@azure/msal-node-extensions 1.5.17 → 1.5.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/arm64/dpapi.node +0 -0
- package/bin/ia32/dpapi.node +0 -0
- package/bin/x64/dpapi.node +0 -0
- package/dist/Dpapi.mjs +1 -1
- package/dist/broker/NativeBrokerPlugin.d.ts +1 -0
- package/dist/broker/NativeBrokerPlugin.mjs +47 -23
- package/dist/broker/NativeBrokerPlugin.mjs.map +1 -1
- package/dist/error/NativeAuthError.mjs +1 -1
- package/dist/error/PersistenceError.mjs +1 -1
- package/dist/index.mjs +1 -1
- package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs +2 -2
- package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/AuthError.mjs +2 -2
- package/dist/lib/msal-common/dist/error/AuthError.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/ClientAuthError.mjs +2 -2
- package/dist/lib/msal-common/dist/error/ClientAuthError.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs +2 -2
- package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs +5 -3
- package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs +6 -4
- package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs +2 -2
- package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
- package/dist/lib/msal-common/dist/error/ServerError.mjs +2 -2
- package/dist/lib/msal-common/dist/error/ServerError.mjs.map +1 -1
- package/dist/lib/msal-common/dist/logger/Logger.mjs +2 -2
- package/dist/lib/msal-common/dist/logger/Logger.mjs.map +1 -1
- package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
- package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
- package/dist/lib/msal-common/dist/utils/Constants.mjs +2 -4
- package/dist/lib/msal-common/dist/utils/Constants.mjs.map +1 -1
- package/dist/lib/msal-common/dist/utils/TimeUtils.mjs +2 -2
- package/dist/lib/msal-common/dist/utils/TimeUtils.mjs.map +1 -1
- package/dist/lock/CrossPlatformLock.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/persistence/BasePersistence.mjs +1 -1
- package/dist/persistence/DataProtectionScope.mjs +1 -1
- package/dist/persistence/FilePersistence.mjs +1 -1
- package/dist/persistence/FilePersistenceWithDataProtection.mjs +1 -1
- package/dist/persistence/KeychainPersistence.mjs +1 -1
- package/dist/persistence/LibSecretPersistence.mjs +1 -1
- package/dist/persistence/PersistenceCachePlugin.mjs +1 -1
- package/dist/persistence/PersistenceCreator.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/Environment.mjs +1 -1
- package/dist/utils/TypeGuards.mjs +1 -1
- package/lib/msal-node-extensions.cjs +76 -50
- package/lib/msal-node-extensions.cjs.map +1 -1
- package/lib/types/broker/NativeBrokerPlugin.d.ts +1 -0
- package/lib/types/packageMetadata.d.ts +1 -1
- package/package.json +2 -2
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-node-extensions v1.5.
|
|
1
|
+
/*! @azure/msal-node-extensions v1.5.19 2025-08-05 */
|
|
2
2
|
'use strict';
|
|
3
3
|
'use strict';
|
|
4
4
|
|
|
@@ -343,7 +343,7 @@ class PersistenceCachePlugin {
|
|
|
343
343
|
}
|
|
344
344
|
}
|
|
345
345
|
|
|
346
|
-
/*! @azure/msal-common v15.
|
|
346
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
347
347
|
/*
|
|
348
348
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
349
349
|
* Licensed under the MIT License.
|
|
@@ -351,8 +351,6 @@ class PersistenceCachePlugin {
|
|
|
351
351
|
const Constants = {
|
|
352
352
|
LIBRARY_NAME: "MSAL.JS",
|
|
353
353
|
SKU: "msal.js.common",
|
|
354
|
-
// Prefix for all library cache entries
|
|
355
|
-
CACHE_PREFIX: "msal",
|
|
356
354
|
// default authority
|
|
357
355
|
DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
|
|
358
356
|
DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
|
|
@@ -446,7 +444,7 @@ const CacheOutcome = {
|
|
|
446
444
|
// When a token is found in the cache or the cache is not supposed to be hit when making the request
|
|
447
445
|
NOT_APPLICABLE: "0"};
|
|
448
446
|
|
|
449
|
-
/*! @azure/msal-common v15.
|
|
447
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
450
448
|
/**
|
|
451
449
|
* General error class thrown by the MSAL.js library.
|
|
452
450
|
*/
|
|
@@ -467,7 +465,7 @@ class AuthError extends Error {
|
|
|
467
465
|
}
|
|
468
466
|
}
|
|
469
467
|
|
|
470
|
-
/*! @azure/msal-common v15.
|
|
468
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
471
469
|
/*
|
|
472
470
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
473
471
|
* Licensed under the MIT License.
|
|
@@ -517,7 +515,7 @@ const missingTenantIdError = "missing_tenant_id_error";
|
|
|
517
515
|
const methodNotImplemented = "method_not_implemented";
|
|
518
516
|
const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
|
|
519
517
|
|
|
520
|
-
/*! @azure/msal-common v15.
|
|
518
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
521
519
|
|
|
522
520
|
/*
|
|
523
521
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -591,7 +589,7 @@ function createClientAuthError(errorCode, additionalMessage) {
|
|
|
591
589
|
return new ClientAuthError(errorCode, additionalMessage);
|
|
592
590
|
}
|
|
593
591
|
|
|
594
|
-
/*! @azure/msal-common v15.
|
|
592
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
595
593
|
|
|
596
594
|
/*
|
|
597
595
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -782,19 +780,7 @@ class Logger {
|
|
|
782
780
|
}
|
|
783
781
|
}
|
|
784
782
|
|
|
785
|
-
/*! @azure/msal-common v15.
|
|
786
|
-
/**
|
|
787
|
-
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
788
|
-
* @param seconds
|
|
789
|
-
*/
|
|
790
|
-
function toDateFromSeconds(seconds) {
|
|
791
|
-
if (seconds) {
|
|
792
|
-
return new Date(Number(seconds) * 1000);
|
|
793
|
-
}
|
|
794
|
-
return new Date();
|
|
795
|
-
}
|
|
796
|
-
|
|
797
|
-
/*! @azure/msal-common v15.8.1 2025-07-08 */
|
|
783
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
798
784
|
/*
|
|
799
785
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
800
786
|
* Licensed under the MIT License.
|
|
@@ -819,9 +805,11 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
|
|
|
819
805
|
const invalidAuthenticationHeader = "invalid_authentication_header";
|
|
820
806
|
const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
|
|
821
807
|
const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
|
|
822
|
-
const authorityMismatch = "authority_mismatch";
|
|
808
|
+
const authorityMismatch = "authority_mismatch";
|
|
809
|
+
const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
|
|
810
|
+
const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
|
|
823
811
|
|
|
824
|
-
/*! @azure/msal-common v15.
|
|
812
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
825
813
|
|
|
826
814
|
/*
|
|
827
815
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -849,6 +837,8 @@ const ClientConfigurationErrorMessages = {
|
|
|
849
837
|
[cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
|
|
850
838
|
[cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
|
|
851
839
|
[authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
|
|
840
|
+
[invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
|
|
841
|
+
[invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
|
|
852
842
|
};
|
|
853
843
|
/**
|
|
854
844
|
* Error thrown when there is an error in configuration of the MSAL.js library.
|
|
@@ -864,10 +854,22 @@ function createClientConfigurationError(errorCode) {
|
|
|
864
854
|
return new ClientConfigurationError(errorCode);
|
|
865
855
|
}
|
|
866
856
|
|
|
867
|
-
/*! @azure/msal-common v15.
|
|
857
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
868
858
|
const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
|
|
869
859
|
|
|
870
|
-
/*! @azure/msal-common v15.
|
|
860
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
861
|
+
/**
|
|
862
|
+
* Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
|
|
863
|
+
* @param seconds
|
|
864
|
+
*/
|
|
865
|
+
function toDateFromSeconds(seconds) {
|
|
866
|
+
if (seconds) {
|
|
867
|
+
return new Date(Number(seconds) * 1000);
|
|
868
|
+
}
|
|
869
|
+
return new Date();
|
|
870
|
+
}
|
|
871
|
+
|
|
872
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
871
873
|
|
|
872
874
|
/*
|
|
873
875
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -886,7 +888,7 @@ class ServerError extends AuthError {
|
|
|
886
888
|
}
|
|
887
889
|
}
|
|
888
890
|
|
|
889
|
-
/*! @azure/msal-common v15.
|
|
891
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
890
892
|
/**
|
|
891
893
|
* Error thrown when user interaction is required.
|
|
892
894
|
*/
|
|
@@ -903,7 +905,7 @@ class InteractionRequiredAuthError extends AuthError {
|
|
|
903
905
|
}
|
|
904
906
|
}
|
|
905
907
|
|
|
906
|
-
/*! @azure/msal-common v15.
|
|
908
|
+
/*! @azure/msal-common v15.10.0 2025-08-05 */
|
|
907
909
|
|
|
908
910
|
/*
|
|
909
911
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1803,7 +1805,7 @@ class NativeAuthError extends AuthError {
|
|
|
1803
1805
|
|
|
1804
1806
|
/* eslint-disable header/header */
|
|
1805
1807
|
const name = "@azure/msal-node-extensions";
|
|
1806
|
-
const version = "1.5.
|
|
1808
|
+
const version = "1.5.19";
|
|
1807
1809
|
|
|
1808
1810
|
/*
|
|
1809
1811
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
@@ -1930,8 +1932,11 @@ class NativeBrokerPlugin {
|
|
|
1930
1932
|
}
|
|
1931
1933
|
async acquireTokenSilent(request) {
|
|
1932
1934
|
this.logger.trace("NativeBrokerPlugin - acquireTokenSilent called", request.correlationId);
|
|
1933
|
-
const
|
|
1934
|
-
const
|
|
1935
|
+
const platformRequest = request;
|
|
1936
|
+
const authParams = this.generateRequestParameters(platformRequest);
|
|
1937
|
+
const account = await this.getAccount(platformRequest);
|
|
1938
|
+
platformRequest.redirectUri =
|
|
1939
|
+
this.chooseRedirectUriByPlatform(platformRequest);
|
|
1935
1940
|
return new Promise((resolve, reject) => {
|
|
1936
1941
|
const resultCallback = (result) => {
|
|
1937
1942
|
try {
|
|
@@ -1944,15 +1949,15 @@ class NativeBrokerPlugin {
|
|
|
1944
1949
|
return;
|
|
1945
1950
|
}
|
|
1946
1951
|
}
|
|
1947
|
-
const authenticationResult = this.getAuthenticationResult(
|
|
1952
|
+
const authenticationResult = this.getAuthenticationResult(platformRequest, result);
|
|
1948
1953
|
resolve(authenticationResult);
|
|
1949
1954
|
};
|
|
1950
1955
|
try {
|
|
1951
1956
|
if (account) {
|
|
1952
|
-
msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams,
|
|
1957
|
+
msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
|
|
1953
1958
|
}
|
|
1954
1959
|
else {
|
|
1955
|
-
msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams,
|
|
1960
|
+
msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
|
|
1956
1961
|
}
|
|
1957
1962
|
}
|
|
1958
1963
|
catch (e) {
|
|
@@ -1965,8 +1970,11 @@ class NativeBrokerPlugin {
|
|
|
1965
1970
|
}
|
|
1966
1971
|
async acquireTokenInteractive(request, providedWindowHandle) {
|
|
1967
1972
|
this.logger.trace("NativeBrokerPlugin - acquireTokenInteractive called", request.correlationId);
|
|
1968
|
-
const
|
|
1969
|
-
const
|
|
1973
|
+
const platformRequest = request;
|
|
1974
|
+
const authParams = this.generateRequestParameters(platformRequest);
|
|
1975
|
+
platformRequest.redirectUri =
|
|
1976
|
+
this.chooseRedirectUriByPlatform(platformRequest);
|
|
1977
|
+
const account = await this.getAccount(platformRequest);
|
|
1970
1978
|
const windowHandle = providedWindowHandle || Buffer.from([0]);
|
|
1971
1979
|
return new Promise((resolve, reject) => {
|
|
1972
1980
|
const resultCallback = (result) => {
|
|
@@ -1980,37 +1988,39 @@ class NativeBrokerPlugin {
|
|
|
1980
1988
|
return;
|
|
1981
1989
|
}
|
|
1982
1990
|
}
|
|
1983
|
-
const authenticationResult = this.getAuthenticationResult(
|
|
1991
|
+
const authenticationResult = this.getAuthenticationResult(platformRequest, result);
|
|
1984
1992
|
resolve(authenticationResult);
|
|
1985
1993
|
};
|
|
1986
1994
|
try {
|
|
1987
|
-
switch (
|
|
1995
|
+
switch (platformRequest.prompt) {
|
|
1988
1996
|
case PromptValue.LOGIN:
|
|
1989
1997
|
case PromptValue.SELECT_ACCOUNT:
|
|
1990
1998
|
case PromptValue.CREATE:
|
|
1991
|
-
this.logger.info("Calling native interop SignInInteractively API",
|
|
1992
|
-
const loginHint =
|
|
1993
|
-
|
|
1999
|
+
this.logger.info("Calling native interop SignInInteractively API", platformRequest.correlationId);
|
|
2000
|
+
const loginHint = platformRequest.loginHint ||
|
|
2001
|
+
Constants.EMPTY_STRING;
|
|
2002
|
+
msalNodeRuntime.msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
|
|
1994
2003
|
break;
|
|
1995
2004
|
case PromptValue.NONE:
|
|
1996
2005
|
if (account) {
|
|
1997
|
-
this.logger.info("Calling native interop AcquireTokenSilently API",
|
|
1998
|
-
msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams,
|
|
2006
|
+
this.logger.info("Calling native interop AcquireTokenSilently API", platformRequest.correlationId);
|
|
2007
|
+
msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
|
|
1999
2008
|
}
|
|
2000
2009
|
else {
|
|
2001
|
-
this.logger.info("Calling native interop SignInSilently API",
|
|
2002
|
-
msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams,
|
|
2010
|
+
this.logger.info("Calling native interop SignInSilently API", platformRequest.correlationId);
|
|
2011
|
+
msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
|
|
2003
2012
|
}
|
|
2004
2013
|
break;
|
|
2005
2014
|
default:
|
|
2006
2015
|
if (account) {
|
|
2007
|
-
this.logger.info("Calling native interop AcquireTokenInteractively API",
|
|
2008
|
-
msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams,
|
|
2016
|
+
this.logger.info("Calling native interop AcquireTokenInteractively API", platformRequest.correlationId);
|
|
2017
|
+
msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, account, resultCallback);
|
|
2009
2018
|
}
|
|
2010
2019
|
else {
|
|
2011
|
-
this.logger.info("Calling native interop SignIn API",
|
|
2012
|
-
const loginHint =
|
|
2013
|
-
|
|
2020
|
+
this.logger.info("Calling native interop SignIn API", platformRequest.correlationId);
|
|
2021
|
+
const loginHint = platformRequest.loginHint ||
|
|
2022
|
+
Constants.EMPTY_STRING;
|
|
2023
|
+
msalNodeRuntime.msalNodeRuntime.SignInAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
|
|
2014
2024
|
}
|
|
2015
2025
|
break;
|
|
2016
2026
|
}
|
|
@@ -2093,7 +2103,7 @@ class NativeBrokerPlugin {
|
|
|
2093
2103
|
const authParams = new msalNodeRuntime.msalNodeRuntime.AuthParameters();
|
|
2094
2104
|
try {
|
|
2095
2105
|
authParams.CreateAuthParameters(request.clientId, request.authority);
|
|
2096
|
-
authParams.SetRedirectUri(request
|
|
2106
|
+
authParams.SetRedirectUri(this.chooseRedirectUriByPlatform(request));
|
|
2097
2107
|
authParams.SetRequestedScopes(request.scopes.join(" "));
|
|
2098
2108
|
if (request.claims) {
|
|
2099
2109
|
authParams.SetDecodedClaims(request.claims);
|
|
@@ -2130,6 +2140,22 @@ class NativeBrokerPlugin {
|
|
|
2130
2140
|
}
|
|
2131
2141
|
return authParams;
|
|
2132
2142
|
}
|
|
2143
|
+
chooseRedirectUriByPlatform(request) {
|
|
2144
|
+
this.logger.trace("NativeBrokerPlugin - chooseRedirectUriByPlatform called", request.correlationId);
|
|
2145
|
+
let redirectUri;
|
|
2146
|
+
switch (process.platform) {
|
|
2147
|
+
case "darwin":
|
|
2148
|
+
redirectUri = "msauth.com.msauth.unsignedapp://auth";
|
|
2149
|
+
break;
|
|
2150
|
+
case "win32":
|
|
2151
|
+
redirectUri = `ms-appx-web://Microsoft.AAD.BrokerPlugin/${request.clientId}`;
|
|
2152
|
+
break;
|
|
2153
|
+
default:
|
|
2154
|
+
redirectUri =
|
|
2155
|
+
"https://login.microsoftonline.com/common/oauth2/nativeclient";
|
|
2156
|
+
}
|
|
2157
|
+
return redirectUri;
|
|
2158
|
+
}
|
|
2133
2159
|
getAuthenticationResult(request, authResult) {
|
|
2134
2160
|
this.logger.trace("NativeBrokerPlugin - getAuthenticationResult called", request.correlationId);
|
|
2135
2161
|
let fromCache = false;
|