@azure/msal-common 16.7.0 → 16.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (299) hide show
  1. package/dist/account/AccountInfo.mjs +1 -1
  2. package/dist/account/AccountInfo.mjs.map +1 -1
  3. package/dist/account/AuthToken.mjs +1 -1
  4. package/dist/account/AuthToken.mjs.map +1 -1
  5. package/dist/account/CcsCredential.mjs +1 -1
  6. package/dist/account/CcsCredential.mjs.map +1 -1
  7. package/dist/account/ClientInfo.mjs +1 -1
  8. package/dist/account/ClientInfo.mjs.map +1 -1
  9. package/dist/account/TokenClaims.mjs +1 -1
  10. package/dist/account/TokenClaims.mjs.map +1 -1
  11. package/dist/authority/Authority.mjs +3 -3
  12. package/dist/authority/Authority.mjs.map +1 -1
  13. package/dist/authority/AuthorityFactory.mjs +1 -1
  14. package/dist/authority/AuthorityFactory.mjs.map +1 -1
  15. package/dist/authority/AuthorityMetadata.mjs +1 -1
  16. package/dist/authority/AuthorityMetadata.mjs.map +1 -1
  17. package/dist/authority/AuthorityOptions.mjs +1 -1
  18. package/dist/authority/AuthorityOptions.mjs.map +1 -1
  19. package/dist/authority/AuthorityType.mjs +1 -1
  20. package/dist/authority/AuthorityType.mjs.map +1 -1
  21. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  22. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  23. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  24. package/dist/authority/ProtocolMode.mjs +1 -1
  25. package/dist/authority/ProtocolMode.mjs.map +1 -1
  26. package/dist/authority/RegionDiscovery.mjs +1 -1
  27. package/dist/authority/RegionDiscovery.mjs.map +1 -1
  28. package/dist/cache/CacheManager.mjs +1 -1
  29. package/dist/cache/CacheManager.mjs.map +1 -1
  30. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  31. package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
  32. package/dist/cache/utils/AccountEntityUtils.mjs +8 -2
  33. package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
  34. package/dist/cache/utils/CacheHelpers.mjs +5 -2
  35. package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
  36. package/dist/client/AuthorizationCodeClient.mjs +1 -1
  37. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  38. package/dist/client/RefreshTokenClient.mjs +1 -1
  39. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  40. package/dist/client/SilentFlowClient.mjs +1 -1
  41. package/dist/client/SilentFlowClient.mjs.map +1 -1
  42. package/dist/config/ClientConfiguration.mjs +4 -3
  43. package/dist/config/ClientConfiguration.mjs.map +1 -1
  44. package/dist/constants/AADServerParamKeys.mjs +1 -1
  45. package/dist/crypto/ICrypto.mjs +1 -1
  46. package/dist/crypto/ICrypto.mjs.map +1 -1
  47. package/dist/crypto/JoseHeader.mjs +1 -1
  48. package/dist/crypto/JoseHeader.mjs.map +1 -1
  49. package/dist/crypto/PopTokenGenerator.mjs +1 -1
  50. package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
  51. package/dist/error/AuthError.mjs +1 -1
  52. package/dist/error/AuthError.mjs.map +1 -1
  53. package/dist/error/AuthErrorCodes.mjs +1 -1
  54. package/dist/error/CacheError.mjs +1 -1
  55. package/dist/error/CacheError.mjs.map +1 -1
  56. package/dist/error/CacheErrorCodes.mjs +1 -1
  57. package/dist/error/ClientAuthError.mjs +1 -1
  58. package/dist/error/ClientAuthError.mjs.map +1 -1
  59. package/dist/error/ClientAuthErrorCodes.mjs +1 -1
  60. package/dist/error/ClientConfigurationError.mjs +1 -1
  61. package/dist/error/ClientConfigurationError.mjs.map +1 -1
  62. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  63. package/dist/error/InteractionRequiredAuthError.mjs +1 -1
  64. package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  65. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  66. package/dist/error/JoseHeaderError.mjs +1 -1
  67. package/dist/error/JoseHeaderError.mjs.map +1 -1
  68. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  69. package/dist/error/NetworkError.mjs +1 -1
  70. package/dist/error/NetworkError.mjs.map +1 -1
  71. package/dist/error/PlatformBrokerError.mjs +1 -1
  72. package/dist/error/PlatformBrokerError.mjs.map +1 -1
  73. package/dist/error/ServerError.mjs +1 -1
  74. package/dist/error/ServerError.mjs.map +1 -1
  75. package/dist/index-node.mjs +54 -54
  76. package/dist/index.mjs +60 -60
  77. package/dist/logger/Logger.mjs +26 -12
  78. package/dist/logger/Logger.mjs.map +1 -1
  79. package/dist/network/INetworkModule.mjs +1 -1
  80. package/dist/network/INetworkModule.mjs.map +1 -1
  81. package/dist/network/RequestThumbprint.mjs +1 -1
  82. package/dist/network/ThrottlingUtils.mjs +1 -1
  83. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  84. package/dist/packageMetadata.mjs +2 -2
  85. package/dist/protocol/Authorize.mjs +3 -1
  86. package/dist/protocol/Authorize.mjs.map +1 -1
  87. package/dist/protocol/Token.mjs +3 -1
  88. package/dist/protocol/Token.mjs.map +1 -1
  89. package/dist/request/AuthenticationHeaderParser.mjs +1 -1
  90. package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
  91. package/dist/request/BaseAuthRequest.mjs +1 -1
  92. package/dist/request/BaseAuthRequest.mjs.map +1 -1
  93. package/dist/request/RequestParameterBuilder.mjs +12 -5
  94. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  95. package/dist/request/ScopeSet.mjs +1 -1
  96. package/dist/request/ScopeSet.mjs.map +1 -1
  97. package/dist/response/ResponseHandler.mjs +2 -1
  98. package/dist/response/ResponseHandler.mjs.map +1 -1
  99. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  100. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  101. package/dist/telemetry/performance/PerformanceEvent.mjs +15 -2
  102. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  103. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  104. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  105. package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
  106. package/dist/telemetry/server/ServerTelemetryManager.mjs +55 -23
  107. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  108. package/dist/url/UrlString.mjs +1 -1
  109. package/dist/url/UrlString.mjs.map +1 -1
  110. package/dist/utils/ClientAssertionUtils.mjs +1 -1
  111. package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
  112. package/dist/utils/Constants.mjs +1 -1
  113. package/dist/utils/Constants.mjs.map +1 -1
  114. package/dist/utils/FunctionWrappers.mjs +1 -1
  115. package/dist/utils/FunctionWrappers.mjs.map +1 -1
  116. package/dist/utils/ProtocolUtils.mjs +1 -1
  117. package/dist/utils/ProtocolUtils.mjs.map +1 -1
  118. package/dist/utils/StringUtils.mjs +1 -1
  119. package/dist/utils/StringUtils.mjs.map +1 -1
  120. package/dist/utils/TimeUtils.mjs +1 -1
  121. package/dist/utils/TimeUtils.mjs.map +1 -1
  122. package/dist/utils/UrlUtils.mjs +54 -40
  123. package/dist/utils/UrlUtils.mjs.map +1 -1
  124. package/dist-browser/account/AccountInfo.mjs +1 -1
  125. package/dist-browser/account/AccountInfo.mjs.map +1 -1
  126. package/dist-browser/account/AuthToken.mjs +1 -1
  127. package/dist-browser/account/AuthToken.mjs.map +1 -1
  128. package/dist-browser/account/CcsCredential.mjs +1 -1
  129. package/dist-browser/account/CcsCredential.mjs.map +1 -1
  130. package/dist-browser/account/ClientInfo.mjs +1 -1
  131. package/dist-browser/account/ClientInfo.mjs.map +1 -1
  132. package/dist-browser/account/TokenClaims.mjs +1 -1
  133. package/dist-browser/account/TokenClaims.mjs.map +1 -1
  134. package/dist-browser/authority/Authority.mjs +18 -15
  135. package/dist-browser/authority/Authority.mjs.map +1 -1
  136. package/dist-browser/authority/AuthorityFactory.mjs +1 -1
  137. package/dist-browser/authority/AuthorityFactory.mjs.map +1 -1
  138. package/dist-browser/authority/AuthorityMetadata.mjs +7 -6
  139. package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -1
  140. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  141. package/dist-browser/authority/AuthorityOptions.mjs.map +1 -1
  142. package/dist-browser/authority/AuthorityType.mjs +1 -1
  143. package/dist-browser/authority/AuthorityType.mjs.map +1 -1
  144. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  145. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  146. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  147. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  148. package/dist-browser/authority/ProtocolMode.mjs.map +1 -1
  149. package/dist-browser/authority/RegionDiscovery.mjs +1 -1
  150. package/dist-browser/authority/RegionDiscovery.mjs.map +1 -1
  151. package/dist-browser/cache/CacheManager.mjs +2 -2
  152. package/dist-browser/cache/CacheManager.mjs.map +1 -1
  153. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  154. package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -1
  155. package/dist-browser/cache/utils/AccountEntityUtils.mjs +8 -2
  156. package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -1
  157. package/dist-browser/cache/utils/CacheHelpers.mjs +5 -2
  158. package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -1
  159. package/dist-browser/client/AuthorizationCodeClient.mjs +4 -4
  160. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
  161. package/dist-browser/client/RefreshTokenClient.mjs +2 -2
  162. package/dist-browser/client/RefreshTokenClient.mjs.map +1 -1
  163. package/dist-browser/client/SilentFlowClient.mjs +2 -2
  164. package/dist-browser/client/SilentFlowClient.mjs.map +1 -1
  165. package/dist-browser/config/ClientConfiguration.mjs +4 -3
  166. package/dist-browser/config/ClientConfiguration.mjs.map +1 -1
  167. package/dist-browser/constants/AADServerParamKeys.mjs +1 -1
  168. package/dist-browser/crypto/ICrypto.mjs +1 -1
  169. package/dist-browser/crypto/ICrypto.mjs.map +1 -1
  170. package/dist-browser/crypto/JoseHeader.mjs +1 -1
  171. package/dist-browser/crypto/JoseHeader.mjs.map +1 -1
  172. package/dist-browser/crypto/PopTokenGenerator.mjs +1 -1
  173. package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -1
  174. package/dist-browser/error/AuthError.mjs +1 -1
  175. package/dist-browser/error/AuthError.mjs.map +1 -1
  176. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  177. package/dist-browser/error/CacheError.mjs +1 -1
  178. package/dist-browser/error/CacheError.mjs.map +1 -1
  179. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  180. package/dist-browser/error/ClientAuthError.mjs +1 -1
  181. package/dist-browser/error/ClientAuthError.mjs.map +1 -1
  182. package/dist-browser/error/ClientAuthErrorCodes.mjs +1 -1
  183. package/dist-browser/error/ClientConfigurationError.mjs +1 -1
  184. package/dist-browser/error/ClientConfigurationError.mjs.map +1 -1
  185. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
  186. package/dist-browser/error/InteractionRequiredAuthError.mjs +1 -1
  187. package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -1
  188. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  189. package/dist-browser/error/JoseHeaderError.mjs +1 -1
  190. package/dist-browser/error/JoseHeaderError.mjs.map +1 -1
  191. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  192. package/dist-browser/error/NetworkError.mjs +1 -1
  193. package/dist-browser/error/NetworkError.mjs.map +1 -1
  194. package/dist-browser/error/PlatformBrokerError.mjs +1 -1
  195. package/dist-browser/error/PlatformBrokerError.mjs.map +1 -1
  196. package/dist-browser/error/ServerError.mjs +1 -1
  197. package/dist-browser/error/ServerError.mjs.map +1 -1
  198. package/dist-browser/index-browser.mjs +56 -56
  199. package/dist-browser/index.mjs +60 -60
  200. package/dist-browser/log-strings-mapping.json +11 -3
  201. package/dist-browser/logger/Logger.mjs +26 -12
  202. package/dist-browser/logger/Logger.mjs.map +1 -1
  203. package/dist-browser/network/INetworkModule.mjs +1 -1
  204. package/dist-browser/network/INetworkModule.mjs.map +1 -1
  205. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  206. package/dist-browser/network/ThrottlingUtils.mjs +1 -1
  207. package/dist-browser/network/ThrottlingUtils.mjs.map +1 -1
  208. package/dist-browser/packageMetadata.mjs +2 -2
  209. package/dist-browser/protocol/Authorize.mjs +3 -1
  210. package/dist-browser/protocol/Authorize.mjs.map +1 -1
  211. package/dist-browser/protocol/Token.mjs +4 -2
  212. package/dist-browser/protocol/Token.mjs.map +1 -1
  213. package/dist-browser/request/AuthenticationHeaderParser.mjs +1 -1
  214. package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -1
  215. package/dist-browser/request/BaseAuthRequest.mjs +1 -1
  216. package/dist-browser/request/BaseAuthRequest.mjs.map +1 -1
  217. package/dist-browser/request/RequestParameterBuilder.mjs +12 -5
  218. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
  219. package/dist-browser/request/ScopeSet.mjs +1 -1
  220. package/dist-browser/request/ScopeSet.mjs.map +1 -1
  221. package/dist-browser/response/ResponseHandler.mjs +4 -3
  222. package/dist-browser/response/ResponseHandler.mjs.map +1 -1
  223. package/dist-browser/telemetry/performance/PerformanceClient.mjs +9 -9
  224. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -1
  225. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +15 -2
  226. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  227. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  228. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  229. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
  230. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +55 -23
  231. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  232. package/dist-browser/url/UrlString.mjs +1 -1
  233. package/dist-browser/url/UrlString.mjs.map +1 -1
  234. package/dist-browser/utils/ClientAssertionUtils.mjs +1 -1
  235. package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -1
  236. package/dist-browser/utils/Constants.mjs +1 -1
  237. package/dist-browser/utils/Constants.mjs.map +1 -1
  238. package/dist-browser/utils/FunctionWrappers.mjs +7 -7
  239. package/dist-browser/utils/FunctionWrappers.mjs.map +1 -1
  240. package/dist-browser/utils/ProtocolUtils.mjs +1 -1
  241. package/dist-browser/utils/ProtocolUtils.mjs.map +1 -1
  242. package/dist-browser/utils/StringUtils.mjs +1 -1
  243. package/dist-browser/utils/StringUtils.mjs.map +1 -1
  244. package/dist-browser/utils/TimeUtils.mjs +1 -1
  245. package/dist-browser/utils/TimeUtils.mjs.map +1 -1
  246. package/dist-browser/utils/UrlUtils.mjs +54 -40
  247. package/dist-browser/utils/UrlUtils.mjs.map +1 -1
  248. package/lib/index-browser.cjs +3 -2
  249. package/lib/index-browser.cjs.map +1 -1
  250. package/lib/{index-node-DHSwXao8.js → index-node-CcOYLhxB.js} +174 -78
  251. package/lib/index-node-CcOYLhxB.js.map +1 -0
  252. package/lib/index-node.cjs +3 -2
  253. package/lib/index-node.cjs.map +1 -1
  254. package/lib/index.cjs +3 -2
  255. package/lib/index.cjs.map +1 -1
  256. package/package.json +3 -5
  257. package/src/authority/Authority.ts +1 -1
  258. package/src/cache/interface/ICacheManager.ts +1 -0
  259. package/src/cache/utils/AccountEntityUtils.ts +6 -0
  260. package/src/cache/utils/CacheHelpers.ts +3 -0
  261. package/src/config/ClientConfiguration.ts +6 -2
  262. package/src/exports-common.ts +4 -1
  263. package/src/logger/Logger.ts +26 -11
  264. package/src/packageMetadata.ts +1 -1
  265. package/src/protocol/Authorize.ts +2 -0
  266. package/src/protocol/Token.ts +2 -0
  267. package/src/request/RequestParameterBuilder.ts +19 -8
  268. package/src/response/ResponseHandler.ts +1 -0
  269. package/src/telemetry/performance/PerformanceEvent.ts +30 -6
  270. package/src/telemetry/server/ServerTelemetryManager.ts +73 -27
  271. package/src/utils/UrlUtils.ts +71 -42
  272. package/types/authority/Authority.d.ts +1 -1
  273. package/types/cache/interface/ICacheManager.d.ts +1 -0
  274. package/types/cache/interface/ICacheManager.d.ts.map +1 -1
  275. package/types/cache/utils/AccountEntityUtils.d.ts +6 -0
  276. package/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
  277. package/types/cache/utils/CacheHelpers.d.ts +3 -0
  278. package/types/cache/utils/CacheHelpers.d.ts.map +1 -1
  279. package/types/config/ClientConfiguration.d.ts +4 -0
  280. package/types/config/ClientConfiguration.d.ts.map +1 -1
  281. package/types/exports-common.d.ts +1 -1
  282. package/types/exports-common.d.ts.map +1 -1
  283. package/types/logger/Logger.d.ts.map +1 -1
  284. package/types/packageMetadata.d.ts +1 -1
  285. package/types/protocol/Authorize.d.ts +2 -0
  286. package/types/protocol/Authorize.d.ts.map +1 -1
  287. package/types/protocol/Token.d.ts +2 -0
  288. package/types/protocol/Token.d.ts.map +1 -1
  289. package/types/request/RequestParameterBuilder.d.ts +1 -0
  290. package/types/request/RequestParameterBuilder.d.ts.map +1 -1
  291. package/types/response/ResponseHandler.d.ts +1 -0
  292. package/types/response/ResponseHandler.d.ts.map +1 -1
  293. package/types/telemetry/performance/PerformanceEvent.d.ts +16 -5
  294. package/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
  295. package/types/telemetry/server/ServerTelemetryManager.d.ts +15 -0
  296. package/types/telemetry/server/ServerTelemetryManager.d.ts.map +1 -1
  297. package/types/utils/UrlUtils.d.ts +21 -4
  298. package/types/utils/UrlUtils.d.ts.map +1 -1
  299. package/lib/index-node-DHSwXao8.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.7.0 2026-06-05 */
1
+ /*! @azure/msal-common v16.9.0 2026-06-16 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -1811,6 +1811,7 @@ function generateAuthorityMetadataExpiresAt() {
1811
1811
  return (nowSeconds() +
1812
1812
  AUTHORITY_METADATA_REFRESH_TIME_SECONDS);
1813
1813
  }
1814
+ /** @internal */
1814
1815
  function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromNetwork) {
1815
1816
  authorityMetadata.authorization_endpoint =
1816
1817
  updatedValues.authorization_endpoint;
@@ -1820,6 +1821,7 @@ function updateAuthorityEndpointMetadata(authorityMetadata, updatedValues, fromN
1820
1821
  authorityMetadata.endpointsFromNetwork = fromNetwork;
1821
1822
  authorityMetadata.jwks_uri = updatedValues.jwks_uri;
1822
1823
  }
1824
+ /** @internal */
1823
1825
  function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetwork) {
1824
1826
  authorityMetadata.aliases = updatedValues.aliases;
1825
1827
  authorityMetadata.preferred_cache = updatedValues.preferred_cache;
@@ -1828,6 +1830,7 @@ function updateCloudDiscoveryMetadata(authorityMetadata, updatedValues, fromNetw
1828
1830
  }
1829
1831
  /**
1830
1832
  * Returns whether or not the data needs to be refreshed
1833
+ * @internal
1831
1834
  */
1832
1835
  function isAuthorityMetadataExpired(metadata) {
1833
1836
  return metadata.expiresAt <= nowSeconds();
@@ -1881,7 +1884,7 @@ class Authority {
1881
1884
  this.regionDiscovery = new RegionDiscovery(networkInterface, this.logger, this.performanceClient, this.correlationId);
1882
1885
  }
1883
1886
  /**
1884
- * Get {@link AuthorityType}
1887
+ * Get {@link AuthorityType:type}
1885
1888
  * @param authorityUri {@link IUri}
1886
1889
  * @private
1887
1890
  */
@@ -2863,28 +2866,6 @@ var AuthorityFactory = /*#__PURE__*/Object.freeze({
2863
2866
  * Copyright (c) Microsoft Corporation. All rights reserved.
2864
2867
  * Licensed under the MIT License.
2865
2868
  */
2866
- /**
2867
- * Canonicalizes a URL by making it lowercase and ensuring it ends with /
2868
- * Inlined version of UrlString.canonicalizeUri to avoid circular dependency
2869
- * @param url - URL to canonicalize
2870
- * @returns Canonicalized URL
2871
- */
2872
- function canonicalizeUrl(url) {
2873
- if (!url) {
2874
- return url;
2875
- }
2876
- let lowerCaseUrl = url.toLowerCase();
2877
- if (StringUtils.endsWith(lowerCaseUrl, "?")) {
2878
- lowerCaseUrl = lowerCaseUrl.slice(0, -1);
2879
- }
2880
- else if (StringUtils.endsWith(lowerCaseUrl, "?/")) {
2881
- lowerCaseUrl = lowerCaseUrl.slice(0, -2);
2882
- }
2883
- if (!StringUtils.endsWith(lowerCaseUrl, "/")) {
2884
- lowerCaseUrl += "/";
2885
- }
2886
- return lowerCaseUrl;
2887
- }
2888
2869
  /**
2889
2870
  * Parses hash string from given string. Returns empty string if no hash symbol is found.
2890
2871
  * @param hashString
@@ -2937,32 +2918,67 @@ function mapToQueryString(parameters) {
2937
2918
  return queryParameterArray.join("&");
2938
2919
  }
2939
2920
  /**
2940
- * Normalizes URLs for comparison by removing hash, canonicalizing,
2941
- * and ensuring consistent URL encoding in query parameters.
2942
- * This fixes redirect loops when URLs contain encoded characters like apostrophes (%27).
2921
+ * Normalizes URLs for comparison per MDN & RFC 3986 standards:
2922
+ * - Hash/fragment is removed
2923
+ * - Scheme and host are lowercased (case-insensitive per spec)
2924
+ * - Path and query parameters preserve original casing (case-sensitive per spec)
2925
+ * - Percent-encoding in pathname is normalized (e.g., %27 and ' are treated equivalently)
2926
+ * - Ensures pathname ends with /
2927
+ * Throws a urlParseError if the provided URL is malformed and cannot be parsed.
2943
2928
  * @param url - URL to normalize
2929
+ * @param logger - Optional logger used to log parse failures
2930
+ * @param correlationId - Optional correlationId associated with the log entry
2944
2931
  * @returns Normalized URL string for comparison
2945
2932
  */
2946
- function normalizeUrlForComparison(url) {
2933
+ function normalizeUrlForComparison(url, logger, correlationId) {
2947
2934
  if (!url) {
2948
2935
  return url;
2949
2936
  }
2950
- // Remove hash first
2951
2937
  const urlWithoutHash = url.split("#")[0];
2938
+ if (!urlWithoutHash) {
2939
+ return urlWithoutHash;
2940
+ }
2952
2941
  try {
2953
- // Parse the URL to handle encoding consistently
2954
2942
  const urlObj = new URL(urlWithoutHash);
2955
- /*
2956
- * Reconstruct the URL with properly decoded query parameters
2957
- * This ensures that %27 and ' are treated as equivalent
2958
- */
2959
- const normalizedUrl = urlObj.origin + urlObj.pathname + urlObj.search;
2960
- // Apply canonicalization logic inline to avoid circular dependency
2961
- return canonicalizeUrl(normalizedUrl);
2943
+ // Treat an empty query string (a bare trailing "?") as equivalent to no query
2944
+ if (!urlObj.search) {
2945
+ urlObj.search = "";
2946
+ }
2947
+ // Decode the pathname to normalize percent-encoding and ensure trailing slash
2948
+ let pathname;
2949
+ try {
2950
+ pathname = decodeURIComponent(urlObj.pathname);
2951
+ }
2952
+ catch (e) {
2953
+ pathname = urlObj.pathname;
2954
+ }
2955
+ if (!pathname.endsWith("/")) {
2956
+ pathname += "/";
2957
+ }
2958
+ urlObj.pathname = pathname;
2959
+ return urlObj.href;
2960
+ }
2961
+ catch (e) {
2962
+ logger?.error(`Failed to normalize URL for comparison: '${e}'`, correlationId || "");
2963
+ throw createClientConfigurationError(urlParseError);
2964
+ }
2965
+ }
2966
+ /**
2967
+ * Validates that the provided value is a well-formed, parseable absolute URL.
2968
+ * Throws a urlParseError if the value cannot be parsed by the URL API (e.g. the
2969
+ * literal string "null", an empty string, or any malformed/relative URL). Use this
2970
+ * to guard against persisting an invalid value (such as a redirect URL) to the cache.
2971
+ * @param url - URL to validate
2972
+ * @param logger - Optional logger used to log validation failures
2973
+ * @param correlationId - Optional correlationId associated with the log entry
2974
+ */
2975
+ function validateUrl(url, logger, correlationId) {
2976
+ try {
2977
+ new URL(url);
2962
2978
  }
2963
2979
  catch (e) {
2964
- // Fallback to original logic if URL parsing fails
2965
- return canonicalizeUrl(urlWithoutHash);
2980
+ logger?.error(`Failed to validate URL: '${e}'`, correlationId || "");
2981
+ throw createClientConfigurationError(urlParseError);
2966
2982
  }
2967
2983
  }
2968
2984
 
@@ -2971,7 +2987,8 @@ var UrlUtils = /*#__PURE__*/Object.freeze({
2971
2987
  getDeserializedResponse: getDeserializedResponse,
2972
2988
  mapToQueryString: mapToQueryString,
2973
2989
  normalizeUrlForComparison: normalizeUrlForComparison,
2974
- stripLeadingHashOrQuery: stripLeadingHashOrQuery
2990
+ stripLeadingHashOrQuery: stripLeadingHashOrQuery,
2991
+ validateUrl: validateUrl
2975
2992
  });
2976
2993
 
2977
2994
  /*
@@ -3248,6 +3265,7 @@ function getTenantIdFromIdTokenClaims(idTokenClaims) {
3248
3265
  */
3249
3266
  /**
3250
3267
  * Generate Account Id key component as per the schema: <home_account_id>-<environment>
3268
+ * @internal
3251
3269
  */
3252
3270
  function generateAccountId(accountEntity) {
3253
3271
  const accountId = [
@@ -3258,6 +3276,7 @@ function generateAccountId(accountEntity) {
3258
3276
  }
3259
3277
  /**
3260
3278
  * Returns the AccountInfo interface for this account.
3279
+ * @internal
3261
3280
  */
3262
3281
  function getAccountInfo(accountEntity) {
3263
3282
  const tenantProfiles = accountEntity.tenantProfiles || [];
@@ -3286,6 +3305,7 @@ function getAccountInfo(accountEntity) {
3286
3305
  }
3287
3306
  /**
3288
3307
  * Returns true if the account entity is in single tenant format (outdated), false otherwise
3308
+ * @internal
3289
3309
  */
3290
3310
  function isSingleTenant(accountEntity) {
3291
3311
  return !accountEntity.tenantProfiles;
@@ -3293,6 +3313,7 @@ function isSingleTenant(accountEntity) {
3293
3313
  /**
3294
3314
  * Build Account cache from IdToken, clientInfo and authority/policy. Associated with AAD.
3295
3315
  * @param accountDetails
3316
+ * @internal
3296
3317
  */
3297
3318
  function createAccountEntity(accountDetails, authority, base64Decode) {
3298
3319
  let authorityType;
@@ -3371,6 +3392,7 @@ function createAccountEntity(accountDetails, authority, base64Decode) {
3371
3392
  * @param cloudGraphHostName
3372
3393
  * @param msGraphHost
3373
3394
  * @returns
3395
+ * @internal
3374
3396
  */
3375
3397
  function createAccountEntityFromAccountInfo(accountInfo, cloudGraphHostName, msGraphHost) {
3376
3398
  // Serialize tenant profiles map into an array
@@ -3423,6 +3445,7 @@ function generateHomeAccountId(serverClientInfo, authType, logger, cryptoObj, co
3423
3445
  /**
3424
3446
  * Validates an entity: checks for all expected params
3425
3447
  * @param entity
3448
+ * @internal
3426
3449
  */
3427
3450
  function isAccountEntity(entity) {
3428
3451
  if (!entity) {
@@ -4020,10 +4043,17 @@ function addSshJwk(parameters, sshJwkString) {
4020
4043
  /**
4021
4044
  * add server telemetry fields
4022
4045
  * @param serverTelemetryManager
4046
+ * @internal
4023
4047
  */
4024
4048
  function addServerTelemetry(parameters, serverTelemetryManager) {
4025
- parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
4026
- parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
4049
+ const currentTelemetryHeader = serverTelemetryManager.generateCurrentRequestHeaderValue();
4050
+ const lastTelemetryHeader = serverTelemetryManager.generateLastRequestHeaderValue();
4051
+ if (currentTelemetryHeader) {
4052
+ parameters.set(X_CLIENT_CURR_TELEM, currentTelemetryHeader);
4053
+ }
4054
+ if (lastTelemetryHeader) {
4055
+ parameters.set(X_CLIENT_LAST_TELEM, lastTelemetryHeader);
4056
+ }
4027
4057
  }
4028
4058
  /**
4029
4059
  * Adds parameter that indicates to the server that throttling is supported
@@ -4197,7 +4227,7 @@ function addLogToCache(correlationId, loggedMessage) {
4197
4227
  // Remove LRU (first entry) if capacity exceeded
4198
4228
  if (correlationCache.size > CACHE_CAPACITY) {
4199
4229
  const firstKey = correlationCache.keys().next().value;
4200
- if (firstKey) {
4230
+ if (firstKey !== undefined) {
4201
4231
  correlationCache.delete(firstKey);
4202
4232
  }
4203
4233
  }
@@ -4226,22 +4256,36 @@ function getAndFlushLogsFromCache(correlationId) {
4226
4256
  return res;
4227
4257
  }
4228
4258
  /**
4229
- * Checks if a string is already a hashed logging string (6 alphanumeric characters)
4230
- */
4231
- function isHashedString(str) {
4232
- if (str.length !== 6) {
4233
- return false;
4259
+ * Extracts the leading minification hash from a log message, if present.
4260
+ *
4261
+ * Minified messages are produced by the logger-minify rollup plugin and are
4262
+ * either a bare 6-character alphanumeric hash, or that hash followed by a space
4263
+ * and runtime variables appended for local (console) logging, e.g.
4264
+ * "abc123 user-1 popup". Only the leading hash is returned so that telemetry
4265
+ * never captures the appended variables. Returns null when the message is not
4266
+ * a minified message.
4267
+ */
4268
+ function getMessageHash(str) {
4269
+ if (str.length < 6) {
4270
+ return null;
4271
+ }
4272
+ /*
4273
+ * If the message is longer than the hash, the hash must be delimited by a
4274
+ * space (the separator the plugin inserts before appended variables).
4275
+ */
4276
+ if (str.length > 6 && str[6] !== " ") {
4277
+ return null;
4234
4278
  }
4235
- for (let i = 0; i < str.length; i++) {
4279
+ for (let i = 0; i < 6; i++) {
4236
4280
  const char = str[i];
4237
4281
  const isAlphaNumeric = (char >= "a" && char <= "z") ||
4238
4282
  (char >= "A" && char <= "Z") ||
4239
4283
  (char >= "0" && char <= "9");
4240
4284
  if (!isAlphaNumeric) {
4241
- return false;
4285
+ return null;
4242
4286
  }
4243
4287
  }
4244
- return true;
4288
+ return str.substring(0, 6);
4245
4289
  }
4246
4290
  /**
4247
4291
  * Class which facilitates logging of messages to a specific place.
@@ -4288,10 +4332,10 @@ class Logger {
4288
4332
  */
4289
4333
  logMessage(logMessage, options) {
4290
4334
  const correlationId = options.correlationId;
4291
- const isHashedInput = isHashedString(logMessage);
4292
- if (isHashedInput) {
4335
+ const messageHash = getMessageHash(logMessage);
4336
+ if (messageHash) {
4293
4337
  const loggedMessage = {
4294
- hash: logMessage,
4338
+ hash: messageHash,
4295
4339
  level: options.logLevel,
4296
4340
  containsPii: options.containsPii || false,
4297
4341
  milliseconds: 0, // Will be calculated in addLogToCache
@@ -4426,7 +4470,7 @@ class Logger {
4426
4470
 
4427
4471
  /* eslint-disable header/header */
4428
4472
  const name = "@azure/msal-common";
4429
- const version = "16.7.0";
4473
+ const version = "16.9.0";
4430
4474
 
4431
4475
  /*
4432
4476
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -5650,7 +5694,20 @@ const IntFields = new Set([
5650
5694
  "currAccessCount",
5651
5695
  "currIdCount",
5652
5696
  "currRefreshCount",
5653
- "expiredCacheRemovedCount",
5697
+ "ttlExpiredAcntCount",
5698
+ "ttlExpiredITCount",
5699
+ "ttlExpiredATCount",
5700
+ "ttlExpiredRTCount",
5701
+ "decryptFailedAcntCount",
5702
+ "decryptFailedITCount",
5703
+ "decryptFailedATCount",
5704
+ "decryptFailedRTCount",
5705
+ "invalidAcntCount",
5706
+ "invalidITCount",
5707
+ "invalidATCount",
5708
+ "invalidRTCount",
5709
+ "expiredATCount",
5710
+ "expiredRTCount",
5654
5711
  "upgradedCacheCount",
5655
5712
  "cacheMatchedAccounts",
5656
5713
  "networkRtt",
@@ -5761,6 +5818,7 @@ const DEFAULT_TELEMETRY_OPTIONS = {
5761
5818
  * @param Configuration
5762
5819
  *
5763
5820
  * @returns Configuration
5821
+ * @internal
5764
5822
  */
5765
5823
  function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions: userSystemOptions, loggerOptions: userLoggerOption, storageInterface: storageImplementation, networkInterface: networkImplementation, cryptoInterface: cryptoImplementation, clientCredentials: clientCredentials, libraryInfo: libraryInfo, telemetry: telemetry, serverTelemetryManager: serverTelemetryManager, persistencePlugin: persistencePlugin, serializableCache: serializableCache, }) {
5766
5824
  const loggerOptions = {
@@ -5772,7 +5830,7 @@ function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions:
5772
5830
  systemOptions: { ...DEFAULT_SYSTEM_OPTIONS, ...userSystemOptions },
5773
5831
  loggerOptions: loggerOptions,
5774
5832
  storageInterface: storageImplementation ||
5775
- new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION, new Logger(loggerOptions), new StubPerformanceClient()),
5833
+ new DefaultStorageClass(userAuthOptions.clientId, DEFAULT_CRYPTO_IMPLEMENTATION, new Logger(loggerOptions, name, version), new StubPerformanceClient()),
5776
5834
  networkInterface: networkImplementation || DEFAULT_NETWORK_IMPLEMENTATION,
5777
5835
  cryptoInterface: cryptoImplementation || DEFAULT_CRYPTO_IMPLEMENTATION,
5778
5836
  clientCredentials: clientCredentials || DEFAULT_CLIENT_CREDENTIALS,
@@ -6432,6 +6490,7 @@ class ResponseHandler {
6432
6490
  };
6433
6491
  }
6434
6492
  }
6493
+ /** @internal */
6435
6494
  function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decode, correlationId, idTokenClaims, clientInfo, environment, claimsTenantId, authCodePayload, nativeAccountId, logger, performanceClient) {
6436
6495
  logger?.verbose("setCachedAccount called", correlationId);
6437
6496
  /*
@@ -6687,6 +6746,7 @@ function createTokenQueryParameters(request, clientId, redirectUri, performanceC
6687
6746
  * @param queryString
6688
6747
  * @param headers
6689
6748
  * @param thumbprint
6749
+ * @internal
6690
6750
  */
6691
6751
  async function executePostToTokenEndpoint(tokenEndpoint, queryString, headers, thumbprint, correlationId, cacheManager, networkClient, logger, performanceClient, serverTelemetryManager) {
6692
6752
  const response = await sendPostRequest(thumbprint, tokenEndpoint, { body: queryString, headers: headers }, correlationId, cacheManager, networkClient, logger, performanceClient);
@@ -6708,6 +6768,7 @@ async function executePostToTokenEndpoint(tokenEndpoint, queryString, headers, t
6708
6768
  * @param networkClient - Network module instance
6709
6769
  * @param logger - Logger instance
6710
6770
  * @param performanceClient - Performance client instance
6771
+ * @internal
6711
6772
  */
6712
6773
  async function sendPostRequest(thumbprint, tokenEndpoint, options, correlationId, cacheManager, networkClient, logger, performanceClient) {
6713
6774
  ThrottlingUtils.preProcess(cacheManager, thumbprint, correlationId);
@@ -7369,6 +7430,7 @@ const StubbedNetworkModule = {
7369
7430
  * @param logger
7370
7431
  * @param performanceClient
7371
7432
  * @returns
7433
+ * @internal
7372
7434
  */
7373
7435
  function getStandardAuthorizeRequestParameters(authOptions, request, logger, performanceClient) {
7374
7436
  // generate the correlationId if not set by the user and add
@@ -7497,6 +7559,7 @@ function getStandardAuthorizeRequestParameters(authOptions, request, logger, per
7497
7559
  * @param authority
7498
7560
  * @param requestParameters
7499
7561
  * @returns
7562
+ * @internal
7500
7563
  */
7501
7564
  function getAuthorizeUrl(authority, requestParameters) {
7502
7565
  const queryString = mapToQueryString(requestParameters);
@@ -7826,35 +7889,40 @@ class ServerTelemetryManager {
7826
7889
  * @param error
7827
7890
  */
7828
7891
  cacheFailedRequest(error) {
7829
- const lastRequests = this.getLastRequests();
7830
- if (lastRequests.errors.length >=
7831
- SERVER_TELEM_MAX_CACHED_ERRORS) {
7832
- // Remove a cached error to make room, first in first out
7833
- lastRequests.failedRequests.shift(); // apiId
7834
- lastRequests.failedRequests.shift(); // correlationId
7835
- lastRequests.errors.shift();
7836
- }
7837
- lastRequests.failedRequests.push(this.apiId, this.correlationId);
7838
- if (error instanceof Error && !!error && error.toString()) {
7839
- if (error instanceof AuthError) {
7840
- if (error.subError) {
7841
- lastRequests.errors.push(error.subError);
7842
- }
7843
- else if (error.errorCode) {
7844
- lastRequests.errors.push(error.errorCode);
7892
+ try {
7893
+ const lastRequests = this.getLastRequests();
7894
+ if (lastRequests.errors.length >=
7895
+ SERVER_TELEM_MAX_CACHED_ERRORS) {
7896
+ // Remove a cached error to make room, first in first out
7897
+ lastRequests.failedRequests.shift(); // apiId
7898
+ lastRequests.failedRequests.shift(); // correlationId
7899
+ lastRequests.errors.shift();
7900
+ }
7901
+ lastRequests.failedRequests.push(this.apiId, this.correlationId);
7902
+ if (error instanceof Error && !!error && error.toString()) {
7903
+ if (error instanceof AuthError) {
7904
+ if (error.subError) {
7905
+ lastRequests.errors.push(error.subError);
7906
+ }
7907
+ else if (error.errorCode) {
7908
+ lastRequests.errors.push(error.errorCode);
7909
+ }
7910
+ else {
7911
+ lastRequests.errors.push(error.toString());
7912
+ }
7845
7913
  }
7846
7914
  else {
7847
7915
  lastRequests.errors.push(error.toString());
7848
7916
  }
7849
7917
  }
7850
7918
  else {
7851
- lastRequests.errors.push(error.toString());
7919
+ lastRequests.errors.push(SERVER_TELEM_UNKNOWN_ERROR);
7852
7920
  }
7921
+ this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
7853
7922
  }
7854
- else {
7855
- lastRequests.errors.push(SERVER_TELEM_UNKNOWN_ERROR);
7923
+ catch {
7924
+ // Ignore telemetry cache failures to avoid masking the original auth error path.
7856
7925
  }
7857
- this.cacheManager.setServerTelemetry(this.telemetryCacheKey, lastRequests, this.correlationId);
7858
7926
  return;
7859
7927
  }
7860
7928
  /**
@@ -7974,6 +8042,33 @@ class ServerTelemetryManager {
7974
8042
  static makeExtraSkuString(params) {
7975
8043
  return makeExtraSkuString(params);
7976
8044
  }
8045
+ }
8046
+ /** @internal */
8047
+ class StubServerTelemetryManager extends ServerTelemetryManager {
8048
+ constructor() {
8049
+ super({ clientId: "", apiId: 0, correlationId: "", forceRefresh: false }, {});
8050
+ }
8051
+ generateCurrentRequestHeaderValue() {
8052
+ return "";
8053
+ }
8054
+ generateLastRequestHeaderValue() {
8055
+ return "";
8056
+ }
8057
+ cacheFailedRequest() { }
8058
+ incrementCacheHits() {
8059
+ return 0;
8060
+ }
8061
+ clearTelemetryCache() { }
8062
+ getRegionDiscoveryFields() {
8063
+ return "";
8064
+ }
8065
+ updateRegionDiscoveryMetadata() { }
8066
+ setCacheOutcome() { }
8067
+ setNativeBrokerErrorCode() { }
8068
+ getNativeBrokerErrorCode() {
8069
+ return undefined;
8070
+ }
8071
+ clearNativeBrokerErrorCode() { }
7977
8072
  }
7978
8073
 
7979
8074
  exports.AADServerParamKeys = AADServerParamKeys;
@@ -8024,6 +8119,7 @@ exports.ServerTelemetryManager = ServerTelemetryManager;
8024
8119
  exports.SilentFlowClient = SilentFlowClient;
8025
8120
  exports.StringUtils = StringUtils;
8026
8121
  exports.StubPerformanceClient = StubPerformanceClient;
8122
+ exports.StubServerTelemetryManager = StubServerTelemetryManager;
8027
8123
  exports.StubbedNetworkModule = StubbedNetworkModule;
8028
8124
  exports.ThrottlingUtils = ThrottlingUtils;
8029
8125
  exports.TimeUtils = TimeUtils;
@@ -8054,4 +8150,4 @@ exports.invokeAsync = invokeAsync;
8054
8150
  exports.tenantIdMatchesHomeTenant = tenantIdMatchesHomeTenant;
8055
8151
  exports.updateAccountTenantProfileData = updateAccountTenantProfileData;
8056
8152
  exports.version = version;
8057
- //# sourceMappingURL=index-node-DHSwXao8.js.map
8153
+ //# sourceMappingURL=index-node-CcOYLhxB.js.map