;QACX,MAAM,OAAO,GAA2B,yBAAyB,CAC7D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,oBAAoB,EAC9C,OAAO,CAAC,aAAa,CACxB,CAAC;AAEF,QAAA,MAAM,UAAU,GAAG,oBAAoB,CACnC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,OAAO,CACV,CAAC;QAEF,OAAO,WAAW,CACd,0BAA0B,EAC1BC,4CAA8D,EAC9D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CACG,QAAQ,EACR,WAAW,EACX,OAAO,EACP,UAAU,EACV,OAAO,CAAC,aAAa,EACrB,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,IAAI,CAAC,sBAAsB,CAC9B,CAAC;KACL;AAED;;;AAGG;IACK,MAAM,sBAAsB,CAChC,OAAkC,EAAA;AAElC,QAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE7C,QAAAC,WAAmC,CAC/B,UAAU,EACV,OAAO,CAAC,gBAAgB;AACpB,YAAA,OAAO,CAAC,eAAe,GAAGC,SAA4B,CAAC;AACvD,YAAA,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,CACvC,CAAC;QAEF,IAAI,OAAO,CAAC,WAAW,EAAE;YACrBC,cAAsC,CAClC,UAAU,EACV,OAAO,CAAC,WAAW,CACtB,CAAC;AACL,SAAA;QAEDC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,IAAI,EACJ,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CACvE,CAAC;QAEFC,YAAoC,CAChC,UAAU,EACVC,SAAmB,CAAC,mBAAmB,CAC1C,CAAC;AAEF,QAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;QAElDC,cAAsC,CAClC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,WAAW,CAC1B,CAAC;AACF,QAAAC,uBAA+C,CAC3C,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,WAAW,CACpC,CAAC;AACF,QAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;QAElD,IAAI,IAAI,CAAC,sBAAsB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE;YACjEC,kBAA0C,CACtC,UAAU,EACV,IAAI,CAAC,sBAAsB,CAC9B,CAAC;AACL,SAAA;QAEDC,eAAuC,CACnC,UAAU,EACV,OAAO,CAAC,YAAY,CACvB,CAAC;AAEF,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,YAAY,EAAE;AAC5C,YAAAC,eAAuC,CACnC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,YAAY,CAC7C,CAAC;AACL,SAAA;AAED,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,eAAe,EAAE;YAC/C,MAAM,eAAe,GACjB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,eAAe,CAAC;YAElDC,kBAA0C,CACtC,UAAU,EACV,MAAM,kBAAkB,CACpB,eAAe,CAAC,SAAS,EACzB,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,OAAO,CAAC,kBAAkB,CAC7B,CACJ,CAAC;YACFC,sBAA8C,CAC1C,UAAU,EACV,eAAe,CAAC,aAAa,CAChC,CAAC;AACL,SAAA;QAED,IACI,OAAO,CAAC,oBAAoB,KAAKnB,oBAA8B,CAAC,GAAG,EACrE;AACE,YAAA,MAAM,iBAAiB,GAAG,IAAI,iBAAiB,CAC3C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,iBAAiB,CACzB,CAAC;AAEF,YAAA,IAAI,UAAU,CAAC;AACf,YAAA,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE;AACjB,gBAAA,MAAM,mBAAmB,GAAG,MAAM,WAAW,CACzC,iBAAiB,CAAC,WAAW,CAAC,IAAI,CAAC,iBAAiB,CAAC,EACrDoB,mBAAqC,EACrC,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;AAExB,gBAAA,UAAU,GAAG,mBAAmB,CAAC,YAAY,CAAC;AACjD,aAAA;AAAM,iBAAA;gBACH,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;AAC3D,aAAA;;AAGD,YAAAC,WAAmC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC/D,SAAA;aAAM,IACH,OAAO,CAAC,oBAAoB,KAAKrB,oBAA8B,CAAC,GAAG,EACrE;YACE,IAAI,OAAO,CAAC,MAAM,EAAE;gBAChBsB,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AACjE,aAAA;AAAM,iBAAA;AACH,gBAAA,MAAM,8BAA8B,CAChCC,aAA2C,CAC9C,CAAC;AACL,aAAA;AACJ,SAAA;QAED,IACI,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC;AACvC,aAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,EAC5D;AACE,YAAAC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,kBAAkB,CAC7C,CAAC;AACL,SAAA;AAED,QAAA,IACI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,oBAAoB;YAC9C,OAAO,CAAC,aAAa,EACvB;AACE,YAAA,QAAQ,OAAO,CAAC,aAAa,CAAC,IAAI;gBAC9B,KAAK,iBAAiB,CAAC,eAAe;oBAClC,IAAI;wBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,aAAa,CAAC,UAAU,CACnC,CAAC;AACF,wBAAAC,SAAiC,CAC7B,UAAU,EACV,UAAU,CACb,CAAC;AACL,qBAAA;AAAC,oBAAA,OAAO,CAAC,EAAE;AACR,wBAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CACf,QAAA,EAAA,OAAA,CAAA,aAAA,CAAA,CAAA;AAGP,qBAAA;oBACD,MAAM;gBACV,KAAK,iBAAiB,CAAC,GAAG;oBACtBC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,aAAa,CAAC,UAAU,CACnC,CAAC;oBACF,MAAM;AACb,aAAA;AACJ,SAAA;QAED,IAAI,OAAO,CAAC,gBAAgB,EAAE;YAC1BC,mBAA2C,CACvC,UAAU,EACV,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAChC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,CACtC,CAAC;AACL,SAAA;QAED,IAAI,OAAO,CAAC,eAAe,EAAE;AACzB,YAAAC,kBAA0C,CAAC,UAAU,EAAE;gBACnD,GAAG,OAAO,CAAC,eAAe;AAC7B,aAAA,CAAC,CAAC;AACN,SAAA;AAED,QAAAC,sBAA8C,CAC1C,UAAU,EACV,OAAO,CAAC,aAAa,EACrB,IAAI,CAAC,iBAAiB,CACzB,CAAC;AACF,QAAA,OAAOC,gBAAyB,CAAC,UAAU,CAAC,CAAC;KAChD;AACJ;;;;"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
import { ClientConfiguration, CommonClientConfiguration } from "../config/ClientConfiguration.js";
|
|
2
|
+
import { CommonSilentFlowRequest } from "../request/CommonSilentFlowRequest.js";
|
|
3
|
+
import { AuthenticationResult } from "../response/AuthenticationResult.js";
|
|
4
|
+
import { CacheOutcome } from "../utils/Constants.js";
|
|
5
|
+
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
6
|
+
import { Authority } from "../authority/Authority.js";
|
|
7
|
+
import { Logger } from "../logger/Logger.js";
|
|
8
|
+
import { ICrypto } from "../crypto/ICrypto.js";
|
|
9
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
10
|
+
import { INetworkModule } from "../network/INetworkModule.js";
|
|
11
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
12
|
+
/** @internal */
|
|
13
|
+
export declare class SilentFlowClient {
|
|
14
|
+
logger: Logger;
|
|
15
|
+
protected config: CommonClientConfiguration;
|
|
16
|
+
protected cryptoUtils: ICrypto;
|
|
17
|
+
protected cacheManager: CacheManager;
|
|
18
|
+
protected networkClient: INetworkModule;
|
|
19
|
+
protected serverTelemetryManager: ServerTelemetryManager | null;
|
|
20
|
+
authority: Authority;
|
|
21
|
+
protected performanceClient: IPerformanceClient;
|
|
22
|
+
constructor(configuration: ClientConfiguration, performanceClient: IPerformanceClient);
|
|
23
|
+
/**
|
|
24
|
+
* Retrieves token from cache or throws an error if it must be refreshed.
|
|
25
|
+
* @param request
|
|
26
|
+
*/
|
|
27
|
+
acquireCachedToken(request: CommonSilentFlowRequest): Promise<[AuthenticationResult, CacheOutcome]>;
|
|
28
|
+
private setCacheOutcome;
|
|
29
|
+
/**
|
|
30
|
+
* Helper function to build response object from the CacheRecord
|
|
31
|
+
* @param cacheRecord
|
|
32
|
+
*/
|
|
33
|
+
private generateResultFromCacheRecord;
|
|
34
|
+
}
|
|
35
|
+
//# sourceMappingURL=SilentFlowClient.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SilentFlowClient.d.ts","sourceRoot":"","sources":["../../src/client/SilentFlowClient.ts"],"names":[],"mappings":"AAKA,OAAO,EAEH,mBAAmB,EACnB,yBAAyB,EAC5B,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,EAAE,oBAAoB,EAAE,MAAM,qCAAqC,CAAC;AAQ3E,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AAMpF,OAAO,EACH,SAAS,EAEZ,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,+CAA+C,CAAC;AAGvF,gBAAgB;AAChB,qBAAa,gBAAgB;IAElB,MAAM,EAAE,MAAM,CAAC;IAGtB,SAAS,CAAC,MAAM,EAAE,yBAAyB,CAAC;IAG5C,SAAS,CAAC,WAAW,EAAE,OAAO,CAAC;IAG/B,SAAS,CAAC,YAAY,EAAE,YAAY,CAAC;IAGrC,SAAS,CAAC,aAAa,EAAE,cAAc,CAAC;IAGxC,SAAS,CAAC,sBAAsB,EAAE,sBAAsB,GAAG,IAAI,CAAC;IAGzD,SAAS,EAAE,SAAS,CAAC;IAG5B,SAAS,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;gBAG5C,aAAa,EAAE,mBAAmB,EAClC,iBAAiB,EAAE,kBAAkB;IA2BzC;;;OAGG;IACG,kBAAkB,CACpB,OAAO,EAAE,uBAAuB,GACjC,OAAO,CAAC,CAAC,oBAAoB,EAAE,YAAY,CAAC,CAAC;IAyGhD,OAAO,CAAC,eAAe;IAmBvB;;;OAGG;YACW,6BAA6B;CAkC9C"}
|
|
@@ -0,0 +1,125 @@
|
|
|
1
|
+
/*! @azure/msal-common v16.0.2 2026-01-17 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { buildClientConfiguration } from '../config/ClientConfiguration.mjs';
|
|
4
|
+
import { wasClockTurnedBack, isTokenExpired } from '../utils/TimeUtils.mjs';
|
|
5
|
+
import { createClientAuthError } from '../error/ClientAuthError.mjs';
|
|
6
|
+
import { ResponseHandler } from '../response/ResponseHandler.mjs';
|
|
7
|
+
import { CacheOutcome } from '../utils/Constants.mjs';
|
|
8
|
+
import { StringUtils } from '../utils/StringUtils.mjs';
|
|
9
|
+
import { extractTokenClaims, checkMaxAge } from '../account/AuthToken.mjs';
|
|
10
|
+
import { SilentFlowClientGenerateResultFromCacheRecord } from '../telemetry/performance/PerformanceEvents.mjs';
|
|
11
|
+
import { invokeAsync } from '../utils/FunctionWrappers.mjs';
|
|
12
|
+
import { getTenantFromAuthorityString } from '../authority/Authority.mjs';
|
|
13
|
+
import { Logger } from '../logger/Logger.mjs';
|
|
14
|
+
import { name, version } from '../packageMetadata.mjs';
|
|
15
|
+
import { tokenRefreshRequired, noAccountInSilentRequest, authTimeNotFound } from '../error/ClientAuthErrorCodes.mjs';
|
|
16
|
+
|
|
17
|
+
/*
|
|
18
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
19
|
+
* Licensed under the MIT License.
|
|
20
|
+
*/
|
|
21
|
+
/** @internal */
|
|
22
|
+
class SilentFlowClient {
|
|
23
|
+
constructor(configuration, performanceClient) {
|
|
24
|
+
// Set the configuration
|
|
25
|
+
this.config = buildClientConfiguration(configuration);
|
|
26
|
+
// Initialize the logger
|
|
27
|
+
this.logger = new Logger(this.config.loggerOptions, name, version);
|
|
28
|
+
// Initialize crypto
|
|
29
|
+
this.cryptoUtils = this.config.cryptoInterface;
|
|
30
|
+
// Initialize storage interface
|
|
31
|
+
this.cacheManager = this.config.storageInterface;
|
|
32
|
+
// Set the network interface
|
|
33
|
+
this.networkClient = this.config.networkInterface;
|
|
34
|
+
// Set TelemetryManager
|
|
35
|
+
this.serverTelemetryManager = this.config.serverTelemetryManager;
|
|
36
|
+
// set Authority
|
|
37
|
+
this.authority = this.config.authOptions.authority;
|
|
38
|
+
// set performance telemetry client
|
|
39
|
+
this.performanceClient = performanceClient;
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Retrieves token from cache or throws an error if it must be refreshed.
|
|
43
|
+
* @param request
|
|
44
|
+
*/
|
|
45
|
+
async acquireCachedToken(request) {
|
|
46
|
+
let lastCacheOutcome = CacheOutcome.NOT_APPLICABLE;
|
|
47
|
+
if (request.forceRefresh || !StringUtils.isEmptyObj(request.claims)) {
|
|
48
|
+
// Must refresh due to present force_refresh flag.
|
|
49
|
+
this.setCacheOutcome(CacheOutcome.FORCE_REFRESH_OR_CLAIMS, request.correlationId);
|
|
50
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
51
|
+
}
|
|
52
|
+
// We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases
|
|
53
|
+
if (!request.account) {
|
|
54
|
+
throw createClientAuthError(noAccountInSilentRequest);
|
|
55
|
+
}
|
|
56
|
+
const requestTenantId = request.account.tenantId ||
|
|
57
|
+
getTenantFromAuthorityString(request.authority);
|
|
58
|
+
const tokenKeys = this.cacheManager.getTokenKeys();
|
|
59
|
+
const cachedAccessToken = this.cacheManager.getAccessToken(request.account, request, tokenKeys, requestTenantId);
|
|
60
|
+
if (!cachedAccessToken) {
|
|
61
|
+
// must refresh due to non-existent access_token
|
|
62
|
+
this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
|
|
63
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
64
|
+
}
|
|
65
|
+
else if (wasClockTurnedBack(cachedAccessToken.cachedAt) ||
|
|
66
|
+
isTokenExpired(cachedAccessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)) {
|
|
67
|
+
// must refresh due to the expires_in value
|
|
68
|
+
this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
|
|
69
|
+
throw createClientAuthError(tokenRefreshRequired);
|
|
70
|
+
}
|
|
71
|
+
else if (cachedAccessToken.refreshOn &&
|
|
72
|
+
isTokenExpired(cachedAccessToken.refreshOn, 0)) {
|
|
73
|
+
// must refresh (in the background) due to the refresh_in value
|
|
74
|
+
lastCacheOutcome = CacheOutcome.PROACTIVELY_REFRESHED;
|
|
75
|
+
// don't throw ClientAuthError.createRefreshRequiredError(), return cached token instead
|
|
76
|
+
}
|
|
77
|
+
const environment = request.authority || this.authority.getPreferredCache();
|
|
78
|
+
const cacheRecord = {
|
|
79
|
+
account: this.cacheManager.getAccount(this.cacheManager.generateAccountKey(request.account), request.correlationId),
|
|
80
|
+
accessToken: cachedAccessToken,
|
|
81
|
+
idToken: this.cacheManager.getIdToken(request.account, request.correlationId, tokenKeys, requestTenantId),
|
|
82
|
+
refreshToken: null,
|
|
83
|
+
appMetadata: this.cacheManager.readAppMetadataFromCache(environment, request.correlationId),
|
|
84
|
+
};
|
|
85
|
+
this.setCacheOutcome(lastCacheOutcome, request.correlationId);
|
|
86
|
+
if (this.config.serverTelemetryManager) {
|
|
87
|
+
this.config.serverTelemetryManager.incrementCacheHits();
|
|
88
|
+
}
|
|
89
|
+
return [
|
|
90
|
+
await invokeAsync(this.generateResultFromCacheRecord.bind(this), SilentFlowClientGenerateResultFromCacheRecord, this.logger, this.performanceClient, request.correlationId)(cacheRecord, request),
|
|
91
|
+
lastCacheOutcome,
|
|
92
|
+
];
|
|
93
|
+
}
|
|
94
|
+
setCacheOutcome(cacheOutcome, correlationId) {
|
|
95
|
+
this.serverTelemetryManager?.setCacheOutcome(cacheOutcome);
|
|
96
|
+
this.performanceClient?.addFields({
|
|
97
|
+
cacheOutcome: cacheOutcome,
|
|
98
|
+
}, correlationId);
|
|
99
|
+
if (cacheOutcome !== CacheOutcome.NOT_APPLICABLE) {
|
|
100
|
+
this.logger.info("09ingz", correlationId);
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Helper function to build response object from the CacheRecord
|
|
105
|
+
* @param cacheRecord
|
|
106
|
+
*/
|
|
107
|
+
async generateResultFromCacheRecord(cacheRecord, request) {
|
|
108
|
+
let idTokenClaims;
|
|
109
|
+
if (cacheRecord.idToken) {
|
|
110
|
+
idTokenClaims = extractTokenClaims(cacheRecord.idToken.secret, this.config.cryptoInterface.base64Decode);
|
|
111
|
+
}
|
|
112
|
+
// token max_age check
|
|
113
|
+
if (request.maxAge || request.maxAge === 0) {
|
|
114
|
+
const authTime = idTokenClaims?.auth_time;
|
|
115
|
+
if (!authTime) {
|
|
116
|
+
throw createClientAuthError(authTimeNotFound);
|
|
117
|
+
}
|
|
118
|
+
checkMaxAge(authTime, request.maxAge);
|
|
119
|
+
}
|
|
120
|
+
return ResponseHandler.generateAuthenticationResult(this.cryptoUtils, this.authority, cacheRecord, true, request, this.performanceClient, idTokenClaims);
|
|
121
|
+
}
|
|
122
|
+
}
|
|
123
|
+
|
|
124
|
+
export { SilentFlowClient };
|
|
125
|
+
//# sourceMappingURL=SilentFlowClient.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SilentFlowClient.mjs","sources":["../../src/client/SilentFlowClient.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.tokenRefreshRequired","ClientAuthErrorCodes.noAccountInSilentRequest","TimeUtils.wasClockTurnedBack","TimeUtils.isTokenExpired","PerformanceEvents.SilentFlowClientGenerateResultFromCacheRecord","ClientAuthErrorCodes.authTimeNotFound"],"mappings":";;;;;;;;;;;;;;;;AAAA;;;AAGG;AAkCH;MACa,gBAAgB,CAAA;IAyBzB,WACI,CAAA,aAAkC,EAClC,iBAAqC,EAAA;;AAGrC,QAAA,IAAI,CAAC,MAAM,GAAG,wBAAwB,CAAC,aAAa,CAAC,CAAC;;AAGtD,QAAA,IAAI,CAAC,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;;QAGnE,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;;QAG/C,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGjD,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC;;QAGlD,IAAI,CAAC,sBAAsB,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;;QAGjE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC;;AAGnD,QAAA,IAAI,CAAC,iBAAiB,GAAG,iBAAiB,CAAC;KAC9C;AAED;;;AAGG;IACH,MAAM,kBAAkB,CACpB,OAAgC,EAAA;AAEhC,QAAA,IAAI,gBAAgB,GAAiB,YAAY,CAAC,cAAc,CAAC;AAEjE,QAAA,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;;YAEjE,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,uBAAuB,EACpC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBA,oBAAyC,CAC5C,CAAC;AACL,SAAA;;AAGD,QAAA,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;AAClB,YAAA,MAAM,qBAAqB,CACvBC,wBAA6C,CAChD,CAAC;AACL,SAAA;AAED,QAAA,MAAM,eAAe,GACjB,OAAO,CAAC,OAAO,CAAC,QAAQ;AACxB,YAAA,4BAA4B,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE,CAAC;AACnD,QAAA,MAAM,iBAAiB,GAAG,IAAI,CAAC,YAAY,CAAC,cAAc,CACtD,OAAO,CAAC,OAAO,EACf,OAAO,EACP,SAAS,EACT,eAAe,CAClB,CAAC;QAEF,IAAI,CAAC,iBAAiB,EAAE;;YAEpB,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,sBAAsB,EACnC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBD,oBAAyC,CAC5C,CAAC;AACL,SAAA;AAAM,aAAA,IACHE,kBAA4B,CAAC,iBAAiB,CAAC,QAAQ,CAAC;AACxD,YAAAC,cAAwB,CACpB,iBAAiB,CAAC,SAAS,EAC3B,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,yBAAyB,CACtD,EACH;;YAEE,IAAI,CAAC,eAAe,CAChB,YAAY,CAAC,2BAA2B,EACxC,OAAO,CAAC,aAAa,CACxB,CAAC;AACF,YAAA,MAAM,qBAAqB,CACvBH,oBAAyC,CAC5C,CAAC;AACL,SAAA;aAAM,IACH,iBAAiB,CAAC,SAAS;YAC3BG,cAAwB,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC,CAAC,EAC1D;;AAEE,YAAA,gBAAgB,GAAG,YAAY,CAAC,qBAAqB,CAAC;;AAGzD,SAAA;AAED,QAAA,MAAM,WAAW,GACb,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC;AAC5D,QAAA,MAAM,WAAW,GAAgB;YAC7B,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,CACjC,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,EACrD,OAAO,CAAC,aAAa,CACxB;AACD,YAAA,WAAW,EAAE,iBAAiB;AAC9B,YAAA,OAAO,EAAE,IAAI,CAAC,YAAY,CAAC,UAAU,CACjC,OAAO,CAAC,OAAO,EACf,OAAO,CAAC,aAAa,EACrB,SAAS,EACT,eAAe,CAClB;AACD,YAAA,YAAY,EAAE,IAAI;AAClB,YAAA,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,wBAAwB,CACnD,WAAW,EACX,OAAO,CAAC,aAAa,CACxB;SACJ,CAAC;QAEF,IAAI,CAAC,eAAe,CAAC,gBAAgB,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC;AAE9D,QAAA,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;AACpC,YAAA,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,kBAAkB,EAAE,CAAC;AAC3D,SAAA;QAED,OAAO;AACH,YAAA,MAAM,WAAW,CACb,IAAI,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,EAC7CC,6CAA+D,EAC/D,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,iBAAiB,EACtB,OAAO,CAAC,aAAa,CACxB,CAAC,WAAW,EAAE,OAAO,CAAC;YACvB,gBAAgB;SACnB,CAAC;KACL;IAEO,eAAe,CACnB,YAA0B,EAC1B,aAAqB,EAAA;AAErB,QAAA,IAAI,CAAC,sBAAsB,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC;AAC3D,QAAA,IAAI,CAAC,iBAAiB,EAAE,SAAS,CAC7B;AACI,YAAA,YAAY,EAAE,YAAY;SAC7B,EACD,aAAa,CAChB,CAAC;AACF,QAAA,IAAI,YAAY,KAAK,YAAY,CAAC,cAAc,EAAE;YAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CACZ,QAAoD,EAAA,aAAA,CAAA,CAAA;AAG3D,SAAA;KACJ;AAED;;;AAGG;AACK,IAAA,MAAM,6BAA6B,CACvC,WAAwB,EACxB,OAAgC,EAAA;AAEhC,QAAA,IAAI,aAAsC,CAAC;QAC3C,IAAI,WAAW,CAAC,OAAO,EAAE;AACrB,YAAA,aAAa,GAAG,kBAAkB,CAC9B,WAAW,CAAC,OAAO,CAAC,MAAM,EAC1B,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,YAAY,CAC3C,CAAC;AACL,SAAA;;QAGD,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE;AACxC,YAAA,MAAM,QAAQ,GAAG,aAAa,EAAE,SAAS,CAAC;YAC1C,IAAI,CAAC,QAAQ,EAAE;AACX,gBAAA,MAAM,qBAAqB,CACvBC,gBAAqC,CACxC,CAAC;AACL,aAAA;AAED,YAAA,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AACzC,SAAA;QAED,OAAO,eAAe,CAAC,4BAA4B,CAC/C,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAS,EACd,WAAW,EACX,IAAI,EACJ,OAAO,EACP,IAAI,CAAC,iBAAiB,EACtB,aAAa,CAChB,CAAC;KACL;AACJ;;;;"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Extensibility interface, which allows the app developer to return a token, based on the passed-in parameters, instead of fetching tokens from
|
|
3
|
+
* the Identity Provider (AAD).
|
|
4
|
+
* Developers need to construct and return an AppTokenProviderResult object back to MSAL. MSAL will cache the token response
|
|
5
|
+
* in the same way it would do if the result were comming from AAD.
|
|
6
|
+
* This extensibility point is only defined for the client_credential flow, i.e. acquireTokenByClientCredential and
|
|
7
|
+
* meant for Azure SDK to enhance Managed Identity support.
|
|
8
|
+
*/
|
|
9
|
+
export interface IAppTokenProvider {
|
|
10
|
+
(appTokenProviderParameters: AppTokenProviderParameters): Promise<AppTokenProviderResult>;
|
|
11
|
+
}
|
|
12
|
+
/**
|
|
13
|
+
* Input object for the IAppTokenProvider extensiblity. MSAL will create this object, which can be used
|
|
14
|
+
* to help create an AppTokenProviderResult.
|
|
15
|
+
*
|
|
16
|
+
* - correlationId - the correlation Id associated with the request
|
|
17
|
+
* - tenantId - the tenant Id for which the token must be provided
|
|
18
|
+
* - scopes - the scopes for which the token must be provided
|
|
19
|
+
* - claims - any extra claims that the token must satisfy
|
|
20
|
+
*/
|
|
21
|
+
export type AppTokenProviderParameters = {
|
|
22
|
+
readonly correlationId?: string;
|
|
23
|
+
readonly tenantId: string;
|
|
24
|
+
readonly scopes: Array<string>;
|
|
25
|
+
readonly claims?: string;
|
|
26
|
+
};
|
|
27
|
+
/**
|
|
28
|
+
* Output object for IAppTokenProvider extensiblity.
|
|
29
|
+
*
|
|
30
|
+
* - accessToken - the actual access token, typically in JWT format, that satisfies the request data AppTokenProviderParameters
|
|
31
|
+
* - expiresInSeconds - how long the tokens has before expiry, in seconds. Similar to the "expires_in" field in an AAD token response.
|
|
32
|
+
* - refreshInSeconds - how long the token has before it should be proactively refreshed. Similar to the "refresh_in" field in an AAD token response.
|
|
33
|
+
*/
|
|
34
|
+
export type AppTokenProviderResult = {
|
|
35
|
+
accessToken: string;
|
|
36
|
+
expiresInSeconds: number;
|
|
37
|
+
refreshInSeconds?: number;
|
|
38
|
+
};
|
|
39
|
+
//# sourceMappingURL=AppTokenProvider.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AppTokenProvider.d.ts","sourceRoot":"","sources":["../../src/config/AppTokenProvider.ts"],"names":[],"mappings":"AAKA;;;;;;;GAOG;AACH,MAAM,WAAW,iBAAiB;IAC9B,CACI,0BAA0B,EAAE,0BAA0B,GACvD,OAAO,CAAC,sBAAsB,CAAC,CAAC;CACtC;AAED;;;;;;;;GAQG;AACH,MAAM,MAAM,0BAA0B,GAAG;IACrC,QAAQ,CAAC,aAAa,CAAC,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,MAAM,sBAAsB,GAAG;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC"}
|
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
import { INetworkModule } from "../network/INetworkModule.js";
|
|
2
|
+
import { ICrypto } from "../crypto/ICrypto.js";
|
|
3
|
+
import { ILoggerCallback, LogLevel } from "../logger/Logger.js";
|
|
4
|
+
import type { Authority } from "../authority/Authority.js";
|
|
5
|
+
import { AzureCloudInstance } from "../authority/AuthorityOptions.js";
|
|
6
|
+
import { CacheManager } from "../cache/CacheManager.js";
|
|
7
|
+
import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager.js";
|
|
8
|
+
import { ICachePlugin } from "../cache/interface/ICachePlugin.js";
|
|
9
|
+
import { ISerializableTokenCache } from "../cache/interface/ISerializableTokenCache.js";
|
|
10
|
+
import { ClientCredentials } from "../account/ClientCredentials.js";
|
|
11
|
+
/**
|
|
12
|
+
* Use the configuration object to configure MSAL Modules and initialize the base interfaces for MSAL.
|
|
13
|
+
*
|
|
14
|
+
* This object allows you to configure important elements of MSAL functionality:
|
|
15
|
+
* - authOptions - Authentication for application
|
|
16
|
+
* - cryptoInterface - Implementation of crypto functions
|
|
17
|
+
* - libraryInfo - Library metadata
|
|
18
|
+
* - telemetry - Telemetry options and data
|
|
19
|
+
* - loggerOptions - Logging for application
|
|
20
|
+
* - networkInterface - Network implementation
|
|
21
|
+
* - storageInterface - Storage implementation
|
|
22
|
+
* - systemOptions - Additional library options
|
|
23
|
+
* - clientCredentials - Credentials options for confidential clients
|
|
24
|
+
* @internal
|
|
25
|
+
*/
|
|
26
|
+
export type ClientConfiguration = {
|
|
27
|
+
authOptions: AuthOptions;
|
|
28
|
+
systemOptions?: SystemOptions;
|
|
29
|
+
loggerOptions?: LoggerOptions;
|
|
30
|
+
storageInterface?: CacheManager;
|
|
31
|
+
networkInterface?: INetworkModule;
|
|
32
|
+
cryptoInterface?: ICrypto;
|
|
33
|
+
clientCredentials?: ClientCredentials;
|
|
34
|
+
libraryInfo?: LibraryInfo;
|
|
35
|
+
telemetry?: TelemetryOptions;
|
|
36
|
+
serverTelemetryManager?: ServerTelemetryManager | null;
|
|
37
|
+
persistencePlugin?: ICachePlugin | null;
|
|
38
|
+
serializableCache?: ISerializableTokenCache | null;
|
|
39
|
+
};
|
|
40
|
+
export type CommonClientConfiguration = {
|
|
41
|
+
authOptions: Required<AuthOptions>;
|
|
42
|
+
systemOptions: Required<SystemOptions>;
|
|
43
|
+
loggerOptions: Required<LoggerOptions>;
|
|
44
|
+
storageInterface: CacheManager;
|
|
45
|
+
networkInterface: INetworkModule;
|
|
46
|
+
cryptoInterface: Required<ICrypto>;
|
|
47
|
+
libraryInfo: LibraryInfo;
|
|
48
|
+
telemetry: Required<TelemetryOptions>;
|
|
49
|
+
serverTelemetryManager: ServerTelemetryManager | null;
|
|
50
|
+
clientCredentials: ClientCredentials;
|
|
51
|
+
persistencePlugin: ICachePlugin | null;
|
|
52
|
+
serializableCache: ISerializableTokenCache | null;
|
|
53
|
+
};
|
|
54
|
+
/**
|
|
55
|
+
* Use this to configure the auth options in the ClientConfiguration object
|
|
56
|
+
*
|
|
57
|
+
* - clientId - Client ID of your app registered with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview in Microsoft Identity Platform
|
|
58
|
+
* - authority - You can configure a specific authority, defaults to " " or "https://login.microsoftonline.com/common"
|
|
59
|
+
* - knownAuthorities - An array of URIs that are known to be valid. Used in B2C scenarios.
|
|
60
|
+
* - cloudDiscoveryMetadata - A string containing the cloud discovery response. Used in AAD scenarios.
|
|
61
|
+
* - clientCapabilities - Array of capabilities which will be added to the claims.access_token.xms_cc request property on every network request.
|
|
62
|
+
* - instanceAware - A flag of whether the STS will send back additional parameters to specify where the tokens should be retrieved from.
|
|
63
|
+
* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
|
|
64
|
+
* @internal
|
|
65
|
+
*/
|
|
66
|
+
export type AuthOptions = {
|
|
67
|
+
clientId: string;
|
|
68
|
+
authority: Authority;
|
|
69
|
+
redirectUri: string;
|
|
70
|
+
clientCapabilities?: Array<string>;
|
|
71
|
+
azureCloudOptions?: AzureCloudOptions;
|
|
72
|
+
instanceAware?: boolean;
|
|
73
|
+
};
|
|
74
|
+
/**
|
|
75
|
+
* Use this to configure token renewal info in the Configuration object
|
|
76
|
+
*
|
|
77
|
+
* - tokenRenewalOffsetSeconds - Sets the window of offset needed to renew the token before expiry
|
|
78
|
+
* - protocolMode - Enum that represents the protocol that msal follows. Used for configuring proper endpoints.
|
|
79
|
+
*/
|
|
80
|
+
export type SystemOptions = {
|
|
81
|
+
tokenRenewalOffsetSeconds?: number;
|
|
82
|
+
preventCorsPreflight?: boolean;
|
|
83
|
+
};
|
|
84
|
+
/**
|
|
85
|
+
* Use this to configure the logging that MSAL does, by configuring logger options in the Configuration object
|
|
86
|
+
*
|
|
87
|
+
* - loggerCallback - Callback for logger
|
|
88
|
+
* - piiLoggingEnabled - Sets whether pii logging is enabled
|
|
89
|
+
* - logLevel - Sets the level at which logging happens
|
|
90
|
+
* - correlationId - Sets the correlationId printed by the logger
|
|
91
|
+
*/
|
|
92
|
+
export type LoggerOptions = {
|
|
93
|
+
loggerCallback?: ILoggerCallback;
|
|
94
|
+
piiLoggingEnabled?: boolean;
|
|
95
|
+
logLevel?: LogLevel;
|
|
96
|
+
correlationId?: string;
|
|
97
|
+
};
|
|
98
|
+
/**
|
|
99
|
+
* Library-specific options
|
|
100
|
+
*/
|
|
101
|
+
export type LibraryInfo = {
|
|
102
|
+
sku: string;
|
|
103
|
+
version: string;
|
|
104
|
+
cpu: string;
|
|
105
|
+
os: string;
|
|
106
|
+
};
|
|
107
|
+
/**
|
|
108
|
+
* AzureCloudInstance specific options
|
|
109
|
+
*
|
|
110
|
+
* - azureCloudInstance - string enum providing short notation for soverign and public cloud authorities
|
|
111
|
+
* - tenant - provision to provide the tenant info
|
|
112
|
+
*/
|
|
113
|
+
export type AzureCloudOptions = {
|
|
114
|
+
azureCloudInstance: AzureCloudInstance;
|
|
115
|
+
tenant?: string;
|
|
116
|
+
};
|
|
117
|
+
export type TelemetryOptions = {
|
|
118
|
+
application: ApplicationTelemetry;
|
|
119
|
+
};
|
|
120
|
+
/**
|
|
121
|
+
* Telemetry information sent on request
|
|
122
|
+
* - appName: Unique string name of an application
|
|
123
|
+
* - appVersion: Version of the application using MSAL
|
|
124
|
+
*/
|
|
125
|
+
export type ApplicationTelemetry = {
|
|
126
|
+
appName: string;
|
|
127
|
+
appVersion: string;
|
|
128
|
+
};
|
|
129
|
+
export declare const DEFAULT_SYSTEM_OPTIONS: Required<SystemOptions>;
|
|
130
|
+
/**
|
|
131
|
+
* Function that sets the default options when not explicitly configured from app developer
|
|
132
|
+
*
|
|
133
|
+
* @param Configuration
|
|
134
|
+
*
|
|
135
|
+
* @returns Configuration
|
|
136
|
+
*/
|
|
137
|
+
export declare function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions: userSystemOptions, loggerOptions: userLoggerOption, storageInterface: storageImplementation, networkInterface: networkImplementation, cryptoInterface: cryptoImplementation, clientCredentials: clientCredentials, libraryInfo: libraryInfo, telemetry: telemetry, serverTelemetryManager: serverTelemetryManager, persistencePlugin: persistencePlugin, serializableCache: serializableCache, }: ClientConfiguration): CommonClientConfiguration;
|
|
138
|
+
/**
|
|
139
|
+
* Returns true if config has protocolMode set to ProtocolMode.OIDC, false otherwise
|
|
140
|
+
* @param ClientConfiguration
|
|
141
|
+
*/
|
|
142
|
+
export declare function isOidcProtocolMode(config: ClientConfiguration): boolean;
|
|
143
|
+
//# sourceMappingURL=ClientConfiguration.d.ts.map
|