@azure/msal-node-extensions 5.3.2 → 5.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (50) hide show
  1. package/bin/arm64/dpapi.node +0 -0
  2. package/bin/ia32/dpapi.node +0 -0
  3. package/bin/x64/dpapi.node +0 -0
  4. package/dist/Dpapi.mjs +1 -1
  5. package/dist/broker/NativeBrokerPlugin.mjs +1 -1
  6. package/dist/error/PersistenceError.mjs +1 -1
  7. package/dist/index.mjs +1 -1
  8. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs +2 -2
  9. package/dist/lib/msal-common/dist/constants/AADServerParamKeys.mjs.map +1 -1
  10. package/dist/lib/msal-common/dist/error/AuthError.mjs +2 -2
  11. package/dist/lib/msal-common/dist/error/AuthError.mjs.map +1 -1
  12. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs +2 -2
  13. package/dist/lib/msal-common/dist/error/ClientAuthError.mjs.map +1 -1
  14. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs +2 -2
  15. package/dist/lib/msal-common/dist/error/ClientAuthErrorCodes.mjs.map +1 -1
  16. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs +2 -2
  17. package/dist/lib/msal-common/dist/error/ClientConfigurationError.mjs.map +1 -1
  18. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs +2 -2
  19. package/dist/lib/msal-common/dist/error/ClientConfigurationErrorCodes.mjs.map +1 -1
  20. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs +2 -2
  21. package/dist/lib/msal-common/dist/error/InteractionRequiredAuthError.mjs.map +1 -1
  22. package/dist/lib/msal-common/dist/error/PlatformBrokerError.mjs +2 -2
  23. package/dist/lib/msal-common/dist/error/PlatformBrokerError.mjs.map +1 -1
  24. package/dist/lib/msal-common/dist/error/ServerError.mjs +2 -2
  25. package/dist/lib/msal-common/dist/error/ServerError.mjs.map +1 -1
  26. package/dist/lib/msal-common/dist/logger/Logger.mjs +2 -2
  27. package/dist/lib/msal-common/dist/logger/Logger.mjs.map +1 -1
  28. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs +2 -2
  29. package/dist/lib/msal-common/dist/telemetry/server/ServerTelemetryManager.mjs.map +1 -1
  30. package/dist/lib/msal-common/dist/utils/Constants.mjs +2 -2
  31. package/dist/lib/msal-common/dist/utils/Constants.mjs.map +1 -1
  32. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs +2 -2
  33. package/dist/lib/msal-common/dist/utils/TimeUtils.mjs.map +1 -1
  34. package/dist/lock/CrossPlatformLock.mjs +1 -1
  35. package/dist/packageMetadata.mjs +2 -2
  36. package/dist/persistence/BasePersistence.mjs +1 -1
  37. package/dist/persistence/DataProtectionScope.mjs +1 -1
  38. package/dist/persistence/FilePersistence.mjs +1 -1
  39. package/dist/persistence/FilePersistenceWithDataProtection.mjs +1 -1
  40. package/dist/persistence/KeychainPersistence.mjs +1 -1
  41. package/dist/persistence/LibSecretPersistence.mjs +1 -1
  42. package/dist/persistence/PersistenceCachePlugin.mjs +1 -1
  43. package/dist/persistence/PersistenceCreator.mjs +1 -1
  44. package/dist/utils/Constants.mjs +1 -1
  45. package/dist/utils/Environment.mjs +1 -1
  46. package/dist/utils/TypeGuards.mjs +1 -1
  47. package/lib/msal-node-extensions.cjs +15 -15
  48. package/lib/msal-node-extensions.cjs.map +1 -1
  49. package/package.json +2 -2
  50. package/types/packageMetadata.d.ts +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"Constants.mjs","sources":["../../../../../../../lib/msal-common/dist/utils/Constants.mjs"],"sourcesContent":["/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst SKU = \"msal.js.common\";\r\n// default authority\r\nconst DEFAULT_AUTHORITY = \"https://login.microsoftonline.com/common/\";\r\nconst DEFAULT_AUTHORITY_HOST = \"login.microsoftonline.com\";\r\nconst DEFAULT_COMMON_TENANT = \"common\";\r\n// ADFS String\r\nconst ADFS = \"adfs\";\r\nconst DSTS = \"dstsv2\";\r\n// Default AAD Instance Discovery Endpoint\r\nconst AAD_INSTANCE_DISCOVERY_ENDPT = `${DEFAULT_AUTHORITY}discovery/instance?api-version=1.1&authorization_endpoint=`;\r\n// CIAM URL\r\nconst CIAM_AUTH_URL = \".ciamlogin.com\";\r\nconst AAD_TENANT_DOMAIN_SUFFIX = \".onmicrosoft.com\";\r\n// Resource delimiter - used for certain cache entries\r\nconst RESOURCE_DELIM = \"|\";\r\n// Consumer UTID\r\nconst CONSUMER_UTID = \"9188040d-6c67-4c5b-b112-36a304b66dad\";\r\n// Default scopes\r\nconst OPENID_SCOPE = \"openid\";\r\nconst PROFILE_SCOPE = \"profile\";\r\nconst OFFLINE_ACCESS_SCOPE = \"offline_access\";\r\nconst EMAIL_SCOPE = \"email\";\r\nconst CODE_GRANT_TYPE = \"authorization_code\";\r\nconst S256_CODE_CHALLENGE_METHOD = \"S256\";\r\nconst URL_FORM_CONTENT_TYPE = \"application/x-www-form-urlencoded;charset=utf-8\";\r\nconst AUTHORIZATION_PENDING = \"authorization_pending\";\r\nconst NOT_APPLICABLE = \"N/A\";\r\nconst NOT_AVAILABLE = \"Not Available\";\r\nconst FORWARD_SLASH = \"/\";\r\nconst IMDS_ENDPOINT = \"http://169.254.169.254/metadata/instance/compute\";\r\nconst IMDS_VERSION = \"2021-02-01\";\r\nconst IMDS_TIMEOUT = 2000;\r\nconst AZURE_REGION_AUTO_DISCOVER_FLAG = \"TryAutoDetect\";\r\nconst REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX = \"login.microsoft.com\";\r\nconst KNOWN_PUBLIC_CLOUDS = [\r\n \"login.microsoftonline.com\",\r\n \"login.windows.net\",\r\n \"login.microsoft.com\",\r\n \"sts.windows.net\",\r\n];\r\nconst SHR_NONCE_VALIDITY = 240;\r\nconst INVALID_INSTANCE = \"invalid_instance\";\r\nconst HTTP_SUCCESS = 200;\r\nconst HTTP_SUCCESS_RANGE_START = 200;\r\nconst HTTP_SUCCESS_RANGE_END = 299;\r\nconst HTTP_REDIRECT = 302;\r\nconst HTTP_CLIENT_ERROR = 400;\r\nconst HTTP_CLIENT_ERROR_RANGE_START = 400;\r\nconst HTTP_BAD_REQUEST = 400;\r\nconst HTTP_UNAUTHORIZED = 401;\r\nconst HTTP_NOT_FOUND = 404;\r\nconst HTTP_REQUEST_TIMEOUT = 408;\r\nconst HTTP_GONE = 410;\r\nconst HTTP_TOO_MANY_REQUESTS = 429;\r\nconst HTTP_CLIENT_ERROR_RANGE_END = 499;\r\nconst HTTP_SERVER_ERROR = 500;\r\nconst HTTP_SERVER_ERROR_RANGE_START = 500;\r\nconst HTTP_SERVICE_UNAVAILABLE = 503;\r\nconst HTTP_GATEWAY_TIMEOUT = 504;\r\nconst HTTP_SERVER_ERROR_RANGE_END = 599;\r\nconst HTTP_MULTI_SIDED_ERROR = 600;\r\nconst HttpMethod = {\r\n GET: \"GET\",\r\n POST: \"POST\",\r\n};\r\nconst OIDC_DEFAULT_SCOPES = [\r\n OPENID_SCOPE,\r\n PROFILE_SCOPE,\r\n OFFLINE_ACCESS_SCOPE,\r\n];\r\nconst OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, EMAIL_SCOPE];\r\n/**\r\n * Request header names\r\n */\r\nconst HeaderNames = {\r\n CONTENT_TYPE: \"Content-Type\",\r\n CONTENT_LENGTH: \"Content-Length\",\r\n RETRY_AFTER: \"Retry-After\",\r\n CCS_HEADER: \"X-AnchorMailbox\",\r\n WWWAuthenticate: \"WWW-Authenticate\",\r\n AuthenticationInfo: \"Authentication-Info\",\r\n X_MS_REQUEST_ID: \"x-ms-request-id\",\r\n X_MS_HTTP_VERSION: \"x-ms-httpver\",\r\n};\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nconst PersistentCacheKeys = {\r\n ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\r\n};\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nconst AADAuthority = {\r\n COMMON: \"common\",\r\n ORGANIZATIONS: \"organizations\",\r\n CONSUMERS: \"consumers\",\r\n};\r\n/**\r\n * Claims request keys\r\n */\r\nconst ClaimsRequestKeys = {\r\n ACCESS_TOKEN: \"access_token\",\r\n XMS_CC: \"xms_cc\",\r\n ID_TOKEN: \"id_token\",\r\n SIGNIN_STATE: \"signin_state\",\r\n LOGIN_HINT: \"login_hint\",\r\n};\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nconst PromptValue = {\r\n LOGIN: \"login\",\r\n SELECT_ACCOUNT: \"select_account\",\r\n CONSENT: \"consent\",\r\n NONE: \"none\",\r\n CREATE: \"create\",\r\n NO_SESSION: \"no_session\",\r\n};\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nconst CodeChallengeMethodValues = {\r\n PLAIN: \"plain\",\r\n S256: \"S256\",\r\n};\r\n/**\r\n * Allowed values for response_type\r\n */\r\nconst OAuthResponseType = {\r\n CODE: \"code\",\r\n IDTOKEN_TOKEN: \"id_token token\",\r\n IDTOKEN_TOKEN_REFRESHTOKEN: \"id_token token refresh_token\",\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nconst ResponseMode = {\r\n QUERY: \"query\",\r\n FRAGMENT: \"fragment\",\r\n FORM_POST: \"form_post\",\r\n};\r\n/**\r\n * allowed grant_type\r\n */\r\nconst GrantType = {\r\n IMPLICIT_GRANT: \"implicit\",\r\n AUTHORIZATION_CODE_GRANT: \"authorization_code\",\r\n CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\r\n RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\r\n REFRESH_TOKEN_GRANT: \"refresh_token\",\r\n DEVICE_CODE_GRANT: \"device_code\",\r\n JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\r\n USER_FIC: \"user_fic\",\r\n};\r\n/**\r\n * Account types in Cache\r\n */\r\nconst CACHE_ACCOUNT_TYPE_MSSTS = \"MSSTS\";\r\nconst CACHE_ACCOUNT_TYPE_ADFS = \"ADFS\";\r\nconst CACHE_ACCOUNT_TYPE_MSAV1 = \"MSA\";\r\nconst CACHE_ACCOUNT_TYPE_GENERIC = \"Generic\";\r\n/**\r\n * Separators used in cache\r\n */\r\nconst CACHE_KEY_SEPARATOR = \"-\";\r\nconst CLIENT_INFO_SEPARATOR = \".\";\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nconst CredentialType = {\r\n ID_TOKEN: \"IdToken\",\r\n ACCESS_TOKEN: \"AccessToken\",\r\n ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\r\n REFRESH_TOKEN: \"RefreshToken\",\r\n};\r\n/**\r\n * Combine all cache types\r\n */\r\nconst CacheType = {\r\n ADFS: 1001,\r\n MSA: 1002,\r\n MSSTS: 1003,\r\n GENERIC: 1004,\r\n ACCESS_TOKEN: 2001,\r\n REFRESH_TOKEN: 2002,\r\n ID_TOKEN: 2003,\r\n APP_METADATA: 3001,\r\n UNDEFINED: 9999,\r\n};\r\n/**\r\n * More Cache related constants\r\n */\r\nconst APP_METADATA = \"appmetadata\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst THE_FAMILY_ID = \"1\";\r\nconst AUTHORITY_METADATA_CACHE_KEY = \"authority-metadata\";\r\nconst AUTHORITY_METADATA_REFRESH_TIME_SECONDS = 3600 * 24; // 24 Hours\r\nconst AuthorityMetadataSource = {\r\n CONFIG: \"config\",\r\n CACHE: \"cache\",\r\n NETWORK: \"network\",\r\n HARDCODED_VALUES: \"hardcoded_values\",\r\n};\r\nconst SERVER_TELEM_SCHEMA_VERSION = 5;\r\nconst SERVER_TELEM_MAX_CUR_HEADER_BYTES = 80; // ESTS limit is 100B, set to 80 to provide a 20B buffer\r\nconst SERVER_TELEM_MAX_LAST_HEADER_BYTES = 330; // ESTS limit is 350B, set to 330 to provide a 20B buffer,\r\nconst SERVER_TELEM_MAX_CACHED_ERRORS = 50; // Limit the number of errors that can be stored to prevent uncontrolled size gains\r\nconst SERVER_TELEM_CACHE_KEY = \"server-telemetry\";\r\nconst SERVER_TELEM_CATEGORY_SEPARATOR = \"|\";\r\nconst SERVER_TELEM_VALUE_SEPARATOR = \",\";\r\nconst SERVER_TELEM_OVERFLOW_TRUE = \"1\";\r\nconst SERVER_TELEM_OVERFLOW_FALSE = \"0\";\r\nconst SERVER_TELEM_UNKNOWN_ERROR = \"unknown_error\";\r\n/**\r\n * Type of the authentication request\r\n */\r\nconst AuthenticationScheme = {\r\n BEARER: \"Bearer\",\r\n POP: \"pop\",\r\n SSH: \"ssh-cert\",\r\n};\r\n/**\r\n * Constants related to throttling\r\n */\r\nconst DEFAULT_THROTTLE_TIME_SECONDS = 60;\r\n// Default maximum time to throttle in seconds, overrides what the server sends back\r\nconst DEFAULT_MAX_THROTTLE_TIME_SECONDS = 3600;\r\n// Prefix for storing throttling entries\r\nconst THROTTLING_PREFIX = \"throttling\";\r\n// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\nconst X_MS_LIB_CAPABILITY_VALUE = \"retry-after, h429\";\r\n/**\r\n * Errors\r\n */\r\nconst INVALID_GRANT_ERROR = \"invalid_grant\";\r\nconst CLIENT_MISMATCH_ERROR = \"client_mismatch\";\r\n/**\r\n * Password grant parameters\r\n */\r\nconst PasswordGrantConstants = {\r\n username: \"username\",\r\n password: \"password\",\r\n};\r\n/**\r\n * Region Discovery Sources\r\n */\r\nconst RegionDiscoverySources = {\r\n FAILED_AUTO_DETECTION: \"1\",\r\n INTERNAL_CACHE: \"2\",\r\n ENVIRONMENT_VARIABLE: \"3\",\r\n IMDS: \"4\",\r\n};\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nconst RegionDiscoveryOutcomes = {\r\n CONFIGURED_MATCHES_DETECTED: \"1\",\r\n CONFIGURED_NO_AUTO_DETECTION: \"2\",\r\n CONFIGURED_NOT_DETECTED: \"3\",\r\n AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\r\n AUTO_DETECTION_REQUESTED_FAILED: \"5\",\r\n};\r\n/**\r\n * Specifies the reason for fetching the access token from the identity provider\r\n */\r\nconst CacheOutcome = {\r\n // When a token is found in the cache or the cache is not supposed to be hit when making the request\r\n NOT_APPLICABLE: \"0\",\r\n // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\r\n FORCE_REFRESH_OR_CLAIMS: \"1\",\r\n // When the token request goes to the identity provider because no cached access token exists\r\n NO_CACHED_ACCESS_TOKEN: \"2\",\r\n // When the token request goes to the identity provider because cached access token expired\r\n CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\r\n // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\r\n PROACTIVELY_REFRESHED: \"4\",\r\n};\r\nconst JsonWebTokenTypes = {\r\n Jwt: \"JWT\",\r\n Jwk: \"JWK\",\r\n Pop: \"pop\",\r\n};\r\nconst ONE_DAY_IN_MS = 86400000;\r\n// Token renewal offset default in seconds\r\nconst DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nconst EncodingTypes = {\r\n BASE64: \"base64\",\r\n HEX: \"hex\",\r\n UTF8: \"utf-8\",\r\n};\n\nexport { AADAuthority, AAD_INSTANCE_DISCOVERY_ENDPT, AAD_TENANT_DOMAIN_SUFFIX, ADFS, APP_METADATA, AUTHORITY_METADATA_CACHE_KEY, AUTHORITY_METADATA_REFRESH_TIME_SECONDS, AUTHORIZATION_PENDING, AZURE_REGION_AUTO_DISCOVER_FLAG, AuthenticationScheme, AuthorityMetadataSource, CACHE_ACCOUNT_TYPE_ADFS, CACHE_ACCOUNT_TYPE_GENERIC, CACHE_ACCOUNT_TYPE_MSAV1, CACHE_ACCOUNT_TYPE_MSSTS, CACHE_KEY_SEPARATOR, CIAM_AUTH_URL, CLIENT_INFO, CLIENT_INFO_SEPARATOR, CLIENT_MISMATCH_ERROR, CODE_GRANT_TYPE, CONSUMER_UTID, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, CredentialType, DEFAULT_AUTHORITY, DEFAULT_AUTHORITY_HOST, DEFAULT_COMMON_TENANT, DEFAULT_MAX_THROTTLE_TIME_SECONDS, DEFAULT_THROTTLE_TIME_SECONDS, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, DSTS, EMAIL_SCOPE, EncodingTypes, FORWARD_SLASH, GrantType, HTTP_BAD_REQUEST, HTTP_CLIENT_ERROR, HTTP_CLIENT_ERROR_RANGE_END, HTTP_CLIENT_ERROR_RANGE_START, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_MULTI_SIDED_ERROR, HTTP_NOT_FOUND, HTTP_REDIRECT, HTTP_REQUEST_TIMEOUT, HTTP_SERVER_ERROR, HTTP_SERVER_ERROR_RANGE_END, HTTP_SERVER_ERROR_RANGE_START, HTTP_SERVICE_UNAVAILABLE, HTTP_SUCCESS, HTTP_SUCCESS_RANGE_END, HTTP_SUCCESS_RANGE_START, HTTP_TOO_MANY_REQUESTS, HTTP_UNAUTHORIZED, HeaderNames, HttpMethod, IMDS_ENDPOINT, IMDS_TIMEOUT, IMDS_VERSION, INVALID_GRANT_ERROR, INVALID_INSTANCE, JsonWebTokenTypes, KNOWN_PUBLIC_CLOUDS, NOT_APPLICABLE, NOT_AVAILABLE, OAuthResponseType, OFFLINE_ACCESS_SCOPE, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, OPENID_SCOPE, PROFILE_SCOPE, PasswordGrantConstants, PersistentCacheKeys, PromptValue, REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX, RESOURCE_DELIM, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseMode, S256_CODE_CHALLENGE_METHOD, SERVER_TELEM_CACHE_KEY, SERVER_TELEM_CATEGORY_SEPARATOR, SERVER_TELEM_MAX_CACHED_ERRORS, SERVER_TELEM_MAX_CUR_HEADER_BYTES, SERVER_TELEM_MAX_LAST_HEADER_BYTES, SERVER_TELEM_OVERFLOW_FALSE, SERVER_TELEM_OVERFLOW_TRUE, SERVER_TELEM_SCHEMA_VERSION, SERVER_TELEM_UNKNOWN_ERROR, SERVER_TELEM_VALUE_SEPARATOR, SHR_NONCE_VALIDITY, SKU, THE_FAMILY_ID, THROTTLING_PREFIX, URL_FORM_CONTENT_TYPE, X_MS_LIB_CAPABILITY_VALUE };\n//# sourceMappingURL=Constants.mjs.map\n"],"names":[],"mappings":";;AAAA;AAkHA;AACA;AACA;AACA;AACA;AACK,MAAC,WAAW,GAAG;AACpB,IAAI,KAAK,EAAE,OAAO;AAClB,IAAI,cAAc,EAAE,gBAAgB;AACpC,IAAI,OAAO,EAAE,SAAS;AACtB,IAAI,IAAI,EAAE,MAAM;AAChB,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,UAAU,EAAE,YAAY;AAC5B,EAAE;AA4CF;AACA;AACA;AACK,MAAC,mBAAmB,GAAG,IAAI;AAuC3B,MAAC,2BAA2B,GAAG,EAAE;AAEjC,MAAC,kCAAkC,GAAG,IAAI;AAC1C,MAAC,8BAA8B,GAAG,GAAG;AACrC,MAAC,sBAAsB,GAAG,mBAAmB;AAC7C,MAAC,+BAA+B,GAAG,IAAI;AACvC,MAAC,4BAA4B,GAAG,IAAI;AACpC,MAAC,0BAA0B,GAAG,IAAI;AAClC,MAAC,2BAA2B,GAAG,IAAI;AACnC,MAAC,0BAA0B,GAAG,gBAAgB;AACnD;AACA;AACA;AACK,MAAC,oBAAoB,GAAG;AAC7B,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,GAAG,EAAE,KAAK;AACd,IAAI,GAAG,EAAE,UAAU;AACnB,EAAE;AA0CF;AACA;AACA;AACK,MAAC,YAAY,GAAG;AACrB;AACA,IAAI,cAAc,EAAE,GASpB;;;;"}
1
+ {"version":3,"file":"Constants.mjs","sources":["../../../../../../../lib/msal-common/dist/utils/Constants.mjs"],"sourcesContent":["/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst SKU = \"msal.js.common\";\r\n// default authority\r\nconst DEFAULT_AUTHORITY = \"https://login.microsoftonline.com/common/\";\r\nconst DEFAULT_AUTHORITY_HOST = \"login.microsoftonline.com\";\r\nconst DEFAULT_COMMON_TENANT = \"common\";\r\n// ADFS String\r\nconst ADFS = \"adfs\";\r\nconst DSTS = \"dstsv2\";\r\n// Default AAD Instance Discovery Endpoint\r\nconst AAD_INSTANCE_DISCOVERY_ENDPT = `${DEFAULT_AUTHORITY}discovery/instance?api-version=1.1&authorization_endpoint=`;\r\n// CIAM URL\r\nconst CIAM_AUTH_URL = \".ciamlogin.com\";\r\nconst AAD_TENANT_DOMAIN_SUFFIX = \".onmicrosoft.com\";\r\n// Resource delimiter - used for certain cache entries\r\nconst RESOURCE_DELIM = \"|\";\r\n// Consumer UTID\r\nconst CONSUMER_UTID = \"9188040d-6c67-4c5b-b112-36a304b66dad\";\r\n// Default scopes\r\nconst OPENID_SCOPE = \"openid\";\r\nconst PROFILE_SCOPE = \"profile\";\r\nconst OFFLINE_ACCESS_SCOPE = \"offline_access\";\r\nconst EMAIL_SCOPE = \"email\";\r\nconst CODE_GRANT_TYPE = \"authorization_code\";\r\nconst S256_CODE_CHALLENGE_METHOD = \"S256\";\r\nconst URL_FORM_CONTENT_TYPE = \"application/x-www-form-urlencoded;charset=utf-8\";\r\nconst AUTHORIZATION_PENDING = \"authorization_pending\";\r\nconst NOT_APPLICABLE = \"N/A\";\r\nconst NOT_AVAILABLE = \"Not Available\";\r\nconst FORWARD_SLASH = \"/\";\r\nconst IMDS_ENDPOINT = \"http://169.254.169.254/metadata/instance/compute\";\r\nconst IMDS_VERSION = \"2021-02-01\";\r\nconst IMDS_TIMEOUT = 2000;\r\nconst AZURE_REGION_AUTO_DISCOVER_FLAG = \"TryAutoDetect\";\r\nconst REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX = \"login.microsoft.com\";\r\nconst KNOWN_PUBLIC_CLOUDS = [\r\n \"login.microsoftonline.com\",\r\n \"login.windows.net\",\r\n \"login.microsoft.com\",\r\n \"sts.windows.net\",\r\n];\r\nconst SHR_NONCE_VALIDITY = 240;\r\nconst INVALID_INSTANCE = \"invalid_instance\";\r\nconst HTTP_SUCCESS = 200;\r\nconst HTTP_SUCCESS_RANGE_START = 200;\r\nconst HTTP_SUCCESS_RANGE_END = 299;\r\nconst HTTP_REDIRECT = 302;\r\nconst HTTP_CLIENT_ERROR = 400;\r\nconst HTTP_CLIENT_ERROR_RANGE_START = 400;\r\nconst HTTP_BAD_REQUEST = 400;\r\nconst HTTP_UNAUTHORIZED = 401;\r\nconst HTTP_NOT_FOUND = 404;\r\nconst HTTP_REQUEST_TIMEOUT = 408;\r\nconst HTTP_GONE = 410;\r\nconst HTTP_TOO_MANY_REQUESTS = 429;\r\nconst HTTP_CLIENT_ERROR_RANGE_END = 499;\r\nconst HTTP_SERVER_ERROR = 500;\r\nconst HTTP_SERVER_ERROR_RANGE_START = 500;\r\nconst HTTP_SERVICE_UNAVAILABLE = 503;\r\nconst HTTP_GATEWAY_TIMEOUT = 504;\r\nconst HTTP_SERVER_ERROR_RANGE_END = 599;\r\nconst HTTP_MULTI_SIDED_ERROR = 600;\r\nconst HttpMethod = {\r\n GET: \"GET\",\r\n POST: \"POST\",\r\n};\r\nconst OIDC_DEFAULT_SCOPES = [\r\n OPENID_SCOPE,\r\n PROFILE_SCOPE,\r\n OFFLINE_ACCESS_SCOPE,\r\n];\r\nconst OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, EMAIL_SCOPE];\r\n/**\r\n * Request header names\r\n */\r\nconst HeaderNames = {\r\n CONTENT_TYPE: \"Content-Type\",\r\n CONTENT_LENGTH: \"Content-Length\",\r\n RETRY_AFTER: \"Retry-After\",\r\n CCS_HEADER: \"X-AnchorMailbox\",\r\n WWWAuthenticate: \"WWW-Authenticate\",\r\n AuthenticationInfo: \"Authentication-Info\",\r\n X_MS_REQUEST_ID: \"x-ms-request-id\",\r\n X_MS_HTTP_VERSION: \"x-ms-httpver\",\r\n};\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nconst PersistentCacheKeys = {\r\n ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\r\n};\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nconst AADAuthority = {\r\n COMMON: \"common\",\r\n ORGANIZATIONS: \"organizations\",\r\n CONSUMERS: \"consumers\",\r\n};\r\n/**\r\n * Claims request keys\r\n */\r\nconst ClaimsRequestKeys = {\r\n ACCESS_TOKEN: \"access_token\",\r\n XMS_CC: \"xms_cc\",\r\n ID_TOKEN: \"id_token\",\r\n SIGNIN_STATE: \"signin_state\",\r\n LOGIN_HINT: \"login_hint\",\r\n};\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nconst PromptValue = {\r\n LOGIN: \"login\",\r\n SELECT_ACCOUNT: \"select_account\",\r\n CONSENT: \"consent\",\r\n NONE: \"none\",\r\n CREATE: \"create\",\r\n NO_SESSION: \"no_session\",\r\n};\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nconst CodeChallengeMethodValues = {\r\n PLAIN: \"plain\",\r\n S256: \"S256\",\r\n};\r\n/**\r\n * Allowed values for response_type\r\n */\r\nconst OAuthResponseType = {\r\n CODE: \"code\",\r\n IDTOKEN_TOKEN: \"id_token token\",\r\n IDTOKEN_TOKEN_REFRESHTOKEN: \"id_token token refresh_token\",\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nconst ResponseMode = {\r\n QUERY: \"query\",\r\n FRAGMENT: \"fragment\",\r\n FORM_POST: \"form_post\",\r\n};\r\n/**\r\n * allowed grant_type\r\n */\r\nconst GrantType = {\r\n IMPLICIT_GRANT: \"implicit\",\r\n AUTHORIZATION_CODE_GRANT: \"authorization_code\",\r\n CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\r\n RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\r\n REFRESH_TOKEN_GRANT: \"refresh_token\",\r\n DEVICE_CODE_GRANT: \"device_code\",\r\n JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\r\n USER_FIC: \"user_fic\",\r\n};\r\n/**\r\n * Account types in Cache\r\n */\r\nconst CACHE_ACCOUNT_TYPE_MSSTS = \"MSSTS\";\r\nconst CACHE_ACCOUNT_TYPE_ADFS = \"ADFS\";\r\nconst CACHE_ACCOUNT_TYPE_MSAV1 = \"MSA\";\r\nconst CACHE_ACCOUNT_TYPE_GENERIC = \"Generic\";\r\n/**\r\n * Separators used in cache\r\n */\r\nconst CACHE_KEY_SEPARATOR = \"-\";\r\nconst CLIENT_INFO_SEPARATOR = \".\";\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nconst CredentialType = {\r\n ID_TOKEN: \"IdToken\",\r\n ACCESS_TOKEN: \"AccessToken\",\r\n ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\r\n REFRESH_TOKEN: \"RefreshToken\",\r\n};\r\n/**\r\n * Combine all cache types\r\n */\r\nconst CacheType = {\r\n ADFS: 1001,\r\n MSA: 1002,\r\n MSSTS: 1003,\r\n GENERIC: 1004,\r\n ACCESS_TOKEN: 2001,\r\n REFRESH_TOKEN: 2002,\r\n ID_TOKEN: 2003,\r\n APP_METADATA: 3001,\r\n UNDEFINED: 9999,\r\n};\r\n/**\r\n * More Cache related constants\r\n */\r\nconst APP_METADATA = \"appmetadata\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst THE_FAMILY_ID = \"1\";\r\nconst AUTHORITY_METADATA_CACHE_KEY = \"authority-metadata\";\r\nconst AUTHORITY_METADATA_REFRESH_TIME_SECONDS = 3600 * 24; // 24 Hours\r\nconst AuthorityMetadataSource = {\r\n CONFIG: \"config\",\r\n CACHE: \"cache\",\r\n NETWORK: \"network\",\r\n HARDCODED_VALUES: \"hardcoded_values\",\r\n};\r\nconst SERVER_TELEM_SCHEMA_VERSION = 5;\r\nconst SERVER_TELEM_MAX_CUR_HEADER_BYTES = 80; // ESTS limit is 100B, set to 80 to provide a 20B buffer\r\nconst SERVER_TELEM_MAX_LAST_HEADER_BYTES = 330; // ESTS limit is 350B, set to 330 to provide a 20B buffer,\r\nconst SERVER_TELEM_MAX_CACHED_ERRORS = 50; // Limit the number of errors that can be stored to prevent uncontrolled size gains\r\nconst SERVER_TELEM_CACHE_KEY = \"server-telemetry\";\r\nconst SERVER_TELEM_CATEGORY_SEPARATOR = \"|\";\r\nconst SERVER_TELEM_VALUE_SEPARATOR = \",\";\r\nconst SERVER_TELEM_OVERFLOW_TRUE = \"1\";\r\nconst SERVER_TELEM_OVERFLOW_FALSE = \"0\";\r\nconst SERVER_TELEM_UNKNOWN_ERROR = \"unknown_error\";\r\n/**\r\n * Type of the authentication request\r\n */\r\nconst AuthenticationScheme = {\r\n BEARER: \"Bearer\",\r\n POP: \"pop\",\r\n SSH: \"ssh-cert\",\r\n};\r\n/**\r\n * Constants related to throttling\r\n */\r\nconst DEFAULT_THROTTLE_TIME_SECONDS = 60;\r\n// Default maximum time to throttle in seconds, overrides what the server sends back\r\nconst DEFAULT_MAX_THROTTLE_TIME_SECONDS = 3600;\r\n// Prefix for storing throttling entries\r\nconst THROTTLING_PREFIX = \"throttling\";\r\n// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\nconst X_MS_LIB_CAPABILITY_VALUE = \"retry-after, h429\";\r\n/**\r\n * Errors\r\n */\r\nconst INVALID_GRANT_ERROR = \"invalid_grant\";\r\nconst CLIENT_MISMATCH_ERROR = \"client_mismatch\";\r\n/**\r\n * Password grant parameters\r\n */\r\nconst PasswordGrantConstants = {\r\n username: \"username\",\r\n password: \"password\",\r\n};\r\n/**\r\n * Region Discovery Sources\r\n */\r\nconst RegionDiscoverySources = {\r\n FAILED_AUTO_DETECTION: \"1\",\r\n INTERNAL_CACHE: \"2\",\r\n ENVIRONMENT_VARIABLE: \"3\",\r\n IMDS: \"4\",\r\n};\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nconst RegionDiscoveryOutcomes = {\r\n CONFIGURED_MATCHES_DETECTED: \"1\",\r\n CONFIGURED_NO_AUTO_DETECTION: \"2\",\r\n CONFIGURED_NOT_DETECTED: \"3\",\r\n AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\r\n AUTO_DETECTION_REQUESTED_FAILED: \"5\",\r\n};\r\n/**\r\n * Specifies the reason for fetching the access token from the identity provider\r\n */\r\nconst CacheOutcome = {\r\n // When a token is found in the cache or the cache is not supposed to be hit when making the request\r\n NOT_APPLICABLE: \"0\",\r\n // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\r\n FORCE_REFRESH_OR_CLAIMS: \"1\",\r\n // When the token request goes to the identity provider because no cached access token exists\r\n NO_CACHED_ACCESS_TOKEN: \"2\",\r\n // When the token request goes to the identity provider because cached access token expired\r\n CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\r\n // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\r\n PROACTIVELY_REFRESHED: \"4\",\r\n};\r\nconst JsonWebTokenTypes = {\r\n Jwt: \"JWT\",\r\n Jwk: \"JWK\",\r\n Pop: \"pop\",\r\n};\r\nconst ONE_DAY_IN_MS = 86400000;\r\n// Token renewal offset default in seconds\r\nconst DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nconst EncodingTypes = {\r\n BASE64: \"base64\",\r\n HEX: \"hex\",\r\n UTF8: \"utf-8\",\r\n};\n\nexport { AADAuthority, AAD_INSTANCE_DISCOVERY_ENDPT, AAD_TENANT_DOMAIN_SUFFIX, ADFS, APP_METADATA, AUTHORITY_METADATA_CACHE_KEY, AUTHORITY_METADATA_REFRESH_TIME_SECONDS, AUTHORIZATION_PENDING, AZURE_REGION_AUTO_DISCOVER_FLAG, AuthenticationScheme, AuthorityMetadataSource, CACHE_ACCOUNT_TYPE_ADFS, CACHE_ACCOUNT_TYPE_GENERIC, CACHE_ACCOUNT_TYPE_MSAV1, CACHE_ACCOUNT_TYPE_MSSTS, CACHE_KEY_SEPARATOR, CIAM_AUTH_URL, CLIENT_INFO, CLIENT_INFO_SEPARATOR, CLIENT_MISMATCH_ERROR, CODE_GRANT_TYPE, CONSUMER_UTID, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, CredentialType, DEFAULT_AUTHORITY, DEFAULT_AUTHORITY_HOST, DEFAULT_COMMON_TENANT, DEFAULT_MAX_THROTTLE_TIME_SECONDS, DEFAULT_THROTTLE_TIME_SECONDS, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, DSTS, EMAIL_SCOPE, EncodingTypes, FORWARD_SLASH, GrantType, HTTP_BAD_REQUEST, HTTP_CLIENT_ERROR, HTTP_CLIENT_ERROR_RANGE_END, HTTP_CLIENT_ERROR_RANGE_START, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_MULTI_SIDED_ERROR, HTTP_NOT_FOUND, HTTP_REDIRECT, HTTP_REQUEST_TIMEOUT, HTTP_SERVER_ERROR, HTTP_SERVER_ERROR_RANGE_END, HTTP_SERVER_ERROR_RANGE_START, HTTP_SERVICE_UNAVAILABLE, HTTP_SUCCESS, HTTP_SUCCESS_RANGE_END, HTTP_SUCCESS_RANGE_START, HTTP_TOO_MANY_REQUESTS, HTTP_UNAUTHORIZED, HeaderNames, HttpMethod, IMDS_ENDPOINT, IMDS_TIMEOUT, IMDS_VERSION, INVALID_GRANT_ERROR, INVALID_INSTANCE, JsonWebTokenTypes, KNOWN_PUBLIC_CLOUDS, NOT_APPLICABLE, NOT_AVAILABLE, OAuthResponseType, OFFLINE_ACCESS_SCOPE, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, OPENID_SCOPE, PROFILE_SCOPE, PasswordGrantConstants, PersistentCacheKeys, PromptValue, REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX, RESOURCE_DELIM, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseMode, S256_CODE_CHALLENGE_METHOD, SERVER_TELEM_CACHE_KEY, SERVER_TELEM_CATEGORY_SEPARATOR, SERVER_TELEM_MAX_CACHED_ERRORS, SERVER_TELEM_MAX_CUR_HEADER_BYTES, SERVER_TELEM_MAX_LAST_HEADER_BYTES, SERVER_TELEM_OVERFLOW_FALSE, SERVER_TELEM_OVERFLOW_TRUE, SERVER_TELEM_SCHEMA_VERSION, SERVER_TELEM_UNKNOWN_ERROR, SERVER_TELEM_VALUE_SEPARATOR, SHR_NONCE_VALIDITY, SKU, THE_FAMILY_ID, THROTTLING_PREFIX, URL_FORM_CONTENT_TYPE, X_MS_LIB_CAPABILITY_VALUE };\n//# sourceMappingURL=Constants.mjs.map\n"],"names":[],"mappings":";;AAAA;AAkHA;AACA;AACA;AACA;AACA;AACK,MAAC,WAAW,GAAG;AACpB,IAAI,KAAK,EAAE,OAAO;AAClB,IAAI,cAAc,EAAE,gBAAgB;AACpC,IAAI,OAAO,EAAE,SAAS;AACtB,IAAI,IAAI,EAAE,MAAM;AAChB,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,UAAU,EAAE,YAAY;AAC5B,EAAE;AA4CF;AACA;AACA;AACK,MAAC,mBAAmB,GAAG,IAAI;AAuC3B,MAAC,2BAA2B,GAAG,EAAE;AAEjC,MAAC,kCAAkC,GAAG,IAAI;AAC1C,MAAC,8BAA8B,GAAG,GAAG;AACrC,MAAC,sBAAsB,GAAG,mBAAmB;AAC7C,MAAC,+BAA+B,GAAG,IAAI;AACvC,MAAC,4BAA4B,GAAG,IAAI;AACpC,MAAC,0BAA0B,GAAG,IAAI;AAClC,MAAC,2BAA2B,GAAG,IAAI;AACnC,MAAC,0BAA0B,GAAG,gBAAgB;AACnD;AACA;AACA;AACK,MAAC,oBAAoB,GAAG;AAC7B,IAAI,MAAM,EAAE,QAAQ;AACpB,IAAI,GAAG,EAAE,KAAK;AACd,IAAI,GAAG,EAAE,UAAU;AACnB,EAAE;AA0CF;AACA;AACA;AACK,MAAC,YAAY,GAAG;AACrB;AACA,IAAI,cAAc,EAAE,GASpB;;;;"}
@@ -1,6 +1,6 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
- /*! @azure/msal-common v16.11.1 2026-07-07 */
3
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
4
4
  /**
5
5
  * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
6
6
  * @param seconds
@@ -1 +1 @@
1
- {"version":3,"file":"TimeUtils.mjs","sources":["../../../../../../../lib/msal-common/dist/utils/TimeUtils.mjs"],"sourcesContent":["/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Utility functions for managing date and time operations.\r\n */\r\n/**\r\n * return the current time in Unix time (seconds).\r\n */\r\nfunction nowSeconds() {\r\n // Date.getTime() returns in milliseconds.\r\n return Math.round(new Date().getTime() / 1000.0);\r\n}\r\n/**\r\n * Converts JS Date object to seconds\r\n * @param date Date\r\n */\r\nfunction toSecondsFromDate(date) {\r\n // Convert date to seconds\r\n return date.getTime() / 1000;\r\n}\r\n/**\r\n * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).\r\n * @param seconds\r\n */\r\nfunction toDateFromSeconds(seconds) {\r\n if (seconds) {\r\n return new Date(Number(seconds) * 1000);\r\n }\r\n return new Date();\r\n}\r\n/**\r\n * check if a token is expired based on given UTC time in seconds.\r\n * @param expiresOn\r\n */\r\nfunction isTokenExpired(expiresOn, offset) {\r\n // check for access token expiry\r\n const expirationSec = Number(expiresOn) || 0;\r\n const offsetCurrentTimeSec = nowSeconds() + offset;\r\n // If current time + offset is greater than token expiration time, then token is expired.\r\n return offsetCurrentTimeSec > expirationSec;\r\n}\r\n/**\r\n * Checks if a cache entry is expired based on the last updated time and cache retention days.\r\n * @param lastUpdatedAt\r\n * @param cacheRetentionDays\r\n * @returns\r\n */\r\nfunction isCacheExpired(lastUpdatedAt, cacheRetentionDays) {\r\n const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;\r\n return Date.now() > cacheExpirationTimestamp;\r\n}\r\n/**\r\n * If the current time is earlier than the time that a token was cached at, we must discard the token\r\n * i.e. The system clock was turned back after acquiring the cached token\r\n * @param cachedAt\r\n * @param offset\r\n */\r\nfunction wasClockTurnedBack(cachedAt) {\r\n const cachedAtSec = Number(cachedAt);\r\n return cachedAtSec > nowSeconds();\r\n}\r\n/**\r\n * Waits for t number of milliseconds\r\n * @param t number\r\n * @param value T\r\n */\r\nfunction delay(t, value) {\r\n return new Promise((resolve) => setTimeout(() => resolve(value), t));\r\n}\n\nexport { delay, isCacheExpired, isTokenExpired, nowSeconds, toDateFromSeconds, toSecondsFromDate, wasClockTurnedBack };\n//# sourceMappingURL=TimeUtils.mjs.map\n"],"names":[],"mappings":";;AAAA;AAwBA;AACA;AACA;AACA;AACA,SAAS,iBAAiB,CAAC,OAAO,EAAE;AACpC,IAAI,IAAI,OAAO,EAAE;AACjB,QAAQ,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;AAChD,IAAI,CAAC;AACL,IAAI,OAAO,IAAI,IAAI,EAAE,CAAC;AACtB;;;;"}
1
+ {"version":3,"file":"TimeUtils.mjs","sources":["../../../../../../../lib/msal-common/dist/utils/TimeUtils.mjs"],"sourcesContent":["/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Utility functions for managing date and time operations.\r\n */\r\n/**\r\n * return the current time in Unix time (seconds).\r\n */\r\nfunction nowSeconds() {\r\n // Date.getTime() returns in milliseconds.\r\n return Math.round(new Date().getTime() / 1000.0);\r\n}\r\n/**\r\n * Converts JS Date object to seconds\r\n * @param date Date\r\n */\r\nfunction toSecondsFromDate(date) {\r\n // Convert date to seconds\r\n return date.getTime() / 1000;\r\n}\r\n/**\r\n * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).\r\n * @param seconds\r\n */\r\nfunction toDateFromSeconds(seconds) {\r\n if (seconds) {\r\n return new Date(Number(seconds) * 1000);\r\n }\r\n return new Date();\r\n}\r\n/**\r\n * check if a token is expired based on given UTC time in seconds.\r\n * @param expiresOn\r\n */\r\nfunction isTokenExpired(expiresOn, offset) {\r\n // check for access token expiry\r\n const expirationSec = Number(expiresOn) || 0;\r\n const offsetCurrentTimeSec = nowSeconds() + offset;\r\n // If current time + offset is greater than token expiration time, then token is expired.\r\n return offsetCurrentTimeSec > expirationSec;\r\n}\r\n/**\r\n * Checks if a cache entry is expired based on the last updated time and cache retention days.\r\n * @param lastUpdatedAt\r\n * @param cacheRetentionDays\r\n * @returns\r\n */\r\nfunction isCacheExpired(lastUpdatedAt, cacheRetentionDays) {\r\n const cacheExpirationTimestamp = Number(lastUpdatedAt) + cacheRetentionDays * 24 * 60 * 60 * 1000;\r\n return Date.now() > cacheExpirationTimestamp;\r\n}\r\n/**\r\n * If the current time is earlier than the time that a token was cached at, we must discard the token\r\n * i.e. The system clock was turned back after acquiring the cached token\r\n * @param cachedAt\r\n * @param offset\r\n */\r\nfunction wasClockTurnedBack(cachedAt) {\r\n const cachedAtSec = Number(cachedAt);\r\n return cachedAtSec > nowSeconds();\r\n}\r\n/**\r\n * Waits for t number of milliseconds\r\n * @param t number\r\n * @param value T\r\n */\r\nfunction delay(t, value) {\r\n return new Promise((resolve) => setTimeout(() => resolve(value), t));\r\n}\n\nexport { delay, isCacheExpired, isTokenExpired, nowSeconds, toDateFromSeconds, toSecondsFromDate, wasClockTurnedBack };\n//# sourceMappingURL=TimeUtils.mjs.map\n"],"names":[],"mappings":";;AAAA;AAwBA;AACA;AACA;AACA;AACA,SAAS,iBAAiB,CAAC,OAAO,EAAE;AACpC,IAAI,IAAI,OAAO,EAAE;AACjB,QAAQ,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,CAAC;AAChD,IAAI,CAAC;AACL,IAAI,OAAO,IAAI,IAAI,EAAE,CAAC;AACtB;;;;"}
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { promises } from 'fs';
4
4
  import { pid } from 'process';
@@ -1,8 +1,8 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  /* eslint-disable header/header */
4
4
  const name = "@azure/msal-node-extensions";
5
- const version = "5.3.2";
5
+ const version = "5.3.3";
6
6
 
7
7
  export { name, version };
8
8
  //# sourceMappingURL=packageMetadata.mjs.map
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { PersistenceError } from '../error/PersistenceError.mjs';
4
4
  import { Constants } from '../utils/Constants.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { promises } from 'fs';
4
4
  import { dirname } from 'path';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { FilePersistence } from './FilePersistence.mjs';
4
4
  import { PersistenceError } from '../error/PersistenceError.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import keytar from 'keytar';
4
4
  import { FilePersistence } from './FilePersistence.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import keytar from 'keytar';
4
4
  import { FilePersistence } from './FilePersistence.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { CrossPlatformLock } from '../lock/CrossPlatformLock.mjs';
4
4
  import { pid } from 'process';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import { FilePersistenceWithDataProtection } from './FilePersistenceWithDataProtection.mjs';
4
4
  import { LibSecretPersistence } from './LibSecretPersistence.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  import path from 'path';
4
4
  import { Constants, Platform } from './Constants.mjs';
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  /*
4
4
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1,4 +1,4 @@
1
- /*! @azure/msal-node-extensions v5.3.2 2026-07-07 */
1
+ /*! @azure/msal-node-extensions v5.3.3 2026-07-15 */
2
2
  'use strict';
3
3
  'use strict';
4
4
 
@@ -343,11 +343,11 @@ class PersistenceCachePlugin {
343
343
  }
344
344
  }
345
345
 
346
- /*! @azure/msal-common v16.11.1 2026-07-07 */
346
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
347
347
  const X_CLIENT_EXTRA_SKU = "x-client-xtra-sku";
348
348
  const RESOURCE = "resource";
349
349
 
350
- /*! @azure/msal-common v16.11.1 2026-07-07 */
350
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
351
351
  /**
352
352
  * we considered making this "enum" in the request instead of string, however it looks like the allowed list of
353
353
  * prompt values kept changing over past couple of years. There are some undocumented prompt values for some
@@ -389,7 +389,7 @@ const CacheOutcome = {
389
389
  // When a token is found in the cache or the cache is not supposed to be hit when making the request
390
390
  NOT_APPLICABLE: "0"};
391
391
 
392
- /*! @azure/msal-common v16.11.1 2026-07-07 */
392
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
393
393
  /*
394
394
  * Copyright (c) Microsoft Corporation. All rights reserved.
395
395
  * Licensed under the MIT License.
@@ -415,7 +415,7 @@ class AuthError extends Error {
415
415
  }
416
416
  }
417
417
 
418
- /*! @azure/msal-common v16.11.1 2026-07-07 */
418
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
419
419
 
420
420
  /*
421
421
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -438,13 +438,13 @@ function createClientAuthError(errorCode, correlationId, additionalMessage) {
438
438
  return new ClientAuthError(errorCode, correlationId, additionalMessage);
439
439
  }
440
440
 
441
- /*! @azure/msal-common v16.11.1 2026-07-07 */
441
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
442
442
  const noAccountFound = "no_account_found";
443
443
  const noNetworkConnectivity = "no_network_connectivity";
444
444
  const userCanceled = "user_canceled";
445
445
  const platformBrokerError = "platform_broker_error";
446
446
 
447
- /*! @azure/msal-common v16.11.1 2026-07-07 */
447
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
448
448
 
449
449
  /*
450
450
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -464,10 +464,10 @@ function createClientConfigurationError(errorCode, correlationId) {
464
464
  return new ClientConfigurationError(errorCode, correlationId);
465
465
  }
466
466
 
467
- /*! @azure/msal-common v16.11.1 2026-07-07 */
467
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
468
468
  const untrustedAuthority = "untrusted_authority";
469
469
 
470
- /*! @azure/msal-common v16.11.1 2026-07-07 */
470
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
471
471
  /**
472
472
  * Convert seconds to JS Date object. Seconds can be in a number or string format or undefined (will still return a date).
473
473
  * @param seconds
@@ -479,7 +479,7 @@ function toDateFromSeconds(seconds) {
479
479
  return new Date();
480
480
  }
481
481
 
482
- /*! @azure/msal-common v16.11.1 2026-07-07 */
482
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
483
483
  /*
484
484
  * Copyright (c) Microsoft Corporation. All rights reserved.
485
485
  * Licensed under the MIT License.
@@ -754,7 +754,7 @@ class Logger {
754
754
  }
755
755
  }
756
756
 
757
- /*! @azure/msal-common v16.11.1 2026-07-07 */
757
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
758
758
  /**
759
759
  * Error thrown when user interaction is required.
760
760
  */
@@ -770,7 +770,7 @@ class InteractionRequiredAuthError extends AuthError {
770
770
  }
771
771
  }
772
772
 
773
- /*! @azure/msal-common v16.11.1 2026-07-07 */
773
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
774
774
 
775
775
  /*
776
776
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -789,7 +789,7 @@ class ServerError extends AuthError {
789
789
  }
790
790
  }
791
791
 
792
- /*! @azure/msal-common v16.11.1 2026-07-07 */
792
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
793
793
 
794
794
  /*
795
795
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -834,7 +834,7 @@ class PlatformBrokerError extends AuthError {
834
834
  }
835
835
  }
836
836
 
837
- /*! @azure/msal-common v16.11.1 2026-07-07 */
837
+ /*! @azure/msal-common v16.11.2 2026-07-15 */
838
838
 
839
839
  /*
840
840
  * Copyright (c) Microsoft Corporation. All rights reserved.
@@ -1750,7 +1750,7 @@ class PersistenceCreator {
1750
1750
 
1751
1751
  /* eslint-disable header/header */
1752
1752
  const name = "@azure/msal-node-extensions";
1753
- const version = "5.3.2";
1753
+ const version = "5.3.3";
1754
1754
 
1755
1755
  /*
1756
1756
  * Copyright (c) Microsoft Corporation. All rights reserved.