@azure/msal-common 16.2.0 → 16.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (282) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +1 -1
  7. package/dist/authority/AuthorityFactory.mjs +1 -1
  8. package/dist/authority/AuthorityMetadata.mjs +1 -1
  9. package/dist/authority/AuthorityOptions.mjs +1 -1
  10. package/dist/authority/AuthorityType.mjs +1 -1
  11. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  13. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  14. package/dist/authority/ProtocolMode.mjs +1 -1
  15. package/dist/authority/RegionDiscovery.mjs +1 -1
  16. package/dist/cache/CacheManager.d.ts.map +1 -1
  17. package/dist/cache/CacheManager.mjs +6 -1
  18. package/dist/cache/CacheManager.mjs.map +1 -1
  19. package/dist/cache/entities/AccessTokenEntity.d.ts +2 -0
  20. package/dist/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  21. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  22. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  23. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  24. package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
  25. package/dist/client/AuthorizationCodeClient.mjs +3 -2
  26. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  27. package/dist/client/RefreshTokenClient.mjs +1 -1
  28. package/dist/client/SilentFlowClient.d.ts.map +1 -1
  29. package/dist/client/SilentFlowClient.mjs +8 -1
  30. package/dist/client/SilentFlowClient.mjs.map +1 -1
  31. package/dist/config/ClientConfiguration.d.ts +2 -0
  32. package/dist/config/ClientConfiguration.d.ts.map +1 -1
  33. package/dist/config/ClientConfiguration.mjs +2 -1
  34. package/dist/config/ClientConfiguration.mjs.map +1 -1
  35. package/dist/constants/AADServerParamKeys.d.ts +2 -0
  36. package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
  37. package/dist/constants/AADServerParamKeys.mjs +5 -3
  38. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  39. package/dist/crypto/ICrypto.mjs +1 -1
  40. package/dist/crypto/JoseHeader.mjs +1 -1
  41. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  42. package/dist/error/AuthError.mjs +1 -1
  43. package/dist/error/AuthErrorCodes.mjs +1 -1
  44. package/dist/error/CacheError.mjs +1 -1
  45. package/dist/error/CacheErrorCodes.mjs +1 -1
  46. package/dist/error/ClientAuthError.mjs +1 -1
  47. package/dist/error/ClientAuthErrorCodes.d.ts +2 -0
  48. package/dist/error/ClientAuthErrorCodes.d.ts.map +1 -1
  49. package/dist/error/ClientAuthErrorCodes.mjs +5 -3
  50. package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  51. package/dist/error/ClientConfigurationError.mjs +1 -1
  52. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  53. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  54. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  55. package/dist/error/JoseHeaderError.mjs +1 -1
  56. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  57. package/dist/error/NetworkError.mjs +1 -1
  58. package/dist/error/PlatformBrokerError.mjs +1 -1
  59. package/dist/error/ServerError.mjs +1 -1
  60. package/dist/exports-common.d.ts +1 -1
  61. package/dist/exports-common.d.ts.map +1 -1
  62. package/dist/index-node.mjs +2 -1
  63. package/dist/index-node.mjs.map +1 -1
  64. package/dist/index.mjs +2 -1
  65. package/dist/index.mjs.map +1 -1
  66. package/dist/logger/Logger.mjs +1 -1
  67. package/dist/network/INetworkModule.mjs +1 -1
  68. package/dist/network/RequestThumbprint.mjs +1 -1
  69. package/dist/network/ThrottlingUtils.mjs +1 -1
  70. package/dist/packageMetadata.d.ts +1 -1
  71. package/dist/packageMetadata.mjs +2 -2
  72. package/dist/protocol/Authorize.d.ts.map +1 -1
  73. package/dist/protocol/Authorize.mjs +5 -2
  74. package/dist/protocol/Authorize.mjs.map +1 -1
  75. package/dist/protocol/Token.mjs +1 -1
  76. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  77. package/dist/request/BaseAuthRequest.d.ts +12 -0
  78. package/dist/request/BaseAuthRequest.d.ts.map +1 -1
  79. package/dist/request/BaseAuthRequest.mjs +38 -0
  80. package/dist/request/BaseAuthRequest.mjs.map +1 -0
  81. package/dist/request/NativeRequest.d.ts +1 -0
  82. package/dist/request/NativeRequest.d.ts.map +1 -1
  83. package/dist/request/RequestParameterBuilder.d.ts +5 -0
  84. package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
  85. package/dist/request/RequestParameterBuilder.mjs +14 -3
  86. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  87. package/dist/request/ScopeSet.mjs +1 -1
  88. package/dist/response/AuthenticationResult.d.ts +1 -0
  89. package/dist/response/AuthenticationResult.d.ts.map +1 -1
  90. package/dist/response/AuthorizeResponse.d.ts +7 -0
  91. package/dist/response/AuthorizeResponse.d.ts.map +1 -1
  92. package/dist/response/ResponseHandler.d.ts.map +1 -1
  93. package/dist/response/ResponseHandler.mjs +6 -1
  94. package/dist/response/ResponseHandler.mjs.map +1 -1
  95. package/dist/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  96. package/dist/telemetry/performance/PerformanceClient.mjs +5 -3
  97. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  98. package/dist/telemetry/performance/PerformanceEvent.d.ts +17 -0
  99. package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  100. package/dist/telemetry/performance/PerformanceEvent.mjs +4 -1
  101. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  102. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  103. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  104. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  105. package/dist/url/UrlString.mjs +1 -1
  106. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  107. package/dist/utils/Constants.mjs +1 -1
  108. package/dist/utils/FunctionWrappers.mjs +1 -1
  109. package/dist/utils/ProtocolUtils.mjs +1 -1
  110. package/dist/utils/StringUtils.mjs +1 -1
  111. package/dist/utils/TimeUtils.mjs +1 -1
  112. package/dist/utils/UrlUtils.mjs +1 -1
  113. package/dist-browser/account/AccountInfo.mjs +1 -1
  114. package/dist-browser/account/AuthToken.mjs +1 -1
  115. package/dist-browser/account/CcsCredential.mjs +1 -1
  116. package/dist-browser/account/ClientInfo.mjs +1 -1
  117. package/dist-browser/account/TokenClaims.mjs +1 -1
  118. package/dist-browser/authority/Authority.mjs +1 -1
  119. package/dist-browser/authority/AuthorityFactory.mjs +1 -1
  120. package/dist-browser/authority/AuthorityMetadata.mjs +1 -1
  121. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  122. package/dist-browser/authority/AuthorityType.mjs +1 -1
  123. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  124. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  125. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  126. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  127. package/dist-browser/authority/RegionDiscovery.mjs +1 -1
  128. package/dist-browser/cache/CacheManager.d.ts.map +1 -1
  129. package/dist-browser/cache/CacheManager.mjs +6 -1
  130. package/dist-browser/cache/CacheManager.mjs.map +1 -1
  131. package/dist-browser/cache/entities/AccessTokenEntity.d.ts +2 -0
  132. package/dist-browser/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  133. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  134. package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
  135. package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
  136. package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -1
  137. package/dist-browser/client/AuthorizationCodeClient.mjs +3 -2
  138. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
  139. package/dist-browser/client/RefreshTokenClient.mjs +1 -1
  140. package/dist-browser/client/SilentFlowClient.d.ts.map +1 -1
  141. package/dist-browser/client/SilentFlowClient.mjs +8 -1
  142. package/dist-browser/client/SilentFlowClient.mjs.map +1 -1
  143. package/dist-browser/config/ClientConfiguration.d.ts +2 -0
  144. package/dist-browser/config/ClientConfiguration.d.ts.map +1 -1
  145. package/dist-browser/config/ClientConfiguration.mjs +2 -1
  146. package/dist-browser/config/ClientConfiguration.mjs.map +1 -1
  147. package/dist-browser/constants/AADServerParamKeys.d.ts +2 -0
  148. package/dist-browser/constants/AADServerParamKeys.d.ts.map +1 -1
  149. package/dist-browser/constants/AADServerParamKeys.mjs +5 -3
  150. package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -1
  151. package/dist-browser/crypto/ICrypto.mjs +1 -1
  152. package/dist-browser/crypto/JoseHeader.mjs +1 -1
  153. package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
  154. package/dist-browser/error/AuthError.mjs +1 -1
  155. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  156. package/dist-browser/error/CacheError.mjs +1 -1
  157. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  158. package/dist-browser/error/ClientAuthError.mjs +1 -1
  159. package/dist-browser/error/ClientAuthErrorCodes.d.ts +2 -0
  160. package/dist-browser/error/ClientAuthErrorCodes.d.ts.map +1 -1
  161. package/dist-browser/error/ClientAuthErrorCodes.mjs +5 -3
  162. package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -1
  163. package/dist-browser/error/ClientConfigurationError.mjs +1 -1
  164. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
  165. package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
  166. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  167. package/dist-browser/error/JoseHeaderError.mjs +1 -1
  168. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  169. package/dist-browser/error/NetworkError.mjs +1 -1
  170. package/dist-browser/error/PlatformBrokerError.mjs +1 -1
  171. package/dist-browser/error/ServerError.mjs +1 -1
  172. package/dist-browser/exports-common.d.ts +1 -1
  173. package/dist-browser/exports-common.d.ts.map +1 -1
  174. package/dist-browser/index-browser.mjs +2 -1
  175. package/dist-browser/index-browser.mjs.map +1 -1
  176. package/dist-browser/index.mjs +2 -1
  177. package/dist-browser/index.mjs.map +1 -1
  178. package/dist-browser/log-strings-mapping.json +7 -3
  179. package/dist-browser/logger/Logger.mjs +1 -1
  180. package/dist-browser/network/INetworkModule.mjs +1 -1
  181. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  182. package/dist-browser/network/ThrottlingUtils.mjs +1 -1
  183. package/dist-browser/packageMetadata.d.ts +1 -1
  184. package/dist-browser/packageMetadata.mjs +2 -2
  185. package/dist-browser/protocol/Authorize.d.ts.map +1 -1
  186. package/dist-browser/protocol/Authorize.mjs +5 -2
  187. package/dist-browser/protocol/Authorize.mjs.map +1 -1
  188. package/dist-browser/protocol/Token.mjs +1 -1
  189. package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
  190. package/dist-browser/request/BaseAuthRequest.d.ts +12 -0
  191. package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -1
  192. package/dist-browser/request/BaseAuthRequest.mjs +38 -0
  193. package/dist-browser/request/BaseAuthRequest.mjs.map +1 -0
  194. package/dist-browser/request/NativeRequest.d.ts +1 -0
  195. package/dist-browser/request/NativeRequest.d.ts.map +1 -1
  196. package/dist-browser/request/RequestParameterBuilder.d.ts +5 -0
  197. package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -1
  198. package/dist-browser/request/RequestParameterBuilder.mjs +14 -3
  199. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
  200. package/dist-browser/request/ScopeSet.mjs +1 -1
  201. package/dist-browser/response/AuthenticationResult.d.ts +1 -0
  202. package/dist-browser/response/AuthenticationResult.d.ts.map +1 -1
  203. package/dist-browser/response/AuthorizeResponse.d.ts +7 -0
  204. package/dist-browser/response/AuthorizeResponse.d.ts.map +1 -1
  205. package/dist-browser/response/ResponseHandler.d.ts.map +1 -1
  206. package/dist-browser/response/ResponseHandler.mjs +6 -1
  207. package/dist-browser/response/ResponseHandler.mjs.map +1 -1
  208. package/dist-browser/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  209. package/dist-browser/telemetry/performance/PerformanceClient.mjs +5 -3
  210. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -1
  211. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +17 -0
  212. package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  213. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +4 -1
  214. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  215. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  216. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  217. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
  218. package/dist-browser/url/UrlString.mjs +1 -1
  219. package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
  220. package/dist-browser/utils/Constants.mjs +1 -1
  221. package/dist-browser/utils/FunctionWrappers.mjs +1 -1
  222. package/dist-browser/utils/ProtocolUtils.mjs +1 -1
  223. package/dist-browser/utils/StringUtils.mjs +1 -1
  224. package/dist-browser/utils/TimeUtils.mjs +1 -1
  225. package/dist-browser/utils/UrlUtils.mjs +1 -1
  226. package/lib/index-browser.cjs +7 -4
  227. package/lib/index-browser.cjs.map +1 -1
  228. package/lib/{index-node-DF7nODCX.js → index-node-5qBGS-xm.js} +83 -5
  229. package/lib/index-node-5qBGS-xm.js.map +1 -0
  230. package/lib/index-node.cjs +3 -2
  231. package/lib/index-node.cjs.map +1 -1
  232. package/lib/index.cjs +3 -2
  233. package/lib/index.cjs.map +1 -1
  234. package/lib/types/cache/CacheManager.d.ts.map +1 -1
  235. package/lib/types/cache/entities/AccessTokenEntity.d.ts +2 -0
  236. package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +1 -1
  237. package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  238. package/lib/types/client/SilentFlowClient.d.ts.map +1 -1
  239. package/lib/types/config/ClientConfiguration.d.ts +2 -0
  240. package/lib/types/config/ClientConfiguration.d.ts.map +1 -1
  241. package/lib/types/constants/AADServerParamKeys.d.ts +2 -0
  242. package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
  243. package/lib/types/error/ClientAuthErrorCodes.d.ts +2 -0
  244. package/lib/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
  245. package/lib/types/exports-common.d.ts +1 -1
  246. package/lib/types/exports-common.d.ts.map +1 -1
  247. package/lib/types/packageMetadata.d.ts +1 -1
  248. package/lib/types/protocol/Authorize.d.ts.map +1 -1
  249. package/lib/types/request/BaseAuthRequest.d.ts +12 -0
  250. package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
  251. package/lib/types/request/NativeRequest.d.ts +1 -0
  252. package/lib/types/request/NativeRequest.d.ts.map +1 -1
  253. package/lib/types/request/RequestParameterBuilder.d.ts +5 -0
  254. package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
  255. package/lib/types/response/AuthenticationResult.d.ts +1 -0
  256. package/lib/types/response/AuthenticationResult.d.ts.map +1 -1
  257. package/lib/types/response/AuthorizeResponse.d.ts +7 -0
  258. package/lib/types/response/AuthorizeResponse.d.ts.map +1 -1
  259. package/lib/types/response/ResponseHandler.d.ts.map +1 -1
  260. package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
  261. package/lib/types/telemetry/performance/PerformanceEvent.d.ts +17 -0
  262. package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  263. package/package.json +1 -1
  264. package/src/cache/CacheManager.ts +12 -0
  265. package/src/cache/entities/AccessTokenEntity.ts +2 -0
  266. package/src/client/AuthorizationCodeClient.ts +2 -0
  267. package/src/client/SilentFlowClient.ts +11 -0
  268. package/src/config/ClientConfiguration.ts +3 -0
  269. package/src/constants/AADServerParamKeys.ts +2 -0
  270. package/src/error/ClientAuthErrorCodes.ts +2 -0
  271. package/src/exports-common.ts +4 -1
  272. package/src/packageMetadata.ts +1 -1
  273. package/src/protocol/Authorize.ts +5 -0
  274. package/src/request/BaseAuthRequest.ts +46 -0
  275. package/src/request/NativeRequest.ts +1 -0
  276. package/src/request/RequestParameterBuilder.ts +16 -0
  277. package/src/response/AuthenticationResult.ts +1 -0
  278. package/src/response/AuthorizeResponse.ts +7 -0
  279. package/src/response/ResponseHandler.ts +5 -0
  280. package/src/telemetry/performance/PerformanceClient.ts +4 -2
  281. package/src/telemetry/performance/PerformanceEvent.ts +24 -0
  282. package/lib/index-node-DF7nODCX.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.2.0 2026-03-02 */
1
+ /*! @azure/msal-common v16.4.0 2026-03-18 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -88,7 +88,9 @@ const noNetworkConnectivity = "no_network_connectivity";
88
88
  const userCanceled = "user_canceled";
89
89
  const methodNotImplemented = "method_not_implemented";
90
90
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
91
- const platformBrokerError = "platform_broker_error";
91
+ const platformBrokerError = "platform_broker_error";
92
+ const resourceParameterRequired = "resource_parameter_required";
93
+ const misplacedResourceParam = "misplaced_resource_parameter";
92
94
 
93
95
  var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
94
96
  __proto__: null,
@@ -109,6 +111,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
109
111
  keyIdMissing: keyIdMissing,
110
112
  maxAgeTranspired: maxAgeTranspired,
111
113
  methodNotImplemented: methodNotImplemented,
114
+ misplacedResourceParam: misplacedResourceParam,
112
115
  multipleMatchingAppMetadata: multipleMatchingAppMetadata,
113
116
  multipleMatchingTokens: multipleMatchingTokens,
114
117
  nestedAppAuthBridgeDisabled: nestedAppAuthBridgeDisabled,
@@ -122,6 +125,7 @@ var ClientAuthErrorCodes = /*#__PURE__*/Object.freeze({
122
125
  openIdConfigError: openIdConfigError,
123
126
  platformBrokerError: platformBrokerError,
124
127
  requestCannotBeMade: requestCannotBeMade,
128
+ resourceParameterRequired: resourceParameterRequired,
125
129
  stateMismatch: stateMismatch,
126
130
  stateNotFound: stateNotFound,
127
131
  tokenClaimsCnfRequiredForSignedJwt: tokenClaimsCnfRequiredForSignedJwt,
@@ -2870,7 +2874,9 @@ const BROKER_CLIENT_ID = "brk_client_id";
2870
2874
  const BROKER_REDIRECT_URI = "brk_redirect_uri";
2871
2875
  const INSTANCE_AWARE = "instance_aware";
2872
2876
  const EAR_JWK = "ear_jwk";
2873
- const EAR_JWE_CRYPTO = "ear_jwe_crypto";
2877
+ const EAR_JWE_CRYPTO = "ear_jwe_crypto";
2878
+ const RESOURCE = "resource";
2879
+ const CLI_DATA = "clidata";
2874
2880
 
2875
2881
  var AADServerParamKeys = /*#__PURE__*/Object.freeze({
2876
2882
  __proto__: null,
@@ -2885,6 +2891,7 @@ var AADServerParamKeys = /*#__PURE__*/Object.freeze({
2885
2891
  CLIENT_INFO: CLIENT_INFO,
2886
2892
  CLIENT_REQUEST_ID: CLIENT_REQUEST_ID,
2887
2893
  CLIENT_SECRET: CLIENT_SECRET,
2894
+ CLI_DATA: CLI_DATA,
2888
2895
  CODE: CODE,
2889
2896
  CODE_CHALLENGE: CODE_CHALLENGE,
2890
2897
  CODE_CHALLENGE_METHOD: CODE_CHALLENGE_METHOD,
@@ -2914,6 +2921,7 @@ var AADServerParamKeys = /*#__PURE__*/Object.freeze({
2914
2921
  REFRESH_TOKEN_EXPIRES_IN: REFRESH_TOKEN_EXPIRES_IN,
2915
2922
  REQUESTED_TOKEN_USE: REQUESTED_TOKEN_USE,
2916
2923
  REQ_CNF: REQ_CNF,
2924
+ RESOURCE: RESOURCE,
2917
2925
  RESPONSE_MODE: RESPONSE_MODE,
2918
2926
  RESPONSE_TYPE: RESPONSE_TYPE,
2919
2927
  RETURN_SPA_CODE: RETURN_SPA_CODE,
@@ -3755,6 +3763,12 @@ function addGrantType(parameters, grantType) {
3755
3763
  function addClientInfo(parameters) {
3756
3764
  parameters.set(CLIENT_INFO$1, "1");
3757
3765
  }
3766
+ /**
3767
+ * add clidata=1 to request to indicate client data support
3768
+ */
3769
+ function addCliData(parameters) {
3770
+ parameters.set(CLI_DATA, "1");
3771
+ }
3758
3772
  function addInstanceAware(parameters) {
3759
3773
  if (!parameters.has(INSTANCE_AWARE)) {
3760
3774
  parameters.set(INSTANCE_AWARE, "true");
@@ -3868,6 +3882,11 @@ function addEARParameters(parameters, jwk) {
3868
3882
  // ear_jwe_crypto will always have value: {"alg":"dir","enc":"A256GCM"} so we can hardcode this
3869
3883
  const jweCryptoB64Encoded = "eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0";
3870
3884
  parameters.set(EAR_JWE_CRYPTO, jweCryptoB64Encoded);
3885
+ }
3886
+ function addResource(parameters, resource) {
3887
+ if (resource) {
3888
+ parameters.set(RESOURCE, resource);
3889
+ }
3871
3890
  }
3872
3891
 
3873
3892
  var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
@@ -3878,6 +3897,7 @@ var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
3878
3897
  addCcsOid: addCcsOid,
3879
3898
  addCcsUpn: addCcsUpn,
3880
3899
  addClaims: addClaims,
3900
+ addCliData: addCliData,
3881
3901
  addClientAssertion: addClientAssertion,
3882
3902
  addClientAssertionType: addClientAssertionType,
3883
3903
  addClientCapabilitiesToClaims: addClientCapabilitiesToClaims,
@@ -3907,6 +3927,7 @@ var RequestParameterBuilder = /*#__PURE__*/Object.freeze({
3907
3927
  addRedirectUri: addRedirectUri,
3908
3928
  addRefreshToken: addRefreshToken,
3909
3929
  addRequestTokenUse: addRequestTokenUse,
3930
+ addResource: addResource,
3910
3931
  addResponseMode: addResponseMode,
3911
3932
  addResponseType: addResponseType,
3912
3933
  addScopes: addScopes,
@@ -4232,7 +4253,7 @@ class Logger {
4232
4253
 
4233
4254
  /* eslint-disable header/header */
4234
4255
  const name = "@azure/msal-common";
4235
- const version = "16.2.0";
4256
+ const version = "16.4.0";
4236
4257
 
4237
4258
  /*
4238
4259
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -4311,6 +4332,11 @@ class CacheManager {
4311
4332
  * Gets first tenanted AccountInfo object found based on provided filters
4312
4333
  */
4313
4334
  getAccountInfoFilteredBy(accountFilter, correlationId) {
4335
+ if (Object.keys(accountFilter).length === 0 ||
4336
+ Object.values(accountFilter).every((value) => value === null || value === undefined || value === "")) {
4337
+ this.commonLogger.warning("getAccountInfoFilteredBy: Account filter is empty or invalid, returning null", correlationId);
4338
+ return null;
4339
+ }
4314
4340
  const allAccounts = this.getAllAccounts(accountFilter, correlationId);
4315
4341
  if (allAccounts.length > 1) {
4316
4342
  // If one or more accounts are found, prioritize accounts that have an ID token
@@ -5423,6 +5449,9 @@ const IntFields = new Set([
5423
5449
  "currRefreshCount",
5424
5450
  "expiredCacheRemovedCount",
5425
5451
  "upgradedCacheCount",
5452
+ "networkRtt",
5453
+ "redirectBridgeTimeoutMs",
5454
+ "redirectBridgeMessageVersion",
5426
5455
  ]);
5427
5456
 
5428
5457
  /*
@@ -5559,6 +5588,7 @@ function buildAuthOptions(authOptions) {
5559
5588
  clientCapabilities: [],
5560
5589
  azureCloudOptions: DEFAULT_AZURE_CLOUD_OPTIONS,
5561
5590
  instanceAware: false,
5591
+ isMcp: false,
5562
5592
  ...authOptions,
5563
5593
  };
5564
5594
  }
@@ -6076,6 +6106,11 @@ class ResponseHandler {
6076
6106
  : undefined;
6077
6107
  // non AAD scenarios can have empty realm
6078
6108
  cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
6109
+ // Set resource (to be used for MCP scenarios)
6110
+ const resource = request.resource || null;
6111
+ if (resource) {
6112
+ cachedAccessToken.resource = resource;
6113
+ }
6079
6114
  }
6080
6115
  // refreshToken
6081
6116
  let cachedRefreshToken = null;
@@ -6629,6 +6664,7 @@ class AuthorizationCodeClient {
6629
6664
  }
6630
6665
  // Add scope array, parameter builder will add default scopes and dedupe
6631
6666
  addScopes(parameters, request.scopes, true, this.oidcDefaultScopes);
6667
+ addResource(parameters, request.resource);
6632
6668
  // add code: user set, not validated
6633
6669
  addAuthorizationCode(parameters, request.code);
6634
6670
  // Add library metadata
@@ -7046,6 +7082,13 @@ class SilentFlowClient {
7046
7082
  this.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED, request.correlationId);
7047
7083
  throw createClientAuthError(tokenRefreshRequired);
7048
7084
  }
7085
+ else if (request.resource) {
7086
+ // cached access token must have a resource that matches the request resource for MCP scenarios
7087
+ if (cachedAccessToken.resource !== request.resource) {
7088
+ this.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN, request.correlationId);
7089
+ throw createClientAuthError(tokenRefreshRequired);
7090
+ }
7091
+ }
7049
7092
  else if (cachedAccessToken.refreshOn &&
7050
7093
  isTokenExpired(cachedAccessToken.refreshOn, 0)) {
7051
7094
  // must refresh (in the background) due to the refresh_in value
@@ -7136,12 +7179,15 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7136
7179
  ...(request.extraScopesToConsent || []),
7137
7180
  ];
7138
7181
  addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
7182
+ addResource(parameters, request.resource);
7139
7183
  addRedirectUri(parameters, request.redirectUri);
7140
7184
  addCorrelationId(parameters, correlationId);
7141
7185
  // add response_mode. If not passed in it defaults to query.
7142
7186
  addResponseMode(parameters, request.responseMode);
7143
7187
  // add client_info=1
7144
7188
  addClientInfo(parameters);
7189
+ // add clidata=1
7190
+ addCliData(parameters);
7145
7191
  if (request.prompt) {
7146
7192
  addPrompt(parameters, request.prompt);
7147
7193
  performanceClient?.addFields({ prompt: request.prompt }, correlationId);
@@ -7342,6 +7388,37 @@ var Authorize = /*#__PURE__*/Object.freeze({
7342
7388
  validateAuthorizationResponse: validateAuthorizationResponse
7343
7389
  });
7344
7390
 
7391
+ /*
7392
+ * Copyright (c) Microsoft Corporation. All rights reserved.
7393
+ * Licensed under the MIT License.
7394
+ */
7395
+ /**
7396
+ * Helper to enforce resource parameter presence in token requests when isMcp is set in the configuration.
7397
+ * If resource parameter is set in both the request and in extraQueryParameters or extraParameters, an error will be thrown.
7398
+ * This is used for MCP flows.
7399
+ * @param isMcp - Flag indicating if application is an MCP app, from configuration
7400
+ * @param request - Auth request
7401
+ */
7402
+ function enforceResourceParameter(isMcp, request) {
7403
+ if (!isMcp) {
7404
+ return;
7405
+ }
7406
+ if (request.resource &&
7407
+ (containsResourceParam(request.extraParameters) ||
7408
+ containsResourceParam(request.extraQueryParameters))) {
7409
+ throw createClientAuthError(misplacedResourceParam);
7410
+ }
7411
+ if (!request.resource) {
7412
+ throw createClientAuthError(resourceParameterRequired);
7413
+ }
7414
+ }
7415
+ function containsResourceParam(params) {
7416
+ if (!params) {
7417
+ return false;
7418
+ }
7419
+ return Object.prototype.hasOwnProperty.call(params, "resource");
7420
+ }
7421
+
7345
7422
  /*
7346
7423
  * Copyright (c) Microsoft Corporation. All rights reserved.
7347
7424
  * Licensed under the MIT License.
@@ -7767,6 +7844,7 @@ exports.createClientAuthError = createClientAuthError;
7767
7844
  exports.createClientConfigurationError = createClientConfigurationError;
7768
7845
  exports.createInteractionRequiredAuthError = createInteractionRequiredAuthError;
7769
7846
  exports.createNetworkError = createNetworkError;
7847
+ exports.enforceResourceParameter = enforceResourceParameter;
7770
7848
  exports.formatAuthorityUri = formatAuthorityUri;
7771
7849
  exports.getAndFlushLogsFromCache = getAndFlushLogsFromCache;
7772
7850
  exports.getClientAssertion = getClientAssertion;
@@ -7777,4 +7855,4 @@ exports.invokeAsync = invokeAsync;
7777
7855
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
7778
7856
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
7779
7857
  exports.version = version;
7780
- //# sourceMappingURL=index-node-DF7nODCX.js.map
7858
+ //# sourceMappingURL=index-node-5qBGS-xm.js.map