@azure/msal-common 16.5.2 → 16.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/browser/package.json +1 -1
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +140 -5
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +10 -1
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +1 -1
- package/dist/client/RefreshTokenClient.mjs +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.mjs +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +4 -3
- package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/PlatformBrokerError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/index-node.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +1 -1
- package/dist/protocol/Token.mjs +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/BaseAuthRequest.mjs +1 -1
- package/dist/request/RequestParameterBuilder.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/ResponseHandler.mjs +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.mjs +1 -1
- package/dist-browser/account/AccountInfo.mjs +1 -1
- package/dist-browser/account/AuthToken.mjs +1 -1
- package/dist-browser/account/CcsCredential.mjs +1 -1
- package/dist-browser/account/ClientInfo.mjs +1 -1
- package/dist-browser/account/TokenClaims.mjs +1 -1
- package/dist-browser/authority/Authority.mjs +140 -5
- package/dist-browser/authority/Authority.mjs.map +1 -1
- package/dist-browser/authority/AuthorityFactory.mjs +1 -1
- package/dist-browser/authority/AuthorityMetadata.mjs +10 -1
- package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist-browser/authority/AuthorityOptions.mjs +1 -1
- package/dist-browser/authority/AuthorityType.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist-browser/authority/ProtocolMode.mjs +1 -1
- package/dist-browser/authority/RegionDiscovery.mjs +1 -1
- package/dist-browser/cache/CacheManager.mjs +1 -1
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
- package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
- package/dist-browser/client/AuthorizationCodeClient.mjs +1 -1
- package/dist-browser/client/RefreshTokenClient.mjs +1 -1
- package/dist-browser/client/SilentFlowClient.mjs +1 -1
- package/dist-browser/config/ClientConfiguration.mjs +1 -1
- package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
- package/dist-browser/crypto/ICrypto.mjs +1 -1
- package/dist-browser/crypto/JoseHeader.mjs +1 -1
- package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
- package/dist-browser/error/AuthError.mjs +1 -1
- package/dist-browser/error/AuthErrorCodes.mjs +1 -1
- package/dist-browser/error/CacheError.mjs +1 -1
- package/dist-browser/error/CacheErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientAuthError.mjs +1 -1
- package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientConfigurationError.mjs +1 -1
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +4 -3
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/JoseHeaderError.mjs +1 -1
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist-browser/error/NetworkError.mjs +1 -1
- package/dist-browser/error/PlatformBrokerError.mjs +1 -1
- package/dist-browser/error/ServerError.mjs +1 -1
- package/dist-browser/index-browser.mjs +1 -1
- package/dist-browser/index.mjs +1 -1
- package/dist-browser/log-strings-mapping.json +4 -4
- package/dist-browser/logger/Logger.mjs +1 -1
- package/dist-browser/network/INetworkModule.mjs +1 -1
- package/dist-browser/network/RequestThumbprint.mjs +1 -1
- package/dist-browser/network/ThrottlingUtils.mjs +1 -1
- package/dist-browser/packageMetadata.mjs +2 -2
- package/dist-browser/protocol/Authorize.mjs +1 -1
- package/dist-browser/protocol/Token.mjs +1 -1
- package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist-browser/request/BaseAuthRequest.mjs +1 -1
- package/dist-browser/request/RequestParameterBuilder.mjs +1 -1
- package/dist-browser/request/ScopeSet.mjs +1 -1
- package/dist-browser/response/ResponseHandler.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist-browser/url/UrlString.mjs +1 -1
- package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
- package/dist-browser/utils/Constants.mjs +1 -1
- package/dist-browser/utils/FunctionWrappers.mjs +1 -1
- package/dist-browser/utils/ProtocolUtils.mjs +1 -1
- package/dist-browser/utils/StringUtils.mjs +1 -1
- package/dist-browser/utils/TimeUtils.mjs +1 -1
- package/dist-browser/utils/UrlUtils.mjs +1 -1
- package/lib/index-browser.cjs +2 -2
- package/lib/{index-node-ByMjZ1FK.js → index-node-Cr_rbZzO.js} +152 -6
- package/lib/index-node-Cr_rbZzO.js.map +1 -0
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/node/package.json +1 -1
- package/package.json +12 -10
- package/src/authority/Authority.ts +189 -2
- package/src/authority/AuthorityMetadata.ts +9 -0
- package/src/error/ClientConfigurationErrorCodes.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/{dist-browser → types}/authority/Authority.d.ts +47 -1
- package/{dist-browser → types}/authority/Authority.d.ts.map +1 -1
- package/{dist-browser → types}/authority/AuthorityMetadata.d.ts.map +1 -1
- package/{dist → types}/error/ClientConfigurationErrorCodes.d.ts +1 -0
- package/{dist-browser → types}/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
- package/types/index-browser.d.cts +1 -0
- package/types/index-node.d.cts +1 -0
- package/types/index.d.cts +1 -0
- package/types/packageMetadata.d.ts +3 -0
- package/dist/account/AccountInfo.d.ts +0 -73
- package/dist/account/AccountInfo.d.ts.map +0 -1
- package/dist/account/AuthToken.d.ts +0 -24
- package/dist/account/AuthToken.d.ts.map +0 -1
- package/dist/account/CcsCredential.d.ts +0 -10
- package/dist/account/CcsCredential.d.ts.map +0 -1
- package/dist/account/ClientCredentials.d.ts +0 -20
- package/dist/account/ClientCredentials.d.ts.map +0 -1
- package/dist/account/ClientInfo.d.ts +0 -23
- package/dist/account/ClientInfo.d.ts.map +0 -1
- package/dist/account/TokenClaims.d.ts +0 -88
- package/dist/account/TokenClaims.d.ts.map +0 -1
- package/dist/authority/Authority.d.ts +0 -255
- package/dist/authority/Authority.d.ts.map +0 -1
- package/dist/authority/AuthorityFactory.d.ts +0 -23
- package/dist/authority/AuthorityFactory.d.ts.map +0 -1
- package/dist/authority/AuthorityMetadata.d.ts +0 -44
- package/dist/authority/AuthorityMetadata.d.ts.map +0 -1
- package/dist/authority/AuthorityOptions.d.ts +0 -27
- package/dist/authority/AuthorityOptions.d.ts.map +0 -1
- package/dist/authority/AuthorityType.d.ts +0 -11
- package/dist/authority/AuthorityType.d.ts.map +0 -1
- package/dist/authority/AzureRegion.d.ts +0 -2
- package/dist/authority/AzureRegion.d.ts.map +0 -1
- package/dist/authority/AzureRegionConfiguration.d.ts +0 -6
- package/dist/authority/AzureRegionConfiguration.d.ts.map +0 -1
- package/dist/authority/CloudDiscoveryMetadata.d.ts +0 -6
- package/dist/authority/CloudDiscoveryMetadata.d.ts.map +0 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts +0 -14
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +0 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.d.ts +0 -10
- package/dist/authority/CloudInstanceDiscoveryResponse.d.ts.map +0 -1
- package/dist/authority/ImdsOptions.d.ts +0 -6
- package/dist/authority/ImdsOptions.d.ts.map +0 -1
- package/dist/authority/OIDCOptions.d.ts +0 -9
- package/dist/authority/OIDCOptions.d.ts.map +0 -1
- package/dist/authority/OpenIdConfigResponse.d.ts +0 -12
- package/dist/authority/OpenIdConfigResponse.d.ts.map +0 -1
- package/dist/authority/ProtocolMode.d.ts +0 -20
- package/dist/authority/ProtocolMode.d.ts.map +0 -1
- package/dist/authority/RegionDiscovery.d.ts +0 -33
- package/dist/authority/RegionDiscovery.d.ts.map +0 -1
- package/dist/authority/RegionDiscoveryMetadata.d.ts +0 -7
- package/dist/authority/RegionDiscoveryMetadata.d.ts.map +0 -1
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts +0 -17
- package/dist/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +0 -1
- package/dist/cache/CacheManager.d.ts +0 -485
- package/dist/cache/CacheManager.d.ts.map +0 -1
- package/dist/cache/entities/AccessTokenEntity.d.ts +0 -24
- package/dist/cache/entities/AccessTokenEntity.d.ts.map +0 -1
- package/dist/cache/entities/AccountEntity.d.ts +0 -47
- package/dist/cache/entities/AccountEntity.d.ts.map +0 -1
- package/dist/cache/entities/AppMetadataEntity.d.ts +0 -12
- package/dist/cache/entities/AppMetadataEntity.d.ts.map +0 -1
- package/dist/cache/entities/AuthorityMetadataEntity.d.ts +0 -16
- package/dist/cache/entities/AuthorityMetadataEntity.d.ts.map +0 -1
- package/dist/cache/entities/CacheRecord.d.ts +0 -14
- package/dist/cache/entities/CacheRecord.d.ts.map +0 -1
- package/dist/cache/entities/CredentialEntity.d.ts +0 -31
- package/dist/cache/entities/CredentialEntity.d.ts.map +0 -1
- package/dist/cache/entities/IdTokenEntity.d.ts +0 -9
- package/dist/cache/entities/IdTokenEntity.d.ts.map +0 -1
- package/dist/cache/entities/RefreshTokenEntity.d.ts +0 -8
- package/dist/cache/entities/RefreshTokenEntity.d.ts.map +0 -1
- package/dist/cache/entities/ServerTelemetryEntity.d.ts +0 -7
- package/dist/cache/entities/ServerTelemetryEntity.d.ts.map +0 -1
- package/dist/cache/entities/ThrottlingEntity.d.ts +0 -8
- package/dist/cache/entities/ThrottlingEntity.d.ts.map +0 -1
- package/dist/cache/interface/ICacheManager.d.ts +0 -188
- package/dist/cache/interface/ICacheManager.d.ts.map +0 -1
- package/dist/cache/interface/ICachePlugin.d.ts +0 -6
- package/dist/cache/interface/ICachePlugin.d.ts.map +0 -1
- package/dist/cache/interface/ISerializableTokenCache.d.ts +0 -5
- package/dist/cache/interface/ISerializableTokenCache.d.ts.map +0 -1
- package/dist/cache/persistence/TokenCacheContext.d.ts +0 -24
- package/dist/cache/persistence/TokenCacheContext.d.ts.map +0 -1
- package/dist/cache/utils/AccountEntityUtils.d.ts +0 -53
- package/dist/cache/utils/AccountEntityUtils.d.ts.map +0 -1
- package/dist/cache/utils/CacheHelpers.d.ts +0 -86
- package/dist/cache/utils/CacheHelpers.d.ts.map +0 -1
- package/dist/cache/utils/CacheTypes.d.ts +0 -69
- package/dist/cache/utils/CacheTypes.d.ts.map +0 -1
- package/dist/client/AuthorizationCodeClient.d.ts +0 -64
- package/dist/client/AuthorizationCodeClient.d.ts.map +0 -1
- package/dist/client/RefreshTokenClient.d.ts +0 -49
- package/dist/client/RefreshTokenClient.d.ts.map +0 -1
- package/dist/client/SilentFlowClient.d.ts +0 -35
- package/dist/client/SilentFlowClient.d.ts.map +0 -1
- package/dist/config/AppTokenProvider.d.ts +0 -39
- package/dist/config/AppTokenProvider.d.ts.map +0 -1
- package/dist/config/ClientConfiguration.d.ts +0 -145
- package/dist/config/ClientConfiguration.d.ts.map +0 -1
- package/dist/constants/AADServerParamKeys.d.ts +0 -61
- package/dist/constants/AADServerParamKeys.d.ts.map +0 -1
- package/dist/crypto/ICrypto.d.ts +0 -71
- package/dist/crypto/ICrypto.d.ts.map +0 -1
- package/dist/crypto/IGuidGenerator.d.ts +0 -5
- package/dist/crypto/IGuidGenerator.d.ts.map +0 -1
- package/dist/crypto/JoseHeader.d.ts +0 -23
- package/dist/crypto/JoseHeader.d.ts.map +0 -1
- package/dist/crypto/PopTokenGenerator.d.ts +0 -60
- package/dist/crypto/PopTokenGenerator.d.ts.map +0 -1
- package/dist/crypto/SignedHttpRequest.d.ts +0 -16
- package/dist/crypto/SignedHttpRequest.d.ts.map +0 -1
- package/dist/error/AuthError.d.ts +0 -33
- package/dist/error/AuthError.d.ts.map +0 -1
- package/dist/error/AuthErrorCodes.d.ts +0 -6
- package/dist/error/AuthErrorCodes.d.ts.map +0 -1
- package/dist/error/CacheError.d.ts +0 -23
- package/dist/error/CacheError.d.ts.map +0 -1
- package/dist/error/CacheErrorCodes.d.ts +0 -3
- package/dist/error/CacheErrorCodes.d.ts.map +0 -1
- package/dist/error/ClientAuthError.d.ts +0 -14
- package/dist/error/ClientAuthError.d.ts.map +0 -1
- package/dist/error/ClientAuthErrorCodes.d.ts +0 -40
- package/dist/error/ClientAuthErrorCodes.d.ts.map +0 -1
- package/dist/error/ClientConfigurationError.d.ts +0 -11
- package/dist/error/ClientConfigurationError.d.ts.map +0 -1
- package/dist/error/ClientConfigurationErrorCodes.d.ts.map +0 -1
- package/dist/error/InteractionRequiredAuthError.d.ts +0 -48
- package/dist/error/InteractionRequiredAuthError.d.ts.map +0 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.d.ts +0 -46
- package/dist/error/InteractionRequiredAuthErrorCodes.d.ts.map +0 -1
- package/dist/error/JoseHeaderError.d.ts +0 -12
- package/dist/error/JoseHeaderError.d.ts.map +0 -1
- package/dist/error/JoseHeaderErrorCodes.d.ts +0 -3
- package/dist/error/JoseHeaderErrorCodes.d.ts.map +0 -1
- package/dist/error/NetworkError.d.ts +0 -19
- package/dist/error/NetworkError.d.ts.map +0 -1
- package/dist/error/PlatformBrokerError.d.ts +0 -16
- package/dist/error/PlatformBrokerError.d.ts.map +0 -1
- package/dist/error/ServerError.d.ts +0 -16
- package/dist/error/ServerError.d.ts.map +0 -1
- package/dist/exports-browser-only.d.ts +0 -11
- package/dist/exports-browser-only.d.ts.map +0 -1
- package/dist/exports-common.d.ts +0 -86
- package/dist/exports-common.d.ts.map +0 -1
- package/dist/exports-node-only.d.ts +0 -16
- package/dist/exports-node-only.d.ts.map +0 -1
- package/dist/index-browser.d.ts +0 -7
- package/dist/index-browser.d.ts.map +0 -1
- package/dist/index-node.d.ts +0 -7
- package/dist/index-node.d.ts.map +0 -1
- package/dist/index.d.ts +0 -12
- package/dist/index.d.ts.map +0 -1
- package/dist/logger/Logger.d.ts +0 -119
- package/dist/logger/Logger.d.ts.map +0 -1
- package/dist/network/INetworkModule.d.ts +0 -29
- package/dist/network/INetworkModule.d.ts.map +0 -1
- package/dist/network/NetworkResponse.d.ts +0 -6
- package/dist/network/NetworkResponse.d.ts.map +0 -1
- package/dist/network/RequestThumbprint.d.ts +0 -22
- package/dist/network/RequestThumbprint.d.ts.map +0 -1
- package/dist/network/ThrottlingUtils.d.ts +0 -43
- package/dist/network/ThrottlingUtils.d.ts.map +0 -1
- package/dist/packageMetadata.d.ts +0 -3
- package/dist/packageMetadata.d.ts.map +0 -1
- package/dist/protocol/Authorize.d.ts +0 -37
- package/dist/protocol/Authorize.d.ts.map +0 -1
- package/dist/protocol/Token.d.ts +0 -40
- package/dist/protocol/Token.d.ts.map +0 -1
- package/dist/request/AuthenticationHeaderParser.d.ts +0 -20
- package/dist/request/AuthenticationHeaderParser.d.ts.map +0 -1
- package/dist/request/BaseAuthRequest.d.ts +0 -111
- package/dist/request/BaseAuthRequest.d.ts.map +0 -1
- package/dist/request/CommonAuthorizationCodeRequest.d.ts +0 -32
- package/dist/request/CommonAuthorizationCodeRequest.d.ts.map +0 -1
- package/dist/request/CommonAuthorizationUrlRequest.d.ts +0 -71
- package/dist/request/CommonAuthorizationUrlRequest.d.ts.map +0 -1
- package/dist/request/CommonEndSessionRequest.d.ts +0 -36
- package/dist/request/CommonEndSessionRequest.d.ts.map +0 -1
- package/dist/request/CommonRefreshTokenRequest.d.ts +0 -24
- package/dist/request/CommonRefreshTokenRequest.d.ts.map +0 -1
- package/dist/request/CommonSilentFlowRequest.d.ts +0 -24
- package/dist/request/CommonSilentFlowRequest.d.ts.map +0 -1
- package/dist/request/NativeRequest.d.ts +0 -21
- package/dist/request/NativeRequest.d.ts.map +0 -1
- package/dist/request/NativeSignOutRequest.d.ts +0 -6
- package/dist/request/NativeSignOutRequest.d.ts.map +0 -1
- package/dist/request/RequestParameterBuilder.d.ts +0 -226
- package/dist/request/RequestParameterBuilder.d.ts.map +0 -1
- package/dist/request/ScopeSet.d.ts +0 -83
- package/dist/request/ScopeSet.d.ts.map +0 -1
- package/dist/request/StoreInCache.d.ts +0 -9
- package/dist/request/StoreInCache.d.ts.map +0 -1
- package/dist/response/AuthenticationResult.d.ts +0 -43
- package/dist/response/AuthenticationResult.d.ts.map +0 -1
- package/dist/response/AuthorizationCodePayload.d.ts +0 -14
- package/dist/response/AuthorizationCodePayload.d.ts.map +0 -1
- package/dist/response/AuthorizeResponse.d.ts +0 -83
- package/dist/response/AuthorizeResponse.d.ts.map +0 -1
- package/dist/response/DeviceCodeResponse.d.ts +0 -26
- package/dist/response/DeviceCodeResponse.d.ts.map +0 -1
- package/dist/response/ExternalTokenResponse.d.ts +0 -16
- package/dist/response/ExternalTokenResponse.d.ts.map +0 -1
- package/dist/response/IMDSBadResponse.d.ts +0 -5
- package/dist/response/IMDSBadResponse.d.ts.map +0 -1
- package/dist/response/ResponseHandler.d.ts +0 -63
- package/dist/response/ResponseHandler.d.ts.map +0 -1
- package/dist/response/ServerAuthorizationTokenResponse.d.ts +0 -48
- package/dist/response/ServerAuthorizationTokenResponse.d.ts.map +0 -1
- package/dist/telemetry/performance/IPerformanceClient.d.ts +0 -30
- package/dist/telemetry/performance/IPerformanceClient.d.ts.map +0 -1
- package/dist/telemetry/performance/IPerformanceMeasurement.d.ts +0 -6
- package/dist/telemetry/performance/IPerformanceMeasurement.d.ts.map +0 -1
- package/dist/telemetry/performance/PerformanceClient.d.ts +0 -170
- package/dist/telemetry/performance/PerformanceClient.d.ts.map +0 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +0 -425
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +0 -1
- package/dist/telemetry/performance/PerformanceEvents.d.ts +0 -66
- package/dist/telemetry/performance/PerformanceEvents.d.ts.map +0 -1
- package/dist/telemetry/performance/StubPerformanceClient.d.ts +0 -21
- package/dist/telemetry/performance/StubPerformanceClient.d.ts.map +0 -1
- package/dist/telemetry/server/ServerTelemetryManager.d.ts +0 -79
- package/dist/telemetry/server/ServerTelemetryManager.d.ts.map +0 -1
- package/dist/telemetry/server/ServerTelemetryRequest.d.ts +0 -9
- package/dist/telemetry/server/ServerTelemetryRequest.d.ts.map +0 -1
- package/dist/url/IUri.d.ts +0 -13
- package/dist/url/IUri.d.ts.map +0 -1
- package/dist/url/UrlString.d.ts +0 -44
- package/dist/url/UrlString.d.ts.map +0 -1
- package/dist/utils/ClientAssertionUtils.d.ts +0 -3
- package/dist/utils/ClientAssertionUtils.d.ts.map +0 -1
- package/dist/utils/Constants.d.ts +0 -283
- package/dist/utils/Constants.d.ts.map +0 -1
- package/dist/utils/FunctionWrappers.d.ts +0 -28
- package/dist/utils/FunctionWrappers.d.ts.map +0 -1
- package/dist/utils/MsalTypes.d.ts +0 -7
- package/dist/utils/MsalTypes.d.ts.map +0 -1
- package/dist/utils/ProtocolUtils.d.ts +0 -22
- package/dist/utils/ProtocolUtils.d.ts.map +0 -1
- package/dist/utils/StateTypes.d.ts +0 -15
- package/dist/utils/StateTypes.d.ts.map +0 -1
- package/dist/utils/StringUtils.d.ts +0 -35
- package/dist/utils/StringUtils.d.ts.map +0 -1
- package/dist/utils/TimeUtils.d.ts +0 -43
- package/dist/utils/TimeUtils.d.ts.map +0 -1
- package/dist/utils/UrlUtils.d.ts +0 -23
- package/dist/utils/UrlUtils.d.ts.map +0 -1
- package/dist-browser/error/ClientConfigurationErrorCodes.d.ts +0 -23
- package/dist-browser/packageMetadata.d.ts +0 -3
- package/lib/index-node-ByMjZ1FK.js.map +0 -1
- package/lib/types/account/AccountInfo.d.ts +0 -73
- package/lib/types/account/AccountInfo.d.ts.map +0 -1
- package/lib/types/account/AuthToken.d.ts +0 -24
- package/lib/types/account/AuthToken.d.ts.map +0 -1
- package/lib/types/account/CcsCredential.d.ts +0 -10
- package/lib/types/account/CcsCredential.d.ts.map +0 -1
- package/lib/types/account/ClientCredentials.d.ts +0 -20
- package/lib/types/account/ClientCredentials.d.ts.map +0 -1
- package/lib/types/account/ClientInfo.d.ts +0 -23
- package/lib/types/account/ClientInfo.d.ts.map +0 -1
- package/lib/types/account/TokenClaims.d.ts +0 -88
- package/lib/types/account/TokenClaims.d.ts.map +0 -1
- package/lib/types/authority/Authority.d.ts +0 -255
- package/lib/types/authority/Authority.d.ts.map +0 -1
- package/lib/types/authority/AuthorityFactory.d.ts +0 -23
- package/lib/types/authority/AuthorityFactory.d.ts.map +0 -1
- package/lib/types/authority/AuthorityMetadata.d.ts +0 -44
- package/lib/types/authority/AuthorityMetadata.d.ts.map +0 -1
- package/lib/types/authority/AuthorityOptions.d.ts +0 -27
- package/lib/types/authority/AuthorityOptions.d.ts.map +0 -1
- package/lib/types/authority/AuthorityType.d.ts +0 -11
- package/lib/types/authority/AuthorityType.d.ts.map +0 -1
- package/lib/types/authority/AzureRegion.d.ts +0 -2
- package/lib/types/authority/AzureRegion.d.ts.map +0 -1
- package/lib/types/authority/AzureRegionConfiguration.d.ts +0 -6
- package/lib/types/authority/AzureRegionConfiguration.d.ts.map +0 -1
- package/lib/types/authority/CloudDiscoveryMetadata.d.ts +0 -6
- package/lib/types/authority/CloudDiscoveryMetadata.d.ts.map +0 -1
- package/lib/types/authority/CloudInstanceDiscoveryErrorResponse.d.ts +0 -14
- package/lib/types/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +0 -1
- package/lib/types/authority/CloudInstanceDiscoveryResponse.d.ts +0 -10
- package/lib/types/authority/CloudInstanceDiscoveryResponse.d.ts.map +0 -1
- package/lib/types/authority/ImdsOptions.d.ts +0 -6
- package/lib/types/authority/ImdsOptions.d.ts.map +0 -1
- package/lib/types/authority/OIDCOptions.d.ts +0 -9
- package/lib/types/authority/OIDCOptions.d.ts.map +0 -1
- package/lib/types/authority/OpenIdConfigResponse.d.ts +0 -12
- package/lib/types/authority/OpenIdConfigResponse.d.ts.map +0 -1
- package/lib/types/authority/ProtocolMode.d.ts +0 -20
- package/lib/types/authority/ProtocolMode.d.ts.map +0 -1
- package/lib/types/authority/RegionDiscovery.d.ts +0 -33
- package/lib/types/authority/RegionDiscovery.d.ts.map +0 -1
- package/lib/types/authority/RegionDiscoveryMetadata.d.ts +0 -7
- package/lib/types/authority/RegionDiscoveryMetadata.d.ts.map +0 -1
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts +0 -17
- package/lib/types/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +0 -1
- package/lib/types/cache/CacheManager.d.ts +0 -485
- package/lib/types/cache/CacheManager.d.ts.map +0 -1
- package/lib/types/cache/entities/AccessTokenEntity.d.ts +0 -24
- package/lib/types/cache/entities/AccessTokenEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/AccountEntity.d.ts +0 -47
- package/lib/types/cache/entities/AccountEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/AppMetadataEntity.d.ts +0 -12
- package/lib/types/cache/entities/AppMetadataEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/AuthorityMetadataEntity.d.ts +0 -16
- package/lib/types/cache/entities/AuthorityMetadataEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/CacheRecord.d.ts +0 -14
- package/lib/types/cache/entities/CacheRecord.d.ts.map +0 -1
- package/lib/types/cache/entities/CredentialEntity.d.ts +0 -31
- package/lib/types/cache/entities/CredentialEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/IdTokenEntity.d.ts +0 -9
- package/lib/types/cache/entities/IdTokenEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/RefreshTokenEntity.d.ts +0 -8
- package/lib/types/cache/entities/RefreshTokenEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/ServerTelemetryEntity.d.ts +0 -7
- package/lib/types/cache/entities/ServerTelemetryEntity.d.ts.map +0 -1
- package/lib/types/cache/entities/ThrottlingEntity.d.ts +0 -8
- package/lib/types/cache/entities/ThrottlingEntity.d.ts.map +0 -1
- package/lib/types/cache/interface/ICacheManager.d.ts +0 -188
- package/lib/types/cache/interface/ICacheManager.d.ts.map +0 -1
- package/lib/types/cache/interface/ICachePlugin.d.ts +0 -6
- package/lib/types/cache/interface/ICachePlugin.d.ts.map +0 -1
- package/lib/types/cache/interface/ISerializableTokenCache.d.ts +0 -5
- package/lib/types/cache/interface/ISerializableTokenCache.d.ts.map +0 -1
- package/lib/types/cache/persistence/TokenCacheContext.d.ts +0 -24
- package/lib/types/cache/persistence/TokenCacheContext.d.ts.map +0 -1
- package/lib/types/cache/utils/AccountEntityUtils.d.ts +0 -53
- package/lib/types/cache/utils/AccountEntityUtils.d.ts.map +0 -1
- package/lib/types/cache/utils/CacheHelpers.d.ts +0 -86
- package/lib/types/cache/utils/CacheHelpers.d.ts.map +0 -1
- package/lib/types/cache/utils/CacheTypes.d.ts +0 -69
- package/lib/types/cache/utils/CacheTypes.d.ts.map +0 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +0 -64
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +0 -1
- package/lib/types/client/RefreshTokenClient.d.ts +0 -49
- package/lib/types/client/RefreshTokenClient.d.ts.map +0 -1
- package/lib/types/client/SilentFlowClient.d.ts +0 -35
- package/lib/types/client/SilentFlowClient.d.ts.map +0 -1
- package/lib/types/config/AppTokenProvider.d.ts +0 -39
- package/lib/types/config/AppTokenProvider.d.ts.map +0 -1
- package/lib/types/config/ClientConfiguration.d.ts +0 -145
- package/lib/types/config/ClientConfiguration.d.ts.map +0 -1
- package/lib/types/constants/AADServerParamKeys.d.ts +0 -61
- package/lib/types/constants/AADServerParamKeys.d.ts.map +0 -1
- package/lib/types/crypto/ICrypto.d.ts +0 -71
- package/lib/types/crypto/ICrypto.d.ts.map +0 -1
- package/lib/types/crypto/IGuidGenerator.d.ts +0 -5
- package/lib/types/crypto/IGuidGenerator.d.ts.map +0 -1
- package/lib/types/crypto/JoseHeader.d.ts +0 -23
- package/lib/types/crypto/JoseHeader.d.ts.map +0 -1
- package/lib/types/crypto/PopTokenGenerator.d.ts +0 -60
- package/lib/types/crypto/PopTokenGenerator.d.ts.map +0 -1
- package/lib/types/crypto/SignedHttpRequest.d.ts +0 -16
- package/lib/types/crypto/SignedHttpRequest.d.ts.map +0 -1
- package/lib/types/error/AuthError.d.ts +0 -33
- package/lib/types/error/AuthError.d.ts.map +0 -1
- package/lib/types/error/AuthErrorCodes.d.ts +0 -6
- package/lib/types/error/AuthErrorCodes.d.ts.map +0 -1
- package/lib/types/error/CacheError.d.ts +0 -23
- package/lib/types/error/CacheError.d.ts.map +0 -1
- package/lib/types/error/CacheErrorCodes.d.ts +0 -3
- package/lib/types/error/CacheErrorCodes.d.ts.map +0 -1
- package/lib/types/error/ClientAuthError.d.ts +0 -14
- package/lib/types/error/ClientAuthError.d.ts.map +0 -1
- package/lib/types/error/ClientAuthErrorCodes.d.ts +0 -40
- package/lib/types/error/ClientAuthErrorCodes.d.ts.map +0 -1
- package/lib/types/error/ClientConfigurationError.d.ts +0 -11
- package/lib/types/error/ClientConfigurationError.d.ts.map +0 -1
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts +0 -23
- package/lib/types/error/ClientConfigurationErrorCodes.d.ts.map +0 -1
- package/lib/types/error/InteractionRequiredAuthError.d.ts +0 -48
- package/lib/types/error/InteractionRequiredAuthError.d.ts.map +0 -1
- package/lib/types/error/InteractionRequiredAuthErrorCodes.d.ts +0 -46
- package/lib/types/error/InteractionRequiredAuthErrorCodes.d.ts.map +0 -1
- package/lib/types/error/JoseHeaderError.d.ts +0 -12
- package/lib/types/error/JoseHeaderError.d.ts.map +0 -1
- package/lib/types/error/JoseHeaderErrorCodes.d.ts +0 -3
- package/lib/types/error/JoseHeaderErrorCodes.d.ts.map +0 -1
- package/lib/types/error/NetworkError.d.ts +0 -19
- package/lib/types/error/NetworkError.d.ts.map +0 -1
- package/lib/types/error/PlatformBrokerError.d.ts +0 -16
- package/lib/types/error/PlatformBrokerError.d.ts.map +0 -1
- package/lib/types/error/ServerError.d.ts +0 -16
- package/lib/types/error/ServerError.d.ts.map +0 -1
- package/lib/types/exports-browser-only.d.ts +0 -11
- package/lib/types/exports-browser-only.d.ts.map +0 -1
- package/lib/types/exports-common.d.ts +0 -86
- package/lib/types/exports-common.d.ts.map +0 -1
- package/lib/types/exports-node-only.d.ts +0 -16
- package/lib/types/exports-node-only.d.ts.map +0 -1
- package/lib/types/index-browser.d.ts +0 -7
- package/lib/types/index-browser.d.ts.map +0 -1
- package/lib/types/index-node.d.ts +0 -7
- package/lib/types/index-node.d.ts.map +0 -1
- package/lib/types/index.d.ts +0 -12
- package/lib/types/index.d.ts.map +0 -1
- package/lib/types/logger/Logger.d.ts +0 -119
- package/lib/types/logger/Logger.d.ts.map +0 -1
- package/lib/types/network/INetworkModule.d.ts +0 -29
- package/lib/types/network/INetworkModule.d.ts.map +0 -1
- package/lib/types/network/NetworkResponse.d.ts +0 -6
- package/lib/types/network/NetworkResponse.d.ts.map +0 -1
- package/lib/types/network/RequestThumbprint.d.ts +0 -22
- package/lib/types/network/RequestThumbprint.d.ts.map +0 -1
- package/lib/types/network/ThrottlingUtils.d.ts +0 -43
- package/lib/types/network/ThrottlingUtils.d.ts.map +0 -1
- package/lib/types/packageMetadata.d.ts +0 -3
- package/lib/types/packageMetadata.d.ts.map +0 -1
- package/lib/types/protocol/Authorize.d.ts +0 -37
- package/lib/types/protocol/Authorize.d.ts.map +0 -1
- package/lib/types/protocol/Token.d.ts +0 -40
- package/lib/types/protocol/Token.d.ts.map +0 -1
- package/lib/types/request/AuthenticationHeaderParser.d.ts +0 -20
- package/lib/types/request/AuthenticationHeaderParser.d.ts.map +0 -1
- package/lib/types/request/BaseAuthRequest.d.ts +0 -111
- package/lib/types/request/BaseAuthRequest.d.ts.map +0 -1
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts +0 -32
- package/lib/types/request/CommonAuthorizationCodeRequest.d.ts.map +0 -1
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts +0 -71
- package/lib/types/request/CommonAuthorizationUrlRequest.d.ts.map +0 -1
- package/lib/types/request/CommonEndSessionRequest.d.ts +0 -36
- package/lib/types/request/CommonEndSessionRequest.d.ts.map +0 -1
- package/lib/types/request/CommonRefreshTokenRequest.d.ts +0 -24
- package/lib/types/request/CommonRefreshTokenRequest.d.ts.map +0 -1
- package/lib/types/request/CommonSilentFlowRequest.d.ts +0 -24
- package/lib/types/request/CommonSilentFlowRequest.d.ts.map +0 -1
- package/lib/types/request/NativeRequest.d.ts +0 -21
- package/lib/types/request/NativeRequest.d.ts.map +0 -1
- package/lib/types/request/NativeSignOutRequest.d.ts +0 -6
- package/lib/types/request/NativeSignOutRequest.d.ts.map +0 -1
- package/lib/types/request/RequestParameterBuilder.d.ts +0 -226
- package/lib/types/request/RequestParameterBuilder.d.ts.map +0 -1
- package/lib/types/request/ScopeSet.d.ts +0 -83
- package/lib/types/request/ScopeSet.d.ts.map +0 -1
- package/lib/types/request/StoreInCache.d.ts +0 -9
- package/lib/types/request/StoreInCache.d.ts.map +0 -1
- package/lib/types/response/AuthenticationResult.d.ts +0 -43
- package/lib/types/response/AuthenticationResult.d.ts.map +0 -1
- package/lib/types/response/AuthorizationCodePayload.d.ts +0 -14
- package/lib/types/response/AuthorizationCodePayload.d.ts.map +0 -1
- package/lib/types/response/AuthorizeResponse.d.ts +0 -83
- package/lib/types/response/AuthorizeResponse.d.ts.map +0 -1
- package/lib/types/response/DeviceCodeResponse.d.ts +0 -26
- package/lib/types/response/DeviceCodeResponse.d.ts.map +0 -1
- package/lib/types/response/ExternalTokenResponse.d.ts +0 -16
- package/lib/types/response/ExternalTokenResponse.d.ts.map +0 -1
- package/lib/types/response/IMDSBadResponse.d.ts +0 -5
- package/lib/types/response/IMDSBadResponse.d.ts.map +0 -1
- package/lib/types/response/ResponseHandler.d.ts +0 -63
- package/lib/types/response/ResponseHandler.d.ts.map +0 -1
- package/lib/types/response/ServerAuthorizationTokenResponse.d.ts +0 -48
- package/lib/types/response/ServerAuthorizationTokenResponse.d.ts.map +0 -1
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts +0 -30
- package/lib/types/telemetry/performance/IPerformanceClient.d.ts.map +0 -1
- package/lib/types/telemetry/performance/IPerformanceMeasurement.d.ts +0 -6
- package/lib/types/telemetry/performance/IPerformanceMeasurement.d.ts.map +0 -1
- package/lib/types/telemetry/performance/PerformanceClient.d.ts +0 -170
- package/lib/types/telemetry/performance/PerformanceClient.d.ts.map +0 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +0 -425
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +0 -1
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts +0 -66
- package/lib/types/telemetry/performance/PerformanceEvents.d.ts.map +0 -1
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts +0 -21
- package/lib/types/telemetry/performance/StubPerformanceClient.d.ts.map +0 -1
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts +0 -79
- package/lib/types/telemetry/server/ServerTelemetryManager.d.ts.map +0 -1
- package/lib/types/telemetry/server/ServerTelemetryRequest.d.ts +0 -9
- package/lib/types/telemetry/server/ServerTelemetryRequest.d.ts.map +0 -1
- package/lib/types/url/IUri.d.ts +0 -13
- package/lib/types/url/IUri.d.ts.map +0 -1
- package/lib/types/url/UrlString.d.ts +0 -44
- package/lib/types/url/UrlString.d.ts.map +0 -1
- package/lib/types/utils/ClientAssertionUtils.d.ts +0 -3
- package/lib/types/utils/ClientAssertionUtils.d.ts.map +0 -1
- package/lib/types/utils/Constants.d.ts +0 -283
- package/lib/types/utils/Constants.d.ts.map +0 -1
- package/lib/types/utils/FunctionWrappers.d.ts +0 -28
- package/lib/types/utils/FunctionWrappers.d.ts.map +0 -1
- package/lib/types/utils/MsalTypes.d.ts +0 -7
- package/lib/types/utils/MsalTypes.d.ts.map +0 -1
- package/lib/types/utils/ProtocolUtils.d.ts +0 -22
- package/lib/types/utils/ProtocolUtils.d.ts.map +0 -1
- package/lib/types/utils/StateTypes.d.ts +0 -15
- package/lib/types/utils/StateTypes.d.ts.map +0 -1
- package/lib/types/utils/StringUtils.d.ts +0 -35
- package/lib/types/utils/StringUtils.d.ts.map +0 -1
- package/lib/types/utils/TimeUtils.d.ts +0 -43
- package/lib/types/utils/TimeUtils.d.ts.map +0 -1
- package/lib/types/utils/UrlUtils.d.ts +0 -23
- package/lib/types/utils/UrlUtils.d.ts.map +0 -1
- /package/{dist-browser → types}/account/AccountInfo.d.ts +0 -0
- /package/{dist-browser → types}/account/AccountInfo.d.ts.map +0 -0
- /package/{dist-browser → types}/account/AuthToken.d.ts +0 -0
- /package/{dist-browser → types}/account/AuthToken.d.ts.map +0 -0
- /package/{dist-browser → types}/account/CcsCredential.d.ts +0 -0
- /package/{dist-browser → types}/account/CcsCredential.d.ts.map +0 -0
- /package/{dist-browser → types}/account/ClientCredentials.d.ts +0 -0
- /package/{dist-browser → types}/account/ClientCredentials.d.ts.map +0 -0
- /package/{dist-browser → types}/account/ClientInfo.d.ts +0 -0
- /package/{dist-browser → types}/account/ClientInfo.d.ts.map +0 -0
- /package/{dist-browser → types}/account/TokenClaims.d.ts +0 -0
- /package/{dist-browser → types}/account/TokenClaims.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/AuthorityFactory.d.ts +0 -0
- /package/{dist-browser → types}/authority/AuthorityFactory.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/AuthorityMetadata.d.ts +0 -0
- /package/{dist-browser → types}/authority/AuthorityOptions.d.ts +0 -0
- /package/{dist-browser → types}/authority/AuthorityOptions.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/AuthorityType.d.ts +0 -0
- /package/{dist-browser → types}/authority/AuthorityType.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/AzureRegion.d.ts +0 -0
- /package/{dist-browser → types}/authority/AzureRegion.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/AzureRegionConfiguration.d.ts +0 -0
- /package/{dist-browser → types}/authority/AzureRegionConfiguration.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/CloudDiscoveryMetadata.d.ts +0 -0
- /package/{dist-browser → types}/authority/CloudDiscoveryMetadata.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/CloudInstanceDiscoveryErrorResponse.d.ts +0 -0
- /package/{dist-browser → types}/authority/CloudInstanceDiscoveryErrorResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/CloudInstanceDiscoveryResponse.d.ts +0 -0
- /package/{dist-browser → types}/authority/CloudInstanceDiscoveryResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/ImdsOptions.d.ts +0 -0
- /package/{dist-browser → types}/authority/ImdsOptions.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/OIDCOptions.d.ts +0 -0
- /package/{dist-browser → types}/authority/OIDCOptions.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/OpenIdConfigResponse.d.ts +0 -0
- /package/{dist-browser → types}/authority/OpenIdConfigResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/ProtocolMode.d.ts +0 -0
- /package/{dist-browser → types}/authority/ProtocolMode.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/RegionDiscovery.d.ts +0 -0
- /package/{dist-browser → types}/authority/RegionDiscovery.d.ts.map +0 -0
- /package/{dist-browser → types}/authority/RegionDiscoveryMetadata.d.ts +0 -0
- /package/{dist-browser → types}/authority/RegionDiscoveryMetadata.d.ts.map +0 -0
- /package/{dist-browser → types}/broker/nativeBroker/INativeBrokerPlugin.d.ts +0 -0
- /package/{dist-browser → types}/broker/nativeBroker/INativeBrokerPlugin.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/CacheManager.d.ts +0 -0
- /package/{dist-browser → types}/cache/CacheManager.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/AccessTokenEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/AccessTokenEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/AccountEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/AccountEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/AppMetadataEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/AppMetadataEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/AuthorityMetadataEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/AuthorityMetadataEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/CacheRecord.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/CacheRecord.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/CredentialEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/CredentialEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/IdTokenEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/IdTokenEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/RefreshTokenEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/RefreshTokenEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/ServerTelemetryEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/ServerTelemetryEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/entities/ThrottlingEntity.d.ts +0 -0
- /package/{dist-browser → types}/cache/entities/ThrottlingEntity.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/interface/ICacheManager.d.ts +0 -0
- /package/{dist-browser → types}/cache/interface/ICacheManager.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/interface/ICachePlugin.d.ts +0 -0
- /package/{dist-browser → types}/cache/interface/ICachePlugin.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/interface/ISerializableTokenCache.d.ts +0 -0
- /package/{dist-browser → types}/cache/interface/ISerializableTokenCache.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/persistence/TokenCacheContext.d.ts +0 -0
- /package/{dist-browser → types}/cache/persistence/TokenCacheContext.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/utils/AccountEntityUtils.d.ts +0 -0
- /package/{dist-browser → types}/cache/utils/AccountEntityUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/utils/CacheHelpers.d.ts +0 -0
- /package/{dist-browser → types}/cache/utils/CacheHelpers.d.ts.map +0 -0
- /package/{dist-browser → types}/cache/utils/CacheTypes.d.ts +0 -0
- /package/{dist-browser → types}/cache/utils/CacheTypes.d.ts.map +0 -0
- /package/{dist-browser → types}/client/AuthorizationCodeClient.d.ts +0 -0
- /package/{dist-browser → types}/client/AuthorizationCodeClient.d.ts.map +0 -0
- /package/{dist-browser → types}/client/RefreshTokenClient.d.ts +0 -0
- /package/{dist-browser → types}/client/RefreshTokenClient.d.ts.map +0 -0
- /package/{dist-browser → types}/client/SilentFlowClient.d.ts +0 -0
- /package/{dist-browser → types}/client/SilentFlowClient.d.ts.map +0 -0
- /package/{dist-browser → types}/config/AppTokenProvider.d.ts +0 -0
- /package/{dist-browser → types}/config/AppTokenProvider.d.ts.map +0 -0
- /package/{dist-browser → types}/config/ClientConfiguration.d.ts +0 -0
- /package/{dist-browser → types}/config/ClientConfiguration.d.ts.map +0 -0
- /package/{dist-browser → types}/constants/AADServerParamKeys.d.ts +0 -0
- /package/{dist-browser → types}/constants/AADServerParamKeys.d.ts.map +0 -0
- /package/{dist-browser → types}/crypto/ICrypto.d.ts +0 -0
- /package/{dist-browser → types}/crypto/ICrypto.d.ts.map +0 -0
- /package/{dist-browser → types}/crypto/IGuidGenerator.d.ts +0 -0
- /package/{dist-browser → types}/crypto/IGuidGenerator.d.ts.map +0 -0
- /package/{dist-browser → types}/crypto/JoseHeader.d.ts +0 -0
- /package/{dist-browser → types}/crypto/JoseHeader.d.ts.map +0 -0
- /package/{dist-browser → types}/crypto/PopTokenGenerator.d.ts +0 -0
- /package/{dist-browser → types}/crypto/PopTokenGenerator.d.ts.map +0 -0
- /package/{dist-browser → types}/crypto/SignedHttpRequest.d.ts +0 -0
- /package/{dist-browser → types}/crypto/SignedHttpRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/error/AuthError.d.ts +0 -0
- /package/{dist-browser → types}/error/AuthError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/AuthErrorCodes.d.ts +0 -0
- /package/{dist-browser → types}/error/AuthErrorCodes.d.ts.map +0 -0
- /package/{dist-browser → types}/error/CacheError.d.ts +0 -0
- /package/{dist-browser → types}/error/CacheError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/CacheErrorCodes.d.ts +0 -0
- /package/{dist-browser → types}/error/CacheErrorCodes.d.ts.map +0 -0
- /package/{dist-browser → types}/error/ClientAuthError.d.ts +0 -0
- /package/{dist-browser → types}/error/ClientAuthError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/ClientAuthErrorCodes.d.ts +0 -0
- /package/{dist-browser → types}/error/ClientAuthErrorCodes.d.ts.map +0 -0
- /package/{dist-browser → types}/error/ClientConfigurationError.d.ts +0 -0
- /package/{dist-browser → types}/error/ClientConfigurationError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/InteractionRequiredAuthError.d.ts +0 -0
- /package/{dist-browser → types}/error/InteractionRequiredAuthError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/InteractionRequiredAuthErrorCodes.d.ts +0 -0
- /package/{dist-browser → types}/error/InteractionRequiredAuthErrorCodes.d.ts.map +0 -0
- /package/{dist-browser → types}/error/JoseHeaderError.d.ts +0 -0
- /package/{dist-browser → types}/error/JoseHeaderError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/JoseHeaderErrorCodes.d.ts +0 -0
- /package/{dist-browser → types}/error/JoseHeaderErrorCodes.d.ts.map +0 -0
- /package/{dist-browser → types}/error/NetworkError.d.ts +0 -0
- /package/{dist-browser → types}/error/NetworkError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/PlatformBrokerError.d.ts +0 -0
- /package/{dist-browser → types}/error/PlatformBrokerError.d.ts.map +0 -0
- /package/{dist-browser → types}/error/ServerError.d.ts +0 -0
- /package/{dist-browser → types}/error/ServerError.d.ts.map +0 -0
- /package/{dist-browser → types}/exports-browser-only.d.ts +0 -0
- /package/{dist-browser → types}/exports-browser-only.d.ts.map +0 -0
- /package/{dist-browser → types}/exports-common.d.ts +0 -0
- /package/{dist-browser → types}/exports-common.d.ts.map +0 -0
- /package/{dist-browser → types}/exports-node-only.d.ts +0 -0
- /package/{dist-browser → types}/exports-node-only.d.ts.map +0 -0
- /package/{dist-browser → types}/index-browser.d.ts +0 -0
- /package/{dist-browser → types}/index-browser.d.ts.map +0 -0
- /package/{dist-browser → types}/index-node.d.ts +0 -0
- /package/{dist-browser → types}/index-node.d.ts.map +0 -0
- /package/{dist-browser → types}/index.d.ts +0 -0
- /package/{dist-browser → types}/index.d.ts.map +0 -0
- /package/{dist-browser → types}/logger/Logger.d.ts +0 -0
- /package/{dist-browser → types}/logger/Logger.d.ts.map +0 -0
- /package/{dist-browser → types}/network/INetworkModule.d.ts +0 -0
- /package/{dist-browser → types}/network/INetworkModule.d.ts.map +0 -0
- /package/{dist-browser → types}/network/NetworkResponse.d.ts +0 -0
- /package/{dist-browser → types}/network/NetworkResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/network/RequestThumbprint.d.ts +0 -0
- /package/{dist-browser → types}/network/RequestThumbprint.d.ts.map +0 -0
- /package/{dist-browser → types}/network/ThrottlingUtils.d.ts +0 -0
- /package/{dist-browser → types}/network/ThrottlingUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/packageMetadata.d.ts.map +0 -0
- /package/{dist-browser → types}/protocol/Authorize.d.ts +0 -0
- /package/{dist-browser → types}/protocol/Authorize.d.ts.map +0 -0
- /package/{dist-browser → types}/protocol/Token.d.ts +0 -0
- /package/{dist-browser → types}/protocol/Token.d.ts.map +0 -0
- /package/{dist-browser → types}/request/AuthenticationHeaderParser.d.ts +0 -0
- /package/{dist-browser → types}/request/AuthenticationHeaderParser.d.ts.map +0 -0
- /package/{dist-browser → types}/request/BaseAuthRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/BaseAuthRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/CommonAuthorizationCodeRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/CommonAuthorizationCodeRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/CommonAuthorizationUrlRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/CommonAuthorizationUrlRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/CommonEndSessionRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/CommonEndSessionRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/CommonRefreshTokenRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/CommonRefreshTokenRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/CommonSilentFlowRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/CommonSilentFlowRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/NativeRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/NativeRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/NativeSignOutRequest.d.ts +0 -0
- /package/{dist-browser → types}/request/NativeSignOutRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/request/RequestParameterBuilder.d.ts +0 -0
- /package/{dist-browser → types}/request/RequestParameterBuilder.d.ts.map +0 -0
- /package/{dist-browser → types}/request/ScopeSet.d.ts +0 -0
- /package/{dist-browser → types}/request/ScopeSet.d.ts.map +0 -0
- /package/{dist-browser → types}/request/StoreInCache.d.ts +0 -0
- /package/{dist-browser → types}/request/StoreInCache.d.ts.map +0 -0
- /package/{dist-browser → types}/response/AuthenticationResult.d.ts +0 -0
- /package/{dist-browser → types}/response/AuthenticationResult.d.ts.map +0 -0
- /package/{dist-browser → types}/response/AuthorizationCodePayload.d.ts +0 -0
- /package/{dist-browser → types}/response/AuthorizationCodePayload.d.ts.map +0 -0
- /package/{dist-browser → types}/response/AuthorizeResponse.d.ts +0 -0
- /package/{dist-browser → types}/response/AuthorizeResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/response/DeviceCodeResponse.d.ts +0 -0
- /package/{dist-browser → types}/response/DeviceCodeResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/response/ExternalTokenResponse.d.ts +0 -0
- /package/{dist-browser → types}/response/ExternalTokenResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/response/IMDSBadResponse.d.ts +0 -0
- /package/{dist-browser → types}/response/IMDSBadResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/response/ResponseHandler.d.ts +0 -0
- /package/{dist-browser → types}/response/ResponseHandler.d.ts.map +0 -0
- /package/{dist-browser → types}/response/ServerAuthorizationTokenResponse.d.ts +0 -0
- /package/{dist-browser → types}/response/ServerAuthorizationTokenResponse.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/IPerformanceClient.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/IPerformanceClient.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/IPerformanceMeasurement.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/IPerformanceMeasurement.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceClient.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceClient.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceEvent.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceEvent.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceEvents.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/PerformanceEvents.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/performance/StubPerformanceClient.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/performance/StubPerformanceClient.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/server/ServerTelemetryManager.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/server/ServerTelemetryManager.d.ts.map +0 -0
- /package/{dist-browser → types}/telemetry/server/ServerTelemetryRequest.d.ts +0 -0
- /package/{dist-browser → types}/telemetry/server/ServerTelemetryRequest.d.ts.map +0 -0
- /package/{dist-browser → types}/url/IUri.d.ts +0 -0
- /package/{dist-browser → types}/url/IUri.d.ts.map +0 -0
- /package/{dist-browser → types}/url/UrlString.d.ts +0 -0
- /package/{dist-browser → types}/url/UrlString.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/ClientAssertionUtils.d.ts +0 -0
- /package/{dist-browser → types}/utils/ClientAssertionUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/Constants.d.ts +0 -0
- /package/{dist-browser → types}/utils/Constants.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/FunctionWrappers.d.ts +0 -0
- /package/{dist-browser → types}/utils/FunctionWrappers.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/MsalTypes.d.ts +0 -0
- /package/{dist-browser → types}/utils/MsalTypes.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/ProtocolUtils.d.ts +0 -0
- /package/{dist-browser → types}/utils/ProtocolUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/StateTypes.d.ts +0 -0
- /package/{dist-browser → types}/utils/StateTypes.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/StringUtils.d.ts +0 -0
- /package/{dist-browser → types}/utils/StringUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/TimeUtils.d.ts +0 -0
- /package/{dist-browser → types}/utils/TimeUtils.d.ts.map +0 -0
- /package/{dist-browser → types}/utils/UrlUtils.d.ts +0 -0
- /package/{dist-browser → types}/utils/UrlUtils.d.ts.map +0 -0
|
@@ -427,7 +427,7 @@ export class Authority {
|
|
|
427
427
|
}
|
|
428
428
|
|
|
429
429
|
/**
|
|
430
|
-
* Returns metadata entity from cache if it exists,
|
|
430
|
+
* Returns metadata entity from cache if it exists, otherwise returns a new metadata entity built
|
|
431
431
|
* from the configured canonical authority
|
|
432
432
|
* @returns
|
|
433
433
|
*/
|
|
@@ -547,6 +547,9 @@ export class Authority {
|
|
|
547
547
|
this.correlationId
|
|
548
548
|
)();
|
|
549
549
|
if (metadata) {
|
|
550
|
+
// Validate the issuer returned by the OIDC discovery document.
|
|
551
|
+
this.validateIssuer(metadata.issuer);
|
|
552
|
+
|
|
550
553
|
// If the user prefers to use an azure region replace the global endpoints with regional information.
|
|
551
554
|
if (this.authorityOptions.azureRegionConfiguration?.azureRegion) {
|
|
552
555
|
metadata = await invokeAsync(
|
|
@@ -839,7 +842,7 @@ export class Authority {
|
|
|
839
842
|
metadataEntity: AuthorityMetadataEntity
|
|
840
843
|
): Constants.AuthorityMetadataSource | null {
|
|
841
844
|
this.logger.verbose(
|
|
842
|
-
"Attempting to get cloud discovery metadata
|
|
845
|
+
"Attempting to get cloud discovery metadata from authority configuration",
|
|
843
846
|
this.correlationId
|
|
844
847
|
);
|
|
845
848
|
this.logger.verbosePii(
|
|
@@ -1195,6 +1198,190 @@ export class Authority {
|
|
|
1195
1198
|
return InstanceDiscoveryMetadataAliases.has(host);
|
|
1196
1199
|
}
|
|
1197
1200
|
|
|
1201
|
+
/**
|
|
1202
|
+
* Validates the `issuer` returned by an OIDC discovery document against
|
|
1203
|
+
* this authority, per
|
|
1204
|
+
* https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation
|
|
1205
|
+
*
|
|
1206
|
+
* The issuer is accepted when ANY of the following holds:
|
|
1207
|
+
* 1. The issuer scheme + host + port match the authority's (path may
|
|
1208
|
+
* differ). Applies to all authorities.
|
|
1209
|
+
* 2. The authority is a Microsoft cloud authority (public, sovereign,
|
|
1210
|
+
* or CIAM), the issuer is HTTPS, and the issuer host is in the known
|
|
1211
|
+
* Microsoft authority host set.
|
|
1212
|
+
* 3. Same as (2), but the issuer host is a single-label regional variant
|
|
1213
|
+
* of a known Microsoft host (e.g. `westus.login.microsoftonline.com`).
|
|
1214
|
+
* 4. Same as (2), but the issuer host matches the CIAM tenant pattern
|
|
1215
|
+
* `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
|
|
1216
|
+
* path.
|
|
1217
|
+
*
|
|
1218
|
+
* @param issuer The `issuer` value returned in the OIDC discovery document.
|
|
1219
|
+
* @throws ClientConfigurationError("issuer_validation_failed") on failure.
|
|
1220
|
+
*/
|
|
1221
|
+
private validateIssuer(issuer: string): void {
|
|
1222
|
+
if (!issuer) {
|
|
1223
|
+
throw createClientConfigurationError(
|
|
1224
|
+
ClientConfigurationErrorCodes.issuerValidationFailed
|
|
1225
|
+
);
|
|
1226
|
+
}
|
|
1227
|
+
|
|
1228
|
+
// Parse with the WHATWG URL API. URL normalizes scheme + host to lowercase per RFC 3986.
|
|
1229
|
+
let issuerUrl: URL;
|
|
1230
|
+
try {
|
|
1231
|
+
issuerUrl = new URL(issuer);
|
|
1232
|
+
} catch {
|
|
1233
|
+
throw createClientConfigurationError(
|
|
1234
|
+
ClientConfigurationErrorCodes.issuerValidationFailed
|
|
1235
|
+
);
|
|
1236
|
+
}
|
|
1237
|
+
const issuerScheme = issuerUrl.protocol;
|
|
1238
|
+
const issuerHost = issuerUrl.host;
|
|
1239
|
+
const authorityScheme = (
|
|
1240
|
+
this.canonicalAuthorityUrlComponents.Protocol || ""
|
|
1241
|
+
).toLowerCase();
|
|
1242
|
+
const authorityHost = (
|
|
1243
|
+
this.canonicalAuthorityUrlComponents.HostNameAndPort || ""
|
|
1244
|
+
).toLowerCase();
|
|
1245
|
+
|
|
1246
|
+
// Rule 1: Same scheme and host
|
|
1247
|
+
const matchesAuthorityOrigin = this.matchesAuthorityOrigin(
|
|
1248
|
+
issuerScheme,
|
|
1249
|
+
issuerHost,
|
|
1250
|
+
authorityScheme,
|
|
1251
|
+
authorityHost
|
|
1252
|
+
);
|
|
1253
|
+
|
|
1254
|
+
// Rule 2: The issuer host is a well-known Microsoft authority host (HTTPS only)
|
|
1255
|
+
const matchesKnownMicrosoftHost =
|
|
1256
|
+
issuerScheme === "https:" &&
|
|
1257
|
+
this.isAliasOfKnownMicrosoftAuthority(issuerHost);
|
|
1258
|
+
|
|
1259
|
+
/*
|
|
1260
|
+
* Rule 3: The issuer host is a regional variant ({region}.{host}) of a well-known host
|
|
1261
|
+
* (HTTPS only). E.g. westus2.login.microsoft.com
|
|
1262
|
+
*/
|
|
1263
|
+
const matchesRegionalMicrosoftHost =
|
|
1264
|
+
issuerScheme === "https:" &&
|
|
1265
|
+
this.matchesRegionalMicrosoftHost(issuerHost);
|
|
1266
|
+
|
|
1267
|
+
/*
|
|
1268
|
+
* Rule 4: CIAM-specific validation. In a CIAM scenario the issuer is expected to
|
|
1269
|
+
* have "{tenant}.ciamlogin.com" as the host, even when using a custom domain.
|
|
1270
|
+
*/
|
|
1271
|
+
const matchesCiamTenantPattern = this.matchesCiamTenantPattern(
|
|
1272
|
+
issuerUrl,
|
|
1273
|
+
authorityHost,
|
|
1274
|
+
this.canonicalAuthorityUrlComponents.PathSegments
|
|
1275
|
+
);
|
|
1276
|
+
|
|
1277
|
+
// Each rule is an independent boolean; the issuer is valid if ANY rule matches.
|
|
1278
|
+
if (
|
|
1279
|
+
matchesAuthorityOrigin ||
|
|
1280
|
+
matchesKnownMicrosoftHost ||
|
|
1281
|
+
matchesRegionalMicrosoftHost ||
|
|
1282
|
+
matchesCiamTenantPattern
|
|
1283
|
+
) {
|
|
1284
|
+
return;
|
|
1285
|
+
}
|
|
1286
|
+
|
|
1287
|
+
// issuer validation fails if none of the above rules are satisfied
|
|
1288
|
+
throw createClientConfigurationError(
|
|
1289
|
+
ClientConfigurationErrorCodes.issuerValidationFailed
|
|
1290
|
+
);
|
|
1291
|
+
}
|
|
1292
|
+
|
|
1293
|
+
/**
|
|
1294
|
+
* Rule 1: The issuer scheme + host (and port) match the authority's. Path
|
|
1295
|
+
* may differ. Applies to all authorities.
|
|
1296
|
+
*/
|
|
1297
|
+
private matchesAuthorityOrigin(
|
|
1298
|
+
issuerScheme: string,
|
|
1299
|
+
issuerHost: string,
|
|
1300
|
+
authorityScheme: string,
|
|
1301
|
+
authorityHost: string
|
|
1302
|
+
): boolean {
|
|
1303
|
+
return issuerScheme === authorityScheme && issuerHost === authorityHost;
|
|
1304
|
+
}
|
|
1305
|
+
|
|
1306
|
+
/**
|
|
1307
|
+
* Rule 3: The issuer host is a regional variant
|
|
1308
|
+
* (`{region}.{host}`) of a known Microsoft authority host.
|
|
1309
|
+
* E.g. `westus2.login.microsoft.com`.
|
|
1310
|
+
*/
|
|
1311
|
+
private matchesRegionalMicrosoftHost(issuerHost: string): boolean {
|
|
1312
|
+
const firstDot = issuerHost.indexOf(".");
|
|
1313
|
+
if (firstDot > 0 && firstDot < issuerHost.length - 1) {
|
|
1314
|
+
const hostWithoutRegion = issuerHost.substring(firstDot + 1);
|
|
1315
|
+
return this.isAliasOfKnownMicrosoftAuthority(hostWithoutRegion);
|
|
1316
|
+
}
|
|
1317
|
+
return false;
|
|
1318
|
+
}
|
|
1319
|
+
|
|
1320
|
+
/**
|
|
1321
|
+
* Rule 4: The issuer matches one of the well-known CIAM tenant patterns
|
|
1322
|
+
* (`https://{tenant}.ciamlogin.com[/{tenant}[.onmicrosoft.com][/v2.0]]`).
|
|
1323
|
+
*
|
|
1324
|
+
* The bare tenant name is extracted from the authority's first path segment
|
|
1325
|
+
* when available (stripping the `.onmicrosoft.com` suffix that
|
|
1326
|
+
* `transformCIAMAuthority` adds), or otherwise from the leftmost label of
|
|
1327
|
+
* the authority host (to support CIAM custom domain scenarios).
|
|
1328
|
+
*
|
|
1329
|
+
* Both `/{tenant}` and `/{tenant}.onmicrosoft.com` path forms are accepted
|
|
1330
|
+
* because the OIDC issuer may use either form depending on the authority URL
|
|
1331
|
+
* that was used to trigger discovery.
|
|
1332
|
+
*/
|
|
1333
|
+
private matchesCiamTenantPattern(
|
|
1334
|
+
issuerUrl: URL,
|
|
1335
|
+
authorityHost: string,
|
|
1336
|
+
authorityPathSegments: string[]
|
|
1337
|
+
): boolean {
|
|
1338
|
+
/*
|
|
1339
|
+
* authorityPathSegments[0] is the first path segment of the *authority
|
|
1340
|
+
* URL* after transformCIAMAuthority runs (e.g. "contoso.onmicrosoft.com").
|
|
1341
|
+
* Additional CIAM issuer path segments such as "/v2.0" are part of the
|
|
1342
|
+
* issuer string, not the authority URL's PathSegments.
|
|
1343
|
+
*/
|
|
1344
|
+
const pathSegment = authorityPathSegments[0];
|
|
1345
|
+
|
|
1346
|
+
/*
|
|
1347
|
+
* Extract the bare tenant name: strip the .onmicrosoft.com suffix when
|
|
1348
|
+
* present (introduced by transformCIAMAuthority), or fall back to the
|
|
1349
|
+
* first label of the authority hostname for non-transformed/custom-domain
|
|
1350
|
+
* CIAM authorities.
|
|
1351
|
+
*/
|
|
1352
|
+
const tenantName = pathSegment
|
|
1353
|
+
? pathSegment.endsWith(Constants.AAD_TENANT_DOMAIN_SUFFIX)
|
|
1354
|
+
? pathSegment.slice(
|
|
1355
|
+
0,
|
|
1356
|
+
-Constants.AAD_TENANT_DOMAIN_SUFFIX.length
|
|
1357
|
+
)
|
|
1358
|
+
: pathSegment
|
|
1359
|
+
: authorityHost.split(".")[0];
|
|
1360
|
+
|
|
1361
|
+
if (!tenantName) {
|
|
1362
|
+
return false;
|
|
1363
|
+
}
|
|
1364
|
+
|
|
1365
|
+
const ciamBaseURL = `https://${tenantName}${Constants.CIAM_AUTH_URL}`;
|
|
1366
|
+
const validCiamPatterns: string[] = [
|
|
1367
|
+
ciamBaseURL, // https://{tenant}.ciamlogin.com
|
|
1368
|
+
`${ciamBaseURL}/${tenantName}`, // https://{tenant}.ciamlogin.com/{tenant}
|
|
1369
|
+
`${ciamBaseURL}/${tenantName}/v2.0`, // https://{tenant}.ciamlogin.com/{tenant}/v2.0
|
|
1370
|
+
`${ciamBaseURL}/${tenantName}${Constants.AAD_TENANT_DOMAIN_SUFFIX}`, // https://{tenant}.ciamlogin.com/{tenant}.onmicrosoft.com
|
|
1371
|
+
`${ciamBaseURL}/${tenantName}${Constants.AAD_TENANT_DOMAIN_SUFFIX}/v2.0`, // https://{tenant}.ciamlogin.com/{tenant}.onmicrosoft.com/v2.0
|
|
1372
|
+
];
|
|
1373
|
+
|
|
1374
|
+
/*
|
|
1375
|
+
* Compose the canonical issuer string from URL components and strip any
|
|
1376
|
+
* trailing slashes from the path so it can be compared to the pattern set.
|
|
1377
|
+
*/
|
|
1378
|
+
const issuerPath = issuerUrl.pathname.replace(/\/+$/, "");
|
|
1379
|
+
const normalizedIssuer = `${issuerUrl.protocol}//${issuerUrl.host}${issuerPath}`;
|
|
1380
|
+
return validCiamPatterns.some(
|
|
1381
|
+
(pattern) => pattern === normalizedIssuer
|
|
1382
|
+
);
|
|
1383
|
+
}
|
|
1384
|
+
|
|
1198
1385
|
/**
|
|
1199
1386
|
* Checks whether the provided host is that of a public cloud authority
|
|
1200
1387
|
*
|
|
@@ -105,6 +105,15 @@ export const rawMetdataJSON: RawMetadata = {
|
|
|
105
105
|
preferred_cache: "login.sovcloud-identity.sg",
|
|
106
106
|
aliases: ["login.sovcloud-identity.sg"],
|
|
107
107
|
},
|
|
108
|
+
{
|
|
109
|
+
preferred_network: "login.windows-ppe.net",
|
|
110
|
+
preferred_cache: "login.windows-ppe.net",
|
|
111
|
+
aliases: [
|
|
112
|
+
"login.windows-ppe.net",
|
|
113
|
+
"sts.windows-ppe.net",
|
|
114
|
+
"login.microsoft-ppe.com",
|
|
115
|
+
],
|
|
116
|
+
},
|
|
108
117
|
],
|
|
109
118
|
},
|
|
110
119
|
};
|
|
@@ -26,3 +26,4 @@ export const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
|
26
26
|
export const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
27
27
|
export const authorityMismatch = "authority_mismatch";
|
|
28
28
|
export const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
29
|
+
export const issuerValidationFailed = "issuer_validation_failed";
|
package/src/packageMetadata.ts
CHANGED
|
@@ -116,7 +116,7 @@ export declare class Authority {
|
|
|
116
116
|
*/
|
|
117
117
|
resolveEndpointsAsync(): Promise<void>;
|
|
118
118
|
/**
|
|
119
|
-
* Returns metadata entity from cache if it exists,
|
|
119
|
+
* Returns metadata entity from cache if it exists, otherwise returns a new metadata entity built
|
|
120
120
|
* from the configured canonical authority
|
|
121
121
|
* @returns
|
|
122
122
|
*/
|
|
@@ -214,6 +214,52 @@ export declare class Authority {
|
|
|
214
214
|
* @param host
|
|
215
215
|
*/
|
|
216
216
|
isAliasOfKnownMicrosoftAuthority(host: string): boolean;
|
|
217
|
+
/**
|
|
218
|
+
* Validates the `issuer` returned by an OIDC discovery document against
|
|
219
|
+
* this authority, per
|
|
220
|
+
* https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation
|
|
221
|
+
*
|
|
222
|
+
* The issuer is accepted when ANY of the following holds:
|
|
223
|
+
* 1. The issuer scheme + host + port match the authority's (path may
|
|
224
|
+
* differ). Applies to all authorities.
|
|
225
|
+
* 2. The authority is a Microsoft cloud authority (public, sovereign,
|
|
226
|
+
* or CIAM), the issuer is HTTPS, and the issuer host is in the known
|
|
227
|
+
* Microsoft authority host set.
|
|
228
|
+
* 3. Same as (2), but the issuer host is a single-label regional variant
|
|
229
|
+
* of a known Microsoft host (e.g. `westus.login.microsoftonline.com`).
|
|
230
|
+
* 4. Same as (2), but the issuer host matches the CIAM tenant pattern
|
|
231
|
+
* `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
|
|
232
|
+
* path.
|
|
233
|
+
*
|
|
234
|
+
* @param issuer The `issuer` value returned in the OIDC discovery document.
|
|
235
|
+
* @throws ClientConfigurationError("issuer_validation_failed") on failure.
|
|
236
|
+
*/
|
|
237
|
+
private validateIssuer;
|
|
238
|
+
/**
|
|
239
|
+
* Rule 1: The issuer scheme + host (and port) match the authority's. Path
|
|
240
|
+
* may differ. Applies to all authorities.
|
|
241
|
+
*/
|
|
242
|
+
private matchesAuthorityOrigin;
|
|
243
|
+
/**
|
|
244
|
+
* Rule 3: The issuer host is a regional variant
|
|
245
|
+
* (`{region}.{host}`) of a known Microsoft authority host.
|
|
246
|
+
* E.g. `westus2.login.microsoft.com`.
|
|
247
|
+
*/
|
|
248
|
+
private matchesRegionalMicrosoftHost;
|
|
249
|
+
/**
|
|
250
|
+
* Rule 4: The issuer matches one of the well-known CIAM tenant patterns
|
|
251
|
+
* (`https://{tenant}.ciamlogin.com[/{tenant}[.onmicrosoft.com][/v2.0]]`).
|
|
252
|
+
*
|
|
253
|
+
* The bare tenant name is extracted from the authority's first path segment
|
|
254
|
+
* when available (stripping the `.onmicrosoft.com` suffix that
|
|
255
|
+
* `transformCIAMAuthority` adds), or otherwise from the leftmost label of
|
|
256
|
+
* the authority host (to support CIAM custom domain scenarios).
|
|
257
|
+
*
|
|
258
|
+
* Both `/{tenant}` and `/{tenant}.onmicrosoft.com` path forms are accepted
|
|
259
|
+
* because the OIDC issuer may use either form depending on the authority URL
|
|
260
|
+
* that was used to trigger discovery.
|
|
261
|
+
*/
|
|
262
|
+
private matchesCiamTenantPattern;
|
|
217
263
|
/**
|
|
218
264
|
* Checks whether the provided host is that of a public cloud authority
|
|
219
265
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Authority.d.ts","sourceRoot":"","sources":["../../src/authority/Authority.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAEH,oBAAoB,EACvB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAKtC,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAY9D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAC;AAEpE,OAAO,EACH,gBAAgB,EAEhB,sBAAsB,EACzB,MAAM,uBAAuB,CAAC;AAS/B,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AAEvE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AAKpF;;;;GAIG;AACH,qBAAa,SAAS;IAElB,OAAO,CAAC,mBAAmB,CAAY;IAEvC,OAAO,CAAC,gCAAgC,CAAc;IAEtD,SAAS,CAAC,gBAAgB,EAAE,cAAc,CAAC;IAE3C,SAAS,CAAC,YAAY,EAAE,aAAa,CAAC;IAEtC,OAAO,CAAC,gBAAgB,CAAmB;IAE3C,OAAO,CAAC,QAAQ,CAA0B;IAE1C,OAAO,CAAC,eAAe,CAAkB;IAElC,uBAAuB,EAAE,uBAAuB,CAAC;IAExD,OAAO,CAAC,MAAM,CAAS;IAEvB,SAAS,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAEhD,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAEhC,OAAO,CAAC,eAAe,CAAU;IAEjC,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAMjC;gBAGC,SAAS,EAAE,MAAM,EACjB,gBAAgB,EAAE,cAAc,EAChC,YAAY,EAAE,aAAa,EAC3B,gBAAgB,EAAE,gBAAgB,EAClC,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,iBAAiB,EAAE,kBAAkB,EACrC,eAAe,CAAC,EAAE,OAAO;IAwB7B;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAqBxB,IAAW,aAAa,IAAI,aAAa,CAExC;IAED;;OAEG;IACH,IAAW,YAAY,IAAI,YAAY,CAEtC;IAED;;OAEG;IACH,IAAW,OAAO,IAAI,gBAAgB,CAErC;IAED;;OAEG;IACH,IAAW,kBAAkB,IAAI,MAAM,CAEtC;IAED;;OAEG;IACH,IAAW,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAIxC;IAED;;OAEG;IACH,IAAW,+BAA+B,IAAI,IAAI,CAOjD;IAED;;OAEG;IACH,IAAW,eAAe,IAAI,MAAM,CAEnC;IAED;;OAEG;IACH,IAAW,MAAM,IAAI,MAAM,CAE1B;IAED;;OAEG;IACH,IAAW,qBAAqB,IAAI,MAAM,CAQzC;IAED;;OAEG;IACH,IAAW,aAAa,IAAI,MAAM,CAQjC;IAED,IAAW,kBAAkB,IAAI,MAAM,CAUtC;IAED;;OAEG;IACH,IAAW,kBAAkB,IAAI,MAAM,CActC;IAED;;OAEG;IACH,IAAW,qBAAqB,IAAI,MAAM,CAQzC;IAED;;OAEG;IACH,IAAW,OAAO,IAAI,MAAM,CAQ3B;IAED;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAWxB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAIrB;;;OAGG;IACH,OAAO,CAAC,WAAW;IA4CnB;;OAEG;IACH,SAAS,KAAK,kCAAkC,IAAI,MAAM,CAWzD;IAED;;OAEG;IACH,iBAAiB,IAAI,OAAO;IAI5B;;;OAGG;IACU,qBAAqB,IAAI,OAAO,CAAC,IAAI,CAAC;IAiCnD;;;;OAIG;IACH,OAAO,CAAC,wBAAwB;IA0BhC;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IA+B5B;;;OAGG;YACW,sBAAsB;
|
|
1
|
+
{"version":3,"file":"Authority.d.ts","sourceRoot":"","sources":["../../src/authority/Authority.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAEH,oBAAoB,EACvB,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,IAAI,EAAE,MAAM,gBAAgB,CAAC;AAKtC,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAY9D,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjD,OAAO,EAAE,aAAa,EAAE,MAAM,qCAAqC,CAAC;AAEpE,OAAO,EACH,gBAAgB,EAEhB,sBAAsB,EACzB,MAAM,uBAAuB,CAAC;AAS/B,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,OAAO,EAAE,uBAAuB,EAAE,MAAM,8BAA8B,CAAC;AAEvE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AAKpF;;;;GAIG;AACH,qBAAa,SAAS;IAElB,OAAO,CAAC,mBAAmB,CAAY;IAEvC,OAAO,CAAC,gCAAgC,CAAc;IAEtD,SAAS,CAAC,gBAAgB,EAAE,cAAc,CAAC;IAE3C,SAAS,CAAC,YAAY,EAAE,aAAa,CAAC;IAEtC,OAAO,CAAC,gBAAgB,CAAmB;IAE3C,OAAO,CAAC,QAAQ,CAA0B;IAE1C,OAAO,CAAC,eAAe,CAAkB;IAElC,uBAAuB,EAAE,uBAAuB,CAAC;IAExD,OAAO,CAAC,MAAM,CAAS;IAEvB,SAAS,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;IAEhD,SAAS,CAAC,aAAa,EAAE,MAAM,CAAC;IAEhC,OAAO,CAAC,eAAe,CAAU;IAEjC,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAMjC;gBAGC,SAAS,EAAE,MAAM,EACjB,gBAAgB,EAAE,cAAc,EAChC,YAAY,EAAE,aAAa,EAC3B,gBAAgB,EAAE,gBAAgB,EAClC,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,iBAAiB,EAAE,kBAAkB,EACrC,eAAe,CAAC,EAAE,OAAO;IAwB7B;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAqBxB,IAAW,aAAa,IAAI,aAAa,CAExC;IAED;;OAEG;IACH,IAAW,YAAY,IAAI,YAAY,CAEtC;IAED;;OAEG;IACH,IAAW,OAAO,IAAI,gBAAgB,CAErC;IAED;;OAEG;IACH,IAAW,kBAAkB,IAAI,MAAM,CAEtC;IAED;;OAEG;IACH,IAAW,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAIxC;IAED;;OAEG;IACH,IAAW,+BAA+B,IAAI,IAAI,CAOjD;IAED;;OAEG;IACH,IAAW,eAAe,IAAI,MAAM,CAEnC;IAED;;OAEG;IACH,IAAW,MAAM,IAAI,MAAM,CAE1B;IAED;;OAEG;IACH,IAAW,qBAAqB,IAAI,MAAM,CAQzC;IAED;;OAEG;IACH,IAAW,aAAa,IAAI,MAAM,CAQjC;IAED,IAAW,kBAAkB,IAAI,MAAM,CAUtC;IAED;;OAEG;IACH,IAAW,kBAAkB,IAAI,MAAM,CActC;IAED;;OAEG;IACH,IAAW,qBAAqB,IAAI,MAAM,CAQzC;IAED;;OAEG;IACH,IAAW,OAAO,IAAI,MAAM,CAQ3B;IAED;;;;OAIG;IACH,OAAO,CAAC,gBAAgB;IAWxB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAIrB;;;OAGG;IACH,OAAO,CAAC,WAAW;IA4CnB;;OAEG;IACH,SAAS,KAAK,kCAAkC,IAAI,MAAM,CAWzD;IAED;;OAEG;IACH,iBAAiB,IAAI,OAAO;IAI5B;;;OAGG;IACU,qBAAqB,IAAI,OAAO,CAAC,IAAI,CAAC;IAiCnD;;;;OAIG;IACH,OAAO,CAAC,wBAAwB;IA0BhC;;;;;;OAMG;IACH,OAAO,CAAC,oBAAoB;IA+B5B;;;OAGG;YACW,sBAAsB;IA6EpC;;;;;OAKG;IACH,OAAO,CAAC,sCAAsC;IAmE9C;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAc3B;;OAEG;IACH,OAAO,CAAC,6BAA6B;IAgBrC;;;;OAIG;YACW,8BAA8B;IAwC5C;;OAEG;IACH,OAAO,CAAC,sCAAsC;IAQ9C;;;OAGG;YACW,qCAAqC;IAmDnD;;;;;OAKG;YACW,4BAA4B;IAiC1C,OAAO,CAAC,4CAA4C;IAwFpD;;OAEG;IACH,OAAO,CAAC,mCAAmC;IAoE3C;;;;OAIG;YACW,oCAAoC;IA6GlD;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAa5B;;;;OAIG;IACH,MAAM,CAAC,iBAAiB,CACpB,eAAe,EAAE,MAAM,EACvB,iBAAiB,CAAC,EAAE,iBAAiB,GACtC,MAAM;IAkBT;;;OAGG;IACH,MAAM,CAAC,oCAAoC,CACvC,IAAI,EAAE,MAAM,GACb,sBAAsB;IAQzB;;OAEG;IACH,iBAAiB,IAAI,MAAM;IAY3B;;;OAGG;IACH,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAI9B;;;OAGG;IACH,gCAAgC,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIvD;;;;;;;;;;;;;;;;;;;OAmBG;IACH,OAAO,CAAC,cAAc;IAwEtB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAS9B;;;;OAIG;IACH,OAAO,CAAC,4BAA4B;IASpC;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,wBAAwB;IAoDhC;;;;;OAKG;IACH,MAAM,CAAC,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAIpD;;;;;OAKG;IACH,MAAM,CAAC,4BAA4B,CAC/B,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,WAAW,CAAC,EAAE,MAAM,GACrB,MAAM;IAyBT;;;;;OAKG;IACH,MAAM,CAAC,8BAA8B,CACjC,QAAQ,EAAE,oBAAoB,EAC9B,WAAW,EAAE,MAAM,GACpB,oBAAoB;IAyBvB;;;;;;;;OAQG;IACH,MAAM,CAAC,sBAAsB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM;CAmB3D;AAED;;GAEG;AACH,wBAAgB,4BAA4B,CACxC,SAAS,EAAE,MAAM,GAClB,MAAM,GAAG,SAAS,CAsBpB;AAED,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,CAI/D;AAED,wBAAgB,2BAA2B,CACvC,WAAW,EAAE,OAAO,CAAC,gBAAgB,CAAC,GACvC,sBAAsB,CAoBxB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthorityMetadata.d.ts","sourceRoot":"","sources":["../../src/authority/AuthorityMetadata.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAC;AAC/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE,KAAK,WAAW,GAAG;IACf,gBAAgB,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,oBAAoB,CAAA;KAAE,CAAC;IAC1D,yBAAyB,EAAE,8BAA8B,CAAC;CAC7D,CAAC;AAkCF,eAAO,MAAM,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"AuthorityMetadata.d.ts","sourceRoot":"","sources":["../../src/authority/AuthorityMetadata.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,uBAAuB,CAAC;AAC/D,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AACrE,OAAO,EAAE,8BAA8B,EAAE,MAAM,qCAAqC,CAAC;AACrF,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE,KAAK,WAAW,GAAG;IACf,gBAAgB,EAAE;QAAE,CAAC,GAAG,EAAE,MAAM,GAAG,oBAAoB,CAAA;KAAE,CAAC;IAC1D,yBAAyB,EAAE,8BAA8B,CAAC;CAC7D,CAAC;AAkCF,eAAO,MAAM,cAAc,EAAE,WAoE5B,CAAC;AAEF,eAAO,MAAM,gBAAgB;;CAAkC,CAAC;AAChE,eAAO,MAAM,yBAAyB,gCACM,CAAC;AAE7C,eAAO,MAAM,gCAAgC,EAAE,GAAG,CAAC,MAAM,CAAa,CAAC;AASvE;;;;;GAKG;AACH,wBAAgB,2BAA2B,CACvC,sBAAsB,EAAE,sBAAsB,EAC9C,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,GACtB,MAAM,EAAE,CA0BV;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAClC,MAAM,EAAE,MAAM,EACd,aAAa,EAAE,MAAM,EACrB,aAAa,CAAC,EAAE,MAAM,EACtB,sBAAsB,CAAC,EAAE,sBAAsB,EAAE,EACjD,MAAM,CAAC,EAAE,uBAAuB,GACjC,MAAM,EAAE,GAAG,IAAI,CA0BjB;AAED;;GAEG;AACH,wBAAgB,4CAA4C,CACxD,aAAa,EAAE,MAAM,GACtB,sBAAsB,GAAG,IAAI,CAM/B;AAED;;;;GAIG;AACH,wBAAgB,4CAA4C,CACxD,QAAQ,EAAE,sBAAsB,EAAE,EAClC,aAAa,EAAE,MAAM,GACtB,sBAAsB,GAAG,IAAI,CAS/B"}
|
|
@@ -20,4 +20,5 @@ export declare const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
|
20
20
|
export declare const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
21
21
|
export declare const authorityMismatch = "authority_mismatch";
|
|
22
22
|
export declare const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
23
|
+
export declare const issuerValidationFailed = "issuer_validation_failed";
|
|
23
24
|
//# sourceMappingURL=ClientConfigurationErrorCodes.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ClientConfigurationErrorCodes.d.ts","sourceRoot":"","sources":["../../src/error/ClientConfigurationErrorCodes.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,gBAAgB,uBAAuB,CAAC;AACrD,eAAO,MAAM,yBAAyB,iCAAiC,CAAC;AACxE,eAAO,MAAM,oBAAoB,2BAA2B,CAAC;AAC7D,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,qBAAqB,6BAA6B,CAAC;AAChE,eAAO,MAAM,aAAa,mBAAmB,CAAC;AAC9C,eAAO,MAAM,iBAAiB,wBAAwB,CAAC;AACvD,eAAO,MAAM,kBAAkB,yBAAyB,CAAC;AACzD,eAAO,MAAM,0BAA0B,kCAAkC,CAAC;AAC1E,eAAO,MAAM,iBAAiB,wBAAwB,CAAC;AACvD,eAAO,MAAM,6BAA6B,qCAAqC,CAAC;AAChF,eAAO,MAAM,wBAAwB,+BAA+B,CAAC;AACrE,eAAO,MAAM,kBAAkB,wBAAwB,CAAC;AACxD,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,gCAAgC,wCACJ,CAAC;AAC1C,eAAO,MAAM,2BAA2B,kCAAkC,CAAC;AAC3E,eAAO,MAAM,oBAAoB,2BAA2B,CAAC;AAC7D,eAAO,MAAM,yBAAyB,iCAAiC,CAAC;AACxE,eAAO,MAAM,iBAAiB,uBAAuB,CAAC;AACtD,eAAO,MAAM,0BAA0B,mCAAmC,CAAC"}
|
|
1
|
+
{"version":3,"file":"ClientConfigurationErrorCodes.d.ts","sourceRoot":"","sources":["../../src/error/ClientConfigurationErrorCodes.ts"],"names":[],"mappings":"AAKA,eAAO,MAAM,gBAAgB,uBAAuB,CAAC;AACrD,eAAO,MAAM,yBAAyB,iCAAiC,CAAC;AACxE,eAAO,MAAM,oBAAoB,2BAA2B,CAAC;AAC7D,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,qBAAqB,6BAA6B,CAAC;AAChE,eAAO,MAAM,aAAa,mBAAmB,CAAC;AAC9C,eAAO,MAAM,iBAAiB,wBAAwB,CAAC;AACvD,eAAO,MAAM,kBAAkB,yBAAyB,CAAC;AACzD,eAAO,MAAM,0BAA0B,kCAAkC,CAAC;AAC1E,eAAO,MAAM,iBAAiB,wBAAwB,CAAC;AACvD,eAAO,MAAM,6BAA6B,qCAAqC,CAAC;AAChF,eAAO,MAAM,wBAAwB,+BAA+B,CAAC;AACrE,eAAO,MAAM,kBAAkB,wBAAwB,CAAC;AACxD,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAC/C,eAAO,MAAM,gCAAgC,wCACJ,CAAC;AAC1C,eAAO,MAAM,2BAA2B,kCAAkC,CAAC;AAC3E,eAAO,MAAM,oBAAoB,2BAA2B,CAAC;AAC7D,eAAO,MAAM,yBAAyB,iCAAiC,CAAC;AACxE,eAAO,MAAM,iBAAiB,uBAAuB,CAAC;AACtD,eAAO,MAAM,0BAA0B,mCAAmC,CAAC;AAC3E,eAAO,MAAM,sBAAsB,6BAA6B,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from "./index-browser.js";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from "./index-node.js";
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from "./index.js";
|
|
@@ -1,73 +0,0 @@
|
|
|
1
|
-
import { TokenClaims } from "./TokenClaims.js";
|
|
2
|
-
export type DataBoundary = "EU" | "None";
|
|
3
|
-
/**
|
|
4
|
-
* Account object with the following signature:
|
|
5
|
-
* - homeAccountId - Home account identifier for this account object
|
|
6
|
-
* - environment - Entity which issued the token represented by the domain of the issuer (e.g. login.microsoftonline.com)
|
|
7
|
-
* - tenantId - Full tenant or organizational id that this account belongs to
|
|
8
|
-
* - username - preferred_username claim of the id_token that represents this account
|
|
9
|
-
* - upn - The user's UPN used to populate the account username in cases where preferred_username is not present in the ID token claims.
|
|
10
|
-
* - localAccountId - Local, tenant-specific account identifer for this account object, usually used in legacy cases
|
|
11
|
-
* - name - Full name for the account, including given name and family name
|
|
12
|
-
* - idToken - raw ID token
|
|
13
|
-
* - idTokenClaims - Object contains claims from ID token
|
|
14
|
-
* - nativeAccountId - The user's native account ID
|
|
15
|
-
* - tenantProfiles - Map of tenant profile objects for each tenant that the account has authenticated with in the browser
|
|
16
|
-
* - dataBoundary - Data boundary extracted from clientInfo
|
|
17
|
-
*/
|
|
18
|
-
export type AccountInfo = {
|
|
19
|
-
homeAccountId: string;
|
|
20
|
-
environment: string;
|
|
21
|
-
tenantId: string;
|
|
22
|
-
username: string;
|
|
23
|
-
localAccountId: string;
|
|
24
|
-
loginHint?: string;
|
|
25
|
-
name?: string;
|
|
26
|
-
upn?: string;
|
|
27
|
-
idToken?: string;
|
|
28
|
-
idTokenClaims?: TokenClaims & {
|
|
29
|
-
[key: string]: string | number | string[] | object | undefined | unknown;
|
|
30
|
-
};
|
|
31
|
-
nativeAccountId?: string;
|
|
32
|
-
authorityType?: string;
|
|
33
|
-
tenantProfiles?: Map<string, TenantProfile>;
|
|
34
|
-
dataBoundary?: DataBoundary;
|
|
35
|
-
};
|
|
36
|
-
/**
|
|
37
|
-
* Account details that vary across tenants for the same user
|
|
38
|
-
*/
|
|
39
|
-
export type TenantProfile = Pick<AccountInfo, "tenantId" | "localAccountId" | "name" | "username" | "loginHint" | "upn"> & {
|
|
40
|
-
/**
|
|
41
|
-
* - isHomeTenant - True if this is the home tenant profile of the account, false if it's a guest tenant profile
|
|
42
|
-
*/
|
|
43
|
-
isHomeTenant?: boolean;
|
|
44
|
-
};
|
|
45
|
-
export type ActiveAccountFilters = {
|
|
46
|
-
homeAccountId: string;
|
|
47
|
-
localAccountId: string;
|
|
48
|
-
tenantId?: string;
|
|
49
|
-
};
|
|
50
|
-
/**
|
|
51
|
-
* Returns true if tenantId matches the utid portion of homeAccountId
|
|
52
|
-
* @param tenantId
|
|
53
|
-
* @param homeAccountId
|
|
54
|
-
* @returns
|
|
55
|
-
*/
|
|
56
|
-
export declare function tenantIdMatchesHomeTenant(tenantId?: string, homeAccountId?: string): boolean;
|
|
57
|
-
/**
|
|
58
|
-
* Build tenant profile
|
|
59
|
-
* @param homeAccountId - Home account identifier for this account object
|
|
60
|
-
* @param localAccountId - Local account identifer for this account object
|
|
61
|
-
* @param tenantId - Full tenant or organizational id that this account belongs to
|
|
62
|
-
* @param idTokenClaims - Claims from the ID token
|
|
63
|
-
* @returns
|
|
64
|
-
*/
|
|
65
|
-
export declare function buildTenantProfile(homeAccountId: string, localAccountId: string, tenantId: string, idTokenClaims?: TokenClaims): TenantProfile;
|
|
66
|
-
/**
|
|
67
|
-
* Replaces account info that varies by tenant profile sourced from the ID token claims passed in with the tenant-specific account info
|
|
68
|
-
* @param baseAccountInfo
|
|
69
|
-
* @param idTokenClaims
|
|
70
|
-
* @returns
|
|
71
|
-
*/
|
|
72
|
-
export declare function updateAccountTenantProfileData(baseAccountInfo: AccountInfo, tenantProfile?: TenantProfile, idTokenClaims?: TokenClaims, idTokenSecret?: string): AccountInfo;
|
|
73
|
-
//# sourceMappingURL=AccountInfo.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"AccountInfo.d.ts","sourceRoot":"","sources":["../../src/account/AccountInfo.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/C,MAAM,MAAM,YAAY,GAAG,IAAI,GAAG,MAAM,CAAC;AAEzC;;;;;;;;;;;;;;GAcG;AACH,MAAM,MAAM,WAAW,GAAG;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,WAAW,GAAG;QAC1B,CAAC,GAAG,EAAE,MAAM,GACN,MAAM,GACN,MAAM,GACN,MAAM,EAAE,GACR,MAAM,GACN,SAAS,GACT,OAAO,CAAC;KACjB,CAAC;IACF,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,cAAc,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC5C,YAAY,CAAC,EAAE,YAAY,CAAC;CAC/B,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,IAAI,CAC5B,WAAW,EACX,UAAU,GAAG,gBAAgB,GAAG,MAAM,GAAG,UAAU,GAAG,WAAW,GAAG,KAAK,CAC5E,GAAG;IACA;;OAEG;IACH,YAAY,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACrC,QAAQ,CAAC,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAMT;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAC9B,aAAa,EAAE,MAAM,EACrB,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,aAAa,CAAC,EAAE,WAAW,GAC5B,aAAa,CAuCf;AAED;;;;;GAKG;AACH,wBAAgB,8BAA8B,CAC1C,eAAe,EAAE,WAAW,EAC5B,aAAa,CAAC,EAAE,aAAa,EAC7B,aAAa,CAAC,EAAE,WAAW,EAC3B,aAAa,CAAC,EAAE,MAAM,GACvB,WAAW,CAgCb"}
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import { TokenClaims } from "./TokenClaims.js";
|
|
2
|
-
/**
|
|
3
|
-
* Extract token by decoding the rawToken
|
|
4
|
-
*
|
|
5
|
-
* @param encodedToken
|
|
6
|
-
*/
|
|
7
|
-
export declare function extractTokenClaims(encodedToken: string, base64Decode: (input: string) => string): TokenClaims;
|
|
8
|
-
/**
|
|
9
|
-
* Check if the signin_state claim contains "kmsi"
|
|
10
|
-
* @param idTokenClaims
|
|
11
|
-
* @returns
|
|
12
|
-
*/
|
|
13
|
-
export declare function isKmsi(idTokenClaims: TokenClaims): boolean;
|
|
14
|
-
/**
|
|
15
|
-
* decode a JWT
|
|
16
|
-
*
|
|
17
|
-
* @param authToken
|
|
18
|
-
*/
|
|
19
|
-
export declare function getJWSPayload(authToken: string): string;
|
|
20
|
-
/**
|
|
21
|
-
* Determine if the token's max_age has transpired
|
|
22
|
-
*/
|
|
23
|
-
export declare function checkMaxAge(authTime: number, maxAge: number): void;
|
|
24
|
-
//# sourceMappingURL=AuthToken.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"AuthToken.d.ts","sourceRoot":"","sources":["../../src/account/AuthToken.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAM/C;;;;GAIG;AACH,wBAAgB,kBAAkB,CAC9B,YAAY,EAAE,MAAM,EACpB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GACxC,WAAW,CAWb;AAED;;;;GAIG;AACH,wBAAgB,MAAM,CAAC,aAAa,EAAE,WAAW,GAAG,OAAO,CAe1D;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAkBvD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI,CAUlE"}
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
export type CcsCredential = {
|
|
2
|
-
credential: string;
|
|
3
|
-
type: CcsCredentialType;
|
|
4
|
-
};
|
|
5
|
-
export declare const CcsCredentialType: {
|
|
6
|
-
readonly HOME_ACCOUNT_ID: "home_account_id";
|
|
7
|
-
readonly UPN: "UPN";
|
|
8
|
-
};
|
|
9
|
-
export type CcsCredentialType = (typeof CcsCredentialType)[keyof typeof CcsCredentialType];
|
|
10
|
-
//# sourceMappingURL=CcsCredential.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"CcsCredential.d.ts","sourceRoot":"","sources":["../../src/account/CcsCredential.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,aAAa,GAAG;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,iBAAiB,CAAC;CAC3B,CAAC;AAEF,eAAO,MAAM,iBAAiB;;;CAGpB,CAAC;AACX,MAAM,MAAM,iBAAiB,GACzB,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC"}
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
export type ClientAssertionConfig = {
|
|
2
|
-
clientId: string;
|
|
3
|
-
tokenEndpoint?: string;
|
|
4
|
-
};
|
|
5
|
-
export type ClientAssertionCallback = (config: ClientAssertionConfig) => Promise<string>;
|
|
6
|
-
/**
|
|
7
|
-
* Client Assertion credential for Confidential Clients
|
|
8
|
-
*/
|
|
9
|
-
export type ClientAssertion = {
|
|
10
|
-
assertion: string | ClientAssertionCallback;
|
|
11
|
-
assertionType: string;
|
|
12
|
-
};
|
|
13
|
-
/**
|
|
14
|
-
* Client Credentials set for Confidential Clients
|
|
15
|
-
*/
|
|
16
|
-
export type ClientCredentials = {
|
|
17
|
-
clientSecret?: string;
|
|
18
|
-
clientAssertion?: ClientAssertion;
|
|
19
|
-
};
|
|
20
|
-
//# sourceMappingURL=ClientCredentials.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ClientCredentials.d.ts","sourceRoot":"","sources":["../../src/account/ClientCredentials.ts"],"names":[],"mappings":"AAKA,MAAM,MAAM,qBAAqB,GAAG;IAChC,QAAQ,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,MAAM,MAAM,uBAAuB,GAAG,CAClC,MAAM,EAAE,qBAAqB,KAC5B,OAAO,CAAC,MAAM,CAAC,CAAC;AAErB;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG;IAC1B,SAAS,EAAE,MAAM,GAAG,uBAAuB,CAAC;IAC5C,aAAa,EAAE,MAAM,CAAC;CACzB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,iBAAiB,GAAG;IAC5B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,eAAe,CAAC;CACrC,CAAC"}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Client info object which consists of:
|
|
3
|
-
* uid: user id
|
|
4
|
-
* utid: tenant id
|
|
5
|
-
* xms_tdbr: optional, only for non-US tenants
|
|
6
|
-
*/
|
|
7
|
-
export type ClientInfo = {
|
|
8
|
-
uid: string;
|
|
9
|
-
utid: string;
|
|
10
|
-
xms_tdbr?: string;
|
|
11
|
-
};
|
|
12
|
-
/**
|
|
13
|
-
* Function to build a client info object from server clientInfo string
|
|
14
|
-
* @param rawClientInfo
|
|
15
|
-
* @param crypto
|
|
16
|
-
*/
|
|
17
|
-
export declare function buildClientInfo(rawClientInfo: string, base64Decode: (input: string) => string): ClientInfo;
|
|
18
|
-
/**
|
|
19
|
-
* Function to build a client info object from cached homeAccountId string
|
|
20
|
-
* @param homeAccountId
|
|
21
|
-
*/
|
|
22
|
-
export declare function buildClientInfoFromHomeAccountId(homeAccountId: string): ClientInfo;
|
|
23
|
-
//# sourceMappingURL=ClientInfo.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"ClientInfo.d.ts","sourceRoot":"","sources":["../../src/account/ClientInfo.ts"],"names":[],"mappings":"AAWA;;;;;GAKG;AACH,MAAM,MAAM,UAAU,GAAG;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACrB,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,eAAe,CAC3B,aAAa,EAAE,MAAM,EACrB,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GACxC,UAAU,CAaZ;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,CAC5C,aAAa,EAAE,MAAM,GACtB,UAAU,CAcZ"}
|
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Type which describes Id Token claims known by MSAL.
|
|
3
|
-
*/
|
|
4
|
-
export type TokenClaims = {
|
|
5
|
-
/**
|
|
6
|
-
* Audience
|
|
7
|
-
*/
|
|
8
|
-
aud?: string;
|
|
9
|
-
/**
|
|
10
|
-
* Issuer
|
|
11
|
-
*/
|
|
12
|
-
iss?: string;
|
|
13
|
-
/**
|
|
14
|
-
* Issued at
|
|
15
|
-
*/
|
|
16
|
-
iat?: number;
|
|
17
|
-
/**
|
|
18
|
-
* Not valid before
|
|
19
|
-
*/
|
|
20
|
-
nbf?: number;
|
|
21
|
-
/**
|
|
22
|
-
* Immutable object identifier, this ID uniquely identifies the user across applications
|
|
23
|
-
*/
|
|
24
|
-
oid?: string;
|
|
25
|
-
/**
|
|
26
|
-
* Immutable subject identifier, this is a pairwise identifier - it is unique to a particular application ID
|
|
27
|
-
*/
|
|
28
|
-
sub?: string;
|
|
29
|
-
/**
|
|
30
|
-
* Users' tenant or '9188040d-6c67-4c5b-b112-36a304b66dad' for personal accounts.
|
|
31
|
-
*/
|
|
32
|
-
tid?: string;
|
|
33
|
-
/**
|
|
34
|
-
* Trusted Framework Policy (B2C) The name of the policy that was used to acquire the ID token.
|
|
35
|
-
*/
|
|
36
|
-
tfp?: string;
|
|
37
|
-
/**
|
|
38
|
-
* Authentication Context Class Reference (B2C) Used only with older policies.
|
|
39
|
-
*/
|
|
40
|
-
acr?: string;
|
|
41
|
-
ver?: string;
|
|
42
|
-
upn?: string;
|
|
43
|
-
preferred_username?: string;
|
|
44
|
-
login_hint?: string;
|
|
45
|
-
/**
|
|
46
|
-
* Contains KMSI (Keep Me Signed In) status among other things
|
|
47
|
-
*/
|
|
48
|
-
signin_state?: Array<string>;
|
|
49
|
-
emails?: string[];
|
|
50
|
-
name?: string;
|
|
51
|
-
nonce?: string;
|
|
52
|
-
/**
|
|
53
|
-
* Expiration
|
|
54
|
-
*/
|
|
55
|
-
exp?: number;
|
|
56
|
-
home_oid?: string;
|
|
57
|
-
sid?: string;
|
|
58
|
-
cloud_instance_host_name?: string;
|
|
59
|
-
cnf?: {
|
|
60
|
-
kid: string;
|
|
61
|
-
};
|
|
62
|
-
x5c_ca?: string[];
|
|
63
|
-
ts?: number;
|
|
64
|
-
at?: string;
|
|
65
|
-
u?: string;
|
|
66
|
-
p?: string;
|
|
67
|
-
m?: string;
|
|
68
|
-
roles?: string[];
|
|
69
|
-
amr?: string[];
|
|
70
|
-
idp?: string;
|
|
71
|
-
auth_time?: number;
|
|
72
|
-
/**
|
|
73
|
-
* Region of the resource tenant
|
|
74
|
-
*/
|
|
75
|
-
tenant_region_scope?: string;
|
|
76
|
-
tenant_region_sub_scope?: string;
|
|
77
|
-
};
|
|
78
|
-
/**
|
|
79
|
-
* Gets tenantId from available ID token claims to set as credential realm with the following precedence:
|
|
80
|
-
* 1. tid - if the token is acquired from an Azure AD tenant tid will be present
|
|
81
|
-
* 2. tfp - if the token is acquired from a modern B2C tenant tfp should be present
|
|
82
|
-
* 3. acr - if the token is acquired from a legacy B2C tenant acr should be present
|
|
83
|
-
* Downcased to match the realm case-insensitive comparison requirements
|
|
84
|
-
* @param idTokenClaims
|
|
85
|
-
* @returns
|
|
86
|
-
*/
|
|
87
|
-
export declare function getTenantIdFromIdTokenClaims(idTokenClaims?: TokenClaims): string | null;
|
|
88
|
-
//# sourceMappingURL=TokenClaims.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"TokenClaims.d.ts","sourceRoot":"","sources":["../../src/account/TokenClaims.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG;IACtB;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB;;OAEG;IACH,YAAY,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC7B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IACf;;OAEG;IACH,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,GAAG,CAAC,EAAE;QACF,GAAG,EAAE,MAAM,CAAC;KACf,CAAC;IACF,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,CAAC,CAAC,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB;;OAEG;IACH,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,uBAAuB,CAAC,EAAE,MAAM,CAAC;CACpC,CAAC;AAEF;;;;;;;;GAQG;AACH,wBAAgB,4BAA4B,CACxC,aAAa,CAAC,EAAE,WAAW,GAC5B,MAAM,GAAG,IAAI,CAOf"}
|