@azure/msal-node-extensions 1.5.17 → 1.5.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/bin/arm64/dpapi.node +0 -0
  2. package/bin/ia32/dpapi.node +0 -0
  3. package/bin/x64/dpapi.node +0 -0
  4. package/dist/Dpapi.mjs +1 -1
  5. package/dist/broker/NativeBrokerPlugin.d.ts +1 -0
  6. package/dist/broker/NativeBrokerPlugin.mjs +47 -23
  7. package/dist/broker/NativeBrokerPlugin.mjs.map +1 -1
  8. package/dist/error/NativeAuthError.mjs +1 -1
  9. package/dist/error/PersistenceError.mjs +1 -1
  10. package/dist/index.mjs +1 -1
  11. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs +2 -2
  12. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs.map +1 -1
  13. package/dist/lib/msal-common/dist/error/AuthError.mjs +2 -2
  14. package/dist/lib/msal-common/dist/error/AuthError.mjs.map +1 -1
  15. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs +2 -2
  16. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs.map +1 -1
  17. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs +2 -2
  18. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  19. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs +5 -3
  20. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs.map +1 -1
  21. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs +6 -4
  22. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  23. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs +2 -2
  24. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  25. package/dist/lib/msal-common/dist/error/ServerError.mjs +2 -2
  26. package/dist/lib/msal-common/dist/error/ServerError.mjs.map +1 -1
  27. package/dist/lib/msal-common/dist/logger/Logger.mjs +2 -2
  28. package/dist/lib/msal-common/dist/logger/Logger.mjs.map +1 -1
  29. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
  30. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  31. package/dist/lib/msal-common/dist/utils/Constants.mjs +2 -4
  32. package/dist/lib/msal-common/dist/utils/Constants.mjs.map +1 -1
  33. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs +2 -2
  34. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs.map +1 -1
  35. package/dist/lock/CrossPlatformLock.mjs +1 -1
  36. package/dist/packageMetadata.d.ts +1 -1
  37. package/dist/packageMetadata.mjs +2 -2
  38. package/dist/persistence/BasePersistence.mjs +1 -1
  39. package/dist/persistence/DataProtectionScope.mjs +1 -1
  40. package/dist/persistence/FilePersistence.mjs +1 -1
  41. package/dist/persistence/FilePersistenceWithDataProtection.mjs +1 -1
  42. package/dist/persistence/KeychainPersistence.mjs +1 -1
  43. package/dist/persistence/LibSecretPersistence.mjs +1 -1
  44. package/dist/persistence/PersistenceCachePlugin.mjs +1 -1
  45. package/dist/persistence/PersistenceCreator.mjs +1 -1
  46. package/dist/utils/Constants.mjs +1 -1
  47. package/dist/utils/Environment.mjs +1 -1
  48. package/dist/utils/TypeGuards.mjs +1 -1
  49. package/lib/msal-node-extensions.cjs +76 -50
  50. package/lib/msal-node-extensions.cjs.map +1 -1
  51. package/lib/types/broker/NativeBrokerPlugin.d.ts +1 -0
  52. package/lib/types/packageMetadata.d.ts +1 -1
  53. package/package.json +2 -2
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v1.5.17 2025-07-08 */
1
+ /*! @azure/msal-node-extensions v1.5.19 2025-08-05 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -343,7 +343,7 @@ class PersistenceCachePlugin {
343
343
  }
344
344
  }
345
345
 
346
- /*! @azure/msal-common v15.8.1 2025-07-08 */
346
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
347
347
  /*
348
348
  * Copyright (c) Microsoft Corporation. All rights reserved.
349
349
  * Licensed under the MIT License.
@@ -351,8 +351,6 @@ class PersistenceCachePlugin {
351
351
  const Constants = {
352
352
  LIBRARY_NAME: "MSAL.JS",
353
353
  SKU: "msal.js.common",
354
- // Prefix for all library cache entries
355
- CACHE_PREFIX: "msal",
356
354
  // default authority
357
355
  DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
358
356
  DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
@@ -446,7 +444,7 @@ const CacheOutcome = {
446
444
  // When a token is found in the cache or the cache is not supposed to be hit when making the request
447
445
  NOT_APPLICABLE: "0"};
448
446
 
449
- /*! @azure/msal-common v15.8.1 2025-07-08 */
447
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
450
448
  /**
451
449
  * General error class thrown by the MSAL.js library.
452
450
  */
@@ -467,7 +465,7 @@ class AuthError extends Error {
467
465
  }
468
466
  }
469
467
 
470
- /*! @azure/msal-common v15.8.1 2025-07-08 */
468
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
471
469
  /*
472
470
  * Copyright (c) Microsoft Corporation. All rights reserved.
473
471
  * Licensed under the MIT License.
@@ -517,7 +515,7 @@ const missingTenantIdError = "missing_tenant_id_error";
517
515
  const methodNotImplemented = "method_not_implemented";
518
516
  const nestedAppAuthBridgeDisabled = "nested_app_auth_bridge_disabled";
519
517
 
520
- /*! @azure/msal-common v15.8.1 2025-07-08 */
518
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
521
519
 
522
520
  /*
523
521
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -591,7 +589,7 @@ function createClientAuthError(errorCode, additionalMessage) {
591
589
  return new ClientAuthError(errorCode, additionalMessage);
592
590
  }
593
591
 
594
- /*! @azure/msal-common v15.8.1 2025-07-08 */
592
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
595
593
 
596
594
  /*
597
595
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -782,19 +780,7 @@ class Logger {
782
780
  }
783
781
  }
784
782
 
785
- /*! @azure/msal-common v15.8.1 2025-07-08 */
786
- /**
787
- * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
788
- * @param seconds
789
- */
790
- function toDateFromSeconds(seconds) {
791
- if (seconds) {
792
- return new Date(Number(seconds) * 1000);
793
- }
794
- return new Date();
795
- }
796
-
797
- /*! @azure/msal-common v15.8.1 2025-07-08 */
783
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
798
784
  /*
799
785
  * Copyright (c) Microsoft Corporation. All rights reserved.
800
786
  * Licensed under the MIT License.
@@ -819,9 +805,11 @@ const missingNonceAuthenticationHeader = "missing_nonce_authentication_header";
819
805
  const invalidAuthenticationHeader = "invalid_authentication_header";
820
806
  const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
821
807
  const cannotAllowPlatformBroker = "cannot_allow_platform_broker";
822
- const authorityMismatch = "authority_mismatch";
808
+ const authorityMismatch = "authority_mismatch";
809
+ const invalidRequestMethodForEAR = "invalid_request_method_for_EAR";
810
+ const invalidAuthorizePostBodyParameters = "invalid_authorize_post_body_parameters";
823
811
 
824
- /*! @azure/msal-common v15.8.1 2025-07-08 */
812
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
825
813
 
826
814
  /*
827
815
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -849,6 +837,8 @@ const ClientConfigurationErrorMessages = {
849
837
  [cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.",
850
838
  [cannotAllowPlatformBroker]: "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.",
851
839
  [authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
840
+ [invalidAuthorizePostBodyParameters]: "Invalid authorize post body parameters provided. If you are using authorizePostBodyParameters, the request method must be POST. Please check the request method and parameters.",
841
+ [invalidRequestMethodForEAR]: "Invalid request method for EAR protocol mode. The request method cannot be GET when using EAR protocol mode. Please change the request method to POST.",
852
842
  };
853
843
  /**
854
844
  * Error thrown when there is an error in configuration of the MSAL.js library.
@@ -864,10 +854,22 @@ function createClientConfigurationError(errorCode) {
864
854
  return new ClientConfigurationError(errorCode);
865
855
  }
866
856
 
867
- /*! @azure/msal-common v15.8.1 2025-07-08 */
857
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
868
858
  const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
869
859
 
870
- /*! @azure/msal-common v15.8.1 2025-07-08 */
860
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
861
+ /**
862
+ * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
863
+ * @param seconds
864
+ */
865
+ function toDateFromSeconds(seconds) {
866
+ if (seconds) {
867
+ return new Date(Number(seconds) * 1000);
868
+ }
869
+ return new Date();
870
+ }
871
+
872
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
871
873
 
872
874
  /*
873
875
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -886,7 +888,7 @@ class ServerError extends AuthError {
886
888
  }
887
889
  }
888
890
 
889
- /*! @azure/msal-common v15.8.1 2025-07-08 */
891
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
890
892
  /**
891
893
  * Error thrown when user interaction is required.
892
894
  */
@@ -903,7 +905,7 @@ class InteractionRequiredAuthError extends AuthError {
903
905
  }
904
906
  }
905
907
 
906
- /*! @azure/msal-common v15.8.1 2025-07-08 */
908
+ /*! @azure/msal-common v15.10.0 2025-08-05 */
907
909
 
908
910
  /*
909
911
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1803,7 +1805,7 @@ class NativeAuthError extends AuthError {
1803
1805
 
1804
1806
  /* eslint-disable header/header */
1805
1807
  const name = "@azure/msal-node-extensions";
1806
- const version = "1.5.17";
1808
+ const version = "1.5.19";
1807
1809
 
1808
1810
  /*
1809
1811
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1930,8 +1932,11 @@ class NativeBrokerPlugin {
1930
1932
  }
1931
1933
  async acquireTokenSilent(request) {
1932
1934
  this.logger.trace("NativeBrokerPlugin - acquireTokenSilent called", request.correlationId);
1933
- const authParams = this.generateRequestParameters(request);
1934
- const account = await this.getAccount(request);
1935
+ const platformRequest = request;
1936
+ const authParams = this.generateRequestParameters(platformRequest);
1937
+ const account = await this.getAccount(platformRequest);
1938
+ platformRequest.redirectUri =
1939
+ this.chooseRedirectUriByPlatform(platformRequest);
1935
1940
  return new Promise((resolve, reject) => {
1936
1941
  const resultCallback = (result) => {
1937
1942
  try {
@@ -1944,15 +1949,15 @@ class NativeBrokerPlugin {
1944
1949
  return;
1945
1950
  }
1946
1951
  }
1947
- const authenticationResult = this.getAuthenticationResult(request, result);
1952
+ const authenticationResult = this.getAuthenticationResult(platformRequest, result);
1948
1953
  resolve(authenticationResult);
1949
1954
  };
1950
1955
  try {
1951
1956
  if (account) {
1952
- msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
1957
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
1953
1958
  }
1954
1959
  else {
1955
- msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
1960
+ msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
1956
1961
  }
1957
1962
  }
1958
1963
  catch (e) {
@@ -1965,8 +1970,11 @@ class NativeBrokerPlugin {
1965
1970
  }
1966
1971
  async acquireTokenInteractive(request, providedWindowHandle) {
1967
1972
  this.logger.trace("NativeBrokerPlugin - acquireTokenInteractive called", request.correlationId);
1968
- const authParams = this.generateRequestParameters(request);
1969
- const account = await this.getAccount(request);
1973
+ const platformRequest = request;
1974
+ const authParams = this.generateRequestParameters(platformRequest);
1975
+ platformRequest.redirectUri =
1976
+ this.chooseRedirectUriByPlatform(platformRequest);
1977
+ const account = await this.getAccount(platformRequest);
1970
1978
  const windowHandle = providedWindowHandle || Buffer.from([0]);
1971
1979
  return new Promise((resolve, reject) => {
1972
1980
  const resultCallback = (result) => {
@@ -1980,37 +1988,39 @@ class NativeBrokerPlugin {
1980
1988
  return;
1981
1989
  }
1982
1990
  }
1983
- const authenticationResult = this.getAuthenticationResult(request, result);
1991
+ const authenticationResult = this.getAuthenticationResult(platformRequest, result);
1984
1992
  resolve(authenticationResult);
1985
1993
  };
1986
1994
  try {
1987
- switch (request.prompt) {
1995
+ switch (platformRequest.prompt) {
1988
1996
  case PromptValue.LOGIN:
1989
1997
  case PromptValue.SELECT_ACCOUNT:
1990
1998
  case PromptValue.CREATE:
1991
- this.logger.info("Calling native interop SignInInteractively API", request.correlationId);
1992
- const loginHint = request.loginHint || Constants.EMPTY_STRING;
1993
- msalNodeRuntime.msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
1999
+ this.logger.info("Calling native interop SignInInteractively API", platformRequest.correlationId);
2000
+ const loginHint = platformRequest.loginHint ||
2001
+ Constants.EMPTY_STRING;
2002
+ msalNodeRuntime.msalNodeRuntime.SignInInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
1994
2003
  break;
1995
2004
  case PromptValue.NONE:
1996
2005
  if (account) {
1997
- this.logger.info("Calling native interop AcquireTokenSilently API", request.correlationId);
1998
- msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, request.correlationId, account, resultCallback);
2006
+ this.logger.info("Calling native interop AcquireTokenSilently API", platformRequest.correlationId);
2007
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenSilentlyAsync(authParams, platformRequest.correlationId, account, resultCallback);
1999
2008
  }
2000
2009
  else {
2001
- this.logger.info("Calling native interop SignInSilently API", request.correlationId);
2002
- msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, request.correlationId, resultCallback);
2010
+ this.logger.info("Calling native interop SignInSilently API", platformRequest.correlationId);
2011
+ msalNodeRuntime.msalNodeRuntime.SignInSilentlyAsync(authParams, platformRequest.correlationId, resultCallback);
2003
2012
  }
2004
2013
  break;
2005
2014
  default:
2006
2015
  if (account) {
2007
- this.logger.info("Calling native interop AcquireTokenInteractively API", request.correlationId);
2008
- msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, request.correlationId, account, resultCallback);
2016
+ this.logger.info("Calling native interop AcquireTokenInteractively API", platformRequest.correlationId);
2017
+ msalNodeRuntime.msalNodeRuntime.AcquireTokenInteractivelyAsync(windowHandle, authParams, platformRequest.correlationId, account, resultCallback);
2009
2018
  }
2010
2019
  else {
2011
- this.logger.info("Calling native interop SignIn API", request.correlationId);
2012
- const loginHint = request.loginHint || Constants.EMPTY_STRING;
2013
- msalNodeRuntime.msalNodeRuntime.SignInAsync(windowHandle, authParams, request.correlationId, loginHint, resultCallback);
2020
+ this.logger.info("Calling native interop SignIn API", platformRequest.correlationId);
2021
+ const loginHint = platformRequest.loginHint ||
2022
+ Constants.EMPTY_STRING;
2023
+ msalNodeRuntime.msalNodeRuntime.SignInAsync(windowHandle, authParams, platformRequest.correlationId, loginHint, resultCallback);
2014
2024
  }
2015
2025
  break;
2016
2026
  }
@@ -2093,7 +2103,7 @@ class NativeBrokerPlugin {
2093
2103
  const authParams = new msalNodeRuntime.msalNodeRuntime.AuthParameters();
2094
2104
  try {
2095
2105
  authParams.CreateAuthParameters(request.clientId, request.authority);
2096
- authParams.SetRedirectUri(request.redirectUri);
2106
+ authParams.SetRedirectUri(this.chooseRedirectUriByPlatform(request));
2097
2107
  authParams.SetRequestedScopes(request.scopes.join(" "));
2098
2108
  if (request.claims) {
2099
2109
  authParams.SetDecodedClaims(request.claims);
@@ -2130,6 +2140,22 @@ class NativeBrokerPlugin {
2130
2140
  }
2131
2141
  return authParams;
2132
2142
  }
2143
+ chooseRedirectUriByPlatform(request) {
2144
+ this.logger.trace("NativeBrokerPlugin - chooseRedirectUriByPlatform called", request.correlationId);
2145
+ let redirectUri;
2146
+ switch (process.platform) {
2147
+ case "darwin":
2148
+ redirectUri = "msauth.com.msauth.unsignedapp://auth";
2149
+ break;
2150
+ case "win32":
2151
+ redirectUri = `ms-appx-web://Microsoft.AAD.BrokerPlugin/${request.clientId}`;
2152
+ break;
2153
+ default:
2154
+ redirectUri =
2155
+ "https://login.microsoftonline.com/common/oauth2/nativeclient";
2156
+ }
2157
+ return redirectUri;
2158
+ }
2133
2159
  getAuthenticationResult(request, authResult) {
2134
2160
  this.logger.trace("NativeBrokerPlugin - getAuthenticationResult called", request.correlationId);
2135
2161
  let fromCache = false;