npm - @openclaw/msteams - Versions diffs - 2026.6.5 → 2026.6.6-beta.1 - Mend

@openclaw/msteams 2026.6.5 → 2026.6.6-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1196) hide show

package/node_modules/@azure/msal-browser/lib/msal-browser.min.js CHANGED Viewed

@@ -1,2 +1,2 @@
-/*! @azure/msal-browser v5.11.0 2026-05-19 */
-"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i=".onmicrosoft.com",s="openid",a="profile",c="offline_access",h="S256",l="Not Available",d="http://169.254.169.254/metadata/instance/compute/location",u=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],g="GET",p="POST",m=[s,a,c],f=[...m,"email"],y="Content-Type",w="Content-Length",I="Retry-After",C="X-AnchorMailbox",v="WWW-Authenticate",k="Authentication-Info",T="x-ms-request-id",b="x-ms-httpver",A="active-account-filters",S="common",_="organizations",E="consumers",P="access_token",R="xms_cc",O={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},M="code",x="id_token token refresh_token",q={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},N="authorization_code",U="refresh_token",L="Generic",H={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},D="appmetadata",F="1",K="authority-metadata",B="config",z="cache",j="network",$="hardcoded_values",J=5,W="server-telemetry",G=",",Q={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},V="throttling",X="1",Y="3",Z="4",ee="2",te="4",re="5",ne="0",oe="1",ie="2",se="3",ae="4",ce={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},he="client_id",le="redirect_uri",de="token_type",ue="req_cnf",ge="return_spa_code",pe="x-client-xtra-sku",me="brk_client_id",fe="brk_redirect_uri",ye="instance_aware";function we(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class Ie extends Error{constructor(e,t,r){const n=t||(e?we(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,Ie.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ce(e,t){return new Ie(e,t||we(e))}class ve extends Ie{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,ve.prototype)}}function ke(e){return new ve(e)}class Te{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class be extends Ie{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,be.prototype)}}function Ae(e,t){return new be(e,t)}const Se="redirect_uri_empty",_e="authority_uri_insecure",Ee="url_parse_error",Pe="empty_url_error",Re="empty_input_scopes_error",Oe="invalid_claims",Me="token_request_empty",xe="logout_request_empty",qe="pkce_params_missing",Ne="invalid_cloud_discovery_metadata",Ue="invalid_authority_metadata",Le="untrusted_authority",He="missing_ssh_jwk",De="missing_ssh_kid",Fe="missing_nonce_authentication_header",Ke="invalid_authentication_header",Be="cannot_set_OIDCOptions",ze="cannot_allow_platform_broker",je="authority_mismatch",$e="invalid_request_method_for_EAR",Je="invalid_platform_broker_configuration",We="issuer_validation_failed";var Ge=Object.freeze({__proto__:null,authorityMismatch:je,authorityUriInsecure:_e,cannotAllowPlatformBroker:ze,cannotSetOIDCOptions:Be,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Re,invalidAuthenticationHeader:Ke,invalidAuthorityMetadata:Ue,invalidClaims:Oe,invalidCloudDiscoveryMetadata:Ne,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidPlatformBrokerConfiguration:Je,invalidRequestMethodForEAR:$e,issuerValidationFailed:We,logoutRequestEmpty:xe,missingNonceAuthenticationHeader:Fe,missingSshJwk:He,missingSshKid:De,pkceParamsMissing:qe,redirectUriEmpty:Se,tokenRequestEmpty:Me,untrustedAuthority:Le,urlEmptyError:Pe,urlParseError:Ee});const Qe="client_info_decoding_error",Ve="client_info_empty_error",Xe="token_parsing_error",Ye="null_or_empty_token",Ze="endpoints_resolution_error",et="network_error",tt="openid_config_error",rt="hash_not_deserialized",nt="invalid_state",ot="state_mismatch",it="state_not_found",st="nonce_mismatch",at="auth_time_not_found",ct="max_age_transpired",ht="multiple_matching_appMetadata",lt="request_cannot_be_made",dt="cannot_remove_empty_scope",ut="cannot_append_scopeset",gt="empty_input_scopeset",pt="no_account_in_silent_request",mt="invalid_cache_record",ft="invalid_cache_environment",yt="no_account_found",wt="no_crypto_object",It="token_refresh_required",Ct="token_claims_cnf_required_for_signedjwt",vt="authorization_code_missing_from_server_response",kt="binding_key_not_removed",Tt="end_session_endpoint_not_supported",bt="key_id_missing",At="no_network_connectivity",St="user_canceled",_t="method_not_implemented",Et="nested_app_auth_bridge_disabled",Pt="resource_parameter_required",Rt="misplaced_resource_parameter";var Ot=Object.freeze({__proto__:null,authTimeNotFound:at,authorizationCodeMissingFromServerResponse:vt,bindingKeyNotRemoved:kt,cannotAppendScopeSet:ut,cannotRemoveEmptyScope:dt,clientInfoDecodingError:Qe,clientInfoEmptyError:Ve,emptyInputScopeSet:gt,endSessionEndpointNotSupported:Tt,endpointResolutionError:Ze,hashNotDeserialized:rt,invalidCacheEnvironment:ft,invalidCacheRecord:mt,invalidState:nt,keyIdMissing:bt,maxAgeTranspired:ct,methodNotImplemented:_t,misplacedResourceParam:Rt,multipleMatchingAppMetadata:ht,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:Et,networkError:et,noAccountFound:yt,noAccountInSilentRequest:pt,noCryptoObject:wt,noNetworkConnectivity:At,nonceMismatch:st,nullOrEmptyToken:Ye,openIdConfigError:tt,platformBrokerError:"platform_broker_error",requestCannotBeMade:lt,resourceParameterRequired:Pt,stateMismatch:ot,stateNotFound:it,tokenClaimsCnfRequiredForSignedJwt:Ct,tokenParsingError:Xe,tokenRefreshRequired:It,unexpectedCredentialType:"unexpected_credential_type",userCanceled:St});class Mt{constructor(e){const t=e?Te.trimArrayEntries([...e]):[],r=t?Te.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ke(Re);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new Mt(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...m],r=new Mt(t);return r.containsOnlyOIDCScopes()?r.removeScope(c):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Mt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return f.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw Ae(ut)}}removeScope(e){if(!e)throw Ae(dt);this.scopes.delete(e.trim())}removeOIDCScopes(){f.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw Ae(gt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw Ae(gt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function xt(e,t,r){if(!t)return;const n=e.get(he);n&&e.has(me)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(le)},t)}function qt(e,t){e.set("response_type",t)}function Nt(e,t,r=!0,n=m){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new Mt(o);e.set("scope",i.printScopes())}function Ut(e,t){e.set(he,t)}function Lt(e,t){e.set(le,t)}function Ht(e,t){e.set("login_hint",t)}function Dt(e,t){e.set(C,`UPN:${t}`)}function Ft(e,t){e.set(C,`Oid:${t.uid}@${t.utid}`)}function Kt(e,t){e.set("sid",t)}function Bt(e,t,r,n){const o=n&&e.has(me)?void 0:r;if(!Te.isEmptyObj(t)||o&&o.length>0){const r=tr(t,o);try{JSON.parse(r)}catch(e){throw ke(Oe)}e.set("claims",r)}}function zt(e,t){e.set("client-request-id",t)}function jt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function $t(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Jt(e,t){t&&e.set("state",t)}function Wt(e,t,r){if(!t||!r)throw ke(qe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function Gt(e,t){e.set("client_secret",t)}function Qt(e,t){t&&e.set("client_assertion",t)}function Vt(e,t){t&&e.set("client_assertion_type",t)}function Xt(e,t){e.set("grant_type",t)}function Yt(e){e.set("client_info","1")}function Zt(e){e.has(ye)||e.set(ye,"true")}function er(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function tr(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ke(Oe)}else r={};return t&&t.length>0&&(r.hasOwnProperty(P)||(r[P]={}),r[P][R]={values:t}),JSON.stringify(r)}function rr(e,t){t&&(e.set(de,Q.POP),e.set(ue,t))}function nr(e,t){t&&(e.set(de,Q.SSH),e.set(ue,t))}function or(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function ir(e){e.set("x-ms-lib-capability","retry-after, h429")}function sr(e,t,r){e.has(me)||e.set(me,t),e.has(fe)||e.set(fe,r)}function ar(e,t){t&&e.set("resource",t)}function cr(e){if(!e)return e;let t=e.toLowerCase();return Te.endsWith(t,"?")?t=t.slice(0,-1):Te.endsWith(t,"?/")&&(t=t.slice(0,-2)),Te.endsWith(t,"/")||(t+="/"),t}function hr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function lr(e){if(!e||e.indexOf("=")<0)return null;try{const t=hr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw Ae(rt)}return null}function dr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function ur(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return cr(e.origin+e.pathname+e.search)}catch(e){return cr(t)}}const gr={createNewGuid:()=>{throw Ae(_t)},base64Decode:()=>{throw Ae(_t)},base64Encode:()=>{throw Ae(_t)},base64UrlEncode:()=>{throw Ae(_t)},encodeKid:()=>{throw Ae(_t)},async getPublicKeyThumbprint(){throw Ae(_t)},async removeTokenBindingKey(){throw Ae(_t)},async clearKeystore(){throw Ae(_t)},async signJwt(){throw Ae(_t)},async hashString(){throw Ae(_t)}};var pr;e.LogLevel=void 0,(pr=e.LogLevel||(e.LogLevel={}))[pr.Error=0]="Error",pr[pr.Warning=1]="Warning",pr[pr.Info=2]="Info",pr[pr.Verbose=3]="Verbose",pr[pr.Trace=4]="Trace";const mr=new Map;function fr(e,t){const r=Date.now();let n=mr.get(e);if(n)!function(e,t){mr.delete(e),mr.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},mr.set(e,n),mr.size>50){const e=mr.keys().next().value;e&&mr.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class yr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||yr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new yr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){fr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const wr="@azure/msal-common",Ir="16.6.2",Cr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function vr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function kr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:vr(d,e),upn:h}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:vr(r,e)}}function Tr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=kr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function br(e,t){const r=function(e){if(!e)throw Ae(Ye);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw Ae(Xe);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw Ae(Xe)}}function Ar(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Sr(e,t){if(0===t||Date.now()-3e5>e+t)throw Ae(ct)}class _r{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ke(Pe);e.includes("#")||(this._urlString=_r.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return Te.endsWith(t,"?")?t=t.slice(0,-1):Te.endsWith(t,"?/")&&(t=t.slice(0,-2)),Te.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ke(Ee)}if(!e.HostNameAndPort||!e.PathSegments)throw ke(Ee);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ke(_e)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return _r.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==S&&r[0]!==_||(r[0]=e),_r.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ke(Ee);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ke(Ee);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new _r(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new _r(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const Er={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]},{preferred_network:"login.windows-ppe.net",preferred_cache:"login.windows-ppe.net",aliases:["login.windows-ppe.net","sts.windows-ppe.net","login.microsoft-ppe.com"]}]}},Pr=Er.endpointMetadata,Rr=Er.instanceDiscoveryMetadata,Or=new Set;function Mr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=xr(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function xr(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}Rr.metadata.forEach((e=>{e.aliases.forEach((e=>{Or.add(e)}))}));const qr="cache_quota_exceeded";class Nr extends Error{constructor(e,t){const r=t||we(e);super(r),Object.setPrototypeOf(this,Nr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Ur(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Nr(qr):new Nr(e.name,e.message):new Nr("cache_error_unknown")}function Lr(e,t){if(!e)throw Ae(Ve);try{const r=t(e);return JSON.parse(r)}catch(e){throw Ae(Qe)}}function Hr(e){if(!e)throw Ae(Qe);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const Dr=0,Fr=1,Kr=2,Br=3;function zr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const jr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function $r(e){const t=e.tenantProfiles||[];return 0===t.length&&e.realm&&e.localAccountId&&t.push(kr(e.homeAccountId,e.localAccountId,e.realm)),{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map(t.map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Jr(e,t,r){const n=Array.from(e.tenantProfiles?.values()||[]);return 0===n.length&&e.tenantId&&e.localAccountId&&n.push(kr(e.homeAccountId,e.localAccountId,e.tenantId,e.idTokenClaims)),{authorityType:e.authorityType||L,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:n,dataBoundary:e.dataBoundary}}function Wr(e,t,r,n,o,i){if(t!==Fr&&t!==Kr){if(e)try{const t=Lr(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class Gr{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(wr,Ir),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>null==e||""===e)))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort(((e,t)=>{const r=e.idTokenClaims?1:0;return(t.idTokenClaims?1:0)-r}))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?$r(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=br(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=Tr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=$r(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&((void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant)&&(!(t.username&&!this.matchUsername(e.username,t.username)&&this.matchUsername(e.upn,t.username))&&(!(t.loginHint&&!this.matchLoginHintWithTenantProfile(e,t.loginHint))&&(!t.upn||e.upn===t.upn)))))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username)&&!this.matchUsername(e.upn,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n,o){if(!e)throw Ae(mt);try{e.account&&await this.setAccount(e.account,t,r,n),e.idToken&&!1!==o?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==o?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==o?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof Ie?e:Ur(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=Mt.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){Mt.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name,username:e?.username,loginHint:e?.loginHint,upn:e?.upn},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===Q.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===H.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===Q.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value??null;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value??null;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value??null}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=Mt.createSearchScopes(t.scopes),s=t.authenticationScheme||Q.BEARER,a=s&&s.toLowerCase()!==Q.BEARER.toLowerCase()?H.ACCESS_TOKEN_WITH_AUTH_SCHEME:H.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?F:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw Ae(ht);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==F)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchLoginHintWithTenantProfile(e,t){return e.loginHint===t||e.username===t||e.upn===t}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new _r(o).getUrlComponents().HostNameAndPort;n=Mr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Mr(t,r,i,Rr.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||(e.upn===t||!(!e.emails||!e.emails.includes(t))))}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==H.ACCESS_TOKEN&&e.credentialType!==H.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Mt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(D)}isAuthorityMetadata(e){return-1!==e.indexOf(K)}generateAuthorityMetadataCacheKey(e){return`${K}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Qr extends Gr{async setAccount(){throw Ae(_t)}getAccount(){throw Ae(_t)}async setIdTokenCredential(){throw Ae(_t)}getIdTokenCredential(){throw Ae(_t)}async setAccessTokenCredential(){throw Ae(_t)}getAccessTokenCredential(){throw Ae(_t)}async setRefreshTokenCredential(){throw Ae(_t)}getRefreshTokenCredential(){throw Ae(_t)}setAppMetadata(){throw Ae(_t)}getAppMetadata(){throw Ae(_t)}setServerTelemetry(){throw Ae(_t)}getServerTelemetry(){throw Ae(_t)}setAuthorityMetadata(){throw Ae(_t)}getAuthorityMetadata(){throw Ae(_t)}getAuthorityMetadataKeys(){throw Ae(_t)}setThrottlingCache(){throw Ae(_t)}getThrottlingCache(){throw Ae(_t)}removeItem(){throw Ae(_t)}getKeys(){throw Ae(_t)}getAccountKeys(){throw Ae(_t)}getTokenKeys(){throw Ae(_t)}generateCredentialKey(){throw Ae(_t)}generateAccountKey(){throw Ae(_t)}}const Vr=1,Xr=2,Yr="ext.",Zr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount","cacheMatchedAccounts","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class en{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Vr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const tn={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},rn={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},nn={async sendGetRequestAsync(){throw Ae(_t)},async sendPostRequestAsync(){throw Ae(_t)}},on={sku:"msal.js.common",version:Ir,cpu:"",os:""},sn={clientSecret:"",clientAssertion:void 0},an={azureCloudInstance:Cr.None,tenant:`${r}`},cn={application:{appName:"",appVersion:""}};function hn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...rn,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:an,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...tn,...t},loggerOptions:u,storageInterface:n||new Qr(e.clientId,gr,new yr(u),new en),networkInterface:o||nn,cryptoInterface:i||gr,clientCredentials:s||sn,libraryInfo:{...on,...a},telemetry:{...cn,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function ln(e){return e.authOptions.authority.options.protocolMode===jr.OIDC}class dn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function un(){return Math.round((new Date).getTime()/1e3)}function gn(e){return e.getTime()/1e3}function pn(e){return e?new Date(1e3*Number(e)):new Date}function mn(e,t){const r=Number(e)||0;return un()+t>r}function fn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function yn(e){return Number(e)>un()}function wn(e,t,r,n,o){return{credentialType:H.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function In(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:H.ACCESS_TOKEN,secret:r,cachedAt:un().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||Q.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==Q.BEARER.toLowerCase())switch(g.credentialType=H.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case Q.POP:const e=br(r,c);if(!e?.cnf?.kid)throw Ae(Ct);g.keyId=e.cnf.kid;break;case Q.SSH:g.keyId=u}return g}function Cn(e,t,r,n,o,i,s){const a={credentialType:H.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function vn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function kn(e){return!!e&&(vn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===H.ACCESS_TOKEN||e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Tn(e){return!!e&&(vn(e)&&e.credentialType===H.REFRESH_TOKEN)}function bn(){return un()+86400}function An(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Sn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function _n(e){return e.expiresAt<=un()}const En="networkClientSendPostRequestAsync",Pn="refreshTokenClientAcquireTokenWithCachedRefreshToken",Rn="getAuthCodeUrl",On="handleCodeResponseFromServer",Mn="popTokenGenerateCnf",xn="handleServerTokenResponse",qn="authorityUpdateMetadataWithRegionalInformation",Nn="regionDiscoveryGetRegionFromIMDS",Un=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);o&&n.incrementFields({[`ext.${t}CallCount`]:1},o);try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Ln=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);return o&&n.incrementFields({[`ext.${t}CallCount`]:1},o),e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Hn="sw";class Dn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Ln(this.generateKid.bind(this),Mn,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Hn}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new _r(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:un(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}const Fn="no_tokens_found",Kn="native_account_unavailable",Bn="refresh_token_expired",zn="ux_not_allowed",jn="interaction_required",$n="consent_required",Jn="login_required",Wn="bad_token",Gn="interrupted_user";var Qn=Object.freeze({__proto__:null,badToken:Wn,consentRequired:$n,interactionRequired:jn,interruptedUser:Gn,loginRequired:Jn,nativeAccountUnavailable:Kn,noTokensFound:Fn,refreshTokenExpired:Bn,uxNotAllowed:zn});const Vn=[jn,$n,Jn,Wn,zn,Gn],Xn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ux_not_allowed","interrupted_user"];class Yn extends Ie{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,Yn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function Zn(e,t,r){const n=!!e&&Vn.indexOf(e)>-1,o=!!r&&Xn.indexOf(r)>-1,i=!!t&&Vn.some((e=>t.indexOf(e)>-1));return n||i||o}function eo(e,t){return new Yn(e,t)}class to extends Ie{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,to.prototype)}}function ro(e,t,r){const n=function(e,t){if(!e)throw Ae(wt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function no(e,t){if(!e)throw Ae(wt);if(!t)throw Ae(nt);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw Ae(nt)}}class oo{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||l} - Timestamp: ${e.timestamp||l} - Description: ${e.error_description||l} - Correlation ID: ${e.correlation_id||l} - Trace ID: ${e.trace_id||l}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new to(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(Zn(e.error,e.error_description,e.suberror))throw new Yn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c,h){let l,d;if(e.id_token){if(l=br(e.id_token||"",this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw Ae(st);if(n.maxAge||0===n.maxAge){const e=l.auth_time;if(!e)throw Ae(at);Sr(e,n.maxAge)}}this.homeAccountIdentifier=Wr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,l),i&&i.state&&(d=no(this.cryptoObj.base64Decode,i.state)),e.key_id=e.key_id||n.sshKid||void 0;const u=this.generateCacheRecord(e,t,r,n,l,s,i);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),g=new dn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){if(this.cacheStorage.getAllAccounts({homeAccountId:u.account.homeAccountId,environment:u.account.environment},n.correlationId).length<1)return this.logger.warning("1gmt66",n.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},n.correlationId),await oo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,void 0,h)}await this.cacheStorage.saveCacheRecord(u,n.correlationId,Ar(l||{}),o,n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(g))}return oo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,e,h)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw Ae(ft);const c=zr(o);let h,l;e.id_token&&o&&(h=wn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=io(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger,this.performanceClient));let d=null;if(e.access_token){const o=e.scope?Mt.fromString(e.scope):new Mt(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=In(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id);const m=n.resource||null;m&&(d.resource=m)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},n.correlationId)}u=Cn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==Q.POP||o.popKid)u=r.accessToken.secret;else{const t=new Dn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw Ae(bt);u=await t.signPopToken(n,s,o)}g=Mt.fromString(r.accessToken.target).asArray(),p=pn(r.accessToken.expiresOn),l=pn(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=pn(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===F?F:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?Tr($r(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function io(e,t,r,n,o,i,s,a,c,h,l,d,u){d?.verbose("09jz0t",o);const g=a||t.getPreferredCache(),p=e.getAccountsFilteredBy({homeAccountId:r,environment:g},o);u?.addFields({cacheMatchedAccounts:p.length},o),p.length>1&&d?.warning("0x7ad1",o);const m=(1===p.length?p[0]:null)||function(e,t,r){let n,o,i;n=t.authorityType===Fr?"ADFS":t.protocolMode===jr.OIDC?L:"MSSTS",e.clientInfo&&r&&(o=Lr(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw Ae(ft);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||zr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[kr(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),f=m.tenantProfiles||[],y=c||m.realm;if(y&&!f.find((e=>e.tenantId===y))){const e=kr(r,m.localAccountId,y,i);f.push(e)}return m.tenantProfiles=f,m}const so="home_account_id",ao="UPN";async function co(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function ho(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class lo{static generateThrottlingStorageKey(e){return`${V}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=lo.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new to(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(lo.checkResponseStatus(r)||lo.checkResponseForRetryAfter(r)){const o={throttleTime:lo.calculateThrottleTime(parseInt(r.headers[I])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(lo.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(I)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=ho(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class uo extends Ie{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,uo.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function go(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new uo(e,t,r)}function po(e,t,r){const n={};if(n[y]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case so:try{const e=Hr(r.credential);n[C]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case ao:n[C]=`UPN: ${r.credential}`}return n}function mo(e,t,r,n){const o=new Map;return e.embeddedClientId&&sr(o,t,r),e.extraQueryParameters&&er(o,e.extraQueryParameters),zt(o,e.correlationId),xt(o,e.correlationId,n),dr(o)}async function fo(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;lo.preProcess(o,e,n);try{c=await Ln(i.sendPostRequestAsync.bind(i),En,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[b]||"",requestId:e[T]||""},n)}catch(e){if(e instanceof uo){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[b]||"",requestId:t[T]||"",contentTypeHeader:t[y]||void 0,contentLengthHeader:t[w]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof Ie?e:Ae(et)}return lo.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class yo{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=Y;else{const e=yo.IMDS_OPTIONS;try{const n=await Ln(this.getRegionFromIMDS.bind(this),Nn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=Z),400===n.status){const n=await Ln(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=X,null;const o=await Ln(this.getRegionFromIMDS.bind(this),Nn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=Z)}}catch(e){return t.region_source=X,null}}return r||(t.region_source=X),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${d}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${d}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}yo.IMDS_OPTIONS={headers:{Metadata:"true"}};class wo{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new yo(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Br;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return Fr;case"dstsv2":return Kr}return Dr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new _r(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw Ae(Ze)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw Ae(Ze)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw Ae(Ze)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw Ae(Tt);return this.replacePath(this.metadata.end_session_endpoint)}throw Ae(Ze)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw Ae(Ze)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw Ae(Ze)}canReplaceTenant(e){return 1===e.PathSegments.length&&!wo.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Dr&&this.protocolMode!==jr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new _r(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new _r(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===Fr||this.protocolMode===jr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Ln(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Ln(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:bn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==z&&r?.source!==z&&(e.expiresAt=bn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===$&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){An(e,await Ln(this.updateMetadataWithRegionalInformation.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Ln(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.validateIssuer(r.issuer),this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Ln(this.updateMetadataWithRegionalInformation.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(r)),An(e,r,!0),j;throw Ae(tt,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),An(e,t,!1),{source:B};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return An(e,r,!1),{source:$,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=_n(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:z}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new _r(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ke(Ue)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Pr?Pr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=t,wo.replaceWithRegionalInformation(e,t);const r=await Ln(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=te,this.regionDiscoveryMetadata.region_used=r,wo.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=re}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Ln(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Sn(e,r,!0),j;throw ke(Le)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("1tpqlr",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Sn(e,t,!1),B;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,xr(Rr.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Sn(e,r,!1),$;this.logger.verbose("0r2fzy",this.correlationId);const o=_n(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),z):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Br)return this.logger.verbose("04y84h",this.correlationId),wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=xr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ke(Ne)}}return this.isInKnownAuthorities()?(this.logger.verbose("0mt9al",this.correlationId),wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=xr(i,this.hostnameAndPort)}catch(e){return e instanceof Ie?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((e=>e&&_r.getDomainFromUrl(e).toLowerCase()===this.hostnameAndPort)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==Cr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw Ae(Ze)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Or.has(e)}validateIssuer(e){if(!e)throw ke(We);let t;try{t=new URL(e)}catch{throw ke(We)}const r=t.protocol,n=t.host,o=(this.canonicalAuthorityUrlComponents.Protocol||"").toLowerCase(),i=(this.canonicalAuthorityUrlComponents.HostNameAndPort||"").toLowerCase(),s=this.matchesAuthorityOrigin(r,n,o,i),a="https:"===r&&this.isAliasOfKnownMicrosoftAuthority(n),c="https:"===r&&this.matchesRegionalMicrosoftHost(n),h=this.matchesCiamTenantPattern(t,i,this.canonicalAuthorityUrlComponents.PathSegments);if(!(s||a||c||h))throw ke(We)}matchesAuthorityOrigin(e,t,r,n){return e===r&&t===n}matchesRegionalMicrosoftHost(e){const t=e.indexOf(".");if(t>0&&t<e.length-1){const r=e.substring(t+1);return this.isAliasOfKnownMicrosoftAuthority(r)}return!1}matchesCiamTenantPattern(e,t,r){const n=r[0],s=n?n.endsWith(i)?n.slice(0,-16):n:t.split(".")[0];if(!s)return!1;const a=`https://${s}${o}`,c=[a,`${a}/${s}`,`${a}/${s}/v2.0`,`${a}/${s}${i}`,`${a}/${s}${i}/v2.0`],h=e.pathname.replace(/\/+$/,""),l=`${e.protocol}//${e.host}${h}`;return c.some((e=>e===l))}static isPublicCloudAuthority(e){return u.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new _r(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=_r.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=wo.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=wo.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=wo.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new _r(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}${i}`}return t}}function Io(e){return e.endsWith("/")?e:`${e}/`}function Co(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ke(Ne)}return{canonicalAuthority:e.authority?Io(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function vo(e,t,r,n,o,i,s){const a=wo.transformCIAMAuthority(Io(e)),c=new wo(a,t,r,n,o,i,s);try{return await Ln(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw Ae(Ze)}}wo.reservedTenantDomains=new Set(["{tenant}","{tenantid}",S,E,_]);class ko{constructor(e,t){this.includeRedirectUri=!0,this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw Ae(lt);r&&r.cloud_instance_host_name&&await Ln(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const n=un(),o=await Ln(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=o.headers?.[T],s=new oo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(o.body,e.correlationId),Ln(s.handleServerTokenResponse.bind(s),xn,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,n,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw ke(xe);const t=this.createLogoutUrlQueryString(e);return _r.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=mo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=_r.appendQueryString(e.tokenEndpoint,n),i=await Ln(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Lr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:so}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=po(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=ho(this.config.authOptions.clientId,t);return Ln(fo,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ut(t,e.embeddedClientId||e.extraParameters?.[he]||this.config.authOptions.clientId),this.includeRedirectUri)Lt(t,e.redirectUri);else if(!e.redirectUri)throw ke(Se);if(Nt(t,e.scopes,!0,this.oidcDefaultScopes),ar(t,e.resource),function(e,t){e.set("code",t)}(t,e.code),jt(t,this.config.libraryInfo),$t(t,this.config.telemetry.application),ir(t),this.serverTelemetryManager&&!ln(this.config)&&or(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&Gt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Qt(t,await co(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Vt(t,r.assertionType)}if(Xt(t,N),Yt(t),e.authenticationScheme===Q.POP){const r=new Dn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}rr(t,n)}else if(e.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);nr(t,e.sshJwk)}let r;if(e.clientInfo)try{const t=Lr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:so}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case so:try{Ft(t,Hr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case ao:Dt(t,r.credential)}return e.embeddedClientId&&sr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&er(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ge]||er(t,{[ge]:"1"}),xt(t,e.correlationId,this.performanceClient),Bt(t,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),dr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&zt(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Jt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&er(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Zt(t),dr(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await vo(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class To{constructor(e,t){this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=un(),n=await Ln(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=n.headers?.[T],i=new oo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Ln(i.handleServerTokenResponse.bind(i),xn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e,t){if(!e)throw ke(Me);if(!e.account)throw Ae(pt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const n=r instanceof Yn&&r.errorCode===Fn,o=r instanceof to&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(n||o)return Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const n=Un(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!n)throw eo(Fn);if(n.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(n.expiresOn),rtOffsetSeconds:t},e.correlationId),mn(n.expiresOn,t))throw eo(Bn)}const o={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Q.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:so}};try{return await Ln(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(o,r)}catch(t){if(t instanceof Yn&&t.subError===Wn){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(n);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=mo(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=_r.appendQueryString(t.tokenEndpoint,r),o=await Ln(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=po(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=ho(this.config.authOptions.clientId,e);return Ln(fo,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ut(t,e.embeddedClientId||e.extraParameters?.[he]||this.config.authOptions.clientId),e.redirectUri&&Lt(t,e.redirectUri),Nt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Xt(t,U),Yt(t),jt(t,this.config.libraryInfo),$t(t,this.config.telemetry.application),ir(t),this.serverTelemetryManager&&!ln(this.config)&&or(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&Gt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Qt(t,await co(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Vt(t,r.assertionType)}if(e.authenticationScheme===Q.POP){const r=new Dn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}rr(t,n)}else if(e.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);nr(t,e.sshJwk)}if(this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case so:try{Ft(t,Hr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case ao:Dt(t,e.ccsCredential.credential)}return e.embeddedClientId&&sr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&er(t,{...e.extraParameters}),xt(t,e.correlationId,this.performanceClient),Bt(t,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),dr(t)}}class bo{constructor(e,t){this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=ne;if(e.forceRefresh||!Te.isEmptyObj(e.claims))throw this.setCacheOutcome(oe,e.correlationId),Ae(It);if(!e.account)throw Ae(pt);const r=e.account.tenantId||function(e){const t=new _r(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case S:case _:case E:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(ie,e.correlationId),Ae(It);if(yn(o.cachedAt)||mn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(se,e.correlationId),Ae(It);if(e.resource){if(o.resource!==e.resource)throw this.setCacheOutcome(ie,e.correlationId),Ae(It)}else o.refreshOn&&mn(o.refreshOn,0)&&(t=ae);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Ln(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==ne&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=br(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw Ae(at);Sr(e,t.maxAge)}return oo.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const Ao={sendGetRequestAsync:()=>Promise.reject(Ae(_t)),sendPostRequestAsync:()=>Promise.reject(Ae(_t))};function So(e,t,r,n){const o=t.correlationId,i=new Map;Ut(i,t.embeddedClientId||t.extraQueryParameters?.[he]||e.clientId);if(Nt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),ar(i,t.resource),Lt(i,t.redirectUri),zt(i,o),function(e,t){e.set("response_mode",t||q.QUERY)}(i,t.responseMode),Yt(i),function(e){e.set("clidata","1")}(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==O.SELECT_ACCOUNT)if(t.sid&&t.prompt===O.NONE)r.verbose("1tvqyx",t.correlationId),Kt(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),Ht(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Ft(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===O.NONE){r.verbose("1rmd8s",t.correlationId),Kt(i,e),n?.addFields({sidFromClaim:!0},o);try{Ft(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),Ht(i,t.loginHint),Dt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),Ht(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Ft(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),Ht(i,t.loginHint),Dt(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Jt(i,t.state),t.embeddedClientId&&sr(i,e.clientId,e.redirectUri),Bt(i,t.claims,e.clientCapabilities,t.skipBrokerClaims),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(ye)||Zt(i),i}function _o(e,t){const r=dr(t);return _r.appendQueryString(e.authorizationEndpoint,r)}function Eo(e,t){if(!e.state||!t)throw e.state?Ae(it,"Cached State"):Ae(it,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw Ae(nt,e.state)}try{n=decodeURIComponent(t)}catch(t){throw Ae(nt,e.state)}if(r!==n)throw Ae(ot);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(Zn(e.error,e.error_description,e.suberror))throw new Yn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new to(e.error||"",e.error_description,e.suberror,t)}}function Po(e,t){if(e){if(t.resource&&(Ro(t.extraParameters)||Ro(t.extraQueryParameters)))throw Ae(Rt);if(!t.resource)throw Ae(Pt)}}function Ro(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Oo="unexpected_error";var Mo=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:Oo});function xo(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class qo{constructor(e,t){this.cacheOutcome=ne,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=W+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${G}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(G),o=[e,this.getRegionDiscoveryFields()].join(G);return[J,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=qo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(G),n=e.errors.slice(0,t).join(G),o=e.errors.length,i=[o,t<o?"1":"0"].join(G);return[J,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Ie?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=qo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return xo(e)}}class No extends Ie{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,No.prototype)}}function Uo(e){return new No(e)}class Lo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Uo("missing_kid_error");if(!e.alg)throw Uo("missing_alg_error");const t=new Lo({typ:e.typ||ce.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Ho(e,t,r,n=5){if(e instanceof Error)return e instanceof Ie?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof to||e instanceof Yn)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof Nr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Do(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Do(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Do(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Do(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Fo{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Zr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:Vr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof Ie?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof Ie?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&Ho(t,this.logger,n),!o)return n.ext={...n.ext,...e.ext},n.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=mr.get(r);t.push(...e?.logs??[]),mr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:Xr,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const n={},o={};for(const t in e)if(t.startsWith(Yr)){const r=t.slice(4),n=e[t];"string"!=typeof n&&"number"!=typeof n||(o[r]=n)}else n[t]=e[t];const i={...r,...n};Object.keys(o).length&&(i.ext={...i.ext,...o}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(Yr)){r.ext=r.ext||{};const n=t.slice(4),o=r.ext[n];if(void 0===o)r.ext[n]=0;else if(isNaN(Number(o)))return;r.ext[n]=(Number(r.ext[n])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Ko="standardInteractionClientGetDiscoveredAuthority",Bo="nativeInteractionClientAcquireToken",zo="acquireTokenBySilentIframe",jo="initializeBaseRequest",$o="silentIframeClientTokenHelper",Jo="silentHandlerInitiateAuthRequest",Wo="silentHandlerMonitorIframeForHash",Go="standardInteractionClientCreateAuthCodeClient",Qo="standardInteractionClientGetClientConfiguration",Vo="standardInteractionClientInitializeAuthorizationRequest",Xo="handleResponseEar",Yo="handleResponsePlatformBroker",Zo="handleResponseCode",ei="deserializeResponse",ti="removeHiddenIframe",ri="generatePkceCodes",ni="generateHKDF",oi="decrypt",ii="generateEarKey",si="pkce_not_created",ai="ear_jwk_empty",ci="ear_jwe_empty",hi="crypto_nonexistent",li="empty_navigate_uri",di="hash_empty_error",ui="no_state_in_hash",gi="hash_does_not_contain_known_properties",pi="unable_to_parse_state",mi="state_interaction_type_mismatch",fi="interaction_in_progress",yi="interaction_in_progress_cancelled",wi="popup_window_error",Ii="empty_window_error",Ci="user_cancelled",vi="redirect_bridge_empty_response",ki="redirect_in_iframe",Ti="block_iframe_reload",bi="block_nested_popups",Ai="silent_logout_unsupported",Si="no_account_error",_i="no_token_request_cache_error",Ei="unable_to_parse_token_request_cache_error",Pi="non_browser_environment",Ri="database_not_open",Oi="no_network_connectivity",Mi="post_request_failed",xi="get_request_failed",qi="failed_to_parse_response",Ni="unable_to_load_token",Ui="crypto_key_not_found",Li="auth_code_required",Hi="auth_code_or_nativeAccountId_required",Di="spa_code_and_nativeAccountId_present",Fi="database_unavailable",Ki="unable_to_acquire_token_from_native_platform",Bi="native_handshake_timeout",zi="native_extension_not_installed",ji="native_connection_not_established",$i="uninitialized_public_client_application",Ji="native_prompt_not_supported",Wi="invalid_base64_string",Gi="invalid_pop_token_request",Qi="failed_to_build_headers",Vi="failed_to_parse_headers",Xi="failed_to_decrypt_ear_response",Yi="timed_out",Zi="empty_response";var es=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:Hi,authCodeRequired:Li,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Ti,blockNestedPopups:bi,cryptoKeyNotFound:Ui,cryptoNonExistent:hi,databaseNotOpen:Ri,databaseUnavailable:Fi,earJweEmpty:ci,earJwkEmpty:ai,emptyNavigateUri:li,emptyResponse:Zi,emptyWindowError:Ii,failedToBuildHeaders:Qi,failedToDecryptEarResponse:Xi,failedToParseHeaders:Vi,failedToParseResponse:qi,getRequestFailed:xi,hashDoesNotContainKnownProperties:gi,hashEmptyError:di,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:fi,interactionInProgressCancelled:yi,invalidBase64String:Wi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Gi,nativeConnectionNotEstablished:ji,nativeExtensionNotInstalled:zi,nativeHandshakeTimeout:Bi,nativePromptNotSupported:Ji,noAccountError:Si,noNetworkConnectivity:Oi,noStateInHash:ui,noTokenRequestCacheError:_i,nonBrowserEnvironment:Pi,pkceNotCreated:si,popupWindowError:wi,postRequestFailed:Mi,redirectBridgeEmptyResponse:vi,redirectInIframe:ki,silentLogoutUnsupported:Ai,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:Di,stateInteractionTypeMismatch:mi,timedOut:Yi,unableToAcquireTokenFromNativePlatform:Ki,unableToLoadToken:Ni,unableToParseState:pi,unableToParseTokenRequestCacheError:Ei,uninitializedPublicClientApplication:$i,userCancelled:Ci});function ts(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class rs extends Ie{constructor(e,t){super(e,ts(e),t),Object.setPrototypeOf(this,rs.prototype),this.name="BrowserAuthError"}}function ns(e,t){return new rs(e,t)}const os="invalid_grant",is=483,ss=600,as="msal",cs="msal.js.browser",hs="53ee284d-920a-4b59-9d30-a60315b26836",ls="ppnbnpeolgkicgegkbkbjmhlideopiji",ds="MATS",us="MicrosoftEntra",gs="DOM API",ps="get-token-and-sign-out",ms="PlatformAuthDOMHandler",fs="PlatformAuthExtensionHandler",ys="Handshake",ws="HandshakeResponse",Is="GetToken",Cs="Response",vs={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},ks="GET",Ts="POST",bs="signin",As="signout",Ss="request.origin",_s="urlHash",Es="request.params",Ps="code.verifier",Rs="interaction.status",Os="request.native",Ms="wrapper.sku",xs="wrapper.version",qs={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},Ns={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var Us;e.InteractionType=void 0,(Us=e.InteractionType||(e.InteractionType={})).Redirect="redirect",Us.Popup="popup",Us.Silent="silent",Us.None="none";const Ls={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},Hs={scopes:m},Ds="msal.db",Fs=`${Ds}.keys`,Ks={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},Bs=[Ks.Default,Ks.Skip,Ks.RefreshTokenAndNetwork];function zs(e){return encodeURIComponent($s(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function js(e){return Js(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function $s(e){return Js((new TextEncoder).encode(e))}function Js(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}function Ws(e){return(new TextDecoder).decode(Gs(e))}function Gs(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw ns(Wi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const Qs="AES-GCM",Vs="HKDF",Xs="SHA-256",Ys=new Uint8Array([1,0,1]),Zs="0123456789abcdef",ea=new Uint32Array(1),ta="raw",ra="encrypt",na="decrypt",oa={name:"RSASSA-PKCS1-v1_5",hash:Xs,modulusLength:2048,publicExponent:Ys};async function ia(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Xs,t)}function sa(e){return window.crypto.getRandomValues(e)}function aa(){return window.crypto.getRandomValues(ea),ea[0]}function ca(){const e=Date.now(),t=1024*aa()+(1023&aa()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=aa();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Zs.charAt(r[e]>>>4),s+=Zs.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ha(e){return window.crypto.subtle.exportKey("jwk",e)}async function la(){const e=await ua(),t={alg:"dir",kty:"oct",k:js(new Uint8Array(e))};return $s(JSON.stringify(t))}async function da(e,t){const r=t.split(".");if(5!==r.length)throw ns(Xi,"jwe_length");const n=await async function(e){const t=Ws(e),r=Gs(JSON.parse(t).k);return window.crypto.subtle.importKey(ta,r,Qs,!1,[na])}(e).catch((()=>{throw ns(Xi,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=Gs(r[2]),o=Gs(r[3]),i=Gs(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:Qs,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw ns(Xi,"decrypt")}}async function ua(){const e=await window.crypto.subtle.generateKey({name:Qs,length:256},!0,[ra,na]);return window.crypto.subtle.exportKey(ta,e)}async function ga(e){return window.crypto.subtle.importKey(ta,e,Vs,!1,["deriveKey"])}async function pa(e,t,r){return window.crypto.subtle.deriveKey({name:Vs,salt:t,hash:Xs,info:(new TextEncoder).encode(r)},e,{name:Qs,length:256},!1,[ra,na])}async function ma(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await pa(e,o,r),s=await window.crypto.subtle.encrypt({name:Qs,iv:new Uint8Array(12)},i,n);return{data:js(new Uint8Array(s)),nonce:js(o)}}async function fa(e,t,r,n){const o=Gs(n),i=await pa(e,Gs(t),r),s=await window.crypto.subtle.decrypt({name:Qs,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const ya="storage_not_supported",wa="stubbed_public_client_application_called",Ia="in_mem_redirect_unavailable";var Ca=Object.freeze({__proto__:null,inMemRedirectUnavailable:Ia,storageNotSupported:ya,stubbedPublicClientApplicationCalled:wa});class va extends Ie{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,va.prototype)}}function ka(e){return new va(e,ts(e))}function Ta(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw ns(Zi);const s=r.get("state");if(!s)throw ns(ui);const{libraryState:a}=no(Ws,s),{id:c,meta:h}=a;if(!c||!h)throw ns(pi,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function ba(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Aa(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Sa(){return window.parent!==window}function _a(){if(Sa())return!1;try{const{libraryState:t}=Ta(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ea=null;function Pa(e,t){Ea&&(e.verbose("18y01k",t),clearTimeout(Ea.timeoutId),Ea.channel.close(),Ea.reject(ns(yi)),Ea=null)}async function Ra(e,t,r,n,o,i){return new Promise(((s,a)=>{t.verbose("1rf6em",n.correlationId);const c=n.correlationId;o.addFields({redirectBridgeTimeoutMs:e,lateResponseExperimentEnabled:i?.iframeTimeoutTelemetry||!1},c);const{libraryState:h}=no(r.base64Decode,n.state||""),l=new BroadcastChannel(h.id);let d,u,g,p=!1;const m=window.setTimeout((()=>{Ea=null,i?.iframeTimeoutTelemetry?(g=o.startMeasurement("waitForBridgeLateResponse",c),p=!0,u=window.setTimeout((()=>{g?.end({success:!1}),clearTimeout(u),l.close()}),6e4)):l.close(),a(ns(Yi,"redirect_bridge_timeout"))}),e);Ea={timeoutId:m,channel:l,reject:a},l.onmessage=e=>{d=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;if(p)return g?.end({success:!!d}),clearTimeout(u),void l.close();o.addFields({redirectBridgeMessageVersion:t},c),Ea=null,clearTimeout(m),l.close(),d?s(d):a(ns(vi))}}))}function Oa(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Ma(){const e=new _r(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function xa(){if(lr(window.location.hash)&&Sa())throw ns(Ti)}function qa(e){if(Sa()&&!e)throw ns(ki)}function Na(){if(_a())throw ns(bi)}function Ua(){if("undefined"==typeof window)throw ns(Pi)}function La(e){if(!e)throw ns($i)}function Ha(e){Ua(),xa(),Na(),La(e)}function Da(e,t){if(Ha(e),qa(t.system.allowRedirectInIframe),t.cache.cacheLocation===vs.MemoryStorage)throw ka(Ia)}function Fa(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Ka(){return ca()}const Ba=tr;var za=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Ba,blockAPICallsBeforeInitialize:La,blockAcquireTokenInPopups:Na,blockNonBrowserEnvironment:Ua,blockRedirectInIframe:qa,blockReloadInHiddenIframes:xa,cancelPendingBridgeResponse:Pa,clearHash:ba,createGuid:Ka,getCurrentUri:Oa,getHomepage:Ma,invoke:Un,invokeAsync:Ln,isInIframe:Sa,isInPopup:_a,parseAuthResponseFromUrl:Ta,preconnect:Fa,preflightCheck:Ha,redirectPreflightCheck:Da,replaceHash:Aa,waitForBridgeResponse:Ra});class ja{constructor(){this.dbName=Ds,this.version=1,this.tableName=Fs,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(ns(Fi))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(ns(Ri));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(ns(Ri));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Ds),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class $a{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Ja{constructor(e){this.inMemoryCache=new $a,this.indexedDBCache=new ja,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof rs&&e.errorCode===Fi))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Wa{constructor(e,t,r){this.logger=e,function(e){if(!window)throw ns(Pi);if(!window.crypto)throw ns(hi);if(!e&&!window.crypto.subtle)throw ns(hi,"crypto_subtle_undefined")}(r??!1),this.cache=new Ja(this.logger),this.performanceClient=t}createNewGuid(){return ca()}base64Encode(e){return $s(e)}base64Decode(e){return Ws(e)}base64UrlEncode(e){return zs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(oa,e,t)}(Wa.EXTRACTABLE,Wa.POP_KEY_USAGES),n=await ha(r.publicKey),o=Ga({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await ha(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,oa,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw Ae(kt)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw ns(Ui);const s=await ha(i.publicKey),a=Ga(s),c=zs(JSON.stringify({kid:t})),h=zs(Lo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${zs(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(oa,e,t)}(i.privateKey,d),g=`${l}.${js(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await ia(e);return js(new Uint8Array(t))}(e)}}function Ga(e){return JSON.stringify(e,Object.keys(e).sort())}Wa.POP_KEY_USAGES=["sign","verify"],Wa.EXTRACTABLE=!0;const Qa="acquireTokenSilent",Va="acquireTokenByCode",Xa="acquireTokenPopup",Ya="acquireTokenPreRedirect",Za="acquireTokenRedirect",ec="ssoSilent",tc="initializeClientApplication",rc="localStorageUpdated",nc="loadExternalTokens",oc="ssoCapable";var ic=Object.freeze({__proto__:null,AcquireTokenByCode:Va,AcquireTokenPopup:Xa,AcquireTokenPreRedirect:Ya,AcquireTokenRedirect:Za,AcquireTokenSilent:Qa,InitializeClientApplication:tc,LoadExternalTokens:nc,LocalStorageUpdated:rc,SsoCapable:oc,SsoSilent:ec,WaitForBridgeLateResponse:"waitForBridgeLateResponse"});const sc="msal",ac="browser",cc=`${sc}.${ac}.log.level`,hc=`${sc}.${ac}.log.pii`,lc=`${sc}.${ac}.performance.enabled`,dc=`${sc}.version`,uc="account.keys",gc="token.keys",pc=`${sc}.${ac}.sso.capable`;function mc(e=3){return e<1?`${sc}.${uc}`:`${sc}.${e}.${uc}`}function fc(e,t=3){return t<1?`${sc}.${gc}.${e}`:`${sc}.${t}.${gc}.${e}`}const yc=864e5,wc="Lax",Ic="None";class Cc{initialize(){return Promise.resolve()}getItem(e){const t=encodeURIComponent(e),r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e].trim(),o=n.indexOf("=");if((-1===o?n:n.substring(0,o))===t){const e=-1===o?"":n.substring(o+1);try{return decodeURIComponent(e)}catch{return e}}}return""}getUserData(){throw Ae(_t)}setItem(e,t,r,n=!0,o=wc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*yc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===Ic)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(Ae(_t))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=e.trim(),n=r.indexOf("="),o=-1===n?r:r.substring(0,n);try{t.push(decodeURIComponent(o))}catch{}})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function vc(e,t){const r=e.getItem(mc(t));return r?JSON.parse(r):[]}function kc(e,t,r){const n=t.getItem(fc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Tc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const bc="msal.cache.encryption";class Ac{constructor(e,t,r){if(!window.localStorage)throw ka(ya);this.memoryStorage=new $a,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new Cc,r=t.getItem(bc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Un(Gs,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Ln(ga,ni,this.logger,this.performanceClient,e)(t)}}else{const r=ca(),n=await Ln(ua,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Un(js,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Ln(ga,ni,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(bc,JSON.stringify(i),0,!0,Ic)}await Ln(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw ns($i);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw ns($i);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Ln(fa,oi,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw ns($i);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Ln(ma,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();vc(this).forEach((e=>this.removeItem(e)));const e=kc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(sc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=vc(this);t=await this.importArray(t,e),t.length?this.setItem(mc(),JSON.stringify(t)):this.removeItem(mc());const r=kc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(fc(this.clientId),JSON.stringify(r)):this.removeItem(fc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return Tc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Ln(fa,oi,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(rc);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class Sc{constructor(){if(!window.sessionStorage)throw ka(ya)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const _c={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},Ec="@azure/msal-browser",Pc="5.11.0";function Rc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class Oc extends Gr{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new $a,this.browserStorage=Mc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Mc(e,vs.SessionStorage,n,o),this.cookieStorage=new Cc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=vc(this.browserStorage),r=kc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<3;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<3;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<3;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=vc(this.browserStorage),r=kc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(fn(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=Tc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&vn(o)?(kn(o)||Tn(o))&&o.expiresOn&&mn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=vc(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");i?i.lastUpdatedAt?fn(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays)&&(await this.removeAccountOldSchema(e,i,t,r),Rc(n,e)):(i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r)):Rc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=Tc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=br(r.secret,Ws);n&&(e[r.homeAccountId]=Ar(n))}}return e}async migrateIdTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=kc(this.clientId,this.browserStorage,3),i=vc(this.browserStorage),s=vc(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){Rc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&Tc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=br(t.secret,Ws),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(br(u.secret,Ws)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=zr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=kr(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey($r(h)),a=Ar(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.includes(d)||o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=kc(this.clientId,this.browserStorage,3);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Rc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=kc(this.clientId,this.browserStorage,3);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Rc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(dc);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==Pc&&this.setItem(dc,Pc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(4).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=3;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=Ur(s);if(!(a.errorCode===qr&&i<20))throw a;if(!o.length)for(let r=0;r<=3;r++)if(e===fc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(4).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Ln(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=3;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=Ur(e);if(!(t.errorCode===qr&&a<20))throw t;if(!s.length)for(let e=0;e<=3;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);if(!(n&&(o=n,o&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))))return null;var o;const i=Gr.toObject({},n);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in Ns?Ns[s]:"unknown")},t),i}async setAccount(e,t,r,n){this.logger.trace("1bz3wr",t);const o=this.generateAccountKey($r(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=n,await this.setUserData(o,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(o,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=3){0===e.length?this.removeItem(mc(r)):this.setItem(mc(r),JSON.stringify(e),t)}getAccountKeys(){return vc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(mc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=3){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=3){return kc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=3){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(fc(this.clientId,r),JSON.stringify(e),t):this.removeItem(fc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&vn(o)&&o.hasOwnProperty("realm")&&o.credentialType===H.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&kn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Tn(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(D)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[D,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(W);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(K)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(Ms,e),this.internalStorage.setItem(xs,t)}getWrapperMetadata(){return[this.internalStorage.getItem(Ms)||"",this.internalStorage.getItem(xs)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(A),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(A);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(_c.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(V));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){this.logger.trace("1ordf8",t);const n=r?this.generateCacheKey(e):e;return this.temporaryCacheStorage.getItem(n)}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(sc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(sc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return Te.startsWith(e,sc)?e:`${sc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===H.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==Q.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${sc}.3`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${sc}.3`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Es)),this.removeTemporaryItem(this.generateCacheKey(Ps)),this.removeTemporaryItem(this.generateCacheKey(Ss)),this.removeTemporaryItem(this.generateCacheKey(_s)),this.removeTemporaryItem(this.generateCacheKey(Os)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=$s(JSON.stringify(e));if(this.setTemporaryCache(Es,n,!0),r){const e=$s(r);this.setTemporaryCache(Ps,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Es,e,!0);if(!t)throw ns(_i);const r=this.getTemporaryCache(Ps,e,!0);let n,o="";try{n=JSON.parse(Ws(t)),r&&(o=Ws(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),ns(Ei)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(Os,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${sc}.${Rs}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),ba(window),null}}setInteractionInProgress(e,t=bs,r=!1,n=""){const o=`${sc}.${Rs}`;if(e){if(this.getInteractionInProgress()){if(!r)throw ns(fi);this.logger.warning("1pmscr",n),Pa(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r=wn(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),n=In(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?gn(e.expiresOn):0,e.extExpiresOn?gn(e.extExpiresOn):0,Ws,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o={idToken:r,accessToken:n};return this.saveCacheRecord(o,e.correlationId,Ar(br(e.idToken,Ws)),qs.hydrateCache)}async saveCacheRecord(e,t,r,n,o){try{await super.saveCacheRecord(e,t,r,n,o)}catch(e){if(e instanceof Nr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Mc(e,t,r,n){try{switch(t){case vs.LocalStorage:return new Ac(e,r,n);case vs.SessionStorage:return new Sc}}catch(e){r.error(e,"")}return new $a}const xc=(e,t,r,n)=>new Oc(e,{cacheLocation:vs.MemoryStorage,cacheRetentionDays:5},gr,t,r,n);function qc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function Nc(e,t,r,n){t.trace("0u7b90",n);const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function Uc(e,t,r){t.setActiveAccount(e,r)}function Lc(e,t){return e.getActiveAccount(t)}class Hc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new yr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||Ka();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n,o){const i={eventType:e,interactionType:r||null,payload:n||null,error:o||null,correlationId:t,timestamp:Date.now()};switch(e){case _c.LOGIN_SUCCESS:case _c.LOGOUT_SUCCESS:case _c.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Dc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(cs,Pc),this.performanceClient=s}}function Fc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return _r.getAbsoluteUrl(o,Oa())}function Kc(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new qo(s,n)}async function Bc(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(_r.getDomainFromUrl(d),c.environment):d,p=wo.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Ln(vo,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ke(je);return m}async function zc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function jc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);if(!e.sshKid)throw ke(De)}n.verbose("1ecmns",o)}else a.authenticationScheme=Q.BEARER,n.verbose("1l4fwv",o);return a}async function $c(e,t,r,n,o){const i=await Ln(jc,jo,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Jc(e,t){let r;const n=e.httpMethod;if(t===jr.EAR){if(n&&n!==p)throw ke($e);r=p}else r=n||g;return r}class Wc extends Dc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=e.account.loginHint||this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0d7s8p",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(e.postLogoutRedirectUri,Oa())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Oa())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(Oa(),Oa())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return this.logger.verbose("0u5bmc",this.correlationId),t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)(e);return new ko(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Ln(Bc,Ko,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:cs,version:Pc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function Gc(e,t,r,n,o,i,s,a){const c=Fc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const h={interactionType:t},l=ro(n,e&&e.state||"",h),d={...await Ln(jc,jo,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||ca(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Jc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function Qc(e,t,r,n){const o=lr(e);if(!o)throw hr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),ns(gi)):(r.error("18h0l1",n),ns(di));return o}function Vc(e,t,r){if(!e.state)throw ns(ui);const n=function(e,t){if(!t)return null;try{return no(e.base64Decode,t).libraryState.meta}catch(e){throw Ae(nt)}}(t,e.state);if(!n)throw ns(pi);if(n.interactionType!==r)throw ns(mi)}class Xc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t,r){let n;try{n=function(e,t){if(Eo(e,t),!e.code)throw Ae(vt);return e}(e,t.state)}catch(e){throw e instanceof to&&e.subError===Ci?ns(Ci):e}return Ln(this.handleCodeResponseFromServer.bind(this),On,this.logger,this.performanceClient,t.correlationId)(n,t,r)}async handleCodeResponseFromServer(e,t,r,n=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Ln(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:so}:e.loginHint?{credential:e.loginHint,type:ao}:null}}class Yc extends Ie{constructor(e,t,r){super(e,t||ts(e)),Object.setPrototypeOf(this,Yc.prototype),this.name="NativeAuthError",this.ext=r}}function Zc(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function eh(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return eo(Kn,ts(e));case"USER_INTERACTION_REQUIRED":return new Yn(e,t);case"USER_CANCEL":return ns(Ci);case"NO_NETWORK":return ns(Oi);case"UX_NOT_ALLOWED":return eo(zn)}return new Yc(e,t,r)}class th extends Wc{async acquireToken(e){const t=Kc(qs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new bo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Ln(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof rs&&e.errorCode===Ui&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class rh extends Dc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new th(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=qo.makeExtraSkuString({libraryName:cs,libraryVersion:Pc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[pe]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(Bo,this.correlationId),n=un(),o=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializePlatformRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===Ks.AccessToken)throw this.logger.info("0eitbc",this.correlationId),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e}))}catch(e){throw e instanceof Yc&&o.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Mt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),Ae(yt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw Ae(yt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o=this.browserStorage.getIdToken(r,this.correlationId,this.browserStorage.getTokenKeys(),r.tenantId),i=br(o?.secret||"",Ws),s=Tr(r,void 0,i,o?.secret);return{...n,idToken:o?.secret||"",idTokenClaims:i,account:s}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializePlatformRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Yc){if(Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Zc(e))throw e}}this.browserStorage.setTemporaryCache(Os,JSON.stringify(n),!0);const i={apiId:qs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?window.location.href:Fc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const e=this.browserStorage.getCachedNativeRequest();if(!e)return this.logger.verbose("0a6zjb",this.correlationId),this.performanceClient?.addFields({errorCode:"no_cached_request"},this.correlationId),null;const{prompt:t,...r}=e;t&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Os));const n=un();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(r),t=await this.handleNativeResponse(e,r,n);return Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),this.performanceClient?.addFields({isNativeBroker:!0},this.correlationId),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=br(e.id_token,Ws),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw eh("user_switch");const s=await Bc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=io(this.browserStorage,s,o,Ws,this.correlationId,n,e.client_info,s.getPreferredCache(),n.tid,void 0,e.account.id,this.logger,this.performanceClient);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,Ar(n)),await this.cacheNativeTokens(e,t,o,n,c.tenantId,r,s.getPreferredCache()),c}createHomeAccountIdentifier(e,t){return Wr(e.client_info||"",Dr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?Mt.fromString(t):Mt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===Q.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Dn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw Ae(bt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=Tr($r(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===Q.POP?Q.POP:Q.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:pn(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext($r(e),this.correlationId)}async cacheNativeTokens(e,t,r,n,o,i,s){const a=wn(r,s,e.id_token||"",t.clientId,n.tid||""),c=i+(t.tokenType===Q.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l=In(r,s,e.access_token,t.clientId,n.tid||o,h.printScopes(),c,0,Ws,void 0,t.tokenType,void 0,t.keyId);a&&!1!==t.storeInCache?.idToken&&await this.browserStorage.setIdTokenCredential(a,this.correlationId,Ar(n));const d={accessToken:l};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,Ar(n),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===Q.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializePlatformRequest(e){this.logger.trace("1xdm2a",this.correlationId);const t=await this.getCanonicalAuthority(e),r=e.skipBrokerClaims&&e.embeddedClientId?void 0:this.config.auth.clientCapabilities,{scopes:n,claims:o,...i}=e,s=new Mt(n||[]);s.appendScopes(m);const a={...i,claims:r&&r.length?tr(o,r):o,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:s.printScopes(),redirectUri:Fc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(a.signPopToken&&e.popKid)throw ns(Gi);if(this.handleExtraBrokerParams(a),a.extraParameters=a.extraParameters||{},a.extraParameters.telemetry=ds,e.authenticationScheme===Q.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Dn(this.browserCrypto,this.performanceClient);let n;if(a.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:a.keyId})),a.signPopToken=!1;else{const e=await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,a.keyId=e.kid,a.signPopToken=!0}a.reqCnf=n}return this.addRequestSKUs(a),a}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Bc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new _r(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case qs.ssoSilent:case qs.acquireTokenSilent_silentFlow:return this.logger.trace("12n1y2",this.correlationId),O.NONE}if(e)switch(e){case O.NONE:case O.CONSENT:case O.LOGIN:return this.logger.trace("0i0hco",this.correlationId),e;default:throw this.logger.trace("0w3tpw",this.correlationId),ns(Ji)}else this.logger.trace("0uid1p",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(fe)&&e.extraParameters.hasOwnProperty(he);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[fe],r=e.extraParameters[he]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},this.correlationId)}}const nh=new Map([["e","AAD"],["m","MSA"]]);function oh(e,t,r){const n=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:nh.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);n?.accountType&&r.addFields({accountType:n.accountType},t),n?.error&&r.addFields({serverErrorNo:n.error},t),n?.subError&&r.addFields({serverSubErrorNo:n.subError},t)}async function ih(e,t,r,n,o){const i=So({...e.auth,authority:t},r,n,o);if(jt(i,{sku:cs,version:Pc,os:"",cpu:""}),e.system.protocolMode!==jr.OIDC&&$t(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),o.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===Q.POP)){const e=new Wa(n,o),t=new Dn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Ln(t.generateCnf.bind(t),Mn,n,o,r.correlationId)(r,n)).reqCnfString}rr(i,s)}return xt(i,r.correlationId,o),i}async function sh(e,t,r,n,o){if(!r.codeChallenge)throw ke(qe);const i=await Ln(ih,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return qt(i,M),Wt(i,r.codeChallenge,h),er(i,{...r.extraQueryParameters,...r.extraParameters}),_o(t,i)}async function ah(e,t,r,n,o,i){if(!n.earJwk)throw ns(ai);const s=await ih(t,r,n,o,i);qt(s,x),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),Wt(s,n.codeChallenge,h),er(s,{...n.extraParameters});const a=new Map;er(a,n.extraQueryParameters||{}),zt(a,n.correlationId);return hh(e,_o(r,a),s)}async function ch(e,t,r,n,o,i){const s=await ih(t,r,n,o,i);qt(s,M),Wt(s,n.codeChallenge,n.codeChallengeMethod||h),er(s,{...n.extraParameters});const a=new Map;er(a,n.extraQueryParameters||{}),zt(a,n.correlationId);return hh(e,_o(r,a),s)}function hh(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function lh(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw ns(ji);const l=new Wa(a,c),d=new rh(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=no(l.base64Decode,e.state);return Ln(d.acquireToken.bind(d),Bo,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function dh(e,t,r,n,o,i,s,a,c,h,l,d){if(lo.removeThrottle(s,o.auth.clientId,e),oh(t,e.correlationId,l),t.accountId)return Ln(lh,Yo,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Xc(i,s,u,h,l);return await Ln(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e,n)}async function uh(e,t,r,n,o,i,s,a,c,h,l){if(lo.removeThrottle(i,n.auth.clientId,e),oh(t,e.correlationId,h),Eo(t,e.state),!t.ear_jwe)throw ns(ci);if(!e.earJwk)throw ns(ai);const d=JSON.parse(await Ln(da,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Ln(lh,Yo,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new oo(n.auth.clientId,i,new Wa(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Ln(u.handleServerTokenResponse.bind(u),xn,c,h,e.correlationId)(d,o,un(),e,r,g,void 0,void 0,void 0,void 0)}async function gh(e,t,r){const n=Un(ph,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Ln(mh,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function ph(e,t,r){try{const n=new Uint8Array(32);Un(sa,"getRandomValues",t,e,r)(n);return js(n)}catch(e){throw ns(si)}}async function mh(e,t,r,n){try{const o=await Ln(ia,"sha256Digest",r,t,n)(e);return js(new Uint8Array(o))}catch(e){throw ns(si)}}class fh{navigateInternal(e,t){return fh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return fh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(ns(Yi,"failed_to_redirect"))}),t.timeout)}))}}class yh{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=wh(t);try{r=await fetch(e,{method:ks,headers:i})}catch(e){throw go(ns(window.navigator.onLine?xi:Oi),void 0,void 0,e)}n=Ih(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw go(ns(qi),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=wh(t);let o,i=0,s={};try{o=await fetch(e,{method:Ts,headers:n,body:r})}catch(e){throw go(ns(window.navigator.onLine?Mi:Oi),void 0,void 0,e)}s=Ih(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw go(ns(qi),i,s,e)}}}function wh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw go(ns(Qi),void 0,void 0,e)}}function Ih(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw ns(Vi)}}function Ch({auth:r,cache:n,system:o,experimental:i,telemetry:h},l){const d={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:q.FRAGMENT,defaultScopes:[s,a,c]},azureCloudOptions:{azureCloudInstance:Cr.None,tenant:""},instanceAware:!1,isMcp:!1,verifySSO:!1},u={cacheLocation:vs.SessionStorage,cacheRetentionDays:5},g={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},p={...{...tn,loggerOptions:g,networkClient:l?new yh:Ao,navigationClient:new fh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:jr.AAD},...o,loggerOptions:o?.loggerOptions||g},m={application:{appName:"",appVersion:""},client:new en};if(o?.protocolMode!==jr.OIDC&&r?.OIDCOptions){new yr(p.loggerOptions).warning(JSON.stringify(ke(Be)),"")}if(o?.protocolMode&&o.protocolMode===jr.OIDC&&p?.allowPlatformBroker)throw ke(ze);return{auth:{...d,...r,OIDCOptions:{...d.OIDCOptions,...r?.OIDCOptions}},cache:{...u,...n},system:p,experimental:{iframeTimeoutTelemetry:!1,allowPlatformBrokerWithDOM:!1,...i},telemetry:{...m,...h}}}class vh{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=this.performanceClient.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=fs}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:Is,request:e},r={channel:hs,extensionId:this.extensionId,responseId:ca(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new vh(e,t,r,ls);return await o.sendHandshakeRequest(n),o}catch(o){const i=new vh(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:hs,extensionId:this.extensionId,responseId:ca(),body:{method:ys}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(ns(Bi)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Ka();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===hs&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===ys){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(ns(zi))}}onChannelMessage(e){const t=Ka();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===Cs){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(eh(e.code,e.description,e.ext));else{if(!e.result)throw Ce(Oo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(eh(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===ws){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ce(Oo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===ls?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class kh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=ms}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(us);if(n?.includes(ps))return e.trace("1h5q1r",r),new kh(e,t,r)}}getExtensionId(){return us}getExtensionVersion(){return""}getExtensionName(){return gs}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),eh(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ce(Oo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,n]of Object.entries(e))n&&(t[r]="object"==typeof n?JSON.stringify(n):String(n));return t}catch(e){return this.logger.error("0eu9o3",t),this.logger.errorPii("17rpl5",t),{}}}}async function Th(e,t,r,n,o){let i;e.trace("134j0v",r),e.trace("04c81g",r);try{o&&(i=await kh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await vh.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function bh(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker&&e.experimental.allowPlatformBrokerWithDOM)throw ke(Je);if(!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case Q.BEARER:case Q.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class Ah extends Wc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||m,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Jc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&Fa(o.authority);const i=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===jr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=Kc(qs.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Ln(gh,ri,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===p)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Ln(sh,Rn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(_c.POPUP_OPENED,o,e.InteractionType.Popup,{popupWindow:c},null);const h=await Ra(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient),l=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Ln(dh,Zo,this.logger,this.performanceClient,o)(t,l,s.verifier,qs.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Ie&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Ln(Bc,Ko,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Ln(la,ii,this.logger,this.performanceClient,n)(),l=r||await Ln(gh,ri,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await ah(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Ln(Ra,Wo,this.logger,this.performanceClient,n)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,d,this.performanceClient),p=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,n)({serverTelemetryManager:Kc(qs.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Ln(dh,Zo,this.logger,this.performanceClient,n)(d,p,l.verifier,qs.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Ln(uh,Xo,this.logger,this.performanceClient,n)(d,p,qs.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Ln(Bc,Ko,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await ch(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Ln(Ra,Wo,this.logger,this.performanceClient,o)(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient),c=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Ln(dh,Zo,this.logger,this.performanceClient,o)(e,c,n,qs.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(_c.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Kc(qs.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===jr.OIDC){if(this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),o){const e={apiId:qs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_r.getAbsoluteUrl(o,Oa());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}t.state=ro(this.browserCrypto,t.state||"",{interactionType:e.InteractionType.Popup});const a=s.getLogoutUri(t);this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(_c.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:c},null),await Ra(this.config.system.popupBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient).catch((()=>{})),o){const e={apiId:qs.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_r.getAbsoluteUrl(o,Oa());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof Ie&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),ns(li)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw ns(Ii);return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),ns(wi)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=is),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=ss),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-ss/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-is/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${as}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${as}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}class Sh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(_c.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(Ss,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===jr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof Ie&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=Kc(qs.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===p)return await this.executeCodeFlowWithPost(o);{const t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Ln(sh,Rn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Ln(la,ii,this.logger,this.performanceClient,t)(),c=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await ah(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(ns(Yi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await ch(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(ns(Yi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=Kc(qs.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),i=n?.navigateToLoginRequestUrl??!0;try{const[s,a]=this.getRedirectResponse(n?.hash||"");if(!s)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Ss,this.correlationId,!0)||"",h=ur(c);if(h===ur(window.location.href)&&i){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Aa(c);return await this.handleResponse(s,e,t,o)}if(!i)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(s,e,t,o);if(!Sa()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(_s,a,!0);const r={apiId:qs.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=Ma();this.browserStorage.setTemporaryCache(Ss,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(s,e,t,o)}return null}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),o.cacheFailedRequest(e)),e}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===q.QUERY?window.location.search:window.location.hash);let n=lr(r);if(n){try{Vc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof Ie&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return ba(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(_s,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(_s)),o&&(n=lr(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw ns(ui);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Ln(Bc,Ko,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Ln(uh,Xo,this.logger,this.performanceClient,t.correlationId)(t,e,qs.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Ln(dh,Zo,this.logger,this.performanceClient,t.correlationId)(t,e,r,qs.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:qs.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),ns(li)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=Kc(qs.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(_c.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:qs.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===jr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}r.state=ro(this.browserCrypto,r.state||"",{interactionType:e.InteractionType.Redirect});const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,As),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,As),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof Ie&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return _r.getAbsoluteUrl(t,Oa())}}async function _h(e,t,r,n){if(!e)throw r.info("1l7hyp",n),ns(li);return Un(Rh,"silentHandlerLoadFrameSync",r,t,n)(e)}async function Eh(e,t,r,n,o){const i=Oh();if(!i.contentDocument)throw"No document associated with iframe!";return(await ch(i.contentDocument,e,t,r,n,o)).submit(),i}async function Ph(e,t,r,n,o){const i=Oh();if(!i.contentDocument)throw"No document associated with iframe!";return(await ah(i.contentDocument,e,t,r,n,o)).submit(),i}function Rh(e){const t=Oh();return t.src=e,t}function Oh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function Mh(e){document.body===e.parentNode&&document.body.removeChild(e)}class xh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==O.NONE&&r.prompt!==O.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=O.NONE):r.prompt=O.NONE;const n=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),Fa(n.authority),this.config.system.protocolMode===jr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Ln(this.silentTokenHelper.bind(this),$o,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof Ie&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof Ie&&n.errorCode===os))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Ln(this.silentTokenHelper.bind(this),$o,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Ln(la,ii,this.logger,this.performanceClient,t)(),c=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge},l=await Ln(Ph,Jo,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient),d=this.config.auth.OIDCOptions.responseMode;let u;try{u=await Ln(Ra,Wo,this.logger,this.performanceClient,t)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,e,this.performanceClient,this.config.experimental)}finally{Un(Mh,ti,this.logger,this.performanceClient,t)(l)}const g=Un(Qc,ei,this.logger,this.performanceClient,t)(u,d,this.logger,this.correlationId);if(!g.ear_jwe&&g.code){const r=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,t)({serverTelemetryManager:Kc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Ln(dh,Zo,this.logger,this.performanceClient,t)(h,g,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Ln(uh,Xo,this.logger,this.performanceClient,t)(h,g,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async verifySso(t){const r={...t};r.prompt||(r.prompt=O.NONE);const n=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),o=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),{serverParams:i}=await this.silentAuthorizeHelper(o,n),s=n.correlationId;return Eo(i,n.state),i.code?(this.logger.verbose("0kkkcj",s),!0):(this.logger.warning("0y34ti",s),!1)}logout(){return Promise.reject(ns(Ai))}async silentTokenHelper(e,t){const{serverParams:r,pkceCodes:n}=await this.silentAuthorizeHelper(e,t);return Ln(dh,Zo,this.logger,this.performanceClient,t.correlationId)(t,r,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async silentAuthorizeHelper(e,t){const r=t.correlationId,n=await Ln(gh,ri,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};let i;if(t.httpMethod===p)i=await Ln(Eh,Jo,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Ln(sh,Rn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);i=await Ln(_h,Jo,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const s=this.config.auth.OIDCOptions.responseMode;let a;try{a=await Ln(Ra,Wo,this.logger,this.performanceClient,r)(this.config.system.iframeBridgeTimeout,this.logger,this.browserCrypto,t,this.performanceClient,this.config.experimental)}finally{Un(Mh,ti,this.logger,this.performanceClient,r)(i)}return{serverParams:Un(Qc,ei,this.logger,this.performanceClient,r)(a,s,this.logger,this.correlationId),pkceCodes:n,silentRequest:o}}}class qh extends Wc{async acquireToken(e){const t=await Ln(jc,jo,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Fc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Kc(qs.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Ln(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,qs.acquireTokenSilent_silentFlow).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(ns(Ai))}async createRefreshTokenClient(e){const t=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new To(t,this.performanceClient)}}class Nh extends ko{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Uh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw ns(Li);const r=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Nh(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Xc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Ln(s.handleCodeResponseFromServer.bind(s),On,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(ns(Ai))}}function Lh(e,t,r,n){try{Ha(e),Po(r.auth.isMcp,n)}catch(e){throw t.end({success:!1},e,n.account),e}}class Hh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Wa(this.logger,this.performanceClient):gr,this.eventHandler=new Hc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Oc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Co(this.config.auth)):xc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:vs.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new Oc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackStateChange=this.trackStateChange.bind(this),this.trackStateChangeWithMeasurement=this.trackStateChangeWithMeasurement.bind(this)}static async createController(e,t){const r=new Hh(e);return await r.initialize(t),r}trackStateChange(e,t){e&&("visibilitychange"===t.type?(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e)):"online"===t.type?(this.logger.info("0zirfd",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)):"offline"===t.type&&(this.logger.info("1xk9ef",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(_c.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,n=this.performanceClient.startMeasurement(tc,t);if(this.eventHandler.emitEvent(_c.INITIALIZE_START,t),this.logMultipleInstances(n,t),n.add({isMcp:this.config.auth.isMcp}),await Ln(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await Th(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout,this.config.experimental.allowPlatformBrokerWithDOM)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===vs.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(_c.INITIALIZE_END,t),n.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),La(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===As)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&!t?.hash;let s,a,c;try{if(i&&this.platformAuthProvider){const t=o?.correlationId||"";this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Za,t),this.logger.trace("12v7is",t),s.add({isPlatformBrokerRequest:!0});const r=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,qs.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Ln(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)()}else{const[r,n]=this.browserStorage.getCachedRequest("");c=r;const o=r.correlationId;this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_START,o,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Za,o),this.logger.trace("0znzs5",o);const i=this.createRedirectClient(o);a=Ln(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,n,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account),this.verifySsoCapability(c,e.InteractionType.Redirect)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Ya,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(Da(this.initialized,this.config),Po(this.config.auth.isMcp,t),this.browserStorage.setInteractionInProgress(!0,bs),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){const e=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,qs.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r);o=Ln(e.acquireTokenRedirect.bind(e),"nativeInteractionClientAcquireToken",this.logger,this.performanceClient,r)(t,n).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Yc&&Zc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof Yn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Za,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Xa,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Lh(this.initialized,n,this.config,t),this.browserStorage.setInteractionInProgress(!0,bs,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))n.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},qs.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Yc&&Zc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof Yn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((i=>{const s=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,i),s&&this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,r,e.InteractionType.Popup,i.account),n.end({success:!0,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length},void 0,i.account),this.verifySsoCapability(t,e.InteractionType.Popup),i})).catch((o=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,o),n.end({success:!1},o,t.account),Promise.reject(o)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackStateChangeWithMeasurement(e){const t=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;t&&("visibilitychange"===e.type?(this.logger.info("0yzimq",t.event.correlationId),t.increment({visibilityChangeCount:1})):"online"===e.type?(this.logger.info("1caf53",t.event.correlationId),t.increment({onlineStatusChangeCount:1})):"offline"===e.type&&(this.logger.info("0fdyk7",t.event.correlationId),t.increment({onlineStatusChangeCount:1})))}addStateChangeListeners(e){document.addEventListener("visibilitychange",e),window.addEventListener("online",e),window.addEventListener("offline",e)}removeStateChangeListeners(e){document.removeEventListener("visibilitychange",e),window.removeEventListener("online",e),window.removeEventListener("offline",e)}getCachedSsoCapable(){try{const e=window.localStorage.getItem(pc);if(e){const t=JSON.parse(e);if(t&&"boolean"==typeof t.ssoCapable&&t.expiresOn&&Date.now()<t.expiresOn)return t.ssoCapable}}catch{}}verifySsoCapability(e,t){if(!this.config.auth.verifySSO)return;const r=pc;if(void 0!==this.getCachedSsoCapable())return void this.logger.verbose("13poou","");const n=ca(),o=this.performanceClient.startMeasurement(oc,n);o.add({"ext.interactionType":t}),this.logger.verbose("0pbr0i",n),setTimeout((()=>{const t={...e,correlationId:n};this.createSilentIframeClient(n).verifySso(t).then((e=>{this.logger.verbose("1gd1iv",n);try{const t=JSON.stringify({ssoCapable:e,expiresOn:Date.now()+864e5});window.localStorage.setItem(r,t)}catch{this.logger.warning("18lmoj",n)}o.end({fromCache:!1,success:e},void 0)})).catch((e=>{this.logger.warning("05g83w",n);try{window.localStorage.removeItem(r)}catch{this.logger.warning("0nlf9q",n)}o.end({fromCache:!1,success:!1},e)}))}),0)}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(ec,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Lh(this.initialized,this.ssoSilentMeasurement,this.config,n),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative(n,qs.ssoSilent).catch((e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Yc&&Zc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const n=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),n&&this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((n=>{throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,n),this.ssoSilentMeasurement?.end({success:!1},n,t.account),n})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Va,r);Lh(this.initialized,n,this.config,t),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw ns(Di);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){n.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},qs.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Yc&&Zc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw ns(Ki)}throw ns(Hi)}catch(t){throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case Ks.Default:case Ks.AccessToken:case Ks.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Ae(It)}}async acquireTokenByRefreshToken(e,t){switch(t){case Ks.Default:case Ks.AccessTokenAndRefreshToken:case Ks.RefreshToken:case Ks.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Ae(It)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Da(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,As);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);Ha(this.initialized),this.browserStorage.setInteractionInProgress(!0,As);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return qc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return Nc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Uc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Lc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Jr(e.account,e.cloudGraphHostName,e.msGraphHost);if(await this.browserStorage.setAccount(r,e.correlationId,Ar(e.idTokenClaims),qs.hydrateCache),!e.fromPlatformBroker)return this.browserStorage.hydrateCache(e,t);{this.logger.verbose("1i5atf",e.correlationId);const r=wn(e.account.homeAccountId,e.account.environment,e.idToken,this.config.auth.clientId,e.tenantId),n=In(e.account.homeAccountId,e.account.environment,e.accessToken,this.config.auth.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?gn(e.expiresOn):0,e.extExpiresOn?gn(e.extExpiresOn):0,Ws,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o=Ar(e.idTokenClaims);await this.browserStorage.setIdTokenCredential(r,e.correlationId,o),await this.nativeInternalStorage.setAccessTokenCredential(n,e.correlationId,o)}}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw ns(ji);const i=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o);return Ln(i.acquireToken.bind(i),Bo,this.logger,this.performanceClient,o)(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!bh(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("0yoy1g",r),!1;if(e.prompt)switch(e.prompt){case O.NONE:case O.CONSENT:case O.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||(e.loginHint||e.sid?null:this.getActiveAccount());return t&&t.nativeAccountId||""}createPopupClient(e){return new Ah(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createRedirectClient(e){return new Sh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new xh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,qs.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentCacheClient(e){return new th(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new qh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Uh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,qs.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Ua(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?ca():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||Hs})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||Hs})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Qa,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Lh(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw ns(Si);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof Ie&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=ho(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Ln(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=e=>this.trackStateChange(t.correlationId,e);this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0,onlineStatusChangeCount:0},t.correlationId),this.addStateChangeListeners(n);const o=await Ln($c,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||Ks.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const r=function(e,t){const r=!(e instanceof Yn&&e.subError!==Wn),n=e.errorCode===os||e.errorCode===It,o=r&&n||e.errorCode===Fn||e.errorCode===Bn,i=Bs.includes(t);return o&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==Ks.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Ln(this.acquireTokenBySilentIframe.bind(this),zo,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Ln(this.acquireTokenBySilentIframe.bind(this),zo,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((r=>{throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r})).finally((()=>{this.removeStateChangeListeners(n)}))}async acquireTokenSilentNoIframe(t,r){return bh(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,qs.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof Yc&&Zc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,Ae(It);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===Ks.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Ln(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===Ks.AccessToken)throw n;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),Ln(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Ln(gh,ri,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class Dh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t){let r;this.browserEnvironment="undefined"!=typeof window,this.config=Ch(t,this.browserEnvironment);try{r=window[vs.SessionStorage]}catch(e){}const n=r?.getItem(cc),o=r?.getItem(hc)?.toLowerCase(),i="true"===o||"false"!==o&&void 0,s={...this.config.system.loggerOptions},a=n&&Object.keys(e.LogLevel).includes(n)?e.LogLevel[n]:void 0;a&&(s.loggerCallback=Dh.loggerCallback,s.logLevel=a),void 0!==i&&(s.piiLoggingEnabled=i),this.logger=new yr(s,Ec,Pc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Fh extends Dh{getModuleName(){return Fh.MODULE_NAME}getId(){return Fh.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Fh.MODULE_NAME="",Fh.ID="StandardOperatingContext";const Kh="USER_INTERACTION_REQUIRED",Bh="USER_CANCEL",zh="NO_NETWORK",jh="TRANSIENT_ERROR",$h="PERSISTENT_ERROR",Jh="DISABLED",Wh="ACCOUNT_UNAVAILABLE",Gh="NESTED_APP_AUTH_UNAVAILABLE";class Qh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=tr(e.claims,this.clientCapabilities),o=e.scopes||m;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:o.join(" "),correlationId:r,claims:Te.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||Q.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw Ae(Ye);const n=pn(r+(t.token.expires_in||0)),o=br(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||Q.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||zr(n)||"",s=e.homeAccountId||`${o}.${i}`,a=e.environment;if(!a)throw Ae(ft);const c=n?.preferred_username||n?.upn,h=n?.emails?.[0]||null,l=e.username||c||h||"",d=e.name||n?.name||"",u=e.loginHint||n?.login_hint,g=new Map,p=kr(s,o,i,n);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:l,localAccountId:o,name:d,loginHint:u,idToken:t,idTokenClaims:n,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Ie("unknown_error","An unknown error occurred");switch(e.status){case Bh:return new be(St);case zh:return new be(At);case Wh:return new be(yt);case Jh:return new be(Et);case Gh:return new be(e.code||Et,e.description);case jh:case $h:return new to(e.code,e.description);case Kh:return new Yn(e.code,e.description);default:return new Ie(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw Ae(Ye);const i=br(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:pn(r.expiresOn),extExpiresOn:pn(r.extendedExpiresOn),tokenType:n.authenticationScheme||Q.BEARER,correlationId:o,state:n.state}}}class Vh extends Ie{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Vh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Vh("unsupported_method")}}class Xh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Wa(this.logger,this.performanceClient,!0):gr,this.eventHandler=new Hc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Oc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Co(this.config.auth)):xc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new Qh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Xh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||ca();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||ca();this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,n,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Xa,n);o.add({nestedAppAuthRequest:!0});try{Po(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=un(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof Ie?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||ca();this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,n,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(ec,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{Po(this.config.auth.isMcp,r);const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=un(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const o=r instanceof Ie?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),o}}async acquireTokenFromCache(t){const r=t.correlationId||ca(),n=this.performanceClient.startMeasurement(Qa,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=Ks.Default),t.cacheLookupPolicy){case Ks.Default:case Ks.AccessToken:case Ks.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||ca();let n=null;if(t&&(n=Nc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...m]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(yn(s.cachedAt)||mn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(o.resource){const e=o.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Vh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Vh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Vh.createUnsupportedError()}removePerformanceCallback(e){throw Vh.createUnsupportedError()}getAllAccounts(e){return qc(this.logger,this.browserStorage,this.isBrowserEnv(),ca(),e)}getAccount(e){return Nc(e,this.logger,this.browserStorage,ca())}setActiveAccount(e){return Uc(e,this.browserStorage,ca())}getActiveAccount(){return Lc(this.browserStorage,ca())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Hs)}loginRedirect(e){throw Vh.createUnsupportedError()}logoutRedirect(e){throw Vh.createUnsupportedError()}logoutPopup(e){throw Vh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Vh.createUnsupportedError()}getRedirectResponse(){throw Vh.createUnsupportedError()}async clearCache(e){throw Vh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Jr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ar(e.idTokenClaims),qs.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class Yh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Yh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Yh.bridgeRequests.splice(Yh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Yh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Yh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Yh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Yh.validateBridgeResultOrThrow(r.token),account:Yh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:ca(),sendTime:Date.now(),clientLibrary:cs,clientLibraryVersion:Pc,...t}}sendRequest(e,t){const r=Yh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Yh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Gh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Yh.initializeNestedAppAuthBridge();return new Yh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Yh.bridgeRequests=[];class Zh extends Dh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Zh.MODULE_NAME}getId(){return Zh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Yh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii("1mdxyj",t)}return this.logger.info("12jy9a",t),this.available}}Zh.MODULE_NAME="",Zh.ID="NestedAppOperatingContext";class el{constructor(e,t){this.controller=t||new Hh(new Fh(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function tl(e){const t=new el(e);return await t.initialize(),t}const rl={initialize:()=>Promise.reject(ka(wa)),acquireTokenPopup:()=>Promise.reject(ka(wa)),acquireTokenRedirect:()=>Promise.reject(ka(wa)),acquireTokenSilent:()=>Promise.reject(ka(wa)),acquireTokenByCode:()=>Promise.reject(ka(wa)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(ka(wa)),loginPopup:()=>Promise.reject(ka(wa)),loginRedirect:()=>Promise.reject(ka(wa)),logoutRedirect:()=>Promise.reject(ka(wa)),logoutPopup:()=>Promise.reject(ka(wa)),ssoSilent:()=>Promise.reject(ka(wa)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw ka(wa)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw ka(wa)},hydrateCache:()=>Promise.reject(ka(wa)),clearCache:()=>Promise.reject(ka(wa))};async function nl(e,t,r,n,o,i,s,a,c){if(o.verbose("0ke46k",r),e.account){const t=Jr(e.account);return await n.setAccount(t,r,Ar(a||{}),qs.loadExternalTokens),t}if(!t&&!a)throw o.error("0hzcn4",r),ns(Ni);const h=Wr(t,s.authorityType,o,i,r,a),l=a?.tid,d=io(n,s,h,Ws,r,a,t,s.getPreferredCache(),l,void 0,void 0,o,c);return await n.setAccount(d,r,Ar(a||{}),qs.loadExternalTokens),d}async function ol(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=wn(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}async function il(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?Mt.fromString(t.scope):new Mt(e.scopes),u=s.expiresOn||t.expires_in+un(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+un(),p=In(r,n,t.access_token,l,o,d.printScopes(),u,g,Ws);return await c.setAccessTokenCredential(p,a,i),p}async function sl(e,t,r,n,o,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",o),null;const h=e.refresh_token_expires_in?e.refresh_token_expires_in+un():void 0;c.addFields({extRtExpiresOnSeconds:h},o),s.verbose("0qy8ev",o);const l=Cn(t,r,e.refresh_token,a,e.foci,void 0,h);return await i.setRefreshTokenCredential(l,o,n),l}function al(){let e;try{e=window[vs.SessionStorage];const t=e?.getItem(lc);if(1===Number(t))return Promise.resolve().then((function(){return dl}))}catch(e){}}function cl(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function hl(e){if(e&&cl())return Math.round(window.performance.now()-e)}class ll{constructor(e,t){this.correlationId=t,this.measureName=ll.makeMeasureName(e,t),this.startMark=ll.makeStartMark(e,t),this.endMark=ll.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(ll.supportsBrowserPerformance())try{t.forEach((t=>{const r=ll.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(ll.makeStartMark(r,e)),window.performance.clearMarks(ll.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(ll.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(ll.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(ll.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var dl=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:ll});const ul=Q,gl=q,pl=O,ml=ce,fl=m;e.ApiId=qs,e.AuthError=Ie,e.AuthErrorCodes=Mo,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[k];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ke(Ke)}const t=this.headers[v];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ke(Ke)}throw ke(Fe)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=ul,e.AzureCloudInstance=Cr,e.BrowserAuthError=rs,e.BrowserAuthErrorCodes=es,e.BrowserCacheLocation=vs,e.BrowserConfigurationAuthError=va,e.BrowserConfigurationAuthErrorCodes=Ca,e.BrowserPerformanceClient=class extends Fo{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new yr(e.system?.loggerOptions||{},Ec,Pc),Ec,Pc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return ca()}getPageVisibility(){return document.visibilityState?.toString()||null}getOnlineStatus(){return"undefined"!=typeof navigator?navigator.onLine:null}deleteIncompleteSubMeasurements(e){al()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=this.getOnlineStatus(),o=super.startMeasurement(e,t),i=cl()?window.performance.now():void 0,s=al()?.then((t=>new t.BrowserPerformanceMeasurement(e,o.event.correlationId)));return s?.then((e=>e.startMeasurement())),{...o,end:(e,t,a)=>{const c=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),h=o.end({...e,startPageVisibility:r,startOnlineStatus:n,endPageVisibility:this.getPageVisibility(),durationMs:hl(i),networkEffectiveType:c.effectiveType,networkRtt:c.rtt},t,a);return s?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(o),h},discard:()=>{o.discard(),s?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(o)}}}},e.BrowserPerformanceMeasurement=ll,e.BrowserRootPerformanceEvents=ic,e.BrowserUtils=za,e.CacheLookupPolicy=Ks,e.ClientAuthError=be,e.ClientAuthErrorCodes=Ot,e.ClientConfigurationError=ve,e.ClientConfigurationErrorCodes=Ge,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=Hc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case _c.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return Ls.AcquireToken;break;case _c.HANDLE_REDIRECT_START:return Ls.HandleRedirect;case _c.LOGOUT_START:return Ls.Logout;case _c.LOGOUT_END:if(r&&r!==Ls.Logout)break;return Ls.None;case _c.HANDLE_REDIRECT_END:if(r&&r!==Ls.HandleRedirect)break;return Ls.None;case _c.ACQUIRE_TOKEN_SUCCESS:case _c.ACQUIRE_TOKEN_FAILURE:case _c.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==Ls.AcquireToken)break;return Ls.None}}return null}},e.EventType=_c,e.InteractionRequiredAuthError=Yn,e.InteractionRequiredAuthErrorCodes=Qn,e.InteractionStatus=Ls,e.JsonWebTokenTypes=ml,e.LocalStorage=Ac,e.Logger=yr,e.MemoryStorage=$a,e.NavigationClient=fh,e.OIDC_DEFAULT_SCOPES=fl,e.PromptValue=pl,e.ProtocolMode=jr,e.PublicClientApplication=el,e.ResponseMode=gl,e.ServerError=to,e.SessionStorage=Sc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new yr(r,Ec,Pc),this.cryptoOps=new Wa(this.logger),this.popTokenGenerator=new Dn(this.cryptoOps,new en),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=en,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=new Zh(e);if(await n.initialize(t),n.isAvailable()){const o=t||ca(),i=new Xh(n),s=r?r(e,i):new el(e,i);return await s.initialize({correlationId:o}),s}return tl(e)},e.createStandardPublicClientApplication=tl,e.enforceResourceParameter=Po,e.isPlatformBrokerAvailable=async function(e,t,r,n){const o=new yr(t||{},Ec,Pc),i=r||new en;return"undefined"==typeof window?(o.trace("082ed3",n||ca()),!1):!!await Th(o,i,n||ca(),void 0,e)},e.loadExternalTokens=async function(e,t,r,n,o=new en){Ua();const i=Ch(e,!0),s=t.correlationId||ca(),a=o.startMeasurement(nc,s);try{const c=r.id_token?br(r.id_token,Ws):void 0,h=Ar(c||{}),l={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new yr(i.system.loggerOptions||{}),u=new Wa(d,i.telemetry.client),g=new Oc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new Hc(d),Co(i.auth)),p=t.authority||i.auth.authority,m=await vo(wo.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,l,d,s,o),f=await Ln(nl,"loadAccount",d,o,s)(t,n.clientInfo||r.client_info||"",s,g,d,u,m,c,o),y=await Ln(ol,"loadIdToken",d,o,s)(r,f.homeAccountId,f.environment,f.realm,h,s,g,d,e.auth.clientId),w=await Ln(il,"loadAccessToken",d,o,s)(t,r,f.homeAccountId,f.environment,f.realm,h,n,s,g,d,e.auth.clientId),I=await Ln(sl,"loadRefreshToken",d,o,s)(r,f.homeAccountId,f.environment,h,s,g,d,e.auth.clientId,o);return a.end({success:!0},void 0,$r(f)),function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Mt.fromString(t.accessToken.target).asArray(),a=pn(t.accessToken.expiresOn),o=pn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:$r(c),idToken:t.idToken?.secret||"",idTokenClaims:n||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:w,refreshToken:I},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=rl,e.version=Pc}));
+/*! @azure/msal-browser v5.12.0 2026-06-05 */
+"use strict";!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).msal={})}(this,(function(e){const t="https://login.microsoftonline.com/common/",r="common",n=`${t}discovery/instance?api-version=1.1&authorization_endpoint=`,o=".ciamlogin.com",i=".onmicrosoft.com",s="openid",a="profile",c="offline_access",h="S256",l="Not Available",d="http://169.254.169.254/metadata/instance/compute/location",u=["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"],g="GET",p="POST",m=[s,a,c],f=[...m,"email"],y="Content-Type",w="Content-Length",I="Retry-After",C="X-AnchorMailbox",v="WWW-Authenticate",k="Authentication-Info",T="x-ms-request-id",b="x-ms-httpver",A="active-account-filters",S="common",_="organizations",E="consumers",P="access_token",R="xms_cc",O={LOGIN:"login",SELECT_ACCOUNT:"select_account",CONSENT:"consent",NONE:"none",CREATE:"create",NO_SESSION:"no_session"},M="code",x="id_token token refresh_token",q={QUERY:"query",FRAGMENT:"fragment",FORM_POST:"form_post"},N="authorization_code",U="refresh_token",L="Generic",H={ID_TOKEN:"IdToken",ACCESS_TOKEN:"AccessToken",ACCESS_TOKEN_WITH_AUTH_SCHEME:"AccessToken_With_AuthScheme",REFRESH_TOKEN:"RefreshToken"},F="appmetadata",D="1",K="authority-metadata",B="config",z="cache",j="network",$="hardcoded_values",J=5,W="server-telemetry",G=",",Q={BEARER:"Bearer",POP:"pop",SSH:"ssh-cert"},V="throttling",Y="1",Z="3",X="4",ee="2",te="4",re="5",ne="0",oe="1",ie="2",se="3",ae="4",ce={Jwt:"JWT",Jwk:"JWK",Pop:"pop"},he="client_id",le="redirect_uri",de="token_type",ue="req_cnf",ge="return_spa_code",pe="x-client-xtra-sku",me="brk_client_id",fe="brk_redirect_uri",ye="instance_aware";function we(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class Ie extends Error{constructor(e,t,r){const n=t||(e?we(e):"");super(n?`${e}: ${n}`:e),Object.setPrototypeOf(this,Ie.prototype),this.errorCode=e||"",this.errorMessage=n||"",this.subError=r||"",this.name="AuthError"}setCorrelationId(e){this.correlationId=e}}function Ce(e,t){return new Ie(e,t||we(e))}class ve extends Ie{constructor(e){super(e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,ve.prototype)}}function ke(e){return new ve(e)}class Te{static isEmptyObj(e){if(e)try{const t=JSON.parse(e);return 0===Object.keys(t).length}catch(e){}return!0}static startsWith(e,t){return 0===e.indexOf(t)}static endsWith(e,t){return e.length>=t.length&&e.lastIndexOf(t)===e.length-t.length}static queryStringToObject(e){const t={},r=e.split("&"),n=e=>decodeURIComponent(e.replace(/\+/g," "));return r.forEach((e=>{if(e.trim()){const[r,o]=e.split(/=(.+)/g,2);r&&o&&(t[n(r)]=n(o))}})),t}static trimArrayEntries(e){return e.map((e=>e.trim()))}static removeEmptyStringsFromArray(e){return e.filter((e=>!!e))}static jsonParseHelper(e){try{return JSON.parse(e)}catch(e){return null}}}class be extends Ie{constructor(e,t){super(e,t),this.name="ClientAuthError",Object.setPrototypeOf(this,be.prototype)}}function Ae(e,t){return new be(e,t)}const Se="redirect_uri_empty",_e="authority_uri_insecure",Ee="url_parse_error",Pe="empty_url_error",Re="empty_input_scopes_error",Oe="invalid_claims",Me="token_request_empty",xe="logout_request_empty",qe="pkce_params_missing",Ne="invalid_cloud_discovery_metadata",Ue="invalid_authority_metadata",Le="untrusted_authority",He="missing_ssh_jwk",Fe="missing_ssh_kid",De="missing_nonce_authentication_header",Ke="invalid_authentication_header",Be="cannot_set_OIDCOptions",ze="cannot_allow_platform_broker",je="authority_mismatch",$e="invalid_request_method_for_EAR",Je="invalid_platform_broker_configuration",We="issuer_validation_failed";var Ge=Object.freeze({__proto__:null,authorityMismatch:je,authorityUriInsecure:_e,cannotAllowPlatformBroker:ze,cannotSetOIDCOptions:Be,claimsRequestParsingError:"claims_request_parsing_error",emptyInputScopesError:Re,invalidAuthenticationHeader:Ke,invalidAuthorityMetadata:Ue,invalidClaims:Oe,invalidCloudDiscoveryMetadata:Ne,invalidCodeChallengeMethod:"invalid_code_challenge_method",invalidPlatformBrokerConfiguration:Je,invalidRequestMethodForEAR:$e,issuerValidationFailed:We,logoutRequestEmpty:xe,missingNonceAuthenticationHeader:De,missingSshJwk:He,missingSshKid:Fe,pkceParamsMissing:qe,redirectUriEmpty:Se,tokenRequestEmpty:Me,untrustedAuthority:Le,urlEmptyError:Pe,urlParseError:Ee});const Qe="client_info_decoding_error",Ve="client_info_empty_error",Ye="token_parsing_error",Ze="null_or_empty_token",Xe="endpoints_resolution_error",et="network_error",tt="openid_config_error",rt="hash_not_deserialized",nt="invalid_state",ot="state_mismatch",it="state_not_found",st="nonce_mismatch",at="auth_time_not_found",ct="max_age_transpired",ht="multiple_matching_appMetadata",lt="request_cannot_be_made",dt="cannot_remove_empty_scope",ut="cannot_append_scopeset",gt="empty_input_scopeset",pt="no_account_in_silent_request",mt="invalid_cache_record",ft="invalid_cache_environment",yt="no_account_found",wt="no_crypto_object",It="token_refresh_required",Ct="token_claims_cnf_required_for_signedjwt",vt="authorization_code_missing_from_server_response",kt="binding_key_not_removed",Tt="end_session_endpoint_not_supported",bt="key_id_missing",At="no_network_connectivity",St="user_canceled",_t="method_not_implemented",Et="nested_app_auth_bridge_disabled",Pt="resource_parameter_required",Rt="misplaced_resource_parameter";var Ot=Object.freeze({__proto__:null,authTimeNotFound:at,authorizationCodeMissingFromServerResponse:vt,bindingKeyNotRemoved:kt,cannotAppendScopeSet:ut,cannotRemoveEmptyScope:dt,clientInfoDecodingError:Qe,clientInfoEmptyError:Ve,emptyInputScopeSet:gt,endSessionEndpointNotSupported:Tt,endpointResolutionError:Xe,hashNotDeserialized:rt,invalidCacheEnvironment:ft,invalidCacheRecord:mt,invalidState:nt,keyIdMissing:bt,maxAgeTranspired:ct,methodNotImplemented:_t,misplacedResourceParam:Rt,multipleMatchingAppMetadata:ht,multipleMatchingTokens:"multiple_matching_tokens",nestedAppAuthBridgeDisabled:Et,networkError:et,noAccountFound:yt,noAccountInSilentRequest:pt,noCryptoObject:wt,noNetworkConnectivity:At,nonceMismatch:st,nullOrEmptyToken:Ze,openIdConfigError:tt,platformBrokerError:"platform_broker_error",requestCannotBeMade:lt,resourceParameterRequired:Pt,stateMismatch:ot,stateNotFound:it,tokenClaimsCnfRequiredForSignedJwt:Ct,tokenParsingError:Ye,tokenRefreshRequired:It,unexpectedCredentialType:"unexpected_credential_type",userCanceled:St});class Mt{constructor(e){const t=e?Te.trimArrayEntries([...e]):[],r=t?Te.removeEmptyStringsFromArray(t):[];if(!r||!r.length)throw ke(Re);this.scopes=new Set,r.forEach((e=>this.scopes.add(e)))}static fromString(e){const t=(e||"").split(" ");return new Mt(t)}static createSearchScopes(e){const t=e&&e.length>0?e:[...m],r=new Mt(t);return r.containsOnlyOIDCScopes()?r.removeScope(c):r.removeOIDCScopes(),r}containsScope(e){const t=this.printScopesLowerCase().split(" "),r=new Mt(t);return!!e&&r.scopes.has(e.toLowerCase())}containsScopeSet(e){return!(!e||e.scopes.size<=0)&&(this.scopes.size>=e.scopes.size&&e.asArray().every((e=>this.containsScope(e))))}containsOnlyOIDCScopes(){let e=0;return f.forEach((t=>{this.containsScope(t)&&(e+=1)})),this.scopes.size===e}appendScope(e){e&&this.scopes.add(e.trim())}appendScopes(e){try{e.forEach((e=>this.appendScope(e)))}catch(e){throw Ae(ut)}}removeScope(e){if(!e)throw Ae(dt);this.scopes.delete(e.trim())}removeOIDCScopes(){f.forEach((e=>{this.scopes.delete(e)}))}unionScopeSets(e){if(!e)throw Ae(gt);const t=new Set;return e.scopes.forEach((e=>t.add(e.toLowerCase()))),this.scopes.forEach((e=>t.add(e.toLowerCase()))),t}intersectingScopeSets(e){if(!e)throw Ae(gt);e.containsOnlyOIDCScopes()||e.removeOIDCScopes();const t=this.unionScopeSets(e),r=e.getScopeCount(),n=this.getScopeCount();return t.size<n+r}getScopeCount(){return this.scopes.size}asArray(){const e=[];return this.scopes.forEach((t=>e.push(t))),e}printScopes(){if(this.scopes){return this.asArray().join(" ")}return""}printScopesLowerCase(){return this.printScopes().toLowerCase()}}function xt(e,t,r){if(!t)return;const n=e.get(he);n&&e.has(me)&&r?.addFields({embeddedClientId:n,embeddedRedirectUri:e.get(le)},t)}function qt(e,t){e.set("response_type",t)}function Nt(e,t,r=!0,n=m){!r||n.includes("openid")||t.includes("openid")||n.push("openid");const o=r?[...t||[],...n]:t||[],i=new Mt(o);e.set("scope",i.printScopes())}function Ut(e,t){e.set(he,t)}function Lt(e,t){e.set(le,t)}function Ht(e,t){e.set("login_hint",t)}function Ft(e,t){e.set(C,`UPN:${t}`)}function Dt(e,t){e.set(C,`Oid:${t.uid}@${t.utid}`)}function Kt(e,t){e.set("sid",t)}function Bt(e,t,r,n){const o=n&&e.has(me)?void 0:r;if(!Te.isEmptyObj(t)||o&&o.length>0){const r=tr(t,o);try{JSON.parse(r)}catch(e){throw ke(Oe)}e.set("claims",r)}}function zt(e,t){e.set("client-request-id",t)}function jt(e,t){e.set("x-client-SKU",t.sku),e.set("x-client-VER",t.version),t.os&&e.set("x-client-OS",t.os),t.cpu&&e.set("x-client-CPU",t.cpu)}function $t(e,t){t?.appName&&e.set("x-app-name",t.appName),t?.appVersion&&e.set("x-app-ver",t.appVersion)}function Jt(e,t){t&&e.set("state",t)}function Wt(e,t,r){if(!t||!r)throw ke(qe);e.set("code_challenge",t),e.set("code_challenge_method",r)}function Gt(e,t){e.set("client_secret",t)}function Qt(e,t){t&&e.set("client_assertion",t)}function Vt(e,t){t&&e.set("client_assertion_type",t)}function Yt(e,t){e.set("grant_type",t)}function Zt(e){e.set("client_info","1")}function Xt(e){e.has(ye)||e.set(ye,"true")}function er(e,t){Object.entries(t).forEach((([t,r])=>{!e.has(t)&&r&&e.set(t,r)}))}function tr(e,t){let r;if(e)try{r=JSON.parse(e)}catch(e){throw ke(Oe)}else r={};return t&&t.length>0&&(r.hasOwnProperty(P)||(r[P]={}),r[P][R]={values:t}),JSON.stringify(r)}function rr(e,t){t&&(e.set(de,Q.POP),e.set(ue,t))}function nr(e,t){t&&(e.set(de,Q.SSH),e.set(ue,t))}function or(e,t){e.set("x-client-current-telemetry",t.generateCurrentRequestHeaderValue()),e.set("x-client-last-telemetry",t.generateLastRequestHeaderValue())}function ir(e){e.set("x-ms-lib-capability","retry-after, h429")}function sr(e,t,r){e.has(me)||e.set(me,t),e.has(fe)||e.set(fe,r)}function ar(e,t){t&&e.set("resource",t)}function cr(e){if(!e)return e;let t=e.toLowerCase();return Te.endsWith(t,"?")?t=t.slice(0,-1):Te.endsWith(t,"?/")&&(t=t.slice(0,-2)),Te.endsWith(t,"/")||(t+="/"),t}function hr(e){return e.startsWith("#/")?e.substring(2):e.startsWith("#")||e.startsWith("?")?e.substring(1):e}function lr(e){if(!e||e.indexOf("=")<0)return null;try{const t=hr(e),r=Object.fromEntries(new URLSearchParams(t));if(r.code||r.ear_jwe||r.error||r.error_description||r.state)return r}catch(e){throw Ae(rt)}return null}function dr(e){const t=new Array;return e.forEach(((e,r)=>{t.push(`${r}=${encodeURIComponent(e)}`)})),t.join("&")}function ur(e){if(!e)return e;const t=e.split("#")[0];try{const e=new URL(t);return cr(e.origin+e.pathname+e.search)}catch(e){return cr(t)}}const gr={createNewGuid:()=>{throw Ae(_t)},base64Decode:()=>{throw Ae(_t)},base64Encode:()=>{throw Ae(_t)},base64UrlEncode:()=>{throw Ae(_t)},encodeKid:()=>{throw Ae(_t)},async getPublicKeyThumbprint(){throw Ae(_t)},async removeTokenBindingKey(){throw Ae(_t)},async clearKeystore(){throw Ae(_t)},async signJwt(){throw Ae(_t)},async hashString(){throw Ae(_t)}};var pr;e.LogLevel=void 0,(pr=e.LogLevel||(e.LogLevel={}))[pr.Error=0]="Error",pr[pr.Warning=1]="Warning",pr[pr.Info=2]="Info",pr[pr.Verbose=3]="Verbose",pr[pr.Trace=4]="Trace";const mr=new Map;function fr(e,t){const r=Date.now();let n=mr.get(e);if(n)!function(e,t){mr.delete(e),mr.set(e,t)}(e,n);else if(n={logs:[],firstEventTime:r},mr.set(e,n),mr.size>50){const e=mr.keys().next().value;e&&mr.delete(e)}n.logs.push({...t,milliseconds:r-n.firstEventTime}),n.logs.length>500&&n.logs.shift()}class yr{constructor(t,r,n){this.level=e.LogLevel.Info;const o=t||yr.createDefaultLoggerOptions();this.localCallback=o.loggerCallback||(()=>{}),this.piiLoggingEnabled=o.piiLoggingEnabled||!1,this.level="number"==typeof o.logLevel?o.logLevel:e.LogLevel.Info,this.packageName=r||"",this.packageVersion=n||""}static createDefaultLoggerOptions(){return{loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info}}clone(e,t){return new yr({loggerCallback:this.localCallback,piiLoggingEnabled:this.piiLoggingEnabled,logLevel:this.level},e,t)}logMessage(t,r){const n=r.correlationId;if(function(e){if(6!==e.length)return!1;for(let t=0;t<e.length;t++){const r=e[t];if(!(r>="a"&&r<="z"||r>="A"&&r<="Z"||r>="0"&&r<="9"))return!1}return!0}(t)){fr(n,{hash:t,level:r.logLevel,containsPii:r.containsPii||!1,milliseconds:0})}if(r.logLevel>this.level||!this.piiLoggingEnabled&&r.containsPii)return;const o=`${`[${(new Date).toUTCString()}] : [${n}]`} : ${this.packageName}@${this.packageVersion} : ${e.LogLevel[r.logLevel]} - ${t}`;this.executeCallback(r.logLevel,o,r.containsPii||!1)}executeCallback(e,t,r){this.localCallback&&this.localCallback(e,t,r)}error(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!1,correlationId:r})}errorPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Error,containsPii:!0,correlationId:r})}warning(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!1,correlationId:r})}warningPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Warning,containsPii:!0,correlationId:r})}info(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!1,correlationId:r})}infoPii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Info,containsPii:!0,correlationId:r})}verbose(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!1,correlationId:r})}verbosePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Verbose,containsPii:!0,correlationId:r})}trace(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!1,correlationId:r})}tracePii(t,r){this.logMessage(t,{logLevel:e.LogLevel.Trace,containsPii:!0,correlationId:r})}isPiiLoggingEnabled(){return this.piiLoggingEnabled||!1}}const wr="@azure/msal-common",Ir="16.7.0",Cr={None:"none",AzurePublic:"https://login.microsoftonline.com",AzurePpe:"https://login.windows-ppe.net",AzureChina:"https://login.chinacloudapi.cn",AzureGermany:"https://login.microsoftonline.de",AzureUsGovernment:"https://login.microsoftonline.us"};function vr(e,t){return!!e&&!!t&&e===t.split(".")[1]}function kr(e,t,r,n){if(n){const{oid:t,sub:r,tid:o,name:i,tfp:s,acr:a,preferred_username:c,upn:h,login_hint:l}=n,d=o||s||a||"";return{tenantId:d,localAccountId:t||r||"",name:i,username:c||h||"",loginHint:l,isHomeTenant:vr(d,e),upn:h}}return{tenantId:r,localAccountId:t,username:"",isHomeTenant:vr(r,e)}}function Tr(e,t,r,n){let o=e;if(t){const{isHomeTenant:r,...n}=t;o={...e,...n}}if(r){const{isHomeTenant:t,...i}=kr(e.homeAccountId,e.localAccountId,e.tenantId,r);return o={...o,...i,idTokenClaims:r,idToken:n},o}return o}function br(e,t){const r=function(e){if(!e)throw Ae(Ze);const t=/^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(e);if(!t||t.length<4)throw Ae(Ye);return t[2]}(e);try{const e=t(r);return JSON.parse(e)}catch(e){throw Ae(Ye)}}function Ar(e){if(!e.signin_state)return!1;const t=["kmsi","dvc_dmjd"];return e.signin_state.some((e=>t.includes(e.trim().toLowerCase())))}function Sr(e,t){if(0===t||Date.now()-3e5>e+t)throw Ae(ct)}class _r{get urlString(){return this._urlString}constructor(e){if(this._urlString=e,!this._urlString)throw ke(Pe);e.includes("#")||(this._urlString=_r.canonicalizeUri(e))}static canonicalizeUri(e){if(e){let t=e.toLowerCase();return Te.endsWith(t,"?")?t=t.slice(0,-1):Te.endsWith(t,"?/")&&(t=t.slice(0,-2)),Te.endsWith(t,"/")||(t+="/"),t}return e}validateAsUri(){let e;try{e=this.getUrlComponents()}catch(e){throw ke(Ee)}if(!e.HostNameAndPort||!e.PathSegments)throw ke(Ee);if(!e.Protocol||"https:"!==e.Protocol.toLowerCase())throw ke(_e)}static appendQueryString(e,t){return t?e.indexOf("?")<0?`${e}?${t}`:`${e}&${t}`:e}static removeHashFromUrl(e){return _r.canonicalizeUri(e.split("#")[0])}replaceTenantPath(e){const t=this.getUrlComponents(),r=t.PathSegments;return!e||0===r.length||r[0]!==S&&r[0]!==_||(r[0]=e),_r.constructAuthorityUriFromObject(t)}getUrlComponents(){const e=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),t=this.urlString.match(e);if(!t)throw ke(Ee);const r={Protocol:t[1],HostNameAndPort:t[4],AbsolutePath:t[5],QueryString:t[7]};let n=r.AbsolutePath.split("/");return n=n.filter((e=>e&&e.length>0)),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(e){const t=RegExp("^([^:/?#]+://)?([^/?#]*)"),r=e.match(t);if(!r)throw ke(Ee);return r[2]}static getAbsoluteUrl(e,t){if("/"===e[0]){const r=new _r(t).getUrlComponents();return r.Protocol+"//"+r.HostNameAndPort+e}return e}static constructAuthorityUriFromObject(e){return new _r(e.Protocol+"//"+e.HostNameAndPort+"/"+e.PathSegments.join("/"))}}const Er={endpointMetadata:[{host:"login.microsoftonline.com"},{host:"login.chinacloudapi.cn",issuerHost:"login.partner.microsoftonline.cn"},{host:"login.microsoftonline.us"},{host:"login.sovcloud-identity.fr"},{host:"login.sovcloud-identity.de"},{host:"login.sovcloud-identity.sg"}].reduce(((e,{host:t,issuerHost:r})=>(e[t]=function(e,t){return{token_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/token`,jwks_uri:`https://${e}/{tenantid}/discovery/v2.0/keys`,issuer:`https://${t}/{tenantid}/v2.0`,authorization_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/authorize`,end_session_endpoint:`https://${e}/{tenantid}/oauth2/v2.0/logout`}}(t,r||t),e)),{}),instanceDiscoveryMetadata:{metadata:[{preferred_network:"login.microsoftonline.com",preferred_cache:"login.windows.net",aliases:["login.microsoftonline.com","login.windows.net","login.microsoft.com","sts.windows.net"]},{preferred_network:"login.partner.microsoftonline.cn",preferred_cache:"login.partner.microsoftonline.cn",aliases:["login.partner.microsoftonline.cn","login.chinacloudapi.cn"]},{preferred_network:"login.microsoftonline.de",preferred_cache:"login.microsoftonline.de",aliases:["login.microsoftonline.de"]},{preferred_network:"login.microsoftonline.us",preferred_cache:"login.microsoftonline.us",aliases:["login.microsoftonline.us","login.usgovcloudapi.net"]},{preferred_network:"login-us.microsoftonline.com",preferred_cache:"login-us.microsoftonline.com",aliases:["login-us.microsoftonline.com"]},{preferred_network:"login.sovcloud-identity.fr",preferred_cache:"login.sovcloud-identity.fr",aliases:["login.sovcloud-identity.fr"]},{preferred_network:"login.sovcloud-identity.de",preferred_cache:"login.sovcloud-identity.de",aliases:["login.sovcloud-identity.de"]},{preferred_network:"login.sovcloud-identity.sg",preferred_cache:"login.sovcloud-identity.sg",aliases:["login.sovcloud-identity.sg"]},{preferred_network:"login.windows-ppe.net",preferred_cache:"login.windows-ppe.net",aliases:["login.windows-ppe.net","sts.windows-ppe.net","login.microsoft-ppe.com"]}]}},Pr=Er.endpointMetadata,Rr=Er.instanceDiscoveryMetadata,Or=new Set;function Mr(e,t,r,n,o){if(e.trace("1bmquz",t),r&&n){const o=xr(n,r);if(o)return e.trace("1fotbt",t),o.aliases;e.trace("14avvj",t)}return null}function xr(e,t){for(let r=0;r<e.length;r++){const n=e[r];if(n.aliases.includes(t))return n}return null}Rr.metadata.forEach((e=>{e.aliases.forEach((e=>{Or.add(e)}))}));const qr="cache_quota_exceeded";class Nr extends Error{constructor(e,t){const r=t||we(e);super(r),Object.setPrototypeOf(this,Nr.prototype),this.name="CacheError",this.errorCode=e,this.errorMessage=r}}function Ur(e){return e instanceof Error?"QuotaExceededError"===e.name||"NS_ERROR_DOM_QUOTA_REACHED"===e.name||e.message.includes("exceeded the quota")?new Nr(qr):new Nr(e.name,e.message):new Nr("cache_error_unknown")}function Lr(e,t){if(!e)throw Ae(Ve);try{const r=t(e);return JSON.parse(r)}catch(e){throw Ae(Qe)}}function Hr(e){if(!e)throw Ae(Qe);const t=e.split(".",2);return{uid:t[0],utid:t.length<2?"":t[1]}}const Fr=0,Dr=1,Kr=2,Br=3;function zr(e){if(e){return e.tid||e.tfp||e.acr||null}return null}const jr={AAD:"AAD",OIDC:"OIDC",EAR:"EAR"};function $r(e){const t=e.tenantProfiles||[];return 0===t.length&&e.realm&&e.localAccountId&&t.push(kr(e.homeAccountId,e.localAccountId,e.realm)),{homeAccountId:e.homeAccountId,environment:e.environment,tenantId:e.realm,username:e.username,localAccountId:e.localAccountId,loginHint:e.loginHint,name:e.name,nativeAccountId:e.nativeAccountId,authorityType:e.authorityType,tenantProfiles:new Map(t.map((e=>[e.tenantId,e]))),dataBoundary:e.dataBoundary}}function Jr(e,t,r){const n=Array.from(e.tenantProfiles?.values()||[]);return 0===n.length&&e.tenantId&&e.localAccountId&&n.push(kr(e.homeAccountId,e.localAccountId,e.tenantId,e.idTokenClaims)),{authorityType:e.authorityType||L,homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,nativeAccountId:e.nativeAccountId,realm:e.tenantId,environment:e.environment,username:e.username,loginHint:e.loginHint,name:e.name,cloudGraphHostName:t,msGraphHost:r,tenantProfiles:n,dataBoundary:e.dataBoundary}}function Wr(e,t,r,n,o,i){if(t!==Dr&&t!==Kr){if(e)try{const t=Lr(e,n.base64Decode);if(t.uid&&t.utid)return`${t.uid}.${t.utid}`}catch(e){}r.warning("1ub6wv",o)}return i?.sub||""}class Gr{constructor(e,t,r,n,o){this.clientId=e,this.cryptoImpl=t,this.commonLogger=r.clone(wr,Ir),this.staticAuthorityOptions=o,this.performanceClient=n}getAllAccounts(e={},t){return this.buildTenantProfiles(this.getAccountsFilteredBy(e,t),t,e)}getAccountInfoFilteredBy(e,t){if(0===Object.keys(e).length||Object.values(e).every((e=>null==e||""===e)))return this.commonLogger.warning("1skb02",t),null;const r=this.getAllAccounts(e,t);if(r.length>1){return r.sort(((e,t)=>{const r=e.idTokenClaims?1:0;return(t.idTokenClaims?1:0)-r}))[0]}return 1===r.length?r[0]:null}getBaseAccountInfo(e,t){const r=this.getAccountsFilteredBy(e,t);return r.length>0?$r(r[0]):null}buildTenantProfiles(e,t,r){return e.flatMap((e=>this.getTenantProfilesFromAccountEntity(e,t,r?.tenantId,r)))}getTenantedAccountInfoByFilter(e,t,r,n,o){let i,s=null;if(o&&!this.tenantProfileMatchesFilter(r,o))return null;const a=this.getIdToken(e,n,t,r.tenantId);return a&&(i=br(a.secret,this.cryptoImpl.base64Decode),!this.idTokenClaimsMatchTenantProfileFilter(i,o))?null:(s=Tr(e,r,i,a?.secret),s)}getTenantProfilesFromAccountEntity(e,t,r,n){const o=$r(e);let i=o.tenantProfiles||new Map;const s=this.getTokenKeys();if(r){const e=i.get(r);if(!e)return[];i=new Map([[r,e]])}const a=[];return i.forEach((e=>{const r=this.getTenantedAccountInfoByFilter(o,s,e,t,n);r&&a.push(r)})),a}tenantProfileMatchesFilter(e,t){return!(t.localAccountId&&!this.matchLocalAccountIdFromTenantProfile(e,t.localAccountId))&&((!t.name||e.name===t.name)&&((void 0===t.isHomeTenant||e.isHomeTenant===t.isHomeTenant)&&(!(t.username&&!this.matchUsername(e.username,t.username)&&!this.matchUsername(e.upn,t.username))&&(!(t.loginHint&&!this.matchLoginHintWithTenantProfile(e,t.loginHint))&&(!t.upn||e.upn===t.upn)))))}idTokenClaimsMatchTenantProfileFilter(e,t){if(t){if(t.localAccountId&&!this.matchLocalAccountIdFromTokenClaims(e,t.localAccountId))return!1;if(t.loginHint&&!this.matchLoginHintFromTokenClaims(e,t.loginHint))return!1;if(t.username&&!this.matchUsername(e.preferred_username,t.username)&&!this.matchUsername(e.upn,t.username))return!1;if(t.name&&!this.matchName(e,t.name))return!1;if(t.sid&&!this.matchSid(e,t.sid))return!1}return!0}async saveCacheRecord(e,t,r,n,o){if(!e)throw Ae(mt);try{e.account&&await this.setAccount(e.account,t,r,n),e.idToken&&!1!==o?.idToken&&await this.setIdTokenCredential(e.idToken,t,r),e.accessToken&&!1!==o?.accessToken&&await this.saveAccessToken(e.accessToken,t,r),e.refreshToken&&!1!==o?.refreshToken&&await this.setRefreshTokenCredential(e.refreshToken,t,r),e.appMetadata&&this.setAppMetadata(e.appMetadata,t)}catch(e){throw this.commonLogger?.error("0j476p",t),e instanceof Ie?e:Ur(e)}}async saveAccessToken(e,t,r){const n={clientId:e.clientId,credentialType:e.credentialType,environment:e.environment,homeAccountId:e.homeAccountId,realm:e.realm,tokenType:e.tokenType},o=this.getTokenKeys(),i=Mt.fromString(e.target);o.accessToken.forEach((e=>{if(!this.accessTokenKeyMatchesFilter(e,n,!1))return;const r=this.getAccessTokenCredential(e,t);if(r&&this.credentialMatchesFilter(r,n,t)){Mt.fromString(r.target).intersectingScopeSets(i)&&this.removeAccessToken(e,t)}})),await this.setAccessTokenCredential(e,t,r)}getAccountsFilteredBy(e,t){const r=this.getAccountKeys(),n=[];return r.forEach((r=>{const o=this.getAccount(r,t);if(!o)return;if(e.homeAccountId&&!this.matchHomeAccountId(o,e.homeAccountId))return;if(e.environment&&!this.matchEnvironment(o,e.environment,t))return;if(e.realm&&!this.matchRealm(o,e.realm))return;if(e.nativeAccountId&&!this.matchNativeAccountId(o,e.nativeAccountId))return;if(e.authorityType&&!this.matchAuthorityType(o,e.authorityType))return;const i={localAccountId:e?.localAccountId,name:e?.name,username:e?.username,loginHint:e?.loginHint,upn:e?.upn},s=o.tenantProfiles?.filter((e=>this.tenantProfileMatchesFilter(e,i)));s&&0===s.length||n.push(o)})),n}credentialMatchesFilter(e,t,r){if(t.clientId&&!this.matchClientId(e,t.clientId))return!1;if(t.userAssertionHash&&!this.matchUserAssertionHash(e,t.userAssertionHash))return!1;if("string"==typeof t.homeAccountId&&!this.matchHomeAccountId(e,t.homeAccountId))return!1;if(t.environment&&!this.matchEnvironment(e,t.environment,r))return!1;if(t.realm&&!this.matchRealm(e,t.realm))return!1;if(t.credentialType&&!this.matchCredentialType(e,t.credentialType))return!1;if(t.familyId&&!this.matchFamilyId(e,t.familyId))return!1;if(t.target&&!this.matchTarget(e,t.target))return!1;if(e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME){if(t.tokenType&&!this.matchTokenType(e,t.tokenType))return!1;if(t.tokenType===Q.SSH&&t.keyId&&!this.matchKeyId(e,t.keyId))return!1}return!0}getAppMetadataFilteredBy(e,t){const r=this.getKeys(),n={};return r.forEach((r=>{if(!this.isAppMetadata(r))return;const o=this.getAppMetadata(r,t);o&&(e.environment&&!this.matchEnvironment(o,e.environment,t)||e.clientId&&!this.matchClientId(o,e.clientId)||(n[r]=o))})),n}getAuthorityMetadataByAlias(e,t){const r=this.getAuthorityMetadataKeys();let n=null;return r.forEach((r=>{if(!this.isAuthorityMetadata(r)||-1===r.indexOf(this.clientId))return;const o=this.getAuthorityMetadata(r,t);o&&-1!==o.aliases.indexOf(e)&&(n=o)})),n}removeAllAccounts(e){this.getAllAccounts({},e).forEach((t=>{this.removeAccount(t,e)}))}removeAccount(e,t){this.removeAccountContext(e,t);this.getAccountKeys().filter((t=>t.includes(e.homeAccountId)&&t.includes(e.environment))).forEach((e=>{this.removeItem(e,t),this.performanceClient.incrementFields({accountsRemoved:1},t)}))}removeAccountContext(e,t){const r=this.getTokenKeys(),n=t=>t.includes(e.homeAccountId)&&t.includes(e.environment);r.idToken.filter(n).forEach((e=>{this.removeIdToken(e,t)})),r.accessToken.filter(n).forEach((e=>{this.removeAccessToken(e,t)})),r.refreshToken.filter(n).forEach((e=>{this.removeRefreshToken(e,t)}))}removeAccessToken(e,t){const r=this.getAccessTokenCredential(e,t);if(r&&(this.removeItem(e,t),this.performanceClient.incrementFields({accessTokensRemoved:1},t),r.credentialType.toLowerCase()===H.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()&&r.tokenType===Q.POP)){const e=r.keyId;e&&this.cryptoImpl.removeTokenBindingKey(e,t).catch((()=>{this.commonLogger.error("0cx291",t),this.performanceClient?.incrementFields({removeTokenBindingKeyFailure:1},t)}))}}removeAppMetadata(e){return this.getKeys().forEach((t=>{this.isAppMetadata(t)&&this.removeItem(t,e)})),!0}getIdToken(e,t,r,n){this.commonLogger.trace("1drz22",t);const o={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.ID_TOKEN,clientId:this.clientId,realm:n},i=this.getIdTokensByFilter(o,t,r),s=i.size;if(s<1)return this.commonLogger.info("1atvtd",t),null;if(s>1){let r=i;if(!n){const n=new Map;i.forEach(((t,r)=>{t.realm===e.tenantId&&n.set(r,t)}));const o=n.size;if(o<1)return this.commonLogger.info("0ooalx",t),i.values().next().value??null;if(1===o)return this.commonLogger.info("1eq2vc",t),n.values().next().value??null;r=n}return this.commonLogger.info("1ws328",t),r.forEach(((e,r)=>{this.removeIdToken(r,t)})),this.performanceClient.addFields({multiMatchedID:i.size},t),null}return this.commonLogger.info("1sm769",t),i.values().next().value??null}getIdTokensByFilter(e,t,r){const n=r&&r.idToken||this.getTokenKeys().idToken,o=new Map;return n.forEach((r=>{if(!this.idTokenKeyMatchesFilter(r,{clientId:this.clientId,...e}))return;const n=this.getIdTokenCredential(r,t);n&&this.credentialMatchesFilter(n,e,t)&&o.set(r,n)})),o}idTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.clientId||-1!==r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase()))}removeIdToken(e,t){this.removeItem(e,t)}removeRefreshToken(e,t){this.removeItem(e,t)}getAccessToken(e,t,r,n){const o=t.correlationId;this.commonLogger.trace("1t7hz1",o);const i=Mt.createSearchScopes(t.scopes),s=t.authenticationScheme||Q.BEARER,a=s&&s.toLowerCase()!==Q.BEARER.toLowerCase()?H.ACCESS_TOKEN_WITH_AUTH_SCHEME:H.ACCESS_TOKEN,c={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:a,clientId:this.clientId,realm:n||e.tenantId,target:i,tokenType:s,keyId:t.sshKid},h=r&&r.accessToken||this.getTokenKeys().accessToken,l=[];h.forEach((e=>{if(this.accessTokenKeyMatchesFilter(e,c,!0)){const t=this.getAccessTokenCredential(e,o);t&&this.credentialMatchesFilter(t,c,o)&&l.push(t)}}));const d=l.length;return d<1?(this.commonLogger.info("1nckna",o),null):d>1?(this.commonLogger.info("1wkfwp",o),l.forEach((e=>{this.removeAccessToken(this.generateCredentialKey(e),o)})),this.performanceClient.addFields({multiMatchedAT:l.length},o),null):(this.commonLogger.info("06yt98",o),l[0])}accessTokenKeyMatchesFilter(e,t,r){const n=e.toLowerCase();if(t.clientId&&-1===n.indexOf(t.clientId.toLowerCase()))return!1;if(t.homeAccountId&&-1===n.indexOf(t.homeAccountId.toLowerCase()))return!1;if(t.realm&&-1===n.indexOf(t.realm.toLowerCase()))return!1;if(t.target){const e=t.target.asArray();for(let t=0;t<e.length;t++){if(r&&!n.includes(e[t].toLowerCase()))return!1;if(!r&&n.includes(e[t].toLowerCase()))return!0}}return!0}getAccessTokensByFilter(e,t){const r=this.getTokenKeys(),n=[];return r.accessToken.forEach((r=>{if(!this.accessTokenKeyMatchesFilter(r,e,!0))return;const o=this.getAccessTokenCredential(r,t);o&&this.credentialMatchesFilter(o,e,t)&&n.push(o)})),n}getRefreshToken(e,t,r,n){this.commonLogger.trace("0x53vi",r);const o=t?D:void 0,i={homeAccountId:e.homeAccountId,environment:e.environment,credentialType:H.REFRESH_TOKEN,clientId:this.clientId,familyId:o},s=n&&n.refreshToken||this.getTokenKeys().refreshToken,a=[];s.forEach((e=>{if(this.refreshTokenKeyMatchesFilter(e,i)){const t=this.getRefreshTokenCredential(e,r);t&&this.credentialMatchesFilter(t,i,r)&&a.push(t)}}));const c=a.length;return c<1?(this.commonLogger.info("0dlw11",r),null):(c>1&&this.performanceClient.addFields({multiMatchedRT:c},r),this.commonLogger.info("0wcnep",r),a[0])}refreshTokenKeyMatchesFilter(e,t){const r=e.toLowerCase();return(!t.familyId||-1!==r.indexOf(t.familyId.toLowerCase()))&&(!(!t.familyId&&t.clientId&&-1===r.indexOf(t.clientId.toLowerCase()))&&(!t.homeAccountId||-1!==r.indexOf(t.homeAccountId.toLowerCase())))}readAppMetadataFromCache(e,t){const r={environment:e,clientId:this.clientId},n=this.getAppMetadataFilteredBy(r,t),o=Object.keys(n).map((e=>n[e])),i=o.length;if(i<1)return null;if(i>1)throw Ae(ht);return o[0]}isAppMetadataFOCI(e,t){const r=this.readAppMetadataFromCache(e,t);return!(!r||r.familyId!==D)}matchHomeAccountId(e,t){return!("string"!=typeof e.homeAccountId||t!==e.homeAccountId)}matchLocalAccountIdFromTokenClaims(e,t){return t===(e.oid||e.sub)}matchLocalAccountIdFromTenantProfile(e,t){return e.localAccountId===t}matchName(e,t){return!(t.toLowerCase()!==e.name?.toLowerCase())}matchUsername(e,t){return!(!e||"string"!=typeof e||t?.toLowerCase()!==e.toLowerCase())}matchLoginHintWithTenantProfile(e,t){return e.loginHint===t||e.username===t||e.upn===t}matchUserAssertionHash(e,t){return!(!e.userAssertionHash||t!==e.userAssertionHash)}matchEnvironment(e,t,r){if(this.staticAuthorityOptions){const n=function(e,t,r){let n;const o=e.canonicalAuthority;if(o){const i=new _r(o).getUrlComponents().HostNameAndPort;n=Mr(t,r,i,e.cloudDiscoveryMetadata?.metadata)||Mr(t,r,i,Rr.metadata)||e.knownAuthorities}return n||[]}(this.staticAuthorityOptions,this.commonLogger,r);if(n.includes(t)&&n.includes(e.environment))return!0}const n=this.getAuthorityMetadataByAlias(t,r);return!!(n&&n.aliases.indexOf(e.environment)>-1)}matchCredentialType(e,t){return e.credentialType&&t.toLowerCase()===e.credentialType.toLowerCase()}matchClientId(e,t){return!(!e.clientId||t!==e.clientId)}matchFamilyId(e,t){return!(!e.familyId||t!==e.familyId)}matchRealm(e,t){return!(e.realm?.toLowerCase()!==t.toLowerCase())}matchNativeAccountId(e,t){return!(!e.nativeAccountId||t!==e.nativeAccountId)}matchLoginHintFromTokenClaims(e,t){return e.login_hint===t||(e.preferred_username===t||(e.upn===t||!(!e.emails||!e.emails.includes(t))))}matchSid(e,t){return e.sid===t}matchAuthorityType(e,t){return!(!e.authorityType||t.toLowerCase()!==e.authorityType.toLowerCase())}matchTarget(e,t){if(e.credentialType!==H.ACCESS_TOKEN&&e.credentialType!==H.ACCESS_TOKEN_WITH_AUTH_SCHEME||!e.target)return!1;return Mt.fromString(e.target).containsScopeSet(t)}matchTokenType(e,t){return!(!e.tokenType||e.tokenType!==t)}matchKeyId(e,t){return!(!e.keyId||e.keyId!==t)}isAppMetadata(e){return-1!==e.indexOf(F)}isAuthorityMetadata(e){return-1!==e.indexOf(K)}generateAuthorityMetadataCacheKey(e){return`${K}-${this.clientId}-${e}`}static toObject(e,t){for(const r in t)e[r]=t[r];return e}}class Qr extends Gr{async setAccount(){throw Ae(_t)}getAccount(){throw Ae(_t)}async setIdTokenCredential(){throw Ae(_t)}getIdTokenCredential(){throw Ae(_t)}async setAccessTokenCredential(){throw Ae(_t)}getAccessTokenCredential(){throw Ae(_t)}async setRefreshTokenCredential(){throw Ae(_t)}getRefreshTokenCredential(){throw Ae(_t)}setAppMetadata(){throw Ae(_t)}getAppMetadata(){throw Ae(_t)}setServerTelemetry(){throw Ae(_t)}getServerTelemetry(){throw Ae(_t)}setAuthorityMetadata(){throw Ae(_t)}getAuthorityMetadata(){throw Ae(_t)}getAuthorityMetadataKeys(){throw Ae(_t)}setThrottlingCache(){throw Ae(_t)}getThrottlingCache(){throw Ae(_t)}removeItem(){throw Ae(_t)}getKeys(){throw Ae(_t)}getAccountKeys(){throw Ae(_t)}getTokenKeys(){throw Ae(_t)}generateCredentialKey(){throw Ae(_t)}generateAccountKey(){throw Ae(_t)}}const Vr=1,Yr=2,Zr="ext.",Xr=new Set(["accessTokenSize","durationMs","idTokenSize","matsSilentStatus","matsHttpStatus","refreshTokenSize","startTimeMs","status","multiMatchedAT","multiMatchedID","multiMatchedRT","unencryptedCacheCount","encryptedCacheExpiredCount","oldAccountCount","oldAccessCount","oldIdCount","oldRefreshCount","currAccountCount","currAccessCount","currIdCount","currRefreshCount","expiredCacheRemovedCount","upgradedCacheCount","cacheMatchedAccounts","networkRtt","redirectBridgeTimeoutMs","redirectBridgeMessageVersion"]);class en{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:Vr,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""}}}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}const tn={tokenRenewalOffsetSeconds:300,preventCorsPreflight:!1},rn={loggerCallback:()=>{},piiLoggingEnabled:!1,logLevel:e.LogLevel.Info,correlationId:""},nn={async sendGetRequestAsync(){throw Ae(_t)},async sendPostRequestAsync(){throw Ae(_t)}},on={sku:"msal.js.common",version:Ir,cpu:"",os:""},sn={clientSecret:"",clientAssertion:void 0},an={azureCloudInstance:Cr.None,tenant:`${r}`},cn={application:{appName:"",appVersion:""}};function hn({authOptions:e,systemOptions:t,loggerOptions:r,storageInterface:n,networkInterface:o,cryptoInterface:i,clientCredentials:s,libraryInfo:a,telemetry:c,serverTelemetryManager:h,persistencePlugin:l,serializableCache:d}){const u={...rn,...r};return{authOptions:(g=e,{clientCapabilities:[],azureCloudOptions:an,instanceAware:!1,isMcp:!1,...g}),systemOptions:{...tn,...t},loggerOptions:u,storageInterface:n||new Qr(e.clientId,gr,new yr(u),new en),networkInterface:o||nn,cryptoInterface:i||gr,clientCredentials:s||sn,libraryInfo:{...on,...a},telemetry:{...cn,...c},serverTelemetryManager:h||null,persistencePlugin:l||null,serializableCache:d||null};var g}function ln(e){return e.authOptions.authority.options.protocolMode===jr.OIDC}class dn{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}function un(){return Math.round((new Date).getTime()/1e3)}function gn(e){return e.getTime()/1e3}function pn(e){return e?new Date(1e3*Number(e)):new Date}function mn(e,t){const r=Number(e)||0;return un()+t>r}function fn(e,t){const r=Number(e)+24*t*60*60*1e3;return Date.now()>r}function yn(e){return Number(e)>un()}function wn(e,t,r,n,o){return{credentialType:H.ID_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,realm:o,lastUpdatedAt:Date.now().toString()}}function In(e,t,r,n,o,i,s,a,c,h,l,d,u){const g={homeAccountId:e,credentialType:H.ACCESS_TOKEN,secret:r,cachedAt:un().toString(),expiresOn:s.toString(),extendedExpiresOn:a.toString(),environment:t,clientId:n,realm:o,target:i,tokenType:l||Q.BEARER,lastUpdatedAt:Date.now().toString()};if(d&&(g.userAssertionHash=d),h&&(g.refreshOn=h.toString()),g.tokenType?.toLowerCase()!==Q.BEARER.toLowerCase())switch(g.credentialType=H.ACCESS_TOKEN_WITH_AUTH_SCHEME,g.tokenType){case Q.POP:const e=br(r,c);if(!e?.cnf?.kid)throw Ae(Ct);g.keyId=e.cnf.kid;break;case Q.SSH:g.keyId=u}return g}function Cn(e,t,r,n,o,i,s){const a={credentialType:H.REFRESH_TOKEN,homeAccountId:e,environment:t,clientId:n,secret:r,lastUpdatedAt:Date.now().toString()};return i&&(a.userAssertionHash=i),o&&(a.familyId=o),s&&(a.expiresOn=s.toString()),a}function vn(e){return e.hasOwnProperty("homeAccountId")&&e.hasOwnProperty("environment")&&e.hasOwnProperty("credentialType")&&e.hasOwnProperty("clientId")&&e.hasOwnProperty("secret")}function kn(e){return!!e&&(vn(e)&&e.hasOwnProperty("realm")&&e.hasOwnProperty("target")&&(e.credentialType===H.ACCESS_TOKEN||e.credentialType===H.ACCESS_TOKEN_WITH_AUTH_SCHEME))}function Tn(e){return!!e&&(vn(e)&&e.credentialType===H.REFRESH_TOKEN)}function bn(){return un()+86400}function An(e,t,r){e.authorization_endpoint=t.authorization_endpoint,e.token_endpoint=t.token_endpoint,e.end_session_endpoint=t.end_session_endpoint,e.issuer=t.issuer,e.endpointsFromNetwork=r,e.jwks_uri=t.jwks_uri}function Sn(e,t,r){e.aliases=t.aliases,e.preferred_cache=t.preferred_cache,e.preferred_network=t.preferred_network,e.aliasesFromNetwork=r}function _n(e){return e.expiresAt<=un()}const En="networkClientSendPostRequestAsync",Pn="refreshTokenClientAcquireTokenWithCachedRefreshToken",Rn="getAuthCodeUrl",On="handleCodeResponseFromServer",Mn="popTokenGenerateCnf",xn="handleServerTokenResponse",qn="authorityUpdateMetadataWithRegionalInformation",Nn="regionDiscoveryGetRegionFromIMDS",Un=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);o&&n.incrementFields({[`ext.${t}CallCount`]:1},o);try{const t=e(...i);return s.end({success:!0}),r.trace("1g8n6a",o),t}catch(e){r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}},Ln=(e,t,r,n,o)=>(...i)=>{r.trace("1plfzx",o);const s=n.startMeasurement(t,o);return o&&n.incrementFields({[`ext.${t}CallCount`]:1},o),e(...i).then((e=>(r.trace("1g8n6a",o),s.end({success:!0}),e))).catch((e=>{r.trace("0cfd8i",o);try{r.trace(JSON.stringify(e),o)}catch(e){r.trace("00dty7",o)}throw s.end({success:!1},e),e}))},Hn="sw";class Fn{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){const r=await Ln(this.generateKid.bind(this),Mn,t,this.performanceClient,e.correlationId)(e),n=this.cryptoUtils.base64UrlEncode(JSON.stringify(r));return{kid:r.kid,reqCnfString:n}}async generateKid(e){return{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:Hn}}async signPopToken(e,t,r){return this.signPayload(e,t,r)}async signPayload(e,t,r,n){const{resourceRequestMethod:o,resourceRequestUri:i,shrClaims:s,shrNonce:a,shrOptions:c}=r,h=i?new _r(i):void 0,l=h?.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:un(),m:o?.toUpperCase(),u:l?.HostNameAndPort,nonce:a||this.cryptoUtils.createNewGuid(),p:l?.AbsolutePath,q:l?.QueryString?[[],l.QueryString]:void 0,client_claims:s||void 0,...n},t,c,r.correlationId)}}const Dn="no_tokens_found",Kn="native_account_unavailable",Bn="refresh_token_expired",zn="ui_not_allowed",jn="interaction_required",$n="consent_required",Jn="login_required",Wn="bad_token",Gn="interrupted_user";var Qn=Object.freeze({__proto__:null,badToken:Wn,consentRequired:$n,interactionRequired:jn,interruptedUser:Gn,loginRequired:Jn,nativeAccountUnavailable:Kn,noTokensFound:Dn,refreshTokenExpired:Bn,uiNotAllowed:zn});const Vn=[jn,$n,Jn,Wn,zn,Gn],Yn=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token","ui_not_allowed","interrupted_user"];class Zn extends Ie{constructor(e,t,r,n,o,i,s,a){super(e,t,r),Object.setPrototypeOf(this,Zn.prototype),this.timestamp=n||"",this.traceId=o||"",this.correlationId=i||"",this.claims=s||"",this.name="InteractionRequiredAuthError",this.errorNo=a}}function Xn(e,t,r){const n=!!e&&Vn.indexOf(e)>-1,o=!!r&&Yn.indexOf(r)>-1,i=!!t&&Vn.some((e=>t.indexOf(e)>-1));return n||i||o}function eo(e,t){return new Zn(e,t)}class to extends Ie{constructor(e,t,r,n,o){super(e,t,r),this.name="ServerError",this.errorNo=n,this.status=o,Object.setPrototypeOf(this,to.prototype)}}function ro(e,t,r){const n=function(e,t){if(!e)throw Ae(wt);const r={id:e.createNewGuid()};t&&(r.meta=t);const n=JSON.stringify(r);return e.base64Encode(n)}(e,r);return t?`${n}|${t}`:n}function no(e,t){if(!e)throw Ae(wt);if(!t)throw Ae(nt);try{const r=t.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",i=e(n);return{userRequestState:o||"",libraryState:JSON.parse(i)}}catch(e){throw Ae(nt)}}class oo{constructor(e,t,r,n,o,i,s){this.clientId=e,this.cacheStorage=t,this.cryptoObj=r,this.logger=n,this.performanceClient=o,this.serializableCache=i,this.persistencePlugin=s}validateTokenResponse(e,t,r){if(e.error||e.error_description||e.suberror){const n=`Error(s): ${e.error_codes||l} - Timestamp: ${e.timestamp||l} - Description: ${e.error_description||l} - Correlation ID: ${e.correlation_id||l} - Trace ID: ${e.trace_id||l}`,o=e.error_codes?.length?e.error_codes[0]:void 0,i=new to(e.error,n,e.suberror,o,e.status);if(r&&e.status&&e.status>=500&&e.status<=599)return void this.logger.warning("16ks7j",t);if(r&&e.status&&e.status>=400&&e.status<=499)return void this.logger.warning("0g61x3",t);if(Xn(e.error,e.error_description,e.suberror))throw new Zn(e.error,e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",o);throw i}}async handleServerTokenResponse(e,t,r,n,o,i,s,a,c,h){let l,d;if(e.id_token){if(l=br(e.id_token||"",this.cryptoObj.base64Decode),i&&i.nonce&&l.nonce!==i.nonce)throw Ae(st);if(n.maxAge||0===n.maxAge){const e=l.auth_time;if(!e)throw Ae(at);Sr(e,n.maxAge)}}this.homeAccountIdentifier=Wr(e.client_info||"",t.authorityType,this.logger,this.cryptoObj,n.correlationId,l),i&&i.state&&(d=no(this.cryptoObj.base64Decode,i.state)),e.key_id=e.key_id||n.sshKid||void 0;const u=this.generateCacheRecord(e,t,r,n,l,s,i);let g;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("0jbz5k",n.correlationId),g=new dn(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(g)),a&&!c&&u.account){if(this.cacheStorage.getAllAccounts({homeAccountId:u.account.homeAccountId,environment:u.account.environment},n.correlationId).length<1)return this.logger.warning("1gmt66",n.correlationId),this.performanceClient?.addFields({acntLoggedOut:!0},n.correlationId),await oo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,void 0,h)}await this.cacheStorage.saveCacheRecord(u,n.correlationId,Ar(l||{}),o,n.storeInCache)}finally{this.persistencePlugin&&this.serializableCache&&g&&(this.logger.verbose("1bh17u",n.correlationId),await this.persistencePlugin.afterCacheAccess(g))}return oo.generateAuthenticationResult(this.cryptoObj,t,u,!1,n,this.performanceClient,l,d,e,h)}generateCacheRecord(e,t,r,n,o,i,s){const a=t.getPreferredCache();if(!a)throw Ae(ft);const c=zr(o);let h,l;e.id_token&&o&&(h=wn(this.homeAccountIdentifier,a,e.id_token,this.clientId,c||""),l=io(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,n.correlationId,o,e.client_info,a,c,s,void 0,this.logger,this.performanceClient));let d=null;if(e.access_token){const o=e.scope?Mt.fromString(e.scope):new Mt(n.scopes||[]),s=("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0,h=("string"==typeof e.ext_expires_in?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,l=("string"==typeof e.refresh_in?parseInt(e.refresh_in,10):e.refresh_in)||void 0,u=r+s,g=u+h,p=l&&l>0?r+l:void 0;d=In(this.homeAccountIdentifier,a,e.access_token,this.clientId,c||t.tenant||"",o.printScopes(),u,g,this.cryptoObj.base64Decode,p,e.token_type,i,e.key_id);const m=n.resource||null;m&&(d.resource=m)}let u=null;if(e.refresh_token){let t;if(e.refresh_token_expires_in){t=r+("string"==typeof e.refresh_token_expires_in?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in),this.performanceClient?.addFields({ntwkRtExpiresOnSeconds:t},n.correlationId)}u=Cn(this.homeAccountIdentifier,a,e.refresh_token,this.clientId,e.foci,i,t)}let g=null;return e.foci&&(g={clientId:this.clientId,environment:a,familyId:e.foci}),{account:l,idToken:h,accessToken:d,refreshToken:u,appMetadata:g}}static async generateAuthenticationResult(e,t,r,n,o,i,s,a,c,h){let l,d,u="",g=[],p=null,m="";if(r.accessToken){if(r.accessToken.tokenType!==Q.POP||o.popKid)u=r.accessToken.secret;else{const t=new Fn(e,i),{secret:n,keyId:s}=r.accessToken;if(!s)throw Ae(bt);u=await t.signPopToken(n,s,o)}g=Mt.fromString(r.accessToken.target).asArray(),p=pn(r.accessToken.expiresOn),l=pn(r.accessToken.extendedExpiresOn),r.accessToken.refreshOn&&(d=pn(r.accessToken.refreshOn))}r.appMetadata&&(m=r.appMetadata.familyId===D?D:"");const f=s?.oid||s?.sub||"",y=s?.tid||"";c?.spa_accountid&&r.account&&(r.account.nativeAccountId=c?.spa_accountid);const w=r.account?Tr($r(r.account),void 0,s,r.idToken?.secret):null;return{authority:t.canonicalAuthority,uniqueId:f,tenantId:y,scopes:g,account:w,idToken:r?.idToken?.secret||"",idTokenClaims:s||{},accessToken:u,fromCache:n,expiresOn:p,extExpiresOn:l,refreshOn:d,correlationId:o.correlationId,requestId:h||"",familyId:m,tokenType:r.accessToken?.tokenType||"",state:a?a.userRequestState:"",cloudGraphHostName:r.account?.cloudGraphHostName||"",msGraphHost:r.account?.msGraphHost||"",code:c?.spa_code,fromPlatformBroker:!1}}}function io(e,t,r,n,o,i,s,a,c,h,l,d,u){d?.verbose("09jz0t",o);const g=a||t.getPreferredCache(),p=e.getAccountsFilteredBy({homeAccountId:r,environment:g},o);u?.addFields({cacheMatchedAccounts:p.length},o),p.length>1&&d?.warning("0x7ad1",o);const m=(1===p.length?p[0]:null)||function(e,t,r){let n,o,i;n=t.authorityType===Dr?"ADFS":t.protocolMode===jr.OIDC?L:"MSSTS",e.clientInfo&&r&&(o=Lr(e.clientInfo,r),o.xms_tdbr&&(i="EU"===o.xms_tdbr?"EU":"None"));const s=e.environment||t&&t.getPreferredCache();if(!s)throw Ae(ft);const a=e.idTokenClaims?.preferred_username||e.idTokenClaims?.upn,c=e.idTokenClaims?.emails?e.idTokenClaims.emails[0]:null,h=a||c||"",l=e.idTokenClaims?.login_hint,d=o?.utid||zr(e.idTokenClaims)||"",u=o?.uid||e.idTokenClaims?.oid||e.idTokenClaims?.sub||"";let g;g=e.tenantProfiles?e.tenantProfiles:[kr(e.homeAccountId,u,d,e.idTokenClaims)];return{homeAccountId:e.homeAccountId,environment:s,realm:d,localAccountId:u,username:h,authorityType:n,loginHint:l,clientInfo:e.clientInfo,name:e.idTokenClaims?.name||"",lastModificationTime:void 0,lastModificationApp:void 0,cloudGraphHostName:e.cloudGraphHostName,msGraphHost:e.msGraphHost,nativeAccountId:e.nativeAccountId,tenantProfiles:g,dataBoundary:i}}({homeAccountId:r,idTokenClaims:i,clientInfo:s,environment:a,cloudGraphHostName:h?.cloud_graph_host_name,msGraphHost:h?.msgraph_host,nativeAccountId:l},t,n),f=m.tenantProfiles||[],y=c||m.realm;if(y&&!f.find((e=>e.tenantId===y))){const e=kr(r,m.localAccountId,y,i);f.push(e)}return m.tenantProfiles=f,m}const so="home_account_id",ao="UPN";async function co(e,t,r){if("string"==typeof e)return e;return e({clientId:t,tokenEndpoint:r})}function ho(e,t,r){return{clientId:e,authority:t.authority,scopes:t.scopes,homeAccountIdentifier:r,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid,embeddedClientId:t.embeddedClientId||t.extraParameters?.clientId}}class lo{static generateThrottlingStorageKey(e){return`${V}.${JSON.stringify(e)}`}static preProcess(e,t,r){const n=lo.generateThrottlingStorageKey(t),o=e.getThrottlingCache(n,r);if(o){if(o.throttleTime<Date.now())return void e.removeItem(n,r);throw new to(o.errorCodes?.join(" ")||"",o.errorMessage,o.subError)}}static postProcess(e,t,r,n){if(lo.checkResponseStatus(r)||lo.checkResponseForRetryAfter(r)){const o={throttleTime:lo.calculateThrottleTime(parseInt(r.headers[I])),error:r.body.error,errorCodes:r.body.error_codes,errorMessage:r.body.error_description,subError:r.body.suberror};e.setThrottlingCache(lo.generateThrottlingStorageKey(t),o,n)}}static checkResponseStatus(e){return 429===e.status||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return!!e.headers&&(e.headers.hasOwnProperty(I)&&(e.status<200||e.status>=300))}static calculateThrottleTime(e){const t=e<=0?0:e,r=Date.now()/1e3;return Math.floor(1e3*Math.min(r+(t||60),r+3600))}static removeThrottle(e,t,r,n){const o=ho(t,r,n),i=this.generateThrottlingStorageKey(o);e.removeItem(i,r.correlationId)}}class uo extends Ie{constructor(e,t,r){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,uo.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=r}}function go(e,t,r,n){return e.errorMessage=`${e.errorMessage}, additionalErrorInfo: error.name:${n?.name}, error.message:${n?.message}`,new uo(e,t,r)}function po(e,t,r){const n={};if(n[y]="application/x-www-form-urlencoded;charset=utf-8",!t&&r)switch(r.type){case so:try{const e=Hr(r.credential);n[C]=`Oid:${e.uid}@${e.utid}`}catch(t){e.verbose("1qhtee","")}break;case ao:n[C]=`UPN: ${r.credential}`}return n}function mo(e,t,r,n){const o=new Map;return e.embeddedClientId&&sr(o,t,r),e.extraQueryParameters&&er(o,e.extraQueryParameters),zt(o,e.correlationId),xt(o,e.correlationId,n),dr(o)}async function fo(e,t,r,n,o,i,s,a,c,h){const l=await async function(e,t,r,n,o,i,s,a){let c;lo.preProcess(o,e,n);try{c=await Ln(i.sendPostRequestAsync.bind(i),En,s,a,n)(t,r);const e=c.headers||{};a?.addFields({refreshTokenSize:c.body.refresh_token?.length||0,httpVerToken:e[b]||"",requestId:e[T]||""},n)}catch(e){if(e instanceof uo){const t=e.responseHeaders;throw t&&a?.addFields({httpVerToken:t[b]||"",requestId:t[T]||"",contentTypeHeader:t[y]||void 0,contentLengthHeader:t[w]||void 0,httpStatus:e.httpStatus},n),e.error}throw e instanceof Ie?e:Ae(et)}return lo.postProcess(o,e,c,n),c}(n,e,{body:t,headers:r},o,i,s,a,c);return h&&l.status<500&&429!==l.status&&h.clearTelemetryCache(),l}class yo{constructor(e,t,r,n){this.networkInterface=e,this.logger=t,this.performanceClient=r,this.correlationId=n}async detectRegion(e,t){let r=e;if(r)t.region_source=Z;else{const e=yo.IMDS_OPTIONS;try{const n=await Ln(this.getRegionFromIMDS.bind(this),Nn,this.logger,this.performanceClient,this.correlationId)("2020-06-01",e);if(200===n.status&&(r=n.body,t.region_source=X),400===n.status){const n=await Ln(this.getCurrentVersion.bind(this),"regionDiscoveryGetCurrentVersion",this.logger,this.performanceClient,this.correlationId)(e);if(!n)return t.region_source=Y,null;const o=await Ln(this.getRegionFromIMDS.bind(this),Nn,this.logger,this.performanceClient,this.correlationId)(n,e);200===o.status&&(r=o.body,t.region_source=X)}}catch(e){return t.region_source=Y,null}}return r||(t.region_source=Y),r||null}async getRegionFromIMDS(e,t){return this.networkInterface.sendGetRequestAsync(`${d}?api-version=${e}&format=text`,t,2e3)}async getCurrentVersion(e){try{const t=await this.networkInterface.sendGetRequestAsync(`${d}?format=json`,e);return 400===t.status&&t.body&&t.body["newest-versions"]&&t.body["newest-versions"].length>0?t.body["newest-versions"][0]:null}catch(e){return null}}}yo.IMDS_OPTIONS={headers:{Metadata:"true"}};class wo{constructor(e,t,r,n,o,i,s,a){this.canonicalAuthority=e,this._canonicalAuthority.validateAsUri(),this.networkInterface=t,this.cacheManager=r,this.authorityOptions=n,this.regionDiscoveryMetadata={region_used:void 0,region_source:void 0,region_outcome:void 0},this.logger=o,this.performanceClient=s,this.correlationId=i,this.managedIdentity=a||!1,this.regionDiscovery=new yo(t,this.logger,this.performanceClient,this.correlationId)}getAuthorityType(e){if(e.HostNameAndPort.endsWith(o))return Br;const t=e.PathSegments;if(t.length)switch(t[0].toLowerCase()){case"adfs":return Dr;case"dstsv2":return Kr}return Fr}get authorityType(){return this.getAuthorityType(this.canonicalAuthorityUrlComponents)}get protocolMode(){return this.authorityOptions.protocolMode}get options(){return this.authorityOptions}get canonicalAuthority(){return this._canonicalAuthority.urlString}set canonicalAuthority(e){this._canonicalAuthority=new _r(e),this._canonicalAuthority.validateAsUri(),this._canonicalAuthorityUrlComponents=null}get canonicalAuthorityUrlComponents(){return this._canonicalAuthorityUrlComponents||(this._canonicalAuthorityUrlComponents=this._canonicalAuthority.getUrlComponents()),this._canonicalAuthorityUrlComponents}get hostnameAndPort(){return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()}get tenant(){return this.canonicalAuthorityUrlComponents.PathSegments[0]}get authorizationEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.authorization_endpoint);throw Ae(Xe)}get tokenEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint);throw Ae(Xe)}get deviceCodeEndpoint(){if(this.discoveryComplete())return this.replacePath(this.metadata.token_endpoint.replace("/token","/devicecode"));throw Ae(Xe)}get endSessionEndpoint(){if(this.discoveryComplete()){if(!this.metadata.end_session_endpoint)throw Ae(Tt);return this.replacePath(this.metadata.end_session_endpoint)}throw Ae(Xe)}get selfSignedJwtAudience(){if(this.discoveryComplete())return this.replacePath(this.metadata.issuer);throw Ae(Xe)}get jwksUri(){if(this.discoveryComplete())return this.replacePath(this.metadata.jwks_uri);throw Ae(Xe)}canReplaceTenant(e){return 1===e.PathSegments.length&&!wo.reservedTenantDomains.has(e.PathSegments[0])&&this.getAuthorityType(e)===Fr&&this.protocolMode!==jr.OIDC}replaceTenant(e){return e.replace(/{tenant}|{tenantid}/g,this.tenant)}replacePath(e){let t=e;const r=new _r(this.metadata.canonical_authority).getUrlComponents(),n=r.PathSegments;return this.canonicalAuthorityUrlComponents.PathSegments.forEach(((e,o)=>{let i=n[o];if(0===o&&this.canReplaceTenant(r)){const e=new _r(this.metadata.authorization_endpoint).getUrlComponents().PathSegments[0];i!==e&&(this.logger.verbose("1q3g2x",this.correlationId),i=e)}e!==i&&(t=t.replace(`/${i}/`,`/${e}/`))})),this.replaceTenant(t)}get defaultOpenIdConfigurationEndpoint(){const e=this.hostnameAndPort;return this.canonicalAuthority.endsWith("v2.0/")||this.authorityType===Dr||this.protocolMode===jr.OIDC&&!this.isAliasOfKnownMicrosoftAuthority(e)?`${this.canonicalAuthority}.well-known/openid-configuration`:`${this.canonicalAuthority}v2.0/.well-known/openid-configuration`}discoveryComplete(){return!!this.metadata}async resolveEndpointsAsync(){const e=this.getCurrentMetadataEntity(),t=await Ln(this.updateCloudDiscoveryMetadata.bind(this),"authorityUpdateCloudDiscoveryMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.canonicalAuthority=this.canonicalAuthority.replace(this.hostnameAndPort,e.preferred_network);const r=await Ln(this.updateEndpointMetadata.bind(this),"authorityUpdateEndpointMetadata",this.logger,this.performanceClient,this.correlationId)(e);this.updateCachedMetadata(e,t,{source:r}),this.performanceClient?.addFields({cloudDiscoverySource:t,authorityEndpointSource:r},this.correlationId)}getCurrentMetadataEntity(){let e=this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort,this.correlationId);return e||(e={aliases:[],preferred_cache:this.hostnameAndPort,preferred_network:this.hostnameAndPort,canonical_authority:this.canonicalAuthority,authorization_endpoint:"",token_endpoint:"",end_session_endpoint:"",issuer:"",aliasesFromNetwork:!1,endpointsFromNetwork:!1,expiresAt:bn(),jwks_uri:""}),e}updateCachedMetadata(e,t,r){t!==z&&r?.source!==z&&(e.expiresAt=bn(),e.canonical_authority=this.canonicalAuthority);const n=this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache,this.correlationId);this.cacheManager.setAuthorityMetadata(n,e,this.correlationId),this.metadata=e}async updateEndpointMetadata(e){const t=this.updateEndpointMetadataFromLocalSources(e);if(t){if(t.source===$&&this.authorityOptions.azureRegionConfiguration?.azureRegion&&t.metadata){An(e,await Ln(this.updateMetadataWithRegionalInformation.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(t.metadata),!1),e.canonical_authority=this.canonicalAuthority}return t.source}let r=await Ln(this.getEndpointMetadataFromNetwork.bind(this),"authorityGetEndpointMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return this.validateIssuer(r.issuer),this.authorityOptions.azureRegionConfiguration?.azureRegion&&(r=await Ln(this.updateMetadataWithRegionalInformation.bind(this),qn,this.logger,this.performanceClient,this.correlationId)(r)),An(e,r,!0),j;throw Ae(tt,this.defaultOpenIdConfigurationEndpoint)}updateEndpointMetadataFromLocalSources(e){this.logger.verbose("1fi0kc",this.correlationId);const t=this.getEndpointMetadataFromConfig();if(t)return this.logger.verbose("06t0uj",this.correlationId),An(e,t,!1),{source:B};this.logger.verbose("151k0p",this.correlationId);const r=this.getEndpointMetadataFromHardcodedValues();if(r)return An(e,r,!1),{source:$,metadata:r};this.logger.verbose("1imop5",this.correlationId);const n=_n(e);return this.isAuthoritySameType(e)&&e.endpointsFromNetwork&&!n?(this.logger.verbose("16uq31",""),{source:z}):(n&&this.logger.verbose("0uoibc",""),null)}isAuthoritySameType(e){return new _r(e.canonical_authority).getUrlComponents().PathSegments.length===this.canonicalAuthorityUrlComponents.PathSegments.length}getEndpointMetadataFromConfig(){if(this.authorityOptions.authorityMetadata)try{return JSON.parse(this.authorityOptions.authorityMetadata)}catch(e){throw ke(Ue)}return null}async getEndpointMetadataFromNetwork(){const e={},t=this.defaultOpenIdConfigurationEndpoint;this.logger.verbose("1y65x6",this.correlationId);try{const r=await this.networkInterface.sendGetRequestAsync(t,e),n=function(e){return e.hasOwnProperty("authorization_endpoint")&&e.hasOwnProperty("token_endpoint")&&e.hasOwnProperty("issuer")&&e.hasOwnProperty("jwks_uri")}(r.body);return n?r.body:(this.logger.verbose("1koyv8",this.correlationId),null)}catch(e){return this.logger.verbose("0a9wik",this.correlationId),null}}getEndpointMetadataFromHardcodedValues(){return this.hostnameAndPort in Pr?Pr[this.hostnameAndPort]:null}async updateMetadataWithRegionalInformation(e){const t=this.authorityOptions.azureRegionConfiguration?.azureRegion;if(t){if("TryAutoDetect"!==t)return this.regionDiscoveryMetadata.region_outcome=ee,this.regionDiscoveryMetadata.region_used=t,wo.replaceWithRegionalInformation(e,t);const r=await Ln(this.regionDiscovery.detectRegion.bind(this.regionDiscovery),"regionDiscoveryDetectRegion",this.logger,this.performanceClient,this.correlationId)(this.authorityOptions.azureRegionConfiguration?.environmentRegion,this.regionDiscoveryMetadata);if(r)return this.regionDiscoveryMetadata.region_outcome=te,this.regionDiscoveryMetadata.region_used=r,wo.replaceWithRegionalInformation(e,r);this.regionDiscoveryMetadata.region_outcome=re}return e}async updateCloudDiscoveryMetadata(e){const t=this.updateCloudDiscoveryMetadataFromLocalSources(e);if(t)return t;const r=await Ln(this.getCloudDiscoveryMetadataFromNetwork.bind(this),"authorityGetCloudDiscoveryMetadataFromNetwork",this.logger,this.performanceClient,this.correlationId)();if(r)return Sn(e,r,!0),j;throw ke(Le)}updateCloudDiscoveryMetadataFromLocalSources(e){this.logger.verbose("1tpqlr",this.correlationId),this.logger.verbosePii("1fy7uz",this.correlationId),this.logger.verbosePii("08zabj",this.correlationId),this.logger.verbosePii("1o1kv3",this.correlationId);const t=this.getCloudDiscoveryMetadataFromConfig();if(t)return this.logger.verbose("1nakio",this.correlationId),Sn(e,t,!1),B;this.logger.verbose("1x74aj",this.correlationId);const r=(n=this.hostnameAndPort,xr(Rr.metadata,n));var n;if(r)return this.logger.verbose("0by47c",this.correlationId),Sn(e,r,!1),$;this.logger.verbose("0r2fzy",this.correlationId);const o=_n(e);return this.isAuthoritySameType(e)&&e.aliasesFromNetwork&&!o?(this.logger.verbose("1uffgh",""),z):(o&&this.logger.verbose("0uoibc",""),null)}getCloudDiscoveryMetadataFromConfig(){if(this.authorityType===Br)return this.logger.verbose("04y84h",this.correlationId),wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);if(this.authorityOptions.cloudDiscoveryMetadata){this.logger.verbose("0gszr3",this.correlationId);try{this.logger.verbose("1iifkx",this.correlationId);const e=xr(JSON.parse(this.authorityOptions.cloudDiscoveryMetadata).metadata,this.hostnameAndPort);if(this.logger.verbose("0q67e3",""),e)return this.logger.verbose("0hzfao",this.correlationId),e;this.logger.verbose("1ajz3u",this.correlationId)}catch(e){throw this.logger.verbose("1wq5tu",this.correlationId),ke(Ne)}}return this.isInKnownAuthorities(this.hostnameAndPort)?(this.logger.verbose("0mt9al",this.correlationId),wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)):null}async getCloudDiscoveryMetadataFromNetwork(){const e=`${n}${this.canonicalAuthority}oauth2/v2.0/authorize`,t={};let r=null;try{const n=await this.networkInterface.sendGetRequestAsync(e,t);let o,i;if(function(e){return e.hasOwnProperty("tenant_discovery_endpoint")&&e.hasOwnProperty("metadata")}(n.body))o=n.body,i=o.metadata,this.logger.verbosePii("1vglyt",this.correlationId);else{if(!function(e){return e.hasOwnProperty("error")&&e.hasOwnProperty("error_description")}(n.body))return this.logger.error("0768g0",this.correlationId),null;if(this.logger.warning("062uto",this.correlationId),o=n.body,"invalid_instance"===o.error)return this.logger.error("1x90tm",this.correlationId),null;this.logger.warning("0wchdm",this.correlationId),this.logger.warning("1s5mpv",this.correlationId),this.logger.warning("1yhqpw",this.correlationId),i=[]}this.logger.verbose("1lrobr",this.correlationId),r=xr(i,this.hostnameAndPort)}catch(e){return e instanceof Ie?this.logger.error("0vwhc7",this.correlationId):this.logger.error("0s2z41",this.correlationId),null}return r||(this.logger.warning("0jp28q",this.correlationId),this.logger.verbose("130sd8",this.correlationId),r=wo.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),r}isInKnownAuthorities(e){const t=e.toLowerCase();return this.authorityOptions.knownAuthorities.filter((e=>e&&_r.getDomainFromUrl(e).toLowerCase()===t)).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==Cr.None){const e=t.tenant?t.tenant:r;n=`${t.azureCloudInstance}/${e}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return"login.microsoftonline.com";if(this.discoveryComplete())return this.metadata.preferred_cache;throw Ae(Xe)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Or.has(e)}validateIssuer(e){if(!e)throw ke(We);let t;try{t=new URL(e)}catch{throw ke(We)}const r=t.protocol,n=t.host,o=(this.canonicalAuthorityUrlComponents.Protocol||"").toLowerCase(),i=(this.canonicalAuthorityUrlComponents.HostNameAndPort||"").toLowerCase(),s=this.matchesAuthorityOrigin(r,n,o,i),a="https:"===r&&this.isAliasOfKnownMicrosoftAuthority(n),c="https:"===r&&this.matchesRegionalMicrosoftHost(n),h=this.matchesCiamTenantPattern(t,i,this.canonicalAuthorityUrlComponents.PathSegments),l="https:"===r&&this.isInKnownAuthorities(n);if(!(s||a||c||h||l))throw ke(We)}matchesAuthorityOrigin(e,t,r,n){return e===r&&t===n}matchesRegionalMicrosoftHost(e){const t=e.indexOf(".");if(t>0&&t<e.length-1){const r=e.substring(t+1);return this.isAliasOfKnownMicrosoftAuthority(r)}return!1}matchesCiamTenantPattern(e,t,r){const n=r[0],s=n?n.endsWith(i)?n.slice(0,-16):n:t.split(".")[0];if(!s)return!1;const a=`https://${s}${o}`,c=[a,`${a}/${s}`,`${a}/${s}/v2.0`,`${a}/${s}${i}`,`${a}/${s}${i}/v2.0`],h=e.pathname.replace(/\/+$/,""),l=`${e.protocol}//${e.host}${h}`;return c.some((e=>e===l))}static isPublicCloudAuthority(e){return u.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,r){const n=new _r(e);n.validateAsUri();const o=n.getUrlComponents();let i=`${t}.${o.HostNameAndPort}`;this.isPublicCloudAuthority(o.HostNameAndPort)&&(i=`${t}.login.microsoft.com`);const s=_r.constructAuthorityUriFromObject({...n.getUrlComponents(),HostNameAndPort:i}).urlString;return r?`${s}?${r}`:s}static replaceWithRegionalInformation(e,t){const r={...e};return r.authorization_endpoint=wo.buildRegionalAuthorityString(r.authorization_endpoint,t),r.token_endpoint=wo.buildRegionalAuthorityString(r.token_endpoint,t),r.end_session_endpoint&&(r.end_session_endpoint=wo.buildRegionalAuthorityString(r.end_session_endpoint,t)),r}static transformCIAMAuthority(e){let t=e;const r=new _r(e).getUrlComponents();if(0===r.PathSegments.length&&r.HostNameAndPort.endsWith(o)){t=`${t}${r.HostNameAndPort.split(".")[0]}${i}`}return t}}function Io(e){return e.endsWith("/")?e:`${e}/`}function Co(e){const t=e.cloudDiscoveryMetadata;let r;if(t)try{r=JSON.parse(t)}catch(e){throw ke(Ne)}return{canonicalAuthority:e.authority?Io(e.authority):void 0,knownAuthorities:e.knownAuthorities,cloudDiscoveryMetadata:r}}async function vo(e,t,r,n,o,i,s){const a=wo.transformCIAMAuthority(Io(e)),c=new wo(a,t,r,n,o,i,s);try{return await Ln(c.resolveEndpointsAsync.bind(c),"authorityResolveEndpointsAsync",o,s,i)(),c}catch(e){throw Ae(Xe)}}wo.reservedTenantDomains=new Set(["{tenant}","{tenantid}",S,E,_]);class ko{constructor(e,t){this.includeRedirectUri=!0,this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(e,t,r){if(!e.code)throw Ae(lt);r&&r.cloud_instance_host_name&&await Ln(this.updateTokenEndpointAuthority.bind(this),"updateTokenEndpointAuthority",this.logger,this.performanceClient,e.correlationId)(r.cloud_instance_host_name,e.correlationId);const n=un(),o=await Ln(this.executeTokenRequest.bind(this),"authClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(this.authority,e,this.serverTelemetryManager),i=o.headers?.[T],s=new oo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(o.body,e.correlationId),Ln(s.handleServerTokenResponse.bind(s),xn,this.logger,this.performanceClient,e.correlationId)(o.body,this.authority,n,e,t,r,void 0,void 0,void 0,i)}getLogoutUri(e){if(!e)throw ke(xe);const t=this.createLogoutUrlQueryString(e);return _r.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t,r){const n=mo(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),o=_r.appendQueryString(e.tokenEndpoint,n),i=await Ln(this.createTokenRequestBody.bind(this),"authClientCreateTokenRequestBody",this.logger,this.performanceClient,t.correlationId)(t);let s;if(t.clientInfo)try{const e=Lr(t.clientInfo,this.cryptoUtils.base64Decode);s={credential:`${e.uid}.${e.utid}`,type:so}}catch(e){this.logger.verbose("0wznt3",t.correlationId)}const a=po(this.logger,this.config.systemOptions.preventCorsPreflight,s||t.ccsCredential),c=ho(this.config.authOptions.clientId,t);return Ln(fo,"authorizationCodeClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,t.correlationId)(o,i,a,c,t.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,r)}async createTokenRequestBody(e){const t=new Map;if(Ut(t,e.embeddedClientId||e.extraParameters?.[he]||this.config.authOptions.clientId),this.includeRedirectUri)Lt(t,e.redirectUri);else if(!e.redirectUri)throw ke(Se);if(Nt(t,e.scopes,!0,this.oidcDefaultScopes),ar(t,e.resource),function(e,t){e.set("code",t)}(t,e.code),jt(t,this.config.libraryInfo),$t(t,this.config.telemetry.application),ir(t),this.serverTelemetryManager&&!ln(this.config)&&or(t,this.serverTelemetryManager),e.codeVerifier&&function(e,t){e.set("code_verifier",t)}(t,e.codeVerifier),this.config.clientCredentials.clientSecret&&Gt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Qt(t,await co(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Vt(t,r.assertionType)}if(Yt(t,N),Zt(t),e.authenticationScheme===Q.POP){const r=new Fn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}rr(t,n)}else if(e.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);nr(t,e.sshJwk)}let r;if(e.clientInfo)try{const t=Lr(e.clientInfo,this.cryptoUtils.base64Decode);r={credential:`${t.uid}.${t.utid}`,type:so}}catch(t){this.logger.verbose("0wznt3",e.correlationId)}else r=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&r)switch(r.type){case so:try{Dt(t,Hr(r.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case ao:Ft(t,r.credential)}return e.embeddedClientId&&sr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&er(t,e.extraParameters),!e.enableSpaAuthorizationCode||e.extraParameters&&e.extraParameters[ge]||er(t,{[ge]:"1"}),xt(t,e.correlationId,this.performanceClient),Bt(t,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),dr(t)}createLogoutUrlQueryString(e){const t=new Map;return e.postLogoutRedirectUri&&function(e,t){e.set("post_logout_redirect_uri",t)}(t,e.postLogoutRedirectUri),e.correlationId&&zt(t,e.correlationId),e.idTokenHint&&function(e,t){e.set("id_token_hint",t)}(t,e.idTokenHint),e.state&&Jt(t,e.state),e.logoutHint&&function(e,t){e.set("logout_hint",t)}(t,e.logoutHint),e.extraQueryParameters&&er(t,e.extraQueryParameters),this.config.authOptions.instanceAware&&Xt(t),dr(t)}async updateTokenEndpointAuthority(e,t){const r=`https://${e}/${this.authority.tenant}/`,n=await vo(r,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=n}}class To{constructor(e,t){this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireToken(e,t){const r=un(),n=await Ln(this.executeTokenRequest.bind(this),"refreshTokenClientExecuteTokenRequest",this.logger,this.performanceClient,e.correlationId)(e,this.authority),o=n.headers?.[T],i=new oo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.performanceClient,this.config.serializableCache,this.config.persistencePlugin);return i.validateTokenResponse(n.body,e.correlationId),Ln(i.handleServerTokenResponse.bind(i),xn,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,r,e,t,void 0,void 0,!0,e.forceCache,o)}async acquireTokenByRefreshToken(e,t){if(!e)throw ke(Me);if(!e.account)throw Ae(pt);if(this.cacheManager.isAppMetadataFOCI(e.account.environment,e.correlationId))try{return await Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!0,t)}catch(r){const n=r instanceof Zn&&r.errorCode===Dn,o=r instanceof to&&"invalid_grant"===r.errorCode&&"client_mismatch"===r.subError;if(n||o)return Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!1,t);throw r}return Ln(this.acquireTokenWithCachedRefreshToken.bind(this),Pn,this.logger,this.performanceClient,e.correlationId)(e,!1,t)}async acquireTokenWithCachedRefreshToken(e,t,r){const n=Un(this.cacheManager.getRefreshToken.bind(this.cacheManager),"cacheManagerGetRefreshToken",this.logger,this.performanceClient,e.correlationId)(e.account,t,e.correlationId,void 0);if(!n)throw eo(Dn);if(n.expiresOn){const t=e.refreshTokenExpirationOffsetSeconds||300;if(this.performanceClient?.addFields({cacheRtExpiresOnSeconds:Number(n.expiresOn),rtOffsetSeconds:t},e.correlationId),mn(n.expiresOn,t))throw eo(Bn)}const o={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Q.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:so}};try{return await Ln(this.acquireToken.bind(this),"refreshTokenClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(o,r)}catch(t){if(t instanceof Zn&&t.subError===Wn){this.logger.verbose("1pg3ap",e.correlationId);const t=this.cacheManager.generateCredentialKey(n);this.cacheManager.removeRefreshToken(t,e.correlationId)}throw t}}async executeTokenRequest(e,t){const r=mo(e,this.config.authOptions.clientId,this.config.authOptions.redirectUri,this.performanceClient),n=_r.appendQueryString(t.tokenEndpoint,r),o=await Ln(this.createTokenRequestBody.bind(this),"refreshTokenClientCreateTokenRequestBody",this.logger,this.performanceClient,e.correlationId)(e),i=po(this.logger,this.config.systemOptions.preventCorsPreflight,e.ccsCredential),s=ho(this.config.authOptions.clientId,e);return Ln(fo,"refreshTokenClientExecutePostToTokenEndpoint",this.logger,this.performanceClient,e.correlationId)(n,o,i,s,e.correlationId,this.cacheManager,this.networkClient,this.logger,this.performanceClient,this.serverTelemetryManager)}async createTokenRequestBody(e){const t=new Map;if(Ut(t,e.embeddedClientId||e.extraParameters?.[he]||this.config.authOptions.clientId),e.redirectUri&&Lt(t,e.redirectUri),Nt(t,e.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),Yt(t,U),Zt(t),jt(t,this.config.libraryInfo),$t(t,this.config.telemetry.application),ir(t),this.serverTelemetryManager&&!ln(this.config)&&or(t,this.serverTelemetryManager),function(e,t){e.set("refresh_token",t)}(t,e.refreshToken),this.config.clientCredentials.clientSecret&&Gt(t,this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const r=this.config.clientCredentials.clientAssertion;Qt(t,await co(r.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),Vt(t,r.assertionType)}if(e.authenticationScheme===Q.POP){const r=new Fn(this.cryptoUtils,this.performanceClient);let n;if(e.popKid)n=this.cryptoUtils.encodeKid(e.popKid);else{n=(await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString}rr(t,n)}else if(e.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);nr(t,e.sshJwk)}if(this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case so:try{Dt(t,Hr(e.ccsCredential.credential))}catch(t){this.logger.verbose("1qhtee",e.correlationId)}break;case ao:Ft(t,e.ccsCredential.credential)}return e.embeddedClientId&&sr(t,this.config.authOptions.clientId,this.config.authOptions.redirectUri),e.extraParameters&&er(t,{...e.extraParameters}),xt(t,e.correlationId,this.performanceClient),Bt(t,e.claims,this.config.authOptions.clientCapabilities,e.skipBrokerClaims),dr(t)}}class bo{constructor(e,t){this.config=hn(e),this.logger=new yr(this.config.loggerOptions,wr,Ir),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}async acquireCachedToken(e){let t=ne;if(e.forceRefresh||!Te.isEmptyObj(e.claims))throw this.setCacheOutcome(oe,e.correlationId),Ae(It);if(!e.account)throw Ae(pt);const r=e.account.tenantId||function(e){const t=new _r(e).getUrlComponents(),r=t.PathSegments.slice(-1)[0]?.toLowerCase();switch(r){case S:case _:case E:return;default:return r}}(e.authority),n=this.cacheManager.getTokenKeys(),o=this.cacheManager.getAccessToken(e.account,e,n,r);if(!o)throw this.setCacheOutcome(ie,e.correlationId),Ae(It);if(yn(o.cachedAt)||mn(o.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(se,e.correlationId),Ae(It);if(e.resource){if(o.resource!==e.resource)throw this.setCacheOutcome(ie,e.correlationId),Ae(It)}else o.refreshOn&&mn(o.refreshOn,0)&&(t=ae);const i=e.authority||this.authority.getPreferredCache(),s={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(e.account),e.correlationId),accessToken:o,idToken:this.cacheManager.getIdToken(e.account,e.correlationId,n,r),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(i,e.correlationId)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await Ln(this.generateResultFromCacheRecord.bind(this),"silentFlowClientGenerateResultFromCacheRecord",this.logger,this.performanceClient,e.correlationId)(s,e),t]}setCacheOutcome(e,t){this.serverTelemetryManager?.setCacheOutcome(e),this.performanceClient?.addFields({cacheOutcome:e},t),e!==ne&&this.logger.info("09ingz",t)}async generateResultFromCacheRecord(e,t){let r;if(e.idToken&&(r=br(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||0===t.maxAge){const e=r?.auth_time;if(!e)throw Ae(at);Sr(e,t.maxAge)}return oo.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,this.performanceClient,r)}}const Ao={sendGetRequestAsync:()=>Promise.reject(Ae(_t)),sendPostRequestAsync:()=>Promise.reject(Ae(_t))};function So(e,t,r,n){const o=t.correlationId,i=new Map;Ut(i,t.embeddedClientId||t.extraQueryParameters?.[he]||e.clientId);if(Nt(i,[...t.scopes||[],...t.extraScopesToConsent||[]],!0,e.authority.options.OIDCOptions?.defaultScopes),ar(i,t.resource),Lt(i,t.redirectUri),zt(i,o),function(e,t){e.set("response_mode",t||q.QUERY)}(i,t.responseMode),Zt(i),function(e){e.set("clidata","1")}(i),t.prompt&&(!function(e,t){e.set("prompt",t)}(i,t.prompt),n?.addFields({prompt:t.prompt},o)),t.domainHint&&(!function(e,t){e.set("domain_hint",t)}(i,t.domainHint),n?.addFields({domainHintFromRequest:!0},o)),t.prompt!==O.SELECT_ACCOUNT)if(t.sid&&t.prompt===O.NONE)r.verbose("1tvqyx",t.correlationId),Kt(i,t.sid),n?.addFields({sidFromRequest:!0},o);else if(t.account){const e=(s=t.account,s.idTokenClaims?.sid||null);let a=function(e){return e.loginHint||e.idTokenClaims?.login_hint||null}(t.account);if(a&&t.domainHint&&(r.warning("0wkg3v",t.correlationId),a=null),a){r.verbose("1eyfsw",t.correlationId),Ht(i,a),n?.addFields({loginHintFromClaim:!0},o);try{Dt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(e&&t.prompt===O.NONE){r.verbose("1rmd8s",t.correlationId),Kt(i,e),n?.addFields({sidFromClaim:!0},o);try{Dt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}else if(t.loginHint)r.verbose("0y3007",t.correlationId),Ht(i,t.loginHint),Ft(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o);else if(t.account.username){r.verbose("02f507",t.correlationId),Ht(i,t.account.username),n?.addFields({loginHintFromUpn:!0},o);try{Dt(i,Hr(t.account.homeAccountId))}catch(e){r.verbose("12ugck",t.correlationId)}}}else t.loginHint&&(r.verbose("0g01ey",t.correlationId),Ht(i,t.loginHint),Ft(i,t.loginHint),n?.addFields({loginHintFromRequest:!0},o));else r.verbose("169k9v",t.correlationId);var s;return t.nonce&&function(e,t){e.set("nonce",t)}(i,t.nonce),t.state&&Jt(i,t.state),t.embeddedClientId&&sr(i,e.clientId,e.redirectUri),Bt(i,t.claims,e.clientCapabilities,t.skipBrokerClaims),!e.instanceAware||t.extraQueryParameters&&Object.keys(t.extraQueryParameters).includes(ye)||Xt(i),i}function _o(e,t){const r=dr(t);return _r.appendQueryString(e.authorizationEndpoint,r)}function Eo(e,t){if(!e.state||!t)throw e.state?Ae(it,"Cached State"):Ae(it,"Server State");let r,n;try{r=decodeURIComponent(e.state)}catch(t){throw Ae(nt,e.state)}try{n=decodeURIComponent(t)}catch(t){throw Ae(nt,e.state)}if(r!==n)throw Ae(ot);if(e.error||e.error_description||e.suberror){const t=function(e){const t="code=",r=e.error_uri?.lastIndexOf(t);return r&&r>=0?e.error_uri?.substring(r+t.length):void 0}(e);if(Xn(e.error,e.error_description,e.suberror))throw new Zn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",t);throw new to(e.error||"",e.error_description,e.suberror,t)}}function Po(e,t){if(e){if(t.resource&&(Ro(t.extraParameters)||Ro(t.extraQueryParameters)))throw Ae(Rt);if(!t.resource)throw Ae(Pt)}}function Ro(e){return!!e&&Object.prototype.hasOwnProperty.call(e,"resource")}const Oo="unexpected_error";var Mo=Object.freeze({__proto__:null,postRequestFailed:"post_request_failed",unexpectedError:Oo});function xo(e){const{skus:t,libraryName:r,libraryVersion:n,extensionName:o,extensionVersion:i}=e,s=new Map([[0,[r,n]],[2,[o,i]]]);let a=[];if(t?.length){if(a=t.split(","),a.length<4)return t}else a=Array.from({length:4},(()=>"|"));return s.forEach(((e,t)=>{2===e.length&&e[0]?.length&&e[1]?.length&&function(e){const{skuArr:t,index:r,skuName:n,skuVersion:o}=e;if(r>=t.length)return;t[r]=[n,o].join("|")}({skuArr:a,index:t,skuName:e[0],skuVersion:e[1]})})),a.join(",")}class qo{constructor(e,t){this.cacheOutcome=ne,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||"",this.wrapperVer=e.wrapperVer||"",this.telemetryCacheKey=W+"-"+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${G}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],r=this.getNativeBrokerErrorCode();r?.length&&t.push(`broker_error=${r}`);const n=t.join(G),o=[e,this.getRegionDiscoveryFields()].join(G);return[J,o,n].join("|")}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=qo.maxErrorsToSend(e),r=e.failedRequests.slice(0,2*t).join(G),n=e.errors.slice(0,t).join(G),o=e.errors.length,i=[o,t<o?"1":"0"].join(G);return[J,e.cacheHits,r,n,i].join("|")}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=50&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Ie?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push("unknown_error"),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId),e.cacheHits}getLastRequests(){return this.cacheManager.getServerTelemetry(this.telemetryCacheKey,this.correlationId)||{failedRequests:[],errors:[],cacheHits:0}}clearTelemetryCache(){const e=this.getLastRequests(),t=qo.maxErrorsToSend(e);if(t===e.errors.length)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{const r={failedRequests:e.failedRequests.slice(2*t),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,r,this.correlationId)}}static maxErrorsToSend(e){let t,r=0,n=0;const o=e.errors.length;for(t=0;t<o;t++){const o=e.failedRequests[2*t]||"",i=e.failedRequests[2*t+1]||"",s=e.errors[t]||"";if(n+=o.toString().length+i.toString().length+s.length+3,!(n<330))break;r+=1}return r}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||""),e.push(this.regionSource||""),e.push(this.regionOutcome||""),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e,this.correlationId)}static makeExtraSkuString(e){return xo(e)}}class No extends Ie{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,No.prototype)}}function Uo(e){return new No(e)}class Lo{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Uo("missing_kid_error");if(!e.alg)throw Uo("missing_alg_error");const t=new Lo({typ:e.typ||ce.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}function Ho(e,t,r,n=5){if(e instanceof Error)return e instanceof Ie?(r.errorCode=e.errorCode,r.subErrorCode=e.subError,void(!r.serverErrorNo&&(e instanceof to||e instanceof Zn)&&e.errorNo&&(r.serverErrorNo=e.errorNo))):void(e instanceof Nr?r.errorCode=e.errorCode:r.errorStack?.length?t.trace("0lmqrh",r.correlationId):e.stack?.length?(e.stack&&(r.errorStack=function(e,t){if(t<0)return[];const r=e.split("\n")||[],n=[],o=r[0];o.startsWith("TypeError: Cannot read property")||o.startsWith("TypeError: Cannot read properties of")||o.startsWith("TypeError: Cannot set property")||o.startsWith("TypeError: Cannot set properties of")||o.endsWith("is not a function")?n.push(Fo(o)):(o.startsWith("SyntaxError")||o.startsWith("TypeError"))&&n.push(Fo(o.replace(/['].*[']|["].*["]/g,"<redacted>")));for(let e=1;e<r.length&&!(n.length>=t);e++){const t=r[e];n.push(Fo(t))}return n}(e.stack,n)),r.errorName=e.name):t.trace("1cnpwa",r.correlationId));t.trace("0gcyox",r.correlationId)}function Fo(e){const t=e.lastIndexOf(" ")+1;if(t<1)return e;const r=e.substring(t);let n=r.lastIndexOf("/");return n=n<0?r.lastIndexOf("\\"):n,n>=0?(e.substring(0,t)+"("+r.substring(n+1)+(")"===r.charAt(r.length-1)?"":")")).trimStart():e.trimStart()}class Do{constructor(e,t,r,n,o,i,s){this.authority=t,this.libraryName=n,this.libraryVersion=o,this.applicationTelemetry=i,this.clientId=e,this.logger=r,this.callbacks=new Map,this.eventsByCorrelationId=new Map,this.eventStack=new Map,this.intFields=s||new Set;for(const e of Xr)this.intFields.add(e)}startMeasurement(e,t){const r=t||this.generateId(),n={eventId:this.generateId(),status:Vr,authority:this.authority,libraryName:this.libraryName,libraryVersion:this.libraryVersion,clientId:this.clientId,name:e,startTimeMs:Date.now(),correlationId:r,appName:this.applicationTelemetry?.appName,appVersion:this.applicationTelemetry?.appVersion};var o,i;return this.cacheEventByCorrelationId(n),o=n,(i=this.eventStack.get(r))&&i.push({name:o.name}),{end:(e,t,r)=>this.endMeasurement({...n,...e},t,r),discard:()=>this.discardMeasurements(n.correlationId),add:e=>this.addFields(e,n.correlationId),increment:e=>this.incrementFields(e,n.correlationId),event:n}}endMeasurement(e,t,r){const n=this.eventsByCorrelationId.get(e.correlationId);if(!n)return this.logger.trace("0k9ti8",e.correlationId),null;const o=e.eventId===n.eventId;e.durationMs=Math.round(e.durationMs||this.getDurationMs(e.startTimeMs));const i=JSON.stringify(function(e,t,r){if(!t?.length)return;const n=e=>e.length?e[e.length-1]:void 0,o=e.name,i=n(t);if(i?.name!==o)return;const s=t?.pop();if(!s)return;const a=r instanceof Ie?r.errorCode:r instanceof Error?r.name:void 0,c=r instanceof Ie?r.subError:void 0;a&&s.childErr!==a&&(s.err=a,c&&(s.subErr=c)),delete s.name,delete s.childErr;const h={...s,dur:e.durationMs};e.success||(h.fail=1);const l=n(t);if(!l)return{[o]:h};let d;if(a&&(l.childErr=a),l[o]){const e=Object.keys(l).filter((e=>e.startsWith(o))).length;d=`${o}_${e+1}`}else d=o;return l[d]=h,l}(e,this.eventStack.get(n.correlationId),t));if(o?this.discardMeasurements(n.correlationId):n.incompleteSubMeasurements?.delete(e.eventId),t&&Ho(t,this.logger,n),!o)return n.ext={...n.ext,...e.ext},n.ext[e.name+"DurationMs"]=Math.floor(e.durationMs),{...n};o&&!t&&(n.errorCode||n.subErrorCode)&&(this.logger.trace("1fm1tm",e.correlationId),n.errorCode=void 0,n.subErrorCode=void 0);let s={...n,...e},a=0;s.incompleteSubMeasurements?.forEach((e=>{this.logger.trace("0nxk52",s.correlationId),a++})),s.incompleteSubMeasurements=void 0;const c=function(e){const t=[];for(const r of["",e]){const e=mr.get(r);t.push(...e?.logs??[]),mr.delete(r)}return t}(e.correlationId).map((e=>`${e.milliseconds},${e.hash}`)).join(";");return s={...s,status:Yr,incompleteSubsCount:a,context:i,logs:c},r&&(s.accountType=function(e){const t=e?.idTokenClaims;return t?.tfp||t?.acr?"B2C":t?.tid?"9188040d-6c67-4c5b-b112-36a304b66dad"===t?.tid?"MSA":"AAD":void 0}(r),s.dataBoundary=r.dataBoundary),this.truncateIntegralFields(s),this.emitEvents([s],e.correlationId),s}addFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r){const n={},o={};for(const t in e)if(t.startsWith(Zr)){const r=t.slice(4),n=e[t];"string"!=typeof n&&"number"!=typeof n||(o[r]=n)}else n[t]=e[t];const i={...r,...n};Object.keys(o).length&&(i.ext={...i.ext,...o}),this.eventsByCorrelationId.set(t,i)}else this.logger.trace("0thl6s",t)}incrementFields(e,t){const r=this.eventsByCorrelationId.get(t);if(r)for(const t in e)if(t.startsWith(Zr)){r.ext=r.ext||{};const n=t.slice(4),o=r.ext[n];if(void 0===o)r.ext[n]=0;else if(isNaN(Number(o)))return;r.ext[n]=(Number(r.ext[n])||0)+(e[t]??0)}else{if(r.hasOwnProperty(t)){if(isNaN(Number(r[t])))return}else r[t]=0;r[t]+=e[t]}else this.logger.trace("0thl6s",t)}cacheEventByCorrelationId(e){const t=this.eventsByCorrelationId.get(e.correlationId);t?(t.incompleteSubMeasurements=t.incompleteSubMeasurements||new Map,t.incompleteSubMeasurements.set(e.eventId,{name:e.name,startTimeMs:e.startTimeMs})):(this.eventsByCorrelationId.set(e.correlationId,{...e}),this.eventStack.set(e.correlationId,[]))}discardMeasurements(e){this.eventsByCorrelationId.delete(e),this.eventStack.delete(e)}addPerformanceCallback(e){for(const[t,r]of this.callbacks)if(r.toString()===e.toString())return this.logger.warning("1eap5p",""),t;const t=this.generateId();return this.callbacks.set(t,e),this.logger.verbose("0c9ujz",""),t}removePerformanceCallback(e){const t=this.callbacks.delete(e);return t?this.logger.verbose("0253if",""):this.logger.verbose("0iqk07",""),t}emitEvents(e,t){this.logger.verbose("11jb1y",t),this.callbacks.forEach(((r,n)=>{this.logger.trace("0p2pjl",t),r.apply(null,[e])}))}truncateIntegralFields(e){this.intFields.forEach((t=>{t in e&&"number"==typeof e[t]&&(e[t]=Math.floor(e[t]))}))}getDurationMs(e){const t=Date.now()-e;return t<0?t:0}}const Ko="standardInteractionClientGetDiscoveredAuthority",Bo="nativeInteractionClientAcquireToken",zo="acquireTokenBySilentIframe",jo="initializeBaseRequest",$o="silentIframeClientTokenHelper",Jo="silentHandlerInitiateAuthRequest",Wo="silentHandlerMonitorIframeForHash",Go="standardInteractionClientCreateAuthCodeClient",Qo="standardInteractionClientGetClientConfiguration",Vo="standardInteractionClientInitializeAuthorizationRequest",Yo="handleResponseEar",Zo="handleResponsePlatformBroker",Xo="handleResponseCode",ei="deserializeResponse",ti="removeHiddenIframe",ri="generatePkceCodes",ni="generateHKDF",oi="decrypt",ii="generateEarKey",si="pkce_not_created",ai="ear_jwk_empty",ci="ear_jwe_empty",hi="crypto_nonexistent",li="empty_navigate_uri",di="hash_empty_error",ui="no_state_in_hash",gi="hash_does_not_contain_known_properties",pi="unable_to_parse_state",mi="state_interaction_type_mismatch",fi="interaction_in_progress",yi="interaction_in_progress_cancelled",wi="popup_window_error",Ii="empty_window_error",Ci="user_cancelled",vi="redirect_bridge_empty_response",ki="redirect_in_iframe",Ti="block_iframe_reload",bi="block_nested_popups",Ai="silent_logout_unsupported",Si="no_account_error",_i="no_token_request_cache_error",Ei="unable_to_parse_token_request_cache_error",Pi="non_browser_environment",Ri="database_not_open",Oi="no_network_connectivity",Mi="post_request_failed",xi="get_request_failed",qi="failed_to_parse_response",Ni="unable_to_load_token",Ui="crypto_key_not_found",Li="auth_code_required",Hi="auth_code_or_nativeAccountId_required",Fi="spa_code_and_nativeAccountId_present",Di="database_unavailable",Ki="unable_to_acquire_token_from_native_platform",Bi="native_handshake_timeout",zi="native_extension_not_installed",ji="native_connection_not_established",$i="uninitialized_public_client_application",Ji="native_prompt_not_supported",Wi="invalid_base64_string",Gi="invalid_pop_token_request",Qi="failed_to_build_headers",Vi="failed_to_parse_headers",Yi="failed_to_decrypt_ear_response",Zi="timed_out",Xi="empty_response";var es=Object.freeze({__proto__:null,authCodeOrNativeAccountIdRequired:Hi,authCodeRequired:Li,authRequestNotSetError:"auth_request_not_set_error",blockIframeReload:Ti,blockNestedPopups:bi,cryptoKeyNotFound:Ui,cryptoNonExistent:hi,databaseNotOpen:Ri,databaseUnavailable:Di,earJweEmpty:ci,earJwkEmpty:ai,emptyNavigateUri:li,emptyResponse:Xi,emptyWindowError:Ii,failedToBuildHeaders:Qi,failedToDecryptEarResponse:Yi,failedToParseHeaders:Vi,failedToParseResponse:qi,getRequestFailed:xi,hashDoesNotContainKnownProperties:gi,hashEmptyError:di,iframeClosedPrematurely:"iframe_closed_prematurely",interactionInProgress:fi,interactionInProgressCancelled:yi,invalidBase64String:Wi,invalidCacheType:"invalid_cache_type",invalidPopTokenRequest:Gi,nativeConnectionNotEstablished:ji,nativeExtensionNotInstalled:zi,nativeHandshakeTimeout:Bi,nativePromptNotSupported:Ji,noAccountError:Si,noNetworkConnectivity:Oi,noStateInHash:ui,noTokenRequestCacheError:_i,nonBrowserEnvironment:Pi,pkceNotCreated:si,popupWindowError:wi,postRequestFailed:Mi,redirectBridgeEmptyResponse:vi,redirectInIframe:ki,silentLogoutUnsupported:Ai,silentPromptValueError:"silent_prompt_value_error",spaCodeAndNativeAccountIdPresent:Fi,stateInteractionTypeMismatch:mi,timedOut:Zi,unableToAcquireTokenFromNativePlatform:Ki,unableToLoadToken:Ni,unableToParseState:pi,unableToParseTokenRequestCacheError:Ei,uninitializedPublicClientApplication:$i,userCancelled:Ci});function ts(e){return`See https://aka.ms/msal.js.errors#${e} for details`}class rs extends Ie{constructor(e,t){super(e,ts(e),t),Object.setPrototypeOf(this,rs.prototype),this.name="BrowserAuthError"}}function ns(e,t){return new rs(e,t)}function os(e){return(new TextDecoder).decode(is(e))}function is(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw ns(Wi)}const r=atob(t);return Uint8Array.from(r,(e=>e.codePointAt(0)||0))}const ss="invalid_grant",as=483,cs=600,hs="msal",ls="msal.js.browser",ds="53ee284d-920a-4b59-9d30-a60315b26836",us="ppnbnpeolgkicgegkbkbjmhlideopiji",gs="MATS",ps="MicrosoftEntra",ms="DOM API",fs="get-token-and-sign-out",ys="PlatformAuthDOMHandler",ws="PlatformAuthExtensionHandler",Is="Handshake",Cs="HandshakeResponse",vs="GetToken",ks="Response",Ts={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},bs="GET",As="POST",Ss="signin",_s="signout",Es="request.origin",Ps="urlHash",Rs="request.params",Os="code.verifier",Ms="interaction.status",xs="request.native",qs="wrapper.sku",Ns="wrapper.version",Us={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962,hydrateCache:963,loadExternalTokens:964},Ls={861:"acquireTokenRedirect",862:"acquireTokenPopup",863:"ssoSilent",864:"acquireTokenSilent_authCode",865:"handleRedirectPromise",866:"acquireTokenByCode",61:"acquireTokenSilent_silentFlow",961:"logout",962:"logoutPopup",963:"hydrateCache",964:"loadExternalTokens"};var Hs;e.InteractionType=void 0,(Hs=e.InteractionType||(e.InteractionType={})).Redirect="redirect",Hs.Popup="popup",Hs.Silent="silent",Hs.None="none";const Fs={Startup:"startup",Logout:"logout",AcquireToken:"acquireToken",HandleRedirect:"handleRedirect",None:"none"},Ds={scopes:m},Ks="msal.db",Bs=`${Ks}.keys`,zs={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},js=[zs.Default,zs.Skip,zs.RefreshTokenAndNetwork];function $s(e){return encodeURIComponent(Ws(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function Js(e){return Gs(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function Ws(e){return Gs((new TextEncoder).encode(e))}function Gs(e){const t=Array.from(e,(e=>String.fromCodePoint(e))).join("");return btoa(t)}const Qs="AES-GCM",Vs="HKDF",Ys="SHA-256",Zs=new Uint8Array([1,0,1]),Xs="0123456789abcdef",ea=new Uint32Array(1),ta="raw",ra="encrypt",na="decrypt",oa={name:"RSASSA-PKCS1-v1_5",hash:Ys,modulusLength:2048,publicExponent:Zs};async function ia(e){const t=(new TextEncoder).encode(e);return window.crypto.subtle.digest(Ys,t)}function sa(e){return window.crypto.getRandomValues(e)}function aa(){return window.crypto.getRandomValues(ea),ea[0]}function ca(){const e=Date.now(),t=1024*aa()+(1023&aa()),r=new Uint8Array(16),n=Math.trunc(t/2**30),o=t&2**30-1,i=aa();r[0]=e/2**40,r[1]=e/2**32,r[2]=e/2**24,r[3]=e/65536,r[4]=e/256,r[5]=e,r[6]=112|n>>>8,r[7]=n,r[8]=128|o>>>24,r[9]=o>>>16,r[10]=o>>>8,r[11]=o,r[12]=i>>>24,r[13]=i>>>16,r[14]=i>>>8,r[15]=i;let s="";for(let e=0;e<r.length;e++)s+=Xs.charAt(r[e]>>>4),s+=Xs.charAt(15&r[e]),3!==e&&5!==e&&7!==e&&9!==e||(s+="-");return s}async function ha(e){return window.crypto.subtle.exportKey("jwk",e)}async function la(){const e=await ua(),t={alg:"dir",kty:"oct",k:Js(new Uint8Array(e))};return Ws(JSON.stringify(t))}async function da(e,t){const r=t.split(".");if(5!==r.length)throw ns(Yi,"jwe_length");const n=await async function(e){const t=os(e),r=is(JSON.parse(t).k);return window.crypto.subtle.importKey(ta,r,Qs,!1,[na])}(e).catch((()=>{throw ns(Yi,"import_key")}));try{const e=(new TextEncoder).encode(r[0]),t=is(r[2]),o=is(r[3]),i=is(r[4]),s=8*i.byteLength,a=new Uint8Array(o.length+i.length);a.set(o),a.set(i,o.length);const c=await window.crypto.subtle.decrypt({name:Qs,iv:t,tagLength:s,additionalData:e},n,a);return(new TextDecoder).decode(c)}catch(e){throw ns(Yi,"decrypt")}}async function ua(){const e=await window.crypto.subtle.generateKey({name:Qs,length:256},!0,[ra,na]);return window.crypto.subtle.exportKey(ta,e)}async function ga(e){return window.crypto.subtle.importKey(ta,e,Vs,!1,["deriveKey"])}async function pa(e,t,r){return window.crypto.subtle.deriveKey({name:Vs,salt:t,hash:Ys,info:(new TextEncoder).encode(r)},e,{name:Qs,length:256},!1,[ra,na])}async function ma(e,t,r){const n=(new TextEncoder).encode(t),o=window.crypto.getRandomValues(new Uint8Array(16)),i=await pa(e,o,r),s=await window.crypto.subtle.encrypt({name:Qs,iv:new Uint8Array(12)},i,n);return{data:Js(new Uint8Array(s)),nonce:Js(o)}}async function fa(e,t,r,n){const o=is(n),i=await pa(e,is(t),r),s=await window.crypto.subtle.decrypt({name:Qs,iv:new Uint8Array(12)},i,o);return(new TextDecoder).decode(s)}const ya="storage_not_supported",wa="stubbed_public_client_application_called",Ia="in_mem_redirect_unavailable";var Ca=Object.freeze({__proto__:null,inMemRedirectUnavailable:Ia,storageNotSupported:ya,stubbedPublicClientApplicationCalled:wa});class va extends Ie{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,va.prototype)}}function ka(e){return new va(e,ts(e))}function Ta(){const e=window.location.hash,t=window.location.search;let r,n=!1,o=!1,i="";if(e&&e.length>1){const t="#"===e.charAt(0)?e.substring(1):e,o=new URLSearchParams(t);o.has("state")&&(n=!0,i=t,r=o)}if(t&&t.length>1){const e="?"===t.charAt(0)?t.substring(1):t,n=new URLSearchParams(e);n.has("state")&&(o=!0,i=e,r=n)}if(n&&o){i=`${"?"===t.charAt(0)?t.substring(1):t}${"#"===e.charAt(0)?e.substring(1):e}`,r=new URLSearchParams(i)}if(!i||!r)throw ns(Xi);const s=r.get("state");if(!s)throw ns(ui);const{libraryState:a}=no(os,s),{id:c,meta:h}=a;if(!c||!h)throw ns(pi,"missing_library_state");return{params:r,payload:i,urlHash:e,urlQuery:t,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:c,meta:h}}}function ba(e){e.location.hash="","function"==typeof e.history.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}${e.location.search}`)}function Aa(e){const t=e.split("#");t.shift(),window.location.hash=t.length>0?t.join("#"):""}function Sa(){return window.parent!==window}function _a(){if(Sa())return!1;try{const{libraryState:t}=Ta(),{meta:r}=t;return r.interactionType===e.InteractionType.Popup}catch(e){return!1}}let Ea=null;function Pa(e,t){Ea&&(e.verbose("18y01k",t),clearTimeout(Ea.timeoutId),Ea.channel.close(),Ea.reject(ns(yi)),Ea=null)}async function Ra(e,t,r,n,o){return new Promise(((i,s)=>{t.verbose("1rf6em",r.correlationId);const a=r.correlationId;n.addFields({redirectBridgeTimeoutMs:e,lateResponseExperimentEnabled:o?.iframeTimeoutTelemetry||!1},a);const{libraryState:c}=no(os,r.state||""),h=new BroadcastChannel(c.id);let l,d,u,g=!1;const p=window.setTimeout((()=>{Ea=null,o?.iframeTimeoutTelemetry?(u=n.startMeasurement("waitForBridgeLateResponse",a),g=!0,d=window.setTimeout((()=>{u?.end({success:!1}),clearTimeout(d),h.close()}),6e4)):h.close(),s(ns(Zi,"redirect_bridge_timeout"))}),e);Ea={timeoutId:p,channel:h,reject:s},h.onmessage=e=>{l=e.data.payload;const t=e?.data&&"number"==typeof e.data.v?e.data.v:void 0;if(g)return u?.end({success:!!l}),clearTimeout(d),void h.close();n.addFields({redirectBridgeMessageVersion:t},a),Ea=null,clearTimeout(p),h.close(),l?i(l):s(ns(vi))}}))}function Oa(){return"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function Ma(){const e=new _r(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function xa(){if(lr(window.location.hash)&&Sa())throw ns(Ti)}function qa(e){if(Sa()&&!e)throw ns(ki)}function Na(){if(_a())throw ns(bi)}function Ua(){if("undefined"==typeof window)throw ns(Pi)}function La(e){if(!e)throw ns($i)}function Ha(e){Ua(),xa(),Na(),La(e)}function Fa(e,t){if(Ha(e),qa(t.system.allowRedirectInIframe),t.cache.cacheLocation===Ts.MemoryStorage)throw ka(Ia)}function Da(e){const t=document.createElement("link");t.rel="preconnect",t.href=new URL(e).origin,t.crossOrigin="anonymous",document.head.appendChild(t),window.setTimeout((()=>{try{document.head.removeChild(t)}catch{}}),1e4)}function Ka(){return ca()}const Ba=tr;var za=Object.freeze({__proto__:null,addClientCapabilitiesToClaims:Ba,blockAPICallsBeforeInitialize:La,blockAcquireTokenInPopups:Na,blockNonBrowserEnvironment:Ua,blockRedirectInIframe:qa,blockReloadInHiddenIframes:xa,cancelPendingBridgeResponse:Pa,clearAuthResponseFromUrl:function(e){"function"==typeof e.history?.replaceState&&e.history.replaceState(null,"",`${e.location.origin}${e.location.pathname}`)},clearHash:ba,createGuid:Ka,getCurrentUri:Oa,getHomepage:Ma,invoke:Un,invokeAsync:Ln,isInIframe:Sa,isInPopup:_a,parseAuthResponseFromUrl:Ta,preconnect:Da,preflightCheck:Ha,redirectPreflightCheck:Fa,replaceHash:Aa,waitForBridgeResponse:Ra});class ja{constructor(){this.dbName=Ks,this.version=1,this.tableName=Bs,this.dbOpen=!1}async open(){return new Promise(((e,t)=>{const r=window.indexedDB.open(this.dbName,this.version);r.addEventListener("upgradeneeded",(e=>{e.target.result.createObjectStore(this.tableName)})),r.addEventListener("success",(t=>{const r=t;this.db=r.target.result,this.dbOpen=!0,e()})),r.addEventListener("error",(()=>t(ns(Di))))}))}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async setItem(e,t){return await this.validateDbIsOpen(),new Promise(((r,n)=>{if(!this.db)return n(ns(Ri));const o=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);o.addEventListener("success",(()=>{this.closeConnection(),r()})),o.addEventListener("error",(e=>{this.closeConnection(),n(e)}))}))}async removeItem(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);n.addEventListener("success",(()=>{this.closeConnection(),t()})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async getKeys(){return await this.validateDbIsOpen(),new Promise(((e,t)=>{if(!this.db)return t(ns(Ri));const r=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();r.addEventListener("success",(t=>{const r=t;this.closeConnection(),e(r.target.result)})),r.addEventListener("error",(e=>{this.closeConnection(),t(e)}))}))}async containsKey(e){return await this.validateDbIsOpen(),new Promise(((t,r)=>{if(!this.db)return r(ns(Ri));const n=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);n.addEventListener("success",(e=>{const r=e;this.closeConnection(),t(1===r.target.result)})),n.addEventListener("error",(e=>{this.closeConnection(),r(e)}))}))}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise(((e,t)=>{const r=window.indexedDB.deleteDatabase(Ks),n=setTimeout((()=>t(!1)),200);r.addEventListener("success",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("blocked",(()=>(clearTimeout(n),e(!0)))),r.addEventListener("error",(()=>(clearTimeout(n),t(!1))))}))}}class $a{constructor(){this.cache=new Map}async initialize(){}getItem(e){return this.cache.get(e)||null}getUserData(e){return this.getItem(e)}setItem(e,t){this.cache.set(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach(((t,r)=>{e.push(r)})),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}decryptData(){return Promise.resolve(null)}}class Ja{constructor(e){this.inMemoryCache=new $a,this.indexedDBCache=new ja,this.logger=e}handleDatabaseAccessError(e,t){if(!(e instanceof rs&&e.errorCode===Di))throw e;this.logger.error("1wx7zz",t)}async getItem(e,t){const r=this.inMemoryCache.getItem(e);if(!r)try{return this.logger.verbose("0naxpl",t),await this.indexedDBCache.getItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}async setItem(e,t,r){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(e){this.handleDatabaseAccessError(e,r)}}async removeItem(e,t){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(e){this.handleDatabaseAccessError(e,t)}}async getKeys(e){const t=this.inMemoryCache.getKeys();if(0===t.length)try{return this.logger.verbose("1iqrbq",e),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t,e)}return t}async containsKey(e,t){const r=this.inMemoryCache.containsKey(e);if(!r)try{return this.logger.verbose("03zl2j",t),await this.indexedDBCache.containsKey(e)}catch(e){this.handleDatabaseAccessError(e,t)}return r}clearInMemory(e){this.logger.verbose("03r21p",e),this.inMemoryCache.clear(),this.logger.verbose("0uksk1",e)}async clearPersistent(e){try{this.logger.verbose("0rdqut",e);const t=await this.indexedDBCache.deleteDatabase();return t&&this.logger.verbose("149ouc",e),t}catch(t){return this.handleDatabaseAccessError(t,e),!1}}}class Wa{constructor(e,t,r){this.logger=e,function(e){if(!window)throw ns(Pi);if(!window.crypto)throw ns(hi);if(!e&&!window.crypto.subtle)throw ns(hi,"crypto_subtle_undefined")}(r??!1),this.cache=new Ja(this.logger),this.performanceClient=t}createNewGuid(){return ca()}base64Encode(e){return Ws(e)}base64Decode(e){return os(e)}base64UrlEncode(e){return $s(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){const t=this.performanceClient?.startMeasurement("cryptoOptsGetPublicKeyThumbprint",e.correlationId),r=await async function(e,t){return window.crypto.subtle.generateKey(oa,e,t)}(Wa.EXTRACTABLE,Wa.POP_KEY_USAGES),n=await ha(r.publicKey),o=Ga({e:n.e,kty:n.kty,n:n.n}),i=await this.hashString(o),s=await ha(r.privateKey),a=await async function(e,t,r){return window.crypto.subtle.importKey("jwk",e,oa,t,r)}(s,!1,["sign"]);return await this.cache.setItem(i,{privateKey:a,publicKey:r.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri},e.correlationId),t&&t.end({success:!0}),i}async removeTokenBindingKey(e,t){await this.cache.removeItem(e,t);if(await this.cache.containsKey(e,t))throw Ae(kt)}async clearKeystore(e){this.cache.clearInMemory(e);try{return await this.cache.clearPersistent(e),!0}catch(t){return t instanceof Error?this.logger.error("1owpn8",e):this.logger.error("0yrmwo",e),!1}}async signJwt(e,t,r,n){const o=this.performanceClient?.startMeasurement("cryptoOptsSignJwt",n),i=await this.cache.getItem(t,n||"");if(!i)throw ns(Ui);const s=await ha(i.publicKey),a=Ga(s),c=$s(JSON.stringify({kid:t})),h=$s(Lo.getShrHeaderString({...r?.header,alg:s.alg,kid:c}));e.cnf={jwk:JSON.parse(a)};const l=`${h}.${$s(JSON.stringify(e))}`,d=(new TextEncoder).encode(l),u=await async function(e,t){return window.crypto.subtle.sign(oa,e,t)}(i.privateKey,d),g=`${l}.${Js(new Uint8Array(u))}`;return o&&o.end({success:!0}),g}async hashString(e){return async function(e){const t=await ia(e);return Js(new Uint8Array(t))}(e)}}function Ga(e){return JSON.stringify(e,Object.keys(e).sort())}Wa.POP_KEY_USAGES=["sign","verify"],Wa.EXTRACTABLE=!0;const Qa="acquireTokenSilent",Va="acquireTokenByCode",Ya="acquireTokenPopup",Za="acquireTokenPreRedirect",Xa="acquireTokenRedirect",ec="ssoSilent",tc="initializeClientApplication",rc="localStorageUpdated",nc="loadExternalTokens",oc="ssoCapable";var ic=Object.freeze({__proto__:null,AcquireTokenByCode:Va,AcquireTokenPopup:Ya,AcquireTokenPreRedirect:Za,AcquireTokenRedirect:Xa,AcquireTokenSilent:Qa,InitializeClientApplication:tc,LoadExternalTokens:nc,LocalStorageUpdated:rc,SsoCapable:oc,SsoSilent:ec,WaitForBridgeLateResponse:"waitForBridgeLateResponse"});const sc="msal",ac="browser",cc=`${sc}.${ac}.log.level`,hc=`${sc}.${ac}.log.pii`,lc=`${sc}.${ac}.performance.enabled`,dc=`${sc}.version`,uc="account.keys",gc="token.keys",pc=`${sc}.${ac}.sso.capable`;function mc(e=3){return e<1?`${sc}.${uc}`:`${sc}.${e}.${uc}`}function fc(e,t=3){return t<1?`${sc}.${gc}.${e}`:`${sc}.${t}.${gc}.${e}`}const yc=864e5,wc="Lax",Ic="None";class Cc{initialize(){return Promise.resolve()}getItem(e){const t=encodeURIComponent(e),r=document.cookie.split(";");for(let e=0;e<r.length;e++){const n=r[e].trim(),o=n.indexOf("=");if((-1===o?n:n.substring(0,o))===t){const e=-1===o?"":n.substring(o+1);try{return decodeURIComponent(e)}catch{return e}}}return""}getUserData(){throw Ae(_t)}setItem(e,t,r,n=!0,o=wc){let i=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=${o};`;if(r){const e=function(e){const t=new Date,r=new Date(t.getTime()+e*yc);return r.toUTCString()}(r);i+=`expires=${e};`}(n||o===Ic)&&(i+="Secure;"),document.cookie=i}async setUserData(){return Promise.reject(Ae(_t))}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach((e=>{const r=e.trim(),n=r.indexOf("="),o=-1===n?r:r.substring(0,n);try{t.push(decodeURIComponent(o))}catch{}})),t}containsKey(e){return this.getKeys().includes(e)}decryptData(){return Promise.resolve(null)}}function vc(e,t){const r=e.getItem(mc(t));return r?JSON.parse(r):[]}function kc(e,t,r){const n=t.getItem(fc(e,r));if(n){const e=JSON.parse(n);if(e&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("accessToken")&&e.hasOwnProperty("refreshToken"))return e}return{idToken:[],accessToken:[],refreshToken:[]}}function Tc(e){return e.hasOwnProperty("id")&&e.hasOwnProperty("nonce")&&e.hasOwnProperty("data")}const bc="msal.cache.encryption";class Ac{constructor(e,t,r){if(!window.localStorage)throw ka(ya);this.memoryStorage=new $a,this.initialized=!1,this.clientId=e,this.logger=t,this.performanceClient=r,this.broadcast=new BroadcastChannel("msal.broadcast.cache")}async initialize(e){const t=new Cc,r=t.getItem(bc);let n={key:"",id:""};if(r)try{n=JSON.parse(r)}catch(e){}if(n.key&&n.id){const t=Un(is,"base64Decode",this.logger,this.performanceClient,e)(n.key);this.encryptionCookie={id:n.id,key:await Ln(ga,ni,this.logger,this.performanceClient,e)(t)}}else{const r=ca(),n=await Ln(ua,"generateBaseKey",this.logger,this.performanceClient,e)(),o=Un(Js,"urlEncodeArr",this.logger,this.performanceClient,e)(new Uint8Array(n));this.encryptionCookie={id:r,key:await Ln(ga,ni,this.logger,this.performanceClient,e)(n)};const i={id:r,key:o};t.setItem(bc,JSON.stringify(i),0,!0,Ic)}await Ln(this.importExistingCache.bind(this),"importExistingCache",this.logger,this.performanceClient,e)(e),this.broadcast.addEventListener("message",(t=>{this.updateCache(t,e)})),this.initialized=!0}getItem(e){return window.localStorage.getItem(e)}getUserData(e){if(!this.initialized)throw ns($i);return this.memoryStorage.getItem(e)}async decryptData(e,t,r){if(!this.initialized||!this.encryptionCookie)throw ns($i);if(t.id!==this.encryptionCookie.id)return this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},r),null;const n=await Ln(fa,oi,this.logger,this.performanceClient,r)(this.encryptionCookie.key,t.nonce,this.getContext(e),t.data);if(!n)return null;try{return{...JSON.parse(n),lastUpdatedAt:t.lastUpdatedAt}}catch(e){return this.performanceClient.incrementFields({encryptedCacheCorruptionCount:1},r),null}}setItem(e,t){window.localStorage.setItem(e,t)}async setUserData(e,t,r,n,o){if(!this.initialized||!this.encryptionCookie)throw ns($i);if(o)this.setItem(e,t);else{const{data:o,nonce:i}=await Ln(ma,"encrypt",this.logger,this.performanceClient,r)(this.encryptionCookie.key,t,this.getContext(e)),s={id:this.encryptionCookie.id,nonce:i,data:o,lastUpdatedAt:n};this.setItem(e,JSON.stringify(s))}this.memoryStorage.setItem(e,t),this.broadcast.postMessage({key:e,value:t,context:this.getContext(e)})}removeItem(e){this.memoryStorage.containsKey(e)&&(this.memoryStorage.removeItem(e),this.broadcast.postMessage({key:e,value:null,context:this.getContext(e)})),window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}clear(){this.memoryStorage.clear();vc(this).forEach((e=>this.removeItem(e)));const e=kc(this.clientId,this);e.idToken.forEach((e=>this.removeItem(e))),e.accessToken.forEach((e=>this.removeItem(e))),e.refreshToken.forEach((e=>this.removeItem(e))),this.getKeys().forEach((e=>{(e.startsWith(sc)||-1!==e.indexOf(this.clientId))&&this.removeItem(e)}))}async importExistingCache(e){if(!this.encryptionCookie)return;let t=vc(this);t=await this.importArray(t,e),t.length?this.setItem(mc(),JSON.stringify(t)):this.removeItem(mc());const r=kc(this.clientId,this);r.idToken=await this.importArray(r.idToken,e),r.accessToken=await this.importArray(r.accessToken,e),r.refreshToken=await this.importArray(r.refreshToken,e),r.idToken.length||r.accessToken.length||r.refreshToken.length?this.setItem(fc(this.clientId),JSON.stringify(r)):this.removeItem(fc(this.clientId))}async getItemFromEncryptedCache(e,t){if(!this.encryptionCookie)return null;const r=this.getItem(e);if(!r)return null;let n;try{n=JSON.parse(r)}catch(e){return null}return Tc(n)?n.id!==this.encryptionCookie.id?(this.performanceClient.incrementFields({encryptedCacheExpiredCount:1},t),null):(this.performanceClient.incrementFields({encryptedCacheCount:1},t),Ln(fa,oi,this.logger,this.performanceClient,t)(this.encryptionCookie.key,n.nonce,this.getContext(e),n.data)):(this.performanceClient.incrementFields({unencryptedCacheCount:1},t),r)}async importArray(e,t){const r=[],n=[];return e.forEach((e=>{const o=this.getItemFromEncryptedCache(e,t).then((t=>{t?(this.memoryStorage.setItem(e,t),r.push(e)):this.removeItem(e)}));n.push(o)})),await Promise.all(n),r}getContext(e){let t="";return e.includes(this.clientId)&&(t=this.clientId),t}updateCache(e,t){this.logger.trace("17cxcm",t);const r=this.performanceClient.startMeasurement(rc);r.add({isBackground:!0});const{key:n,value:o,context:i}=e.data;return n?i&&i!==this.clientId?(this.logger.trace("04rtdy",t),void r.end({success:!1,errorCode:"contextMismatch"})):(o?(this.memoryStorage.setItem(n,o),this.logger.verbose("1vzsgt",t)):(this.memoryStorage.removeItem(n),this.logger.verbose("04ypih",t)),void r.end({success:!0})):(this.logger.error("0e10qr",t),void r.end({success:!1,errorCode:"noKey"}))}}class Sc{constructor(){if(!window.sessionStorage)throw ka(ya)}async initialize(){}getItem(e){return window.sessionStorage.getItem(e)}getUserData(e){return this.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}async setUserData(e,t){this.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}decryptData(){return Promise.resolve(null)}}const _c={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_SUCCESS:"msal:loginSuccess",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",BROKERED_REQUEST_START:"msal:brokeredRequestStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",BROKERED_REQUEST_SUCCESS:"msal:brokeredRequestSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",BROKERED_REQUEST_FAILURE:"msal:brokeredRequestFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache",BROKER_CONNECTION_ESTABLISHED:"msal:brokerConnectionEstablished"},Ec="@azure/msal-browser",Pc="5.12.0";function Rc(e,t){const r=e.indexOf(t);r>-1&&e.splice(r,1)}class Oc extends Gr{constructor(e,t,r,n,o,i,s){super(e,r,n,o,s),this.cacheConfig=t,this.logger=n,this.internalStorage=new $a,this.browserStorage=Mc(e,t.cacheLocation,n,o),this.temporaryCacheStorage=Mc(e,Ts.SessionStorage,n,o),this.cookieStorage=new Cc,this.eventHandler=i}async initialize(e){this.performanceClient.addFields({cacheLocation:this.cacheConfig.cacheLocation,cacheRetentionDays:this.cacheConfig.cacheRetentionDays},e),await this.browserStorage.initialize(e),await this.migrateExistingCache(e),this.trackVersionChanges(e)}async migrateExistingCache(e){let t=vc(this.browserStorage),r=kc(this.clientId,this.browserStorage);this.performanceClient.addFields({preMigrateAcntCount:t.length,preMigrateATCount:r.accessToken.length,preMigrateITCount:r.idToken.length,preMigrateRTCount:r.refreshToken.length},e);for(let t=0;t<3;t++){const r=t;await this.removeStaleAccounts(t,r,e)}for(let t=0;t<3;t++){const r=t;await this.migrateIdTokens(t,r,e)}const n=this.getKMSIValues();for(let t=0;t<3;t++)await this.migrateAccessTokens(t,n,e),await this.migrateRefreshTokens(t,n,e);t=vc(this.browserStorage),r=kc(this.clientId,this.browserStorage),this.performanceClient.addFields({postMigrateAcntCount:t.length,postMigrateATCount:r.accessToken.length,postMigrateITCount:r.idToken.length,postMigrateRTCount:r.refreshToken.length},e)}async updateOldEntry(e,t){const r=this.browserStorage.getItem(e),n=this.validateAndParseJson(r||"");if(!n)return this.browserStorage.removeItem(e),null;if(n.lastUpdatedAt){if(fn(n.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))return this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null}else n.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(n),t);const o=Tc(n)?await this.browserStorage.decryptData(e,n,t):n;return o&&vn(o)?(kn(o)||Tn(o))&&o.expiresOn&&mn(o.expiresOn,300)?(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredCacheRemovedCount:1},t),null):o:(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({invalidCacheCount:1},t),null)}async removeStaleAccounts(e,t,r){const n=vc(this.browserStorage,e);if(0!==n.length){for(const e of[...n]){this.performanceClient.incrementFields({oldAcntCount:1},r);const o=this.browserStorage.getItem(e),i=this.validateAndParseJson(o||"");if(i)if(i.lastUpdatedAt){if(fn(i.lastUpdatedAt,this.cacheConfig.cacheRetentionDays))await this.removeAccountOldSchema(e,i,t,r),Rc(n,e);else if(Tc(i)){await this.browserStorage.decryptData(e,i,r)||(this.browserStorage.removeItem(e),this.performanceClient.incrementFields({expiredAcntRemovedCount:1},r),Rc(n,e))}}else i.lastUpdatedAt=Date.now().toString(),this.setItem(e,JSON.stringify(i),r);else this.browserStorage.removeItem(e),Rc(n,e)}this.setAccountKeys(n,r,e)}}async removeAccountOldSchema(e,t,r,n){const o=Tc(t)?await this.browserStorage.decryptData(e,t,n):t,i=o?.homeAccountId;if(i){const e=this.getTokenKeys(r);[...e.idToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.idToken,t)})),[...e.accessToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.accessToken,t)})),[...e.refreshToken].filter((e=>e.includes(i))).forEach((t=>{this.browserStorage.removeItem(t),Rc(e.refreshToken,t)})),this.setTokenKeys(e,n,r)}this.performanceClient.incrementFields({expiredAcntRemovedCount:1},n),this.browserStorage.removeItem(e)}getKMSIValues(){const e={},t=this.getTokenKeys().idToken;for(const r of t){const t=this.browserStorage.getUserData(r);if(t){const r=JSON.parse(t),n=br(r.secret,os);n&&(e[r.homeAccountId]=Ar(n))}}return e}async migrateIdTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.idToken.length)return;const o=kc(this.clientId,this.browserStorage,3),i=vc(this.browserStorage),s=vc(this.browserStorage,t);for(const e of[...n.idToken]){this.performanceClient.incrementFields({oldITCount:1},r);const t=await this.updateOldEntry(e,r);if(!t){Rc(n.idToken,e);continue}const a=i.find((e=>e.includes(t.homeAccountId))),c=s.find((e=>e.includes(t.homeAccountId)));let h=null;if(a)h=this.getAccount(a,r);else if(c){const e=this.browserStorage.getItem(c),t=this.validateAndParseJson(e||"");h=t&&Tc(t)?await this.browserStorage.decryptData(c,t,r):t}if(!h){this.performanceClient.incrementFields({skipITMigrateCount:1},r);continue}const l=br(t.secret,os),d=this.generateCredentialKey(t),u=this.getIdTokenCredential(d,r),g=Object.keys(l).includes("signin_state"),p=u&&Object.keys(br(u.secret,os)||{}).includes("signin_state");if(!u||t.lastUpdatedAt>u.lastUpdatedAt&&(g||!p)){const e=h.tenantProfiles||[],n=zr(l)||h.realm;if(n&&!e.find((e=>e.tenantId===n))){const t=kr(h.homeAccountId,h.localAccountId,n,l);e.push(t)}h.tenantProfiles=e;const s=this.generateAccountKey($r(h)),a=Ar(l);await this.setUserData(s,JSON.stringify(h),r,h.lastUpdatedAt,a),i.includes(s)||i.push(s),await this.setUserData(d,JSON.stringify(t),r,t.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedITCount:1},r),o.idToken.includes(d)||o.idToken.push(d)}}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r),this.setAccountKeys(i,r)}async migrateAccessTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.accessToken.length)return;const o=kc(this.clientId,this.browserStorage,3);for(const e of[...n.accessToken]){this.performanceClient.incrementFields({oldATCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Rc(n.accessToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipATMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.accessToken.includes(s)){const e=this.getAccessTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedATCount:1},r),o.accessToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}async migrateRefreshTokens(e,t,r){const n=kc(this.clientId,this.browserStorage,e);if(0===n.refreshToken.length)return;const o=kc(this.clientId,this.browserStorage,3);for(const e of[...n.refreshToken]){this.performanceClient.incrementFields({oldRTCount:1},r);const i=await this.updateOldEntry(e,r);if(!i){Rc(n.refreshToken,e);continue}if(!(i.homeAccountId in t)){this.performanceClient.incrementFields({skipRTMigrateCount:1},r);continue}const s=this.generateCredentialKey(i),a=t[i.homeAccountId];if(o.refreshToken.includes(s)){const e=this.getRefreshTokenCredential(s,r);(!e||i.lastUpdatedAt>e.lastUpdatedAt)&&(await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r))}else await this.setUserData(s,JSON.stringify(i),r,i.lastUpdatedAt,a),this.performanceClient.incrementFields({migratedRTCount:1},r),o.refreshToken.push(s)}this.setTokenKeys(n,r,e),this.setTokenKeys(o,r)}trackVersionChanges(e){const t=this.browserStorage.getItem(dc);t&&(this.logger.info("1wuc87",e),this.performanceClient.addFields({previousLibraryVersion:t},e)),t!==Pc&&this.setItem(dc,Pc,e)}validateAndParseJson(e){if(!e)return null;try{const t=JSON.parse(e);return t&&"object"==typeof t?t:null}catch(e){return null}}setItem(e,t,r){const n=new Array(4).fill(0),o=[];for(let i=0;i<=20;i++)try{if(this.browserStorage.setItem(e,t),i>0)for(let e=0;e<=3;e++){const t=n.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=i)break;const s=i>t+n[e]?t+n[e]:i;i>t&&n[e]>0&&this.removeAccessTokenKeys(o.slice(t,s),r,e)}break}catch(s){const a=Ur(s);if(!(a.errorCode===qr&&i<20))throw a;if(!o.length)for(let r=0;r<=3;r++)if(e===fc(this.clientId,r)){const e=JSON.parse(t).accessToken;o.push(...e),n[r]=e.length}else{const e=this.getTokenKeys(r).accessToken;o.push(...e),n[r]=e.length}if(o.length<=i)throw a;this.removeAccessToken(o[i],r,!1)}}async setUserData(e,t,r,n,o){const i=new Array(4).fill(0),s=[];for(let a=0;a<=20;a++)try{if(await Ln(this.browserStorage.setUserData.bind(this.browserStorage),"setUserData",this.logger,this.performanceClient,r)(e,t,r,n,o),a>0)for(let e=0;e<=3;e++){const t=i.slice(0,e).reduce(((e,t)=>e+t),0);if(t>=a)break;const n=a>t+i[e]?t+i[e]:a;a>t&&i[e]>0&&this.removeAccessTokenKeys(s.slice(t,n),r,e)}break}catch(e){const t=Ur(e);if(!(t.errorCode===qr&&a<20))throw t;if(!s.length)for(let e=0;e<=3;e++){const t=this.getTokenKeys(e).accessToken;s.push(...t),i[e]=t.length}if(s.length<=a)throw t;this.removeAccessToken(s[a],r,!1)}}getAccount(e,t){this.logger.trace("1lfvm6",t);const r=this.browserStorage.getUserData(e);if(!r)return this.removeAccountKeyFromMap(e,t),null;const n=this.validateAndParseJson(r);if(!(n&&(o=n,o&&o.hasOwnProperty("homeAccountId")&&o.hasOwnProperty("environment")&&o.hasOwnProperty("realm")&&o.hasOwnProperty("localAccountId")&&o.hasOwnProperty("username")&&o.hasOwnProperty("authorityType"))))return null;var o;const i=Gr.toObject({},n);var s;return this.performanceClient.addFields({accountCachedBy:(s=i.cachedByApiId,"number"==typeof s&&s in Ls?Ls[s]:"unknown")},t),i}async setAccount(e,t,r,n){this.logger.trace("1bz3wr",t);const o=this.generateAccountKey($r(e)),i=Date.now().toString();e.lastUpdatedAt=i,e.cachedByApiId=n,await this.setUserData(o,JSON.stringify(e),t,i,r),this.addAccountKeyToMap(o,t),this.performanceClient.addFields({kmsi:r},t)}setAccountKeys(e,t,r=3){0===e.length?this.removeItem(mc(r)):this.setItem(mc(r),JSON.stringify(e),t)}getAccountKeys(){return vc(this.browserStorage)}addAccountKeyToMap(e,t){this.logger.trace("0rb85k",t),this.logger.tracePii("1l9bdo",t);const r=this.getAccountKeys();return-1===r.indexOf(e)?(r.push(e),this.setItem(mc(),JSON.stringify(r),t),this.logger.verbose("0xia39",t),!0):(this.logger.verbose("0161kk",t),!1)}removeAccountKeyFromMap(e,t){this.logger.trace("1jpigu",t),this.logger.tracePii("1xzspl",t);const r=this.getAccountKeys(),n=r.indexOf(e);n>-1?(r.splice(n,1),this.setAccountKeys(r,t)):this.logger.trace("1dytu2",t)}removeAccount(e,t){const r=this.getActiveAccount(t);r?.homeAccountId===e.homeAccountId&&r?.environment===e.environment&&this.setActiveAccount(null,t),super.removeAccount(e,t),this.removeAccountKeyFromMap(this.generateAccountKey(e),t),this.browserStorage.getKeys().forEach((t=>{t.includes(e.homeAccountId)&&t.includes(e.environment)&&this.browserStorage.removeItem(t)}))}removeIdToken(e,t){super.removeIdToken(e,t);const r=this.getTokenKeys(),n=r.idToken.indexOf(e);n>-1&&(this.logger.info("05udv9",t),r.idToken.splice(n,1),this.setTokenKeys(r,t))}removeAccessToken(e,t,r=!0){super.removeAccessToken(e,t),r&&this.removeAccessTokenKeys([e],t)}removeAccessTokenKeys(e,t,r=3){this.logger.trace("17o18n",t);const n=this.getTokenKeys(r);let o=0;if(e.forEach((e=>{const t=n.accessToken.indexOf(e);t>-1&&(n.accessToken.splice(t,1),o++)})),o>0)return this.logger.info("15i5d5",t),void this.setTokenKeys(n,t,r)}removeRefreshToken(e,t){super.removeRefreshToken(e,t);const r=this.getTokenKeys(),n=r.refreshToken.indexOf(e);n>-1&&(this.logger.info("1f4fq3",t),r.refreshToken.splice(n,1),this.setTokenKeys(r,t))}getTokenKeys(e=3){return kc(this.clientId,this.browserStorage,e)}setTokenKeys(e,t,r=3){0!==e.idToken.length||0!==e.accessToken.length||0!==e.refreshToken.length?this.setItem(fc(this.clientId,r),JSON.stringify(e),t):this.removeItem(fc(this.clientId,r))}getIdTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("1jukz6",t),this.removeIdToken(e,t),null;const n=this.validateAndParseJson(r);return n&&((o=n)&&vn(o)&&o.hasOwnProperty("realm")&&o.credentialType===H.ID_TOKEN)?(this.logger.trace("01ju66",t),n):(this.logger.trace("1jukz6",t),null);var o}async setIdTokenCredential(e,t,r){this.logger.trace("13hjll",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.idToken.indexOf(n)&&(this.logger.info("07jy92",t),i.idToken.push(n),this.setTokenKeys(i,t))}getAccessTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0bqvx8",t),this.removeAccessTokenKeys([e],t),null;const n=this.validateAndParseJson(r);return n&&kn(n)?(this.logger.trace("1o81rl",t),n):(this.logger.trace("0bqvx8",t),null)}async setAccessTokenCredential(e,t,r){this.logger.trace("1pondb",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys(),s=i.accessToken.indexOf(n);-1!==s&&i.accessToken.splice(s,1),this.logger.trace("1onhey",t),i.accessToken.push(n),this.setTokenKeys(i,t)}getRefreshTokenCredential(e,t){const r=this.browserStorage.getUserData(e);if(!r)return this.logger.trace("0jlizt",t),this.removeRefreshToken(e,t),null;const n=this.validateAndParseJson(r);return n&&Tn(n)?(this.logger.trace("0nokxi",t),n):(this.logger.trace("0jlizt",t),null)}async setRefreshTokenCredential(e,t,r){this.logger.trace("0tcg8d",t);const n=this.generateCredentialKey(e),o=Date.now().toString();e.lastUpdatedAt=o,await this.setUserData(n,JSON.stringify(e),t,o,r);const i=this.getTokenKeys();-1===i.refreshToken.indexOf(n)&&(this.logger.info("0eckjs",t),i.refreshToken.push(n),this.setTokenKeys(i,t))}getAppMetadata(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1q101h",t),null;const n=this.validateAndParseJson(r);return n&&(o=e,(i=n)&&0===o.indexOf(F)&&i.hasOwnProperty("clientId")&&i.hasOwnProperty("environment"))?(this.logger.trace("19pvg2",t),n):(this.logger.trace("1q101h",t),null);var o,i}setAppMetadata(e,t){this.logger.trace("0cyma6",t);const r=function({environment:e,clientId:t}){return[F,e,t].join("-").toLowerCase()}(e);this.setItem(r,JSON.stringify(e),t)}getServerTelemetry(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("0jk19c",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){const r=0===e.indexOf(W);let n=!0;return t&&(n=t.hasOwnProperty("failedRequests")&&t.hasOwnProperty("errors")&&t.hasOwnProperty("cacheHits")),r&&n}(e,n)?(this.logger.trace("12jguk",t),n):(this.logger.trace("0jk19c",t),null)}setServerTelemetry(e,t,r){this.logger.trace("1poh61",r),this.setItem(e,JSON.stringify(t),r)}getAuthorityMetadata(e,t){const r=this.internalStorage.getItem(e);if(!r)return this.logger.trace("1r39oe",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){return!!t&&0===e.indexOf(K)&&t.hasOwnProperty("aliases")&&t.hasOwnProperty("preferred_cache")&&t.hasOwnProperty("preferred_network")&&t.hasOwnProperty("canonical_authority")&&t.hasOwnProperty("authorization_endpoint")&&t.hasOwnProperty("token_endpoint")&&t.hasOwnProperty("issuer")&&t.hasOwnProperty("aliasesFromNetwork")&&t.hasOwnProperty("endpointsFromNetwork")&&t.hasOwnProperty("expiresAt")&&t.hasOwnProperty("jwks_uri")}(e,n)?(this.logger.trace("1ohvk3",t),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter((e=>this.isAuthorityMetadata(e)))}setWrapperMetadata(e,t){this.internalStorage.setItem(qs,e),this.internalStorage.setItem(Ns,t)}getWrapperMetadata(){return[this.internalStorage.getItem(qs)||"",this.internalStorage.getItem(Ns)||""]}setAuthorityMetadata(e,t,r){this.logger.trace("07w8n2",r),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(e){const t=this.generateCacheKey(A),r=this.browserStorage.getItem(t);if(!r)return this.logger.trace("08gw0e",e),null;const n=this.validateAndParseJson(r);return n?(this.logger.trace("1t3ch7",e),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId},e)):(this.logger.trace("0me1up",e),null)}setActiveAccount(e,t){const r=this.generateCacheKey(A);if(e){this.logger.verbose("0rsj80",t);const n={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.setItem(r,JSON.stringify(n),t)}else this.logger.verbose("1bp5z5",t),this.browserStorage.removeItem(r);this.eventHandler.emitEvent(_c.ACTIVE_ACCOUNT_CHANGED,t)}getThrottlingCache(e,t){const r=this.browserStorage.getItem(e);if(!r)return this.logger.trace("1h4wa6",t),null;const n=this.validateAndParseJson(r);return n&&function(e,t){let r=!1;e&&(r=0===e.indexOf(V));let n=!0;return t&&(n=t.hasOwnProperty("throttleTime")),r&&n}(e,n)?(this.logger.trace("0of6n8",t),n):(this.logger.trace("1h4wa6",t),null)}setThrottlingCache(e,t,r){this.logger.trace("0wfgh6",r),this.setItem(e,JSON.stringify(t),r)}getTemporaryCache(e,t,r){this.logger.trace("1ordf8",t);const n=r?this.generateCacheKey(e):e;return this.temporaryCacheStorage.getItem(n)}setTemporaryCache(e,t,r){const n=r?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(n,t)}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e)}getKeys(){return this.browserStorage.getKeys()}clear(e){this.removeAllAccounts(e),this.removeAppMetadata(e),this.temporaryCacheStorage.getKeys().forEach((e=>{-1===e.indexOf(sc)&&-1===e.indexOf(this.clientId)||this.removeTemporaryItem(e)})),this.browserStorage.getKeys().forEach((e=>{-1===e.indexOf(sc)&&-1===e.indexOf(this.clientId)||this.browserStorage.removeItem(e)})),this.internalStorage.clear()}generateCacheKey(e){return Te.startsWith(e,sc)?e:`${sc}.${this.clientId}.${e}`}generateCredentialKey(e){const t=e.credentialType===H.REFRESH_TOKEN&&e.familyId||e.clientId,r=e.tokenType&&e.tokenType.toLowerCase()!==Q.BEARER.toLowerCase()?e.tokenType.toLowerCase():"";return[`${sc}.3`,e.homeAccountId,e.environment,e.credentialType,t,e.realm||"",e.target||"",r].join("|").toLowerCase()}generateAccountKey(e){const t=e.homeAccountId.split(".")[1];return[`${sc}.3`,e.homeAccountId,e.environment,t||e.tenantId||""].join("|").toLowerCase()}resetRequestCache(e){this.logger.trace("0h0ynu",e),this.removeTemporaryItem(this.generateCacheKey(Rs)),this.removeTemporaryItem(this.generateCacheKey(Os)),this.removeTemporaryItem(this.generateCacheKey(Es)),this.removeTemporaryItem(this.generateCacheKey(Ps)),this.removeTemporaryItem(this.generateCacheKey(xs)),this.setInteractionInProgress(!1,void 0)}cacheAuthorizeRequest(e,t,r){this.logger.trace("1tzef5",t);const n=Ws(JSON.stringify(e));if(this.setTemporaryCache(Rs,n,!0),r){const e=Ws(r);this.setTemporaryCache(Os,e,!0)}}getCachedRequest(e){this.logger.trace("0uen20",e);const t=this.getTemporaryCache(Rs,e,!0);if(!t)throw ns(_i);const r=this.getTemporaryCache(Os,e,!0);let n,o="";try{n=JSON.parse(os(t)),r&&(o=os(r))}catch(t){throw this.logger.errorPii("0ewsey",e),this.logger.error("0tvdic",e),ns(Ei)}return[n,o]}getCachedNativeRequest(){this.logger.trace("1yxcdm","");const e=this.getTemporaryCache(xs,"",!0);if(!e)return this.logger.trace("0mnxd4",""),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("0rrkip",""),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress()?.clientId;return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${sc}.${Ms}`,t=this.getTemporaryCache(e,"",!1);try{return t?JSON.parse(t):null}catch(t){return this.logger.error("0jjyys",""),this.removeTemporaryItem(e),this.resetRequestCache(""),ba(window),null}}setInteractionInProgress(e,t=Ss,r=!1,n=""){const o=`${sc}.${Ms}`;if(e){if(this.getInteractionInProgress()){if(!r)throw ns(fi);this.logger.warning("1pmscr",n),Pa(this.logger,n),this.removeTemporaryItem(o)}this.setTemporaryCache(o,JSON.stringify({clientId:this.clientId,type:t}),!1)}else e||this.getInteractionInProgress()?.clientId!==this.clientId||this.removeTemporaryItem(o)}async hydrateCache(e,t){const r=wn(e.account.homeAccountId,e.account.environment,e.idToken,this.clientId,e.tenantId),n=In(e.account.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?gn(e.expiresOn):0,e.extExpiresOn?gn(e.extExpiresOn):0,os,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o={idToken:r,accessToken:n};return this.saveCacheRecord(o,e.correlationId,Ar(br(e.idToken,os)),Us.hydrateCache)}async saveCacheRecord(e,t,r,n,o){try{await super.saveCacheRecord(e,t,r,n,o)}catch(e){if(e instanceof Nr&&this.performanceClient&&t)try{const e=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:e.refreshToken.length,cacheIdCount:e.idToken.length,cacheAtCount:e.accessToken.length},t)}catch(e){}throw e}}}function Mc(e,t,r,n){try{switch(t){case Ts.LocalStorage:return new Ac(e,r,n);case Ts.SessionStorage:return new Sc}}catch(e){r.error(e,"")}return new $a}const xc=(e,t,r,n)=>new Oc(e,{cacheLocation:Ts.MemoryStorage,cacheRetentionDays:5},gr,t,r,n);function qc(e,t,r,n,o){return e.verbose("1yd030",n),r?t.getAllAccounts(o,n):[]}function Nc(e,t,r,n){t.trace("0u7b90",n);const o=r.getAccountInfoFilteredBy(e,n);return o?(t.verbose("0btgll",n),o):(t.verbose("0ltaj5",n),null)}function Uc(e,t,r){t.setActiveAccount(e,r)}function Lc(e,t){return e.getActiveAccount(t)}class Hc{constructor(e){this.eventCallbacks=new Map,this.logger=e||new yr({}),"undefined"!=typeof BroadcastChannel&&(this.broadcastChannel=new BroadcastChannel("msal.broadcast.event")),this.invokeCrossTabCallbacks=this.invokeCrossTabCallbacks.bind(this)}addEventCallback(e,t,r){if("undefined"!=typeof window){const n=r||Ka();return this.eventCallbacks.has(n)?(this.logger.error("1578i0",""),null):(this.eventCallbacks.set(n,[e,t||[]]),this.logger.verbose("1cnec4",""),n)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose("12zotd","")}emitEvent(e,t,r,n,o){const i={eventType:e,interactionType:r||null,payload:n||null,error:o||null,correlationId:t,timestamp:Date.now()};switch(e){case _c.LOGIN_SUCCESS:case _c.LOGOUT_SUCCESS:case _c.ACTIVE_ACCOUNT_CHANGED:this.broadcastChannel?.postMessage(i)}this.invokeCallbacks(i)}invokeCallbacks(e){this.eventCallbacks.forEach((([t,r],n)=>{(0===r.length||r.includes(e.eventType))&&(this.logger.verbose("15jpwk",""),t.apply(null,[e]))}))}invokeCrossTabCallbacks(e){const t=e.data;this.invokeCallbacks(t)}subscribeCrossTab(){this.broadcastChannel?.addEventListener("message",this.invokeCrossTabCallbacks)}unsubscribeCrossTab(){this.broadcastChannel?.removeEventListener("message",this.invokeCrossTabCallbacks)}}class Fc{constructor(e,t,r,n,o,i,s,a,c){this.config=e,this.browserStorage=t,this.browserCrypto=r,this.networkClient=this.config.system.networkClient,this.eventHandler=o,this.navigationClient=i,this.platformAuthProvider=c,this.correlationId=a,this.logger=n.clone(ls,Pc),this.performanceClient=s}}function Dc(e,t,r,n){r.verbose("0bd1la",n);const o=e||t||"";return _r.getAbsoluteUrl(o,Oa())}function Kc(e,t,r,n,o,i){o.verbose("1p12tq",r);const s={clientId:t,correlationId:r,apiId:e,forceRefresh:!1,wrapperSKU:n.getWrapperMetadata()[0],wrapperVer:n.getWrapperMetadata()[1]};return new qo(s,n)}async function Bc(e,t,r,n,o,i,s,a,c){const h=a&&a.hasOwnProperty("instance_aware")?a.instance_aware:void 0,l={protocolMode:e.system.protocolMode,OIDCOptions:e.auth.OIDCOptions,knownAuthorities:e.auth.knownAuthorities,cloudDiscoveryMetadata:e.auth.cloudDiscoveryMetadata,authorityMetadata:e.auth.authorityMetadata},d=i||e.auth.authority,u=h?.length?"true"===h:e.auth.instanceAware,g=c&&u?e.auth.authority.replace(_r.getDomainFromUrl(d),c.environment):d,p=wo.generateAuthority(g,s||e.auth.azureCloudOptions),m=await Ln(vo,"authorityFactoryCreateDiscoveredInstance",o,r,t)(p,e.system.networkClient,n,l,o,t,r);if(c&&!m.isAlias(c.environment))throw ke(je);return m}async function zc(e,t,r,n,o){if(o)try{e.removeAccount(o,n),r.verbose("0s4z6h",n)}catch(e){r.error("0mgg1d",n)}else try{r.verbose("0zj631",n),e.clear(n),await t.clearKeystore(n)}catch(e){r.error("12ih0c",n)}}async function jc(e,t,r,n,o){const i=e.authority||t.auth.authority,s=[...e&&e.scopes||[]],a={...e,correlationId:e.correlationId,authority:i,scopes:s};if(a.authenticationScheme){if(a.authenticationScheme===Q.SSH){if(!e.sshJwk)throw ke(He);if(!e.sshKid)throw ke(Fe)}n.verbose("1ecmns",o)}else a.authenticationScheme=Q.BEARER,n.verbose("1l4fwv",o);return a}async function $c(e,t,r,n,o){const i=await Ln(jc,jo,o,n,e.correlationId)(e,r,n,o,e.correlationId);return{...e,...i,account:t,forceRefresh:e.forceRefresh||!1}}function Jc(e,t){let r;const n=e.httpMethod;if(t===jr.EAR){if(n&&n!==p)throw ke($e);r=p}else r=n||g;return r}class Wc extends Fc{initializeLogoutRequest(e){this.logger.verbose("0546u4",this.correlationId);const t={correlationId:this.correlationId,...e};if(e)if(e.logoutHint)this.logger.verbose("12k4l4",this.correlationId);else if(e.account){const r=e.account.loginHint||this.getLogoutHintFromIdTokenClaims(e.account);r&&(this.logger.verbose("0d7s8p",this.correlationId),t.logoutHint=r)}else this.logger.verbose("0pdtc3",this.correlationId);else this.logger.verbose("07ndze",this.correlationId);return e&&null===e.postLogoutRedirectUri?this.logger.verbose("0ljv63",t.correlationId):e&&e.postLogoutRedirectUri?(this.logger.verbose("1vamm6",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(e.postLogoutRedirectUri,Oa())):null===this.config.auth.postLogoutRedirectUri?this.logger.verbose("15m5g7",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("1f4xlz",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,Oa())):(this.logger.verbose("17s5rf",t.correlationId),t.postLogoutRedirectUri=_r.getAbsoluteUrl(Oa(),Oa())),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return this.logger.verbose("0u5bmc",this.correlationId),t.login_hint;this.logger.verbose("0mvp54",this.correlationId)}else this.logger.verbose("1e7bdp",this.correlationId);return null}async createAuthCodeClient(e){const t=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)(e);return new ko(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:r,requestAzureCloudOptions:n,requestExtraQueryParameters:o,account:i}=e,s=e.authority||await Ln(Bc,Ko,this.logger,this.performanceClient,this.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:s,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri,isMcp:this.config.auth.isMcp},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:a.loggerCallback,piiLoggingEnabled:a.piiLoggingEnabled,logLevel:a.logLevel,correlationId:this.correlationId},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:ls,version:Pc,cpu:"",os:""},telemetry:this.config.telemetry}}}async function Gc(e,t,r,n,o,i,s,a){const c=Dc(e.redirectUri,r.auth.redirectUri,i,a);new URL(c).origin!==new URL(window.location.href).origin&&(i.warning("08qbvw",a),s.addFields({isRedirectUriCrossOrigin:!0},a));const h={interactionType:t},l=ro(n,e&&e.state||"",h),d={...await Ln(jc,jo,i,s,a)({...e,correlationId:a},r,s,i,a),redirectUri:c,state:l,nonce:e.nonce||ca(),responseMode:r.auth.OIDCOptions.responseMode},u={...d,httpMethod:Jc(d,r.system.protocolMode)};if(e.loginHint||e.sid)return u;const g=e.account||o.getActiveAccount(a);return g&&(i.verbose("1eqlb3",a),i.verbosePii("0tf99t",a),u.account=g),u}function Qc(e,t,r,n){const o=lr(e);if(!o)throw hr(e)?(r.error("13pl0s",n),r.errorPii("1097vx",n),ns(gi)):(r.error("18h0l1",n),ns(di));return o}function Vc(e,t,r){if(!e.state)throw ns(ui);const n=function(e,t){if(!t)return null;try{return no(e.base64Decode,t).libraryState.meta}catch(e){throw Ae(nt)}}(t,e.state);if(!n)throw ns(pi);if(n.interactionType!==r)throw ns(mi)}class Yc{constructor(e,t,r,n,o){this.authModule=e,this.browserStorage=t,this.authCodeRequest=r,this.logger=n,this.performanceClient=o}async handleCodeResponse(e,t,r){let n;try{n=function(e,t){if(Eo(e,t),!e.code)throw Ae(vt);return e}(e,t.state)}catch(e){throw e instanceof to&&e.subError===Ci?ns(Ci):e}return Ln(this.handleCodeResponseFromServer.bind(this),On,this.logger,this.performanceClient,t.correlationId)(n,t,r)}async handleCodeResponseFromServer(e,t,r,n=!0){if(this.logger.trace("0mf2hb",t.correlationId),this.authCodeRequest.code=e.code,n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const e=this.createCcsCredentials(t);e&&(this.authCodeRequest.ccsCredential=e)}return await Ln(this.authModule.acquireToken.bind(this.authModule),"authClientAcquireToken",this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,r,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:so}:e.loginHint?{credential:e.loginHint,type:ao}:null}}class Zc extends Ie{constructor(e,t,r){super(e,t||ts(e)),Object.setPrototypeOf(this,Zc.prototype),this.name="NativeAuthError",this.ext=r}}function Xc(e){if(e.ext&&e.ext.status&&"DISABLED"===e.ext.status)return!0;if(e.ext&&e.ext.error&&-2147186943===e.ext.error)return!0;switch(e.errorCode){case"ContentError":case"PageException":return!0;default:return!1}}function eh(e,t,r){if(r&&r.status)switch(r.status){case"ACCOUNT_UNAVAILABLE":return eo(Kn,ts(e));case"USER_INTERACTION_REQUIRED":return new Zn(e,t);case"USER_CANCEL":return ns(Ci);case"NO_NETWORK":return ns(Oi);case"UI_NOT_ALLOWED":return eo(zn)}return new Zc(e,t,r)}class th extends Wc{async acquireToken(e){const t=Kc(Us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),r=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),n=new bo(r,this.performanceClient);this.logger.verbose("0wa871",this.correlationId);try{const t=(await Ln(n.acquireCachedToken.bind(n),"silentFlowClientAcquireCachedToken",this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),t}catch(e){throw e instanceof rs&&e.errorCode===Ui&&this.logger.verbose("06wena",this.correlationId),e}}logout(e){this.logger.verbose("1rkurh",this.correlationId);const t=this.initializeLogoutRequest(e);return zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account)}}class rh extends Fc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,d,c),this.apiId=s,this.accountId=h,this.platformAuthProvider=c,this.nativeStorageManager=l,this.silentCacheClient=new th(e,this.nativeStorageManager,r,n,o,i,a,d,c);const u=this.platformAuthProvider.getExtensionName();this.skus=qo.makeExtraSkuString({libraryName:ls,libraryVersion:Pc,extensionName:u,extensionVersion:this.platformAuthProvider.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[pe]:this.skus}}async acquireToken(e,t){this.logger.trace("03qeos",this.correlationId);const r=this.performanceClient.startMeasurement(Bo,this.correlationId),n=un(),o=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const i=await this.initializePlatformRequest(e);try{const e=await this.acquireTokensFromCache(this.accountId,i);return r.end({success:!0,isNativeBroker:!1,fromCache:!0}),e}catch(e){if(t===zs.AccessToken)throw this.logger.info("0eitbc",this.correlationId),r.end({success:!1,brokerErrorCode:"cache_request_failed"}),e;this.logger.info("0957j1",this.correlationId)}const s=await this.platformAuthProvider.sendMessage(i);return await this.handleNativeResponse(s,i,n).then((e=>(r.end({success:!0,isNativeBroker:!0,requestId:e.requestId}),o.clearNativeBrokerErrorCode(),e))).catch((e=>{throw r.end({success:!1,errorCode:e.errorCode,subErrorCode:e.subError}),e}))}catch(e){throw e instanceof Zc&&o.setNativeBrokerErrorCode(e.errorCode),r.end({success:!1}),e}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Mt.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("1ndf3e",this.correlationId),Ae(yt);const r=this.browserStorage.getBaseAccountInfo({nativeAccountId:e},this.correlationId);if(!r)throw Ae(yt);try{const e=this.createSilentCacheRequest(t,r),n=await this.silentCacheClient.acquireToken(e),o=this.browserStorage.getIdToken(r,this.correlationId,this.browserStorage.getTokenKeys(),r.tenantId),i=br(o?.secret||"",os),s=Tr(r,void 0,i,o?.secret);return{...n,idToken:o?.secret||"",idTokenClaims:i,account:s}}catch(e){throw e}}async acquireTokenRedirect(e,t,r){this.logger.trace("0luikq",this.correlationId);const n=await this.initializePlatformRequest(e),o=r?.navigateToLoginRequestUrl??!0;try{await this.platformAuthProvider.sendMessage(n)}catch(e){if(e instanceof Zc){if(Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).setNativeBrokerErrorCode(e.errorCode),Xc(e))throw e}}this.browserStorage.setTemporaryCache(xs,JSON.stringify(n),!0);const i={apiId:Us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},s=o?_r.getAbsoluteUrl(e.redirectStartPage||window.location.href,Oa()):Dc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId);t.end({success:!0}),await this.navigationClient.navigateExternal(s,i)}async handleRedirectPromise(){if(this.logger.trace("1c5lhw",this.correlationId),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",this.correlationId),null;const e=this.browserStorage.getCachedNativeRequest();if(!e)return this.logger.verbose("0a6zjb",this.correlationId),this.performanceClient?.addFields({errorCode:"no_cached_request"},this.correlationId),null;const{prompt:t,...r}=e;t&&this.logger.verbose("0ac34v",this.correlationId),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(xs));const n=un();try{this.logger.verbose("003x5a",this.correlationId);const e=await this.platformAuthProvider.sendMessage(r),t=await this.handleNativeResponse(e,r,n);return Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger).clearNativeBrokerErrorCode(),this.performanceClient?.addFields({isNativeBroker:!0},this.correlationId),t}catch(e){throw e}}logout(){return this.logger.trace("0u2sjm",this.correlationId),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,r){this.logger.trace("1bojln",this.correlationId);const n=br(e.id_token,os),o=this.createHomeAccountIdentifier(e,n),i=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId},this.correlationId)?.homeAccountId;if(t.extraParameters?.child_client_id&&e.account.id!==t.accountId)this.logger.info("1ub1in",this.correlationId);else if(o!==i&&e.account.id!==t.accountId)throw eh("user_switch");const s=await Bc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t.authority),a=io(this.browserStorage,s,o,os,this.correlationId,n,e.client_info,s.getPreferredCache(),n.tid,void 0,e.account.id,this.logger,this.performanceClient);e.expires_in=Number(e.expires_in);const c=await this.generateAuthenticationResult(e,t,n,a,s.canonicalAuthority,r);return await this.cacheAccount(a,Ar(n)),await this.cacheNativeTokens(e,t,o,n,c.tenantId,r,s.getPreferredCache()),c}createHomeAccountIdentifier(e,t){return Wr(e.client_info||"",Fr,this.logger,this.browserCrypto,this.correlationId,t)}generateScopes(e,t){return t?Mt.fromString(t):Mt.fromString(e)}async generatePopAccessToken(e,t){if(t.tokenType===Q.POP&&t.signPopToken){if(e.shr)return this.logger.trace("0coqhu",this.correlationId),e.shr;const r=new Fn(this.browserCrypto,this.performanceClient),n={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce,correlationId:this.correlationId};if(!t.keyId)throw Ae(bt);return r.signPopToken(e.access_token,t.keyId,n)}return e.access_token}async generateAuthenticationResult(e,t,r,n,o,i){const s=this.addTelemetryFromNativeResponse(e.properties.MATS),a=this.generateScopes(t.scope,e.scope),c=e.account.properties||{},h=c.UID||r.oid||r.sub||"",l=c.TenantId||r.tid||"",d=Tr($r(n),void 0,r,e.id_token);d.nativeAccountId!==e.account.id&&(d.nativeAccountId=e.account.id);const u=await this.generatePopAccessToken(e,t),g=t.tokenType===Q.POP?Q.POP:Q.BEARER;return{authority:o,uniqueId:h,tenantId:l,scopes:a.asArray(),account:d,idToken:e.id_token,idTokenClaims:r,accessToken:u,fromCache:!!s&&this.isResponseFromCache(s),expiresOn:pn(i+e.expires_in),tokenType:g,correlationId:this.correlationId,state:e.state,fromPlatformBroker:!0,...t.resource&&{resource:t.resource}}}async cacheAccount(e,t){await this.browserStorage.setAccount(e,this.correlationId,t,this.apiId),this.browserStorage.removeAccountContext($r(e),this.correlationId)}async cacheNativeTokens(e,t,r,n,o,i,s){const a=wn(r,s,e.id_token||"",t.clientId,n.tid||""),c=i+(t.tokenType===Q.POP?240:("string"==typeof e.expires_in?parseInt(e.expires_in,10):e.expires_in)||0),h=this.generateScopes(e.scope,t.scope),l=In(r,s,e.access_token,t.clientId,n.tid||o,h.printScopes(),c,0,os,void 0,t.tokenType,void 0,t.keyId);a&&!1!==t.storeInCache?.idToken&&await this.browserStorage.setIdTokenCredential(a,this.correlationId,Ar(n));const d={accessToken:l};return this.nativeStorageManager.saveCacheRecord(d,this.correlationId,Ar(n),this.apiId,t.storeInCache)}getExpiresInValue(e,t){return e===Q.POP?240:("string"==typeof t?parseInt(t,10):t)||0}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.platformAuthProvider.getExtensionId(),extensionVersion:this.platformAuthProvider.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}getMATSFromResponse(e){if(e)try{return JSON.parse(e)}catch(e){this.logger.error("0b3l57",this.correlationId)}return null}isResponseFromCache(e){return void 0===e.is_cached?(this.logger.verbose("1okqev",this.correlationId),!1):!!e.is_cached}async initializePlatformRequest(e){this.logger.trace("1xdm2a",this.correlationId);const t=await this.getCanonicalAuthority(e),r=e.skipBrokerClaims&&e.embeddedClientId?void 0:this.config.auth.clientCapabilities,{scopes:n,claims:o,...i}=e,s=new Mt(n||[]);s.appendScopes(m);const a={...i,claims:r&&r.length?tr(o,r):o,accountId:this.accountId,clientId:this.config.auth.clientId,authority:t.urlString,scope:s.printScopes(),redirectUri:Dc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId),prompt:this.getPrompt(e.prompt),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraParameters},extendedExpiryToken:!1,keyId:e.popKid};if(a.signPopToken&&e.popKid)throw ns(Gi);if(this.handleExtraBrokerParams(a),a.extraParameters=a.extraParameters||{},a.extraParameters.telemetry=gs,e.authenticationScheme===Q.POP){const t={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce,correlationId:this.correlationId},r=new Fn(this.browserCrypto,this.performanceClient);let n;if(a.keyId)n=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:a.keyId})),a.signPopToken=!1;else{const e=await Ln(r.generateCnf.bind(r),Mn,this.logger,this.performanceClient,this.correlationId)(t,this.logger);n=e.reqCnfString,a.keyId=e.kid,a.signPopToken=!0}a.reqCnf=n}return this.addRequestSKUs(a),a}async getCanonicalAuthority(e){const t=e.authority||this.config.auth.authority,{azureCloudOptions:r,account:n}=e;n&&await Bc(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,t,r,void 0,n);const o=new _r(t);return o.validateAsUri(),o}getPrompt(e){switch(this.apiId){case Us.ssoSilent:case Us.acquireTokenSilent_silentFlow:return this.logger.trace("12n1y2",this.correlationId),O.NONE}if(e)switch(e){case O.NONE:case O.CONSENT:case O.LOGIN:return this.logger.trace("0i0hco",this.correlationId),e;default:throw this.logger.trace("0w3tpw",this.correlationId),ns(Ji)}else this.logger.trace("0uid1p",this.correlationId)}handleExtraBrokerParams(e){const t=e.extraParameters&&e.extraParameters.hasOwnProperty(me)&&e.extraParameters.hasOwnProperty(fe)&&e.extraParameters.hasOwnProperty(he);if(!e.embeddedClientId&&!t)return;let r="";const n=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,r=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[fe],r=e.extraParameters[he]),e.extraParameters={child_client_id:r,child_redirect_uri:n},this.performanceClient?.addFields({embeddedClientId:r,embeddedRedirectUri:n},this.correlationId)}}const nh=new Map([["e","AAD"],["m","MSA"]]);function oh(e,t,r){const n=function(e){if(!e)return null;try{const t=(/%(?:[0-9A-Fa-f]{2})/.test(e)?decodeURIComponent(e):e).split("|");return t.length<5?null:{accountType:nh.get(t[0]?.trim()||"")||"",error:t[1]?.trim()||"",subError:t[2]?.trim()||"",cloudInstance:t[3]?.trim()||"",callerDataBoundary:t[4]?.trim()||""}}catch{return null}}(e.clientdata);n?.accountType&&r.addFields({accountType:n.accountType},t),n?.error&&r.addFields({serverErrorNo:n.error},t),n?.subError&&r.addFields({serverSubErrorNo:n.subError},t)}async function ih(e,t,r,n,o){const i=So({...e.auth,authority:t},r,n,o);if(jt(i,{sku:ls,version:Pc,os:"",cpu:""}),e.system.protocolMode!==jr.OIDC&&$t(i,e.telemetry.application),r.platformBroker&&(function(e){e.set("nativebroker","1")}(i),o.addFields({isPlatformAuthorizeRequest:!0},r.correlationId),r.authenticationScheme===Q.POP)){const e=new Wa(n,o),t=new Fn(e,o);let s;if(r.popKid)s=e.encodeKid(r.popKid);else{s=(await Ln(t.generateCnf.bind(t),Mn,n,o,r.correlationId)(r,n)).reqCnfString}rr(i,s)}return xt(i,r.correlationId,o),i}async function sh(e,t,r,n,o){if(!r.codeChallenge)throw ke(qe);const i=await Ln(ih,"getStandardParams",n,o,r.correlationId)(e,t,r,n,o);return qt(i,M),Wt(i,r.codeChallenge,h),er(i,{...r.extraQueryParameters,...r.extraParameters}),_o(t,i)}async function ah(e,t,r,n,o,i){if(!n.earJwk)throw ns(ai);const s=await ih(t,r,n,o,i);qt(s,x),function(e,t){e.set("ear_jwk",encodeURIComponent(t)),e.set("ear_jwe_crypto","eyJhbGciOiJkaXIiLCJlbmMiOiJBMjU2R0NNIn0")}(s,n.earJwk),Wt(s,n.codeChallenge,h),er(s,{...n.extraParameters});const a=new Map;er(a,n.extraQueryParameters||{}),zt(a,n.correlationId);return hh(e,_o(r,a),s)}async function ch(e,t,r,n,o,i){const s=await ih(t,r,n,o,i);qt(s,M),Wt(s,n.codeChallenge,n.codeChallengeMethod||h),er(s,{...n.extraParameters});const a=new Map;er(a,n.extraQueryParameters||{}),zt(a,n.correlationId);return hh(e,_o(r,a),s)}function hh(e,t,r){const n=e.createElement("form");return n.method="post",n.action=t,r.forEach(((t,r)=>{const o=e.createElement("input");o.hidden=!0,o.name=r,o.value=t,n.appendChild(o)})),e.body.appendChild(n),n}async function lh(e,t,r,n,o,i,s,a,c,h){if(a.verbose("11qcow",e.correlationId),!h)throw ns(ji);const l=new Wa(a,c),d=new rh(n,o,l,a,s,n.system.navigationClient,r,c,h,t,i,e.correlationId),{userRequestState:u}=no(l.base64Decode,e.state);return Ln(d.acquireToken.bind(d),Bo,a,c,e.correlationId)({...e,state:u,prompt:void 0})}async function dh(e,t,r,n,o,i,s,a,c,h,l,d){if(lo.removeThrottle(s,o.auth.clientId,e),oh(t,e.correlationId,l),t.accountId)return Ln(lh,Zo,h,l,e.correlationId)(e,t.accountId,n,o,s,a,c,h,l,d);const u={...e,code:t.code||"",codeVerifier:r},g=new Yc(i,s,u,h,l);return await Ln(g.handleCodeResponse.bind(g),"handleCodeResponse",h,l,e.correlationId)(t,e,n)}async function uh(e,t,r,n,o,i,s,a,c,h,l){if(lo.removeThrottle(i,n.auth.clientId,e),oh(t,e.correlationId,h),Eo(t,e.state),!t.ear_jwe)throw ns(ci);if(!e.earJwk)throw ns(ai);const d=JSON.parse(await Ln(da,"decryptEarResponse",c,h,e.correlationId)(e.earJwk,t.ear_jwe));if(d.accountId)return Ln(lh,Zo,c,h,e.correlationId)(e,d.accountId,r,n,i,s,a,c,h,l);const u=new oo(n.auth.clientId,i,new Wa(c,h),c,h,null,null);u.validateTokenResponse(d,e.correlationId);const g={code:"",state:e.state,nonce:e.nonce,client_info:d.client_info,cloud_graph_host_name:d.cloud_graph_host_name,cloud_instance_host_name:d.cloud_instance_host_name,cloud_instance_name:d.cloud_instance_name,msgraph_host:d.msgraph_host};return await Ln(u.handleServerTokenResponse.bind(u),xn,c,h,e.correlationId)(d,o,un(),e,r,g,void 0,void 0,void 0,void 0)}async function gh(e,t,r){const n=Un(ph,"generateCodeVerifier",t,e,r)(e,t,r);return{verifier:n,challenge:await Ln(mh,"generateCodeChallengeFromVerifier",t,e,r)(n,e,t,r)}}function ph(e,t,r){try{const n=new Uint8Array(32);Un(sa,"getRandomValues",t,e,r)(n);return Js(n)}catch(e){throw ns(si)}}async function mh(e,t,r,n){try{const o=await Ln(ia,"sha256Digest",r,t,n)(e);return Js(new Uint8Array(o))}catch(e){throw ns(si)}}class fh{navigateInternal(e,t){return fh.defaultNavigateWindow(e,t)}navigateExternal(e,t){return fh.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(((e,r)=>{setTimeout((()=>{r(ns(Zi,"failed_to_redirect"))}),t.timeout)}))}}class yh{async sendGetRequestAsync(e,t){let r,n={},o=0;const i=wh(t);try{r=await fetch(e,{method:bs,headers:i})}catch(e){throw go(ns(window.navigator.onLine?xi:Oi),void 0,void 0,e)}n=Ih(r.headers);try{return o=r.status,{headers:n,body:await r.json(),status:o}}catch(e){throw go(ns(qi),o,n,e)}}async sendPostRequestAsync(e,t){const r=t&&t.body||"",n=wh(t);let o,i=0,s={};try{o=await fetch(e,{method:As,headers:n,body:r})}catch(e){throw go(ns(window.navigator.onLine?Mi:Oi),void 0,void 0,e)}s=Ih(o.headers);try{return i=o.status,{headers:s,body:await o.json(),status:i}}catch(e){throw go(ns(qi),i,s,e)}}}function wh(e){try{const t=new Headers;if(!e||!e.headers)return t;const r=e.headers;return Object.entries(r).forEach((([e,r])=>{t.append(e,r)})),t}catch(e){throw go(ns(Qi),void 0,void 0,e)}}function Ih(e){try{const t={};return e.forEach(((e,r)=>{t[r]=e})),t}catch(e){throw ns(Vi)}}function Ch({auth:r,cache:n,system:o,experimental:i,telemetry:h},l){const d={clientId:"",authority:`${t}`,knownAuthorities:[],cloudDiscoveryMetadata:"",authorityMetadata:"",redirectUri:"undefined"!=typeof window&&window.location?window.location.href.split("?")[0].split("#")[0]:"",postLogoutRedirectUri:"",clientCapabilities:[],OIDCOptions:{responseMode:q.FRAGMENT,defaultScopes:[s,a,c]},azureCloudOptions:{azureCloudInstance:Cr.None,tenant:""},instanceAware:!1,isMcp:!1,verifySSO:!1},u={cacheLocation:Ts.SessionStorage,cacheRetentionDays:5},g={loggerCallback:()=>{},logLevel:e.LogLevel.Info,piiLoggingEnabled:!1},p={...{...tn,loggerOptions:g,networkClient:l?new yh:Ao,navigationClient:new fh,popupBridgeTimeout:o?.popupBridgeTimeout||6e4,iframeBridgeTimeout:o?.iframeBridgeTimeout||1e4,redirectNavigationTimeout:3e4,allowRedirectInIframe:!1,navigatePopups:!0,allowPlatformBroker:!1,nativeBrokerHandshakeTimeout:o?.nativeBrokerHandshakeTimeout||2e3,protocolMode:jr.AAD},...o,loggerOptions:o?.loggerOptions||g},m={application:{appName:"",appVersion:""},client:new en};if(o?.protocolMode!==jr.OIDC&&r?.OIDCOptions){new yr(p.loggerOptions).warning(JSON.stringify(ke(Be)),"")}if(o?.protocolMode&&o.protocolMode===jr.OIDC&&p?.allowPlatformBroker)throw ke(ze);return{auth:{...d,...r,OIDCOptions:{...d.OIDCOptions,...r?.OIDCOptions}},cache:{...u,...n},system:p,experimental:{iframeTimeoutTelemetry:!1,allowPlatformBrokerWithDOM:!1,...i},telemetry:{...m,...h}}}class vh{constructor(e,t,r,n){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=n,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=r,this.handshakeEvent=this.performanceClient.startMeasurement("nativeMessageHandlerHandshake"),this.platformAuthType=ws}async sendMessage(e){this.logger.trace("0on4p2",e.correlationId);const t={method:vs,request:e},r={channel:ds,extensionId:this.extensionId,responseId:ca(),body:t};this.logger.trace("1qadfi",e.correlationId),this.logger.tracePii("1xm533",e.correlationId),this.messageChannel.port1.postMessage(r);const n=await new Promise(((e,t)=>{this.resolvers.set(r.responseId,{resolve:e,reject:t})}));return this.validatePlatformBrokerResponse(n)}static async createProvider(e,t,r,n){e.trace("15zfnw",n);try{const o=new vh(e,t,r,us);return await o.sendHandshakeRequest(n),o}catch(o){const i=new vh(e,t,r);return await i.sendHandshakeRequest(n),i}}async sendHandshakeRequest(e){this.logger.trace("1dpg9o",e),window.addEventListener("message",this.windowListener,!1);const t={channel:ds,extensionId:this.extensionId,responseId:ca(),body:{method:Is}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=e=>{this.onChannelMessage(e)},window.postMessage(t,window.origin,[this.messageChannel.port2]),new Promise(((e,r)=>{this.handshakeResolvers.set(t.responseId,{resolve:e,reject:r}),this.timeoutId=window.setTimeout((()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),r(ns(Bi)),this.handshakeResolvers.delete(t.responseId)}),this.handshakeTimeoutMs)}))}onWindowMessage(e){const t=Ka();if(this.logger.trace("0jpn5u",t),e.source!==window)return;const r=e.data;if(r.channel&&r.channel===ds&&(!r.extensionId||r.extensionId===this.extensionId)&&r.body.method===Is){const e=this.handshakeResolvers.get(r.responseId);if(!e)return void this.logger.trace("07buhm",t);this.logger.verbose(r.extensionId?"0xrkug":"No extension installed",t),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),e.reject(ns(zi))}}onChannelMessage(e){const t=Ka();this.logger.trace("1py8yf",t);const r=e.data,n=this.resolvers.get(r.responseId),o=this.handshakeResolvers.get(r.responseId);try{const e=r.body.method;if(e===ks){if(!n)return;const e=r.body.response;if(this.logger.trace("19hpgm",t),this.logger.tracePii("179a24",t),"Success"!==e.status)n.reject(eh(e.code,e.description,e.ext));else{if(!e.result)throw Ce(Oo,"Event does not contain result.");e.result.code&&e.result.description?n.reject(eh(e.result.code,e.result.description,e.result.ext)):n.resolve(e.result)}this.resolvers.delete(r.responseId)}else if(e===Cs){if(!o)return void this.logger.trace("082qnt",t);clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=r.extensionId,this.extensionVersion=r.body.version,this.logger.verbose("0yf5ib",t),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),o.resolve(),this.handshakeResolvers.delete(r.responseId)}}catch(e){this.logger.error("0xf978",t),this.logger.errorPii("04i99o",t),this.logger.errorPii("0xdvsy",t),n?n.reject(e):o&&o.reject(e)}}validatePlatformBrokerResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw Ce(Oo,"Response missing expected properties.")}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}getExtensionName(){return this.getExtensionId()===us?"chrome":this.getExtensionId()?.length?"unknown":void 0}}class kh{constructor(e,t,r){this.logger=e,this.performanceClient=t,this.correlationId=r,this.platformAuthType=ys}static async createProvider(e,t,r){if(e.trace("12mj4a",r),window.navigator?.platformAuthentication){const n=await window.navigator.platformAuthentication.getSupportedContracts(ps);if(n?.includes(fs))return e.trace("1h5q1r",r),new kh(e,t,r)}}getExtensionId(){return ps}getExtensionVersion(){return""}getExtensionName(){return ms}async sendMessage(e){this.logger.trace("02bcil",e.correlationId);try{const t=this.initializePlatformDOMRequest(e),r=await window.navigator.platformAuthentication.executeGetToken(t);return this.validatePlatformBrokerResponse(r,e.correlationId)}catch(t){throw this.logger.error("11im7g",e.correlationId),t}}initializePlatformDOMRequest(e){this.logger.trace("15d6yv",e.correlationId);const{accountId:t,clientId:r,authority:n,scope:o,redirectUri:i,correlationId:s,state:a,storeInCache:c,embeddedClientId:h,extraParameters:l,...d}=e,u=this.getDOMExtraParams(d,s);return{accountId:t,brokerId:this.getExtensionId(),authority:n,clientId:r,correlationId:s||this.correlationId,extraParameters:{...l,...u},isSecurityTokenService:!1,redirectUri:i,scope:o,state:a,storeInCache:c,embeddedClientId:h}}validatePlatformBrokerResponse(e,t){if(e.hasOwnProperty("isSuccess")){if(e.hasOwnProperty("accessToken")&&e.hasOwnProperty("idToken")&&e.hasOwnProperty("clientInfo")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scopes")&&e.hasOwnProperty("expiresIn"))return this.logger.trace("0h4vei",t),this.convertToPlatformBrokerResponse(e,t);if(e.hasOwnProperty("error")){const r=e;if(!1===r.isSuccess&&r.error&&r.error.code)throw this.logger.trace("0g92vm",t),eh(r.error.code,r.error.description,{error:parseInt(r.error.errorCode),protocol_error:r.error.protocolError,status:r.error.status,properties:r.error.properties})}}throw Ce(Oo,"Response missing expected properties.")}convertToPlatformBrokerResponse(e,t){this.logger.trace("14913t",t);return{access_token:e.accessToken,id_token:e.idToken,client_info:e.clientInfo,account:e.account,expires_in:e.expiresIn,scope:e.scopes,state:e.state||"",properties:e.properties||{},extendedLifetimeToken:e.extendedLifetimeToken??!1,shr:e.proofOfPossessionPayload}}getDOMExtraParams(e,t){try{const t={};for(const[r,n]of Object.entries(e))n&&(t[r]="object"==typeof n?JSON.stringify(n):String(n));return t}catch(e){return this.logger.error("0eu9o3",t),this.logger.errorPii("17rpl5",t),{}}}}async function Th(e,t,r,n,o){let i;e.trace("134j0v",r),e.trace("04c81g",r);try{o&&(i=await kh.createProvider(e,t,r)),i||(e.trace("0l3na8",r),i=await vh.createProvider(e,n||2e3,t,r))}catch(t){e.trace("0icbd7",t)}return i}function bh(e,t,r,n,o){if(t.trace("0uko3r",r),!e.system.allowPlatformBroker&&e.experimental.allowPlatformBrokerWithDOM)throw ke(Je);if(!e.system.allowPlatformBroker)return t.trace("04hozs",r),!1;if(!n)return t.trace("0kvv1r",r),!1;if(o)switch(o){case Q.BEARER:case Q.POP:return t.trace("18tev1",r),!0;default:return t.trace("1dd2nh",r),!1}return!0}class Ah extends Wc{constructor(e,t,r,n,o,i,s,a,c,h,l){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a,this.eventHandler=o,this.waitForPopupResponseHook=l}acquireToken(e,t){let r;try{if(r={popupName:this.generatePopupName(e.scopes||m,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window},this.performanceClient.addFields({isAsyncPopup:!this.config.system.navigatePopups},this.correlationId),this.config.system.navigatePopups){const n={...e,httpMethod:Jc(e,this.config.system.protocolMode)};return this.logger.verbose("1f9ok3",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.acquireTokenPopupAsync(n,r,t)}return this.logger.verbose("162h4u",this.correlationId),this.acquireTokenPopupAsync(e,r,t)}catch(e){return Promise.reject(e)}}logout(e){try{this.logger.verbose("068rup",this.correlationId);const t=this.initializeLogoutRequest(e),r={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:e?.popupWindowAttributes||{},popupWindowParent:e?.popupWindowParent??window},n=e&&e.authority,o=e&&e.mainWindowRedirectUri;return this.config.system.navigatePopups?(this.logger.verbose("1a28da",this.correlationId),r.popup=this.openSizedPopup("about:blank",r),this.logoutPopupAsync(t,r,n,o)):(this.logger.verbose("1phd8u",this.correlationId),this.logoutPopupAsync(t,r,n,o))}catch(e){return Promise.reject(e)}}async acquireTokenPopupAsync(t,r,n){this.logger.verbose("1g77pg",this.correlationId);const o=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Popup,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.popup&&Da(o.authority);const i=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);return o.platformBroker=i,this.config.system.protocolMode===jr.EAR?this.executeEarFlow(o,r,n):this.executeCodeFlow(o,r,n)}async executeCodeFlow(t,r,n){const o=t.correlationId,i=Kc(Us.acquireTokenPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n||await Ln(gh,ri,this.logger,this.performanceClient,o)(this.performanceClient,this.logger,o),a={...t,codeChallenge:s.challenge};try{const n=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,o)({serverTelemetryManager:i,requestAuthority:a.authority,requestAzureCloudOptions:a.azureCloudOptions,requestExtraQueryParameters:a.extraQueryParameters,account:a.account});if(a.httpMethod===p)return await this.executeCodeFlowWithPost(a,r,n,s.verifier);{const i=await Ln(sh,Rn,this.logger,this.performanceClient,o)(this.config,n.authority,a,this.logger,this.performanceClient),c=this.initiateAuthRequest(i,r);this.eventHandler.emitEvent(_c.POPUP_OPENED,o,e.InteractionType.Popup,{popupWindow:c},null);const h=await this.waitForPopupResponse(t,c,r.popupWindowParent),l=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(h,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return await Ln(dh,Xo,this.logger,this.performanceClient,o)(t,l,s.verifier,Us.acquireTokenPopup,this.config,n,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}}catch(e){throw r.popup?.close(),e instanceof Ie&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}}async executeEarFlow(e,t,r){const{correlationId:n,authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=e,c=await Ln(Bc,Ko,this.logger,this.performanceClient,n)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a),h=await Ln(la,ii,this.logger,this.performanceClient,n)(),l=r||await Ln(gh,ri,this.logger,this.performanceClient,n)(this.performanceClient,this.logger,n),d={...e,earJwk:h,codeChallenge:l.challenge},u=t.popup||this.openPopup("about:blank",t);(await ah(u.document,this.config,c,d,this.logger,this.performanceClient)).submit();const g=await Ln(this.waitForPopupResponse.bind(this),Wo,this.logger,this.performanceClient,n)(d,u,t.popupWindowParent),p=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(g,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);if(!p.ear_jwe&&p.code){const t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,n)({serverTelemetryManager:Kc(Us.acquireTokenPopup,this.config.auth.clientId,n,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:c});return Ln(dh,Xo,this.logger,this.performanceClient,n)(d,p,l.verifier,Us.acquireTokenPopup,this.config,t,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Ln(uh,Yo,this.logger,this.performanceClient,n)(d,p,Us.acquireTokenPopup,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async executeCodeFlowWithPost(e,t,r,n){const o=e.correlationId,i=await Ln(Bc,Ko,this.logger,this.performanceClient,o)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger),s=t.popup||this.openPopup("about:blank",t);(await ch(s.document,this.config,i,e,this.logger,this.performanceClient)).submit();const a=await Ln(this.waitForPopupResponse.bind(this),Wo,this.logger,this.performanceClient,o)(e,s,t.popupWindowParent),c=Un(Qc,ei,this.logger,this.performanceClient,this.correlationId)(a,this.config.auth.OIDCOptions.responseMode,this.logger,this.correlationId);return Ln(dh,Xo,this.logger,this.performanceClient,o)(e,c,n,Us.acquireTokenPopup,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async logoutPopupAsync(t,r,n,o){this.logger.verbose("0b7yrk",this.correlationId),this.eventHandler.emitEvent(_c.LOGOUT_START,this.correlationId,e.InteractionType.Popup,t);const i=Kc(Us.logoutPopup,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{await zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,t.account);const s=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:i,requestAuthority:n,account:t.account||void 0});try{s.authority.endSessionEndpoint}catch{if(t.account?.homeAccountId&&t.postLogoutRedirectUri&&s.authority.protocolMode===jr.OIDC){if(this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t),o){const e={apiId:Us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_r.getAbsoluteUrl(o,Oa());await this.navigationClient.navigateInternal(t,e)}return void r.popup?.close()}}t.state=ro(this.browserCrypto,t.state||"",{interactionType:e.InteractionType.Popup});const a=s.getLogoutUri(t);this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,t.correlationId,e.InteractionType.Popup,t);const c=this.openPopup(a,r);if(this.eventHandler.emitEvent(_c.POPUP_OPENED,t.correlationId,e.InteractionType.Popup,{popupWindow:c},null),await this.waitForPopupResponse(t,c,r.popupWindowParent).catch((()=>{})),o){const e={apiId:Us.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},t=_r.getAbsoluteUrl(o,Oa());this.logger.verbose("0qcur2",this.correlationId),this.logger.verbosePii("0oj7lk",this.correlationId),await this.navigationClient.navigateInternal(t,e)}else this.logger.verbose("03zgcf",this.correlationId)}catch(t){throw r.popup?.close(),t instanceof Ie&&(t.setCorrelationId(this.correlationId),i.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Popup,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Popup),t}this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii("1kcr9k",this.correlationId),this.openPopup(e,t);throw this.logger.error("1l7hyp",this.correlationId),ns(li)}openPopup(e,t){try{let r;if(t.popup?(r=t.popup,this.logger.verbosePii("0cgeo7",this.correlationId),r.location.assign(e)):void 0===t.popup&&(this.logger.verbosePii("0c2awd",this.correlationId),r=this.openSizedPopup(e,t)),!r)throw ns(Ii);try{r.document.title="Microsoft Authentication"}catch(e){"undefined"!=typeof DOMException&&e instanceof DOMException&&"SecurityError"===e.name||this.logger.verbose("1s1yfs",this.correlationId)}return r.focus&&r.focus(),this.currentWindow=r,r}catch(e){throw this.logger.error("0dxfb9",this.correlationId),ns(wi)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:r,popupWindowParent:n}){const o=n.screenLeft?n.screenLeft:n.screenX,i=n.screenTop?n.screenTop:n.screenY,s=n.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,a=n.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let c=r.popupSize?.width,h=r.popupSize?.height,l=r.popupPosition?.top,d=r.popupPosition?.left;return(!c||c<0||c>s)&&(this.logger.verbose("08vfmo",this.correlationId),c=as),(!h||h<0||h>a)&&(this.logger.verbose("09cxa0",this.correlationId),h=cs),(!l||l<0||l>a)&&(this.logger.verbose("1qh4wo",this.correlationId),l=Math.max(0,a/2-cs/2+i)),(!d||d<0||d>s)&&(this.logger.verbose("1sz3en",this.correlationId),d=Math.max(0,s/2-as/2+o)),n.open(e,t,`width=${c}, height=${h}, top=${l}, left=${d}, scrollbars=yes`)}generatePopupName(e,t){return`${hs}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${hs}.${this.config.auth.clientId}.${t}.${this.correlationId}`}async waitForPopupResponse(e,t,r){return this.waitForPopupResponseHook?this.waitForPopupResponseHook(e,t,r):Ra(this.config.system.popupBridgeTimeout,this.logger,e,this.performanceClient)}}class Sh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,s,c,h),this.nativeStorage=a}async acquireToken(t){const r=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Redirect,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);r.platformBroker=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,t.authenticationScheme);const n=t=>{t.persisted&&(this.logger.verbose("0udvtt",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),this.eventHandler.emitEvent(_c.RESTORE_FROM_BFCACHE,this.correlationId,e.InteractionType.Redirect))},o=this.getRedirectStartPage(t.redirectStartPage);this.logger.verbosePii("0zao0a",this.correlationId),this.browserStorage.setTemporaryCache(Es,o,!0),window.addEventListener("pageshow",n);try{this.config.system.protocolMode===jr.EAR?await this.executeEarFlow(r):await this.executeCodeFlow(r)}catch(e){throw e instanceof Ie&&e.setCorrelationId(this.correlationId),window.removeEventListener("pageshow",n),e}}async executeCodeFlow(e){const t=e.correlationId,r=Kc(Us.acquireTokenRedirect,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),n=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),o={...e,codeChallenge:n.challenge};this.browserStorage.cacheAuthorizeRequest(o,this.correlationId,n.verifier);try{if(o.httpMethod===p)return await this.executeCodeFlowWithPost(o);{const t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:r,requestAuthority:o.authority,requestAzureCloudOptions:o.azureCloudOptions,requestExtraQueryParameters:o.extraQueryParameters,account:o.account}),n=await Ln(sh,Rn,this.logger,this.performanceClient,e.correlationId)(this.config,t.authority,o,this.logger,this.performanceClient);return await this.initiateAuthRequest(n)}}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),r.cacheFailedRequest(e)),e}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Ln(la,ii,this.logger,this.performanceClient,t)(),c=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge};this.browserStorage.cacheAuthorizeRequest(h,this.correlationId,c.verifier);return(await ah(document,this.config,s,h,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(ns(Zi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async executeCodeFlowWithPost(e){const t=e.correlationId,r=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger);this.browserStorage.cacheAuthorizeRequest(e,this.correlationId);return(await ch(document,this.config,r,e,this.logger,this.performanceClient)).submit(),new Promise(((e,t)=>{setTimeout((()=>{t(ns(Zi,"failed_to_redirect"))}),this.config.system.redirectNavigationTimeout)}))}async handleRedirectPromise(e,t,r,n){const o=document.title;document.title="Microsoft Authentication";const i=Kc(Us.handleRedirectPromise,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),s=n?.navigateToLoginRequestUrl??!0;try{const[o,a]=this.getRedirectResponse(n?.hash||"");if(!o)return this.logger.info("1qmv0q",this.correlationId),this.browserStorage.resetRequestCache(this.correlationId),"back_forward"!==function(){if("undefined"==typeof window||void 0===window.performance||"function"!=typeof window.performance.getEntriesByType)return;const e=window.performance.getEntriesByType("navigation"),t=e.length?e[0]:void 0;return t?.type}()?r.event.errorCode="no_server_response":this.logger.verbose("1eqegq",this.correlationId),null;const c=this.browserStorage.getTemporaryCache(Es,this.correlationId,!0)||"",h=ur(c);if(h===ur(window.location.href)&&s){this.logger.verbose("11yred",this.correlationId),c.indexOf("#")>-1&&Aa(c);return await this.handleResponse(o,e,t,i)}if(!s)return this.logger.verbose("0v4sdv",this.correlationId),await this.handleResponse(o,e,t,i);if(!Sa()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(Ps,a,!0);const r={apiId:Us.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let n=!0;if(c&&"null"!==c)this.logger.verbose("08jpy1",this.correlationId),n=await this.navigationClient.navigateInternal(c,r);else{const e=Ma();this.browserStorage.setTemporaryCache(Es,e,!0),this.logger.warning("1dutq1",this.correlationId),n=await this.navigationClient.navigateInternal(e,r)}if(!n)return await this.handleResponse(o,e,t,i)}return null}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),i.cacheFailedRequest(e)),e}finally{document.title=o}}getRedirectResponse(t){this.logger.verbose("1c5i8m",this.correlationId);let r=t;r||(r=this.config.auth.OIDCOptions.responseMode===q.QUERY?window.location.search:window.location.hash);let n=lr(r);if(n){try{Vc(n,this.browserCrypto,e.InteractionType.Redirect)}catch(e){return e instanceof Ie&&this.logger.error("0bkq6p",this.correlationId),[null,""]}return ba(window),this.logger.verbose("00uvho",this.correlationId),[n,r]}const o=this.browserStorage.getTemporaryCache(Ps,this.correlationId,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Ps)),o&&(n=lr(o),n)?(this.logger.verbose("001671",this.correlationId),[n,o]):[null,""]}async handleResponse(e,t,r,n){if(!e.state)throw ns(ui);const{authority:o,azureCloudOptions:i,extraQueryParameters:s,account:a}=t;if(e.ear_jwe){const r=await Ln(Bc,Ko,this.logger,this.performanceClient,t.correlationId)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,o,i,s,a);return Ln(uh,Yo,this.logger,this.performanceClient,t.correlationId)(t,e,Us.acquireTokenRedirect,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}const c=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority});return Ln(dh,Xo,this.logger,this.performanceClient,t.correlationId)(t,e,r,Us.acquireTokenRedirect,this.config,c,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async initiateAuthRequest(e){if(this.logger.verbose("0yaw2e",this.correlationId),e){this.logger.infoPii("1luf83",this.correlationId);const t={apiId:Us.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},r=this.config.auth.onRedirectNavigate;if("function"==typeof r){this.logger.verbose("1nehvl",this.correlationId);return!1!==r(e)?(this.logger.verbose("1a0jxh",this.correlationId),void await this.navigationClient.navigateExternal(e,t)):void this.logger.verbose("09k5h5",this.correlationId)}return this.logger.verbose("0klwf7",this.correlationId),void await this.navigationClient.navigateExternal(e,t)}throw this.logger.info("0rlh4e",this.correlationId),ns(li)}async logout(t){this.logger.verbose("1rkurh",this.correlationId);const r=this.initializeLogoutRequest(t),n=Kc(Us.logout,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{this.eventHandler.emitEvent(_c.LOGOUT_START,this.correlationId,e.InteractionType.Redirect,t),await zc(this.browserStorage,this.browserCrypto,this.logger,this.correlationId,r.account);const o={apiId:Us.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},i=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t&&t.authority,requestExtraQueryParameters:t?.extraQueryParameters,account:t&&t.account||void 0});if(i.authority.protocolMode===jr.OIDC)try{i.authority.endSessionEndpoint}catch{if(r.account?.homeAccountId)return void this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r)}r.state=ro(this.browserCrypto,r.state||"",{interactionType:e.InteractionType.Redirect});const s=i.getLogoutUri(r);r.account?.homeAccountId&&this.eventHandler.emitEvent(_c.LOGOUT_SUCCESS,this.correlationId,e.InteractionType.Redirect,r);const a=this.config.auth.onRedirectNavigate;if("function"!=typeof a)return this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,_s),void await this.navigationClient.navigateExternal(s,o);if(!1!==a(s))return this.logger.verbose("06v57e",this.correlationId),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0,_s),void await this.navigationClient.navigateExternal(s,o);this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("0xqes1",this.correlationId)}catch(t){throw t instanceof Ie&&(t.setCorrelationId(this.correlationId),n.cacheFailedRequest(t)),this.eventHandler.emitEvent(_c.LOGOUT_FAILURE,this.correlationId,e.InteractionType.Redirect,null,t),this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Redirect),t}this.eventHandler.emitEvent(_c.LOGOUT_END,this.correlationId,e.InteractionType.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return _r.getAbsoluteUrl(t,Oa())}}async function _h(e,t,r,n){if(!e)throw r.info("1l7hyp",n),ns(li);return Un(Rh,"silentHandlerLoadFrameSync",r,t,n)(e)}async function Eh(e,t,r,n,o){const i=Oh();if(!i.contentDocument)throw"No document associated with iframe!";return(await ch(i.contentDocument,e,t,r,n,o)).submit(),i}async function Ph(e,t,r,n,o){const i=Oh();if(!i.contentDocument)throw"No document associated with iframe!";return(await ah(i.contentDocument,e,t,r,n,o)).submit(),i}function Rh(e){const t=Oh();return t.src=e,t}function Oh(){const e=document.createElement("iframe");return e.className="msalSilentIframe",e.title="Microsoft Authentication",e.style.visibility="hidden",e.style.position="absolute",e.style.width=e.style.height="0",e.style.border="0",e.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),e.setAttribute("allow","local-network-access *"),document.body.appendChild(e),e}function Mh(e){document.body===e.parentNode&&document.body.removeChild(e)}class xh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h,l,d){super(e,t,r,n,o,i,a,h,l),this.apiId=s,this.nativeStorage=c,this.waitForIframeResponseHook=d}async acquireToken(t){t.loginHint||t.sid||t.account&&t.account.username||this.logger.warning("1kl318",this.correlationId);const r={...t};r.prompt?r.prompt!==O.NONE&&r.prompt!==O.NO_SESSION&&(this.logger.warning("0bmctg",this.correlationId),r.prompt=O.NONE):r.prompt=O.NONE;const n=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId);return n.platformBroker=bh(this.config,this.logger,this.correlationId,this.platformAuthProvider,n.authenticationScheme),Da(n.authority),this.config.system.protocolMode===jr.EAR?this.executeEarFlow(n):this.executeCodeFlow(n)}async executeCodeFlow(e){let t;const r=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{return t=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:r,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account}),await Ln(this.silentTokenHelper.bind(this),$o,this.logger,this.performanceClient,e.correlationId)(t,e)}catch(n){if(n instanceof Ie&&(n.setCorrelationId(this.correlationId),r.cacheFailedRequest(n)),!(t&&n instanceof Ie&&n.errorCode===ss))throw n;return this.performanceClient.addFields({retryError:n.errorCode},this.correlationId),await Ln(this.silentTokenHelper.bind(this),$o,this.logger,this.performanceClient,this.correlationId)(t,e)}}async executeEarFlow(e){const{correlationId:t,authority:r,azureCloudOptions:n,extraQueryParameters:o,account:i}=e,s=await Ln(Bc,Ko,this.logger,this.performanceClient,t)(this.config,this.correlationId,this.performanceClient,this.browserStorage,this.logger,r,n,o,i),a=await Ln(la,ii,this.logger,this.performanceClient,t)(),c=await Ln(gh,ri,this.logger,this.performanceClient,t)(this.performanceClient,this.logger,t),h={...e,earJwk:a,codeChallenge:c.challenge},l=await Ln(Ph,Jo,this.logger,this.performanceClient,t)(this.config,s,h,this.logger,this.performanceClient),d=this.config.auth.OIDCOptions.responseMode;let u;try{u=await Ln(this.waitForIframeResponse.bind(this),Wo,this.logger,this.performanceClient,t)(l,e)}finally{Un(Mh,ti,this.logger,this.performanceClient,t)(l)}const g=Un(Qc,ei,this.logger,this.performanceClient,t)(u,d,this.logger,this.correlationId);if(!g.ear_jwe&&g.code){const r=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,t)({serverTelemetryManager:Kc(this.apiId,this.config.auth.clientId,t,this.browserStorage,this.logger),requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account,authority:s});return Ln(dh,Xo,this.logger,this.performanceClient,t)(h,g,c.verifier,this.apiId,this.config,r,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}return Ln(uh,Yo,this.logger,this.performanceClient,t)(h,g,this.apiId,this.config,s,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async verifySso(t){const r={...t};r.prompt||(r.prompt=O.NONE);const n=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(r,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),o=await Ln(this.createAuthCodeClient.bind(this),Go,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),{serverParams:i}=await this.silentAuthorizeHelper(o,n),s=n.correlationId;return Eo(i,n.state),i.code?(this.logger.verbose("0kkkcj",s),!0):(this.logger.warning("0y34ti",s),!1)}logout(){return Promise.reject(ns(Ai))}async silentTokenHelper(e,t){const{serverParams:r,pkceCodes:n}=await this.silentAuthorizeHelper(e,t);return Ln(dh,Xo,this.logger,this.performanceClient,t.correlationId)(t,r,n.verifier,this.apiId,this.config,e,this.browserStorage,this.nativeStorage,this.eventHandler,this.logger,this.performanceClient,this.platformAuthProvider)}async silentAuthorizeHelper(e,t){const r=t.correlationId,n=await Ln(gh,ri,this.logger,this.performanceClient,r)(this.performanceClient,this.logger,r),o={...t,codeChallenge:n.challenge};let i;if(t.httpMethod===p)i=await Ln(Eh,Jo,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);else{const t=await Ln(sh,Rn,this.logger,this.performanceClient,r)(this.config,e.authority,o,this.logger,this.performanceClient);i=await Ln(_h,Jo,this.logger,this.performanceClient,r)(t,this.performanceClient,this.logger,r)}const s=this.config.auth.OIDCOptions.responseMode;let a;try{a=await Ln(this.waitForIframeResponse.bind(this),Wo,this.logger,this.performanceClient,r)(i,t)}finally{Un(Mh,ti,this.logger,this.performanceClient,r)(i)}return{serverParams:Un(Qc,ei,this.logger,this.performanceClient,r)(a,s,this.logger,this.correlationId),pkceCodes:n,silentRequest:o}}async waitForIframeResponse(e,t){return this.waitForIframeResponseHook?this.waitForIframeResponseHook(e,t):Ra(this.config.system.iframeBridgeTimeout,this.logger,t,this.performanceClient,this.config.experimental)}}class qh extends Wc{async acquireToken(e){const t=await Ln(jc,jo,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger,this.correlationId),r={...e,...t};e.redirectUri&&(r.redirectUri=Dc(e.redirectUri,this.config.auth.redirectUri,this.logger,this.correlationId));const n=Kc(Us.acquireTokenSilent_silentFlow,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger),o=await this.createRefreshTokenClient({serverTelemetryManager:n,authorityUrl:r.authority,azureCloudOptions:r.azureCloudOptions,account:r.account});return Ln(o.acquireTokenByRefreshToken.bind(o),"refreshTokenClientAcquireTokenByRefreshToken",this.logger,this.performanceClient,e.correlationId)(r,Us.acquireTokenSilent_silentFlow).catch((e=>{throw e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e),e}))}logout(){return Promise.reject(ns(Ai))}async createRefreshTokenClient(e){const t=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new To(t,this.performanceClient)}}class Nh extends ko{constructor(e,t){super(e,t),this.includeRedirectUri=!1}}class Uh extends Wc{constructor(e,t,r,n,o,i,s,a,c,h){super(e,t,r,n,o,i,a,c,h),this.apiId=s}async acquireToken(t){if(!t.code)throw ns(Li);const r=await Ln(Gc,Vo,this.logger,this.performanceClient,this.correlationId)(t,e.InteractionType.Silent,this.config,this.browserCrypto,this.browserStorage,this.logger,this.performanceClient,this.correlationId),n=Kc(this.apiId,this.config.auth.clientId,this.correlationId,this.browserStorage,this.logger);try{const e={...r,code:t.code},o=await Ln(this.getClientConfiguration.bind(this),Qo,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:r.authority,requestAzureCloudOptions:r.azureCloudOptions,requestExtraQueryParameters:r.extraQueryParameters,account:r.account}),i=new Nh(o,this.performanceClient);this.logger.verbose("1uic5e",this.correlationId);const s=new Yc(i,this.browserStorage,e,this.logger,this.performanceClient);return await Ln(s.handleCodeResponseFromServer.bind(s),On,this.logger,this.performanceClient,this.correlationId)({code:t.code,msgraph_host:t.msGraphHost,cloud_graph_host_name:t.cloudGraphHostName,cloud_instance_host_name:t.cloudInstanceHostName},r,this.apiId,!1)}catch(e){throw e instanceof Ie&&(e.setCorrelationId(this.correlationId),n.cacheFailedRequest(e)),e}}logout(){return Promise.reject(ns(Ai))}}function Lh(e,t,r,n){try{Ha(e),Po(r.auth.isMcp,n)}catch(e){throw t.end({success:!1},e,n.account),e}}class Hh{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new Wa(this.logger,this.performanceClient):gr,this.eventHandler=new Hc(this.logger),this.browserStorage=this.isBrowserEnvironment?new Oc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Co(this.config.auth)):xc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler);const t={cacheLocation:Ts.MemoryStorage,cacheRetentionDays:5};this.nativeInternalStorage=new Oc(this.config.auth.clientId,t,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler),this.activeSilentTokenRequests=new Map,this.trackStateChange=this.trackStateChange.bind(this),this.trackStateChangeWithMeasurement=this.trackStateChangeWithMeasurement.bind(this)}static async createController(e,t){const r=new Hh(e);return await r.initialize(t),r}trackStateChange(e,t){e&&("visibilitychange"===t.type?(this.logger.info("16v6hv",e),this.performanceClient.incrementFields({visibilityChangeCount:1},e)):"online"===t.type?(this.logger.info("0zirfd",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)):"offline"===t.type&&(this.logger.info("1xk9ef",e),this.performanceClient.incrementFields({onlineStatusChangeCount:1},e)))}async initialize(e){const t=this.getRequestCorrelationId(e);if(this.logger.trace("1f7joy",t),this.initialized)return void this.logger.info("061m5x",t);if(!this.isBrowserEnvironment)return this.logger.info("19fvpi",t),this.initialized=!0,void this.eventHandler.emitEvent(_c.INITIALIZE_END,t);const r=this.config.system.allowPlatformBroker,n=this.performanceClient.startMeasurement(tc,t);if(this.eventHandler.emitEvent(_c.INITIALIZE_START,t),this.logMultipleInstances(n,t),n.add({isMcp:this.config.auth.isMcp}),await Ln(this.browserStorage.initialize.bind(this.browserStorage),"initializeCache",this.logger,this.performanceClient,t)(t),r)try{this.platformAuthProvider=await Th(this.logger,this.performanceClient,t,this.config.system.nativeBrokerHandshakeTimeout,this.config.experimental.allowPlatformBrokerWithDOM)}catch(e){this.logger.verbose(e,t)}this.config.cache.cacheLocation===Ts.LocalStorage&&this.eventHandler.subscribeCrossTab(),!this.config.system.navigatePopups&&await this.preGeneratePkceCodes(t),this.initialized=!0,this.eventHandler.emitEvent(_c.INITIALIZE_END,t),n.end({allowPlatformBroker:r,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("02l8bm",""),La(this.initialized),this.isBrowserEnvironment){const t=e?.hash||"";let r=this.redirectResponse.get(t);return void 0===r?(r=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,r),this.logger.verbose("1wn9kp","")):this.logger.verbose("0w0gm3",""),r}return this.logger.verbose("12xi63",""),null}async handleRedirectPromiseInternal(t){if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("0le6uv",""),null;const r=this.browserStorage.getInteractionInProgress()?.type;if(r===_s)return this.logger.verbose("1ywcv2",""),this.browserStorage.setInteractionInProgress(!1),Promise.resolve(null);const n=this.getAllAccounts(),o=this.browserStorage.getCachedNativeRequest(),i=o&&!t?.hash;let s,a,c;try{if(i&&this.platformAuthProvider){const t=o?.correlationId||"";this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_START,t,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Xa,t),this.logger.trace("12v7is",t),s.add({isPlatformBrokerRequest:!0});const r=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Us.handleRedirectPromise,this.performanceClient,this.platformAuthProvider,o.accountId,this.nativeInternalStorage,o.correlationId);a=Ln(r.handleRedirectPromise.bind(r),"handleNativeRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)()}else{const[r,n]=this.browserStorage.getCachedRequest("");c=r;const o=r.correlationId;this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_START,o,e.InteractionType.Redirect),s=this.performanceClient.startMeasurement(Xa,o),this.logger.trace("0znzs5",o);const i=this.createRedirectClient(o);a=Ln(i.handleRedirectPromise.bind(i),"handleRedirectPromise",this.logger,this.performanceClient,s.event.correlationId)(r,n,s,t)}}catch(e){throw this.browserStorage.resetRequestCache(""),e}return a.then((t=>{if(t){this.browserStorage.resetRequestCache(t.correlationId),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t),this.logger.verbose("0ui8f5",t.correlationId);n.length<this.getAllAccounts().length&&(this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,t.correlationId,e.InteractionType.Redirect,t.account),this.logger.verbose("16im3l",t.correlationId)),s.end({success:!0},void 0,t.account),this.verifySsoCapability(c,e.InteractionType.Redirect)}else s.event.errorCode?s.end({success:!1},void 0):s.discard();return this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),t})).catch((t=>{this.browserStorage.resetRequestCache(s.event.correlationId);const r=t;throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,s.event.correlationId,e.InteractionType.Redirect,null,r),this.eventHandler.emitEvent(_c.HANDLE_REDIRECT_END,s.event.correlationId,e.InteractionType.Redirect),s.end({success:!1},r),t}))}async acquireTokenRedirect(t){const r=this.getRequestCorrelationId(t);this.logger.verbose("0os66p",r);const n=this.performanceClient.startMeasurement(Za,r);n.add({scenarioId:t.scenarioId});const o=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=e=>{const r="function"==typeof o?o(e):void 0;return n.add({navigateCallbackResult:!1!==r}),n.event=n.end({success:!0},void 0,t.account)||n.event,r};try{let o;if(Fa(this.initialized,this.config),Po(this.config.auth.isMcp,t),this.browserStorage.setInteractionInProgress(!0,Ss),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Redirect,t),this.platformAuthProvider&&this.canUsePlatformBroker(t)){const e=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Us.acquireTokenRedirect,this.performanceClient,this.platformAuthProvider,this.getNativeAccountId(t),this.nativeInternalStorage,r);o=Ln(e.acquireTokenRedirect.bind(e),"nativeInteractionClientAcquireToken",this.logger,this.performanceClient,r)(t,n).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Zc&&Xc(e)){this.platformAuthProvider=void 0;return this.createRedirectClient(r).acquireToken(t)}if(e instanceof Zn){this.logger.verbose("1ipyz4",r);return this.createRedirectClient(r).acquireToken(t)}throw e}))}else{o=this.createRedirectClient(r).acquireToken(t)}return await o}catch(o){throw this.browserStorage.resetRequestCache(r),2===n.event.status?this.performanceClient.startMeasurement(Xa,r).end({success:!1},o,t.account):n.end({success:!1},o,t.account),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Redirect,null,o),o}}acquireTokenPopup(t){const r=this.getRequestCorrelationId(t),n=this.performanceClient.startMeasurement(Ya,r);n.add({scenarioId:t.scenarioId});try{this.logger.verbose("0ch87b",r),Lh(this.initialized,n,this.config,t),this.browserStorage.setInteractionInProgress(!0,Ss,t.overrideInteractionInProgress,r)}catch(e){return Promise.reject(e)}const o=this.getAllAccounts();let i;this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Popup,t);const s=this.getPreGeneratedPkceCodes(r);if(this.canUsePlatformBroker(t))n.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative({...t,correlationId:r},Us.acquireTokenPopup).then((e=>(n.end({success:!0,isNativeBroker:!0},void 0,e.account),e))).catch((e=>{if(n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Zc&&Xc(e)){this.platformAuthProvider=void 0;return this.createPopupClient(r).acquireToken(t,s)}if(e instanceof Zn){this.logger.verbose("0yy5fw",r);return this.createPopupClient(r).acquireToken(t,s)}throw e}));else{i=this.createPopupClient(r).acquireToken(t,s)}return i.then((i=>{const s=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Popup,i),s&&this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,r,e.InteractionType.Popup,i.account),n.end({success:!0,accessTokenSize:i.accessToken.length,idTokenSize:i.idToken.length},void 0,i.account),this.verifySsoCapability(t,e.InteractionType.Popup),i})).catch((o=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Popup,null,o),n.end({success:!1},o,t.account),Promise.reject(o)))).finally((async()=>{this.browserStorage.setInteractionInProgress(!1),this.config.system.navigatePopups||await this.preGeneratePkceCodes(r)}))}trackStateChangeWithMeasurement(e){const t=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;t&&("visibilitychange"===e.type?(this.logger.info("0yzimq",t.event.correlationId),t.increment({visibilityChangeCount:1})):"online"===e.type?(this.logger.info("1caf53",t.event.correlationId),t.increment({onlineStatusChangeCount:1})):"offline"===e.type&&(this.logger.info("0fdyk7",t.event.correlationId),t.increment({onlineStatusChangeCount:1})))}addStateChangeListeners(e){document.addEventListener("visibilitychange",e),window.addEventListener("online",e),window.addEventListener("offline",e)}removeStateChangeListeners(e){document.removeEventListener("visibilitychange",e),window.removeEventListener("online",e),window.removeEventListener("offline",e)}getCachedSsoCapable(){try{const e=window.localStorage.getItem(pc);if(e){const t=JSON.parse(e);if(t&&"boolean"==typeof t.ssoCapable&&t.expiresOn&&Date.now()<t.expiresOn)return t.ssoCapable}}catch{}}verifySsoCapability(e,t){if(!this.config.auth.verifySSO)return;const r=pc;if(void 0!==this.getCachedSsoCapable())return void this.logger.verbose("13poou","");const n=ca(),o=this.performanceClient.startMeasurement(oc,n);o.add({"ext.interactionType":t}),this.logger.verbose("0pbr0i",n),setTimeout((()=>{const t={...e,correlationId:n};this.createSilentIframeClient(n).verifySso(t).then((e=>{this.logger.verbose("1gd1iv",n);try{const t=JSON.stringify({ssoCapable:e,expiresOn:Date.now()+864e5});window.localStorage.setItem(r,t)}catch{this.logger.warning("18lmoj",n)}o.end({fromCache:!1,success:e},void 0)})).catch((e=>{this.logger.warning("05g83w",n);try{window.localStorage.removeItem(r)}catch{this.logger.warning("0nlf9q",n)}o.end({fromCache:!1,success:!1},e)}))}),0)}async ssoSilent(t){const r=this.getRequestCorrelationId(t),n={...t,correlationId:r};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(ec,r),this.ssoSilentMeasurement?.add({scenarioId:t.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Lh(this.initialized,this.ssoSilentMeasurement,this.config,n),this.ssoSilentMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const o=this.getAllAccounts();let i;if(this.logger.verbose("0w1b45",r),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,n),this.canUsePlatformBroker(n))this.ssoSilentMeasurement?.add({isPlatformBrokerRequest:!0}),i=this.acquireTokenNative(n,Us.ssoSilent).catch((e=>{if(this.ssoSilentMeasurement?.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Zc&&Xc(e)){this.platformAuthProvider=void 0;return this.createSilentIframeClient(n.correlationId).acquireToken(n)}throw e}));else{i=this.createSilentIframeClient(n.correlationId).acquireToken(n)}return i.then((t=>{const n=o.length<this.getAllAccounts().length;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),n&&this.eventHandler.emitEvent(_c.LOGIN_SUCCESS,r,e.InteractionType.Silent,t.account),this.ssoSilentMeasurement?.end({success:!0,isNativeBroker:t.fromPlatformBroker,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t})).catch((n=>{throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,n),this.ssoSilentMeasurement?.end({success:!1},n,t.account),n})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenByCode(t){const r=this.getRequestCorrelationId(t);this.logger.trace("0ch6ga",r);const n=this.performanceClient.startMeasurement(Va,r);Lh(this.initialized,n,this.config,t),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,r,e.InteractionType.Silent,t),n.add({scenarioId:t.scenarioId});try{if(t.code&&t.nativeAccountId)throw ns(Fi);if(t.code){const o=t.code;let i=this.hybridAuthCodeResponses.get(o);return i?(this.logger.verbose("0qgp28",r),n.discard()):(this.logger.verbose("06eh73",r),i=this.acquireTokenByCodeAsync({...t,correlationId:r}).then((t=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,t),this.hybridAuthCodeResponses.delete(o),n.end({success:!0,accessTokenSize:t.accessToken.length,idTokenSize:t.idToken.length},void 0,t.account),t))).catch((t=>{throw this.hybridAuthCodeResponses.delete(o),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t})),this.hybridAuthCodeResponses.set(o,i)),await i}if(t.nativeAccountId){if(this.canUsePlatformBroker(t,t.nativeAccountId)){n.add({isPlatformBrokerRequest:!0});const e=await this.acquireTokenNative({...t,correlationId:r},Us.acquireTokenByCode,t.nativeAccountId).catch((e=>{throw n.add({brokerErrorName:e.name,brokerErrorCode:e.errorCode}),e instanceof Zc&&Xc(e)&&(this.platformAuthProvider=void 0),e}));return n.end({success:!0},void 0,e.account),e}throw ns(Ki)}throw ns(Hi)}catch(t){throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null,t),n.end({success:!1},t),t}}async acquireTokenByCodeAsync(e){const t=this.getRequestCorrelationId(e);this.logger.trace("10d9hy",t),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement("acquireTokenByCodeAsync",t),this.acquireTokenByCodeAsyncMeasurement?.increment({visibilityChangeCount:0,onlineStatusChangeCount:0}),this.addStateChangeListeners(this.trackStateChangeWithMeasurement);const r=this.createSilentAuthCodeClient(t);return await r.acquireToken(e).then((e=>(this.acquireTokenByCodeAsyncMeasurement?.end({success:!0,fromCache:e.fromCache}),e))).catch((e=>{throw this.acquireTokenByCodeAsyncMeasurement?.end({success:!1},e),e})).finally((()=>{this.removeStateChangeListeners(this.trackStateChangeWithMeasurement)}))}async acquireTokenFromCache(e,t){switch(t){case zs.Default:case zs.AccessToken:case zs.AccessTokenAndRefreshToken:const t=this.createSilentCacheClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentCacheClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Ae(It)}}async acquireTokenByRefreshToken(e,t){switch(t){case zs.Default:case zs.AccessTokenAndRefreshToken:case zs.RefreshToken:case zs.RefreshTokenAndNetwork:const t=this.createSilentRefreshClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentRefreshClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e);default:throw Ae(It)}}async acquireTokenBySilentIframe(e){const t=this.createSilentIframeClient(e.correlationId);return Ln(t.acquireToken.bind(t),"silentIframeClientAcquireToken",this.logger,this.performanceClient,e.correlationId)(e)}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);Fa(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0,_s);return this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);Ha(this.initialized),this.browserStorage.setInteractionInProgress(!0,_s);return this.createPopupClient(t).logout(e).finally((()=>{this.browserStorage.setInteractionInProgress(!1)}))}catch(e){return Promise.reject(e)}}async clearCache(e){if(!this.isBrowserEnvironment)return;const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return qc(this.logger,this.browserStorage,this.isBrowserEnvironment,this.getRequestCorrelationId(),e)}getAccount(e){return Nc(e,this.logger,this.browserStorage,this.getRequestCorrelationId())}setActiveAccount(e){Uc(e,this.browserStorage,this.getRequestCorrelationId())}getActiveAccount(){return Lc(this.browserStorage,this.getRequestCorrelationId())}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Jr(e.account,e.cloudGraphHostName,e.msGraphHost);if(await this.browserStorage.setAccount(r,e.correlationId,Ar(e.idTokenClaims),Us.hydrateCache),!e.fromPlatformBroker)return this.browserStorage.hydrateCache(e,t);{this.logger.verbose("1i5atf",e.correlationId);const r=wn(e.account.homeAccountId,e.account.environment,e.idToken,this.config.auth.clientId,e.tenantId),n=In(e.account.homeAccountId,e.account.environment,e.accessToken,this.config.auth.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?gn(e.expiresOn):0,e.extExpiresOn?gn(e.extExpiresOn):0,os,void 0,e.tokenType,void 0,t.sshKid);t.resource&&(n.resource=t.resource);const o=Ar(e.idTokenClaims);await this.browserStorage.setIdTokenCredential(r,e.correlationId,o),await this.nativeInternalStorage.setAccessTokenCredential(n,e.correlationId,o)}}async acquireTokenNative(e,t,r,n){const o=this.getRequestCorrelationId(e);if(this.logger.trace("0b9y3p",o),!this.platformAuthProvider)throw ns(ji);const i=new rh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.platformAuthProvider,r||this.getNativeAccountId(e),this.nativeInternalStorage,o);return Ln(i.acquireToken.bind(i),Bo,this.logger,this.performanceClient,o)(e,n)}canUsePlatformBroker(e,t){const r=this.getRequestCorrelationId(e);if(this.logger.trace("1n9lbl",r),!this.platformAuthProvider)return this.logger.trace("0vnu11",r),!1;if(!bh(this.config,this.logger,r,this.platformAuthProvider,e.authenticationScheme))return this.logger.trace("0yoy1g",r),!1;if(e.prompt)switch(e.prompt){case O.NONE:case O.CONSENT:case O.LOGIN:this.logger.trace("0vdv8e",r);break;default:return this.logger.trace("0pdzw6",r),!1}return!(!t&&!this.getNativeAccountId(e))||(this.logger.trace("16lbtk",r),!1)}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||(e.loginHint||e.sid?null:this.getActiveAccount());return t&&t.nativeAccountId||""}createPopupClient(e){return new Ah(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForPopupResponse)}createRedirectClient(e){return new Sh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider)}createSilentIframeClient(e){return new xh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Us.ssoSilent,this.performanceClient,this.nativeInternalStorage,e,this.platformAuthProvider,this.operatingContext.getResponseHandlers()?.waitForIframeResponse)}createSilentCacheClient(e){return new th(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentRefreshClient(e){return new qh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,e,this.platformAuthProvider)}createSilentAuthCodeClient(e){return new Uh(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Us.acquireTokenByCode,this.performanceClient,e,this.platformAuthProvider)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return Ua(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e?.correlationId?e.correlationId:this.isBrowserEnvironment?ca():""}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0lz9hf",t),this.acquireTokenRedirect({correlationId:t,...e||Ds})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("0qw7v5",t),this.acquireTokenPopup({correlationId:t,...e||Ds})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),r=this.performanceClient.startMeasurement(Qa,t);r.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId,ssoCapable:this.getCachedSsoCapable()}),Lh(this.initialized,r,this.config,e),this.logger.verbose("0x1c4s",t);const n=e.account||this.getActiveAccount();if(!n)throw ns(Si);return this.acquireTokenSilentDeduped(e,n,t).then((n=>(r.end({success:!0,fromCache:n.fromCache,accessTokenSize:n.accessToken.length,idTokenSize:n.idToken.length},void 0,n.account),{...n,state:e.state,correlationId:t}))).catch((e=>{throw e instanceof Ie&&e.setCorrelationId(t),r.end({success:!1},e,n),e}))}async acquireTokenSilentDeduped(e,t,r){const n=ho(this.config.auth.clientId,{...e,authority:e.authority||this.config.auth.authority},t.homeAccountId),o=JSON.stringify(n),i=this.activeSilentTokenRequests.get(o);if(void 0===i){this.logger.verbose("0fcjbk",r),this.performanceClient.addFields({deduped:!1},r);const n=Ln(this.acquireTokenSilentAsync.bind(this),"acquireTokenSilentAsync",this.logger,this.performanceClient,r)({...e,correlationId:r},t);return this.activeSilentTokenRequests.set(o,n),n.finally((()=>{this.activeSilentTokenRequests.delete(o)}))}return this.logger.verbose("1yq7nb",r),this.performanceClient.addFields({deduped:!0},r),i}async acquireTokenSilentAsync(t,r){const n=e=>this.trackStateChange(t.correlationId,e);this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,t.correlationId,e.InteractionType.Silent,t),t.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0,onlineStatusChangeCount:0},t.correlationId),this.addStateChangeListeners(n);const o=await Ln($c,"initializeSilentRequest",this.logger,this.performanceClient,t.correlationId)(t,r,this.config,this.performanceClient,this.logger),i=t.cacheLookupPolicy||zs.Default;return this.acquireTokenSilentNoIframe(o,i).catch((async e=>{const r=function(e,t){const r=!(e instanceof Zn&&e.subError!==Wn),n=e.errorCode===ss||e.errorCode===It,o=r&&n||e.errorCode===Dn||e.errorCode===Bn,i=js.includes(t);return o&&i}(e,i);if(r){const r=`${e.errorCode}${e.subError?`|${e.subError}`:""}`;if(this.performanceClient.addFields({silentRefreshReason:r},t.correlationId),this.activeIframeRequest){if(i!==zs.Skip){const[t,r]=this.activeIframeRequest;this.logger.verbose("1w8fso",o.correlationId);const n=this.performanceClient.startMeasurement("awaitConcurrentIframe",o.correlationId);n.add({awaitIframeCorrelationId:r});const s=await t;if(n.end({success:s}),s)return this.logger.verbose("0ywzzi",o.correlationId),this.acquireTokenSilentNoIframe(o,i);throw this.logger.info("17y14q",o.correlationId),e}return this.logger.warning("1bd4p8",o.correlationId),Ln(this.acquireTokenBySilentIframe.bind(this),zo,this.logger,this.performanceClient,o.correlationId)(o)}{let e;return this.activeIframeRequest=[new Promise((t=>{e=t})),o.correlationId],this.logger.verbose("0rh08z",o.correlationId),Ln(this.acquireTokenBySilentIframe.bind(this),zo,this.logger,this.performanceClient,o.correlationId)(o).then((t=>(e(!0),t))).catch((t=>{throw e(!1),t})).finally((()=>{this.activeIframeRequest=void 0}))}}throw e})).then((r=>(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,t.correlationId,e.InteractionType.Silent,r),t.correlationId&&this.performanceClient.addFields({fromCache:r.fromCache,isNativeBroker:r.fromPlatformBroker},t.correlationId),r))).catch((r=>{throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,t.correlationId,e.InteractionType.Silent,null,r),r})).finally((()=>{this.removeStateChangeListeners(n)}))}async acquireTokenSilentNoIframe(t,r){return bh(this.config,this.logger,t.correlationId,this.platformAuthProvider,t.authenticationScheme)&&t.account.nativeAccountId?(this.logger.verbose("0sczo4",t.correlationId),this.performanceClient.addFields({isPlatformBrokerRequest:!0},t.correlationId),this.acquireTokenNative(t,Us.acquireTokenSilent_silentFlow,t.account.nativeAccountId,r).catch((async e=>{if(this.performanceClient.addFields({brokerErrorName:e.name,brokerErrorCode:e.errorCode},t.correlationId),e instanceof Zc&&Xc(e))throw this.logger.verbose("07rkmb",t.correlationId),this.platformAuthProvider=void 0,Ae(It);throw e}))):(this.logger.verbose("0ox81t",t.correlationId),r===zs.AccessToken&&this.logger.verbose("0fvwxe",t.correlationId),Ln(this.acquireTokenFromCache.bind(this),"acquireTokenFromCache",this.logger,this.performanceClient,t.correlationId)(t,r).catch((n=>{if(r===zs.AccessToken)throw n;return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_NETWORK_START,t.correlationId,e.InteractionType.Silent,t),Ln(this.acquireTokenByRefreshToken.bind(this),"acquireTokenByRefreshToken",this.logger,this.performanceClient,t.correlationId)(t,r)})))}async preGeneratePkceCodes(e){return this.logger.verbose("1x6uj6",e),this.pkceCode=await Ln(gh,ri,this.logger,this.performanceClient,e)(this.performanceClient,this.logger,e),Promise.resolve()}getPreGeneratedPkceCodes(e){const t=this.pkceCode?{...this.pkceCode}:void 0;return this.pkceCode=void 0,t?this.logger.verbose("12js1o",e):this.logger.verbose("1oe9ci",e),this.performanceClient.addFields({usePreGeneratedPkce:!!t},e),t}logMultipleInstances(e,t){const r=this.config.auth.clientId;if(!window)return;window.msal=window.msal||{},window.msal.clientIds=window.msal.clientIds||[];window.msal.clientIds.length>0&&this.logger.verbose("1qtz3l",t),window.msal.clientIds.push(r),function(e,t,r,n){const o=window.msal?.clientIds||[],i=o.length,s=o.filter((t=>t===e)).length;s>1&&r.warning("1e88vg",n),t.add({msalInstanceCount:i,sameClientIdInstanceCount:s})}(r,e,this.logger,t)}}class Fh{static loggerCallback(t,r){switch(t){case e.LogLevel.Error:return void console.error(r);case e.LogLevel.Info:return void console.info(r);case e.LogLevel.Verbose:return void console.debug(r);case e.LogLevel.Warning:return void console.warn(r);default:return void console.log(r)}}constructor(t,r){let n;this.browserEnvironment="undefined"!=typeof window,this.config=Ch(t,this.browserEnvironment),this.responseHandlers=r;try{n=window[Ts.SessionStorage]}catch(e){}const o=n?.getItem(cc),i=n?.getItem(hc)?.toLowerCase(),s="true"===i||"false"!==i&&void 0,a={...this.config.system.loggerOptions},c=o&&Object.keys(e.LogLevel).includes(o)?e.LogLevel[o]:void 0;c&&(a.loggerCallback=Fh.loggerCallback,a.logLevel=c),void 0!==s&&(a.piiLoggingEnabled=s),this.logger=new yr(a,Ec,Pc),this.available=!1}getConfig(){return this.config}getResponseHandlers(){return this.responseHandlers}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}class Dh extends Fh{getModuleName(){return Dh.MODULE_NAME}getId(){return Dh.ID}async initialize(e){return this.available="undefined"!=typeof window,this.available}}Dh.MODULE_NAME="",Dh.ID="StandardOperatingContext";const Kh="USER_INTERACTION_REQUIRED",Bh="USER_CANCEL",zh="NO_NETWORK",jh="TRANSIENT_ERROR",$h="PERSISTENT_ERROR",Jh="DISABLED",Wh="ACCOUNT_UNAVAILABLE",Gh="NESTED_APP_AUTH_UNAVAILABLE";class Qh{constructor(e,t,r,n){this.clientId=e,this.clientCapabilities=t,this.crypto=r,this.logger=n}toNaaTokenRequest(e){let t;t=void 0===e.extraQueryParameters?new Map:new Map(Object.entries(e.extraQueryParameters));const r=e.correlationId||this.crypto.createNewGuid(),n=tr(e.claims,this.clientCapabilities),o=e.scopes||m;return{platformBrokerId:e.account?.homeAccountId,clientId:this.clientId,authority:e.authority,resource:e.resource,scope:o.join(" "),correlationId:r,claims:Te.isEmptyObj(n)?void 0:n,state:e.state,authenticationScheme:e.authenticationScheme||Q.BEARER,extraParameters:t}}fromNaaTokenResponse(e,t,r){if(!t.token.id_token||!t.token.access_token)throw Ae(Ze);const n=pn(r+(t.token.expires_in||0)),o=br(t.token.id_token,this.crypto.base64Decode),i=this.fromNaaAccountInfo(t.account,t.token.id_token,o),s=t.token.scope||e.scope;return{authority:t.token.authority||i.environment,uniqueId:i.localAccountId,tenantId:i.tenantId,scopes:s.split(" "),account:i,idToken:t.token.id_token,idTokenClaims:o,accessToken:t.token.access_token,fromCache:!1,expiresOn:n,tokenType:e.authenticationScheme||Q.BEARER,correlationId:e.correlationId,extExpiresOn:n,state:e.state}}fromNaaAccountInfo(e,t,r){const n=r||e.idTokenClaims,o=e.localAccountId||n?.oid||n?.sub||"",i=e.tenantId||zr(n)||"",s=e.homeAccountId||`${o}.${i}`,a=e.environment;if(!a)throw Ae(ft);const c=n?.preferred_username||n?.upn,h=n?.emails?.[0]||null,l=e.username||c||h||"",d=e.name||n?.name||"",u=e.loginHint||n?.login_hint,g=new Map,p=kr(s,o,i,n);g.set(i,p);return{homeAccountId:s,environment:a,tenantId:i,username:l,localAccountId:o,name:d,loginHint:u,idToken:t,idTokenClaims:n,tenantProfiles:g}}fromBridgeError(e){if(!function(e){return void 0!==e.status}(e))return new Ie("unknown_error","An unknown error occurred");switch(e.status){case Bh:return new be(St);case zh:return new be(At);case Wh:return new be(yt);case Jh:return new be(Et);case Gh:return new be(e.code||Et,e.description);case jh:case $h:return new to(e.code,e.description);case Kh:return new Zn(e.code,e.description);default:return new Ie(e.code,e.description)}}toAuthenticationResultFromCache(e,t,r,n,o){if(!t||!r)throw Ae(Ze);const i=br(t.secret,this.crypto.base64Decode),s=r.target||n.scopes.join(" ");return{authority:r.environment||e.environment,uniqueId:e.localAccountId,tenantId:e.tenantId,scopes:s.split(" "),account:e,idToken:t.secret,idTokenClaims:i||{},accessToken:r.secret,fromCache:!0,expiresOn:pn(r.expiresOn),extExpiresOn:pn(r.extendedExpiresOn),tokenType:n.authenticationScheme||Q.BEARER,correlationId:o,state:n.state}}}class Vh extends Ie{constructor(e,t){super(e,t),Object.setPrototypeOf(this,Vh.prototype),this.name="NestedAppAuthError"}static createUnsupportedError(){return new Vh("unsupported_method")}}class Yh{constructor(e){this.operatingContext=e;const t=this.operatingContext.getBridgeProxy();if(void 0===t)throw new Error("unexpected: bridgeProxy is undefined");this.bridgeProxy=t,this.config=e.getConfig(),this.logger=this.operatingContext.getLogger(),this.performanceClient=this.config.telemetry.client,this.browserCrypto=e.isBrowserEnvironment()?new Wa(this.logger,this.performanceClient,!0):gr,this.eventHandler=new Hc(this.logger),this.browserStorage=this.operatingContext.isBrowserEnvironment()?new Oc(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,this.performanceClient,this.eventHandler,Co(this.config.auth)):xc(this.config.auth.clientId,this.logger,this.performanceClient,this.eventHandler),this.nestedAppAuthAdapter=new Qh(this.config.auth.clientId,this.config.auth.clientCapabilities,this.browserCrypto,this.logger);const r=this.bridgeProxy.getAccountContext();this.currentAccountContext=r||null}static async createController(e){const t=new Yh(e);return Promise.resolve(t)}async initialize(e,t){const r=e?.correlationId||ca();return await this.browserStorage.initialize(r),Promise.resolve()}ensureValidRequest(e){return e?.correlationId?e:{...e,correlationId:this.browserCrypto.createNewGuid()}}async acquireTokenInteractive(t){const r=this.ensureValidRequest(t),n=r.correlationId||ca();this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,n,e.InteractionType.Popup,r);const o=this.performanceClient.startMeasurement(Ya,n);o.add({nestedAppAuthRequest:!0});try{Po(this.config.auth.isMcp,r);const i=this.nestedAppAuthAdapter.toNaaTokenRequest(r),s=un(),a=await this.bridgeProxy.getTokenInteractive(i),c={...this.nestedAppAuthAdapter.fromNaaTokenResponse(i,a,s)};try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Popup,c),o.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),o.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const i=r instanceof Ie?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Popup,null,r),o.end({success:!1},r,t.account),i}}async acquireTokenSilentInternal(t){const r=this.ensureValidRequest(t),n=r.correlationId||ca();this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_START,n,e.InteractionType.Silent,r);const o=await this.acquireTokenFromCache(r);if(o)return this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,o),o;const i=this.performanceClient.startMeasurement(ec,n);i.increment({visibilityChangeCount:0}),i.add({nestedAppAuthRequest:!0});try{Po(this.config.auth.isMcp,r);const o=this.nestedAppAuthAdapter.toNaaTokenRequest(r);o.forceRefresh=r.forceRefresh;const s=un(),a=await this.bridgeProxy.getTokenSilent(o),c=this.nestedAppAuthAdapter.fromNaaTokenResponse(o,a,s);try{await this.hydrateCache(c,t)}catch(e){this.logger.warningPii("1mwr91",n)}return this.currentAccountContext={homeAccountId:c.account.homeAccountId,environment:c.account.environment,tenantId:c.account.tenantId},this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,n,e.InteractionType.Silent,c),i?.add({accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length}),i?.end({success:!0,requestId:c.requestId},void 0,c.account),c}catch(r){const o=r instanceof Ie?r:this.nestedAppAuthAdapter.fromBridgeError(r);throw this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,n,e.InteractionType.Silent,null,r),i?.end({success:!1},r,t.account),o}}async acquireTokenFromCache(t){const r=t.correlationId||ca(),n=this.performanceClient.startMeasurement(Qa,r);if(n?.add({nestedAppAuthRequest:!0}),t.claims)return this.logger.verbose("11t57w",r),null;if(t.forceRefresh)return this.logger.verbose("1ovnmo",r),null;let o=null;switch(t.cacheLookupPolicy||(t.cacheLookupPolicy=zs.Default),t.cacheLookupPolicy){case zs.Default:case zs.AccessToken:case zs.AccessTokenAndRefreshToken:o=await this.acquireTokenFromCacheInternal(t);break;default:return null}return o?(this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_SUCCESS,r,e.InteractionType.Silent,o),n.add({accessTokenSize:o.accessToken.length,idTokenSize:o.idToken.length}),n.end({success:!0},void 0,o.account),o):(this.logger.warning("1yb4fi",r),this.eventHandler.emitEvent(_c.ACQUIRE_TOKEN_FAILURE,r,e.InteractionType.Silent,null),n.end({success:!1},void 0,t.account),null)}async acquireTokenFromCacheInternal(e){const t=this.bridgeProxy.getAccountContext()||this.currentAccountContext,r=e.correlationId||ca();let n=null;if(t&&(n=Nc(t,this.logger,this.browserStorage,r)),!n)return this.logger.verbose("10qnr0",r),Promise.resolve(null);this.logger.verbose("1u7hux",r);const o={...e,correlationId:r,authority:e.authority||n.environment,scopes:e.scopes?.length?e.scopes:[...m]},i=this.browserStorage.getTokenKeys(),s=this.browserStorage.getAccessToken(n,o,i,n.tenantId);if(!s)return this.logger.verbose("03vm49",r),Promise.resolve(null);if(yn(s.cachedAt)||mn(s.expiresOn,this.config.system.tokenRenewalOffsetSeconds))return this.logger.verbose("18egye",r),Promise.resolve(null);if(o.resource){const e=o.resource,t=s.resource;if(!t||t!==e)return this.logger.verbose("0qraxd",r),Promise.resolve(null)}const a=this.browserStorage.getIdToken(n,o.correlationId,i,n.tenantId);return a?this.nestedAppAuthAdapter.toAuthenticationResultFromCache(n,a,s,o,o.correlationId):(this.logger.verbose("0d68kd",r),Promise.resolve(null))}async acquireTokenPopup(e){return this.acquireTokenInteractive(e)}acquireTokenRedirect(e){throw Vh.createUnsupportedError()}async acquireTokenSilent(e){return this.acquireTokenSilentInternal(e)}acquireTokenByCode(e){throw Vh.createUnsupportedError()}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){throw Vh.createUnsupportedError()}removePerformanceCallback(e){throw Vh.createUnsupportedError()}getAllAccounts(e){return qc(this.logger,this.browserStorage,this.isBrowserEnv(),ca(),e)}getAccount(e){return Nc(e,this.logger,this.browserStorage,ca())}setActiveAccount(e){return Uc(e,this.browserStorage,ca())}getActiveAccount(){return Lc(this.browserStorage,ca())}handleRedirectPromise(e){return Promise.resolve(null)}loginPopup(e){return this.acquireTokenInteractive(e||Ds)}loginRedirect(e){throw Vh.createUnsupportedError()}logoutRedirect(e){throw Vh.createUnsupportedError()}logoutPopup(e){throw Vh.createUnsupportedError()}ssoSilent(e){return this.acquireTokenSilentInternal(e)}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){}setNavigationClient(e){this.logger.warning("1k8729","")}getConfiguration(){return this.config}isBrowserEnv(){return this.operatingContext.isBrowserEnvironment()}getBrowserCrypto(){return this.browserCrypto}getPerformanceClient(){throw Vh.createUnsupportedError()}getRedirectResponse(){throw Vh.createUnsupportedError()}async clearCache(e){throw Vh.createUnsupportedError()}async hydrateCache(e,t){this.logger.verbose("16jycr",e.correlationId);const r=Jr(e.account,e.cloudGraphHostName,e.msGraphHost);return await this.browserStorage.setAccount(r,e.correlationId,Ar(e.idTokenClaims),Us.hydrateCache),this.browserStorage.hydrateCache(e,t)}}class Zh{static async initializeNestedAppAuthBridge(){if(void 0===window)throw new Error("window is undefined");if(void 0===window.nestedAppAuthBridge)throw new Error("window.nestedAppAuthBridge is undefined");try{window.nestedAppAuthBridge.addEventListener("message",(e=>{const t="string"==typeof e?e:e.data,r=JSON.parse(t),n=Zh.bridgeRequests.find((e=>e.requestId===r.requestId));void 0!==n&&(Zh.bridgeRequests.splice(Zh.bridgeRequests.indexOf(n),1),r.success?n.resolve(r):n.reject(r.error))}));const e=await new Promise(((e,t)=>{const r=Zh.buildRequest("GetInitContext"),n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Zh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}));return Zh.validateBridgeResultOrThrow(e.initContext)}catch(e){throw window.console.log(e),e}}getTokenInteractive(e){return this.getToken("GetTokenPopup",e)}getTokenSilent(e){return this.getToken("GetToken",e)}async getToken(e,t){const r=await this.sendRequest(e,{tokenParams:t});return{token:Zh.validateBridgeResultOrThrow(r.token),account:Zh.validateBridgeResultOrThrow(r.account)}}getHostCapabilities(){return this.capabilities??null}getAccountContext(){return this.accountContext?this.accountContext:null}static buildRequest(e,t){return{messageType:"NestedAppAuthRequest",method:e,requestId:ca(),sendTime:Date.now(),clientLibrary:ls,clientLibraryVersion:Pc,...t}}sendRequest(e,t){const r=Zh.buildRequest(e,t);return new Promise(((e,t)=>{const n={requestId:r.requestId,method:r.method,resolve:e,reject:t};Zh.bridgeRequests.push(n),window.nestedAppAuthBridge.postMessage(JSON.stringify(r))}))}static validateBridgeResultOrThrow(e){if(void 0===e){throw{status:Gh}}return e}constructor(e,t,r,n){this.sdkName=e,this.sdkVersion=t,this.accountContext=r,this.capabilities=n}static async create(){const e=await Zh.initializeNestedAppAuthBridge();return new Zh(e.sdkName,e.sdkVersion,e.accountContext,e.capabilities)}}Zh.bridgeRequests=[];class Xh extends Fh{constructor(){super(...arguments),this.bridgeProxy=void 0,this.accountContext=null}getModuleName(){return Xh.MODULE_NAME}getId(){return Xh.ID}getBridgeProxy(){return this.bridgeProxy}async initialize(e){const t=e||"";try{if("undefined"!=typeof window){"function"==typeof window.__initializeNestedAppAuth&&await window.__initializeNestedAppAuth();const e=await Zh.create();this.accountContext=e.getAccountContext(),this.bridgeProxy=e,this.available=void 0!==e}}catch(e){this.logger.infoPii("1mdxyj",t)}return this.logger.info("12jy9a",t),this.available}}Xh.MODULE_NAME="",Xh.ID="NestedAppOperatingContext";class el{constructor(e,t){this.controller=t||new Hh(new Dh(e,{waitForPopupResponse:this.waitForPopupResponse.bind(this),waitForIframeResponse:this.waitForIframeResponse.bind(this)}))}async waitForPopupResponse(e,t,r){const n=this.controller;return Ra(n.getConfiguration().system.popupBridgeTimeout,n.getLogger(),e,n.getPerformanceClient())}async waitForIframeResponse(e,t){const r=this.controller,n=r.getConfiguration();return Ra(n.system.iframeBridgeTimeout,r.getLogger(),t,r.getPerformanceClient(),n.experimental)}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}getAccount(e){return this.controller.getAccount(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}async function tl(e){const t=new el(e);return await t.initialize(),t}const rl={initialize:()=>Promise.reject(ka(wa)),acquireTokenPopup:()=>Promise.reject(ka(wa)),acquireTokenRedirect:()=>Promise.reject(ka(wa)),acquireTokenSilent:()=>Promise.reject(ka(wa)),acquireTokenByCode:()=>Promise.reject(ka(wa)),getAllAccounts:()=>[],getAccount:()=>null,handleRedirectPromise:()=>Promise.reject(ka(wa)),loginPopup:()=>Promise.reject(ka(wa)),loginRedirect:()=>Promise.reject(ka(wa)),logoutRedirect:()=>Promise.reject(ka(wa)),logoutPopup:()=>Promise.reject(ka(wa)),ssoSilent:()=>Promise.reject(ka(wa)),addEventCallback:()=>null,removeEventCallback:()=>{},addPerformanceCallback:()=>"",removePerformanceCallback:()=>!1,getLogger:()=>{throw ka(wa)},setLogger:()=>{},setActiveAccount:()=>{},getActiveAccount:()=>null,initializeWrapperLibrary:()=>{},setNavigationClient:()=>{},getConfiguration:()=>{throw ka(wa)},hydrateCache:()=>Promise.reject(ka(wa)),clearCache:()=>Promise.reject(ka(wa))};async function nl(e,t,r,n,o,i,s,a,c){if(o.verbose("0ke46k",r),e.account){const t=Jr(e.account);return await n.setAccount(t,r,Ar(a||{}),Us.loadExternalTokens),t}if(!t&&!a)throw o.error("0hzcn4",r),ns(Ni);const h=Wr(t,s.authorityType,o,i,r,a),l=a?.tid,d=io(n,s,h,os,r,a,t,s.getPreferredCache(),l,void 0,void 0,o,c);return await n.setAccount(d,r,Ar(a||{}),Us.loadExternalTokens),d}async function ol(e,t,r,n,o,i,s,a,c){if(!e.id_token)return a.verbose("1pm7g1",i),null;a.verbose("168lyi",i);const h=wn(t,r,e.id_token,c,n);return await s.setIdTokenCredential(h,i,o),h}async function il(e,t,r,n,o,i,s,a,c,h,l){if(!t.access_token)return h.verbose("1ckp9e",a),null;if(!t.expires_in)return h.error("15mzx8",a),null;if(!(t.scope||e.scopes&&e.scopes.length))return h.error("1h7xse",a),null;h.verbose("01kmxb",a);const d=t.scope?Mt.fromString(t.scope):new Mt(e.scopes),u=s.expiresOn||t.expires_in+un(),g=s.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+un(),p=In(r,n,t.access_token,l,o,d.printScopes(),u,g,os);return await c.setAccessTokenCredential(p,a,i),p}async function sl(e,t,r,n,o,i,s,a,c){if(!e.refresh_token)return s.verbose("1l7um5",o),null;const h=e.refresh_token_expires_in?e.refresh_token_expires_in+un():void 0;c.addFields({extRtExpiresOnSeconds:h},o),s.verbose("0qy8ev",o);const l=Cn(t,r,e.refresh_token,a,e.foci,void 0,h);return await i.setRefreshTokenCredential(l,o,n),l}function al(){let e;try{e=window[Ts.SessionStorage];const t=e?.getItem(lc);if(1===Number(t))return Promise.resolve().then((function(){return dl}))}catch(e){}}function cl(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.now}function hl(e){if(e&&cl())return Math.round(window.performance.now()-e)}class ll{constructor(e,t){this.correlationId=t,this.measureName=ll.makeMeasureName(e,t),this.startMark=ll.makeStartMark(e,t),this.endMark=ll.makeEndMark(e,t)}static makeMeasureName(e,t){return`msal.measure.${e}.${t}`}static makeStartMark(e,t){return`msal.start.${e}.${t}`}static makeEndMark(e,t){return`msal.end.${e}.${t}`}static supportsBrowserPerformance(){return"undefined"!=typeof window&&void 0!==window.performance&&"function"==typeof window.performance.mark&&"function"==typeof window.performance.measure&&"function"==typeof window.performance.clearMarks&&"function"==typeof window.performance.clearMeasures&&"function"==typeof window.performance.getEntriesByName}static flushMeasurements(e,t){if(ll.supportsBrowserPerformance())try{t.forEach((t=>{const r=ll.makeMeasureName(t.name,e);window.performance.getEntriesByName(r,"measure").length>0&&(window.performance.clearMeasures(r),window.performance.clearMarks(ll.makeStartMark(r,e)),window.performance.clearMarks(ll.makeEndMark(r,e)))}))}catch(e){}}startMeasurement(){if(ll.supportsBrowserPerformance())try{window.performance.mark(this.startMark)}catch(e){}}endMeasurement(){if(ll.supportsBrowserPerformance())try{window.performance.mark(this.endMark),window.performance.measure(this.measureName,this.startMark,this.endMark)}catch(e){}}flushMeasurement(){if(ll.supportsBrowserPerformance())try{const e=window.performance.getEntriesByName(this.measureName,"measure");if(e.length>0){const t=e[0].duration;return window.performance.clearMeasures(this.measureName),window.performance.clearMarks(this.startMark),window.performance.clearMarks(this.endMark),t}}catch(e){}return null}}var dl=Object.freeze({__proto__:null,BrowserPerformanceMeasurement:ll});const ul=Q,gl=q,pl=O,ml=ce,fl=m;e.ApiId=Us,e.AuthError=Ie,e.AuthErrorCodes=Mo,e.AuthenticationHeaderParser=class{constructor(e){this.headers=e}getShrNonce(){const e=this.headers[k];if(e){const t=this.parseChallenges(e);if(t.nextnonce)return t.nextnonce;throw ke(Ke)}const t=this.headers[v];if(t){const e=this.parseChallenges(t);if(e.nonce)return e.nonce;throw ke(Ke)}throw ke(De)}parseChallenges(e){const t=e.indexOf(" "),r=e.substr(t+1).split(","),n={};return r.forEach((e=>{const[t,r]=e.split("=");n[t]=unescape(r.replace(/['"]+/g,""))})),n}},e.AuthenticationScheme=ul,e.AzureCloudInstance=Cr,e.BrowserAuthError=rs,e.BrowserAuthErrorCodes=es,e.BrowserCacheLocation=Ts,e.BrowserConfigurationAuthError=va,e.BrowserConfigurationAuthErrorCodes=Ca,e.BrowserPerformanceClient=class extends Do{constructor(e,r){super(e.auth.clientId,e.auth.authority||`${t}`,new yr(e.system?.loggerOptions||{},Ec,Pc),Ec,Pc,e.telemetry?.application||{appName:"",appVersion:""},r)}generateId(){return ca()}getPageVisibility(){return document.visibilityState?.toString()||null}getOnlineStatus(){return"undefined"!=typeof navigator?navigator.onLine:null}deleteIncompleteSubMeasurements(e){al()?.then((t=>{const r=this.eventsByCorrelationId.get(e.event.correlationId),n=r&&r.eventId===e.event.eventId,o=[];n&&r?.incompleteSubMeasurements&&r.incompleteSubMeasurements.forEach((e=>{o.push({...e})})),t.BrowserPerformanceMeasurement.flushMeasurements(e.event.correlationId,o)}))}startMeasurement(e,t){const r=this.getPageVisibility(),n=this.getOnlineStatus(),o=super.startMeasurement(e,t),i=cl()?window.performance.now():void 0,s=al()?.then((t=>new t.BrowserPerformanceMeasurement(e,o.event.correlationId)));return s?.then((e=>e.startMeasurement())),{...o,end:(e,t,a)=>{const c=function(){if("undefined"==typeof window||!window.navigator)return{};const e="connection"in window.navigator?window.navigator.connection:void 0;return{effectiveType:e?.effectiveType,rtt:e?.rtt}}(),h=o.end({...e,startPageVisibility:r,startOnlineStatus:n,endPageVisibility:this.getPageVisibility(),durationMs:hl(i),networkEffectiveType:c.effectiveType,networkRtt:c.rtt},t,a);return s?.then((e=>e.endMeasurement())),this.deleteIncompleteSubMeasurements(o),h},discard:()=>{o.discard(),s?.then((e=>e.flushMeasurement())),this.deleteIncompleteSubMeasurements(o)}}}},e.BrowserPerformanceMeasurement=ll,e.BrowserRootPerformanceEvents=ic,e.BrowserUtils=za,e.CacheLookupPolicy=zs,e.ClientAuthError=be,e.ClientAuthErrorCodes=Ot,e.ClientConfigurationError=ve,e.ClientConfigurationErrorCodes=Ge,e.DEFAULT_IFRAME_TIMEOUT_MS=1e4,e.EventHandler=Hc,e.EventMessageUtils=class{static getInteractionStatusFromEvent(t,r){switch(t.eventType){case _c.ACQUIRE_TOKEN_START:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup)return Fs.AcquireToken;break;case _c.HANDLE_REDIRECT_START:return Fs.HandleRedirect;case _c.LOGOUT_START:return Fs.Logout;case _c.LOGOUT_END:if(r&&r!==Fs.Logout)break;return Fs.None;case _c.HANDLE_REDIRECT_END:if(r&&r!==Fs.HandleRedirect)break;return Fs.None;case _c.ACQUIRE_TOKEN_SUCCESS:case _c.ACQUIRE_TOKEN_FAILURE:case _c.RESTORE_FROM_BFCACHE:if(t.interactionType===e.InteractionType.Redirect||t.interactionType===e.InteractionType.Popup){if(r&&r!==Fs.AcquireToken)break;return Fs.None}}return null}},e.EventType=_c,e.InteractionRequiredAuthError=Zn,e.InteractionRequiredAuthErrorCodes=Qn,e.InteractionStatus=Fs,e.JsonWebTokenTypes=ml,e.LocalStorage=Ac,e.Logger=yr,e.MemoryStorage=$a,e.NavigationClient=fh,e.OIDC_DEFAULT_SCOPES=fl,e.PromptValue=pl,e.ProtocolMode=jr,e.PublicClientApplication=el,e.ResponseMode=gl,e.ServerError=to,e.SessionStorage=Sc,e.SignedHttpRequest=class{constructor(e,t){const r=t&&t.loggerOptions||{};this.logger=new yr(r,Ec,Pc),this.cryptoOps=new Wa(this.logger),this.popTokenGenerator=new Fn(this.cryptoOps,new en),this.shrParameters=e}async generatePublicKeyThumbprint(){const{kid:e}=await this.popTokenGenerator.generateKid(this.shrParameters);return e}async signRequest(e,t,r){return this.popTokenGenerator.signPayload(e,t,this.shrParameters,r)}async removeKeys(e,t){return this.cryptoOps.removeTokenBindingKey(e,t)}},e.StubPerformanceClient=en,e.WrapperSKU={React:"@azure/msal-react",Angular:"@azure/msal-angular"},e.createNestablePublicClientApplication=async function(e,t,r){const n=new Xh(e);if(await n.initialize(t),n.isAvailable()){const o=t||ca(),i=new Yh(n),s=r?r(e,i):new el(e,i);return await s.initialize({correlationId:o}),s}return tl(e)},e.createStandardPublicClientApplication=tl,e.enforceResourceParameter=Po,e.isPlatformBrokerAvailable=async function(e,t,r,n){const o=new yr(t||{},Ec,Pc),i=r||new en;return"undefined"==typeof window?(o.trace("082ed3",n||ca()),!1):!!await Th(o,i,n||ca(),void 0,e)},e.loadExternalTokens=async function(e,t,r,n,o=new en){Ua();const i=Ch(e,!0),s=t.correlationId||ca(),a=o.startMeasurement(nc,s);try{const c=r.id_token?br(r.id_token,os):void 0,h=Ar(c||{}),l={protocolMode:i.system.protocolMode,knownAuthorities:i.auth.knownAuthorities,cloudDiscoveryMetadata:i.auth.cloudDiscoveryMetadata,authorityMetadata:i.auth.authorityMetadata},d=new yr(i.system.loggerOptions||{}),u=new Wa(d,i.telemetry.client),g=new Oc(i.auth.clientId,i.cache,u,d,i.telemetry.client,new Hc(d),Co(i.auth)),p=t.authority||i.auth.authority,m=await vo(wo.generateAuthority(p,t.azureCloudOptions),i.system.networkClient,g,l,d,s,o),f=await Ln(nl,"loadAccount",d,o,s)(t,n.clientInfo||r.client_info||"",s,g,d,u,m,c,o),y=await Ln(ol,"loadIdToken",d,o,s)(r,f.homeAccountId,f.environment,f.realm,h,s,g,d,e.auth.clientId),w=await Ln(il,"loadAccessToken",d,o,s)(t,r,f.homeAccountId,f.environment,f.realm,h,n,s,g,d,e.auth.clientId),I=await Ln(sl,"loadRefreshToken",d,o,s)(r,f.homeAccountId,f.environment,h,s,g,d,e.auth.clientId,o);return a.end({success:!0},void 0,$r(f)),function(e,t,r,n){let o,i="",s=[],a=null;t?.accessToken&&(i=t.accessToken.secret,s=Mt.fromString(t.accessToken.target).asArray(),a=pn(t.accessToken.expiresOn),o=pn(t.accessToken.extendedExpiresOn));const c=t.account;return{authority:r.canonicalAuthority,uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:s,account:$r(c),idToken:t.idToken?.secret||"",idTokenClaims:n||{},accessToken:i,fromCache:!0,expiresOn:a,correlationId:e.correlationId||"",requestId:"",extExpiresOn:o,familyId:t.refreshToken?.familyId||"",tokenType:t?.accessToken?.tokenType||"",state:e.state||"",cloudGraphHostName:c.cloudGraphHostName||"",msGraphHost:c.msGraphHost||"",fromPlatformBroker:!1}}(t,{account:f,idToken:y,accessToken:w,refreshToken:I},m,c)}catch(e){throw a.end({success:!1},e),e}},e.stubbedPublicClientApplication=rl,e.version=Pc}));