@azure/msal-common 16.6.0 → 16.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (162) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +140 -5
  7. package/dist/authority/Authority.mjs.map +1 -1
  8. package/dist/authority/AuthorityFactory.mjs +1 -1
  9. package/dist/authority/AuthorityMetadata.mjs +10 -1
  10. package/dist/authority/AuthorityMetadata.mjs.map +1 -1
  11. package/dist/authority/AuthorityOptions.mjs +1 -1
  12. package/dist/authority/AuthorityType.mjs +1 -1
  13. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  14. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  15. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  16. package/dist/authority/ProtocolMode.mjs +1 -1
  17. package/dist/authority/RegionDiscovery.mjs +1 -1
  18. package/dist/cache/CacheManager.mjs +1 -1
  19. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  20. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  21. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  22. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  23. package/dist/client/RefreshTokenClient.mjs +1 -1
  24. package/dist/client/SilentFlowClient.mjs +1 -1
  25. package/dist/config/ClientConfiguration.mjs +1 -1
  26. package/dist/constants/AADServerParamKeys.mjs +1 -1
  27. package/dist/crypto/ICrypto.mjs +1 -1
  28. package/dist/crypto/JoseHeader.mjs +1 -1
  29. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  30. package/dist/error/AuthError.mjs +1 -1
  31. package/dist/error/AuthErrorCodes.mjs +1 -1
  32. package/dist/error/CacheError.mjs +1 -1
  33. package/dist/error/CacheErrorCodes.mjs +1 -1
  34. package/dist/error/ClientAuthError.mjs +1 -1
  35. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  36. package/dist/error/ClientConfigurationError.mjs +1 -1
  37. package/dist/error/ClientConfigurationErrorCodes.mjs +4 -3
  38. package/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  39. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  40. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  41. package/dist/error/JoseHeaderError.mjs +1 -1
  42. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  43. package/dist/error/NetworkError.mjs +1 -1
  44. package/dist/error/PlatformBrokerError.mjs +1 -1
  45. package/dist/error/ServerError.mjs +1 -1
  46. package/dist/index-node.mjs +1 -1
  47. package/dist/index.mjs +1 -1
  48. package/dist/logger/Logger.mjs +1 -1
  49. package/dist/network/INetworkModule.mjs +1 -1
  50. package/dist/network/RequestThumbprint.mjs +1 -1
  51. package/dist/network/ThrottlingUtils.mjs +1 -1
  52. package/dist/packageMetadata.mjs +2 -2
  53. package/dist/protocol/Authorize.mjs +1 -1
  54. package/dist/protocol/Token.mjs +1 -1
  55. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  56. package/dist/request/BaseAuthRequest.mjs +1 -1
  57. package/dist/request/RequestParameterBuilder.mjs +1 -1
  58. package/dist/request/ScopeSet.mjs +1 -1
  59. package/dist/response/ResponseHandler.mjs +1 -1
  60. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  61. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  62. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  63. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  64. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  65. package/dist/url/UrlString.mjs +1 -1
  66. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  67. package/dist/utils/Constants.mjs +1 -1
  68. package/dist/utils/FunctionWrappers.mjs +1 -1
  69. package/dist/utils/ProtocolUtils.mjs +1 -1
  70. package/dist/utils/StringUtils.mjs +1 -1
  71. package/dist/utils/TimeUtils.mjs +1 -1
  72. package/dist/utils/UrlUtils.mjs +1 -1
  73. package/dist-browser/account/AccountInfo.mjs +1 -1
  74. package/dist-browser/account/AuthToken.mjs +1 -1
  75. package/dist-browser/account/CcsCredential.mjs +1 -1
  76. package/dist-browser/account/ClientInfo.mjs +1 -1
  77. package/dist-browser/account/TokenClaims.mjs +1 -1
  78. package/dist-browser/authority/Authority.mjs +140 -5
  79. package/dist-browser/authority/Authority.mjs.map +1 -1
  80. package/dist-browser/authority/AuthorityFactory.mjs +1 -1
  81. package/dist-browser/authority/AuthorityMetadata.mjs +10 -1
  82. package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -1
  83. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  84. package/dist-browser/authority/AuthorityType.mjs +1 -1
  85. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  86. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  87. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  88. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  89. package/dist-browser/authority/RegionDiscovery.mjs +1 -1
  90. package/dist-browser/cache/CacheManager.mjs +1 -1
  91. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  92. package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
  93. package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
  94. package/dist-browser/client/AuthorizationCodeClient.mjs +1 -1
  95. package/dist-browser/client/RefreshTokenClient.mjs +1 -1
  96. package/dist-browser/client/SilentFlowClient.mjs +1 -1
  97. package/dist-browser/config/ClientConfiguration.mjs +1 -1
  98. package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
  99. package/dist-browser/crypto/ICrypto.mjs +1 -1
  100. package/dist-browser/crypto/JoseHeader.mjs +1 -1
  101. package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
  102. package/dist-browser/error/AuthError.mjs +1 -1
  103. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  104. package/dist-browser/error/CacheError.mjs +1 -1
  105. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  106. package/dist-browser/error/ClientAuthError.mjs +1 -1
  107. package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
  108. package/dist-browser/error/ClientConfigurationError.mjs +1 -1
  109. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +4 -3
  110. package/dist-browser/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  111. package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
  112. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  113. package/dist-browser/error/JoseHeaderError.mjs +1 -1
  114. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  115. package/dist-browser/error/NetworkError.mjs +1 -1
  116. package/dist-browser/error/PlatformBrokerError.mjs +1 -1
  117. package/dist-browser/error/ServerError.mjs +1 -1
  118. package/dist-browser/index-browser.mjs +1 -1
  119. package/dist-browser/index.mjs +1 -1
  120. package/dist-browser/log-strings-mapping.json +4 -4
  121. package/dist-browser/logger/Logger.mjs +1 -1
  122. package/dist-browser/network/INetworkModule.mjs +1 -1
  123. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  124. package/dist-browser/network/ThrottlingUtils.mjs +1 -1
  125. package/dist-browser/packageMetadata.mjs +2 -2
  126. package/dist-browser/protocol/Authorize.mjs +1 -1
  127. package/dist-browser/protocol/Token.mjs +1 -1
  128. package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
  129. package/dist-browser/request/BaseAuthRequest.mjs +1 -1
  130. package/dist-browser/request/RequestParameterBuilder.mjs +1 -1
  131. package/dist-browser/request/ScopeSet.mjs +1 -1
  132. package/dist-browser/response/ResponseHandler.mjs +1 -1
  133. package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
  134. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
  135. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  136. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  137. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
  138. package/dist-browser/url/UrlString.mjs +1 -1
  139. package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
  140. package/dist-browser/utils/Constants.mjs +1 -1
  141. package/dist-browser/utils/FunctionWrappers.mjs +1 -1
  142. package/dist-browser/utils/ProtocolUtils.mjs +1 -1
  143. package/dist-browser/utils/StringUtils.mjs +1 -1
  144. package/dist-browser/utils/TimeUtils.mjs +1 -1
  145. package/dist-browser/utils/UrlUtils.mjs +1 -1
  146. package/lib/index-browser.cjs +2 -2
  147. package/lib/{index-node-BtcbvYTx.js → index-node-Cr_rbZzO.js} +152 -6
  148. package/lib/index-node-Cr_rbZzO.js.map +1 -0
  149. package/lib/index-node.cjs +2 -2
  150. package/lib/index.cjs +2 -2
  151. package/package.json +1 -1
  152. package/src/authority/Authority.ts +189 -2
  153. package/src/authority/AuthorityMetadata.ts +9 -0
  154. package/src/error/ClientConfigurationErrorCodes.ts +1 -0
  155. package/src/packageMetadata.ts +1 -1
  156. package/types/authority/Authority.d.ts +47 -1
  157. package/types/authority/Authority.d.ts.map +1 -1
  158. package/types/authority/AuthorityMetadata.d.ts.map +1 -1
  159. package/types/error/ClientConfigurationErrorCodes.d.ts +1 -0
  160. package/types/error/ClientConfigurationErrorCodes.d.ts.map +1 -1
  161. package/types/packageMetadata.d.ts +1 -1
  162. package/lib/index-node-BtcbvYTx.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.0 2026-05-07 */
1
+ /*! @azure/msal-common v16.6.1 2026-05-11 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -292,7 +292,8 @@ const invalidAuthenticationHeader = "invalid_authentication_header";
292
292
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
293
293
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
294
294
  const authorityMismatch = "authority_mismatch";
295
- const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
295
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
296
+ const issuerValidationFailed = "issuer_validation_failed";
296
297
 
297
298
  var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
298
299
  __proto__: null,
@@ -308,6 +309,7 @@ var ClientConfigurationErrorCodes = /*#__PURE__*/Object.freeze({
308
309
  invalidCloudDiscoveryMetadata: invalidCloudDiscoveryMetadata,
309
310
  invalidCodeChallengeMethod: invalidCodeChallengeMethod,
310
311
  invalidRequestMethodForEAR: invalidRequestMethodForEAR,
312
+ issuerValidationFailed: issuerValidationFailed,
311
313
  logoutRequestEmpty: logoutRequestEmpty,
312
314
  missingNonceAuthenticationHeader: missingNonceAuthenticationHeader,
313
315
  missingSshJwk: missingSshJwk,
@@ -1054,6 +1056,15 @@ const rawMetdataJSON = {
1054
1056
  preferred_cache: "login.sovcloud-identity.sg",
1055
1057
  aliases: ["login.sovcloud-identity.sg"],
1056
1058
  },
1059
+ {
1060
+ preferred_network: "login.windows-ppe.net",
1061
+ preferred_cache: "login.windows-ppe.net",
1062
+ aliases: [
1063
+ "login.windows-ppe.net",
1064
+ "sts.windows-ppe.net",
1065
+ "login.microsoft-ppe.com",
1066
+ ],
1067
+ },
1057
1068
  ],
1058
1069
  },
1059
1070
  };
@@ -2093,7 +2104,7 @@ class Authority {
2093
2104
  }, this.correlationId);
2094
2105
  }
2095
2106
  /**
2096
- * Returns metadata entity from cache if it exists, otherwiser returns a new metadata entity built
2107
+ * Returns metadata entity from cache if it exists, otherwise returns a new metadata entity built
2097
2108
  * from the configured canonical authority
2098
2109
  * @returns
2099
2110
  */
@@ -2162,6 +2173,8 @@ class Authority {
2162
2173
  // Get metadata from network if local sources aren't available
2163
2174
  let metadata = await invokeAsync(this.getEndpointMetadataFromNetwork.bind(this), AuthorityGetEndpointMetadataFromNetwork, this.logger, this.performanceClient, this.correlationId)();
2164
2175
  if (metadata) {
2176
+ // Validate the issuer returned by the OIDC discovery document.
2177
+ this.validateIssuer(metadata.issuer);
2165
2178
  // If the user prefers to use an azure region replace the global endpoints with regional information.
2166
2179
  if (this.authorityOptions.azureRegionConfiguration?.azureRegion) {
2167
2180
  metadata = await invokeAsync(this.updateMetadataWithRegionalInformation.bind(this), AuthorityUpdateMetadataWithRegionalInformation, this.logger, this.performanceClient, this.correlationId)(metadata);
@@ -2330,7 +2343,7 @@ class Authority {
2330
2343
  throw createClientConfigurationError(untrustedAuthority);
2331
2344
  }
2332
2345
  updateCloudDiscoveryMetadataFromLocalSources(metadataEntity) {
2333
- this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration", this.correlationId);
2346
+ this.logger.verbose("Attempting to get cloud discovery metadata from authority configuration", this.correlationId);
2334
2347
  this.logger.verbosePii(`Known Authorities: '${this.authorityOptions.knownAuthorities ||
2335
2348
  NOT_APPLICABLE}'`, this.correlationId);
2336
2349
  this.logger.verbosePii(`Authority Metadata: '${this.authorityOptions.authorityMetadata ||
@@ -2530,6 +2543,139 @@ class Authority {
2530
2543
  isAliasOfKnownMicrosoftAuthority(host) {
2531
2544
  return InstanceDiscoveryMetadataAliases.has(host);
2532
2545
  }
2546
+ /**
2547
+ * Validates the `issuer` returned by an OIDC discovery document against
2548
+ * this authority, per
2549
+ * https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation
2550
+ *
2551
+ * The issuer is accepted when ANY of the following holds:
2552
+ * 1. The issuer scheme + host + port match the authority's (path may
2553
+ * differ). Applies to all authorities.
2554
+ * 2. The authority is a Microsoft cloud authority (public, sovereign,
2555
+ * or CIAM), the issuer is HTTPS, and the issuer host is in the known
2556
+ * Microsoft authority host set.
2557
+ * 3. Same as (2), but the issuer host is a single-label regional variant
2558
+ * of a known Microsoft host (e.g. `westus.login.microsoftonline.com`).
2559
+ * 4. Same as (2), but the issuer host matches the CIAM tenant pattern
2560
+ * `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
2561
+ * path.
2562
+ *
2563
+ * @param issuer The `issuer` value returned in the OIDC discovery document.
2564
+ * @throws ClientConfigurationError("issuer_validation_failed") on failure.
2565
+ */
2566
+ validateIssuer(issuer) {
2567
+ if (!issuer) {
2568
+ throw createClientConfigurationError(issuerValidationFailed);
2569
+ }
2570
+ // Parse with the WHATWG URL API. URL normalizes scheme + host to lowercase per RFC 3986.
2571
+ let issuerUrl;
2572
+ try {
2573
+ issuerUrl = new URL(issuer);
2574
+ }
2575
+ catch {
2576
+ throw createClientConfigurationError(issuerValidationFailed);
2577
+ }
2578
+ const issuerScheme = issuerUrl.protocol;
2579
+ const issuerHost = issuerUrl.host;
2580
+ const authorityScheme = (this.canonicalAuthorityUrlComponents.Protocol || "").toLowerCase();
2581
+ const authorityHost = (this.canonicalAuthorityUrlComponents.HostNameAndPort || "").toLowerCase();
2582
+ // Rule 1: Same scheme and host
2583
+ const matchesAuthorityOrigin = this.matchesAuthorityOrigin(issuerScheme, issuerHost, authorityScheme, authorityHost);
2584
+ // Rule 2: The issuer host is a well-known Microsoft authority host (HTTPS only)
2585
+ const matchesKnownMicrosoftHost = issuerScheme === "https:" &&
2586
+ this.isAliasOfKnownMicrosoftAuthority(issuerHost);
2587
+ /*
2588
+ * Rule 3: The issuer host is a regional variant ({region}.{host}) of a well-known host
2589
+ * (HTTPS only). E.g. westus2.login.microsoft.com
2590
+ */
2591
+ const matchesRegionalMicrosoftHost = issuerScheme === "https:" &&
2592
+ this.matchesRegionalMicrosoftHost(issuerHost);
2593
+ /*
2594
+ * Rule 4: CIAM-specific validation. In a CIAM scenario the issuer is expected to
2595
+ * have "{tenant}.ciamlogin.com" as the host, even when using a custom domain.
2596
+ */
2597
+ const matchesCiamTenantPattern = this.matchesCiamTenantPattern(issuerUrl, authorityHost, this.canonicalAuthorityUrlComponents.PathSegments);
2598
+ // Each rule is an independent boolean; the issuer is valid if ANY rule matches.
2599
+ if (matchesAuthorityOrigin ||
2600
+ matchesKnownMicrosoftHost ||
2601
+ matchesRegionalMicrosoftHost ||
2602
+ matchesCiamTenantPattern) {
2603
+ return;
2604
+ }
2605
+ // issuer validation fails if none of the above rules are satisfied
2606
+ throw createClientConfigurationError(issuerValidationFailed);
2607
+ }
2608
+ /**
2609
+ * Rule 1: The issuer scheme + host (and port) match the authority's. Path
2610
+ * may differ. Applies to all authorities.
2611
+ */
2612
+ matchesAuthorityOrigin(issuerScheme, issuerHost, authorityScheme, authorityHost) {
2613
+ return issuerScheme === authorityScheme && issuerHost === authorityHost;
2614
+ }
2615
+ /**
2616
+ * Rule 3: The issuer host is a regional variant
2617
+ * (`{region}.{host}`) of a known Microsoft authority host.
2618
+ * E.g. `westus2.login.microsoft.com`.
2619
+ */
2620
+ matchesRegionalMicrosoftHost(issuerHost) {
2621
+ const firstDot = issuerHost.indexOf(".");
2622
+ if (firstDot > 0 && firstDot < issuerHost.length - 1) {
2623
+ const hostWithoutRegion = issuerHost.substring(firstDot + 1);
2624
+ return this.isAliasOfKnownMicrosoftAuthority(hostWithoutRegion);
2625
+ }
2626
+ return false;
2627
+ }
2628
+ /**
2629
+ * Rule 4: The issuer matches one of the well-known CIAM tenant patterns
2630
+ * (`https://{tenant}.ciamlogin.com[/{tenant}[.onmicrosoft.com][/v2.0]]`).
2631
+ *
2632
+ * The bare tenant name is extracted from the authority's first path segment
2633
+ * when available (stripping the `.onmicrosoft.com` suffix that
2634
+ * `transformCIAMAuthority` adds), or otherwise from the leftmost label of
2635
+ * the authority host (to support CIAM custom domain scenarios).
2636
+ *
2637
+ * Both `/{tenant}` and `/{tenant}.onmicrosoft.com` path forms are accepted
2638
+ * because the OIDC issuer may use either form depending on the authority URL
2639
+ * that was used to trigger discovery.
2640
+ */
2641
+ matchesCiamTenantPattern(issuerUrl, authorityHost, authorityPathSegments) {
2642
+ /*
2643
+ * authorityPathSegments[0] is the first path segment of the *authority
2644
+ * URL* after transformCIAMAuthority runs (e.g. "contoso.onmicrosoft.com").
2645
+ * Additional CIAM issuer path segments such as "/v2.0" are part of the
2646
+ * issuer string, not the authority URL's PathSegments.
2647
+ */
2648
+ const pathSegment = authorityPathSegments[0];
2649
+ /*
2650
+ * Extract the bare tenant name: strip the .onmicrosoft.com suffix when
2651
+ * present (introduced by transformCIAMAuthority), or fall back to the
2652
+ * first label of the authority hostname for non-transformed/custom-domain
2653
+ * CIAM authorities.
2654
+ */
2655
+ const tenantName = pathSegment
2656
+ ? pathSegment.endsWith(AAD_TENANT_DOMAIN_SUFFIX)
2657
+ ? pathSegment.slice(0, -AAD_TENANT_DOMAIN_SUFFIX.length)
2658
+ : pathSegment
2659
+ : authorityHost.split(".")[0];
2660
+ if (!tenantName) {
2661
+ return false;
2662
+ }
2663
+ const ciamBaseURL = `https://${tenantName}${CIAM_AUTH_URL}`;
2664
+ const validCiamPatterns = [
2665
+ ciamBaseURL,
2666
+ `${ciamBaseURL}/${tenantName}`,
2667
+ `${ciamBaseURL}/${tenantName}/v2.0`,
2668
+ `${ciamBaseURL}/${tenantName}${AAD_TENANT_DOMAIN_SUFFIX}`,
2669
+ `${ciamBaseURL}/${tenantName}${AAD_TENANT_DOMAIN_SUFFIX}/v2.0`, // https://{tenant}.ciamlogin.com/{tenant}.onmicrosoft.com/v2.0
2670
+ ];
2671
+ /*
2672
+ * Compose the canonical issuer string from URL components and strip any
2673
+ * trailing slashes from the path so it can be compared to the pattern set.
2674
+ */
2675
+ const issuerPath = issuerUrl.pathname.replace(/\/+$/, "");
2676
+ const normalizedIssuer = `${issuerUrl.protocol}//${issuerUrl.host}${issuerPath}`;
2677
+ return validCiamPatterns.some((pattern) => pattern === normalizedIssuer);
2678
+ }
2533
2679
  /**
2534
2680
  * Checks whether the provided host is that of a public cloud authority
2535
2681
  *
@@ -4265,7 +4411,7 @@ class Logger {
4265
4411
 
4266
4412
  /* eslint-disable header/header */
4267
4413
  const name = "@azure/msal-common";
4268
- const version = "16.6.0";
4414
+ const version = "16.6.1";
4269
4415
 
4270
4416
  /*
4271
4417
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -7893,4 +8039,4 @@ exports.invokeAsync = invokeAsync;
7893
8039
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
7894
8040
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
7895
8041
  exports.version = version;
7896
- //# sourceMappingURL=index-node-BtcbvYTx.js.map
8042
+ //# sourceMappingURL=index-node-Cr_rbZzO.js.map