@azure/msal-common 16.9.0 → 16.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +9 -3
- package/dist/account/AccountInfo.mjs.map +1 -1
- package/dist/account/AuthToken.mjs +9 -23
- package/dist/account/AuthToken.mjs.map +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/CcsCredential.mjs.map +1 -1
- package/dist/account/ClientInfo.mjs +4 -4
- package/dist/account/ClientInfo.mjs.map +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/account/TokenClaims.mjs.map +1 -1
- package/dist/authority/Authority.mjs +36 -37
- package/dist/authority/Authority.mjs.map +1 -1
- package/dist/authority/AuthorityFactory.mjs +3 -3
- package/dist/authority/AuthorityFactory.mjs.map +1 -1
- package/dist/authority/AuthorityMetadata.mjs +2 -2
- package/dist/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs.map +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/AuthorityType.mjs.map +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs.map +1 -1
- package/dist/authority/RegionDiscovery.mjs +16 -10
- package/dist/authority/RegionDiscovery.mjs.map +1 -1
- package/dist/cache/CacheManager.mjs +62 -46
- package/dist/cache/CacheManager.mjs.map +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist/cache/utils/AccountEntityUtils.mjs +18 -8
- package/dist/cache/utils/AccountEntityUtils.mjs.map +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +10 -5
- package/dist/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +7 -7
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +8 -8
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +10 -18
- package/dist/client/SilentFlowClient.mjs.map +1 -1
- package/dist/config/ClientConfiguration.mjs +3 -3
- package/dist/config/ClientConfiguration.mjs.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +7 -3
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.mjs +11 -11
- package/dist/crypto/ICrypto.mjs.map +1 -1
- package/dist/crypto/JoseHeader.mjs +3 -3
- package/dist/crypto/JoseHeader.mjs.map +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +2 -2
- package/dist/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist/error/AuthError.mjs +5 -7
- package/dist/error/AuthError.mjs.map +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheError.mjs.map +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +5 -5
- package/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +2 -4
- package/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/error/ClientConfigurationError.mjs +5 -5
- package/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +5 -6
- package/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +5 -5
- package/dist/error/JoseHeaderError.mjs.map +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +2 -2
- package/dist/error/NetworkError.mjs.map +1 -1
- package/dist/error/PlatformBrokerError.mjs +3 -3
- package/dist/error/PlatformBrokerError.mjs.map +1 -1
- package/dist/error/ServerError.mjs +3 -3
- package/dist/error/ServerError.mjs.map +1 -1
- package/dist/index-node.mjs +53 -53
- package/dist/index.mjs +59 -59
- package/dist/logger/Logger.mjs +1 -1
- package/dist/logger/Logger.mjs.map +1 -1
- package/dist/network/INetworkModule.mjs +4 -3
- package/dist/network/INetworkModule.mjs.map +1 -1
- package/dist/network/RequestThumbprint.mjs +2 -1
- package/dist/network/RequestThumbprint.mjs.map +1 -1
- package/dist/network/ThrottlingUtils.mjs +2 -2
- package/dist/network/ThrottlingUtils.mjs.map +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.mjs +16 -14
- package/dist/protocol/Authorize.mjs.map +1 -1
- package/dist/protocol/Token.mjs +2 -2
- package/dist/protocol/Token.mjs.map +1 -1
- package/dist/request/AuthenticationHeaderParser.mjs +4 -4
- package/dist/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist/request/BaseAuthRequest.mjs +3 -3
- package/dist/request/BaseAuthRequest.mjs.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +51 -33
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/ScopeSet.mjs +13 -12
- package/dist/request/ScopeSet.mjs.map +1 -1
- package/dist/response/ResponseHandler.mjs +29 -27
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +20 -1
- package/dist/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +4 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
- package/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/url/UrlString.mjs +15 -14
- package/dist/url/UrlString.mjs.map +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +3 -2
- package/dist/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist/utils/Constants.mjs +7 -3
- package/dist/utils/Constants.mjs.map +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs.map +1 -1
- package/dist/utils/ProtocolUtils.mjs +12 -9
- package/dist/utils/ProtocolUtils.mjs.map +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs.map +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/utils/UrlUtils.mjs +4 -4
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/dist-browser/account/AccountInfo.mjs +9 -3
- package/dist-browser/account/AccountInfo.mjs.map +1 -1
- package/dist-browser/account/AuthToken.mjs +9 -23
- package/dist-browser/account/AuthToken.mjs.map +1 -1
- package/dist-browser/account/CcsCredential.mjs +1 -1
- package/dist-browser/account/CcsCredential.mjs.map +1 -1
- package/dist-browser/account/ClientInfo.mjs +4 -4
- package/dist-browser/account/ClientInfo.mjs.map +1 -1
- package/dist-browser/account/TokenClaims.mjs +1 -1
- package/dist-browser/account/TokenClaims.mjs.map +1 -1
- package/dist-browser/authority/Authority.mjs +36 -37
- package/dist-browser/authority/Authority.mjs.map +1 -1
- package/dist-browser/authority/AuthorityFactory.mjs +3 -3
- package/dist-browser/authority/AuthorityFactory.mjs.map +1 -1
- package/dist-browser/authority/AuthorityMetadata.mjs +2 -2
- package/dist-browser/authority/AuthorityMetadata.mjs.map +1 -1
- package/dist-browser/authority/AuthorityOptions.mjs +1 -1
- package/dist-browser/authority/AuthorityOptions.mjs.map +1 -1
- package/dist-browser/authority/AuthorityType.mjs +1 -1
- package/dist-browser/authority/AuthorityType.mjs.map +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist-browser/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist-browser/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist-browser/authority/ProtocolMode.mjs +1 -1
- package/dist-browser/authority/ProtocolMode.mjs.map +1 -1
- package/dist-browser/authority/RegionDiscovery.mjs +16 -10
- package/dist-browser/authority/RegionDiscovery.mjs.map +1 -1
- package/dist-browser/cache/CacheManager.mjs +62 -46
- package/dist-browser/cache/CacheManager.mjs.map +1 -1
- package/dist-browser/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist-browser/cache/persistence/TokenCacheContext.mjs.map +1 -1
- package/dist-browser/cache/utils/AccountEntityUtils.mjs +18 -8
- package/dist-browser/cache/utils/AccountEntityUtils.mjs.map +1 -1
- package/dist-browser/cache/utils/CacheHelpers.mjs +10 -5
- package/dist-browser/cache/utils/CacheHelpers.mjs.map +1 -1
- package/dist-browser/client/AuthorizationCodeClient.mjs +7 -7
- package/dist-browser/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist-browser/client/RefreshTokenClient.mjs +8 -8
- package/dist-browser/client/RefreshTokenClient.mjs.map +1 -1
- package/dist-browser/client/SilentFlowClient.mjs +10 -18
- package/dist-browser/client/SilentFlowClient.mjs.map +1 -1
- package/dist-browser/config/ClientConfiguration.mjs +3 -3
- package/dist-browser/config/ClientConfiguration.mjs.map +1 -1
- package/dist-browser/constants/AADServerParamKeys.mjs +7 -3
- package/dist-browser/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist-browser/crypto/ICrypto.mjs +11 -11
- package/dist-browser/crypto/ICrypto.mjs.map +1 -1
- package/dist-browser/crypto/JoseHeader.mjs +3 -3
- package/dist-browser/crypto/JoseHeader.mjs.map +1 -1
- package/dist-browser/crypto/PopTokenGenerator.mjs +2 -2
- package/dist-browser/crypto/PopTokenGenerator.mjs.map +1 -1
- package/dist-browser/error/AuthError.mjs +5 -7
- package/dist-browser/error/AuthError.mjs.map +1 -1
- package/dist-browser/error/AuthErrorCodes.mjs +1 -1
- package/dist-browser/error/CacheError.mjs +1 -1
- package/dist-browser/error/CacheError.mjs.map +1 -1
- package/dist-browser/error/CacheErrorCodes.mjs +1 -1
- package/dist-browser/error/ClientAuthError.mjs +5 -5
- package/dist-browser/error/ClientAuthError.mjs.map +1 -1
- package/dist-browser/error/ClientAuthErrorCodes.mjs +2 -4
- package/dist-browser/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist-browser/error/ClientConfigurationError.mjs +5 -5
- package/dist-browser/error/ClientConfigurationError.mjs.map +1 -1
- package/dist-browser/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist-browser/error/InteractionRequiredAuthError.mjs +5 -6
- package/dist-browser/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist-browser/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist-browser/error/JoseHeaderError.mjs +5 -5
- package/dist-browser/error/JoseHeaderError.mjs.map +1 -1
- package/dist-browser/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist-browser/error/NetworkError.mjs +2 -2
- package/dist-browser/error/NetworkError.mjs.map +1 -1
- package/dist-browser/error/PlatformBrokerError.mjs +3 -3
- package/dist-browser/error/PlatformBrokerError.mjs.map +1 -1
- package/dist-browser/error/ServerError.mjs +3 -3
- package/dist-browser/error/ServerError.mjs.map +1 -1
- package/dist-browser/index-browser.mjs +55 -55
- package/dist-browser/index.mjs +59 -59
- package/dist-browser/log-strings-mapping.json +2 -2
- package/dist-browser/logger/Logger.mjs +1 -1
- package/dist-browser/logger/Logger.mjs.map +1 -1
- package/dist-browser/network/INetworkModule.mjs +4 -3
- package/dist-browser/network/INetworkModule.mjs.map +1 -1
- package/dist-browser/network/RequestThumbprint.mjs +2 -1
- package/dist-browser/network/RequestThumbprint.mjs.map +1 -1
- package/dist-browser/network/ThrottlingUtils.mjs +2 -2
- package/dist-browser/network/ThrottlingUtils.mjs.map +1 -1
- package/dist-browser/packageMetadata.mjs +2 -2
- package/dist-browser/protocol/Authorize.mjs +16 -14
- package/dist-browser/protocol/Authorize.mjs.map +1 -1
- package/dist-browser/protocol/Token.mjs +2 -2
- package/dist-browser/protocol/Token.mjs.map +1 -1
- package/dist-browser/request/AuthenticationHeaderParser.mjs +4 -4
- package/dist-browser/request/AuthenticationHeaderParser.mjs.map +1 -1
- package/dist-browser/request/BaseAuthRequest.mjs +3 -3
- package/dist-browser/request/BaseAuthRequest.mjs.map +1 -1
- package/dist-browser/request/RequestParameterBuilder.mjs +51 -33
- package/dist-browser/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist-browser/request/ScopeSet.mjs +13 -12
- package/dist-browser/request/ScopeSet.mjs.map +1 -1
- package/dist-browser/response/ResponseHandler.mjs +29 -27
- package/dist-browser/response/ResponseHandler.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceClient.mjs +20 -1
- package/dist-browser/telemetry/performance/PerformanceClient.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist-browser/telemetry/performance/PerformanceEvents.mjs +1 -1
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs +4 -1
- package/dist-browser/telemetry/performance/StubPerformanceClient.mjs.map +1 -1
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs +2 -2
- package/dist-browser/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist-browser/url/UrlString.mjs +15 -14
- package/dist-browser/url/UrlString.mjs.map +1 -1
- package/dist-browser/utils/ClientAssertionUtils.mjs +3 -2
- package/dist-browser/utils/ClientAssertionUtils.mjs.map +1 -1
- package/dist-browser/utils/Constants.mjs +7 -3
- package/dist-browser/utils/Constants.mjs.map +1 -1
- package/dist-browser/utils/FunctionWrappers.mjs +1 -1
- package/dist-browser/utils/FunctionWrappers.mjs.map +1 -1
- package/dist-browser/utils/ProtocolUtils.mjs +12 -9
- package/dist-browser/utils/ProtocolUtils.mjs.map +1 -1
- package/dist-browser/utils/StringUtils.mjs +1 -1
- package/dist-browser/utils/StringUtils.mjs.map +1 -1
- package/dist-browser/utils/TimeUtils.mjs +1 -1
- package/dist-browser/utils/TimeUtils.mjs.map +1 -1
- package/dist-browser/utils/UrlUtils.mjs +4 -4
- package/dist-browser/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +27 -8
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node-CcOYLhxB.js → index-node-C_uKaUiZ.js} +368 -312
- package/lib/index-node-C_uKaUiZ.js.map +1 -0
- package/lib/index-node.cjs +2 -2
- package/lib/index.cjs +2 -2
- package/package.json +1 -1
- package/src/account/AccountInfo.ts +19 -1
- package/src/account/AuthToken.ts +19 -21
- package/src/account/ClientCredentials.ts +1 -0
- package/src/account/ClientInfo.ts +8 -3
- package/src/authority/Authority.ts +72 -37
- package/src/authority/AuthorityFactory.ts +4 -2
- package/src/authority/AuthorityMetadata.ts +2 -1
- package/src/authority/RegionDiscovery.ts +18 -11
- package/src/cache/CacheManager.ts +160 -57
- package/src/cache/entities/AccountEntity.ts +4 -0
- package/src/cache/entities/CredentialEntity.ts +2 -0
- package/src/cache/utils/AccountEntityUtils.ts +23 -3
- package/src/cache/utils/CacheHelpers.ts +15 -3
- package/src/cache/utils/CacheTypes.ts +2 -0
- package/src/client/AuthorizationCodeClient.ts +10 -4
- package/src/client/RefreshTokenClient.ts +12 -5
- package/src/client/SilentFlowClient.ts +17 -20
- package/src/config/ClientConfiguration.ts +8 -2
- package/src/constants/AADServerParamKeys.ts +5 -0
- package/src/crypto/ICrypto.ts +40 -10
- package/src/crypto/JoseHeader.ts +8 -2
- package/src/crypto/PopTokenGenerator.ts +1 -1
- package/src/error/AuthError.ts +9 -5
- package/src/error/ClientAuthError.ts +8 -3
- package/src/error/ClientAuthErrorCodes.ts +0 -2
- package/src/error/ClientConfigurationError.ts +5 -4
- package/src/error/InteractionRequiredAuthError.ts +9 -5
- package/src/error/JoseHeaderError.ts +11 -4
- package/src/error/NetworkError.ts +6 -1
- package/src/error/PlatformBrokerError.ts +2 -1
- package/src/error/ServerError.ts +3 -2
- package/src/network/INetworkModule.ts +3 -2
- package/src/network/RequestThumbprint.ts +2 -0
- package/src/network/ThrottlingUtils.ts +1 -0
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +21 -6
- package/src/protocol/Token.ts +4 -1
- package/src/request/AuthenticationHeaderParser.ts +6 -3
- package/src/request/BaseAuthRequest.ts +8 -2
- package/src/request/RequestParameterBuilder.ts +66 -43
- package/src/request/ScopeSet.ts +27 -11
- package/src/response/ImdsComputeResponse.ts +14 -0
- package/src/response/ResponseHandler.ts +45 -32
- package/src/telemetry/performance/IPerformanceClient.ts +1 -0
- package/src/telemetry/performance/PerformanceClient.ts +28 -0
- package/src/telemetry/performance/StubPerformanceClient.ts +4 -0
- package/src/url/UrlString.ts +32 -13
- package/src/utils/ClientAssertionUtils.ts +3 -1
- package/src/utils/Constants.ts +6 -3
- package/src/utils/ProtocolUtils.ts +26 -8
- package/src/utils/UrlUtils.ts +8 -3
- package/types/account/AccountInfo.d.ts +8 -2
- package/types/account/AccountInfo.d.ts.map +1 -1
- package/types/account/AuthToken.d.ts +2 -6
- package/types/account/AuthToken.d.ts.map +1 -1
- package/types/account/ClientCredentials.d.ts +1 -0
- package/types/account/ClientCredentials.d.ts.map +1 -1
- package/types/account/ClientInfo.d.ts.map +1 -1
- package/types/authority/Authority.d.ts +4 -4
- package/types/authority/Authority.d.ts.map +1 -1
- package/types/authority/AuthorityFactory.d.ts.map +1 -1
- package/types/authority/AuthorityMetadata.d.ts.map +1 -1
- package/types/authority/RegionDiscovery.d.ts +3 -2
- package/types/authority/RegionDiscovery.d.ts.map +1 -1
- package/types/cache/CacheManager.d.ts +0 -7
- package/types/cache/CacheManager.d.ts.map +1 -1
- package/types/cache/entities/AccountEntity.d.ts +4 -0
- package/types/cache/entities/AccountEntity.d.ts.map +1 -1
- package/types/cache/entities/CredentialEntity.d.ts +2 -0
- package/types/cache/entities/CredentialEntity.d.ts.map +1 -1
- package/types/cache/utils/AccountEntityUtils.d.ts +1 -1
- package/types/cache/utils/AccountEntityUtils.d.ts.map +1 -1
- package/types/cache/utils/CacheHelpers.d.ts +1 -1
- package/types/cache/utils/CacheHelpers.d.ts.map +1 -1
- package/types/cache/utils/CacheTypes.d.ts +2 -1
- package/types/cache/utils/CacheTypes.d.ts.map +1 -1
- package/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/types/client/SilentFlowClient.d.ts.map +1 -1
- package/types/config/ClientConfiguration.d.ts.map +1 -1
- package/types/constants/AADServerParamKeys.d.ts +4 -0
- package/types/constants/AADServerParamKeys.d.ts.map +1 -1
- package/types/crypto/ICrypto.d.ts.map +1 -1
- package/types/crypto/JoseHeader.d.ts.map +1 -1
- package/types/error/AuthError.d.ts +2 -3
- package/types/error/AuthError.d.ts.map +1 -1
- package/types/error/ClientAuthError.d.ts +2 -2
- package/types/error/ClientAuthError.d.ts.map +1 -1
- package/types/error/ClientAuthErrorCodes.d.ts +0 -2
- package/types/error/ClientAuthErrorCodes.d.ts.map +1 -1
- package/types/error/ClientConfigurationError.d.ts +2 -2
- package/types/error/ClientConfigurationError.d.ts.map +1 -1
- package/types/error/InteractionRequiredAuthError.d.ts +2 -2
- package/types/error/InteractionRequiredAuthError.d.ts.map +1 -1
- package/types/error/JoseHeaderError.d.ts +2 -2
- package/types/error/JoseHeaderError.d.ts.map +1 -1
- package/types/error/NetworkError.d.ts.map +1 -1
- package/types/error/PlatformBrokerError.d.ts +1 -1
- package/types/error/PlatformBrokerError.d.ts.map +1 -1
- package/types/error/ServerError.d.ts +1 -1
- package/types/error/ServerError.d.ts.map +1 -1
- package/types/network/INetworkModule.d.ts.map +1 -1
- package/types/network/RequestThumbprint.d.ts +1 -0
- package/types/network/RequestThumbprint.d.ts.map +1 -1
- package/types/network/ThrottlingUtils.d.ts.map +1 -1
- package/types/packageMetadata.d.ts +1 -1
- package/types/packageMetadata.d.ts.map +1 -1
- package/types/protocol/Authorize.d.ts +4 -2
- package/types/protocol/Authorize.d.ts.map +1 -1
- package/types/protocol/Token.d.ts.map +1 -1
- package/types/request/AuthenticationHeaderParser.d.ts.map +1 -1
- package/types/request/BaseAuthRequest.d.ts +4 -0
- package/types/request/BaseAuthRequest.d.ts.map +1 -1
- package/types/request/RequestParameterBuilder.d.ts +12 -3
- package/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/types/request/ScopeSet.d.ts +4 -3
- package/types/request/ScopeSet.d.ts.map +1 -1
- package/types/response/ImdsComputeResponse.d.ts +10 -0
- package/types/response/ImdsComputeResponse.d.ts.map +1 -0
- package/types/response/ResponseHandler.d.ts +1 -1
- package/types/response/ResponseHandler.d.ts.map +1 -1
- package/types/telemetry/performance/IPerformanceClient.d.ts +3 -0
- package/types/telemetry/performance/IPerformanceClient.d.ts.map +1 -1
- package/types/telemetry/performance/PerformanceClient.d.ts +18 -0
- package/types/telemetry/performance/PerformanceClient.d.ts.map +1 -1
- package/types/telemetry/performance/StubPerformanceClient.d.ts +1 -0
- package/types/telemetry/performance/StubPerformanceClient.d.ts.map +1 -1
- package/types/url/UrlString.d.ts +5 -4
- package/types/url/UrlString.d.ts.map +1 -1
- package/types/utils/ClientAssertionUtils.d.ts +1 -1
- package/types/utils/ClientAssertionUtils.d.ts.map +1 -1
- package/types/utils/Constants.d.ts +6 -2
- package/types/utils/Constants.d.ts.map +1 -1
- package/types/utils/ProtocolUtils.d.ts +6 -3
- package/types/utils/ProtocolUtils.d.ts.map +1 -1
- package/types/utils/UrlUtils.d.ts.map +1 -1
- package/lib/index-node-CcOYLhxB.js.map +0 -1
|
@@ -20,7 +20,7 @@ import { CacheRecord } from "../cache/entities/CacheRecord.js";
|
|
|
20
20
|
import { CacheOutcome } from "../utils/Constants.js";
|
|
21
21
|
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
22
22
|
import { StringUtils } from "../utils/StringUtils.js";
|
|
23
|
-
import {
|
|
23
|
+
import { extractTokenClaims } from "../account/AuthToken.js";
|
|
24
24
|
import { TokenClaims } from "../account/TokenClaims.js";
|
|
25
25
|
import * as PerformanceEvents from "../telemetry/performance/PerformanceEvents.js";
|
|
26
26
|
import { invokeAsync } from "../utils/FunctionWrappers.js";
|
|
@@ -106,20 +106,25 @@ export class SilentFlowClient {
|
|
|
106
106
|
request.correlationId
|
|
107
107
|
);
|
|
108
108
|
throw createClientAuthError(
|
|
109
|
-
ClientAuthErrorCodes.tokenRefreshRequired
|
|
109
|
+
ClientAuthErrorCodes.tokenRefreshRequired,
|
|
110
|
+
request.correlationId
|
|
110
111
|
);
|
|
111
112
|
}
|
|
112
113
|
|
|
113
114
|
// We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases
|
|
114
115
|
if (!request.account) {
|
|
115
116
|
throw createClientAuthError(
|
|
116
|
-
ClientAuthErrorCodes.noAccountInSilentRequest
|
|
117
|
+
ClientAuthErrorCodes.noAccountInSilentRequest,
|
|
118
|
+
request.correlationId
|
|
117
119
|
);
|
|
118
120
|
}
|
|
119
121
|
|
|
120
122
|
const requestTenantId =
|
|
121
123
|
request.account.tenantId ||
|
|
122
|
-
getTenantFromAuthorityString(
|
|
124
|
+
getTenantFromAuthorityString(
|
|
125
|
+
request.authority,
|
|
126
|
+
request.correlationId
|
|
127
|
+
);
|
|
123
128
|
const tokenKeys = this.cacheManager.getTokenKeys();
|
|
124
129
|
const cachedAccessToken = this.cacheManager.getAccessToken(
|
|
125
130
|
request.account,
|
|
@@ -135,7 +140,8 @@ export class SilentFlowClient {
|
|
|
135
140
|
request.correlationId
|
|
136
141
|
);
|
|
137
142
|
throw createClientAuthError(
|
|
138
|
-
ClientAuthErrorCodes.tokenRefreshRequired
|
|
143
|
+
ClientAuthErrorCodes.tokenRefreshRequired,
|
|
144
|
+
request.correlationId
|
|
139
145
|
);
|
|
140
146
|
} else if (
|
|
141
147
|
TimeUtils.wasClockTurnedBack(cachedAccessToken.cachedAt) ||
|
|
@@ -150,7 +156,8 @@ export class SilentFlowClient {
|
|
|
150
156
|
request.correlationId
|
|
151
157
|
);
|
|
152
158
|
throw createClientAuthError(
|
|
153
|
-
ClientAuthErrorCodes.tokenRefreshRequired
|
|
159
|
+
ClientAuthErrorCodes.tokenRefreshRequired,
|
|
160
|
+
request.correlationId
|
|
154
161
|
);
|
|
155
162
|
} else if (request.resource) {
|
|
156
163
|
// cached access token must have a resource that matches the request resource for MCP scenarios
|
|
@@ -160,7 +167,8 @@ export class SilentFlowClient {
|
|
|
160
167
|
request.correlationId
|
|
161
168
|
);
|
|
162
169
|
throw createClientAuthError(
|
|
163
|
-
ClientAuthErrorCodes.tokenRefreshRequired
|
|
170
|
+
ClientAuthErrorCodes.tokenRefreshRequired,
|
|
171
|
+
request.correlationId
|
|
164
172
|
);
|
|
165
173
|
}
|
|
166
174
|
} else if (
|
|
@@ -243,22 +251,11 @@ export class SilentFlowClient {
|
|
|
243
251
|
if (cacheRecord.idToken) {
|
|
244
252
|
idTokenClaims = extractTokenClaims(
|
|
245
253
|
cacheRecord.idToken.secret,
|
|
246
|
-
this.config.cryptoInterface.base64Decode
|
|
254
|
+
this.config.cryptoInterface.base64Decode,
|
|
255
|
+
request.correlationId
|
|
247
256
|
);
|
|
248
257
|
}
|
|
249
258
|
|
|
250
|
-
// token max_age check
|
|
251
|
-
if (request.maxAge || request.maxAge === 0) {
|
|
252
|
-
const authTime = idTokenClaims?.auth_time;
|
|
253
|
-
if (!authTime) {
|
|
254
|
-
throw createClientAuthError(
|
|
255
|
-
ClientAuthErrorCodes.authTimeNotFound
|
|
256
|
-
);
|
|
257
|
-
}
|
|
258
|
-
|
|
259
|
-
checkMaxAge(authTime, request.maxAge);
|
|
260
|
-
}
|
|
261
|
-
|
|
262
259
|
return ResponseHandler.generateAuthenticationResult(
|
|
263
260
|
this.cryptoUtils,
|
|
264
261
|
this.authority,
|
|
@@ -174,10 +174,16 @@ const DEFAULT_LOGGER_IMPLEMENTATION: Required<LoggerOptions> = {
|
|
|
174
174
|
|
|
175
175
|
const DEFAULT_NETWORK_IMPLEMENTATION: INetworkModule = {
|
|
176
176
|
async sendGetRequestAsync<T>(): Promise<T> {
|
|
177
|
-
throw createClientAuthError(
|
|
177
|
+
throw createClientAuthError(
|
|
178
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
179
|
+
""
|
|
180
|
+
);
|
|
178
181
|
},
|
|
179
182
|
async sendPostRequestAsync<T>(): Promise<T> {
|
|
180
|
-
throw createClientAuthError(
|
|
183
|
+
throw createClientAuthError(
|
|
184
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
185
|
+
""
|
|
186
|
+
);
|
|
181
187
|
},
|
|
182
188
|
};
|
|
183
189
|
|
|
@@ -63,3 +63,8 @@ export const EAR_JWK = "ear_jwk";
|
|
|
63
63
|
export const EAR_JWE_CRYPTO = "ear_jwe_crypto";
|
|
64
64
|
export const RESOURCE = "resource";
|
|
65
65
|
export const CLI_DATA = "clidata";
|
|
66
|
+
export const USER_FEDERATED_IDENTITY_CREDENTIAL =
|
|
67
|
+
"user_federated_identity_credential";
|
|
68
|
+
export const USERNAME = "username";
|
|
69
|
+
export const USER_ID = "user_id";
|
|
70
|
+
export const FMI_PATH = "fmi_path";
|
package/src/crypto/ICrypto.ts
CHANGED
|
@@ -96,33 +96,63 @@ export interface ICrypto {
|
|
|
96
96
|
|
|
97
97
|
export const DEFAULT_CRYPTO_IMPLEMENTATION: ICrypto = {
|
|
98
98
|
createNewGuid: (): string => {
|
|
99
|
-
throw createClientAuthError(
|
|
99
|
+
throw createClientAuthError(
|
|
100
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
101
|
+
""
|
|
102
|
+
);
|
|
100
103
|
},
|
|
101
104
|
base64Decode: (): string => {
|
|
102
|
-
throw createClientAuthError(
|
|
105
|
+
throw createClientAuthError(
|
|
106
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
107
|
+
""
|
|
108
|
+
);
|
|
103
109
|
},
|
|
104
110
|
base64Encode: (): string => {
|
|
105
|
-
throw createClientAuthError(
|
|
111
|
+
throw createClientAuthError(
|
|
112
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
113
|
+
""
|
|
114
|
+
);
|
|
106
115
|
},
|
|
107
116
|
base64UrlEncode: (): string => {
|
|
108
|
-
throw createClientAuthError(
|
|
117
|
+
throw createClientAuthError(
|
|
118
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
119
|
+
""
|
|
120
|
+
);
|
|
109
121
|
},
|
|
110
122
|
encodeKid: (): string => {
|
|
111
|
-
throw createClientAuthError(
|
|
123
|
+
throw createClientAuthError(
|
|
124
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
125
|
+
""
|
|
126
|
+
);
|
|
112
127
|
},
|
|
113
128
|
async getPublicKeyThumbprint(): Promise<string> {
|
|
114
|
-
throw createClientAuthError(
|
|
129
|
+
throw createClientAuthError(
|
|
130
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
131
|
+
""
|
|
132
|
+
);
|
|
115
133
|
},
|
|
116
134
|
async removeTokenBindingKey(): Promise<void> {
|
|
117
|
-
throw createClientAuthError(
|
|
135
|
+
throw createClientAuthError(
|
|
136
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
137
|
+
""
|
|
138
|
+
);
|
|
118
139
|
},
|
|
119
140
|
async clearKeystore(): Promise<boolean> {
|
|
120
|
-
throw createClientAuthError(
|
|
141
|
+
throw createClientAuthError(
|
|
142
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
143
|
+
""
|
|
144
|
+
);
|
|
121
145
|
},
|
|
122
146
|
async signJwt(): Promise<string> {
|
|
123
|
-
throw createClientAuthError(
|
|
147
|
+
throw createClientAuthError(
|
|
148
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
149
|
+
""
|
|
150
|
+
);
|
|
124
151
|
},
|
|
125
152
|
async hashString(): Promise<string> {
|
|
126
|
-
throw createClientAuthError(
|
|
153
|
+
throw createClientAuthError(
|
|
154
|
+
ClientAuthErrorCodes.methodNotImplemented,
|
|
155
|
+
""
|
|
156
|
+
);
|
|
127
157
|
},
|
|
128
158
|
};
|
package/src/crypto/JoseHeader.ts
CHANGED
|
@@ -38,12 +38,18 @@ export class JoseHeader {
|
|
|
38
38
|
static getShrHeaderString(shrHeaderOptions: JoseHeaderOptions): string {
|
|
39
39
|
// KeyID is required on the SHR header
|
|
40
40
|
if (!shrHeaderOptions.kid) {
|
|
41
|
-
throw createJoseHeaderError(
|
|
41
|
+
throw createJoseHeaderError(
|
|
42
|
+
JoseHeaderErrorCodes.missingKidError,
|
|
43
|
+
""
|
|
44
|
+
);
|
|
42
45
|
}
|
|
43
46
|
|
|
44
47
|
// Alg is required on the SHR header
|
|
45
48
|
if (!shrHeaderOptions.alg) {
|
|
46
|
-
throw createJoseHeaderError(
|
|
49
|
+
throw createJoseHeaderError(
|
|
50
|
+
JoseHeaderErrorCodes.missingAlgError,
|
|
51
|
+
""
|
|
52
|
+
);
|
|
47
53
|
}
|
|
48
54
|
|
|
49
55
|
const shrHeader = new JoseHeader({
|
|
@@ -125,7 +125,7 @@ export class PopTokenGenerator {
|
|
|
125
125
|
} = request;
|
|
126
126
|
|
|
127
127
|
const resourceUrlString = resourceRequestUri
|
|
128
|
-
? new UrlString(resourceRequestUri)
|
|
128
|
+
? new UrlString(resourceRequestUri, request.correlationId)
|
|
129
129
|
: undefined;
|
|
130
130
|
const resourceUrlComponents = resourceUrlString?.getUrlComponents();
|
|
131
131
|
return this.cryptoUtils.signJwt(
|
package/src/error/AuthError.ts
CHANGED
|
@@ -40,7 +40,12 @@ export class AuthError extends Error {
|
|
|
40
40
|
*/
|
|
41
41
|
platformBrokerError?: PlatformBrokerError;
|
|
42
42
|
|
|
43
|
-
constructor(
|
|
43
|
+
constructor(
|
|
44
|
+
errorCode: string,
|
|
45
|
+
correlationId: string,
|
|
46
|
+
errorMessage?: string,
|
|
47
|
+
suberror?: string
|
|
48
|
+
) {
|
|
44
49
|
const message =
|
|
45
50
|
errorMessage ||
|
|
46
51
|
(errorCode ? getDefaultErrorMessage(errorCode) : "");
|
|
@@ -51,20 +56,19 @@ export class AuthError extends Error {
|
|
|
51
56
|
this.errorCode = errorCode || "";
|
|
52
57
|
this.errorMessage = message || "";
|
|
53
58
|
this.subError = suberror || "";
|
|
54
|
-
this.name = "AuthError";
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
setCorrelationId(correlationId: string): void {
|
|
58
59
|
this.correlationId = correlationId;
|
|
60
|
+
this.name = "AuthError";
|
|
59
61
|
}
|
|
60
62
|
}
|
|
61
63
|
|
|
62
64
|
export function createAuthError(
|
|
63
65
|
code: string,
|
|
66
|
+
correlationId: string,
|
|
64
67
|
additionalMessage?: string
|
|
65
68
|
): AuthError {
|
|
66
69
|
return new AuthError(
|
|
67
70
|
code,
|
|
71
|
+
correlationId,
|
|
68
72
|
additionalMessage || getDefaultErrorMessage(code)
|
|
69
73
|
);
|
|
70
74
|
}
|
|
@@ -15,8 +15,12 @@ export { ClientAuthErrorCodes }; // Allow importing as "ClientAuthErrorCodes";
|
|
|
15
15
|
* Error thrown when there is an error in the client code running on the browser.
|
|
16
16
|
*/
|
|
17
17
|
export class ClientAuthError extends AuthError {
|
|
18
|
-
constructor(
|
|
19
|
-
|
|
18
|
+
constructor(
|
|
19
|
+
errorCode: string,
|
|
20
|
+
correlationId: string,
|
|
21
|
+
additionalMessage?: string
|
|
22
|
+
) {
|
|
23
|
+
super(errorCode, correlationId, additionalMessage);
|
|
20
24
|
this.name = "ClientAuthError";
|
|
21
25
|
|
|
22
26
|
Object.setPrototypeOf(this, ClientAuthError.prototype);
|
|
@@ -25,7 +29,8 @@ export class ClientAuthError extends AuthError {
|
|
|
25
29
|
|
|
26
30
|
export function createClientAuthError(
|
|
27
31
|
errorCode: string,
|
|
32
|
+
correlationId: string,
|
|
28
33
|
additionalMessage?: string
|
|
29
34
|
): ClientAuthError {
|
|
30
|
-
return new ClientAuthError(errorCode, additionalMessage);
|
|
35
|
+
return new ClientAuthError(errorCode, correlationId, additionalMessage);
|
|
31
36
|
}
|
|
@@ -15,8 +15,6 @@ export const invalidState = "invalid_state";
|
|
|
15
15
|
export const stateMismatch = "state_mismatch";
|
|
16
16
|
export const stateNotFound = "state_not_found";
|
|
17
17
|
export const nonceMismatch = "nonce_mismatch";
|
|
18
|
-
export const authTimeNotFound = "auth_time_not_found";
|
|
19
|
-
export const maxAgeTranspired = "max_age_transpired";
|
|
20
18
|
export const multipleMatchingTokens = "multiple_matching_tokens";
|
|
21
19
|
export const multipleMatchingAppMetadata = "multiple_matching_appMetadata";
|
|
22
20
|
export const requestCannotBeMade = "request_cannot_be_made";
|
|
@@ -11,15 +11,16 @@ export { ClientConfigurationErrorCodes };
|
|
|
11
11
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
12
12
|
*/
|
|
13
13
|
export class ClientConfigurationError extends AuthError {
|
|
14
|
-
constructor(errorCode: string) {
|
|
15
|
-
super(errorCode);
|
|
14
|
+
constructor(errorCode: string, correlationId: string) {
|
|
15
|
+
super(errorCode, correlationId);
|
|
16
16
|
this.name = "ClientConfigurationError";
|
|
17
17
|
Object.setPrototypeOf(this, ClientConfigurationError.prototype);
|
|
18
18
|
}
|
|
19
19
|
}
|
|
20
20
|
|
|
21
21
|
export function createClientConfigurationError(
|
|
22
|
-
errorCode: string
|
|
22
|
+
errorCode: string,
|
|
23
|
+
correlationId: string
|
|
23
24
|
): ClientConfigurationError {
|
|
24
|
-
return new ClientConfigurationError(errorCode);
|
|
25
|
+
return new ClientConfigurationError(errorCode, correlationId);
|
|
25
26
|
}
|
|
@@ -61,21 +61,20 @@ export class InteractionRequiredAuthError extends AuthError {
|
|
|
61
61
|
readonly errorNo?: string;
|
|
62
62
|
|
|
63
63
|
constructor(
|
|
64
|
-
errorCode
|
|
64
|
+
errorCode: string,
|
|
65
|
+
correlationId: string,
|
|
65
66
|
errorMessage?: string,
|
|
66
67
|
subError?: string,
|
|
67
68
|
timestamp?: string,
|
|
68
69
|
traceId?: string,
|
|
69
|
-
correlationId?: string,
|
|
70
70
|
claims?: string,
|
|
71
71
|
errorNo?: string
|
|
72
72
|
) {
|
|
73
|
-
super(errorCode, errorMessage, subError);
|
|
73
|
+
super(errorCode, correlationId, errorMessage, subError);
|
|
74
74
|
Object.setPrototypeOf(this, InteractionRequiredAuthError.prototype);
|
|
75
75
|
|
|
76
76
|
this.timestamp = timestamp || "";
|
|
77
77
|
this.traceId = traceId || "";
|
|
78
|
-
this.correlationId = correlationId || "";
|
|
79
78
|
this.claims = claims || "";
|
|
80
79
|
this.name = "InteractionRequiredAuthError";
|
|
81
80
|
this.errorNo = errorNo;
|
|
@@ -117,7 +116,12 @@ export function isInteractionRequiredError(
|
|
|
117
116
|
*/
|
|
118
117
|
export function createInteractionRequiredAuthError(
|
|
119
118
|
errorCode: string,
|
|
119
|
+
correlationId: string,
|
|
120
120
|
errorMessage?: string
|
|
121
121
|
): InteractionRequiredAuthError {
|
|
122
|
-
return new InteractionRequiredAuthError(
|
|
122
|
+
return new InteractionRequiredAuthError(
|
|
123
|
+
errorCode,
|
|
124
|
+
correlationId,
|
|
125
|
+
errorMessage
|
|
126
|
+
);
|
|
123
127
|
}
|
|
@@ -11,8 +11,12 @@ export { JoseHeaderErrorCodes };
|
|
|
11
11
|
* Error thrown when there is an error in the client code running on the browser.
|
|
12
12
|
*/
|
|
13
13
|
export class JoseHeaderError extends AuthError {
|
|
14
|
-
constructor(
|
|
15
|
-
|
|
14
|
+
constructor(
|
|
15
|
+
errorCode: string,
|
|
16
|
+
correlationId: string,
|
|
17
|
+
errorMessage?: string
|
|
18
|
+
) {
|
|
19
|
+
super(errorCode, correlationId, errorMessage);
|
|
16
20
|
this.name = "JoseHeaderError";
|
|
17
21
|
|
|
18
22
|
Object.setPrototypeOf(this, JoseHeaderError.prototype);
|
|
@@ -20,6 +24,9 @@ export class JoseHeaderError extends AuthError {
|
|
|
20
24
|
}
|
|
21
25
|
|
|
22
26
|
/** Returns JoseHeaderError object */
|
|
23
|
-
export function createJoseHeaderError(
|
|
24
|
-
|
|
27
|
+
export function createJoseHeaderError(
|
|
28
|
+
code: string,
|
|
29
|
+
correlationId: string
|
|
30
|
+
): JoseHeaderError {
|
|
31
|
+
return new JoseHeaderError(code, correlationId);
|
|
25
32
|
}
|
|
@@ -18,7 +18,12 @@ export class NetworkError extends AuthError {
|
|
|
18
18
|
httpStatus?: number,
|
|
19
19
|
responseHeaders?: Record<string, string>
|
|
20
20
|
) {
|
|
21
|
-
super(
|
|
21
|
+
super(
|
|
22
|
+
error.errorCode,
|
|
23
|
+
error.correlationId,
|
|
24
|
+
error.errorMessage,
|
|
25
|
+
error.subError
|
|
26
|
+
);
|
|
22
27
|
|
|
23
28
|
Object.setPrototypeOf(this, NetworkError.prototype);
|
|
24
29
|
this.name = "NetworkError";
|
|
@@ -49,6 +49,7 @@ export class PlatformBrokerError extends AuthError {
|
|
|
49
49
|
|
|
50
50
|
constructor(
|
|
51
51
|
errorStatus: string,
|
|
52
|
+
correlationId: string,
|
|
52
53
|
errorContext: string,
|
|
53
54
|
errorCode: number,
|
|
54
55
|
errorTag: number
|
|
@@ -58,7 +59,7 @@ export class PlatformBrokerError extends AuthError {
|
|
|
58
59
|
? `${errorContext} (Error Code: ${errorCode}, Tag: ${tagString})`
|
|
59
60
|
: `(Error Code: ${errorCode}, Tag: ${tagString})`;
|
|
60
61
|
|
|
61
|
-
super(errorStatus, enhancedErrorContext);
|
|
62
|
+
super(errorStatus, correlationId, enhancedErrorContext);
|
|
62
63
|
this.name = "PlatformBrokerError";
|
|
63
64
|
this.statusCode = errorCode;
|
|
64
65
|
this.tag = tagString;
|
package/src/error/ServerError.ts
CHANGED
|
@@ -20,13 +20,14 @@ export class ServerError extends AuthError {
|
|
|
20
20
|
readonly status?: number;
|
|
21
21
|
|
|
22
22
|
constructor(
|
|
23
|
-
errorCode
|
|
23
|
+
errorCode: string,
|
|
24
|
+
correlationId: string,
|
|
24
25
|
errorMessage?: string,
|
|
25
26
|
subError?: string,
|
|
26
27
|
errorNo?: string,
|
|
27
28
|
status?: number
|
|
28
29
|
) {
|
|
29
|
-
super(errorCode, errorMessage, subError);
|
|
30
|
+
super(errorCode, correlationId, errorMessage, subError);
|
|
30
31
|
this.name = "ServerError";
|
|
31
32
|
this.errorNo = errorNo;
|
|
32
33
|
this.status = status;
|
|
@@ -46,14 +46,15 @@ export interface INetworkModule {
|
|
|
46
46
|
}
|
|
47
47
|
|
|
48
48
|
export const StubbedNetworkModule: INetworkModule = {
|
|
49
|
+
// Module-level singleton: no per-request correlationId available
|
|
49
50
|
sendGetRequestAsync: () => {
|
|
50
51
|
return Promise.reject(
|
|
51
|
-
createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
|
|
52
|
+
createClientAuthError(ClientAuthErrorCodes.methodNotImplemented, "")
|
|
52
53
|
);
|
|
53
54
|
},
|
|
54
55
|
sendPostRequestAsync: () => {
|
|
55
56
|
return Promise.reject(
|
|
56
|
-
createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
|
|
57
|
+
createClientAuthError(ClientAuthErrorCodes.methodNotImplemented, "")
|
|
57
58
|
);
|
|
58
59
|
},
|
|
59
60
|
};
|
|
@@ -23,6 +23,7 @@ export type RequestThumbprint = {
|
|
|
23
23
|
sshKid?: string;
|
|
24
24
|
shrOptions?: ShrOptions;
|
|
25
25
|
embeddedClientId?: string;
|
|
26
|
+
resource?: string;
|
|
26
27
|
};
|
|
27
28
|
|
|
28
29
|
export function getRequestThumbprint(
|
|
@@ -43,5 +44,6 @@ export function getRequestThumbprint(
|
|
|
43
44
|
sshKid: request.sshKid,
|
|
44
45
|
embeddedClientId:
|
|
45
46
|
request.embeddedClientId || request.extraParameters?.clientId,
|
|
47
|
+
resource: request.resource,
|
|
46
48
|
};
|
|
47
49
|
}
|
package/src/packageMetadata.ts
CHANGED
|
@@ -61,6 +61,7 @@ export function getStandardAuthorizeRequestParameters(
|
|
|
61
61
|
RequestParameterBuilder.addScopes(
|
|
62
62
|
parameters,
|
|
63
63
|
requestScopes,
|
|
64
|
+
request.correlationId,
|
|
64
65
|
true,
|
|
65
66
|
authOptions.authority.options.OIDCOptions?.defaultScopes
|
|
66
67
|
);
|
|
@@ -249,6 +250,7 @@ export function getStandardAuthorizeRequestParameters(
|
|
|
249
250
|
|
|
250
251
|
RequestParameterBuilder.addClaims(
|
|
251
252
|
parameters,
|
|
253
|
+
request.correlationId,
|
|
252
254
|
request.claims,
|
|
253
255
|
authOptions.clientCapabilities,
|
|
254
256
|
request.skipBrokerClaims
|
|
@@ -291,18 +293,21 @@ export function getAuthorizeUrl(
|
|
|
291
293
|
* the client to exchange for a token in acquireToken.
|
|
292
294
|
* @param serverParams
|
|
293
295
|
* @param cachedState
|
|
296
|
+
* @param correlationId
|
|
294
297
|
*/
|
|
295
298
|
export function getAuthorizationCodePayload(
|
|
296
299
|
serverParams: AuthorizeResponse,
|
|
297
|
-
cachedState: string
|
|
300
|
+
cachedState: string,
|
|
301
|
+
correlationId: string
|
|
298
302
|
): AuthorizationCodePayload {
|
|
299
303
|
// Get code response
|
|
300
|
-
validateAuthorizationResponse(serverParams, cachedState);
|
|
304
|
+
validateAuthorizationResponse(serverParams, cachedState, correlationId);
|
|
301
305
|
|
|
302
306
|
// throw when there is no auth code in the response
|
|
303
307
|
if (!serverParams.code) {
|
|
304
308
|
throw createClientAuthError(
|
|
305
|
-
ClientAuthErrorCodes.authorizationCodeMissingFromServerResponse
|
|
309
|
+
ClientAuthErrorCodes.authorizationCodeMissingFromServerResponse,
|
|
310
|
+
correlationId
|
|
306
311
|
);
|
|
307
312
|
}
|
|
308
313
|
|
|
@@ -313,19 +318,23 @@ export function getAuthorizationCodePayload(
|
|
|
313
318
|
* Function which validates server authorization code response.
|
|
314
319
|
* @param serverResponseHash
|
|
315
320
|
* @param requestState
|
|
321
|
+
* @param correlationId
|
|
316
322
|
*/
|
|
317
323
|
export function validateAuthorizationResponse(
|
|
318
324
|
serverResponse: AuthorizeResponse,
|
|
319
|
-
requestState: string
|
|
325
|
+
requestState: string,
|
|
326
|
+
correlationId: string
|
|
320
327
|
): void {
|
|
321
328
|
if (!serverResponse.state || !requestState) {
|
|
322
329
|
throw serverResponse.state
|
|
323
330
|
? createClientAuthError(
|
|
324
331
|
ClientAuthErrorCodes.stateNotFound,
|
|
332
|
+
correlationId,
|
|
325
333
|
"Cached State"
|
|
326
334
|
)
|
|
327
335
|
: createClientAuthError(
|
|
328
336
|
ClientAuthErrorCodes.stateNotFound,
|
|
337
|
+
correlationId,
|
|
329
338
|
"Server State"
|
|
330
339
|
);
|
|
331
340
|
}
|
|
@@ -338,6 +347,7 @@ export function validateAuthorizationResponse(
|
|
|
338
347
|
} catch (e) {
|
|
339
348
|
throw createClientAuthError(
|
|
340
349
|
ClientAuthErrorCodes.invalidState,
|
|
350
|
+
correlationId,
|
|
341
351
|
serverResponse.state
|
|
342
352
|
);
|
|
343
353
|
}
|
|
@@ -347,12 +357,16 @@ export function validateAuthorizationResponse(
|
|
|
347
357
|
} catch (e) {
|
|
348
358
|
throw createClientAuthError(
|
|
349
359
|
ClientAuthErrorCodes.invalidState,
|
|
360
|
+
correlationId,
|
|
350
361
|
serverResponse.state
|
|
351
362
|
);
|
|
352
363
|
}
|
|
353
364
|
|
|
354
365
|
if (decodedServerResponseState !== decodedRequestState) {
|
|
355
|
-
throw createClientAuthError(
|
|
366
|
+
throw createClientAuthError(
|
|
367
|
+
ClientAuthErrorCodes.stateMismatch,
|
|
368
|
+
correlationId
|
|
369
|
+
);
|
|
356
370
|
}
|
|
357
371
|
|
|
358
372
|
// Check for error
|
|
@@ -371,11 +385,11 @@ export function validateAuthorizationResponse(
|
|
|
371
385
|
) {
|
|
372
386
|
throw new InteractionRequiredAuthError(
|
|
373
387
|
serverResponse.error || "",
|
|
388
|
+
serverResponse.correlation_id || correlationId,
|
|
374
389
|
serverResponse.error_description,
|
|
375
390
|
serverResponse.suberror,
|
|
376
391
|
serverResponse.timestamp || "",
|
|
377
392
|
serverResponse.trace_id || "",
|
|
378
|
-
serverResponse.correlation_id || "",
|
|
379
393
|
serverResponse.claims || "",
|
|
380
394
|
serverErrorNo
|
|
381
395
|
);
|
|
@@ -383,6 +397,7 @@ export function validateAuthorizationResponse(
|
|
|
383
397
|
|
|
384
398
|
throw new ServerError(
|
|
385
399
|
serverResponse.error || "",
|
|
400
|
+
serverResponse.correlation_id || correlationId,
|
|
386
401
|
serverResponse.error_description,
|
|
387
402
|
serverResponse.suberror,
|
|
388
403
|
serverErrorNo
|
package/src/protocol/Token.ts
CHANGED
|
@@ -217,7 +217,10 @@ export async function sendPostRequest<
|
|
|
217
217
|
if (e instanceof AuthError) {
|
|
218
218
|
throw e;
|
|
219
219
|
} else {
|
|
220
|
-
throw createClientAuthError(
|
|
220
|
+
throw createClientAuthError(
|
|
221
|
+
ClientAuthErrorCodes.networkError,
|
|
222
|
+
correlationId
|
|
223
|
+
);
|
|
221
224
|
}
|
|
222
225
|
}
|
|
223
226
|
|
|
@@ -44,7 +44,8 @@ export class AuthenticationHeaderParser {
|
|
|
44
44
|
return authenticationInfoChallenges.nextnonce;
|
|
45
45
|
}
|
|
46
46
|
throw createClientConfigurationError(
|
|
47
|
-
ClientConfigurationErrorCodes.invalidAuthenticationHeader
|
|
47
|
+
ClientConfigurationErrorCodes.invalidAuthenticationHeader,
|
|
48
|
+
""
|
|
48
49
|
);
|
|
49
50
|
}
|
|
50
51
|
|
|
@@ -59,13 +60,15 @@ export class AuthenticationHeaderParser {
|
|
|
59
60
|
return wwwAuthenticateChallenges.nonce;
|
|
60
61
|
}
|
|
61
62
|
throw createClientConfigurationError(
|
|
62
|
-
ClientConfigurationErrorCodes.invalidAuthenticationHeader
|
|
63
|
+
ClientConfigurationErrorCodes.invalidAuthenticationHeader,
|
|
64
|
+
""
|
|
63
65
|
);
|
|
64
66
|
}
|
|
65
67
|
|
|
66
68
|
// If neither header is present, throw missing headers error
|
|
67
69
|
throw createClientConfigurationError(
|
|
68
|
-
ClientConfigurationErrorCodes.missingNonceAuthenticationHeader
|
|
70
|
+
ClientConfigurationErrorCodes.missingNonceAuthenticationHeader,
|
|
71
|
+
""
|
|
69
72
|
);
|
|
70
73
|
}
|
|
71
74
|
|