@equinor/fusion-framework-vite-plugin-spa 3.1.7 → 3.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/dist/esm/version.js +1 -1
  3. package/dist/html/bootstrap.js +52 -24
  4. package/dist/html/bootstrap.js.map +1 -1
  5. package/dist/tsconfig.tsbuildinfo +1 -1
  6. package/dist/types/html/index.html.d.ts +1 -1
  7. package/dist/types/version.d.ts +1 -1
  8. package/package.json +4 -4
  9. package/src/version.ts +1 -1
package/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # @equinor/fusion-framework-vite-plugin-spa
2
2
 
3
+ ## 3.1.9
4
+
5
+ ### Patch Changes
6
+
7
+ - Updated dependencies [[`c8e27eb`](https://github.com/equinor/fusion-framework/commit/c8e27eb3a119b4077effe20a10dfb2dfd3dc865e)]:
8
+ - @equinor/fusion-framework-module-msal@7.2.2
9
+
10
+ ## 3.1.8
11
+
12
+ ### Patch Changes
13
+
14
+ - Updated dependencies [[`1594ed8`](https://github.com/equinor/fusion-framework/commit/1594ed879579d0db6e42c5052a33174f7bf9346c), [`1594ed8`](https://github.com/equinor/fusion-framework/commit/1594ed879579d0db6e42c5052a33174f7bf9346c)]:
15
+ - @equinor/fusion-framework-module-msal@7.2.1
16
+
3
17
  ## 3.1.7
4
18
 
5
19
  ### Patch Changes
package/dist/esm/version.js CHANGED
@@ -1,3 +1,3 @@
1
1
  // Generated by genversion.
2
- export const version = '3.1.7';
2
+ export const version = '3.1.9';
3
3
  //# sourceMappingURL=version.js.map
package/dist/html/bootstrap.js CHANGED
@@ -40463,7 +40463,7 @@ const createClientLogCallback = (provider, metadata, scope) => {
40463
40463
  };
40464
40464
 
40465
40465
  // Generated by genversion.
40466
- const version$2 = '7.2.0';
40466
+ const version$2 = '7.2.2';
40467
40467
 
40468
40468
  /**
40469
40469
  * Zod schema for telemetry configuration validation.
@@ -41494,6 +41494,15 @@ class MsalProvider extends BaseModuleProvider {
41494
41494
  #requiresAuth;
41495
41495
  #authCode;
41496
41496
  #loginHint;
41497
+ /**
41498
+ * Default OAuth scopes used when the caller provides no scopes.
41499
+ *
41500
+ * Resolves to the app's Entra ID configured permissions via the `/.default` scope.
41501
+ */
41502
+ get defaultScopes() {
41503
+ const clientId = this.#client.clientId;
41504
+ return clientId ? [`${clientId}/.default`] : [];
41505
+ }
41497
41506
  /**
41498
41507
  * The MSAL module version enum value indicating the API compatibility level.
41499
41508
  *
@@ -41652,9 +41661,9 @@ class MsalProvider extends BaseModuleProvider {
41652
41661
  else if (!this.#client.hasValidClaims) {
41653
41662
  // Priority 2: No valid session found - attempt automatic login
41654
41663
  // This handles first-time app load when no authentication state exists
41655
- // Note: Using empty scopes here as we don't know what scopes the app needs yet
41664
+ // Note: Using default scopes here as we don't know what scopes the app needs yet
41656
41665
  // App should call acquireToken with actual scopes after initialization
41657
- const loginResult = await this.login({ request: { scopes: [] } });
41666
+ const loginResult = await this.login({ request: { scopes: this.defaultScopes } });
41658
41667
  if (loginResult?.account) {
41659
41668
  // Automatic login successful - set as active account
41660
41669
  this.#client.setActiveAccount(loginResult.account);
@@ -41720,37 +41729,52 @@ class MsalProvider extends BaseModuleProvider {
41720
41729
  * ```
41721
41730
  */
41722
41731
  async acquireToken(options) {
41723
- const { behavior = 'redirect', silent = true, request = {}, } = options;
41724
- const account = request.account ?? this.account ?? undefined;
41725
- // Extract scopes from either new format (request.scopes) or legacy format (scopes)
41726
- const scopes = options.request?.scopes ?? options?.scopes ?? [];
41732
+ // Determine behavior and silent options, with defaults (redirect and true respectively)
41733
+ const behavior = options?.behavior ?? 'redirect';
41734
+ // Silent mode defaults to true, meaning the provider will attempt silent token acquisition first
41735
+ const silent = options?.silent ?? true;
41736
+ const defaultScopes = this.defaultScopes;
41737
+ const inputRequest = options?.request;
41738
+ // Determine the account to use for token acquisition, prioritizing request-specific account, then active account
41739
+ const account = inputRequest?.account ?? this.account ?? undefined;
41740
+ // Extract caller-provided scopes from either new format (request.scopes) or legacy format (scopes)
41741
+ const candidateScopes = inputRequest?.scopes ?? options?.scopes ?? [];
41742
+ const scopes = candidateScopes.length > 0 ? candidateScopes : defaultScopes.length > 0 ? defaultScopes : [];
41743
+ // Prepare telemetry properties for this token acquisition attempt
41727
41744
  const telemetryProperties = { behavior, silent, scopes };
41728
41745
  // Track usage of deprecated legacy scopes format for migration monitoring
41729
- if (options.scopes) {
41746
+ if (options?.scopes) {
41730
41747
  this._trackEvent('acquireToken.legacy-scopes-provided', TelemetryLevel.Warning, {
41731
41748
  properties: telemetryProperties,
41732
41749
  });
41733
41750
  }
41734
41751
  // Handle empty scopes - currently monitoring for telemetry, will throw in future
41735
- if (scopes.length === 0) {
41736
- const exception = new Error('Empty scopes provided, not allowed');
41737
- this._trackException('acquireToken.missing-scope', TelemetryLevel.Warning, {
41738
- exception,
41739
- properties: telemetryProperties,
41740
- });
41741
- // TODO: throw exception when sufficient metrics are collected
41742
- // This allows us to monitor how often empty scopes are provided before enforcing validation
41752
+ if (candidateScopes.length === 0) {
41753
+ if (defaultScopes.length > 0) {
41754
+ this._trackEvent('acquireToken.missing-scope.defaulted', TelemetryLevel.Warning, {
41755
+ properties: { ...telemetryProperties, defaultScopes },
41756
+ });
41757
+ }
41758
+ else {
41759
+ const exception = new Error('Empty scopes provided and clientId is missing for default scope');
41760
+ this._trackException('acquireToken.missing-scope', TelemetryLevel.Warning, {
41761
+ exception,
41762
+ properties: telemetryProperties,
41763
+ });
41764
+ // TODO: throw exception when sufficient metrics are collected
41765
+ // This allows us to monitor how often empty scopes are provided before enforcing validation
41766
+ }
41743
41767
  }
41744
41768
  try {
41745
41769
  const measurement = this._trackMeasurement('acquireToken', TelemetryLevel.Information, {
41746
41770
  properties: telemetryProperties,
41747
41771
  });
41748
- // Merge account, original request options, and resolved scopes
41749
- // Account ensures context awareness, request preserves custom options, scopes uses resolved value
41772
+ // Merge account, original request options, and resolved scopes.
41773
+ // Account ensures context awareness, request preserves custom options, scopes uses resolved value.
41750
41774
  const result = await this.#client.acquireToken({
41751
41775
  behavior,
41752
41776
  silent,
41753
- request: { ...options.request, account, scopes },
41777
+ request: { ...inputRequest, account, scopes },
41754
41778
  });
41755
41779
  measurement?.measure();
41756
41780
  return result;
@@ -41814,6 +41838,11 @@ class MsalProvider extends BaseModuleProvider {
41814
41838
  const { behavior = 'redirect', silent = true, request } = options;
41815
41839
  request.loginHint ??=
41816
41840
  this.#loginHint ?? this.account?.username ?? this.account?.loginHint ?? undefined;
41841
+ const defaultScopes = this.defaultScopes;
41842
+ // Fallback to app default scope when possible; empty scopes tracked for monitoring
41843
+ if (!request.scopes || request.scopes.length === 0) {
41844
+ request.scopes = defaultScopes.length > 0 ? defaultScopes : [];
41845
+ }
41817
41846
  // Determine if silent login is possible based on available account/hint information
41818
41847
  // Silent login requires either an account object or a loginHint to work
41819
41848
  const canLoginSilently = silent && (request.account || request.loginHint);
@@ -41821,10 +41850,9 @@ class MsalProvider extends BaseModuleProvider {
41821
41850
  // Default to active account if no account/hint provided in request
41822
41851
  // This allows silent login to work automatically with existing authentication state
41823
41852
  request.account ??= this.account ?? undefined;
41824
- // Default to empty scopes if none provided
41825
- // Empty scopes are tracked for monitoring but allowed for compatibility
41826
- if (!request.scopes) {
41827
- request.scopes = [];
41853
+ // If scopes are still empty here, we couldn't derive a default scope (e.g. missing clientId).
41854
+ // Track for monitoring; behavior will be enforced once we have sufficient metrics.
41855
+ if (request.scopes.length === 0) {
41828
41856
  this._trackEvent('login.missing-scope', TelemetryLevel.Warning, {
41829
41857
  properties: telemetryProperties,
41830
41858
  });
@@ -44928,7 +44956,7 @@ async function registerServiceWorker(framework) {
44928
44956
  }
44929
44957
 
44930
44958
  // Generated by genversion.
44931
- const version = '3.1.7';
44959
+ const version = '3.1.9';
44932
44960
 
44933
44961
  // Allow dynamic import without vite
44934
44962
  const importWithoutVite = (path) => import(/* @vite-ignore */ path);