@azure/msal-node-extensions 1.5.17 → 1.5.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/bin/arm64/dpapi.node +0 -0
  2. package/bin/ia32/dpapi.node +0 -0
  3. package/bin/x64/dpapi.node +0 -0
  4. package/dist/Dpapi.mjs +1 -1
  5. package/dist/broker/NativeBrokerPlugin.d.ts +1 -0
  6. package/dist/broker/NativeBrokerPlugin.mjs +47 -23
  7. package/dist/broker/NativeBrokerPlugin.mjs.map +1 -1
  8. package/dist/error/NativeAuthError.mjs +1 -1
  9. package/dist/error/PersistenceError.mjs +1 -1
  10. package/dist/index.mjs +1 -1
  11. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs +2 -2
  12. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs.map +1 -1
  13. package/dist/lib/msal-common/dist/error/AuthError.mjs +2 -2
  14. package/dist/lib/msal-common/dist/error/AuthError.mjs.map +1 -1
  15. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs +2 -2
  16. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs.map +1 -1
  17. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs +2 -2
  18. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  19. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs +5 -3
  20. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs.map +1 -1
  21. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs +6 -4
  22. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  23. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs +2 -2
  24. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  25. package/dist/lib/msal-common/dist/error/ServerError.mjs +2 -2
  26. package/dist/lib/msal-common/dist/error/ServerError.mjs.map +1 -1
  27. package/dist/lib/msal-common/dist/logger/Logger.mjs +2 -2
  28. package/dist/lib/msal-common/dist/logger/Logger.mjs.map +1 -1
  29. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
  30. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  31. package/dist/lib/msal-common/dist/utils/Constants.mjs +2 -2
  32. package/dist/lib/msal-common/dist/utils/Constants.mjs.map +1 -1
  33. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs +2 -2
  34. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs.map +1 -1
  35. package/dist/lock/CrossPlatformLock.mjs +1 -1
  36. package/dist/packageMetadata.d.ts +1 -1
  37. package/dist/packageMetadata.mjs +2 -2
  38. package/dist/persistence/BasePersistence.mjs +1 -1
  39. package/dist/persistence/DataProtectionScope.mjs +1 -1
  40. package/dist/persistence/FilePersistence.mjs +1 -1
  41. package/dist/persistence/FilePersistenceWithDataProtection.mjs +1 -1
  42. package/dist/persistence/KeychainPersistence.mjs +1 -1
  43. package/dist/persistence/LibSecretPersistence.mjs +1 -1
  44. package/dist/persistence/PersistenceCachePlugin.mjs +1 -1
  45. package/dist/persistence/PersistenceCreator.mjs +1 -1
  46. package/dist/utils/Constants.mjs +1 -1
  47. package/dist/utils/Environment.mjs +1 -1
  48. package/dist/utils/TypeGuards.mjs +1 -1
  49. package/lib/msal-node-extensions.cjs +65 -37
  50. package/lib/msal-node-extensions.cjs.map +1 -1
  51. package/lib/types/broker/NativeBrokerPlugin.d.ts +1 -0
  52. package/lib/types/packageMetadata.d.ts +1 -1
  53. package/package.json +2 -2
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
1
+ /*! @azure/msal-node-extensions v1.5.18 2025-07-23 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -343,7 +343,7 @@ class PersistenceCachePlugin {
343
343
  }
344
344
  }
345
345
 
346
- /*! @azure/msal-common v15.8.1 2025-07-08 */
346
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
347
347
  /*
348
348
  * Copyright (c) Microsoft Corporation. All rights reserved.
349
349
  * Licensed under the MIT License.
@@ -446,7 +446,7 @@ const CacheOutcome = {
446
446
  // When a token is found in the cache or the cache is not supposed to be hit when making the request
447
447
  NOT_APPLICABLE: "0"};
448
448
 
449
- /*! @azure/msal-common v15.8.1 2025-07-08 */
449
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
450
450
  /**
451
451
  * General error class thrown by the MSAL.js library.
452
452
  */
@@ -467,7 +467,7 @@ class AuthError extends Error {
467
467
  }
468
468
  }
469
469
 
470
- /*! @azure/msal-common v15.8.1 2025-07-08 */
470
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
471
471
  /*
472
472
  * Copyright (c) Microsoft Corporation. All rights reserved.
473
473
  * Licensed under the MIT License.
@@ -517,7 +517,7 @@ const missingTenantIdError = "missing_tenant_id_error";
517
517
  const methodNotImplemented = "method_not_implemented";
518
518
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
519
519
 
520
- /*! @azure/msal-common v15.8.1 2025-07-08 */
520
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
521
521
 
522
522
  /*
523
523
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -591,7 +591,7 @@ function createClientAuthError(errorCode, additionalMessage) {
591
591
  return new ClientAuthError(errorCode, additionalMessage);
592
592
  }
593
593
 
594
- /*! @azure/msal-common v15.8.1 2025-07-08 */
594
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
595
595
 
596
596
  /*
597
597
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -782,7 +782,7 @@ class Logger {
782
782
  }
783
783
  }
784
784
 
785
- /*! @azure/msal-common v15.8.1 2025-07-08 */
785
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
786
786
  /**
787
787
  * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
788
788
  * @param seconds
@@ -794,7 +794,7 @@ function toDateFromSeconds(seconds) {
794
794
  return new Date();
795
795
  }
796
796
 
797
- /*! @azure/msal-common v15.8.1 2025-07-08 */
797
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
798
798
  /*
799
799
  * Copyright (c) Microsoft Corporation. All rights reserved.
800
800
  * Licensed under the MIT License.
@@ -819,9 +819,11 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
819
819
  const invalidAuthenticationHeader = "invalid_authentication_header";
820
820
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
821
821
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
822
- const authorityMismatch = "authority_mismatch";
822
+ const authorityMismatch = "authority_mismatch";
823
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
824
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
823
825
 
824
- /*! @azure/msal-common v15.8.1 2025-07-08 */
826
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
825
827
 
826
828
  /*
827
829
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -849,6 +851,8 @@ const ClientConfigurationErrorMessages = {
849
851
  [cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
850
852
  [cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
851
853
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
854
+ [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
855
+ [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
852
856
  };
853
857
  /**
854
858
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -864,10 +868,10 @@ function createClientConfigurationError(errorCode) {
864
868
  return new ClientConfigurationError(errorCode);
865
869
  }
866
870
 
867
- /*! @azure/msal-common v15.8.1 2025-07-08 */
871
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
868
872
  const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
869
873
 
870
- /*! @azure/msal-common v15.8.1 2025-07-08 */
874
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
871
875
 
872
876
  /*
873
877
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -886,7 +890,7 @@ class ServerError extends AuthError {
886
890
  }
887
891
  }
888
892
 
889
- /*! @azure/msal-common v15.8.1 2025-07-08 */
893
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
890
894
  /**
891
895
  * Error thrown when user interaction is required.
892
896
  */
@@ -903,7 +907,7 @@ class InteractionRequiredAuthError extends AuthError {
903
907
  }
904
908
  }
905
909
 
906
- /*! @azure/msal-common v15.8.1 2025-07-08 */
910
+ /*! @azure/msal-common v15.9.0 2025-07-23 */
907
911
 
908
912
  /*
909
913
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1803,7 +1807,7 @@ class NativeAuthError extends AuthError {
1803
1807
 
1804
1808
  /* eslint-disable header/header */
1805
1809
  const name = "@azure/msal-node-extensions";
1806
- const version = "1.5.17";
1810
+ const version = "1.5.18";
1807
1811
 
1808
1812
  /*
1809
1813
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1930,8 +1934,11 @@ class NativeBrokerPlugin {
1930
1934
  }
1931
1935
  async acquireTokenSilent(request) {
1932
1936
  this.logger.trace("NativeBrokerPlugin - acquireTokenSilent called", request.correlationId);
1933
- const authParams = this.generateRequestParameters(request);
1934
- const account = await this.getAccount(request);
1937
+ const platformRequest = request;
1938
+ const authParams = this.generateRequestParameters(platformRequest);
1939
+ const account = await this.getAccount(platformRequest);
1940
+ platformRequest.redirectUri =
1941
+ this.chooseRedirectUriByPlatform(platformRequest);
1935
1942
  return new Promise((resolve, reject) => {
1936
1943
  const resultCallback = (result) => {
1937
1944
  try {
@@ -1944,15 +1951,15 @@ class NativeBrokerPlugin {
1944
1951
  return;
1945
1952
  }
1946
1953
  }
1947
- const authenticationResult = this.getAuthenticationResult(request, result);
1954
+ const authenticationResult = this.getAuthenticationResult(platformRequest, result);
1948
1955
  resolve(authenticationResult);
1949
1956
  };
1950
1957
  try {
1951
1958
  if (account) {
1952
- msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
1959
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
1953
1960
  }
1954
1961
  else {
1955
- msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
1962
+ msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
1956
1963
  }
1957
1964
  }
1958
1965
  catch (e) {
@@ -1965,8 +1972,11 @@ class NativeBrokerPlugin {
1965
1972
  }
1966
1973
  async acquireTokenInteractive(request, providedWindowHandle) {
1967
1974
  this.logger.trace("NativeBrokerPlugin - acquireTokenInteractive called", request.correlationId);
1968
- const authParams = this.generateRequestParameters(request);
1969
- const account = await this.getAccount(request);
1975
+ const platformRequest = request;
1976
+ const authParams = this.generateRequestParameters(platformRequest);
1977
+ platformRequest.redirectUri =
1978
+ this.chooseRedirectUriByPlatform(platformRequest);
1979
+ const account = await this.getAccount(platformRequest);
1970
1980
  const windowHandle = providedWindowHandle || Buffer.from([0]);
1971
1981
  return new Promise((resolve, reject) => {
1972
1982
  const resultCallback = (result) => {
@@ -1980,37 +1990,39 @@ class NativeBrokerPlugin {
1980
1990
  return;
1981
1991
  }
1982
1992
  }
1983
- const authenticationResult = this.getAuthenticationResult(request, result);
1993
+ const authenticationResult = this.getAuthenticationResult(platformRequest, result);
1984
1994
  resolve(authenticationResult);
1985
1995
  };
1986
1996
  try {
1987
- switch (request.prompt) {
1997
+ switch (platformRequest.prompt) {
1988
1998
  case PromptValue.LOGIN:
1989
1999
  case PromptValue.SELECT_ACCOUNT:
1990
2000
  case PromptValue.CREATE:
1991
- this.logger.info("Calling native interop SignInInteractively API", request.correlationId);
1992
- const loginHint = request.loginHint || Constants.EMPTY_STRING;
1993
- msalNodeRuntime.msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
2001
+ this.logger.info("Calling native interop SignInInteractively API", platformRequest.correlationId);
2002
+ const loginHint = platformRequest.loginHint ||
2003
+ Constants.EMPTY_STRING;
2004
+ msalNodeRuntime.msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
1994
2005
  break;
1995
2006
  case PromptValue.NONE:
1996
2007
  if (account) {
1997
- this.logger.info("Calling native interop AcquireTokenSilently API", request.correlationId);
1998
- msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
2008
+ this.logger.info("Calling native interop AcquireTokenSilently API", platformRequest.correlationId);
2009
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
1999
2010
  }
2000
2011
  else {
2001
- this.logger.info("Calling native interop SignInSilently API", request.correlationId);
2002
- msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
2012
+ this.logger.info("Calling native interop SignInSilently API", platformRequest.correlationId);
2013
+ msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
2003
2014
  }
2004
2015
  break;
2005
2016
  default:
2006
2017
  if (account) {
2007
- this.logger.info("Calling native interop AcquireTokenInteractively API", request.correlationId);
2008
- msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, request.correlationId, account, resultCallback);
2018
+ this.logger.info("Calling native interop AcquireTokenInteractively API", platformRequest.correlationId);
2019
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, account, resultCallback);
2009
2020
  }
2010
2021
  else {
2011
- this.logger.info("Calling native interop SignIn API", request.correlationId);
2012
- const loginHint = request.loginHint || Constants.EMPTY_STRING;
2013
- msalNodeRuntime.msalNodeRuntime.SignInAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
2022
+ this.logger.info("Calling native interop SignIn API", platformRequest.correlationId);
2023
+ const loginHint = platformRequest.loginHint ||
2024
+ Constants.EMPTY_STRING;
2025
+ msalNodeRuntime.msalNodeRuntime.SignInAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
2014
2026
  }
2015
2027
  break;
2016
2028
  }
@@ -2093,7 +2105,7 @@ class NativeBrokerPlugin {
2093
2105
  const authParams = new msalNodeRuntime.msalNodeRuntime.AuthParameters();
2094
2106
  try {
2095
2107
  authParams.CreateAuthParameters(request.clientId, request.authority);
2096
- authParams.SetRedirectUri(request.redirectUri);
2108
+ authParams.SetRedirectUri(this.chooseRedirectUriByPlatform(request));
2097
2109
  authParams.SetRequestedScopes(request.scopes.join(" "));
2098
2110
  if (request.claims) {
2099
2111
  authParams.SetDecodedClaims(request.claims);
@@ -2130,6 +2142,22 @@ class NativeBrokerPlugin {
2130
2142
  }
2131
2143
  return authParams;
2132
2144
  }
2145
+ chooseRedirectUriByPlatform(request) {
2146
+ this.logger.trace("NativeBrokerPlugin - chooseRedirectUriByPlatform called", request.correlationId);
2147
+ let redirectUri;
2148
+ switch (process.platform) {
2149
+ case "darwin":
2150
+ redirectUri = "msauth.com.msauth.unsignedapp://auth";
2151
+ break;
2152
+ case "win32":
2153
+ redirectUri = `ms-appx-web://Microsoft.AAD.BrokerPlugin/${request.clientId}`;
2154
+ break;
2155
+ default:
2156
+ redirectUri =
2157
+ "https://login.microsoftonline.com/common/oauth2/nativeclient";
2158
+ }
2159
+ return redirectUri;
2160
+ }
2133
2161
  getAuthenticationResult(request, authResult) {
2134
2162
  this.logger.trace("NativeBrokerPlugin - getAuthenticationResult called", request.correlationId);
2135
2163
  let fromCache = false;