@azure/msal-common 16.4.0 → 16.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Token.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.d.ts +9 -9
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +27 -20
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +8 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +2 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist-browser/account/AccountInfo.mjs +1 -1
- package/dist-browser/account/AuthToken.mjs +1 -1
- package/dist-browser/account/CcsCredential.mjs +1 -1
- package/dist-browser/account/ClientInfo.mjs +1 -1
- package/dist-browser/account/TokenClaims.mjs +1 -1
- package/dist-browser/authority/Authority.mjs +1 -1
- package/dist-browser/authority/AuthorityFactory.mjs +1 -1
- package/dist-browser/authority/AuthorityMetadata.mjs +1 -1
- package/dist-browser/authority/AuthorityOptions.mjs +1 -1
- package/dist-browser/authority/AuthorityType.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist-browser/authority/ProtocolMode.mjs +1 -1
- package/dist-browser/authority/RegionDiscovery.mjs +1 -1
- package/dist-browser/cache/CacheManager.mjs +1 -1
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
- package/dist-browser/client/AuthorizationCodeClient.mjs +1 -1
- package/dist-browser/client/RefreshTokenClient.mjs +1 -1
- package/dist-browser/client/SilentFlowClient.mjs +1 -1
- package/dist-browser/config/ClientConfiguration.mjs +1 -1
- package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
- package/dist-browser/crypto/ICrypto.mjs +1 -1
- package/dist-browser/crypto/JoseHeader.mjs +1 -1
- package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
- package/dist-browser/error/AuthError.mjs +1 -1
- package/dist-browser/error/AuthErrorCodes.mjs +1 -1
- package/dist-browser/error/CacheError.mjs +1 -1
- package/dist-browser/error/CacheErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientAuthError.mjs +1 -1
- package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientConfigurationError.mjs +1 -1
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/JoseHeaderError.mjs +1 -1
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist-browser/error/NetworkError.mjs +1 -1
- package/dist-browser/error/PlatformBrokerError.mjs +1 -1
- package/dist-browser/error/ServerError.mjs +1 -1
- package/dist-browser/index-browser.mjs +1 -1
- package/dist-browser/index.mjs +1 -1
- package/dist-browser/log-strings-mapping.json +7 -3
- package/dist-browser/logger/Logger.mjs +1 -1
- package/dist-browser/network/INetworkModule.mjs +1 -1
- package/dist-browser/network/RequestThumbprint.mjs +1 -1
- package/dist-browser/network/ThrottlingUtils.mjs +1 -1
- package/dist-browser/packageMetadata.d.ts +1 -1
- package/dist-browser/packageMetadata.mjs +2 -2
- package/dist-browser/protocol/Authorize.mjs +1 -1
- package/dist-browser/protocol/Token.mjs +1 -1
- package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist-browser/request/BaseAuthRequest.mjs +1 -1
- package/dist-browser/request/RequestParameterBuilder.mjs +1 -1
- package/dist-browser/request/ScopeSet.mjs +1 -1
- package/dist-browser/response/ResponseHandler.d.ts +9 -9
- package/dist-browser/response/ResponseHandler.d.ts.map +1 -1
- package/dist-browser/response/ResponseHandler.mjs +27 -20
- package/dist-browser/response/ResponseHandler.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +8 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +2 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist-browser/url/UrlString.mjs +1 -1
- package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
- package/dist-browser/utils/Constants.mjs +1 -1
- package/dist-browser/utils/FunctionWrappers.mjs +1 -1
- package/dist-browser/utils/ProtocolUtils.mjs +1 -1
- package/dist-browser/utils/StringUtils.mjs +1 -1
- package/dist-browser/utils/TimeUtils.mjs +1 -1
- package/dist-browser/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-5qBGS-xm.js → index-node-5FoJ00Jc.js} +133 -125
- package/lib/{index-node-5qBGS-xm.js.map → index-node-5FoJ00Jc.js.map} +1 -1
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/response/ResponseHandler.d.ts +9 -9
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +8 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/packageMetadata.ts +1 -1
- package/src/response/ResponseHandler.ts +67 -47
- package/src/telemetry/performance/PerformanceEvent.ts +12 -0
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v16.4.
|
|
1
|
+
/*! @azure/msal-common v16.4.1 2026-04-01 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -4253,7 +4253,7 @@ class Logger {
|
|
|
4253
4253
|
|
|
4254
4254
|
/* eslint-disable header/header */
|
|
4255
4255
|
const name = "@azure/msal-common";
|
|
4256
|
-
const version = "16.4.
|
|
4256
|
+
const version = "16.4.1";
|
|
4257
4257
|
|
|
4258
4258
|
/*
|
|
4259
4259
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -5449,6 +5449,7 @@ const IntFields = new Set([
|
|
|
5449
5449
|
"currRefreshCount",
|
|
5450
5450
|
"expiredCacheRemovedCount",
|
|
5451
5451
|
"upgradedCacheCount",
|
|
5452
|
+
"cacheMatchedAccounts",
|
|
5452
5453
|
"networkRtt",
|
|
5453
5454
|
"redirectBridgeTimeoutMs",
|
|
5454
5455
|
"redirectBridgeMessageVersion",
|
|
@@ -5605,15 +5606,102 @@ function isOidcProtocolMode(config) {
|
|
|
5605
5606
|
* Licensed under the MIT License.
|
|
5606
5607
|
*/
|
|
5607
5608
|
/**
|
|
5608
|
-
*
|
|
5609
|
+
* This class instance helps track the memory changes facilitating
|
|
5610
|
+
* decisions to read from and write to the persistent cache
|
|
5611
|
+
*/ class TokenCacheContext {
|
|
5612
|
+
constructor(tokenCache, hasChanged) {
|
|
5613
|
+
this.cache = tokenCache;
|
|
5614
|
+
this.hasChanged = hasChanged;
|
|
5615
|
+
}
|
|
5616
|
+
/**
|
|
5617
|
+
* boolean which indicates the changes in cache
|
|
5618
|
+
*/
|
|
5619
|
+
get cacheHasChanged() {
|
|
5620
|
+
return this.hasChanged;
|
|
5621
|
+
}
|
|
5622
|
+
/**
|
|
5623
|
+
* function to retrieve the token cache
|
|
5624
|
+
*/
|
|
5625
|
+
get tokenCache() {
|
|
5626
|
+
return this.cache;
|
|
5627
|
+
}
|
|
5628
|
+
}
|
|
5629
|
+
|
|
5630
|
+
/*
|
|
5631
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5632
|
+
* Licensed under the MIT License.
|
|
5609
5633
|
*/
|
|
5610
|
-
|
|
5611
|
-
|
|
5612
|
-
|
|
5613
|
-
|
|
5614
|
-
|
|
5615
|
-
this.
|
|
5616
|
-
|
|
5634
|
+
const KeyLocation = {
|
|
5635
|
+
SW: "sw"};
|
|
5636
|
+
/** @internal */
|
|
5637
|
+
class PopTokenGenerator {
|
|
5638
|
+
constructor(cryptoUtils, performanceClient) {
|
|
5639
|
+
this.cryptoUtils = cryptoUtils;
|
|
5640
|
+
this.performanceClient = performanceClient;
|
|
5641
|
+
}
|
|
5642
|
+
/**
|
|
5643
|
+
* Generates the req_cnf validated at the RP in the POP protocol for SHR parameters
|
|
5644
|
+
* and returns an object containing the keyid, the full req_cnf string and the req_cnf string hash
|
|
5645
|
+
* @param request
|
|
5646
|
+
* @returns
|
|
5647
|
+
*/
|
|
5648
|
+
async generateCnf(request, logger) {
|
|
5649
|
+
const reqCnf = await invokeAsync(this.generateKid.bind(this), PopTokenGenerateCnf, logger, this.performanceClient, request.correlationId)(request);
|
|
5650
|
+
const reqCnfString = this.cryptoUtils.base64UrlEncode(JSON.stringify(reqCnf));
|
|
5651
|
+
return {
|
|
5652
|
+
kid: reqCnf.kid,
|
|
5653
|
+
reqCnfString,
|
|
5654
|
+
};
|
|
5655
|
+
}
|
|
5656
|
+
/**
|
|
5657
|
+
* Generates key_id for a SHR token request
|
|
5658
|
+
* @param request
|
|
5659
|
+
* @returns
|
|
5660
|
+
*/
|
|
5661
|
+
async generateKid(request) {
|
|
5662
|
+
const kidThumbprint = await this.cryptoUtils.getPublicKeyThumbprint(request);
|
|
5663
|
+
return {
|
|
5664
|
+
kid: kidThumbprint,
|
|
5665
|
+
xms_ksl: KeyLocation.SW,
|
|
5666
|
+
};
|
|
5667
|
+
}
|
|
5668
|
+
/**
|
|
5669
|
+
* Signs the POP access_token with the local generated key-pair
|
|
5670
|
+
* @param accessToken
|
|
5671
|
+
* @param request
|
|
5672
|
+
* @returns
|
|
5673
|
+
*/
|
|
5674
|
+
async signPopToken(accessToken, keyId, request) {
|
|
5675
|
+
return this.signPayload(accessToken, keyId, request);
|
|
5676
|
+
}
|
|
5677
|
+
/**
|
|
5678
|
+
* Utility function to generate the signed JWT for an access_token
|
|
5679
|
+
* @param payload
|
|
5680
|
+
* @param kid
|
|
5681
|
+
* @param request
|
|
5682
|
+
* @param claims
|
|
5683
|
+
* @returns
|
|
5684
|
+
*/
|
|
5685
|
+
async signPayload(payload, keyId, request, claims) {
|
|
5686
|
+
// Deconstruct request to extract SHR parameters
|
|
5687
|
+
const { resourceRequestMethod, resourceRequestUri, shrClaims, shrNonce, shrOptions, } = request;
|
|
5688
|
+
const resourceUrlString = resourceRequestUri
|
|
5689
|
+
? new UrlString(resourceRequestUri)
|
|
5690
|
+
: undefined;
|
|
5691
|
+
const resourceUrlComponents = resourceUrlString?.getUrlComponents();
|
|
5692
|
+
return this.cryptoUtils.signJwt({
|
|
5693
|
+
at: payload,
|
|
5694
|
+
ts: nowSeconds(),
|
|
5695
|
+
m: resourceRequestMethod?.toUpperCase(),
|
|
5696
|
+
u: resourceUrlComponents?.HostNameAndPort,
|
|
5697
|
+
nonce: shrNonce || this.cryptoUtils.createNewGuid(),
|
|
5698
|
+
p: resourceUrlComponents?.AbsolutePath,
|
|
5699
|
+
q: resourceUrlComponents?.QueryString
|
|
5700
|
+
? [[], resourceUrlComponents.QueryString]
|
|
5701
|
+
: undefined,
|
|
5702
|
+
client_claims: shrClaims || undefined,
|
|
5703
|
+
...claims,
|
|
5704
|
+
}, keyId, shrOptions, request.correlationId);
|
|
5617
5705
|
}
|
|
5618
5706
|
}
|
|
5619
5707
|
|
|
@@ -5746,6 +5834,23 @@ function createInteractionRequiredAuthError(errorCode, errorMessage) {
|
|
|
5746
5834
|
return new InteractionRequiredAuthError(errorCode, errorMessage);
|
|
5747
5835
|
}
|
|
5748
5836
|
|
|
5837
|
+
/*
|
|
5838
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5839
|
+
* Licensed under the MIT License.
|
|
5840
|
+
*/
|
|
5841
|
+
/**
|
|
5842
|
+
* Error thrown when there is an error with the server code, for example, unavailability.
|
|
5843
|
+
*/
|
|
5844
|
+
class ServerError extends AuthError {
|
|
5845
|
+
constructor(errorCode, errorMessage, subError, errorNo, status) {
|
|
5846
|
+
super(errorCode, errorMessage, subError);
|
|
5847
|
+
this.name = "ServerError";
|
|
5848
|
+
this.errorNo = errorNo;
|
|
5849
|
+
this.status = status;
|
|
5850
|
+
Object.setPrototypeOf(this, ServerError.prototype);
|
|
5851
|
+
}
|
|
5852
|
+
}
|
|
5853
|
+
|
|
5749
5854
|
/*
|
|
5750
5855
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5751
5856
|
* Licensed under the MIT License.
|
|
@@ -5819,110 +5924,6 @@ var ProtocolUtils = /*#__PURE__*/Object.freeze({
|
|
|
5819
5924
|
setRequestState: setRequestState
|
|
5820
5925
|
});
|
|
5821
5926
|
|
|
5822
|
-
/*
|
|
5823
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5824
|
-
* Licensed under the MIT License.
|
|
5825
|
-
*/
|
|
5826
|
-
const KeyLocation = {
|
|
5827
|
-
SW: "sw"};
|
|
5828
|
-
/** @internal */
|
|
5829
|
-
class PopTokenGenerator {
|
|
5830
|
-
constructor(cryptoUtils, performanceClient) {
|
|
5831
|
-
this.cryptoUtils = cryptoUtils;
|
|
5832
|
-
this.performanceClient = performanceClient;
|
|
5833
|
-
}
|
|
5834
|
-
/**
|
|
5835
|
-
* Generates the req_cnf validated at the RP in the POP protocol for SHR parameters
|
|
5836
|
-
* and returns an object containing the keyid, the full req_cnf string and the req_cnf string hash
|
|
5837
|
-
* @param request
|
|
5838
|
-
* @returns
|
|
5839
|
-
*/
|
|
5840
|
-
async generateCnf(request, logger) {
|
|
5841
|
-
const reqCnf = await invokeAsync(this.generateKid.bind(this), PopTokenGenerateCnf, logger, this.performanceClient, request.correlationId)(request);
|
|
5842
|
-
const reqCnfString = this.cryptoUtils.base64UrlEncode(JSON.stringify(reqCnf));
|
|
5843
|
-
return {
|
|
5844
|
-
kid: reqCnf.kid,
|
|
5845
|
-
reqCnfString,
|
|
5846
|
-
};
|
|
5847
|
-
}
|
|
5848
|
-
/**
|
|
5849
|
-
* Generates key_id for a SHR token request
|
|
5850
|
-
* @param request
|
|
5851
|
-
* @returns
|
|
5852
|
-
*/
|
|
5853
|
-
async generateKid(request) {
|
|
5854
|
-
const kidThumbprint = await this.cryptoUtils.getPublicKeyThumbprint(request);
|
|
5855
|
-
return {
|
|
5856
|
-
kid: kidThumbprint,
|
|
5857
|
-
xms_ksl: KeyLocation.SW,
|
|
5858
|
-
};
|
|
5859
|
-
}
|
|
5860
|
-
/**
|
|
5861
|
-
* Signs the POP access_token with the local generated key-pair
|
|
5862
|
-
* @param accessToken
|
|
5863
|
-
* @param request
|
|
5864
|
-
* @returns
|
|
5865
|
-
*/
|
|
5866
|
-
async signPopToken(accessToken, keyId, request) {
|
|
5867
|
-
return this.signPayload(accessToken, keyId, request);
|
|
5868
|
-
}
|
|
5869
|
-
/**
|
|
5870
|
-
* Utility function to generate the signed JWT for an access_token
|
|
5871
|
-
* @param payload
|
|
5872
|
-
* @param kid
|
|
5873
|
-
* @param request
|
|
5874
|
-
* @param claims
|
|
5875
|
-
* @returns
|
|
5876
|
-
*/
|
|
5877
|
-
async signPayload(payload, keyId, request, claims) {
|
|
5878
|
-
// Deconstruct request to extract SHR parameters
|
|
5879
|
-
const { resourceRequestMethod, resourceRequestUri, shrClaims, shrNonce, shrOptions, } = request;
|
|
5880
|
-
const resourceUrlString = resourceRequestUri
|
|
5881
|
-
? new UrlString(resourceRequestUri)
|
|
5882
|
-
: undefined;
|
|
5883
|
-
const resourceUrlComponents = resourceUrlString?.getUrlComponents();
|
|
5884
|
-
return this.cryptoUtils.signJwt({
|
|
5885
|
-
at: payload,
|
|
5886
|
-
ts: nowSeconds(),
|
|
5887
|
-
m: resourceRequestMethod?.toUpperCase(),
|
|
5888
|
-
u: resourceUrlComponents?.HostNameAndPort,
|
|
5889
|
-
nonce: shrNonce || this.cryptoUtils.createNewGuid(),
|
|
5890
|
-
p: resourceUrlComponents?.AbsolutePath,
|
|
5891
|
-
q: resourceUrlComponents?.QueryString
|
|
5892
|
-
? [[], resourceUrlComponents.QueryString]
|
|
5893
|
-
: undefined,
|
|
5894
|
-
client_claims: shrClaims || undefined,
|
|
5895
|
-
...claims,
|
|
5896
|
-
}, keyId, shrOptions, request.correlationId);
|
|
5897
|
-
}
|
|
5898
|
-
}
|
|
5899
|
-
|
|
5900
|
-
/*
|
|
5901
|
-
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5902
|
-
* Licensed under the MIT License.
|
|
5903
|
-
*/
|
|
5904
|
-
/**
|
|
5905
|
-
* This class instance helps track the memory changes facilitating
|
|
5906
|
-
* decisions to read from and write to the persistent cache
|
|
5907
|
-
*/ class TokenCacheContext {
|
|
5908
|
-
constructor(tokenCache, hasChanged) {
|
|
5909
|
-
this.cache = tokenCache;
|
|
5910
|
-
this.hasChanged = hasChanged;
|
|
5911
|
-
}
|
|
5912
|
-
/**
|
|
5913
|
-
* boolean which indicates the changes in cache
|
|
5914
|
-
*/
|
|
5915
|
-
get cacheHasChanged() {
|
|
5916
|
-
return this.hasChanged;
|
|
5917
|
-
}
|
|
5918
|
-
/**
|
|
5919
|
-
* function to retrieve the token cache
|
|
5920
|
-
*/
|
|
5921
|
-
get tokenCache() {
|
|
5922
|
-
return this.cache;
|
|
5923
|
-
}
|
|
5924
|
-
}
|
|
5925
|
-
|
|
5926
5927
|
/*
|
|
5927
5928
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
5928
5929
|
* Licensed under the MIT License.
|
|
@@ -6077,7 +6078,7 @@ class ResponseHandler {
|
|
|
6077
6078
|
if (serverTokenResponse.id_token && !!idTokenClaims) {
|
|
6078
6079
|
cachedIdToken = createIdTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.id_token, this.clientId, claimsTenantId || "");
|
|
6079
6080
|
cachedAccount = buildAccountToCache(this.cacheStorage, authority, this.homeAccountIdentifier, this.cryptoObj.base64Decode, request.correlationId, idTokenClaims, serverTokenResponse.client_info, env, claimsTenantId, authCodePayload, undefined, // nativeAccountId
|
|
6080
|
-
this.logger);
|
|
6081
|
+
this.logger, this.performanceClient);
|
|
6081
6082
|
}
|
|
6082
6083
|
// AccessToken
|
|
6083
6084
|
let cachedAccessToken = null;
|
|
@@ -6228,17 +6229,24 @@ class ResponseHandler {
|
|
|
6228
6229
|
};
|
|
6229
6230
|
}
|
|
6230
6231
|
}
|
|
6231
|
-
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger) {
|
|
6232
|
+
function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
|
|
6232
6233
|
logger?.verbose("setCachedAccount called", correlationId);
|
|
6233
|
-
|
|
6234
|
-
|
|
6235
|
-
|
|
6236
|
-
|
|
6237
|
-
|
|
6238
|
-
|
|
6239
|
-
|
|
6240
|
-
|
|
6234
|
+
/*
|
|
6235
|
+
* Check if base account is already cached. Filter by homeAccountId (identifies
|
|
6236
|
+
* the user's home identity) and environment (identifies the cloud) — the two
|
|
6237
|
+
* tenant-agnostic properties that uniquely locate a base AccountEntity.
|
|
6238
|
+
*/
|
|
6239
|
+
const accountEnvironment = environment || authority.getPreferredCache();
|
|
6240
|
+
const matchedAccounts = cacheStorage.getAccountsFilteredBy({ homeAccountId, environment: accountEnvironment }, correlationId);
|
|
6241
|
+
performanceClient?.addFields({ cacheMatchedAccounts: matchedAccounts.length }, correlationId);
|
|
6242
|
+
if (matchedAccounts.length > 1) {
|
|
6243
|
+
/*
|
|
6244
|
+
* Base accounts are expected to be unique for a given homeAccountId in normal cache usage.
|
|
6245
|
+
* If multiple matches exist, ignore the cache hit rather than arbitrarily choosing one.
|
|
6246
|
+
*/
|
|
6247
|
+
logger?.warning("Multiple base accounts matched homeAccountId. Ignoring cached account and creating a new base account.", correlationId);
|
|
6241
6248
|
}
|
|
6249
|
+
const cachedAccount = matchedAccounts.length === 1 ? matchedAccounts[0] : null;
|
|
6242
6250
|
const baseAccount = cachedAccount ||
|
|
6243
6251
|
createAccountEntity({
|
|
6244
6252
|
homeAccountId,
|
|
@@ -7855,4 +7863,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
7855
7863
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
7856
7864
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
7857
7865
|
exports.version = version;
|
|
7858
|
-
//# sourceMappingURL=index-node-
|
|
7866
|
+
//# sourceMappingURL=index-node-5FoJ00Jc.js.map
|