@azure/msal-common 16.9.0 → 16.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (383) hide show
  1. package/dist/account/AccountInfo.mjs +9 -3
  2. package/dist/account/AccountInfo.mjs.map +1 -1
  3. package/dist/account/AuthToken.mjs +9 -23
  4. package/dist/account/AuthToken.mjs.map +1 -1
  5. package/dist/account/CcsCredential.mjs +1 -1
  6. package/dist/account/CcsCredential.mjs.map +1 -1
  7. package/dist/account/ClientInfo.mjs +4 -4
  8. package/dist/account/ClientInfo.mjs.map +1 -1
  9. package/dist/account/TokenClaims.mjs +1 -1
  10. package/dist/account/TokenClaims.mjs.map +1 -1
  11. package/dist/authority/Authority.mjs +36 -37
  12. package/dist/authority/Authority.mjs.map +1 -1
  13. package/dist/authority/AuthorityFactory.mjs +3 -3
  14. package/dist/authority/AuthorityFactory.mjs.map +1 -1
  15. package/dist/authority/AuthorityMetadata.mjs +2 -2
  16. package/dist/authority/AuthorityMetadata.mjs.map +1 -1
  17. package/dist/authority/AuthorityOptions.mjs +1 -1
  18. package/dist/authority/AuthorityOptions.mjs.map +1 -1
  19. package/dist/authority/AuthorityType.mjs +1 -1
  20. package/dist/authority/AuthorityType.mjs.map +1 -1
  21. package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  22. package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  23. package/dist/authority/OpenIdConfigResponse.mjs +1 -1
  24. package/dist/authority/ProtocolMode.mjs +1 -1
  25. package/dist/authority/ProtocolMode.mjs.map +1 -1
  26. package/dist/authority/RegionDiscovery.mjs +16 -10
  27. package/dist/authority/RegionDiscovery.mjs.map +1 -1
  28. package/dist/cache/CacheManager.mjs +62 -46
  29. package/dist/cache/CacheManager.mjs.map +1 -1
  30. package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
  31. package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
  32. package/dist/cache/utils/AccountEntityUtils.mjs +18 -8
  33. package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
  34. package/dist/cache/utils/CacheHelpers.mjs +10 -5
  35. package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
  36. package/dist/client/AuthorizationCodeClient.mjs +7 -7
  37. package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
  38. package/dist/client/RefreshTokenClient.mjs +8 -8
  39. package/dist/client/RefreshTokenClient.mjs.map +1 -1
  40. package/dist/client/SilentFlowClient.mjs +10 -18
  41. package/dist/client/SilentFlowClient.mjs.map +1 -1
  42. package/dist/config/ClientConfiguration.mjs +3 -3
  43. package/dist/config/ClientConfiguration.mjs.map +1 -1
  44. package/dist/constants/AADServerParamKeys.mjs +7 -3
  45. package/dist/constants/AADServerParamKeys.mjs.map +1 -1
  46. package/dist/crypto/ICrypto.mjs +11 -11
  47. package/dist/crypto/ICrypto.mjs.map +1 -1
  48. package/dist/crypto/JoseHeader.mjs +3 -3
  49. package/dist/crypto/JoseHeader.mjs.map +1 -1
  50. package/dist/crypto/PopTokenGenerator.mjs +2 -2
  51. package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
  52. package/dist/error/AuthError.mjs +5 -7
  53. package/dist/error/AuthError.mjs.map +1 -1
  54. package/dist/error/AuthErrorCodes.mjs +1 -1
  55. package/dist/error/CacheError.mjs +1 -1
  56. package/dist/error/CacheError.mjs.map +1 -1
  57. package/dist/error/CacheErrorCodes.mjs +1 -1
  58. package/dist/error/ClientAuthError.mjs +5 -5
  59. package/dist/error/ClientAuthError.mjs.map +1 -1
  60. package/dist/error/ClientAuthErrorCodes.mjs +2 -4
  61. package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  62. package/dist/error/ClientConfigurationError.mjs +5 -5
  63. package/dist/error/ClientConfigurationError.mjs.map +1 -1
  64. package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
  65. package/dist/error/InteractionRequiredAuthError.mjs +5 -6
  66. package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  67. package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  68. package/dist/error/JoseHeaderError.mjs +5 -5
  69. package/dist/error/JoseHeaderError.mjs.map +1 -1
  70. package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
  71. package/dist/error/NetworkError.mjs +2 -2
  72. package/dist/error/NetworkError.mjs.map +1 -1
  73. package/dist/error/PlatformBrokerError.mjs +3 -3
  74. package/dist/error/PlatformBrokerError.mjs.map +1 -1
  75. package/dist/error/ServerError.mjs +3 -3
  76. package/dist/error/ServerError.mjs.map +1 -1
  77. package/dist/index-node.mjs +53 -53
  78. package/dist/index.mjs +59 -59
  79. package/dist/logger/Logger.mjs +1 -1
  80. package/dist/logger/Logger.mjs.map +1 -1
  81. package/dist/network/INetworkModule.mjs +4 -3
  82. package/dist/network/INetworkModule.mjs.map +1 -1
  83. package/dist/network/RequestThumbprint.mjs +1 -1
  84. package/dist/network/ThrottlingUtils.mjs +2 -2
  85. package/dist/network/ThrottlingUtils.mjs.map +1 -1
  86. package/dist/packageMetadata.mjs +2 -2
  87. package/dist/protocol/Authorize.mjs +16 -14
  88. package/dist/protocol/Authorize.mjs.map +1 -1
  89. package/dist/protocol/Token.mjs +2 -2
  90. package/dist/protocol/Token.mjs.map +1 -1
  91. package/dist/request/AuthenticationHeaderParser.mjs +4 -4
  92. package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
  93. package/dist/request/BaseAuthRequest.mjs +3 -3
  94. package/dist/request/BaseAuthRequest.mjs.map +1 -1
  95. package/dist/request/RequestParameterBuilder.mjs +51 -33
  96. package/dist/request/RequestParameterBuilder.mjs.map +1 -1
  97. package/dist/request/ScopeSet.mjs +13 -12
  98. package/dist/request/ScopeSet.mjs.map +1 -1
  99. package/dist/response/ResponseHandler.mjs +29 -27
  100. package/dist/response/ResponseHandler.mjs.map +1 -1
  101. package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
  102. package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
  103. package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
  104. package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  105. package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
  106. package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
  107. package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
  108. package/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
  109. package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  110. package/dist/url/UrlString.mjs +15 -14
  111. package/dist/url/UrlString.mjs.map +1 -1
  112. package/dist/utils/ClientAssertionUtils.mjs +3 -2
  113. package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
  114. package/dist/utils/Constants.mjs +7 -3
  115. package/dist/utils/Constants.mjs.map +1 -1
  116. package/dist/utils/FunctionWrappers.mjs +1 -1
  117. package/dist/utils/FunctionWrappers.mjs.map +1 -1
  118. package/dist/utils/ProtocolUtils.mjs +12 -9
  119. package/dist/utils/ProtocolUtils.mjs.map +1 -1
  120. package/dist/utils/StringUtils.mjs +1 -1
  121. package/dist/utils/StringUtils.mjs.map +1 -1
  122. package/dist/utils/TimeUtils.mjs +1 -1
  123. package/dist/utils/TimeUtils.mjs.map +1 -1
  124. package/dist/utils/UrlUtils.mjs +4 -4
  125. package/dist/utils/UrlUtils.mjs.map +1 -1
  126. package/dist-browser/account/AccountInfo.mjs +9 -3
  127. package/dist-browser/account/AccountInfo.mjs.map +1 -1
  128. package/dist-browser/account/AuthToken.mjs +9 -23
  129. package/dist-browser/account/AuthToken.mjs.map +1 -1
  130. package/dist-browser/account/CcsCredential.mjs +1 -1
  131. package/dist-browser/account/CcsCredential.mjs.map +1 -1
  132. package/dist-browser/account/ClientInfo.mjs +4 -4
  133. package/dist-browser/account/ClientInfo.mjs.map +1 -1
  134. package/dist-browser/account/TokenClaims.mjs +1 -1
  135. package/dist-browser/account/TokenClaims.mjs.map +1 -1
  136. package/dist-browser/authority/Authority.mjs +36 -37
  137. package/dist-browser/authority/Authority.mjs.map +1 -1
  138. package/dist-browser/authority/AuthorityFactory.mjs +3 -3
  139. package/dist-browser/authority/AuthorityFactory.mjs.map +1 -1
  140. package/dist-browser/authority/AuthorityMetadata.mjs +2 -2
  141. package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -1
  142. package/dist-browser/authority/AuthorityOptions.mjs +1 -1
  143. package/dist-browser/authority/AuthorityOptions.mjs.map +1 -1
  144. package/dist-browser/authority/AuthorityType.mjs +1 -1
  145. package/dist-browser/authority/AuthorityType.mjs.map +1 -1
  146. package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
  147. package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
  148. package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
  149. package/dist-browser/authority/ProtocolMode.mjs +1 -1
  150. package/dist-browser/authority/ProtocolMode.mjs.map +1 -1
  151. package/dist-browser/authority/RegionDiscovery.mjs +16 -10
  152. package/dist-browser/authority/RegionDiscovery.mjs.map +1 -1
  153. package/dist-browser/cache/CacheManager.mjs +62 -46
  154. package/dist-browser/cache/CacheManager.mjs.map +1 -1
  155. package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
  156. package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -1
  157. package/dist-browser/cache/utils/AccountEntityUtils.mjs +18 -8
  158. package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -1
  159. package/dist-browser/cache/utils/CacheHelpers.mjs +10 -5
  160. package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -1
  161. package/dist-browser/client/AuthorizationCodeClient.mjs +7 -7
  162. package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
  163. package/dist-browser/client/RefreshTokenClient.mjs +8 -8
  164. package/dist-browser/client/RefreshTokenClient.mjs.map +1 -1
  165. package/dist-browser/client/SilentFlowClient.mjs +10 -18
  166. package/dist-browser/client/SilentFlowClient.mjs.map +1 -1
  167. package/dist-browser/config/ClientConfiguration.mjs +3 -3
  168. package/dist-browser/config/ClientConfiguration.mjs.map +1 -1
  169. package/dist-browser/constants/AADServerParamKeys.mjs +7 -3
  170. package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -1
  171. package/dist-browser/crypto/ICrypto.mjs +11 -11
  172. package/dist-browser/crypto/ICrypto.mjs.map +1 -1
  173. package/dist-browser/crypto/JoseHeader.mjs +3 -3
  174. package/dist-browser/crypto/JoseHeader.mjs.map +1 -1
  175. package/dist-browser/crypto/PopTokenGenerator.mjs +2 -2
  176. package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -1
  177. package/dist-browser/error/AuthError.mjs +5 -7
  178. package/dist-browser/error/AuthError.mjs.map +1 -1
  179. package/dist-browser/error/AuthErrorCodes.mjs +1 -1
  180. package/dist-browser/error/CacheError.mjs +1 -1
  181. package/dist-browser/error/CacheError.mjs.map +1 -1
  182. package/dist-browser/error/CacheErrorCodes.mjs +1 -1
  183. package/dist-browser/error/ClientAuthError.mjs +5 -5
  184. package/dist-browser/error/ClientAuthError.mjs.map +1 -1
  185. package/dist-browser/error/ClientAuthErrorCodes.mjs +2 -4
  186. package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -1
  187. package/dist-browser/error/ClientConfigurationError.mjs +5 -5
  188. package/dist-browser/error/ClientConfigurationError.mjs.map +1 -1
  189. package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
  190. package/dist-browser/error/InteractionRequiredAuthError.mjs +5 -6
  191. package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -1
  192. package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
  193. package/dist-browser/error/JoseHeaderError.mjs +5 -5
  194. package/dist-browser/error/JoseHeaderError.mjs.map +1 -1
  195. package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
  196. package/dist-browser/error/NetworkError.mjs +2 -2
  197. package/dist-browser/error/NetworkError.mjs.map +1 -1
  198. package/dist-browser/error/PlatformBrokerError.mjs +3 -3
  199. package/dist-browser/error/PlatformBrokerError.mjs.map +1 -1
  200. package/dist-browser/error/ServerError.mjs +3 -3
  201. package/dist-browser/error/ServerError.mjs.map +1 -1
  202. package/dist-browser/index-browser.mjs +55 -55
  203. package/dist-browser/index.mjs +59 -59
  204. package/dist-browser/log-strings-mapping.json +2 -2
  205. package/dist-browser/logger/Logger.mjs +1 -1
  206. package/dist-browser/logger/Logger.mjs.map +1 -1
  207. package/dist-browser/network/INetworkModule.mjs +4 -3
  208. package/dist-browser/network/INetworkModule.mjs.map +1 -1
  209. package/dist-browser/network/RequestThumbprint.mjs +1 -1
  210. package/dist-browser/network/ThrottlingUtils.mjs +2 -2
  211. package/dist-browser/network/ThrottlingUtils.mjs.map +1 -1
  212. package/dist-browser/packageMetadata.mjs +2 -2
  213. package/dist-browser/protocol/Authorize.mjs +16 -14
  214. package/dist-browser/protocol/Authorize.mjs.map +1 -1
  215. package/dist-browser/protocol/Token.mjs +2 -2
  216. package/dist-browser/protocol/Token.mjs.map +1 -1
  217. package/dist-browser/request/AuthenticationHeaderParser.mjs +4 -4
  218. package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -1
  219. package/dist-browser/request/BaseAuthRequest.mjs +3 -3
  220. package/dist-browser/request/BaseAuthRequest.mjs.map +1 -1
  221. package/dist-browser/request/RequestParameterBuilder.mjs +51 -33
  222. package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
  223. package/dist-browser/request/ScopeSet.mjs +13 -12
  224. package/dist-browser/request/ScopeSet.mjs.map +1 -1
  225. package/dist-browser/response/ResponseHandler.mjs +29 -27
  226. package/dist-browser/response/ResponseHandler.mjs.map +1 -1
  227. package/dist-browser/telemetry/performance/PerformanceClient.mjs +1 -1
  228. package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -1
  229. package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
  230. package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
  231. package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
  232. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +1 -1
  233. package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
  234. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +2 -2
  235. package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  236. package/dist-browser/url/UrlString.mjs +15 -14
  237. package/dist-browser/url/UrlString.mjs.map +1 -1
  238. package/dist-browser/utils/ClientAssertionUtils.mjs +3 -2
  239. package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -1
  240. package/dist-browser/utils/Constants.mjs +7 -3
  241. package/dist-browser/utils/Constants.mjs.map +1 -1
  242. package/dist-browser/utils/FunctionWrappers.mjs +1 -1
  243. package/dist-browser/utils/FunctionWrappers.mjs.map +1 -1
  244. package/dist-browser/utils/ProtocolUtils.mjs +12 -9
  245. package/dist-browser/utils/ProtocolUtils.mjs.map +1 -1
  246. package/dist-browser/utils/StringUtils.mjs +1 -1
  247. package/dist-browser/utils/StringUtils.mjs.map +1 -1
  248. package/dist-browser/utils/TimeUtils.mjs +1 -1
  249. package/dist-browser/utils/TimeUtils.mjs.map +1 -1
  250. package/dist-browser/utils/UrlUtils.mjs +4 -4
  251. package/dist-browser/utils/UrlUtils.mjs.map +1 -1
  252. package/lib/index-browser.cjs +8 -8
  253. package/lib/index-browser.cjs.map +1 -1
  254. package/lib/{index-node-CcOYLhxB.js → index-node-BSFEsmmC.js} +364 -312
  255. package/lib/index-node-BSFEsmmC.js.map +1 -0
  256. package/lib/index-node.cjs +2 -2
  257. package/lib/index.cjs +2 -2
  258. package/package.json +1 -1
  259. package/src/account/AccountInfo.ts +19 -1
  260. package/src/account/AuthToken.ts +19 -21
  261. package/src/account/ClientCredentials.ts +1 -0
  262. package/src/account/ClientInfo.ts +8 -3
  263. package/src/authority/Authority.ts +72 -37
  264. package/src/authority/AuthorityFactory.ts +4 -2
  265. package/src/authority/AuthorityMetadata.ts +2 -1
  266. package/src/authority/RegionDiscovery.ts +18 -11
  267. package/src/cache/CacheManager.ts +160 -57
  268. package/src/cache/entities/AccountEntity.ts +4 -0
  269. package/src/cache/entities/CredentialEntity.ts +2 -0
  270. package/src/cache/utils/AccountEntityUtils.ts +23 -3
  271. package/src/cache/utils/CacheHelpers.ts +15 -3
  272. package/src/cache/utils/CacheTypes.ts +2 -0
  273. package/src/client/AuthorizationCodeClient.ts +10 -4
  274. package/src/client/RefreshTokenClient.ts +12 -5
  275. package/src/client/SilentFlowClient.ts +17 -20
  276. package/src/config/ClientConfiguration.ts +8 -2
  277. package/src/constants/AADServerParamKeys.ts +5 -0
  278. package/src/crypto/ICrypto.ts +40 -10
  279. package/src/crypto/JoseHeader.ts +8 -2
  280. package/src/crypto/PopTokenGenerator.ts +1 -1
  281. package/src/error/AuthError.ts +9 -5
  282. package/src/error/ClientAuthError.ts +8 -3
  283. package/src/error/ClientAuthErrorCodes.ts +0 -2
  284. package/src/error/ClientConfigurationError.ts +5 -4
  285. package/src/error/InteractionRequiredAuthError.ts +9 -5
  286. package/src/error/JoseHeaderError.ts +11 -4
  287. package/src/error/NetworkError.ts +6 -1
  288. package/src/error/PlatformBrokerError.ts +2 -1
  289. package/src/error/ServerError.ts +3 -2
  290. package/src/network/INetworkModule.ts +3 -2
  291. package/src/network/ThrottlingUtils.ts +1 -0
  292. package/src/packageMetadata.ts +1 -1
  293. package/src/protocol/Authorize.ts +21 -6
  294. package/src/protocol/Token.ts +4 -1
  295. package/src/request/AuthenticationHeaderParser.ts +6 -3
  296. package/src/request/BaseAuthRequest.ts +8 -2
  297. package/src/request/RequestParameterBuilder.ts +66 -43
  298. package/src/request/ScopeSet.ts +27 -11
  299. package/src/response/ImdsComputeResponse.ts +14 -0
  300. package/src/response/ResponseHandler.ts +45 -32
  301. package/src/url/UrlString.ts +32 -13
  302. package/src/utils/ClientAssertionUtils.ts +3 -1
  303. package/src/utils/Constants.ts +6 -3
  304. package/src/utils/ProtocolUtils.ts +26 -8
  305. package/src/utils/UrlUtils.ts +8 -3
  306. package/types/account/AccountInfo.d.ts +8 -2
  307. package/types/account/AccountInfo.d.ts.map +1 -1
  308. package/types/account/AuthToken.d.ts +2 -6
  309. package/types/account/AuthToken.d.ts.map +1 -1
  310. package/types/account/ClientCredentials.d.ts +1 -0
  311. package/types/account/ClientCredentials.d.ts.map +1 -1
  312. package/types/account/ClientInfo.d.ts.map +1 -1
  313. package/types/authority/Authority.d.ts +4 -4
  314. package/types/authority/Authority.d.ts.map +1 -1
  315. package/types/authority/AuthorityFactory.d.ts.map +1 -1
  316. package/types/authority/AuthorityMetadata.d.ts.map +1 -1
  317. package/types/authority/RegionDiscovery.d.ts +3 -2
  318. package/types/authority/RegionDiscovery.d.ts.map +1 -1
  319. package/types/cache/CacheManager.d.ts +0 -7
  320. package/types/cache/CacheManager.d.ts.map +1 -1
  321. package/types/cache/entities/AccountEntity.d.ts +4 -0
  322. package/types/cache/entities/AccountEntity.d.ts.map +1 -1
  323. package/types/cache/entities/CredentialEntity.d.ts +2 -0
  324. package/types/cache/entities/CredentialEntity.d.ts.map +1 -1
  325. package/types/cache/utils/AccountEntityUtils.d.ts +1 -1
  326. package/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
  327. package/types/cache/utils/CacheHelpers.d.ts +1 -1
  328. package/types/cache/utils/CacheHelpers.d.ts.map +1 -1
  329. package/types/cache/utils/CacheTypes.d.ts +2 -1
  330. package/types/cache/utils/CacheTypes.d.ts.map +1 -1
  331. package/types/client/AuthorizationCodeClient.d.ts.map +1 -1
  332. package/types/client/RefreshTokenClient.d.ts.map +1 -1
  333. package/types/client/SilentFlowClient.d.ts.map +1 -1
  334. package/types/config/ClientConfiguration.d.ts.map +1 -1
  335. package/types/constants/AADServerParamKeys.d.ts +4 -0
  336. package/types/constants/AADServerParamKeys.d.ts.map +1 -1
  337. package/types/crypto/ICrypto.d.ts.map +1 -1
  338. package/types/crypto/JoseHeader.d.ts.map +1 -1
  339. package/types/error/AuthError.d.ts +2 -3
  340. package/types/error/AuthError.d.ts.map +1 -1
  341. package/types/error/ClientAuthError.d.ts +2 -2
  342. package/types/error/ClientAuthError.d.ts.map +1 -1
  343. package/types/error/ClientAuthErrorCodes.d.ts +0 -2
  344. package/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
  345. package/types/error/ClientConfigurationError.d.ts +2 -2
  346. package/types/error/ClientConfigurationError.d.ts.map +1 -1
  347. package/types/error/InteractionRequiredAuthError.d.ts +2 -2
  348. package/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
  349. package/types/error/JoseHeaderError.d.ts +2 -2
  350. package/types/error/JoseHeaderError.d.ts.map +1 -1
  351. package/types/error/NetworkError.d.ts.map +1 -1
  352. package/types/error/PlatformBrokerError.d.ts +1 -1
  353. package/types/error/PlatformBrokerError.d.ts.map +1 -1
  354. package/types/error/ServerError.d.ts +1 -1
  355. package/types/error/ServerError.d.ts.map +1 -1
  356. package/types/network/INetworkModule.d.ts.map +1 -1
  357. package/types/network/ThrottlingUtils.d.ts.map +1 -1
  358. package/types/packageMetadata.d.ts +1 -1
  359. package/types/packageMetadata.d.ts.map +1 -1
  360. package/types/protocol/Authorize.d.ts +4 -2
  361. package/types/protocol/Authorize.d.ts.map +1 -1
  362. package/types/protocol/Token.d.ts.map +1 -1
  363. package/types/request/AuthenticationHeaderParser.d.ts.map +1 -1
  364. package/types/request/BaseAuthRequest.d.ts +4 -0
  365. package/types/request/BaseAuthRequest.d.ts.map +1 -1
  366. package/types/request/RequestParameterBuilder.d.ts +12 -3
  367. package/types/request/RequestParameterBuilder.d.ts.map +1 -1
  368. package/types/request/ScopeSet.d.ts +4 -3
  369. package/types/request/ScopeSet.d.ts.map +1 -1
  370. package/types/response/ImdsComputeResponse.d.ts +10 -0
  371. package/types/response/ImdsComputeResponse.d.ts.map +1 -0
  372. package/types/response/ResponseHandler.d.ts +1 -1
  373. package/types/response/ResponseHandler.d.ts.map +1 -1
  374. package/types/url/UrlString.d.ts +5 -4
  375. package/types/url/UrlString.d.ts.map +1 -1
  376. package/types/utils/ClientAssertionUtils.d.ts +1 -1
  377. package/types/utils/ClientAssertionUtils.d.ts.map +1 -1
  378. package/types/utils/Constants.d.ts +6 -2
  379. package/types/utils/Constants.d.ts.map +1 -1
  380. package/types/utils/ProtocolUtils.d.ts +6 -3
  381. package/types/utils/ProtocolUtils.d.ts.map +1 -1
  382. package/types/utils/UrlUtils.d.ts.map +1 -1
  383. package/lib/index-node-CcOYLhxB.js.map +0 -1
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.9.0 2026-06-16 */
1
+ /*! @azure/msal-common v16.10.0 2026-06-23 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { HeaderNames } from '../utils/Constants.mjs';
@@ -28,7 +28,7 @@ class AuthenticationHeaderParser {
28
28
  if (authenticationInfoChallenges.nextnonce) {
29
29
  return authenticationInfoChallenges.nextnonce;
30
30
  }
31
- throw createClientConfigurationError(invalidAuthenticationHeader);
31
+ throw createClientConfigurationError(invalidAuthenticationHeader, "");
32
32
  }
33
33
  // Attempt to parse nonce from WWW-Authenticate
34
34
  const wwwAuthenticate = this.headers[HeaderNames.WWWAuthenticate];
@@ -37,10 +37,10 @@ class AuthenticationHeaderParser {
37
37
  if (wwwAuthenticateChallenges.nonce) {
38
38
  return wwwAuthenticateChallenges.nonce;
39
39
  }
40
- throw createClientConfigurationError(invalidAuthenticationHeader);
40
+ throw createClientConfigurationError(invalidAuthenticationHeader, "");
41
41
  }
42
42
  // If neither header is present, throw missing headers error
43
- throw createClientConfigurationError(missingNonceAuthenticationHeader);
43
+ throw createClientConfigurationError(missingNonceAuthenticationHeader, "");
44
44
  }
45
45
  /**
46
46
  * Parses an HTTP header's challenge set into a key/value map.
@@ -1 +1 @@
1
- {"version":3,"file":"AuthenticationHeaderParser.mjs","sources":["../../src/request/AuthenticationHeaderParser.ts"],"sourcesContent":[null],"names":["ClientConfigurationErrorCodes.invalidAuthenticationHeader","ClientConfigurationErrorCodes.missingNonceAuthenticationHeader"],"mappings":";;;;;;AAAA;;;AAGG;AAgBH;;;AAGG;MACU,0BAA0B,CAAA;AAGnC,IAAA,WAAA,CAAY,OAA+B,EAAA;AACvC,QAAA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;AAED;;;AAGG;IACH,WAAW,GAAA;;QAEP,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC;AACxE,QAAA,IAAI,kBAAkB,EAAE;YACpB,MAAM,4BAA4B,GAC9B,IAAI,CAAC,eAAe,CAChB,kBAAkB,CACrB,CAAC;YACN,IAAI,4BAA4B,CAAC,SAAS,EAAE;gBACxC,OAAO,4BAA4B,CAAC,SAAS,CAAC;AACjD,YAAA,CAAA;AACD,YAAA,MAAM,8BAA8B,CAChCA,2BAAyD,CAC5D,CAAC;AACL,QAAA,CAAA;;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;AAClE,QAAA,IAAI,eAAe,EAAE;YACjB,MAAM,yBAAyB,GAC3B,IAAI,CAAC,eAAe,CAChB,eAAe,CAClB,CAAC;YACN,IAAI,yBAAyB,CAAC,KAAK,EAAE;gBACjC,OAAO,yBAAyB,CAAC,KAAK,CAAC;AAC1C,YAAA,CAAA;AACD,YAAA,MAAM,8BAA8B,CAChCA,2BAAyD,CAC5D,CAAC;AACL,QAAA,CAAA;;AAGD,QAAA,MAAM,8BAA8B,CAChCC,gCAA8D,CACjE,CAAC;IACN,CAAC;AAED;;;;AAIG;AACK,IAAA,eAAe,CAAI,MAAc,EAAA;QACrC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC5C,QAAA,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,EAAO,CAAC;AAE7B,QAAA,UAAU,CAAC,OAAO,CAAC,CAAC,SAAiB,KAAI;AACrC,YAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;;AAE1C,YAAA,YAAY,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC;AAC9D,QAAA,CAAC,CAAC,CAAC;AAEH,QAAA,OAAO,YAAY,CAAC;IACxB,CAAC;AACJ;;;;"}
1
+ {"version":3,"file":"AuthenticationHeaderParser.mjs","sources":["../../src/request/AuthenticationHeaderParser.ts"],"sourcesContent":[null],"names":["ClientConfigurationErrorCodes.invalidAuthenticationHeader","ClientConfigurationErrorCodes.missingNonceAuthenticationHeader"],"mappings":";;;;;;AAAA;;;AAGG;AAgBH;;;AAGG;MACU,0BAA0B,CAAA;AAGnC,IAAA,WAAA,CAAY,OAA+B,EAAA;AACvC,QAAA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;KAC1B;AAED;;;AAGG;IACH,WAAW,GAAA;;QAEP,MAAM,kBAAkB,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,kBAAkB,CAAC,CAAC;AACxE,QAAA,IAAI,kBAAkB,EAAE;YACpB,MAAM,4BAA4B,GAC9B,IAAI,CAAC,eAAe,CAChB,kBAAkB,CACrB,CAAC;YACN,IAAI,4BAA4B,CAAC,SAAS,EAAE;gBACxC,OAAO,4BAA4B,CAAC,SAAS,CAAC;AACjD,aAAA;YACD,MAAM,8BAA8B,CAChCA,2BAAyD,EACzD,EAAE,CACL,CAAC;AACL,SAAA;;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;AAClE,QAAA,IAAI,eAAe,EAAE;YACjB,MAAM,yBAAyB,GAC3B,IAAI,CAAC,eAAe,CAChB,eAAe,CAClB,CAAC;YACN,IAAI,yBAAyB,CAAC,KAAK,EAAE;gBACjC,OAAO,yBAAyB,CAAC,KAAK,CAAC;AAC1C,aAAA;YACD,MAAM,8BAA8B,CAChCA,2BAAyD,EACzD,EAAE,CACL,CAAC;AACL,SAAA;;QAGD,MAAM,8BAA8B,CAChCC,gCAA8D,EAC9D,EAAE,CACL,CAAC;KACL;AAED;;;;AAIG;AACK,IAAA,eAAe,CAAI,MAAc,EAAA;QACrC,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AAC5C,QAAA,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,YAAY,GAAG,EAAO,CAAC;AAE7B,QAAA,UAAU,CAAC,OAAO,CAAC,CAAC,SAAiB,KAAI;AACrC,YAAA,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;;AAE1C,YAAA,YAAY,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,CAAC;AAC9D,SAAC,CAAC,CAAC;AAEH,QAAA,OAAO,YAAY,CAAC;KACvB;AACJ;;;;"}
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.9.0 2026-06-16 */
1
+ /*! @azure/msal-common v16.10.0 2026-06-23 */
2
2
  'use strict';
3
3
  import { createClientAuthError } from '../error/ClientAuthError.mjs';
4
4
  import { misplacedResourceParam, resourceParameterRequired } from '../error/ClientAuthErrorCodes.mjs';
@@ -21,10 +21,10 @@ function enforceResourceParameter(isMcp, request) {
21
21
  if (request.resource &&
22
22
  (containsResourceParam(request.extraParameters) ||
23
23
  containsResourceParam(request.extraQueryParameters))) {
24
- throw createClientAuthError(misplacedResourceParam);
24
+ throw createClientAuthError(misplacedResourceParam, request.correlationId || "");
25
25
  }
26
26
  if (!request.resource) {
27
- throw createClientAuthError(resourceParameterRequired);
27
+ throw createClientAuthError(resourceParameterRequired, request.correlationId || "");
28
28
  }
29
29
  }
30
30
  function containsResourceParam(params) {
@@ -1 +1 @@
1
- {"version":3,"file":"BaseAuthRequest.mjs","sources":["../../src/request/BaseAuthRequest.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.misplacedResourceParam","ClientAuthErrorCodes.resourceParameterRequired"],"mappings":";;;;;AAAA;;;AAGG;AA4GH;;;;;;AAMG;AACG,SAAU,wBAAwB,CACpC,KAAc,EACd,OAAiC,EAAA;IAEjC,IAAI,CAAC,KAAK,EAAE;QACR,OAAO;AACV,IAAA,CAAA;IAED,IACI,OAAO,CAAC,QAAQ;AAChB,SAAC,qBAAqB,CAAC,OAAO,CAAC,eAAe,CAAC;AAC3C,YAAA,qBAAqB,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC,EAC1D;AACE,QAAA,MAAM,qBAAqB,CACvBA,sBAA2C,CAC9C,CAAC;AACL,IAAA,CAAA;AAED,IAAA,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;AACnB,QAAA,MAAM,qBAAqB,CACvBC,yBAA8C,CACjD,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAmB,EAAA;IAC9C,IAAI,CAAC,MAAM,EAAE;AACT,QAAA,OAAO,KAAK,CAAC;AAChB,IAAA,CAAA;AAED,IAAA,OAAO,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;AACpE;;;;"}
1
+ {"version":3,"file":"BaseAuthRequest.mjs","sources":["../../src/request/BaseAuthRequest.ts"],"sourcesContent":[null],"names":["ClientAuthErrorCodes.misplacedResourceParam","ClientAuthErrorCodes.resourceParameterRequired"],"mappings":";;;;;AAAA;;;AAGG;AAgHH;;;;;;AAMG;AACa,SAAA,wBAAwB,CACpC,KAAc,EACd,OAAiC,EAAA;IAEjC,IAAI,CAAC,KAAK,EAAE;QACR,OAAO;AACV,KAAA;IAED,IACI,OAAO,CAAC,QAAQ;AAChB,SAAC,qBAAqB,CAAC,OAAO,CAAC,eAAe,CAAC;AAC3C,YAAA,qBAAqB,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC,EAC1D;AACE,QAAA,MAAM,qBAAqB,CACvBA,sBAA2C,EAC3C,OAAO,CAAC,aAAa,IAAI,EAAE,CAC9B,CAAC;AACL,KAAA;AAED,IAAA,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE;AACnB,QAAA,MAAM,qBAAqB,CACvBC,yBAA8C,EAC9C,OAAO,CAAC,aAAa,IAAI,EAAE,CAC9B,CAAC;AACL,KAAA;AACL,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAmB,EAAA;IAC9C,IAAI,CAAC,MAAM,EAAE;AACT,QAAA,OAAO,KAAK,CAAC;AAChB,KAAA;AAED,IAAA,OAAO,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;AACpE;;;;"}
@@ -1,11 +1,10 @@
1
- /*! @azure/msal-common v16.9.0 2026-06-16 */
1
+ /*! @azure/msal-common v16.10.0 2026-06-23 */
2
2
  'use strict';
3
- import { OIDC_DEFAULT_SCOPES, HeaderNames, ClaimsRequestKeys, CLIENT_INFO, PasswordGrantConstants, AuthenticationScheme, ResponseMode, X_MS_LIB_CAPABILITY_VALUE } from '../utils/Constants.mjs';
4
- import { X_APP_NAME, X_APP_VER, CODE, BROKER_CLIENT_ID, BROKER_REDIRECT_URI, CLAIMS, CLI_DATA, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, CLIENT_ID, CLIENT_SECRET, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE_VERIFIER, CLIENT_REQUEST_ID, DEVICE_CODE, DOMAIN_HINT, EAR_JWK, EAR_JWE_CRYPTO, GRANT_TYPE, ID_TOKEN_HINT, INSTANCE_AWARE, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, LOGIN_HINT, LOGOUT_HINT, NATIVE_BROKER, NONCE, OBO_ASSERTION, TOKEN_TYPE, REQ_CNF, POST_LOGOUT_URI, PROMPT, REDIRECT_URI, REFRESH_TOKEN, REQUESTED_TOKEN_USE, RESOURCE, RESPONSE_MODE, RESPONSE_TYPE, SCOPE, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, SID, STATE, X_MS_LIB_CAPABILITY } from '../constants/AADServerParamKeys.mjs';
3
+ import { OIDC_DEFAULT_SCOPES, ResponseMode, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, X_MS_LIB_CAPABILITY_VALUE } from '../utils/Constants.mjs';
4
+ import { CLIENT_ID, BROKER_CLIENT_ID, REDIRECT_URI, RESPONSE_TYPE, RESPONSE_MODE, NATIVE_BROKER, SCOPE, POST_LOGOUT_URI, ID_TOKEN_HINT, DOMAIN_HINT, LOGIN_HINT, SID, CLAIMS, CLIENT_REQUEST_ID, X_CLIENT_SKU, X_CLIENT_VER, X_CLIENT_OS, X_CLIENT_CPU, X_APP_NAME, X_APP_VER, PROMPT, STATE, NONCE, CODE_CHALLENGE, CODE_CHALLENGE_METHOD, CODE, DEVICE_CODE, REFRESH_TOKEN, CODE_VERIFIER, CLIENT_SECRET, CLIENT_ASSERTION, CLIENT_ASSERTION_TYPE, OBO_ASSERTION, REQUESTED_TOKEN_USE, GRANT_TYPE, CLI_DATA, INSTANCE_AWARE, TOKEN_TYPE, REQ_CNF, X_CLIENT_CURR_TELEM, X_CLIENT_LAST_TELEM, X_MS_LIB_CAPABILITY, LOGOUT_HINT, BROKER_REDIRECT_URI, EAR_JWK, EAR_JWE_CRYPTO, RESOURCE } from '../constants/AADServerParamKeys.mjs';
5
5
  import { ScopeSet } from './ScopeSet.mjs';
6
6
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
7
- import { StringUtils } from '../utils/StringUtils.mjs';
8
- import { invalidClaims, pkceParamsMissing } from '../error/ClientConfigurationErrorCodes.mjs';
7
+ import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
9
8
 
10
9
  /*
11
10
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -49,7 +48,7 @@ function addNativeBroker(parameters) {
49
48
  * @param scopeSet
50
49
  * @param addOidcScopes
51
50
  */
52
- function addScopes(parameters, scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
51
+ function addScopes(parameters, scopes, correlationId, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
53
52
  // Always add openid to the scopes when adding OIDC scopes
54
53
  if (addOidcScopes &&
55
54
  !defaultScopes.includes("openid") &&
@@ -59,7 +58,7 @@ function addScopes(parameters, scopes, addOidcScopes = true, defaultScopes = OID
59
58
  const requestScopes = addOidcScopes
60
59
  ? [...(scopes || []), ...defaultScopes]
61
60
  : scopes || [];
62
- const scopeSet = new ScopeSet(requestScopes);
61
+ const scopeSet = new ScopeSet(requestScopes, correlationId);
63
62
  parameters.set(SCOPE, scopeSet.printScopes());
64
63
  }
65
64
  /**
@@ -129,26 +128,18 @@ function addSid(parameters, sid) {
129
128
  * Adds claims to request parameters, conditionally excluding clientCapabilities
130
129
  * when skipBrokerClaims is true and a brokered flow is in effect.
131
130
  * @param parameters - The request parameters map
131
+ * @param correlationId - The request correlation id
132
132
  * @param claims - The claims string from the request
133
133
  * @param clientCapabilities - The client capabilities from configuration
134
134
  * @param skipBrokerClaims - When true and BROKER_CLIENT_ID is present, excludes clientCapabilities from claims
135
135
  */
136
- function addClaims(parameters, claims, clientCapabilities, skipBrokerClaims) {
136
+ function addClaims(parameters, correlationId, claims, clientCapabilities, skipBrokerClaims) {
137
137
  // Skip clientCapabilities if skipBrokerClaims is set to true and this is a brokered authentication flow
138
138
  const configClaims = skipBrokerClaims && parameters.has(BROKER_CLIENT_ID)
139
139
  ? undefined
140
140
  : clientCapabilities;
141
- if (!StringUtils.isEmptyObj(claims) ||
142
- (configClaims && configClaims.length > 0)) {
143
- const mergedClaims = addClientCapabilitiesToClaims(claims, configClaims);
144
- try {
145
- JSON.parse(mergedClaims);
146
- }
147
- catch (e) {
148
- throw createClientConfigurationError(invalidClaims);
149
- }
150
- parameters.set(CLAIMS, mergedClaims);
151
- }
141
+ const mergedClaims = buildMergedClaims(claims, configClaims, correlationId);
142
+ parameters.set(CLAIMS, mergedClaims);
152
143
  }
153
144
  /**
154
145
  * add correlationId
@@ -219,7 +210,7 @@ function addCodeChallengeParams(parameters, codeChallenge, codeChallengeMethod)
219
210
  parameters.set(CODE_CHALLENGE_METHOD, codeChallengeMethod);
220
211
  }
221
212
  else {
222
- throw createClientConfigurationError(pkceParamsMissing);
213
+ throw createClientConfigurationError(pkceParamsMissing, "");
223
214
  }
224
215
  }
225
216
  /**
@@ -325,7 +316,23 @@ function addExtraParameters(parameters, extraParams) {
325
316
  }
326
317
  });
327
318
  }
328
- function addClientCapabilitiesToClaims(claims, clientCapabilities) {
319
+ /**
320
+ * Default optional idToken claims requested on all auth requests.
321
+ * signin_state enables KMSI detection; login_hint enables login hint propagation.
322
+ */
323
+ const DEFAULT_ID_TOKEN_CLAIMS = {
324
+ [ClaimsRequestKeys.SIGNIN_STATE]: { essential: false },
325
+ [ClaimsRequestKeys.LOGIN_HINT]: { essential: false },
326
+ };
327
+ /**
328
+ * Parses claims JSON, merges default optional idToken claims (signin_state, login_hint),
329
+ * and appends client capabilities (xms_cc) to the access_token section.
330
+ * Does not overwrite idToken claims already specified by the caller.
331
+ * @param claims - Existing claims JSON string from the request (may be undefined)
332
+ * @param clientCapabilities - Client capabilities array from configuration
333
+ * @returns Merged claims JSON string
334
+ */
335
+ function buildMergedClaims(claims, clientCapabilities, correlationId = "") {
329
336
  let mergedClaims;
330
337
  // Parse provided claims into JSON object or initialize empty object
331
338
  if (!claims) {
@@ -333,14 +340,31 @@ function addClientCapabilitiesToClaims(claims, clientCapabilities) {
333
340
  }
334
341
  else {
335
342
  try {
336
- mergedClaims = JSON.parse(claims);
343
+ const parsed = JSON.parse(claims);
344
+ if (typeof parsed !== "object" ||
345
+ parsed === null ||
346
+ Array.isArray(parsed)) {
347
+ throw new Error("Claims must be a JSON object");
348
+ }
349
+ mergedClaims = parsed;
337
350
  }
338
351
  catch (e) {
339
- throw createClientConfigurationError(invalidClaims);
352
+ throw createClientConfigurationError(invalidClaims, correlationId);
340
353
  }
341
354
  }
355
+ // Add default optional idToken claims
356
+ if (!Object.prototype.hasOwnProperty.call(mergedClaims, ClaimsRequestKeys.ID_TOKEN)) {
357
+ mergedClaims[ClaimsRequestKeys.ID_TOKEN] = {};
358
+ }
359
+ const idTokenClaims = mergedClaims[ClaimsRequestKeys.ID_TOKEN];
360
+ for (const [key, value] of Object.entries(DEFAULT_ID_TOKEN_CLAIMS)) {
361
+ if (!(key in idTokenClaims)) {
362
+ idTokenClaims[key] = value;
363
+ }
364
+ }
365
+ // Add client capabilities
342
366
  if (clientCapabilities && clientCapabilities.length > 0) {
343
- if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
367
+ if (!Object.prototype.hasOwnProperty.call(mergedClaims, ClaimsRequestKeys.ACCESS_TOKEN)) {
344
368
  // Add access_token key to claims object
345
369
  mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
346
370
  }
@@ -390,14 +414,8 @@ function addSshJwk(parameters, sshJwkString) {
390
414
  * @internal
391
415
  */
392
416
  function addServerTelemetry(parameters, serverTelemetryManager) {
393
- const currentTelemetryHeader = serverTelemetryManager.generateCurrentRequestHeaderValue();
394
- const lastTelemetryHeader = serverTelemetryManager.generateLastRequestHeaderValue();
395
- if (currentTelemetryHeader) {
396
- parameters.set(X_CLIENT_CURR_TELEM, currentTelemetryHeader);
397
- }
398
- if (lastTelemetryHeader) {
399
- parameters.set(X_CLIENT_LAST_TELEM, lastTelemetryHeader);
400
- }
417
+ parameters.set(X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
418
+ parameters.set(X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
401
419
  }
402
420
  /**
403
421
  * Adds parameter that indicates to the server that throttling is supported
@@ -436,5 +454,5 @@ function addResource(parameters, resource) {
436
454
  }
437
455
  }
438
456
 
439
- export { addApplicationTelemetry, addAuthorizationCode, addBrokerParameters, addCcsOid, addCcsUpn, addClaims, addCliData, addClientAssertion, addClientAssertionType, addClientCapabilitiesToClaims, addClientId, addClientInfo, addClientSecret, addCodeChallengeParams, addCodeVerifier, addCorrelationId, addDeviceCode, addDomainHint, addEARParameters, addExtraParameters, addGrantType, addIdTokenHint, addInstanceAware, addLibraryInfo, addLoginHint, addLogoutHint, addNativeBroker, addNonce, addOboAssertion, addPassword, addPopToken, addPostLogoutRedirectUri, addPrompt, addRedirectUri, addRefreshToken, addRequestTokenUse, addResource, addResponseMode, addResponseType, addScopes, addServerTelemetry, addSid, addSshJwk, addState, addThrottling, addUsername, instrumentBrokerParams };
457
+ export { addApplicationTelemetry, addAuthorizationCode, addBrokerParameters, addCcsOid, addCcsUpn, addClaims, addCliData, addClientAssertion, addClientAssertionType, addClientId, addClientInfo, addClientSecret, addCodeChallengeParams, addCodeVerifier, addCorrelationId, addDeviceCode, addDomainHint, addEARParameters, addExtraParameters, addGrantType, addIdTokenHint, addInstanceAware, addLibraryInfo, addLoginHint, addLogoutHint, addNativeBroker, addNonce, addOboAssertion, addPassword, addPopToken, addPostLogoutRedirectUri, addPrompt, addRedirectUri, addRefreshToken, addRequestTokenUse, addResource, addResponseMode, addResponseType, addScopes, addServerTelemetry, addSid, addSshJwk, addState, addThrottling, addUsername, buildMergedClaims, instrumentBrokerParams };
440
458
  //# sourceMappingURL=RequestParameterBuilder.mjs.map
@@ -1 +1 @@
1
- {"version":3,"file":"RequestParameterBuilder.mjs","sources":["../../src/request/RequestParameterBuilder.ts"],"sourcesContent":[null],"names":["AADServerParamKeys.CLIENT_ID","AADServerParamKeys.BROKER_CLIENT_ID","AADServerParamKeys.REDIRECT_URI","AADServerParamKeys.RESPONSE_TYPE","AADServerParamKeys.RESPONSE_MODE","Constants.ResponseMode","AADServerParamKeys.NATIVE_BROKER","Constants.OIDC_DEFAULT_SCOPES","AADServerParamKeys.SCOPE","AADServerParamKeys.POST_LOGOUT_URI","AADServerParamKeys.ID_TOKEN_HINT","AADServerParamKeys.DOMAIN_HINT","AADServerParamKeys.LOGIN_HINT","Constants.HeaderNames","AADServerParamKeys.SID","ClientConfigurationErrorCodes.invalidClaims","AADServerParamKeys.CLAIMS","AADServerParamKeys.CLIENT_REQUEST_ID","AADServerParamKeys.X_CLIENT_SKU","AADServerParamKeys.X_CLIENT_VER","AADServerParamKeys.X_CLIENT_OS","AADServerParamKeys.X_CLIENT_CPU","AADServerParamKeys.X_APP_NAME","AADServerParamKeys.X_APP_VER","AADServerParamKeys.PROMPT","AADServerParamKeys.STATE","AADServerParamKeys.NONCE","AADServerParamKeys.CODE_CHALLENGE","AADServerParamKeys.CODE_CHALLENGE_METHOD","ClientConfigurationErrorCodes.pkceParamsMissing","AADServerParamKeys.CODE","AADServerParamKeys.DEVICE_CODE","AADServerParamKeys.REFRESH_TOKEN","AADServerParamKeys.CODE_VERIFIER","AADServerParamKeys.CLIENT_SECRET","AADServerParamKeys.CLIENT_ASSERTION","AADServerParamKeys.CLIENT_ASSERTION_TYPE","AADServerParamKeys.OBO_ASSERTION","AADServerParamKeys.REQUESTED_TOKEN_USE","AADServerParamKeys.GRANT_TYPE","Constants.CLIENT_INFO","AADServerParamKeys.CLI_DATA","AADServerParamKeys.INSTANCE_AWARE","Constants.ClaimsRequestKeys","Constants.PasswordGrantConstants","AADServerParamKeys.TOKEN_TYPE","Constants.AuthenticationScheme","AADServerParamKeys.REQ_CNF","AADServerParamKeys.X_CLIENT_CURR_TELEM","AADServerParamKeys.X_CLIENT_LAST_TELEM","AADServerParamKeys.X_MS_LIB_CAPABILITY","Constants.X_MS_LIB_CAPABILITY_VALUE","AADServerParamKeys.LOGOUT_HINT","AADServerParamKeys.BROKER_REDIRECT_URI","AADServerParamKeys.EAR_JWK","AADServerParamKeys.EAR_JWE_CRYPTO","AADServerParamKeys.RESOURCE"],"mappings":";;;;;;;;;AAAA;;;AAGG;SAmBa,sBAAsB,CAClC,UAA+B,EAC/B,aAAsB,EACtB,iBAAsC,EAAA;IAEtC,IAAI,CAAC,aAAa,EAAE;QAChB,OAAO;AACV,IAAA,CAAA;IAED,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAACA,SAA4B,CAAC,CAAC;IAC9D,IAAI,QAAQ,IAAI,UAAU,CAAC,GAAG,CAACC,gBAAmC,CAAC,EAAE;QACjE,iBAAiB,EAAE,SAAS,CACxB;AACI,YAAA,gBAAgB,EAAE,QAAQ;YAC1B,mBAAmB,EAAE,UAAU,CAAC,GAAG,CAC/BC,YAA+B,CAClC;SACJ,EACD,aAAa,CAChB,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED;;;;AAIG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAyC,EAAA;IAEzC,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAqC,EAAA;IAErC,UAAU,CAAC,GAAG,CACVC,aAAgC,EAChC,YAAY,GAAG,YAAY,GAAGC,YAAsB,CAAC,KAAK,CAC7D,CAAC;AACN,CAAC;AAED;;AAEG;AACG,SAAU,eAAe,CAAC,UAA+B,EAAA;IAC3D,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED;;;;AAIG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,MAAgB,EAChB,aAAA,GAAyB,IAAI,EAC7B,aAAA,GAA+BC,mBAA6B,EAAA;;AAG5D,IAAA,IACI,aAAa;AACb,QAAA,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACjC,QAAA,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAC5B;AACE,QAAA,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAChC,IAAA,CAAA;IACD,MAAM,aAAa,GAAG,aAAa;UAC7B,CAAC,IAAI,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC;AACvC,UAAE,MAAM,IAAI,EAAE,CAAC;AACnB,IAAA,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,aAAa,CAAC,CAAC;AAC7C,IAAA,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;AACrE,CAAC;AAED;;;AAGG;AACG,SAAU,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACR,SAA4B,EAAE,QAAQ,CAAC,CAAC;AAC3D,CAAC;AAED;;;AAGG;AACG,SAAU,cAAc,CAC1B,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACE,YAA+B,EAAE,WAAW,CAAC,CAAC;AACjE,CAAC;AAED;;;AAGG;AACG,SAAU,wBAAwB,CACpC,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACO,eAAkC,EAAE,WAAW,CAAC,CAAC;AACpE,CAAC;AAED;;;AAGG;AACG,SAAU,cAAc,CAC1B,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,WAAW,CAAC,CAAC;AAClE,CAAC;AAED;;;AAGG;AACG,SAAU,aAAa,CACzB,UAA+B,EAC/B,UAAkB,EAAA;IAElB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,UAAU,CAAC,CAAC;AAC/D,CAAC;AAED;;;AAGG;AACG,SAAU,YAAY,CACxB,UAA+B,EAC/B,SAAiB,EAAA;IAEjB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,SAAS,CAAC,CAAC;AAC7D,CAAC;AAED;;;AAGG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,SAAiB,EAAA;AAEjB,IAAA,UAAU,CAAC,GAAG,CAACC,WAAqB,CAAC,UAAU,EAAE,CAAA,IAAA,EAAO,SAAS,CAAA,CAAE,CAAC,CAAC;AACzE,CAAC;AAED;;;AAGG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,UAAsB,EAAA;AAEtB,IAAA,UAAU,CAAC,GAAG,CACVA,WAAqB,CAAC,UAAU,EAChC,OAAO,UAAU,CAAC,GAAG,CAAA,CAAA,EAAI,UAAU,CAAC,IAAI,CAAA,CAAE,CAC7C,CAAC;AACN,CAAC;AAED;;;AAGG;AACG,SAAU,MAAM,CAAC,UAA+B,EAAE,GAAW,EAAA;IAC/D,UAAU,CAAC,GAAG,CAACC,GAAsB,EAAE,GAAG,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;;AAOG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,MAAe,EACf,kBAAkC,EAClC,gBAA0B,EAAA;;IAG1B,MAAM,YAAY,GACd,gBAAgB,IAAI,UAAU,CAAC,GAAG,CAACb,gBAAmC,CAAC;AACnE,UAAE,SAAS;UACT,kBAAkB,CAAC;AAE7B,IAAA,IACI,CAAC,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC;SAC9B,YAAY,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,EAC3C;QACE,MAAM,YAAY,GAAG,6BAA6B,CAC9C,MAAM,EACN,YAAY,CACf,CAAC;QACF,IAAI;AACA,YAAA,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;AAC5B,QAAA,CAAA;AAAC,QAAA,OAAO,CAAC,EAAE;AACR,YAAA,MAAM,8BAA8B,CAChCc,aAA2C,CAC9C,CAAC;AACL,QAAA,CAAA;QACD,UAAU,CAAC,GAAG,CAACC,MAAyB,EAAE,YAAY,CAAC,CAAC;AAC3D,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,gBAAgB,CAC5B,UAA+B,EAC/B,aAAqB,EAAA;IAErB,UAAU,CAAC,GAAG,CAACC,iBAAoC,EAAE,aAAa,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACG,SAAU,cAAc,CAC1B,UAA+B,EAC/B,WAAwB,EAAA;;IAGxB,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC;IACjE,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IACrE,IAAI,WAAW,CAAC,EAAE,EAAE;QAChB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC;AAClE,IAAA,CAAA;IACD,IAAI,WAAW,CAAC,GAAG,EAAE;QACjB,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC;AACpE,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,uBAAuB,CACnC,UAA+B,EAC/B,YAAkC,EAAA;IAElC,IAAI,YAAY,EAAE,OAAO,EAAE;QACvB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;AACvE,IAAA,CAAA;IAED,IAAI,YAAY,EAAE,UAAU,EAAE;QAC1B,UAAU,CAAC,GAAG,CAACC,SAA4B,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC;AACzE,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,MAAc,EAAA;IAEd,UAAU,CAAC,GAAG,CAACC,MAAyB,EAAE,MAAM,CAAC,CAAC;AACtD,CAAC;AAED;;;AAGG;AACG,SAAU,QAAQ,CAAC,UAA+B,EAAE,KAAa,EAAA;AACnE,IAAA,IAAI,KAAK,EAAE;QACP,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,KAAK,CAAC,CAAC;AACnD,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,QAAQ,CAAC,UAA+B,EAAE,KAAa,EAAA;IACnE,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,KAAK,CAAC,CAAC;AACpD,CAAC;AAED;;;;;AAKG;SACa,sBAAsB,CAClC,UAA+B,EAC/B,aAAsB,EACtB,mBAA4B,EAAA;IAE5B,IAAI,aAAa,IAAI,mBAAmB,EAAE;QACtC,UAAU,CAAC,GAAG,CAACC,cAAiC,EAAE,aAAa,CAAC,CAAC;QACjE,UAAU,CAAC,GAAG,CACVC,qBAAwC,EACxC,mBAAmB,CACtB,CAAC;AACL,IAAA,CAAA;AAAM,SAAA;AACH,QAAA,MAAM,8BAA8B,CAChCC,iBAA+C,CAClD,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,oBAAoB,CAChC,UAA+B,EAC/B,IAAY,EAAA;IAEZ,UAAU,CAAC,GAAG,CAACC,IAAuB,EAAE,IAAI,CAAC,CAAC;AAClD,CAAC;AAED;;;AAGG;AACG,SAAU,aAAa,CACzB,UAA+B,EAC/B,IAAY,EAAA;IAEZ,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,IAAI,CAAC,CAAC;AACzD,CAAC;AAED;;;AAGG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACG,SAAU,kBAAkB,CAC9B,UAA+B,EAC/B,eAAuB,EAAA;AAEvB,IAAA,IAAI,eAAe,EAAE;QACjB,UAAU,CAAC,GAAG,CAACC,gBAAmC,EAAE,eAAe,CAAC,CAAC;AACxE,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,sBAAsB,CAClC,UAA+B,EAC/B,mBAA2B,EAAA;AAE3B,IAAA,IAAI,mBAAmB,EAAE;QACrB,UAAU,CAAC,GAAG,CACVC,qBAAwC,EACxC,mBAAmB,CACtB,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACG,SAAU,kBAAkB,CAC9B,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACC,mBAAsC,EAAE,QAAQ,CAAC,CAAC;AACrE,CAAC;AAED;;;AAGG;AACG,SAAU,YAAY,CACxB,UAA+B,EAC/B,SAAiB,EAAA;IAEjB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,SAAS,CAAC,CAAC;AAC7D,CAAC;AAED;;;AAGG;AACG,SAAU,aAAa,CAAC,UAA+B,EAAA;IACzD,UAAU,CAAC,GAAG,CAACC,WAAqB,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED;;AAEG;AACG,SAAU,UAAU,CAAC,UAA+B,EAAA;IACtD,UAAU,CAAC,GAAG,CAACC,QAA2B,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC;AAEK,SAAU,gBAAgB,CAAC,UAA+B,EAAA;IAC5D,IAAI,CAAC,UAAU,CAAC,GAAG,CAACC,cAAiC,CAAC,EAAE;QACpD,UAAU,CAAC,GAAG,CAACA,cAAiC,EAAE,MAAM,CAAC,CAAC;AAC7D,IAAA,CAAA;AACL,CAAC;AAED;;;AAGG;AACG,SAAU,kBAAkB,CAC9B,UAA+B,EAC/B,WAAuB,EAAA;AAEvB,IAAA,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,KAAI;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,EAAE;AAC/B,YAAA,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC9B,QAAA,CAAA;AACL,IAAA,CAAC,CAAC,CAAC;AACP,CAAC;AAEK,SAAU,6BAA6B,CACzC,MAAe,EACf,kBAAkC,EAAA;AAElC,IAAA,IAAI,YAAoB,CAAC;;IAGzB,IAAI,CAAC,MAAM,EAAE;QACT,YAAY,GAAG,EAAE,CAAC;AACrB,IAAA,CAAA;AAAM,SAAA;QACH,IAAI;AACA,YAAA,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;AACrC,QAAA,CAAA;AAAC,QAAA,OAAO,CAAC,EAAE;AACR,YAAA,MAAM,8BAA8B,CAChC3B,aAA2C,CAC9C,CAAC;AACL,QAAA,CAAA;AACJ,IAAA,CAAA;AAED,IAAA,IAAI,kBAAkB,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE;QACrD,IACI,CAAC,YAAY,CAAC,cAAc,CACxB4B,iBAA2B,CAAC,YAAY,CAC3C,EACH;;YAEE,YAAY,CAACA,iBAA2B,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC;AAC/D,QAAA,CAAA;;AAGD,QAAA,YAAY,CAACA,iBAA2B,CAAC,YAAY,CAAC,CAClDA,iBAA2B,CAAC,MAAM,CACrC,GAAG;AACA,YAAA,MAAM,EAAE,kBAAkB;SAC7B,CAAC;AACL,IAAA,CAAA;AAED,IAAA,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;AACxC,CAAC;AAED;;;AAGG;AACG,SAAU,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACC,sBAAgC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACG,SAAU,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACA,sBAAgC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACG,SAAU,WAAW,CACvB,UAA+B,EAC/B,SAAiB,EAAA;AAEjB,IAAA,IAAI,SAAS,EAAE;AACX,QAAA,UAAU,CAAC,GAAG,CACVC,UAA6B,EAC7BC,oBAA8B,CAAC,GAAG,CACrC,CAAC;QACF,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,SAAS,CAAC,CAAC;AACzD,IAAA,CAAA;AACL,CAAC;AAED;;AAEG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,YAAoB,EAAA;AAEpB,IAAA,IAAI,YAAY,EAAE;AACd,QAAA,UAAU,CAAC,GAAG,CACVF,UAA6B,EAC7BC,oBAA8B,CAAC,GAAG,CACrC,CAAC;QACF,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,YAAY,CAAC,CAAC;AAC5D,IAAA,CAAA;AACL,CAAC;AAED;;;;AAIG;AACG,SAAU,kBAAkB,CAC9B,UAA+B,EAC/B,sBAA8C,EAAA;AAE9C,IAAA,MAAM,sBAAsB,GACxB,sBAAsB,CAAC,iCAAiC,EAAE,CAAC;AAC/D,IAAA,MAAM,mBAAmB,GACrB,sBAAsB,CAAC,8BAA8B,EAAE,CAAC;AAE5D,IAAA,IAAI,sBAAsB,EAAE;QACxB,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtC,sBAAsB,CACzB,CAAC;AACL,IAAA,CAAA;AAED,IAAA,IAAI,mBAAmB,EAAE;QACrB,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtC,mBAAmB,CACtB,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED;;AAEG;AACG,SAAU,aAAa,CAAC,UAA+B,EAAA;IACzD,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtCC,yBAAmC,CACtC,CAAC;AACN,CAAC;AAED;;AAEG;AACG,SAAU,aAAa,CACzB,UAA+B,EAC/B,UAAkB,EAAA;IAElB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,UAAU,CAAC,CAAC;AAC/D,CAAC;SAEe,mBAAmB,CAC/B,UAA+B,EAC/B,cAAsB,EACtB,iBAAyB,EAAA;IAEzB,IAAI,CAAC,UAAU,CAAC,GAAG,CAACnD,gBAAmC,CAAC,EAAE;QACtD,UAAU,CAAC,GAAG,CAACA,gBAAmC,EAAE,cAAc,CAAC,CAAC;AACvE,IAAA,CAAA;IACD,IAAI,CAAC,UAAU,CAAC,GAAG,CAACoD,mBAAsC,CAAC,EAAE;QACzD,UAAU,CAAC,GAAG,CACVA,mBAAsC,EACtC,iBAAiB,CACpB,CAAC;AACL,IAAA,CAAA;AACL,CAAC;AAED;;;;AAIG;AACG,SAAU,gBAAgB,CAC5B,UAA+B,EAC/B,GAAW,EAAA;AAEX,IAAA,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC;;IAGpE,MAAM,mBAAmB,GAAG,yCAAyC,CAAC;IACtE,UAAU,CAAC,GAAG,CAACC,cAAiC,EAAE,mBAAmB,CAAC,CAAC;AAC3E,CAAC;AAEK,SAAU,WAAW,CACvB,UAA+B,EAC/B,QAAiB,EAAA;AAEjB,IAAA,IAAI,QAAQ,EAAE;QACV,UAAU,CAAC,GAAG,CAACC,QAA2B,EAAE,QAAQ,CAAC,CAAC;AACzD,IAAA,CAAA;AACL;;;;"}
1
+ {"version":3,"file":"RequestParameterBuilder.mjs","sources":["../../src/request/RequestParameterBuilder.ts"],"sourcesContent":[null],"names":["AADServerParamKeys.CLIENT_ID","AADServerParamKeys.BROKER_CLIENT_ID","AADServerParamKeys.REDIRECT_URI","AADServerParamKeys.RESPONSE_TYPE","AADServerParamKeys.RESPONSE_MODE","Constants.ResponseMode","AADServerParamKeys.NATIVE_BROKER","Constants.OIDC_DEFAULT_SCOPES","AADServerParamKeys.SCOPE","AADServerParamKeys.POST_LOGOUT_URI","AADServerParamKeys.ID_TOKEN_HINT","AADServerParamKeys.DOMAIN_HINT","AADServerParamKeys.LOGIN_HINT","Constants.HeaderNames","AADServerParamKeys.SID","AADServerParamKeys.CLAIMS","AADServerParamKeys.CLIENT_REQUEST_ID","AADServerParamKeys.X_CLIENT_SKU","AADServerParamKeys.X_CLIENT_VER","AADServerParamKeys.X_CLIENT_OS","AADServerParamKeys.X_CLIENT_CPU","AADServerParamKeys.X_APP_NAME","AADServerParamKeys.X_APP_VER","AADServerParamKeys.PROMPT","AADServerParamKeys.STATE","AADServerParamKeys.NONCE","AADServerParamKeys.CODE_CHALLENGE","AADServerParamKeys.CODE_CHALLENGE_METHOD","ClientConfigurationErrorCodes.pkceParamsMissing","AADServerParamKeys.CODE","AADServerParamKeys.DEVICE_CODE","AADServerParamKeys.REFRESH_TOKEN","AADServerParamKeys.CODE_VERIFIER","AADServerParamKeys.CLIENT_SECRET","AADServerParamKeys.CLIENT_ASSERTION","AADServerParamKeys.CLIENT_ASSERTION_TYPE","AADServerParamKeys.OBO_ASSERTION","AADServerParamKeys.REQUESTED_TOKEN_USE","AADServerParamKeys.GRANT_TYPE","Constants.CLIENT_INFO","AADServerParamKeys.CLI_DATA","AADServerParamKeys.INSTANCE_AWARE","Constants.ClaimsRequestKeys","ClientConfigurationErrorCodes.invalidClaims","Constants.PasswordGrantConstants","AADServerParamKeys.TOKEN_TYPE","Constants.AuthenticationScheme","AADServerParamKeys.REQ_CNF","AADServerParamKeys.X_CLIENT_CURR_TELEM","AADServerParamKeys.X_CLIENT_LAST_TELEM","AADServerParamKeys.X_MS_LIB_CAPABILITY","Constants.X_MS_LIB_CAPABILITY_VALUE","AADServerParamKeys.LOGOUT_HINT","AADServerParamKeys.BROKER_REDIRECT_URI","AADServerParamKeys.EAR_JWK","AADServerParamKeys.EAR_JWE_CRYPTO","AADServerParamKeys.RESOURCE"],"mappings":";;;;;;;;AAAA;;;AAGG;SAkBa,sBAAsB,CAClC,UAA+B,EAC/B,aAAsB,EACtB,iBAAsC,EAAA;IAEtC,IAAI,CAAC,aAAa,EAAE;QAChB,OAAO;AACV,KAAA;IAED,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAACA,SAA4B,CAAC,CAAC;IAC9D,IAAI,QAAQ,IAAI,UAAU,CAAC,GAAG,CAACC,gBAAmC,CAAC,EAAE;QACjE,iBAAiB,EAAE,SAAS,CACxB;AACI,YAAA,gBAAgB,EAAE,QAAQ;YAC1B,mBAAmB,EAAE,UAAU,CAAC,GAAG,CAC/BC,YAA+B,CAClC;SACJ,EACD,aAAa,CAChB,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;;AAIG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAyC,EAAA;IAEzC,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAqC,EAAA;IAErC,UAAU,CAAC,GAAG,CACVC,aAAgC,EAChC,YAAY,GAAG,YAAY,GAAGC,YAAsB,CAAC,KAAK,CAC7D,CAAC;AACN,CAAC;AAED;;AAEG;AACG,SAAU,eAAe,CAAC,UAA+B,EAAA;IAC3D,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED;;;;AAIG;AACa,SAAA,SAAS,CACrB,UAA+B,EAC/B,MAAgB,EAChB,aAAqB,EACrB,gBAAyB,IAAI,EAC7B,aAA+B,GAAAC,mBAA6B,EAAA;;AAG5D,IAAA,IACI,aAAa;AACb,QAAA,CAAC,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC;AACjC,QAAA,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAC5B;AACE,QAAA,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAChC,KAAA;IACD,MAAM,aAAa,GAAG,aAAa;UAC7B,CAAC,IAAI,MAAM,IAAI,EAAE,CAAC,EAAE,GAAG,aAAa,CAAC;AACvC,UAAE,MAAM,IAAI,EAAE,CAAC;IACnB,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;AAC5D,IAAA,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;AACrE,CAAC;AAED;;;AAGG;AACa,SAAA,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACR,SAA4B,EAAE,QAAQ,CAAC,CAAC;AAC3D,CAAC;AAED;;;AAGG;AACa,SAAA,cAAc,CAC1B,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACE,YAA+B,EAAE,WAAW,CAAC,CAAC;AACjE,CAAC;AAED;;;AAGG;AACa,SAAA,wBAAwB,CACpC,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACO,eAAkC,EAAE,WAAW,CAAC,CAAC;AACpE,CAAC;AAED;;;AAGG;AACa,SAAA,cAAc,CAC1B,UAA+B,EAC/B,WAAmB,EAAA;IAEnB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,WAAW,CAAC,CAAC;AAClE,CAAC;AAED;;;AAGG;AACa,SAAA,aAAa,CACzB,UAA+B,EAC/B,UAAkB,EAAA;IAElB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,UAAU,CAAC,CAAC;AAC/D,CAAC;AAED;;;AAGG;AACa,SAAA,YAAY,CACxB,UAA+B,EAC/B,SAAiB,EAAA;IAEjB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,SAAS,CAAC,CAAC;AAC7D,CAAC;AAED;;;AAGG;AACa,SAAA,SAAS,CACrB,UAA+B,EAC/B,SAAiB,EAAA;AAEjB,IAAA,UAAU,CAAC,GAAG,CAACC,WAAqB,CAAC,UAAU,EAAE,CAAA,IAAA,EAAO,SAAS,CAAA,CAAE,CAAC,CAAC;AACzE,CAAC;AAED;;;AAGG;AACa,SAAA,SAAS,CACrB,UAA+B,EAC/B,UAAsB,EAAA;AAEtB,IAAA,UAAU,CAAC,GAAG,CACVA,WAAqB,CAAC,UAAU,EAChC,OAAO,UAAU,CAAC,GAAG,CAAI,CAAA,EAAA,UAAU,CAAC,IAAI,CAAA,CAAE,CAC7C,CAAC;AACN,CAAC;AAED;;;AAGG;AACa,SAAA,MAAM,CAAC,UAA+B,EAAE,GAAW,EAAA;IAC/D,UAAU,CAAC,GAAG,CAACC,GAAsB,EAAE,GAAG,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;;;AAQG;AACG,SAAU,SAAS,CACrB,UAA+B,EAC/B,aAAqB,EACrB,MAAe,EACf,kBAAkC,EAClC,gBAA0B,EAAA;;IAG1B,MAAM,YAAY,GACd,gBAAgB,IAAI,UAAU,CAAC,GAAG,CAACb,gBAAmC,CAAC;AACnE,UAAE,SAAS;UACT,kBAAkB,CAAC;IAE7B,MAAM,YAAY,GAAG,iBAAiB,CAAC,MAAM,EAAE,YAAY,EAAE,aAAa,CAAC,CAAC;IAC5E,UAAU,CAAC,GAAG,CAACc,MAAyB,EAAE,YAAY,CAAC,CAAC;AAC5D,CAAC;AAED;;;AAGG;AACa,SAAA,gBAAgB,CAC5B,UAA+B,EAC/B,aAAqB,EAAA;IAErB,UAAU,CAAC,GAAG,CAACC,iBAAoC,EAAE,aAAa,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACa,SAAA,cAAc,CAC1B,UAA+B,EAC/B,WAAwB,EAAA;;IAGxB,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC;IACjE,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IACrE,IAAI,WAAW,CAAC,EAAE,EAAE;QAChB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,WAAW,CAAC,EAAE,CAAC,CAAC;AAClE,KAAA;IACD,IAAI,WAAW,CAAC,GAAG,EAAE;QACjB,UAAU,CAAC,GAAG,CAACC,YAA+B,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC;AACpE,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,uBAAuB,CACnC,UAA+B,EAC/B,YAAkC,EAAA;IAElC,IAAI,YAAY,EAAE,OAAO,EAAE;QACvB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,YAAY,CAAC,OAAO,CAAC,CAAC;AACvE,KAAA;IAED,IAAI,YAAY,EAAE,UAAU,EAAE;QAC1B,UAAU,CAAC,GAAG,CAACC,SAA4B,EAAE,YAAY,CAAC,UAAU,CAAC,CAAC;AACzE,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,SAAS,CACrB,UAA+B,EAC/B,MAAc,EAAA;IAEd,UAAU,CAAC,GAAG,CAACC,MAAyB,EAAE,MAAM,CAAC,CAAC;AACtD,CAAC;AAED;;;AAGG;AACa,SAAA,QAAQ,CAAC,UAA+B,EAAE,KAAa,EAAA;AACnE,IAAA,IAAI,KAAK,EAAE;QACP,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,KAAK,CAAC,CAAC;AACnD,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,QAAQ,CAAC,UAA+B,EAAE,KAAa,EAAA;IACnE,UAAU,CAAC,GAAG,CAACC,KAAwB,EAAE,KAAK,CAAC,CAAC;AACpD,CAAC;AAED;;;;;AAKG;SACa,sBAAsB,CAClC,UAA+B,EAC/B,aAAsB,EACtB,mBAA4B,EAAA;IAE5B,IAAI,aAAa,IAAI,mBAAmB,EAAE;QACtC,UAAU,CAAC,GAAG,CAACC,cAAiC,EAAE,aAAa,CAAC,CAAC;QACjE,UAAU,CAAC,GAAG,CACVC,qBAAwC,EACxC,mBAAmB,CACtB,CAAC;AACL,KAAA;AAAM,SAAA;QACH,MAAM,8BAA8B,CAChCC,iBAA+C,EAC/C,EAAE,CACL,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,oBAAoB,CAChC,UAA+B,EAC/B,IAAY,EAAA;IAEZ,UAAU,CAAC,GAAG,CAACC,IAAuB,EAAE,IAAI,CAAC,CAAC;AAClD,CAAC;AAED;;;AAGG;AACa,SAAA,aAAa,CACzB,UAA+B,EAC/B,IAAY,EAAA;IAEZ,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,IAAI,CAAC,CAAC;AACzD,CAAC;AAED;;;AAGG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACa,SAAA,kBAAkB,CAC9B,UAA+B,EAC/B,eAAuB,EAAA;AAEvB,IAAA,IAAI,eAAe,EAAE;QACjB,UAAU,CAAC,GAAG,CAACC,gBAAmC,EAAE,eAAe,CAAC,CAAC;AACxE,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,sBAAsB,CAClC,UAA+B,EAC/B,mBAA2B,EAAA;AAE3B,IAAA,IAAI,mBAAmB,EAAE;QACrB,UAAU,CAAC,GAAG,CACVC,qBAAwC,EACxC,mBAAmB,CACtB,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,eAAe,CAC3B,UAA+B,EAC/B,YAAoB,EAAA;IAEpB,UAAU,CAAC,GAAG,CAACC,aAAgC,EAAE,YAAY,CAAC,CAAC;AACnE,CAAC;AAED;;;AAGG;AACa,SAAA,kBAAkB,CAC9B,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACC,mBAAsC,EAAE,QAAQ,CAAC,CAAC;AACrE,CAAC;AAED;;;AAGG;AACa,SAAA,YAAY,CACxB,UAA+B,EAC/B,SAAiB,EAAA;IAEjB,UAAU,CAAC,GAAG,CAACC,UAA6B,EAAE,SAAS,CAAC,CAAC;AAC7D,CAAC;AAED;;;AAGG;AACG,SAAU,aAAa,CAAC,UAA+B,EAAA;IACzD,UAAU,CAAC,GAAG,CAACC,WAAqB,EAAE,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED;;AAEG;AACG,SAAU,UAAU,CAAC,UAA+B,EAAA;IACtD,UAAU,CAAC,GAAG,CAACC,QAA2B,EAAE,GAAG,CAAC,CAAC;AACrD,CAAC;AAEK,SAAU,gBAAgB,CAAC,UAA+B,EAAA;IAC5D,IAAI,CAAC,UAAU,CAAC,GAAG,CAACC,cAAiC,CAAC,EAAE;QACpD,UAAU,CAAC,GAAG,CAACA,cAAiC,EAAE,MAAM,CAAC,CAAC;AAC7D,KAAA;AACL,CAAC;AAED;;;AAGG;AACa,SAAA,kBAAkB,CAC9B,UAA+B,EAC/B,WAAuB,EAAA;AAEvB,IAAA,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,KAAI;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,EAAE;AAC/B,YAAA,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC9B,SAAA;AACL,KAAC,CAAC,CAAC;AACP,CAAC;AAED;;;AAGG;AACH,MAAM,uBAAuB,GAAyC;IAClE,CAACC,iBAA2B,CAAC,YAAY,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE;IAChE,CAACA,iBAA2B,CAAC,UAAU,GAAG,EAAE,SAAS,EAAE,KAAK,EAAE;CACjE,CAAC;AAEF;;;;;;;AAOG;AACG,SAAU,iBAAiB,CAC7B,MAAe,EACf,kBAAkC,EAClC,gBAAwB,EAAE,EAAA;AAE1B,IAAA,IAAI,YAAoB,CAAC;;IAGzB,IAAI,CAAC,MAAM,EAAE;QACT,YAAY,GAAG,EAAE,CAAC;AACrB,KAAA;AAAM,SAAA;QACH,IAAI;YACA,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClC,IACI,OAAO,MAAM,KAAK,QAAQ;AAC1B,gBAAA,MAAM,KAAK,IAAI;AACf,gBAAA,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EACvB;AACE,gBAAA,MAAM,IAAI,KAAK,CAAC,8BAA8B,CAAC,CAAC;AACnD,aAAA;YACD,YAAY,GAAG,MAAM,CAAC;AACzB,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,MAAM,8BAA8B,CAChCC,aAA2C,EAC3C,aAAa,CAChB,CAAC;AACL,SAAA;AACJ,KAAA;;AAGD,IAAA,IACI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CACjC,YAAY,EACZD,iBAA2B,CAAC,QAAQ,CACvC,EACH;QACE,YAAY,CAACA,iBAA2B,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;AAC3D,KAAA;IACD,MAAM,aAAa,GAAG,YAAY,CAACA,iBAA2B,CAAC,QAAQ,CAAC,CAAC;AACzE,IAAA,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,uBAAuB,CAAC,EAAE;AAChE,QAAA,IAAI,EAAE,GAAG,IAAI,aAAa,CAAC,EAAE;AACzB,YAAA,aAAa,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;AAC9B,SAAA;AACJ,KAAA;;AAGD,IAAA,IAAI,kBAAkB,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE;AACrD,QAAA,IACI,CAAC,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CACjC,YAAY,EACZA,iBAA2B,CAAC,YAAY,CAC3C,EACH;;YAEE,YAAY,CAACA,iBAA2B,CAAC,YAAY,CAAC,GAAG,EAAE,CAAC;AAC/D,SAAA;;AAGD,QAAA,YAAY,CAACA,iBAA2B,CAAC,YAAY,CAAC,CAClDA,iBAA2B,CAAC,MAAM,CACrC,GAAG;AACA,YAAA,MAAM,EAAE,kBAAkB;SAC7B,CAAC;AACL,KAAA;AAED,IAAA,OAAO,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;AACxC,CAAC;AAED;;;AAGG;AACa,SAAA,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACE,sBAAgC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACa,SAAA,WAAW,CACvB,UAA+B,EAC/B,QAAgB,EAAA;IAEhB,UAAU,CAAC,GAAG,CAACA,sBAAgC,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED;;;AAGG;AACa,SAAA,WAAW,CACvB,UAA+B,EAC/B,SAAiB,EAAA;AAEjB,IAAA,IAAI,SAAS,EAAE;AACX,QAAA,UAAU,CAAC,GAAG,CACVC,UAA6B,EAC7BC,oBAA8B,CAAC,GAAG,CACrC,CAAC;QACF,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,SAAS,CAAC,CAAC;AACzD,KAAA;AACL,CAAC;AAED;;AAEG;AACa,SAAA,SAAS,CACrB,UAA+B,EAC/B,YAAoB,EAAA;AAEpB,IAAA,IAAI,YAAY,EAAE;AACd,QAAA,UAAU,CAAC,GAAG,CACVF,UAA6B,EAC7BC,oBAA8B,CAAC,GAAG,CACrC,CAAC;QACF,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,YAAY,CAAC,CAAC;AAC5D,KAAA;AACL,CAAC;AAED;;;;AAIG;AACa,SAAA,kBAAkB,CAC9B,UAA+B,EAC/B,sBAA8C,EAAA;AAE9C,IAAA,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtC,sBAAsB,CAAC,iCAAiC,EAAE,CAC7D,CAAC;AACF,IAAA,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtC,sBAAsB,CAAC,8BAA8B,EAAE,CAC1D,CAAC;AACN,CAAC;AAED;;AAEG;AACG,SAAU,aAAa,CAAC,UAA+B,EAAA;IACzD,UAAU,CAAC,GAAG,CACVC,mBAAsC,EACtCC,yBAAmC,CACtC,CAAC;AACN,CAAC;AAED;;AAEG;AACa,SAAA,aAAa,CACzB,UAA+B,EAC/B,UAAkB,EAAA;IAElB,UAAU,CAAC,GAAG,CAACC,WAA8B,EAAE,UAAU,CAAC,CAAC;AAC/D,CAAC;SAEe,mBAAmB,CAC/B,UAA+B,EAC/B,cAAsB,EACtB,iBAAyB,EAAA;IAEzB,IAAI,CAAC,UAAU,CAAC,GAAG,CAACnD,gBAAmC,CAAC,EAAE;QACtD,UAAU,CAAC,GAAG,CAACA,gBAAmC,EAAE,cAAc,CAAC,CAAC;AACvE,KAAA;IACD,IAAI,CAAC,UAAU,CAAC,GAAG,CAACoD,mBAAsC,CAAC,EAAE;QACzD,UAAU,CAAC,GAAG,CACVA,mBAAsC,EACtC,iBAAiB,CACpB,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;;AAIG;AACa,SAAA,gBAAgB,CAC5B,UAA+B,EAC/B,GAAW,EAAA;AAEX,IAAA,UAAU,CAAC,GAAG,CAACC,OAA0B,EAAE,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC;;IAGpE,MAAM,mBAAmB,GAAG,yCAAyC,CAAC;IACtE,UAAU,CAAC,GAAG,CAACC,cAAiC,EAAE,mBAAmB,CAAC,CAAC;AAC3E,CAAC;AAEe,SAAA,WAAW,CACvB,UAA+B,EAC/B,QAAiB,EAAA;AAEjB,IAAA,IAAI,QAAQ,EAAE;QACV,UAAU,CAAC,GAAG,CAACC,QAA2B,EAAE,QAAQ,CAAC,CAAC;AACzD,KAAA;AACL;;;;"}
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-common v16.9.0 2026-06-16 */
1
+ /*! @azure/msal-common v16.10.0 2026-06-23 */
2
2
  'use strict';
3
3
  import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
4
4
  import { StringUtils } from '../utils/StringUtils.mjs';
@@ -17,7 +17,8 @@ import { cannotAppendScopeSet, cannotRemoveEmptyScope, emptyInputScopeSet } from
17
17
  * to ensure uniqueness of strings.
18
18
  */
19
19
  class ScopeSet {
20
- constructor(inputScopes) {
20
+ constructor(inputScopes, correlationId) {
21
+ this.correlationId = correlationId;
21
22
  // Filter empty string and null/undefined array items
22
23
  const scopeArr = inputScopes
23
24
  ? StringUtils.trimArrayEntries([...inputScopes])
@@ -27,7 +28,7 @@ class ScopeSet {
27
28
  : [];
28
29
  // Check if scopes array has at least one member
29
30
  if (!filteredInput || !filteredInput.length) {
30
- throw createClientConfigurationError(emptyInputScopesError);
31
+ throw createClientConfigurationError(emptyInputScopesError, correlationId);
31
32
  }
32
33
  this.scopes = new Set(); // Iterator in constructor not supported by IE11
33
34
  filteredInput.forEach((scope) => this.scopes.add(scope));
@@ -38,22 +39,22 @@ class ScopeSet {
38
39
  * @param appClientId
39
40
  * @param scopesRequired
40
41
  */
41
- static fromString(inputScopeString) {
42
+ static fromString(inputScopeString, correlationId) {
42
43
  const scopeString = inputScopeString || "";
43
44
  const inputScopes = scopeString.split(" ");
44
- return new ScopeSet(inputScopes);
45
+ return new ScopeSet(inputScopes, correlationId);
45
46
  }
46
47
  /**
47
48
  * Creates the set of scopes to search for in cache lookups
48
49
  * @param inputScopeString
49
50
  * @returns
50
51
  */
51
- static createSearchScopes(inputScopeString) {
52
+ static createSearchScopes(inputScopeString, correlationId) {
52
53
  // Handle empty scopes by using default OIDC scopes for cache lookup
53
54
  const scopesToUse = inputScopeString && inputScopeString.length > 0
54
55
  ? inputScopeString
55
56
  : [...OIDC_DEFAULT_SCOPES];
56
- const scopeSet = new ScopeSet(scopesToUse);
57
+ const scopeSet = new ScopeSet(scopesToUse, correlationId);
57
58
  if (!scopeSet.containsOnlyOIDCScopes()) {
58
59
  scopeSet.removeOIDCScopes();
59
60
  }
@@ -68,7 +69,7 @@ class ScopeSet {
68
69
  */
69
70
  containsScope(scope) {
70
71
  const lowerCaseScopes = this.printScopesLowerCase().split(" ");
71
- const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes);
72
+ const lowerCaseScopesSet = new ScopeSet(lowerCaseScopes, this.correlationId);
72
73
  // compare lowercase scopes
73
74
  return scope
74
75
  ? lowerCaseScopesSet.scopes.has(scope.toLowerCase())
@@ -115,7 +116,7 @@ class ScopeSet {
115
116
  newScopes.forEach((newScope) => this.appendScope(newScope));
116
117
  }
117
118
  catch (e) {
118
- throw createClientAuthError(cannotAppendScopeSet);
119
+ throw createClientAuthError(cannotAppendScopeSet, this.correlationId);
119
120
  }
120
121
  }
121
122
  /**
@@ -124,7 +125,7 @@ class ScopeSet {
124
125
  */
125
126
  removeScope(scope) {
126
127
  if (!scope) {
127
- throw createClientAuthError(cannotRemoveEmptyScope);
128
+ throw createClientAuthError(cannotRemoveEmptyScope, this.correlationId);
128
129
  }
129
130
  this.scopes.delete(scope.trim());
130
131
  }
@@ -143,7 +144,7 @@ class ScopeSet {
143
144
  */
144
145
  unionScopeSets(otherScopes) {
145
146
  if (!otherScopes) {
146
- throw createClientAuthError(emptyInputScopeSet);
147
+ throw createClientAuthError(emptyInputScopeSet, this.correlationId);
147
148
  }
148
149
  const unionScopes = new Set(); // Iterator in constructor not supported in IE11
149
150
  otherScopes.scopes.forEach((scope) => unionScopes.add(scope.toLowerCase()));
@@ -156,7 +157,7 @@ class ScopeSet {
156
157
  */
157
158
  intersectingScopeSets(otherScopes) {
158
159
  if (!otherScopes) {
159
- throw createClientAuthError(emptyInputScopeSet);
160
+ throw createClientAuthError(emptyInputScopeSet, this.correlationId);
160
161
  }
161
162
  // Do not allow OIDC scopes to be the only intersecting scopes
162
163
  if (!otherScopes.containsOnlyOIDCScopes()) {
@@ -1 +1 @@
1
- {"version":3,"file":"ScopeSet.mjs","sources":["../../src/request/ScopeSet.ts"],"sourcesContent":[null],"names":["ClientConfigurationErrorCodes.emptyInputScopesError","ClientAuthErrorCodes.cannotAppendScopeSet","ClientAuthErrorCodes.cannotRemoveEmptyScope","ClientAuthErrorCodes.emptyInputScopeSet"],"mappings":";;;;;;;;;AAAA;;;AAGG;AAiBH;;;;AAIG;MACU,QAAQ,CAAA;AAIjB,IAAA,WAAA,CAAY,WAA0B,EAAA;;QAElC,MAAM,QAAQ,GAAG,WAAW;cACtB,WAAW,CAAC,gBAAgB,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;cAC9C,EAAE,CAAC;QACT,MAAM,aAAa,GAAG,QAAQ;AAC1B,cAAE,WAAW,CAAC,2BAA2B,CAAC,QAAQ,CAAC;cACjD,EAAE,CAAC;;AAGT,QAAA,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;AACzC,YAAA,MAAM,8BAA8B,CAChCA,qBAAmD,CACtD,CAAC;AACL,QAAA,CAAA;QAED,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;AAChC,QAAA,aAAa,CAAC,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7D,CAAC;AAED;;;;;AAKG;IACH,OAAO,UAAU,CAAC,gBAAwB,EAAA;AACtC,QAAA,MAAM,WAAW,GAAG,gBAAgB,IAAI,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAkB,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC1D,QAAA,OAAO,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;IACrC,CAAC;AAED;;;;AAIG;IACH,OAAO,kBAAkB,CAAC,gBAA+B,EAAA;;QAErD,MAAM,WAAW,GACb,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC;AAC3C,cAAE,gBAAgB;AAClB,cAAE,CAAC,GAAG,mBAAmB,CAAC,CAAC;AAEnC,QAAA,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,CAAC,CAAC;AAC3C,QAAA,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,EAAE;YACpC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;AAC/B,QAAA,CAAA;AAAM,aAAA;AACH,YAAA,QAAQ,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;AAC9C,QAAA,CAAA;AAED,QAAA,OAAO,QAAQ,CAAC;IACpB,CAAC;AAED;;;AAGG;AACH,IAAA,aAAa,CAAC,KAAa,EAAA;QACvB,MAAM,eAAe,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC/D,QAAA,MAAM,kBAAkB,GAAG,IAAI,QAAQ,CAAC,eAAe,CAAC,CAAC;;AAEzD,QAAA,OAAO,KAAK;cACN,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;cAClD,KAAK,CAAC;IAChB,CAAC;AAED;;;AAGG;AACH,IAAA,gBAAgB,CAAC,QAAkB,EAAA;QAC/B,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,EAAE;AACxC,YAAA,OAAO,KAAK,CAAC;AAChB,QAAA,CAAA;QAED,QACI,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI;AACxC,YAAA,QAAQ,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAChE;IACN,CAAC;AAED;;AAEG;IACH,sBAAsB,GAAA;QAClB,IAAI,iBAAiB,GAAG,CAAC,CAAC;AAC1B,QAAA,WAAW,CAAC,OAAO,CAAC,CAAC,YAAoB,KAAI;AACzC,YAAA,IAAI,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,EAAE;gBAClC,iBAAiB,IAAI,CAAC,CAAC;AAC1B,YAAA,CAAA;AACL,QAAA,CAAC,CAAC,CAAC;AAEH,QAAA,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,iBAAiB,CAAC;IAClD,CAAC;AAED;;;AAGG;AACH,IAAA,WAAW,CAAC,QAAgB,EAAA;AACxB,QAAA,IAAI,QAAQ,EAAE;YACV,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;AACpC,QAAA,CAAA;IACL,CAAC;AAED;;;AAGG;AACH,IAAA,YAAY,CAAC,SAAwB,EAAA;QACjC,IAAI;AACA,YAAA,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC/D,QAAA,CAAA;AAAC,QAAA,OAAO,CAAC,EAAE;AACR,YAAA,MAAM,qBAAqB,CACvBC,oBAAyC,CAC5C,CAAC;AACL,QAAA,CAAA;IACL,CAAC;AAED;;;AAGG;AACH,IAAA,WAAW,CAAC,KAAa,EAAA;QACrB,IAAI,CAAC,KAAK,EAAE;AACR,YAAA,MAAM,qBAAqB,CACvBC,sBAA2C,CAC9C,CAAC;AACL,QAAA,CAAA;QACD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IACrC,CAAC;AAED;;;AAGG;IACH,gBAAgB,GAAA;AACZ,QAAA,WAAW,CAAC,OAAO,CAAC,CAAC,YAAoB,KAAI;AACzC,YAAA,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;AACrC,QAAA,CAAC,CAAC,CAAC;IACP,CAAC;AAED;;;AAGG;AACH,IAAA,cAAc,CAAC,WAAqB,EAAA;QAChC,IAAI,CAAC,WAAW,EAAE;AACd,YAAA,MAAM,qBAAqB,CACvBC,kBAAuC,CAC1C,CAAC;AACL,QAAA,CAAA;AACD,QAAA,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QACtC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,KAC7B,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CACvC,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AACrE,QAAA,OAAO,WAAW,CAAC;IACvB,CAAC;AAED;;;AAGG;AACH,IAAA,qBAAqB,CAAC,WAAqB,EAAA;QACvC,IAAI,CAAC,WAAW,EAAE;AACd,YAAA,MAAM,qBAAqB,CACvBA,kBAAuC,CAC1C,CAAC;AACL,QAAA,CAAA;;AAGD,QAAA,IAAI,CAAC,WAAW,CAAC,sBAAsB,EAAE,EAAE;YACvC,WAAW,CAAC,gBAAgB,EAAE,CAAC;AAClC,QAAA,CAAA;QACD,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;AACrD,QAAA,MAAM,eAAe,GAAG,WAAW,CAAC,aAAa,EAAE,CAAC;AACpD,QAAA,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;AAC5C,QAAA,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC;AACzC,QAAA,OAAO,eAAe,GAAG,cAAc,GAAG,eAAe,CAAC;IAC9D,CAAC;AAED;;AAEG;IACH,aAAa,GAAA;AACT,QAAA,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;IAC5B,CAAC;AAED;;AAEG;IACH,OAAO,GAAA;QACH,MAAM,KAAK,GAAkB,EAAE,CAAC;AAChC,QAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC9C,QAAA,OAAO,KAAK,CAAC;IACjB,CAAC;AAED;;AAEG;IACH,WAAW,GAAA;QACP,IAAI,IAAI,CAAC,MAAM,EAAE;AACb,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;AAChC,YAAA,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7B,QAAA,CAAA;AACD,QAAA,OAAO,EAAE,CAAC;IACd,CAAC;AAED;;AAEG;IACH,oBAAoB,GAAA;AAChB,QAAA,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,EAAE,CAAC;IAC5C,CAAC;AACJ;;;;"}
1
+ {"version":3,"file":"ScopeSet.mjs","sources":["../../src/request/ScopeSet.ts"],"sourcesContent":[null],"names":["ClientConfigurationErrorCodes.emptyInputScopesError","ClientAuthErrorCodes.cannotAppendScopeSet","ClientAuthErrorCodes.cannotRemoveEmptyScope","ClientAuthErrorCodes.emptyInputScopeSet"],"mappings":";;;;;;;;;AAAA;;;AAGG;AAiBH;;;;AAIG;MACU,QAAQ,CAAA;IAKjB,WAAY,CAAA,WAA0B,EAAE,aAAqB,EAAA;AACzD,QAAA,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;;QAEnC,MAAM,QAAQ,GAAG,WAAW;cACtB,WAAW,CAAC,gBAAgB,CAAC,CAAC,GAAG,WAAW,CAAC,CAAC;cAC9C,EAAE,CAAC;QACT,MAAM,aAAa,GAAG,QAAQ;AAC1B,cAAE,WAAW,CAAC,2BAA2B,CAAC,QAAQ,CAAC;cACjD,EAAE,CAAC;;AAGT,QAAA,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE;YACzC,MAAM,8BAA8B,CAChCA,qBAAmD,EACnD,aAAa,CAChB,CAAC;AACL,SAAA;QAED,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;AAChC,QAAA,aAAa,CAAC,OAAO,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;KAC5D;AAED;;;;;AAKG;AACH,IAAA,OAAO,UAAU,CACb,gBAAwB,EACxB,aAAqB,EAAA;AAErB,QAAA,MAAM,WAAW,GAAG,gBAAgB,IAAI,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAkB,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC1D,QAAA,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;KACnD;AAED;;;;AAIG;AACH,IAAA,OAAO,kBAAkB,CACrB,gBAA+B,EAC/B,aAAqB,EAAA;;QAGrB,MAAM,WAAW,GACb,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC;AAC3C,cAAE,gBAAgB;AAClB,cAAE,CAAC,GAAG,mBAAmB,CAAC,CAAC;QAEnC,MAAM,QAAQ,GAAG,IAAI,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;AAC1D,QAAA,IAAI,CAAC,QAAQ,CAAC,sBAAsB,EAAE,EAAE;YACpC,QAAQ,CAAC,gBAAgB,EAAE,CAAC;AAC/B,SAAA;AAAM,aAAA;AACH,YAAA,QAAQ,CAAC,WAAW,CAAC,oBAAoB,CAAC,CAAC;AAC9C,SAAA;AAED,QAAA,OAAO,QAAQ,CAAC;KACnB;AAED;;;AAGG;AACH,IAAA,aAAa,CAAC,KAAa,EAAA;QACvB,MAAM,eAAe,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/D,MAAM,kBAAkB,GAAG,IAAI,QAAQ,CACnC,eAAe,EACf,IAAI,CAAC,aAAa,CACrB,CAAC;;AAEF,QAAA,OAAO,KAAK;cACN,kBAAkB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;cAClD,KAAK,CAAC;KACf;AAED;;;AAGG;AACH,IAAA,gBAAgB,CAAC,QAAkB,EAAA;QAC/B,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,EAAE;AACxC,YAAA,OAAO,KAAK,CAAC;AAChB,SAAA;QAED,QACI,IAAI,CAAC,MAAM,CAAC,IAAI,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI;AACxC,YAAA,QAAQ,CAAC,OAAO,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAChE;KACL;AAED;;AAEG;IACH,sBAAsB,GAAA;QAClB,IAAI,iBAAiB,GAAG,CAAC,CAAC;AAC1B,QAAA,WAAW,CAAC,OAAO,CAAC,CAAC,YAAoB,KAAI;AACzC,YAAA,IAAI,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,EAAE;gBAClC,iBAAiB,IAAI,CAAC,CAAC;AAC1B,aAAA;AACL,SAAC,CAAC,CAAC;AAEH,QAAA,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,iBAAiB,CAAC;KACjD;AAED;;;AAGG;AACH,IAAA,WAAW,CAAC,QAAgB,EAAA;AACxB,QAAA,IAAI,QAAQ,EAAE;YACV,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;AACpC,SAAA;KACJ;AAED;;;AAGG;AACH,IAAA,YAAY,CAAC,SAAwB,EAAA;QACjC,IAAI;AACA,YAAA,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC/D,SAAA;AAAC,QAAA,OAAO,CAAC,EAAE;YACR,MAAM,qBAAqB,CACvBC,oBAAyC,EACzC,IAAI,CAAC,aAAa,CACrB,CAAC;AACL,SAAA;KACJ;AAED;;;AAGG;AACH,IAAA,WAAW,CAAC,KAAa,EAAA;QACrB,IAAI,CAAC,KAAK,EAAE;YACR,MAAM,qBAAqB,CACvBC,sBAA2C,EAC3C,IAAI,CAAC,aAAa,CACrB,CAAC;AACL,SAAA;QACD,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;KACpC;AAED;;;AAGG;IACH,gBAAgB,GAAA;AACZ,QAAA,WAAW,CAAC,OAAO,CAAC,CAAC,YAAoB,KAAI;AACzC,YAAA,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;AACrC,SAAC,CAAC,CAAC;KACN;AAED;;;AAGG;AACH,IAAA,cAAc,CAAC,WAAqB,EAAA;QAChC,IAAI,CAAC,WAAW,EAAE;YACd,MAAM,qBAAqB,CACvBC,kBAAuC,EACvC,IAAI,CAAC,aAAa,CACrB,CAAC;AACL,SAAA;AACD,QAAA,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QACtC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,KAC7B,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CACvC,CAAC;QACF,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AACrE,QAAA,OAAO,WAAW,CAAC;KACtB;AAED;;;AAGG;AACH,IAAA,qBAAqB,CAAC,WAAqB,EAAA;QACvC,IAAI,CAAC,WAAW,EAAE;YACd,MAAM,qBAAqB,CACvBA,kBAAuC,EACvC,IAAI,CAAC,aAAa,CACrB,CAAC;AACL,SAAA;;AAGD,QAAA,IAAI,CAAC,WAAW,CAAC,sBAAsB,EAAE,EAAE;YACvC,WAAW,CAAC,gBAAgB,EAAE,CAAC;AAClC,SAAA;QACD,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC;AACrD,QAAA,MAAM,eAAe,GAAG,WAAW,CAAC,aAAa,EAAE,CAAC;AACpD,QAAA,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;AAC5C,QAAA,MAAM,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC;AACzC,QAAA,OAAO,eAAe,GAAG,cAAc,GAAG,eAAe,CAAC;KAC7D;AAED;;AAEG;IACH,aAAa,GAAA;AACT,QAAA,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;KAC3B;AAED;;AAEG;IACH,OAAO,GAAA;QACH,MAAM,KAAK,GAAkB,EAAE,CAAC;AAChC,QAAA,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,KAAK,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC9C,QAAA,OAAO,KAAK,CAAC;KAChB;AAED;;AAEG;IACH,WAAW,GAAA;QACP,IAAI,IAAI,CAAC,MAAM,EAAE;AACb,YAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;AAChC,YAAA,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7B,SAAA;AACD,QAAA,OAAO,EAAE,CAAC;KACb;AAED;;AAEG;IACH,oBAAoB,GAAA;AAChB,QAAA,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,EAAE,CAAC;KAC3C;AACJ;;;;"}
@@ -1,7 +1,7 @@
1
- /*! @azure/msal-common v16.9.0 2026-06-16 */
1
+ /*! @azure/msal-common v16.10.0 2026-06-23 */
2
2
  'use strict';
3
3
  import { updateAccountTenantProfileData, buildTenantProfile } from '../account/AccountInfo.mjs';
4
- import { extractTokenClaims, checkMaxAge, isKmsi } from '../account/AuthToken.mjs';
4
+ import { extractTokenClaims, isKmsi } from '../account/AuthToken.mjs';
5
5
  import { getTenantIdFromIdTokenClaims } from '../account/TokenClaims.mjs';
6
6
  import { TokenCacheContext } from '../cache/persistence/TokenCacheContext.mjs';
7
7
  import { generateHomeAccountId, getAccountInfo, createAccountEntity } from '../cache/utils/AccountEntityUtils.mjs';
@@ -14,7 +14,7 @@ import { ScopeSet } from '../request/ScopeSet.mjs';
14
14
  import { NOT_AVAILABLE, HTTP_SERVER_ERROR_RANGE_START, HTTP_SERVER_ERROR_RANGE_END, HTTP_CLIENT_ERROR_RANGE_START, HTTP_CLIENT_ERROR_RANGE_END, AuthenticationScheme, THE_FAMILY_ID } from '../utils/Constants.mjs';
15
15
  import { parseRequestState } from '../utils/ProtocolUtils.mjs';
16
16
  import { toDateFromSeconds } from '../utils/TimeUtils.mjs';
17
- import { nonceMismatch, authTimeNotFound, invalidCacheEnvironment, keyIdMissing } from '../error/ClientAuthErrorCodes.mjs';
17
+ import { nonceMismatch, invalidCacheEnvironment, keyIdMissing } from '../error/ClientAuthErrorCodes.mjs';
18
18
 
19
19
  /*
20
20
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -49,7 +49,7 @@ class ResponseHandler {
49
49
  const serverErrorNo = serverResponse.error_codes?.length
50
50
  ? serverResponse.error_codes[0]
51
51
  : undefined;
52
- const serverError = new ServerError(serverResponse.error, errString, serverResponse.suberror, serverErrorNo, serverResponse.status);
52
+ const serverError = new ServerError(serverResponse.error || "", serverResponse.correlation_id || "", errString, serverResponse.suberror, serverErrorNo, serverResponse.status);
53
53
  // check if 500 error
54
54
  if (refreshAccessToken &&
55
55
  serverResponse.status &&
@@ -71,7 +71,7 @@ class ResponseHandler {
71
71
  return;
72
72
  }
73
73
  if (isInteractionRequiredError(serverResponse.error, serverResponse.error_description, serverResponse.suberror)) {
74
- throw new InteractionRequiredAuthError(serverResponse.error, serverResponse.error_description, serverResponse.suberror, serverResponse.timestamp || "", serverResponse.trace_id || "", serverResponse.correlation_id || "", serverResponse.claims || "", serverErrorNo);
74
+ throw new InteractionRequiredAuthError(serverResponse.error || "", serverResponse.correlation_id || "", serverResponse.error_description, serverResponse.suberror, serverResponse.timestamp || "", serverResponse.trace_id || "", serverResponse.claims || "", serverErrorNo);
75
75
  }
76
76
  throw serverError;
77
77
  }
@@ -81,37 +81,29 @@ class ResponseHandler {
81
81
  * @param serverTokenResponse
82
82
  * @param authority
83
83
  */
84
- async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, apiId, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId) {
84
+ async handleServerTokenResponse(serverTokenResponse, authority, reqTimestamp, request, apiId, authCodePayload, userAssertionHash, handlingRefreshTokenResponse, forceCacheRefreshTokenResponse, serverRequestId, additionalCacheKeyComponents) {
85
85
  // create an idToken object (not entity)
86
86
  let idTokenClaims;
87
87
  if (serverTokenResponse.id_token) {
88
- idTokenClaims = extractTokenClaims(serverTokenResponse.id_token || "", this.cryptoObj.base64Decode);
88
+ idTokenClaims = extractTokenClaims(serverTokenResponse.id_token || "", this.cryptoObj.base64Decode, request.correlationId);
89
89
  // token nonce check (TODO: Add a warning if no nonce is given?)
90
90
  if (authCodePayload && authCodePayload.nonce) {
91
91
  if (idTokenClaims.nonce !== authCodePayload.nonce) {
92
- throw createClientAuthError(nonceMismatch);
92
+ throw createClientAuthError(nonceMismatch, request.correlationId);
93
93
  }
94
94
  }
95
- // token max_age check
96
- if (request.maxAge || request.maxAge === 0) {
97
- const authTime = idTokenClaims.auth_time;
98
- if (!authTime) {
99
- throw createClientAuthError(authTimeNotFound);
100
- }
101
- checkMaxAge(authTime, request.maxAge);
102
- }
103
95
  }
104
96
  // generate homeAccountId
105
97
  this.homeAccountIdentifier = generateHomeAccountId(serverTokenResponse.client_info || "", authority.authorityType, this.logger, this.cryptoObj, request.correlationId, idTokenClaims);
106
98
  // save the response tokens
107
99
  let requestStateObj;
108
100
  if (!!authCodePayload && !!authCodePayload.state) {
109
- requestStateObj = parseRequestState(this.cryptoObj.base64Decode, authCodePayload.state);
101
+ requestStateObj = parseRequestState(this.cryptoObj.base64Decode, authCodePayload.state, request.correlationId);
110
102
  }
111
103
  // Add keyId from request to serverTokenResponse if defined
112
104
  serverTokenResponse.key_id =
113
105
  serverTokenResponse.key_id || request.sshKid || undefined;
114
- const cacheRecord = this.generateCacheRecord(serverTokenResponse, authority, reqTimestamp, request, idTokenClaims, userAssertionHash, authCodePayload);
106
+ const cacheRecord = this.generateCacheRecord(serverTokenResponse, authority, reqTimestamp, request, idTokenClaims, userAssertionHash, authCodePayload, additionalCacheKeyComponents);
115
107
  let cacheContext;
116
108
  try {
117
109
  if (this.persistencePlugin && this.serializableCache) {
@@ -158,10 +150,10 @@ class ResponseHandler {
158
150
  * @param idTokenObj
159
151
  * @param authority
160
152
  */
161
- generateCacheRecord(serverTokenResponse, authority, reqTimestamp, request, idTokenClaims, userAssertionHash, authCodePayload) {
153
+ generateCacheRecord(serverTokenResponse, authority, reqTimestamp, request, idTokenClaims, userAssertionHash, authCodePayload, additionalCacheKeyComponents) {
162
154
  const env = authority.getPreferredCache();
163
155
  if (!env) {
164
- throw createClientAuthError(invalidCacheEnvironment);
156
+ throw createClientAuthError(invalidCacheEnvironment, request.correlationId);
165
157
  }
166
158
  const claimsTenantId = getTenantIdFromIdTokenClaims(idTokenClaims);
167
159
  // IdToken: non AAD scenarios can have empty realm
@@ -177,8 +169,8 @@ class ResponseHandler {
177
169
  if (serverTokenResponse.access_token) {
178
170
  // If scopes not returned in server response, use request scopes
179
171
  const responseScopes = serverTokenResponse.scope
180
- ? ScopeSet.fromString(serverTokenResponse.scope)
181
- : new ScopeSet(request.scopes || []);
172
+ ? ScopeSet.fromString(serverTokenResponse.scope, request.correlationId)
173
+ : new ScopeSet(request.scopes || [], request.correlationId);
182
174
  /*
183
175
  * Use timestamp calculated before request
184
176
  * Server may return timestamps as strings, parse to numbers if so.
@@ -198,7 +190,7 @@ class ResponseHandler {
198
190
  ? reqTimestamp + refreshIn
199
191
  : undefined;
200
192
  // non AAD scenarios can have empty realm
201
- cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id);
193
+ cachedAccessToken = createAccessTokenEntity(this.homeAccountIdentifier, env, serverTokenResponse.access_token, this.clientId, claimsTenantId || authority.tenant || "", responseScopes.printScopes(), tokenExpirationSeconds, extendedTokenExpirationSeconds, this.cryptoObj.base64Decode, request.correlationId, refreshOnSeconds, serverTokenResponse.token_type, userAssertionHash, serverTokenResponse.key_id, additionalCacheKeyComponents);
202
194
  // Set resource (to be used for MCP scenarios)
203
195
  const resource = request.resource || null;
204
196
  if (resource) {
@@ -264,14 +256,14 @@ class ResponseHandler {
264
256
  const popTokenGenerator = new PopTokenGenerator(cryptoObj, performanceClient);
265
257
  const { secret, keyId } = cacheRecord.accessToken;
266
258
  if (!keyId) {
267
- throw createClientAuthError(keyIdMissing);
259
+ throw createClientAuthError(keyIdMissing, request.correlationId);
268
260
  }
269
261
  accessToken = await popTokenGenerator.signPopToken(secret, keyId, request);
270
262
  }
271
263
  else {
272
264
  accessToken = cacheRecord.accessToken.secret;
273
265
  }
274
- responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target).asArray();
266
+ responseScopes = ScopeSet.fromString(cacheRecord.accessToken.target, request.correlationId).asArray();
275
267
  // Access token expiresOn cached in seconds, converting to Date for AuthenticationResult
276
268
  expiresOn = toDateFromSeconds(cacheRecord.accessToken.expiresOn);
277
269
  extExpiresOn = toDateFromSeconds(cacheRecord.accessToken.extendedExpiresOn);
@@ -289,8 +281,18 @@ class ResponseHandler {
289
281
  const tid = idTokenClaims?.tid || "";
290
282
  // for hybrid + native bridge enablement, send back the native account Id
291
283
  if (serverTokenResponse?.spa_accountid && !!cacheRecord.account) {
284
+ // Set on deprecated top-level for downgrade compat
292
285
  cacheRecord.account.nativeAccountId =
293
286
  serverTokenResponse?.spa_accountid;
287
+ // Set on the matching tenant profile (source of truth)
288
+ const targetTenantId = tid || cacheRecord.account.realm;
289
+ if (cacheRecord.account.tenantProfiles) {
290
+ const matchingProfile = cacheRecord.account.tenantProfiles.find((tp) => tp.tenantId === targetTenantId);
291
+ if (matchingProfile) {
292
+ matchingProfile.nativeAccountId =
293
+ serverTokenResponse.spa_accountid;
294
+ }
295
+ }
294
296
  }
295
297
  const accountInfo = cacheRecord.account
296
298
  ? updateAccountTenantProfileData(getAccountInfo(cacheRecord.account), undefined, // tenantProfile optional
@@ -349,14 +351,14 @@ function buildAccountToCache(cacheStorage, authority, homeAccountId, base64Decod
349
351
  cloudGraphHostName: authCodePayload?.cloud_graph_host_name,
350
352
  msGraphHost: authCodePayload?.msgraph_host,
351
353
  nativeAccountId: nativeAccountId,
352
- }, authority, base64Decode);
354
+ }, authority, correlationId, base64Decode);
353
355
  const tenantProfiles = baseAccount.tenantProfiles || [];
354
356
  const tenantId = claimsTenantId || baseAccount.realm;
355
357
  if (tenantId &&
356
358
  !tenantProfiles.find((tenantProfile) => {
357
359
  return tenantProfile.tenantId === tenantId;
358
360
  })) {
359
- const newTenantProfile = buildTenantProfile(homeAccountId, baseAccount.localAccountId, tenantId, idTokenClaims);
361
+ const newTenantProfile = buildTenantProfile(homeAccountId, baseAccount.localAccountId, tenantId, nativeAccountId, idTokenClaims);
360
362
  tenantProfiles.push(newTenantProfile);
361
363
  }
362
364
  baseAccount.tenantProfiles = tenantProfiles;