@azure/msal-common 16.1.0 → 16.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (275) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.mjs +1 -1
  17. package/dist/cache/entities/AccessTokenEntity.d.ts +2 -0
  18. package/dist/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  19. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  20. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  21. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  22. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  23. package/dist/client/AuthorizationCodeClient.mjs +3 -2
  24. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  25. package/dist/client/RefreshTokenClient.mjs +1 -1
  26. package/dist/client/SilentFlowClient.d.ts.map +1 -1
  27. package/dist/client/SilentFlowClient.mjs +8 -1
  28. package/dist/client/SilentFlowClient.mjs.map +1 -1
  29. package/dist/config/ClientConfiguration.d.ts +2 -0
  30. package/dist/config/ClientConfiguration.d.ts.map +1 -1
  31. package/dist/config/ClientConfiguration.mjs +2 -1
  32. package/dist/config/ClientConfiguration.mjs.map +1 -1
  33. package/dist/constants/AADServerParamKeys.d.ts +1 -0
  34. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  35. package/dist/constants/AADServerParamKeys.mjs +4 -3
  36. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  37. package/dist/crypto/ICrypto.mjs +1 -1
  38. package/dist/crypto/JoseHeader.mjs +1 -1
  39. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  40. package/dist/error/AuthError.mjs +1 -1
  41. package/dist/error/AuthErrorCodes.mjs +1 -1
  42. package/dist/error/CacheError.mjs +1 -1
  43. package/dist/error/CacheErrorCodes.mjs +1 -1
  44. package/dist/error/ClientAuthError.mjs +1 -1
  45. package/dist/error/ClientAuthErrorCodes.d.ts +2 -0
  46. package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
  47. package/dist/error/ClientAuthErrorCodes.mjs +5 -3
  48. package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  49. package/dist/error/ClientConfigurationError.mjs +1 -1
  50. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  51. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  52. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  53. package/dist/error/JoseHeaderError.mjs +1 -1
  54. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  55. package/dist/error/NetworkError.mjs +1 -1
  56. package/dist/error/PlatformBrokerError.mjs +1 -1
  57. package/dist/error/ServerError.mjs +1 -1
  58. package/dist/exports-common.d.ts +1 -1
  59. package/dist/exports-common.d.ts.map +1 -1
  60. package/dist/index-node.mjs +2 -1
  61. package/dist/index-node.mjs.map +1 -1
  62. package/dist/index.mjs +2 -1
  63. package/dist/index.mjs.map +1 -1
  64. package/dist/logger/Logger.mjs +1 -1
  65. package/dist/network/INetworkModule.mjs +1 -1
  66. package/dist/network/RequestThumbprint.mjs +1 -1
  67. package/dist/network/ThrottlingUtils.mjs +1 -1
  68. package/dist/packageMetadata.d.ts +1 -1
  69. package/dist/packageMetadata.mjs +2 -2
  70. package/dist/protocol/Authorize.d.ts.map +1 -1
  71. package/dist/protocol/Authorize.mjs +3 -2
  72. package/dist/protocol/Authorize.mjs.map +1 -1
  73. package/dist/protocol/Token.mjs +1 -1
  74. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  75. package/dist/request/BaseAuthRequest.d.ts +12 -0
  76. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  77. package/dist/request/BaseAuthRequest.mjs +38 -0
  78. package/dist/request/BaseAuthRequest.mjs.map +1 -0
  79. package/dist/request/NativeRequest.d.ts +1 -0
  80. package/dist/request/NativeRequest.d.ts.map +1 -1
  81. package/dist/request/RequestParameterBuilder.d.ts +1 -0
  82. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  83. package/dist/request/RequestParameterBuilder.mjs +8 -3
  84. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  85. package/dist/request/ScopeSet.mjs +1 -1
  86. package/dist/response/AuthenticationResult.d.ts +1 -0
  87. package/dist/response/AuthenticationResult.d.ts.map +1 -1
  88. package/dist/response/ResponseHandler.d.ts.map +1 -1
  89. package/dist/response/ResponseHandler.mjs +6 -1
  90. package/dist/response/ResponseHandler.mjs.map +1 -1
  91. package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  92. package/dist/telemetry/performance/PerformanceClient.mjs +59 -12
  93. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  94. package/dist/telemetry/performance/PerformanceEvent.d.ts +106 -0
  95. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  96. package/dist/telemetry/performance/PerformanceEvent.mjs +11 -2
  97. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  98. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  99. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  100. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  101. package/dist/url/UrlString.mjs +1 -1
  102. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  103. package/dist/utils/Constants.mjs +1 -1
  104. package/dist/utils/FunctionWrappers.d.ts.map +1 -1
  105. package/dist/utils/FunctionWrappers.mjs +3 -5
  106. package/dist/utils/FunctionWrappers.mjs.map +1 -1
  107. package/dist/utils/ProtocolUtils.mjs +1 -1
  108. package/dist/utils/StringUtils.mjs +1 -1
  109. package/dist/utils/TimeUtils.mjs +1 -1
  110. package/dist/utils/UrlUtils.mjs +1 -1
  111. package/dist-browser/account/AccountInfo.mjs +1 -1
  112. package/dist-browser/account/AuthToken.mjs +1 -1
  113. package/dist-browser/account/CcsCredential.mjs +1 -1
  114. package/dist-browser/account/ClientInfo.mjs +1 -1
  115. package/dist-browser/account/TokenClaims.mjs +1 -1
  116. package/dist-browser/authority/Authority.mjs +1 -1
  117. package/dist-browser/authority/AuthorityFactory.mjs +1 -1
  118. package/dist-browser/authority/AuthorityMetadata.mjs +1 -1
  119. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  120. package/dist-browser/authority/AuthorityType.mjs +1 -1
  121. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  122. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  123. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  124. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  125. package/dist-browser/authority/RegionDiscovery.mjs +1 -1
  126. package/dist-browser/cache/CacheManager.mjs +1 -1
  127. package/dist-browser/cache/entities/AccessTokenEntity.d.ts +2 -0
  128. package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  129. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  130. package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
  131. package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
  132. package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -1
  133. package/dist-browser/client/AuthorizationCodeClient.mjs +3 -2
  134. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
  135. package/dist-browser/client/RefreshTokenClient.mjs +1 -1
  136. package/dist-browser/client/SilentFlowClient.d.ts.map +1 -1
  137. package/dist-browser/client/SilentFlowClient.mjs +8 -1
  138. package/dist-browser/client/SilentFlowClient.mjs.map +1 -1
  139. package/dist-browser/config/ClientConfiguration.d.ts +2 -0
  140. package/dist-browser/config/ClientConfiguration.d.ts.map +1 -1
  141. package/dist-browser/config/ClientConfiguration.mjs +2 -1
  142. package/dist-browser/config/ClientConfiguration.mjs.map +1 -1
  143. package/dist-browser/constants/AADServerParamKeys.d.ts +1 -0
  144. package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -1
  145. package/dist-browser/constants/AADServerParamKeys.mjs +4 -3
  146. package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -1
  147. package/dist-browser/crypto/ICrypto.mjs +1 -1
  148. package/dist-browser/crypto/JoseHeader.mjs +1 -1
  149. package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
  150. package/dist-browser/error/AuthError.mjs +1 -1
  151. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  152. package/dist-browser/error/CacheError.mjs +1 -1
  153. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  154. package/dist-browser/error/ClientAuthError.mjs +1 -1
  155. package/dist-browser/error/ClientAuthErrorCodes.d.ts +2 -0
  156. package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -1
  157. package/dist-browser/error/ClientAuthErrorCodes.mjs +5 -3
  158. package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -1
  159. package/dist-browser/error/ClientConfigurationError.mjs +1 -1
  160. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
  161. package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
  162. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  163. package/dist-browser/error/JoseHeaderError.mjs +1 -1
  164. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  165. package/dist-browser/error/NetworkError.mjs +1 -1
  166. package/dist-browser/error/PlatformBrokerError.mjs +1 -1
  167. package/dist-browser/error/ServerError.mjs +1 -1
  168. package/dist-browser/exports-common.d.ts +1 -1
  169. package/dist-browser/exports-common.d.ts.map +1 -1
  170. package/dist-browser/index-browser.mjs +2 -1
  171. package/dist-browser/index-browser.mjs.map +1 -1
  172. package/dist-browser/index.mjs +2 -1
  173. package/dist-browser/index.mjs.map +1 -1
  174. package/dist-browser/log-strings-mapping.json +2 -2
  175. package/dist-browser/logger/Logger.mjs +1 -1
  176. package/dist-browser/network/INetworkModule.mjs +1 -1
  177. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  178. package/dist-browser/network/ThrottlingUtils.mjs +1 -1
  179. package/dist-browser/packageMetadata.d.ts +1 -1
  180. package/dist-browser/packageMetadata.mjs +2 -2
  181. package/dist-browser/protocol/Authorize.d.ts.map +1 -1
  182. package/dist-browser/protocol/Authorize.mjs +3 -2
  183. package/dist-browser/protocol/Authorize.mjs.map +1 -1
  184. package/dist-browser/protocol/Token.mjs +1 -1
  185. package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
  186. package/dist-browser/request/BaseAuthRequest.d.ts +12 -0
  187. package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -1
  188. package/dist-browser/request/BaseAuthRequest.mjs +38 -0
  189. package/dist-browser/request/BaseAuthRequest.mjs.map +1 -0
  190. package/dist-browser/request/NativeRequest.d.ts +1 -0
  191. package/dist-browser/request/NativeRequest.d.ts.map +1 -1
  192. package/dist-browser/request/RequestParameterBuilder.d.ts +1 -0
  193. package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -1
  194. package/dist-browser/request/RequestParameterBuilder.mjs +8 -3
  195. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
  196. package/dist-browser/request/ScopeSet.mjs +1 -1
  197. package/dist-browser/response/AuthenticationResult.d.ts +1 -0
  198. package/dist-browser/response/AuthenticationResult.d.ts.map +1 -1
  199. package/dist-browser/response/ResponseHandler.d.ts.map +1 -1
  200. package/dist-browser/response/ResponseHandler.mjs +6 -1
  201. package/dist-browser/response/ResponseHandler.mjs.map +1 -1
  202. package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  203. package/dist-browser/telemetry/performance/PerformanceClient.mjs +59 -12
  204. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -1
  205. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +106 -0
  206. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  207. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +11 -2
  208. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  209. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  210. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  211. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
  212. package/dist-browser/url/UrlString.mjs +1 -1
  213. package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
  214. package/dist-browser/utils/Constants.mjs +1 -1
  215. package/dist-browser/utils/FunctionWrappers.d.ts.map +1 -1
  216. package/dist-browser/utils/FunctionWrappers.mjs +3 -5
  217. package/dist-browser/utils/FunctionWrappers.mjs.map +1 -1
  218. package/dist-browser/utils/ProtocolUtils.mjs +1 -1
  219. package/dist-browser/utils/StringUtils.mjs +1 -1
  220. package/dist-browser/utils/TimeUtils.mjs +1 -1
  221. package/dist-browser/utils/UrlUtils.mjs +1 -1
  222. package/lib/index-browser.cjs +60 -12
  223. package/lib/index-browser.cjs.map +1 -1
  224. package/lib/{index-node-C4hhfREr.js → index-node-BUrdOQX5.js} +76 -9
  225. package/lib/index-node-BUrdOQX5.js.map +1 -0
  226. package/lib/index-node.cjs +3 -2
  227. package/lib/index-node.cjs.map +1 -1
  228. package/lib/index.cjs +3 -2
  229. package/lib/index.cjs.map +1 -1
  230. package/lib/types/cache/entities/AccessTokenEntity.d.ts +2 -0
  231. package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  232. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  233. package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
  234. package/lib/types/config/ClientConfiguration.d.ts +2 -0
  235. package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
  236. package/lib/types/constants/AADServerParamKeys.d.ts +1 -0
  237. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  238. package/lib/types/error/ClientAuthErrorCodes.d.ts +2 -0
  239. package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
  240. package/lib/types/exports-common.d.ts +1 -1
  241. package/lib/types/exports-common.d.ts.map +1 -1
  242. package/lib/types/packageMetadata.d.ts +1 -1
  243. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  244. package/lib/types/request/BaseAuthRequest.d.ts +12 -0
  245. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  246. package/lib/types/request/NativeRequest.d.ts +1 -0
  247. package/lib/types/request/NativeRequest.d.ts.map +1 -1
  248. package/lib/types/request/RequestParameterBuilder.d.ts +1 -0
  249. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  250. package/lib/types/response/AuthenticationResult.d.ts +1 -0
  251. package/lib/types/response/AuthenticationResult.d.ts.map +1 -1
  252. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  253. package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  254. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +106 -0
  255. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  256. package/lib/types/utils/FunctionWrappers.d.ts.map +1 -1
  257. package/package.json +1 -1
  258. package/src/cache/entities/AccessTokenEntity.ts +2 -0
  259. package/src/client/AuthorizationCodeClient.ts +2 -0
  260. package/src/client/SilentFlowClient.ts +11 -0
  261. package/src/config/ClientConfiguration.ts +3 -0
  262. package/src/constants/AADServerParamKeys.ts +1 -0
  263. package/src/error/ClientAuthErrorCodes.ts +2 -0
  264. package/src/exports-common.ts +4 -1
  265. package/src/packageMetadata.ts +1 -1
  266. package/src/protocol/Authorize.ts +2 -0
  267. package/src/request/BaseAuthRequest.ts +46 -0
  268. package/src/request/NativeRequest.ts +1 -0
  269. package/src/request/RequestParameterBuilder.ts +9 -0
  270. package/src/response/AuthenticationResult.ts +1 -0
  271. package/src/response/ResponseHandler.ts +5 -0
  272. package/src/telemetry/performance/PerformanceClient.ts +62 -10
  273. package/src/telemetry/performance/PerformanceEvent.ts +129 -0
  274. package/src/utils/FunctionWrappers.ts +8 -4
  275. package/lib/index-node-C4hhfREr.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.1.0 2026-02-24 */
1
+ /*! @azure/msal-common v16.3.0 2026-03-13 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -88,7 +88,9 @@ const noNetworkConnectivity = "no_network_connectivity";
88
88
  const userCanceled = "user_canceled";
89
89
  const methodNotImplemented = "method_not_implemented";
90
90
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
91
- const platformBrokerError = "platform_broker_error";
91
+ const platformBrokerError = "platform_broker_error";
92
+ const resourceParameterRequired = "resource_parameter_required";
93
+ const misplacedResourceParam = "misplaced_resource_parameter";
92
94
 
93
95
  var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
94
96
  __proto__: null,
@@ -109,6 +111,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
109
111
  keyIdMissing: keyIdMissing,
110
112
  maxAgeTranspired: maxAgeTranspired,
111
113
  methodNotImplemented: methodNotImplemented,
114
+ misplacedResourceParam: misplacedResourceParam,
112
115
  multipleMatchingAppMetadata: multipleMatchingAppMetadata,
113
116
  multipleMatchingTokens: multipleMatchingTokens,
114
117
  nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
@@ -122,6 +125,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
122
125
  openIdConfigError: openIdConfigError,
123
126
  platformBrokerError: platformBrokerError,
124
127
  requestCannotBeMade: requestCannotBeMade,
128
+ resourceParameterRequired: resourceParameterRequired,
125
129
  stateMismatch: stateMismatch,
126
130
  stateNotFound: stateNotFound,
127
131
  tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
@@ -1303,8 +1307,7 @@ const invoke = (callback, eventName, logger, telemetryClient, correlationId) =>
1303
1307
  const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
1304
1308
  if (correlationId) {
1305
1309
  // Track number of times this API is called in a single request
1306
- const eventCount = eventName + "CallCount";
1307
- telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
1310
+ telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
1308
1311
  }
1309
1312
  try {
1310
1313
  const result = callback(...args);
@@ -1348,8 +1351,7 @@ const invokeAsync = (callback, eventName, logger, telemetryClient, correlationId
1348
1351
  const inProgressEvent = telemetryClient.startMeasurement(eventName, correlationId);
1349
1352
  if (correlationId) {
1350
1353
  // Track number of times this API is called in a single request
1351
- const eventCount = eventName + "CallCount";
1352
- telemetryClient.incrementFields({ [eventCount]: 1 }, correlationId);
1354
+ telemetryClient.incrementFields({ [`ext.${eventName}CallCount`]: 1 }, correlationId);
1353
1355
  }
1354
1356
  return callback(...args)
1355
1357
  .then((response) => {
@@ -2872,7 +2874,8 @@ const BROKER_CLIENT_ID = "brk_client_id";
2872
2874
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
2873
2875
  const INSTANCE_AWARE = "instance_aware";
2874
2876
  const EAR_JWK = "ear_jwk";
2875
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
2877
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
2878
+ const RESOURCE = "resource";
2876
2879
 
2877
2880
  var AADServerParamKeys = /*#__PURE__*/Object.freeze({
2878
2881
  __proto__: null,
@@ -2916,6 +2919,7 @@ var AADServerParamKeys = /*#__PURE__*/Object.freeze({
2916
2919
  REFRESH_TOKEN_EXPIRES_IN: REFRESH_TOKEN_EXPIRES_IN,
2917
2920
  REQUESTED_TOKEN_USE: REQUESTED_TOKEN_USE,
2918
2921
  REQ_CNF: REQ_CNF,
2922
+ RESOURCE: RESOURCE,
2919
2923
  RESPONSE_MODE: RESPONSE_MODE,
2920
2924
  RESPONSE_TYPE: RESPONSE_TYPE,
2921
2925
  RETURN_SPA_CODE: RETURN_SPA_CODE,
@@ -3870,6 +3874,11 @@ function addEARParameters(parameters, jwk) {
3870
3874
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
3871
3875
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
3872
3876
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
3877
+ }
3878
+ function addResource(parameters, resource) {
3879
+ if (resource) {
3880
+ parameters.set(RESOURCE, resource);
3881
+ }
3873
3882
  }
3874
3883
 
3875
3884
  var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
@@ -3909,6 +3918,7 @@ var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
3909
3918
  addRedirectUri: addRedirectUri,
3910
3919
  addRefreshToken: addRefreshToken,
3911
3920
  addRequestTokenUse: addRequestTokenUse,
3921
+ addResource: addResource,
3912
3922
  addResponseMode: addResponseMode,
3913
3923
  addResponseType: addResponseType,
3914
3924
  addScopes: addScopes,
@@ -4234,7 +4244,7 @@ class Logger {
4234
4244
 
4235
4245
  /* eslint-disable header/header */
4236
4246
  const name = "@azure/msal-common";
4237
- const version = "16.1.0";
4247
+ const version = "16.3.0";
4238
4248
 
4239
4249
  /*
4240
4250
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5395,6 +5405,12 @@ const PerformanceEventStatus = {
5395
5405
  InProgress: 1,
5396
5406
  Completed: 2,
5397
5407
  };
5408
+ /**
5409
+ * Prefix used to mark telemetry field names as dynamic.
5410
+ * Fields with this prefix in addFields/incrementFields calls will be routed
5411
+ * to the PerformanceEvent.ext sub-object.
5412
+ */
5413
+ const EXT_FIELD_PREFIX = "ext.";
5398
5414
  const IntFields = new Set([
5399
5415
  "accessTokenSize",
5400
5416
  "durationMs",
@@ -5419,6 +5435,9 @@ const IntFields = new Set([
5419
5435
  "currRefreshCount",
5420
5436
  "expiredCacheRemovedCount",
5421
5437
  "upgradedCacheCount",
5438
+ "networkRtt",
5439
+ "redirectBridgeTimeoutMs",
5440
+ "redirectBridgeMessageVersion",
5422
5441
  ]);
5423
5442
 
5424
5443
  /*
@@ -5555,6 +5574,7 @@ function buildAuthOptions(authOptions) {
5555
5574
  clientCapabilities: [],
5556
5575
  azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
5557
5576
  instanceAware: false,
5577
+ isMcp: false,
5558
5578
  ...authOptions,
5559
5579
  };
5560
5580
  }
@@ -6072,6 +6092,11 @@ class ResponseHandler {
6072
6092
  : undefined;
6073
6093
  // non AAD scenarios can have empty realm
6074
6094
  cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
6095
+ // Set resource (to be used for MCP scenarios)
6096
+ const resource = request.resource || null;
6097
+ if (resource) {
6098
+ cachedAccessToken.resource = resource;
6099
+ }
6075
6100
  }
6076
6101
  // refreshToken
6077
6102
  let cachedRefreshToken = null;
@@ -6625,6 +6650,7 @@ class AuthorizationCodeClient {
6625
6650
  }
6626
6651
  // Add scope array, parameter builder will add default scopes and dedupe
6627
6652
  addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
6653
+ addResource(parameters, request.resource);
6628
6654
  // add code: user set, not validated
6629
6655
  addAuthorizationCode(parameters, request.code);
6630
6656
  // Add library metadata
@@ -7042,6 +7068,13 @@ class SilentFlowClient {
7042
7068
  this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
7043
7069
  throw createClientAuthError(tokenRefreshRequired);
7044
7070
  }
7071
+ else if (request.resource) {
7072
+ // cached access token must have a resource that matches the request resource for MCP scenarios
7073
+ if (cachedAccessToken.resource !== request.resource) {
7074
+ this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
7075
+ throw createClientAuthError(tokenRefreshRequired);
7076
+ }
7077
+ }
7045
7078
  else if (cachedAccessToken.refreshOn &&
7046
7079
  isTokenExpired(cachedAccessToken.refreshOn, 0)) {
7047
7080
  // must refresh (in the background) due to the refresh_in value
@@ -7132,6 +7165,7 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7132
7165
  ...(request.extraScopesToConsent || []),
7133
7166
  ];
7134
7167
  addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
7168
+ addResource(parameters, request.resource);
7135
7169
  addRedirectUri(parameters, request.redirectUri);
7136
7170
  addCorrelationId(parameters, correlationId);
7137
7171
  // add response_mode. If not passed in it defaults to query.
@@ -7338,6 +7372,37 @@ var Authorize = /*#__PURE__*/Object.freeze({
7338
7372
  validateAuthorizationResponse: validateAuthorizationResponse
7339
7373
  });
7340
7374
 
7375
+ /*
7376
+ * Copyright (c) Microsoft Corporation. All rights reserved.
7377
+ * Licensed under the MIT License.
7378
+ */
7379
+ /**
7380
+ * Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
7381
+ * If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
7382
+ * This is used for MCP flows.
7383
+ * @param isMcp - Flag indicating if application is an MCP app, from configuration
7384
+ * @param request - Auth request
7385
+ */
7386
+ function enforceResourceParameter(isMcp, request) {
7387
+ if (!isMcp) {
7388
+ return;
7389
+ }
7390
+ if (request.resource &&
7391
+ (containsResourceParam(request.extraParameters) ||
7392
+ containsResourceParam(request.extraQueryParameters))) {
7393
+ throw createClientAuthError(misplacedResourceParam);
7394
+ }
7395
+ if (!request.resource) {
7396
+ throw createClientAuthError(resourceParameterRequired);
7397
+ }
7398
+ }
7399
+ function containsResourceParam(params) {
7400
+ if (!params) {
7401
+ return false;
7402
+ }
7403
+ return Object.prototype.hasOwnProperty.call(params, "resource");
7404
+ }
7405
+
7341
7406
  /*
7342
7407
  * Copyright (c) Microsoft Corporation. All rights reserved.
7343
7408
  * Licensed under the MIT License.
@@ -7722,6 +7787,7 @@ exports.Constants = Constants;
7722
7787
  exports.DEFAULT_CRYPTO_IMPLEMENTATION = DEFAULT_CRYPTO_IMPLEMENTATION;
7723
7788
  exports.DEFAULT_SYSTEM_OPTIONS = DEFAULT_SYSTEM_OPTIONS;
7724
7789
  exports.DefaultStorageClass = DefaultStorageClass;
7790
+ exports.EXT_FIELD_PREFIX = EXT_FIELD_PREFIX;
7725
7791
  exports.IntFields = IntFields;
7726
7792
  exports.InteractionRequiredAuthError = InteractionRequiredAuthError;
7727
7793
  exports.InteractionRequiredAuthErrorCodes = InteractionRequiredAuthErrorCodes;
@@ -7762,6 +7828,7 @@ exports.createClientAuthError = createClientAuthError;
7762
7828
  exports.createClientConfigurationError = createClientConfigurationError;
7763
7829
  exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
7764
7830
  exports.createNetworkError = createNetworkError;
7831
+ exports.enforceResourceParameter = enforceResourceParameter;
7765
7832
  exports.formatAuthorityUri = formatAuthorityUri;
7766
7833
  exports.getAndFlushLogsFromCache = getAndFlushLogsFromCache;
7767
7834
  exports.getClientAssertion = getClientAssertion;
@@ -7772,4 +7839,4 @@ exports.invokeAsync = invokeAsync;
7772
7839
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
7773
7840
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
7774
7841
  exports.version = version;
7775
- //# sourceMappingURL=index-node-C4hhfREr.js.map
7842
+ //# sourceMappingURL=index-node-BUrdOQX5.js.map