npm - @chemmangat/msal-next - Versions diffs - 2.0.1 → 2.1.1 - Mend

@chemmangat/msal-next 2.0.1 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/dist/index.d.mts CHANGED Viewed

@@ -79,12 +79,6 @@ interface MsalAuthConfig {
      * Custom logger callback
      */
     loggerCallback?: (level: LogLevel, message: string, containsPii: boolean) => void;
-    /**
-     * Allowed redirect URIs for validation (optional but recommended)
-     * Helps prevent open redirect vulnerabilities
-     * @example ['https://myapp.com', 'http://localhost:3000']
-     */
-    allowedRedirectUris?: string[];
     /**
      * Loading component to show while MSAL initializes
      */
@@ -697,42 +691,6 @@ declare function getDebugLogger(config?: DebugLoggerConfig): DebugLogger;
  */
 declare function createScopedLogger(scope: string, config?: DebugLoggerConfig): DebugLogger;
-/**
- * Security utilities for input validation and sanitization
- */
-/**
- * Validate account data structure from cookie
- */
-interface ValidatedAccountData {
-    homeAccountId: string;
-    username: string;
-    name?: string;
-}
-/**
- * Safely parse and validate JSON from untrusted sources
- */
-declare function safeJsonParse<T>(jsonString: string, validator: (data: any) => data is T): T | null;
-/**
- * Validate account data structure
- */
-declare function isValidAccountData(data: any): data is ValidatedAccountData;
-/**
- * Sanitize error messages to prevent information disclosure
- */
-declare function sanitizeError(error: unknown): string;
-/**
- * Validate redirect URI to prevent open redirect vulnerabilities
- */
-declare function isValidRedirectUri(uri: string, allowedOrigins: string[]): boolean;
-/**
- * Validate scope strings to prevent injection
- */
-declare function isValidScope(scope: string): boolean;
-/**
- * Validate array of scopes
- */
-declare function validateScopes(scopes: string[]): boolean;
 interface AuthMiddlewareConfig {
     /**
      * Routes that require authentication
@@ -805,9 +763,8 @@ interface ServerSession {
     username?: string;
     /**
      * Access token (if available in cookie)
-     * @deprecated Storing tokens in cookies is not recommended for security reasons
      */
     accessToken?: string;
 }
-export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };
+export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, retryWithBackoff, useGraphApi, useMsalAuth, useRoles, useUserProfile, withAuth };

package/dist/index.d.ts CHANGED Viewed

@@ -79,12 +79,6 @@ interface MsalAuthConfig {
      * Custom logger callback
      */
     loggerCallback?: (level: LogLevel, message: string, containsPii: boolean) => void;
-    /**
-     * Allowed redirect URIs for validation (optional but recommended)
-     * Helps prevent open redirect vulnerabilities
-     * @example ['https://myapp.com', 'http://localhost:3000']
-     */
-    allowedRedirectUris?: string[];
     /**
      * Loading component to show while MSAL initializes
      */
@@ -697,42 +691,6 @@ declare function getDebugLogger(config?: DebugLoggerConfig): DebugLogger;
  */
 declare function createScopedLogger(scope: string, config?: DebugLoggerConfig): DebugLogger;
-/**
- * Security utilities for input validation and sanitization
- */
-/**
- * Validate account data structure from cookie
- */
-interface ValidatedAccountData {
-    homeAccountId: string;
-    username: string;
-    name?: string;
-}
-/**
- * Safely parse and validate JSON from untrusted sources
- */
-declare function safeJsonParse<T>(jsonString: string, validator: (data: any) => data is T): T | null;
-/**
- * Validate account data structure
- */
-declare function isValidAccountData(data: any): data is ValidatedAccountData;
-/**
- * Sanitize error messages to prevent information disclosure
- */
-declare function sanitizeError(error: unknown): string;
-/**
- * Validate redirect URI to prevent open redirect vulnerabilities
- */
-declare function isValidRedirectUri(uri: string, allowedOrigins: string[]): boolean;
-/**
- * Validate scope strings to prevent injection
- */
-declare function isValidScope(scope: string): boolean;
-/**
- * Validate array of scopes
- */
-declare function validateScopes(scopes: string[]): boolean;
 interface AuthMiddlewareConfig {
     /**
      * Routes that require authentication
@@ -805,9 +763,8 @@ interface ServerSession {
     username?: string;
     /**
      * Access token (if available in cookie)
-     * @deprecated Storing tokens in cookies is not recommended for security reasons
      */
     accessToken?: string;
 }
-export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type ValidatedAccountData, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, isValidAccountData, isValidRedirectUri, isValidScope, retryWithBackoff, safeJsonParse, sanitizeError, useGraphApi, useMsalAuth, useRoles, useUserProfile, validateScopes, withAuth };
+export { AuthGuard, type AuthGuardProps, type AuthMiddlewareConfig, AuthStatus, type AuthStatusProps, type CustomTokenClaims, type DebugLoggerConfig, ErrorBoundary, type ErrorBoundaryProps, type GraphApiOptions, MicrosoftSignInButton, type MicrosoftSignInButtonProps, type MsalAuthConfig, MsalAuthProvider, type MsalAuthProviderProps, type RetryConfig, type ServerSession, SignOutButton, type SignOutButtonProps, type UseGraphApiReturn, type UseMsalAuthReturn, type UseRolesReturn, type UseUserProfileReturn, UserAvatar, type UserAvatarProps, type UserProfile, type WithAuthOptions, createAuthMiddleware, createMsalConfig, createRetryWrapper, createScopedLogger, getDebugLogger, getMsalInstance, retryWithBackoff, useGraphApi, useMsalAuth, useRoles, useUserProfile, withAuth };