@azure/msal-common 16.4.1 → 16.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.d.ts +3 -1
- package/dist/account/AccountInfo.d.ts.map +1 -1
- package/dist/account/AccountInfo.mjs +3 -2
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.d.ts +7 -0
- package/dist/cache/CacheManager.d.ts.map +1 -1
- package/dist/cache/CacheManager.mjs +37 -9
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/cache/utils/CacheTypes.d.ts +1 -1
- package/dist/cache/utils/CacheTypes.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +3 -8
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +3 -8
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts.map +1 -1
- package/dist/protocol/Authorize.mjs +3 -7
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.d.ts +4 -0
- package/dist/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist/request/BaseAuthRequest.mjs +1 -1
- package/dist/request/BaseAuthRequest.mjs.map +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +8 -4
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +24 -12
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +11 -0
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist-browser/account/AccountInfo.d.ts +3 -1
- package/dist-browser/account/AccountInfo.d.ts.map +1 -1
- package/dist-browser/account/AccountInfo.mjs +3 -2
- package/dist-browser/account/AccountInfo.mjs.map +1 -1
- package/dist-browser/account/AuthToken.mjs +1 -1
- package/dist-browser/account/CcsCredential.mjs +1 -1
- package/dist-browser/account/ClientInfo.mjs +1 -1
- package/dist-browser/account/TokenClaims.mjs +1 -1
- package/dist-browser/authority/Authority.mjs +1 -1
- package/dist-browser/authority/AuthorityFactory.mjs +1 -1
- package/dist-browser/authority/AuthorityMetadata.mjs +1 -1
- package/dist-browser/authority/AuthorityOptions.mjs +1 -1
- package/dist-browser/authority/AuthorityType.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist-browser/authority/ProtocolMode.mjs +1 -1
- package/dist-browser/authority/RegionDiscovery.mjs +1 -1
- package/dist-browser/cache/CacheManager.d.ts +7 -0
- package/dist-browser/cache/CacheManager.d.ts.map +1 -1
- package/dist-browser/cache/CacheManager.mjs +37 -9
- package/dist-browser/cache/CacheManager.mjs.map +1 -1
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
- package/dist-browser/cache/utils/CacheTypes.d.ts +1 -1
- package/dist-browser/cache/utils/CacheTypes.d.ts.map +1 -1
- package/dist-browser/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist-browser/client/AuthorizationCodeClient.mjs +3 -8
- package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist-browser/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist-browser/client/RefreshTokenClient.mjs +3 -8
- package/dist-browser/client/RefreshTokenClient.mjs.map +1 -1
- package/dist-browser/client/SilentFlowClient.mjs +1 -1
- package/dist-browser/config/ClientConfiguration.mjs +1 -1
- package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
- package/dist-browser/crypto/ICrypto.mjs +1 -1
- package/dist-browser/crypto/JoseHeader.mjs +1 -1
- package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
- package/dist-browser/error/AuthError.mjs +1 -1
- package/dist-browser/error/AuthErrorCodes.mjs +1 -1
- package/dist-browser/error/CacheError.mjs +1 -1
- package/dist-browser/error/CacheErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientAuthError.mjs +1 -1
- package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientConfigurationError.mjs +1 -1
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/JoseHeaderError.mjs +1 -1
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist-browser/error/NetworkError.mjs +1 -1
- package/dist-browser/error/PlatformBrokerError.mjs +1 -1
- package/dist-browser/error/ServerError.mjs +1 -1
- package/dist-browser/index-browser.mjs +1 -1
- package/dist-browser/index.mjs +1 -1
- package/dist-browser/log-strings-mapping.json +2 -2
- package/dist-browser/logger/Logger.mjs +1 -1
- package/dist-browser/network/INetworkModule.mjs +1 -1
- package/dist-browser/network/RequestThumbprint.mjs +1 -1
- package/dist-browser/network/ThrottlingUtils.mjs +1 -1
- package/dist-browser/packageMetadata.d.ts +1 -1
- package/dist-browser/packageMetadata.mjs +2 -2
- package/dist-browser/protocol/Authorize.d.ts.map +1 -1
- package/dist-browser/protocol/Authorize.mjs +3 -7
- package/dist-browser/protocol/Authorize.mjs.map +1 -1
- package/dist-browser/protocol/Token.mjs +1 -1
- package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist-browser/request/BaseAuthRequest.d.ts +4 -0
- package/dist-browser/request/BaseAuthRequest.d.ts.map +1 -1
- package/dist-browser/request/BaseAuthRequest.mjs +1 -1
- package/dist-browser/request/BaseAuthRequest.mjs.map +1 -1
- package/dist-browser/request/RequestParameterBuilder.d.ts +8 -4
- package/dist-browser/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist-browser/request/RequestParameterBuilder.mjs +24 -12
- package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist-browser/request/ScopeSet.mjs +1 -1
- package/dist-browser/response/ResponseHandler.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts +11 -0
- package/dist-browser/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist-browser/url/UrlString.mjs +1 -1
- package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
- package/dist-browser/utils/Constants.mjs +1 -1
- package/dist-browser/utils/FunctionWrappers.mjs +1 -1
- package/dist-browser/utils/ProtocolUtils.mjs +1 -1
- package/dist-browser/utils/StringUtils.mjs +1 -1
- package/dist-browser/utils/TimeUtils.mjs +1 -1
- package/dist-browser/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-5FoJ00Jc.js → index-node-CJl1_QbT.js} +66 -38
- package/lib/index-node-CJl1_QbT.js.map +1 -0
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/lib/types/account/AccountInfo.d.ts +3 -1
- package/lib/types/account/AccountInfo.d.ts.map +1 -1
- package/lib/types/cache/CacheManager.d.ts +7 -0
- package/lib/types/cache/CacheManager.d.ts.map +1 -1
- package/lib/types/cache/utils/CacheTypes.d.ts +1 -1
- package/lib/types/cache/utils/CacheTypes.d.ts.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts.map +1 -1
- package/lib/types/request/BaseAuthRequest.d.ts +4 -0
- package/lib/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +8 -4
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +11 -0
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/account/AccountInfo.ts +5 -2
- package/src/cache/CacheManager.ts +65 -10
- package/src/cache/utils/CacheTypes.ts +1 -0
- package/src/client/AuthorizationCodeClient.ts +8 -13
- package/src/client/RefreshTokenClient.ts +8 -13
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +7 -12
- package/src/request/BaseAuthRequest.ts +4 -0
- package/src/request/RequestParameterBuilder.ts +30 -13
- package/src/telemetry/performance/PerformanceEvent.ts +13 -0
- package/lib/index-node-5FoJ00Jc.js.map +0 -1
package/lib/index-browser.cjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-common v16.
|
|
1
|
+
/*! @azure/msal-common v16.5.1 2026-04-21 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
5
|
-
var indexNode = require('./index-node-
|
|
5
|
+
var indexNode = require('./index-node-CJl1_QbT.js');
|
|
6
6
|
|
|
7
7
|
/*
|
|
8
8
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v16.
|
|
1
|
+
/*! @azure/msal-common v16.5.1 2026-04-21 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -3018,6 +3018,7 @@ function buildTenantProfile(homeAccountId, localAccountId, tenantId, idTokenClai
|
|
|
3018
3018
|
username: preferred_username || upn || "",
|
|
3019
3019
|
loginHint: login_hint,
|
|
3020
3020
|
isHomeTenant: tenantIdMatchesHomeTenant(tenantId, homeAccountId),
|
|
3021
|
+
upn: upn,
|
|
3021
3022
|
};
|
|
3022
3023
|
}
|
|
3023
3024
|
else {
|
|
@@ -3045,7 +3046,7 @@ function updateAccountTenantProfileData(baseAccountInfo, tenantProfile, idTokenC
|
|
|
3045
3046
|
}
|
|
3046
3047
|
// ID token claims override passed in account info and tenant profile
|
|
3047
3048
|
if (idTokenClaims) {
|
|
3048
|
-
// Ignore isHomeTenant
|
|
3049
|
+
// Ignore isHomeTenant which is a utility property of tenant profile but not required in base account info
|
|
3049
3050
|
// eslint-disable-next-line @typescript-eslint/no-unused-vars
|
|
3050
3051
|
const { isHomeTenant, ...claimsSourcedTenantProfile } = buildTenantProfile(baseAccountInfo.homeAccountId, baseAccountInfo.localAccountId, baseAccountInfo.tenantId, idTokenClaims);
|
|
3051
3052
|
updatedAccountInfo = {
|
|
@@ -3597,18 +3598,29 @@ function addSid(parameters, sid) {
|
|
|
3597
3598
|
parameters.set(SID, sid);
|
|
3598
3599
|
}
|
|
3599
3600
|
/**
|
|
3600
|
-
*
|
|
3601
|
-
*
|
|
3602
|
-
|
|
3603
|
-
|
|
3604
|
-
|
|
3605
|
-
|
|
3606
|
-
|
|
3607
|
-
|
|
3608
|
-
|
|
3609
|
-
|
|
3601
|
+
* Adds claims to request parameters, conditionally excluding clientCapabilities
|
|
3602
|
+
* when skipBrokerClaims is true and a brokered flow is in effect.
|
|
3603
|
+
* @param parameters - The request parameters map
|
|
3604
|
+
* @param claims - The claims string from the request
|
|
3605
|
+
* @param clientCapabilities - The client capabilities from configuration
|
|
3606
|
+
* @param skipBrokerClaims - When true and BROKER_CLIENT_ID is present, excludes clientCapabilities from claims
|
|
3607
|
+
*/
|
|
3608
|
+
function addClaims(parameters, claims, clientCapabilities, skipBrokerClaims) {
|
|
3609
|
+
// Skip clientCapabilities if skipBrokerClaims is set to true and this is a brokered authentication flow
|
|
3610
|
+
const configClaims = skipBrokerClaims && parameters.has(BROKER_CLIENT_ID)
|
|
3611
|
+
? undefined
|
|
3612
|
+
: clientCapabilities;
|
|
3613
|
+
if (!StringUtils.isEmptyObj(claims) ||
|
|
3614
|
+
(configClaims && configClaims.length > 0)) {
|
|
3615
|
+
const mergedClaims = addClientCapabilitiesToClaims(claims, configClaims);
|
|
3616
|
+
try {
|
|
3617
|
+
JSON.parse(mergedClaims);
|
|
3618
|
+
}
|
|
3619
|
+
catch (e) {
|
|
3620
|
+
throw createClientConfigurationError(invalidClaims);
|
|
3621
|
+
}
|
|
3622
|
+
parameters.set(CLAIMS, mergedClaims);
|
|
3610
3623
|
}
|
|
3611
|
-
parameters.set(CLAIMS, mergedClaims);
|
|
3612
3624
|
}
|
|
3613
3625
|
/**
|
|
3614
3626
|
* add correlationId
|
|
@@ -4253,7 +4265,7 @@ class Logger {
|
|
|
4253
4265
|
|
|
4254
4266
|
/* eslint-disable header/header */
|
|
4255
4267
|
const name = "@azure/msal-common";
|
|
4256
|
-
const version = "16.
|
|
4268
|
+
const version = "16.5.1";
|
|
4257
4269
|
|
|
4258
4270
|
/*
|
|
4259
4271
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -4439,6 +4451,19 @@ class CacheManager {
|
|
|
4439
4451
|
!(tenantProfile.isHomeTenant === tenantProfileFilter.isHomeTenant)) {
|
|
4440
4452
|
return false;
|
|
4441
4453
|
}
|
|
4454
|
+
if (!!tenantProfileFilter.username &&
|
|
4455
|
+
!(this.matchUsername(tenantProfile.username, tenantProfileFilter.username) ||
|
|
4456
|
+
!this.matchUsername(tenantProfile.upn, tenantProfileFilter.username))) {
|
|
4457
|
+
return false;
|
|
4458
|
+
}
|
|
4459
|
+
if (!!tenantProfileFilter.loginHint &&
|
|
4460
|
+
!this.matchLoginHintWithTenantProfile(tenantProfile, tenantProfileFilter.loginHint)) {
|
|
4461
|
+
return false;
|
|
4462
|
+
}
|
|
4463
|
+
if (!!tenantProfileFilter.upn &&
|
|
4464
|
+
!(tenantProfile.upn === tenantProfileFilter.upn)) {
|
|
4465
|
+
return false;
|
|
4466
|
+
}
|
|
4442
4467
|
return true;
|
|
4443
4468
|
}
|
|
4444
4469
|
idTokenClaimsMatchTenantProfileFilter(idTokenClaims, tenantProfileFilter) {
|
|
@@ -4453,7 +4478,8 @@ class CacheManager {
|
|
|
4453
4478
|
return false;
|
|
4454
4479
|
}
|
|
4455
4480
|
if (!!tenantProfileFilter.username &&
|
|
4456
|
-
!this.matchUsername(idTokenClaims.preferred_username, tenantProfileFilter.username)
|
|
4481
|
+
!this.matchUsername(idTokenClaims.preferred_username, tenantProfileFilter.username) &&
|
|
4482
|
+
!this.matchUsername(idTokenClaims.upn, tenantProfileFilter.username)) {
|
|
4457
4483
|
return false;
|
|
4458
4484
|
}
|
|
4459
4485
|
if (!!tenantProfileFilter.name &&
|
|
@@ -4554,10 +4580,6 @@ class CacheManager {
|
|
|
4554
4580
|
!this.matchHomeAccountId(entity, accountFilter.homeAccountId)) {
|
|
4555
4581
|
return;
|
|
4556
4582
|
}
|
|
4557
|
-
if (!!accountFilter.username &&
|
|
4558
|
-
!this.matchUsername(entity.username, accountFilter.username)) {
|
|
4559
|
-
return;
|
|
4560
|
-
}
|
|
4561
4583
|
if (!!accountFilter.environment &&
|
|
4562
4584
|
!this.matchEnvironment(entity, accountFilter.environment, correlationId)) {
|
|
4563
4585
|
return;
|
|
@@ -4578,6 +4600,9 @@ class CacheManager {
|
|
|
4578
4600
|
const tenantProfileFilter = {
|
|
4579
4601
|
localAccountId: accountFilter?.localAccountId,
|
|
4580
4602
|
name: accountFilter?.name,
|
|
4603
|
+
username: accountFilter?.username,
|
|
4604
|
+
loginHint: accountFilter?.loginHint,
|
|
4605
|
+
upn: accountFilter?.upn,
|
|
4581
4606
|
};
|
|
4582
4607
|
const matchingTenantProfiles = entity.tenantProfiles?.filter((tenantProfile) => {
|
|
4583
4608
|
return this.tenantProfileMatchesFilter(tenantProfile, tenantProfileFilter);
|
|
@@ -4828,11 +4853,11 @@ class CacheManager {
|
|
|
4828
4853
|
const numHomeIdTokens = homeIdTokenMap.size;
|
|
4829
4854
|
if (numHomeIdTokens < 1) {
|
|
4830
4855
|
this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account but none match account entity tenant id, returning first result", correlationId);
|
|
4831
|
-
return idTokenMap.values().next().value;
|
|
4856
|
+
return idTokenMap.values().next().value ?? null;
|
|
4832
4857
|
}
|
|
4833
4858
|
else if (numHomeIdTokens === 1) {
|
|
4834
4859
|
this.commonLogger.info("CacheManager:getIdToken - Multiple ID tokens found for account, defaulting to home tenant profile", correlationId);
|
|
4835
|
-
return homeIdTokenMap.values().next().value;
|
|
4860
|
+
return homeIdTokenMap.values().next().value ?? null;
|
|
4836
4861
|
}
|
|
4837
4862
|
else {
|
|
4838
4863
|
// Multiple ID tokens for home tenant profile, remove all and return null
|
|
@@ -4848,7 +4873,7 @@ class CacheManager {
|
|
|
4848
4873
|
return null;
|
|
4849
4874
|
}
|
|
4850
4875
|
this.commonLogger.info("CacheManager:getIdToken - Returning ID token", correlationId);
|
|
4851
|
-
return idTokenMap.values().next().value;
|
|
4876
|
+
return idTokenMap.values().next().value ?? null;
|
|
4852
4877
|
}
|
|
4853
4878
|
/**
|
|
4854
4879
|
* Gets all idTokens matching the given filter
|
|
@@ -5161,6 +5186,17 @@ class CacheManager {
|
|
|
5161
5186
|
typeof cachedUsername === "string" &&
|
|
5162
5187
|
filterUsername?.toLowerCase() === cachedUsername.toLowerCase());
|
|
5163
5188
|
}
|
|
5189
|
+
/**
|
|
5190
|
+
* helper to match loginhints
|
|
5191
|
+
* @param entity
|
|
5192
|
+
* @param loginHint
|
|
5193
|
+
* @returns
|
|
5194
|
+
*/
|
|
5195
|
+
matchLoginHintWithTenantProfile(tenantProfile, loginHintFilter) {
|
|
5196
|
+
return (tenantProfile.loginHint === loginHintFilter ||
|
|
5197
|
+
tenantProfile.username === loginHintFilter ||
|
|
5198
|
+
tenantProfile.upn === loginHintFilter);
|
|
5199
|
+
}
|
|
5164
5200
|
/**
|
|
5165
5201
|
* helper to match assertion
|
|
5166
5202
|
* @param value
|
|
@@ -5253,6 +5289,10 @@ class CacheManager {
|
|
|
5253
5289
|
if (tokenClaims.upn === loginHint) {
|
|
5254
5290
|
return true;
|
|
5255
5291
|
}
|
|
5292
|
+
// check login hint against list of emails in token claims
|
|
5293
|
+
if (tokenClaims.emails && tokenClaims.emails.includes(loginHint)) {
|
|
5294
|
+
return true;
|
|
5295
|
+
}
|
|
5256
5296
|
return false;
|
|
5257
5297
|
}
|
|
5258
5298
|
/**
|
|
@@ -6717,11 +6757,6 @@ class AuthorizationCodeClient {
|
|
|
6717
6757
|
throw createClientConfigurationError(missingSshJwk);
|
|
6718
6758
|
}
|
|
6719
6759
|
}
|
|
6720
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
6721
|
-
(this.config.authOptions.clientCapabilities &&
|
|
6722
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
6723
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
6724
|
-
}
|
|
6725
6760
|
let ccsCred = undefined;
|
|
6726
6761
|
if (request.clientInfo) {
|
|
6727
6762
|
try {
|
|
@@ -6770,6 +6805,7 @@ class AuthorizationCodeClient {
|
|
|
6770
6805
|
});
|
|
6771
6806
|
}
|
|
6772
6807
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
6808
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
6773
6809
|
return mapToQueryString(parameters);
|
|
6774
6810
|
}
|
|
6775
6811
|
/**
|
|
@@ -7001,11 +7037,6 @@ class RefreshTokenClient {
|
|
|
7001
7037
|
throw createClientConfigurationError(missingSshJwk);
|
|
7002
7038
|
}
|
|
7003
7039
|
}
|
|
7004
|
-
if (!StringUtils.isEmptyObj(request.claims) ||
|
|
7005
|
-
(this.config.authOptions.clientCapabilities &&
|
|
7006
|
-
this.config.authOptions.clientCapabilities.length > 0)) {
|
|
7007
|
-
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities);
|
|
7008
|
-
}
|
|
7009
7040
|
if (this.config.systemOptions.preventCorsPreflight &&
|
|
7010
7041
|
request.ccsCredential) {
|
|
7011
7042
|
switch (request.ccsCredential.type) {
|
|
@@ -7032,6 +7063,7 @@ class RefreshTokenClient {
|
|
|
7032
7063
|
});
|
|
7033
7064
|
}
|
|
7034
7065
|
instrumentBrokerParams(parameters, request.correlationId, this.performanceClient);
|
|
7066
|
+
addClaims(parameters, request.claims, this.config.authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
7035
7067
|
return mapToQueryString(parameters);
|
|
7036
7068
|
}
|
|
7037
7069
|
}
|
|
@@ -7285,14 +7317,10 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
|
|
|
7285
7317
|
if (request.state) {
|
|
7286
7318
|
addState(parameters, request.state);
|
|
7287
7319
|
}
|
|
7288
|
-
if (request.claims ||
|
|
7289
|
-
(authOptions.clientCapabilities &&
|
|
7290
|
-
authOptions.clientCapabilities.length > 0)) {
|
|
7291
|
-
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
7292
|
-
}
|
|
7293
7320
|
if (request.embeddedClientId) {
|
|
7294
7321
|
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
7295
7322
|
}
|
|
7323
|
+
addClaims(parameters, request.claims, authOptions.clientCapabilities, request.skipBrokerClaims);
|
|
7296
7324
|
// If extraQueryParameters includes instance_aware its value will be added when extraQueryParameters are added
|
|
7297
7325
|
if (authOptions.instanceAware &&
|
|
7298
7326
|
(!request.extraQueryParameters ||
|
|
@@ -7863,4 +7891,4 @@ exports.invokeAsync = invokeAsync;
|
|
|
7863
7891
|
exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
|
|
7864
7892
|
exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
|
|
7865
7893
|
exports.version = version;
|
|
7866
|
-
//# sourceMappingURL=index-node-
|
|
7894
|
+
//# sourceMappingURL=index-node-CJl1_QbT.js.map
|