@azure/msal-common 16.6.2 → 16.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (153) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AuthToken.mjs +1 -1
  3. package/dist/account/CcsCredential.mjs +1 -1
  4. package/dist/account/ClientInfo.mjs +1 -1
  5. package/dist/account/TokenClaims.mjs +1 -1
  6. package/dist/authority/Authority.mjs +19 -6
  7. package/dist/authority/Authority.mjs.map +1 -1
  8. package/dist/authority/AuthorityFactory.mjs +1 -1
  9. package/dist/authority/AuthorityMetadata.mjs +1 -1
  10. package/dist/authority/AuthorityOptions.mjs +1 -1
  11. package/dist/authority/AuthorityType.mjs +1 -1
  12. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  13. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  14. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  15. package/dist/authority/ProtocolMode.mjs +1 -1
  16. package/dist/authority/RegionDiscovery.mjs +1 -1
  17. package/dist/cache/CacheManager.mjs +1 -1
  18. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  19. package/dist/cache/utils/AccountEntityUtils.mjs +1 -1
  20. package/dist/cache/utils/CacheHelpers.mjs +1 -1
  21. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  22. package/dist/client/RefreshTokenClient.mjs +1 -1
  23. package/dist/client/SilentFlowClient.mjs +1 -1
  24. package/dist/config/ClientConfiguration.mjs +1 -1
  25. package/dist/constants/AADServerParamKeys.mjs +1 -1
  26. package/dist/crypto/ICrypto.mjs +1 -1
  27. package/dist/crypto/JoseHeader.mjs +1 -1
  28. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  29. package/dist/error/AuthError.mjs +1 -1
  30. package/dist/error/AuthErrorCodes.mjs +1 -1
  31. package/dist/error/CacheError.mjs +1 -1
  32. package/dist/error/CacheErrorCodes.mjs +1 -1
  33. package/dist/error/ClientAuthError.mjs +1 -1
  34. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  35. package/dist/error/ClientConfigurationError.mjs +1 -1
  36. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  37. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  38. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  39. package/dist/error/JoseHeaderError.mjs +1 -1
  40. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  41. package/dist/error/NetworkError.mjs +1 -1
  42. package/dist/error/PlatformBrokerError.mjs +1 -1
  43. package/dist/error/ServerError.mjs +1 -1
  44. package/dist/index-node.mjs +1 -1
  45. package/dist/index.mjs +1 -1
  46. package/dist/logger/Logger.mjs +1 -1
  47. package/dist/network/INetworkModule.mjs +1 -1
  48. package/dist/network/RequestThumbprint.mjs +1 -1
  49. package/dist/network/ThrottlingUtils.mjs +1 -1
  50. package/dist/packageMetadata.mjs +2 -2
  51. package/dist/protocol/Authorize.mjs +1 -1
  52. package/dist/protocol/Token.mjs +1 -1
  53. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  54. package/dist/request/BaseAuthRequest.mjs +1 -1
  55. package/dist/request/RequestParameterBuilder.mjs +1 -1
  56. package/dist/request/ScopeSet.mjs +1 -1
  57. package/dist/response/ResponseHandler.mjs +1 -1
  58. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  59. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  60. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  61. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  62. package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
  63. package/dist/url/UrlString.mjs +1 -1
  64. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  65. package/dist/utils/Constants.mjs +1 -1
  66. package/dist/utils/FunctionWrappers.mjs +1 -1
  67. package/dist/utils/ProtocolUtils.mjs +1 -1
  68. package/dist/utils/StringUtils.mjs +1 -1
  69. package/dist/utils/TimeUtils.mjs +1 -1
  70. package/dist/utils/UrlUtils.mjs +1 -1
  71. package/dist-browser/account/AccountInfo.mjs +1 -1
  72. package/dist-browser/account/AuthToken.mjs +1 -1
  73. package/dist-browser/account/CcsCredential.mjs +1 -1
  74. package/dist-browser/account/ClientInfo.mjs +1 -1
  75. package/dist-browser/account/TokenClaims.mjs +1 -1
  76. package/dist-browser/authority/Authority.mjs +19 -6
  77. package/dist-browser/authority/Authority.mjs.map +1 -1
  78. package/dist-browser/authority/AuthorityFactory.mjs +1 -1
  79. package/dist-browser/authority/AuthorityMetadata.mjs +1 -1
  80. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  81. package/dist-browser/authority/AuthorityType.mjs +1 -1
  82. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  83. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  84. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  85. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  86. package/dist-browser/authority/RegionDiscovery.mjs +1 -1
  87. package/dist-browser/cache/CacheManager.mjs +1 -1
  88. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  89. package/dist-browser/cache/utils/AccountEntityUtils.mjs +1 -1
  90. package/dist-browser/cache/utils/CacheHelpers.mjs +1 -1
  91. package/dist-browser/client/AuthorizationCodeClient.mjs +1 -1
  92. package/dist-browser/client/RefreshTokenClient.mjs +1 -1
  93. package/dist-browser/client/SilentFlowClient.mjs +1 -1
  94. package/dist-browser/config/ClientConfiguration.mjs +1 -1
  95. package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
  96. package/dist-browser/crypto/ICrypto.mjs +1 -1
  97. package/dist-browser/crypto/JoseHeader.mjs +1 -1
  98. package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
  99. package/dist-browser/error/AuthError.mjs +1 -1
  100. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  101. package/dist-browser/error/CacheError.mjs +1 -1
  102. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  103. package/dist-browser/error/ClientAuthError.mjs +1 -1
  104. package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
  105. package/dist-browser/error/ClientConfigurationError.mjs +1 -1
  106. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
  107. package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
  108. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  109. package/dist-browser/error/JoseHeaderError.mjs +1 -1
  110. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  111. package/dist-browser/error/NetworkError.mjs +1 -1
  112. package/dist-browser/error/PlatformBrokerError.mjs +1 -1
  113. package/dist-browser/error/ServerError.mjs +1 -1
  114. package/dist-browser/index-browser.mjs +1 -1
  115. package/dist-browser/index.mjs +1 -1
  116. package/dist-browser/log-strings-mapping.json +2 -2
  117. package/dist-browser/logger/Logger.mjs +1 -1
  118. package/dist-browser/network/INetworkModule.mjs +1 -1
  119. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  120. package/dist-browser/network/ThrottlingUtils.mjs +1 -1
  121. package/dist-browser/packageMetadata.mjs +2 -2
  122. package/dist-browser/protocol/Authorize.mjs +1 -1
  123. package/dist-browser/protocol/Token.mjs +1 -1
  124. package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
  125. package/dist-browser/request/BaseAuthRequest.mjs +1 -1
  126. package/dist-browser/request/RequestParameterBuilder.mjs +1 -1
  127. package/dist-browser/request/ScopeSet.mjs +1 -1
  128. package/dist-browser/response/ResponseHandler.mjs +1 -1
  129. package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
  130. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
  131. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  132. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  133. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +1 -1
  134. package/dist-browser/url/UrlString.mjs +1 -1
  135. package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
  136. package/dist-browser/utils/Constants.mjs +1 -1
  137. package/dist-browser/utils/FunctionWrappers.mjs +1 -1
  138. package/dist-browser/utils/ProtocolUtils.mjs +1 -1
  139. package/dist-browser/utils/StringUtils.mjs +1 -1
  140. package/dist-browser/utils/TimeUtils.mjs +1 -1
  141. package/dist-browser/utils/UrlUtils.mjs +1 -1
  142. package/lib/index-browser.cjs +2 -2
  143. package/lib/{index-node-9_Gz5QUk.js → index-node-DD7cL05m.js} +21 -8
  144. package/lib/index-node-DD7cL05m.js.map +1 -0
  145. package/lib/index-node.cjs +2 -2
  146. package/lib/index.cjs +2 -2
  147. package/package.json +1 -1
  148. package/src/authority/Authority.ts +20 -5
  149. package/src/packageMetadata.ts +1 -1
  150. package/types/authority/Authority.d.ts +5 -1
  151. package/types/authority/Authority.d.ts.map +1 -1
  152. package/types/packageMetadata.d.ts +1 -1
  153. package/lib/index-node-9_Gz5QUk.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
4
  import { methodNotImplemented } from '../error/ClientAuthErrorCodes.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { THROTTLING_PREFIX, HeaderNames, DEFAULT_THROTTLE_TIME_SECONDS, DEFAULT_MAX_THROTTLE_TIME_SECONDS } from '../utils/Constants.mjs';
4
4
  import { ServerError } from '../error/ServerError.mjs';
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /* eslint-disable header/header */
4
4
  const name = "@azure/msal-common";
5
- const version = "16.6.2";
5
+ const version = "16.6.3";
6
6
 
7
7
  export { name, version };
8
8
  //# sourceMappingURL=packageMetadata.mjs.map
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { addClientId, addScopes, addResource, addRedirectUri, addCorrelationId, addResponseMode, addClientInfo, addCliData, addPrompt, addDomainHint, addSid, addLoginHint, addCcsOid, addCcsUpn, addNonce, addState, addBrokerParameters, addClaims, addInstanceAware } from '../request/RequestParameterBuilder.mjs';
4
4
  import { INSTANCE_AWARE, CLIENT_ID } from '../constants/AADServerParamKeys.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { CcsCredentialType } from '../account/CcsCredential.mjs';
4
4
  import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { HeaderNames } from '../utils/Constants.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
4
  import { misplacedResourceParam, resourceParameterRequired } from '../error/ClientAuthErrorCodes.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { OIDC_DEFAULT_SCOPES, ResponseMode, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, X_MS_LIB_CAPABILITY_VALUE } from '../utils/Constants.mjs';
4
4
  import { CLIENT_ID, BROKER_CLIENT_ID, REDIRECT_URI, RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, CLI_DATA, INSTANCE_AWARE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_REDIRECT_URI, EAR_JWK, EAR_JWE_CRYPTO, RESOURCE } from '../constants/AADServerParamKeys.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { StringUtils } from '../utils/StringUtils.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { updateAccountTenantProfileData, buildTenantProfile } from '../account/AccountInfo.mjs';
4
4
  import { extractTokenClaims, checkMaxAge, isKmsi } from '../account/AuthToken.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { getAndFlushLogsFromCache } from '../../logger/Logger.mjs';
4
4
  import { IntFields, PerformanceEventStatus, EXT_FIELD_PREFIX } from './PerformanceEvent.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { PerformanceEventStatus } from './PerformanceEvent.mjs';
4
4
 
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { CacheOutcome, SERVER_TELEM_CACHE_KEY, CACHE_KEY_SEPARATOR, SERVER_TELEM_SCHEMA_VERSION, SERVER_TELEM_VALUE_SEPARATOR, SERVER_TELEM_CATEGORY_SEPARATOR, SERVER_TELEM_OVERFLOW_TRUE, SERVER_TELEM_OVERFLOW_FALSE, SERVER_TELEM_MAX_CACHED_ERRORS, SERVER_TELEM_UNKNOWN_ERROR, SERVER_TELEM_MAX_LAST_HEADER_BYTES } from '../../utils/Constants.mjs';
4
4
  import { AuthError } from '../../error/AuthError.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { StringUtils } from '../utils/StringUtils.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { RESOURCE_DELIM } from './Constants.mjs';
4
4
  import { createClientAuthError } from '../error/ClientAuthError.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
4
  import { StringUtils } from './StringUtils.mjs';
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
5
- var indexNode = require('./index-node-9_Gz5QUk.js');
5
+ var indexNode = require('./index-node-DD7cL05m.js');
6
6
 
7
7
  /*
8
8
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.6.2 2026-05-19 */
1
+ /*! @azure/msal-common v16.6.3 2026-05-28 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -2410,7 +2410,7 @@ class Authority {
2410
2410
  }
2411
2411
  }
2412
2412
  // If cloudDiscoveryMetadata is empty or does not contain the host, check knownAuthorities
2413
- if (this.isInKnownAuthorities()) {
2413
+ if (this.isInKnownAuthorities(this.hostnameAndPort)) {
2414
2414
  this.logger.verbose("The host is included in knownAuthorities. Creating new cloud discovery metadata from the host.", this.correlationId);
2415
2415
  return Authority.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);
2416
2416
  }
@@ -2478,13 +2478,14 @@ class Authority {
2478
2478
  return match;
2479
2479
  }
2480
2480
  /**
2481
- * Helper function to determine if this host is included in the knownAuthorities config option
2481
+ * Helper function to determine if a host is included in the knownAuthorities config option.
2482
2482
  */
2483
- isInKnownAuthorities() {
2483
+ isInKnownAuthorities(host) {
2484
+ const normalizedHost = host.toLowerCase();
2484
2485
  const matches = this.authorityOptions.knownAuthorities.filter((authority) => {
2485
2486
  return (authority &&
2486
2487
  UrlString.getDomainFromUrl(authority).toLowerCase() ===
2487
- this.hostnameAndPort);
2488
+ normalizedHost);
2488
2489
  });
2489
2490
  return matches.length > 0;
2490
2491
  }
@@ -2561,6 +2562,10 @@ class Authority {
2561
2562
  * 4. Same as (2), but the issuer host matches the CIAM tenant pattern
2562
2563
  * `{tenant}.ciamlogin.com` with an optional `/{tenant}[.onmicrosoft.com][/v2.0]`
2563
2564
  * path.
2565
+ * 5. The issuer host is HTTPS and is explicitly listed in the
2566
+ * developer-configured `knownAuthorities`. This covers scenarios where
2567
+ * the OIDC discovery document returns an issuer host that differs from
2568
+ * the authority (e.g., a GUID-based issuer for a name-based CIAM authority).
2564
2569
  *
2565
2570
  * @param issuer The `issuer` value returned in the OIDC discovery document.
2566
2571
  * @throws ClientConfigurationError("issuer_validation_failed") on failure.
@@ -2597,11 +2602,19 @@ class Authority {
2597
2602
  * have "{tenant}.ciamlogin.com" as the host, even when using a custom domain.
2598
2603
  */
2599
2604
  const matchesCiamTenantPattern = this.matchesCiamTenantPattern(issuerUrl, authorityHost, this.canonicalAuthorityUrlComponents.PathSegments);
2605
+ /*
2606
+ * Rule 5: The issuer host is explicitly listed in the developer-configured
2607
+ * knownAuthorities. This covers scenarios where the OIDC discovery document
2608
+ * returns an issuer with a different host than the authority
2609
+ * (e.g., a GUID-based issuer for a name-based authority).
2610
+ */
2611
+ const matchesKnownAuthority = issuerScheme === "https:" && this.isInKnownAuthorities(issuerHost);
2600
2612
  // Each rule is an independent boolean; the issuer is valid if ANY rule matches.
2601
2613
  if (matchesAuthorityOrigin ||
2602
2614
  matchesKnownMicrosoftHost ||
2603
2615
  matchesRegionalMicrosoftHost ||
2604
- matchesCiamTenantPattern) {
2616
+ matchesCiamTenantPattern ||
2617
+ matchesKnownAuthority) {
2605
2618
  return;
2606
2619
  }
2607
2620
  // issuer validation fails if none of the above rules are satisfied
@@ -4413,7 +4426,7 @@ class Logger {
4413
4426
 
4414
4427
  /* eslint-disable header/header */
4415
4428
  const name = "@azure/msal-common";
4416
- const version = "16.6.2";
4429
+ const version = "16.6.3";
4417
4430
 
4418
4431
  /*
4419
4432
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -8041,4 +8054,4 @@ exports.invokeAsync = invokeAsync;
8041
8054
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
8042
8055
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
8043
8056
  exports.version = version;
8044
- //# sourceMappingURL=index-node-9_Gz5QUk.js.map
8057
+ //# sourceMappingURL=index-node-DD7cL05m.js.map