jplan-pack 0.5.50 → 0.5.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -53,7 +53,7 @@ Error Description: ${s.errorMessage}`);else{const c=s;this.logger.error(`A non-M
53
53
  Error: ${c.name}
54
54
  Error Description: ${c.message}`)}return null}return n||(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),n=Tt.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),n}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter(t=>t&&ye.getDomainFromUrl(t).toLowerCase()===this.hostnameAndPort).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==Kd.None){const i=t.tenant?t.tenant:P.DEFAULT_COMMON_TENANT;n=`${t.azureCloudInstance}/${i}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return P.DEFAULT_AUTHORITY_HOST;if(this.discoveryComplete())return this.metadata.preferred_cache;throw U(pr)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return zy.has(e)}static isPublicCloudAuthority(e){return P.KNOWN_PUBLIC_CLOUDS.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,n){const i=new ye(e);i.validateAsUri();const s=i.getUrlComponents();let c=`${t}.${s.HostNameAndPort}`;this.isPublicCloudAuthority(s.HostNameAndPort)&&(c=`${t}.${P.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`);const d=ye.constructAuthorityUriFromObject({...i.getUrlComponents(),HostNameAndPort:c}).urlString;return n?`${d}?${n}`:d}static replaceWithRegionalInformation(e,t){const n={...e};return n.authorization_endpoint=Tt.buildRegionalAuthorityString(n.authorization_endpoint,t),n.token_endpoint=Tt.buildRegionalAuthorityString(n.token_endpoint,t),n.end_session_endpoint&&(n.end_session_endpoint=Tt.buildRegionalAuthorityString(n.end_session_endpoint,t)),n}static transformCIAMAuthority(e){let t=e;const i=new ye(e).getUrlComponents();if(i.PathSegments.length===0&&i.HostNameAndPort.endsWith(P.CIAM_AUTH_URL)){const s=i.HostNameAndPort.split(".")[0];t=`${t}${s}${P.AAD_TENANT_DOMAIN_SUFFIX}`}return t}}Tt.reservedTenantDomains=new Set(["{tenant}","{tenantid}",Kr.COMMON,Kr.CONSUMERS,Kr.ORGANIZATIONS]);function e0(r){var i;const n=(i=new ye(r).getUrlComponents().PathSegments.slice(-1)[0])==null?void 0:i.toLowerCase();switch(n){case Kr.COMMON:case Kr.ORGANIZATIONS:case Kr.CONSUMERS:return;default:return n}}function jy(r){return r.endsWith(P.FORWARD_SLASH)?r:`${r}${P.FORWARD_SLASH}`}function t0(r){const e=r.cloudDiscoveryMetadata;let t;if(e)try{t=JSON.parse(e)}catch{throw Ne(Gd)}return{canonicalAuthority:r.authority?jy(r.authority):void 0,knownAuthorities:r.knownAuthorities,cloudDiscoveryMetadata:t}}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Yy(r,e,t,n,i,s,c){c==null||c.addQueueMeasurement(k.AuthorityFactoryCreateDiscoveredInstance,s);const d=Tt.transformCIAMAuthority(jy(r)),f=new Tt(d,e,t,n,i,s,c);try{return await B(f.resolveEndpointsAsync.bind(f),k.AuthorityResolveEndpointsAsync,i,c,s)(),f}catch{throw U(pr)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class Wr extends Fe{constructor(e,t,n,i,s){super(e,t,n),this.name="ServerError",this.errorNo=i,this.status=s,Object.setPrototypeOf(this,Wr.prototype)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class Yn{static generateThrottlingStorageKey(e){return`${aa.THROTTLING_PREFIX}.${JSON.stringify(e)}`}static preProcess(e,t){var s;const n=Yn.generateThrottlingStorageKey(t),i=e.getThrottlingCache(n);if(i){if(i.throttleTime<Date.now()){e.removeItem(n);return}throw new Wr(((s=i.errorCodes)==null?void 0:s.join(" "))||P.EMPTY_STRING,i.errorMessage,i.subError)}}static postProcess(e,t,n){if(Yn.checkResponseStatus(n)||Yn.checkResponseForRetryAfter(n)){const i={throttleTime:Yn.calculateThrottleTime(parseInt(n.headers[Ot.RETRY_AFTER])),error:n.body.error,errorCodes:n.body.error_codes,errorMessage:n.body.error_description,subError:n.body.suberror};e.setThrottlingCache(Yn.generateThrottlingStorageKey(t),i)}}static checkResponseStatus(e){return e.status===429||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return e.headers?e.headers.hasOwnProperty(Ot.RETRY_AFTER)&&(e.status<200||e.status>=300):!1}static calculateThrottleTime(e){const t=e<=0?0:e,n=Date.now()/1e3;return Math.floor(Math.min(n+(t||aa.DEFAULT_THROTTLE_TIME_SECONDS),n+aa.DEFAULT_MAX_THROTTLE_TIME_SECONDS)*1e3)}static removeThrottle(e,t,n,i){const s={clientId:t,authority:n.authority,scopes:n.scopes,homeAccountIdentifier:i,claims:n.claims,authenticationScheme:n.authenticationScheme,resourceRequestMethod:n.resourceRequestMethod,resourceRequestUri:n.resourceRequestUri,shrClaims:n.shrClaims,sshKid:n.sshKid},c=this.generateThrottlingStorageKey(s);e.removeItem(c)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class Oc extends Fe{constructor(e,t,n){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,Oc.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=n}}function Ym(r,e,t){return new Oc(r,e,t)}/*! @azure/msal-common v14.16.0 2024-11-05 */class eh{constructor(e,t){this.config=dP(e),this.logger=new zr(this.config.loggerOptions,Sy,$d),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const t={};if(t[Ot.CONTENT_TYPE]=P.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case on.HOME_ACCOUNT_ID:try{const n=ii(e.credential);t[Ot.CCS_HEADER]=`Oid:${n.uid}@${n.utid}`}catch(n){this.logger.verbose("Could not parse home account ID for CCS Header: "+n)}break;case on.UPN:t[Ot.CCS_HEADER]=`UPN: ${e.credential}`;break}return t}async executePostToTokenEndpoint(e,t,n,i,s,c){var f;c&&((f=this.performanceClient)==null||f.addQueueMeasurement(c,s));const d=await this.sendPostRequest(i,e,{body:t,headers:n},s);return this.config.serverTelemetryManager&&d.status<500&&d.status!==429&&this.config.serverTelemetryManager.clearTelemetryCache(),d}async sendPostRequest(e,t,n,i){var c,d,f;Yn.preProcess(this.cacheManager,e);let s;try{s=await B(this.networkClient.sendPostRequestAsync.bind(this.networkClient),k.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,i)(t,n);const g=s.headers||{};(d=this.performanceClient)==null||d.addFields({refreshTokenSize:((c=s.body.refresh_token)==null?void 0:c.length)||0,httpVerToken:g[Ot.X_MS_HTTP_VERSION]||"",requestId:g[Ot.X_MS_REQUEST_ID]||""},i)}catch(g){if(g instanceof Oc){const p=g.responseHeaders;throw p&&((f=this.performanceClient)==null||f.addFields({httpVerToken:p[Ot.X_MS_HTTP_VERSION]||"",requestId:p[Ot.X_MS_REQUEST_ID]||"",contentTypeHeader:p[Ot.CONTENT_TYPE]||void 0,contentLengthHeader:p[Ot.CONTENT_LENGTH]||void 0,httpStatus:g.httpStatus},i)),g.error}throw g instanceof Fe?g:U(ly)}return Yn.postProcess(this.cacheManager,e,s),s}async updateAuthority(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.UpdateTokenEndpointAuthority,t);const n=`https://${e}/${this.authority.tenant}/`,i=await Yy(n,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=i}createTokenQueryParameters(e){const t=new sa(e.correlationId,this.performanceClient);return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenQueryParameters&&t.addExtraQueryParameters(e.tokenQueryParameters),t.addCorrelationId(e.correlationId),t.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */const dc="no_tokens_found",Jy="native_account_unavailable",th="refresh_token_expired",n0="interaction_required",r0="consent_required",o0="login_required",Nc="bad_token";/*! @azure/msal-common v14.16.0 2024-11-05 */const Jm=[n0,r0,o0,Nc],i0=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],a0={[dc]:"No refresh token found in the cache. Please sign-in.",[Jy]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[th]:"Refresh token has expired.",[Nc]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve."};class Fn extends Fe{constructor(e,t,n,i,s,c,d,f){super(e,t,n),Object.setPrototypeOf(this,Fn.prototype),this.timestamp=i||P.EMPTY_STRING,this.traceId=s||P.EMPTY_STRING,this.correlationId=c||P.EMPTY_STRING,this.claims=d||P.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=f}}function Qm(r,e,t){const n=!!r&&Jm.indexOf(r)>-1,i=!!t&&i0.indexOf(t)>-1,s=!!e&&Jm.some(c=>e.indexOf(c)>-1);return n||s||i}function dd(r){return new Fn(r,a0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class Bn{static setRequestState(e,t,n){const i=Bn.generateLibraryState(e,n);return t?`${i}${P.RESOURCE_DELIM}${t}`:i}static generateLibraryState(e,t){if(!e)throw U(ad);const n={id:e.createNewGuid()};t&&(n.meta=t);const i=JSON.stringify(n);return e.base64Encode(i)}static parseRequestState(e,t){if(!e)throw U(ad);if(!t)throw U(hi);try{const n=t.split(P.RESOURCE_DELIM),i=n[0],s=n.length>1?n.slice(1).join(P.RESOURCE_DELIM):P.EMPTY_STRING,c=e.base64Decode(i),d=JSON.parse(c);return{userRequestState:s||P.EMPTY_STRING,libraryState:d}}catch{throw U(hi)}}}/*! @azure/msal-common v14.16.0 2024-11-05 */const s0={SW:"sw",UHW:"uhw"};class gi{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.PopTokenGenerateCnf,e.correlationId);const n=await B(this.generateKid.bind(this),k.PopTokenGenerateCnf,t,this.performanceClient,e.correlationId)(e),i=this.cryptoUtils.base64UrlEncode(JSON.stringify(n));return{kid:n.kid,reqCnfString:i}}async generateKid(e){var n;return(n=this.performanceClient)==null||n.addQueueMeasurement(k.PopTokenGenerateKid,e.correlationId),{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:s0.SW}}async signPopToken(e,t,n){return this.signPayload(e,t,n)}async signPayload(e,t,n,i){const{resourceRequestMethod:s,resourceRequestUri:c,shrClaims:d,shrNonce:f,shrOptions:g}=n,p=c?new ye(c):void 0,w=p==null?void 0:p.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:rr(),m:s==null?void 0:s.toUpperCase(),u:w==null?void 0:w.HostNameAndPort,nonce:f||this.cryptoUtils.createNewGuid(),p:w==null?void 0:w.AbsolutePath,q:w!=null&&w.QueryString?[[],w.QueryString]:void 0,client_claims:d||void 0,...i},t,g,n.correlationId)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class c0{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}/*! @azure/msal-common v14.16.0 2024-11-05 */function l0(r){var n,i;const e="code=",t=(n=r.error_uri)==null?void 0:n.lastIndexOf(e);return t&&t>=0?(i=r.error_uri)==null?void 0:i.substring(t+e.length):void 0}class mo{constructor(e,t,n,i,s,c,d){this.clientId=e,this.cacheStorage=t,this.cryptoObj=n,this.logger=i,this.serializableCache=s,this.persistencePlugin=c,this.performanceClient=d}validateServerAuthorizationCodeResponse(e,t){if(!e.state||!t)throw e.state?U(ic,"Cached State"):U(ic,"Server State");let n,i;try{n=decodeURIComponent(e.state)}catch{throw U(hi,e.state)}try{i=decodeURIComponent(t)}catch{throw U(hi,e.state)}if(n!==i)throw U(hy);if(e.error||e.error_description||e.suberror){const s=l0(e);throw Qm(e.error,e.error_description,e.suberror)?new Fn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",s):new Wr(e.error||"",e.error_description,e.suberror,s)}}validateTokenResponse(e,t){var n;if(e.error||e.error_description||e.suberror){const i=`Error(s): ${e.error_codes||P.NOT_AVAILABLE} - Timestamp: ${e.timestamp||P.NOT_AVAILABLE} - Description: ${e.error_description||P.NOT_AVAILABLE} - Correlation ID: ${e.correlation_id||P.NOT_AVAILABLE} - Trace ID: ${e.trace_id||P.NOT_AVAILABLE}`,s=(n=e.error_codes)!=null&&n.length?e.error_codes[0]:void 0,c=new Wr(e.error,i,e.suberror,s,e.status);if(t&&e.status&&e.status>=Ts.SERVER_ERROR_RANGE_START&&e.status<=Ts.SERVER_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.
55
55
  ${c}`);return}else if(t&&e.status&&e.status>=Ts.CLIENT_ERROR_RANGE_START&&e.status<=Ts.CLIENT_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.
56
- ${c}`);return}throw Qm(e.error,e.error_description,e.suberror)?new Fn(e.error,e.error_description,e.suberror,e.timestamp||P.EMPTY_STRING,e.trace_id||P.EMPTY_STRING,e.correlation_id||P.EMPTY_STRING,e.claims||P.EMPTY_STRING,s):c}}async handleServerTokenResponse(e,t,n,i,s,c,d,f,g){var T;(T=this.performanceClient)==null||T.addQueueMeasurement(k.HandleServerTokenResponse,e.correlation_id);let p;if(e.id_token){if(p=Co(e.id_token||P.EMPTY_STRING,this.cryptoObj.base64Decode),s&&s.nonce&&p.nonce!==s.nonce)throw U(fy);if(i.maxAge||i.maxAge===0){const b=p.auth_time;if(!b)throw U(Bd);Ay(b,i.maxAge)}}this.homeAccountIdentifier=it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,p);let w;s&&s.state&&(w=Bn.parseRequestState(this.cryptoObj,s.state)),e.key_id=e.key_id||i.sshKid||void 0;const C=this.generateCacheRecord(e,t,n,i,p,c,s);let S;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),S=new c0(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(S)),d&&!f&&C.account){const b=C.account.generateAccountKey();if(!this.cacheStorage.getAccount(b,this.logger))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await mo.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,void 0,g)}await this.cacheStorage.saveCacheRecord(C,i.storeInCache,i.correlationId)}finally{this.persistencePlugin&&this.serializableCache&&S&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(S))}return mo.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,e,g)}generateCacheRecord(e,t,n,i,s,c,d){const f=t.getPreferredCache();if(!f)throw U(Hd);const g=Vy(s);let p,w;e.id_token&&s&&(p=Ic(this.homeAccountIdentifier,f,e.id_token,this.clientId,g||""),w=nh(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,s,e.client_info,f,g,d,void 0,this.logger));let C=null;if(e.access_token){const b=e.scope?Ye.fromString(e.scope):new Ye(i.scopes||[]),N=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,K=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,H=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)||void 0,V=n+N,z=V+K,Q=H&&H>0?n+H:void 0;C=bc(this.homeAccountIdentifier,f,e.access_token,this.clientId,g||t.tenant||"",b.printScopes(),V,z,this.cryptoObj.base64Decode,Q,e.token_type,c,e.key_id,i.claims,i.requestedClaimsHash)}let S=null;if(e.refresh_token){let b;if(e.refresh_token_expires_in){const N=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;b=n+N}S=Iy(this.homeAccountIdentifier,f,e.refresh_token,this.clientId,e.foci,c,b)}let T=null;return e.foci&&(T={clientId:this.clientId,environment:f,familyId:e.foci}),{account:w,idToken:p,accessToken:C,refreshToken:S,appMetadata:T}}static async generateAuthenticationResult(e,t,n,i,s,c,d,f,g){var V,z,Q,we,W;let p=P.EMPTY_STRING,w=[],C=null,S,T,b=P.EMPTY_STRING;if(n.accessToken){if(n.accessToken.tokenType===Re.POP&&!s.popKid){const et=new gi(e),{secret:_e,keyId:Y}=n.accessToken;if(!Y)throw U(Vd);p=await et.signPopToken(_e,Y,s)}else p=n.accessToken.secret;w=Ye.fromString(n.accessToken.target).asArray(),C=new Date(Number(n.accessToken.expiresOn)*1e3),S=new Date(Number(n.accessToken.extendedExpiresOn)*1e3),n.accessToken.refreshOn&&(T=new Date(Number(n.accessToken.refreshOn)*1e3))}n.appMetadata&&(b=n.appMetadata.familyId===ia?ia:"");const N=(c==null?void 0:c.oid)||(c==null?void 0:c.sub)||"",K=(c==null?void 0:c.tid)||"";f!=null&&f.spa_accountid&&n.account&&(n.account.nativeAccountId=f==null?void 0:f.spa_accountid);const H=n.account?Jd(n.account.getAccountInfo(),void 0,c,(V=n.idToken)==null?void 0:V.secret):null;return{authority:t.canonicalAuthority,uniqueId:N,tenantId:K,scopes:w,account:H,idToken:((z=n==null?void 0:n.idToken)==null?void 0:z.secret)||"",idTokenClaims:c||{},accessToken:p,fromCache:i,expiresOn:C,extExpiresOn:S,refreshOn:T,correlationId:s.correlationId,requestId:g||P.EMPTY_STRING,familyId:b,tokenType:((Q=n.accessToken)==null?void 0:Q.tokenType)||P.EMPTY_STRING,state:d?d.userRequestState:P.EMPTY_STRING,cloudGraphHostName:((we=n.account)==null?void 0:we.cloudGraphHostName)||P.EMPTY_STRING,msGraphHost:((W=n.account)==null?void 0:W.msGraphHost)||P.EMPTY_STRING,code:f==null?void 0:f.spa_code,fromNativeBroker:!1}}}function nh(r,e,t,n,i,s,c,d,f,g,p){p==null||p.verbose("setCachedAccount called");const C=r.getAccountKeys().find(K=>K.startsWith(t));let S=null;C&&(S=r.getAccount(C,p));const T=S||it.createAccount({homeAccountId:t,idTokenClaims:i,clientInfo:s,environment:c,cloudGraphHostName:f==null?void 0:f.cloud_graph_host_name,msGraphHost:f==null?void 0:f.msgraph_host,nativeAccountId:g},e,n),b=T.tenantProfiles||[],N=d||T.realm;if(N&&!b.find(K=>K.tenantId===N)){const K=Yd(t,T.localAccountId,N,i);b.push(K)}return T.tenantProfiles=b,T}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Qy(r,e,t){return typeof r=="string"?r:r({clientId:e,tokenEndpoint:t})}/*! @azure/msal-common v14.16.0 2024-11-05 */class Xy extends eh{constructor(e,t){var n;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(n=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:n.defaultScopes}async getAuthCodeUrl(e){var n;(n=this.performanceClient)==null||n.addQueueMeasurement(k.GetAuthCodeUrl,e.correlationId);const t=await B(this.createAuthCodeUrlQueryString.bind(this),k.AuthClientCreateQueryString,this.logger,this.performanceClient,e.correlationId)(e);return ye.appendQueryString(this.authority.authorizationEndpoint,t)}async acquireToken(e,t){var d,f;if((d=this.performanceClient)==null||d.addQueueMeasurement(k.AuthClientAcquireToken,e.correlationId),!e.code)throw U(py);const n=rr(),i=await B(this.executeTokenRequest.bind(this),k.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),s=(f=i.headers)==null?void 0:f[Ot.X_MS_REQUEST_ID],c=new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return c.validateTokenResponse(i.body),B(c.handleServerTokenResponse.bind(c),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(i.body,this.authority,n,e,t,void 0,void 0,void 0,s)}handleFragmentResponse(e,t){if(new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,null,null).validateServerAuthorizationCodeResponse(e,t),!e.code)throw U(_y);return e}getLogoutUri(e){if(!e)throw Ne(My);const t=this.createLogoutUrlQueryString(e);return ye.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var g,p;(g=this.performanceClient)==null||g.addQueueMeasurement(k.AuthClientExecuteTokenRequest,t.correlationId);const n=this.createTokenQueryParameters(t),i=ye.appendQueryString(e.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let c;if(t.clientInfo)try{const w=sc(t.clientInfo,this.cryptoUtils.base64Decode);c={credential:`${w.uid}${St.CLIENT_INFO_SEPARATOR}${w.utid}`,type:on.HOME_ACCOUNT_ID}}catch(w){this.logger.verbose("Could not parse client info for CCS Header: "+w)}const d=this.createTokenRequestHeaders(c||t.ccsCredential),f={clientId:((p=t.tokenBodyParameters)==null?void 0:p.clientId)||this.config.authOptions.clientId,authority:e.canonicalAuthority,scopes:t.scopes,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(i,s,d,f,t.correlationId,k.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s;(i=this.performanceClient)==null||i.addQueueMeasurement(k.AuthClientCreateTokenRequestBody,e.correlationId);const t=new sa(e.correlationId,this.performanceClient);if(t.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[go])||this.config.authOptions.clientId),this.includeRedirectUri?t.addRedirectUri(e.redirectUri):Qo.validateRedirectUri(e.redirectUri),t.addScopes(e.scopes,!0,this.oidcDefaultScopes),t.addAuthorizationCode(e.code),t.addLibraryInfo(this.config.libraryInfo),t.addApplicationTelemetry(this.config.telemetry.application),t.addThrottling(),this.serverTelemetryManager&&!ld(this.config)&&t.addServerTelemetry(this.serverTelemetryManager),e.codeVerifier&&t.addCodeVerifier(e.codeVerifier),this.config.clientCredentials.clientSecret&&t.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const c=this.config.clientCredentials.clientAssertion;t.addClientAssertion(await Qy(c.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),t.addClientAssertionType(c.assertionType)}if(t.addGrantType(iy.AUTHORIZATION_CODE_GRANT),t.addClientInfo(),e.authenticationScheme===Re.POP){const c=new gi(this.cryptoUtils,this.performanceClient);let d;e.popKid?d=this.cryptoUtils.encodeKid(e.popKid):d=(await B(c.generateCnf.bind(c),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,t.addPopToken(d)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)t.addSshJwk(e.sshJwk);else throw Ne(kc);(!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&t.addClaims(e.claims,this.config.authOptions.clientCapabilities);let n;if(e.clientInfo)try{const c=sc(e.clientInfo,this.cryptoUtils.base64Decode);n={credential:`${c.uid}${St.CLIENT_INFO_SEPARATOR}${c.utid}`,type:on.HOME_ACCOUNT_ID}}catch(c){this.logger.verbose("Could not parse client info for CCS Header: "+c)}else n=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&n)switch(n.type){case on.HOME_ACCOUNT_ID:try{const c=ii(n.credential);t.addCcsOid(c)}catch(c){this.logger.verbose("Could not parse home account ID for CCS Header: "+c)}break;case on.UPN:t.addCcsUpn(n.credential);break}return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&t.addExtraQueryParameters(e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters||!e.tokenBodyParameters[jm])&&t.addExtraQueryParameters({[jm]:"1"}),t.createQueryString()}async createAuthCodeUrlQueryString(e){var s,c;const t=e.correlationId||this.config.cryptoInterface.createNewGuid();(s=this.performanceClient)==null||s.addQueueMeasurement(k.AuthClientCreateQueryString,t);const n=new sa(t,this.performanceClient);n.addClientId(e.embeddedClientId||((c=e.extraQueryParameters)==null?void 0:c[go])||this.config.authOptions.clientId);const i=[...e.scopes||[],...e.extraScopesToConsent||[]];if(n.addScopes(i,!0,this.oidcDefaultScopes),n.addRedirectUri(e.redirectUri),n.addCorrelationId(t),n.addResponseMode(e.responseMode),n.addResponseTypeCode(),n.addLibraryInfo(this.config.libraryInfo),ld(this.config)||n.addApplicationTelemetry(this.config.telemetry.application),n.addClientInfo(),e.codeChallenge&&e.codeChallengeMethod&&n.addCodeChallengeParams(e.codeChallenge,e.codeChallengeMethod),e.prompt&&n.addPrompt(e.prompt),e.domainHint&&n.addDomainHint(e.domainHint),e.prompt!==lt.SELECT_ACCOUNT)if(e.sid&&e.prompt===lt.NONE)this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),n.addSid(e.sid);else if(e.account){const d=this.extractAccountSid(e.account);let f=this.extractLoginHint(e.account);if(f&&e.domainHint&&(this.logger.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),f=null),f){this.logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),n.addLoginHint(f);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===lt.NONE){this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),n.addSid(d);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint);else if(e.account.username){this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),n.addLoginHint(e.account.username);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(this.logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint));else this.logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");if(e.nonce&&n.addNonce(e.nonce),e.state&&n.addState(e.state),(e.claims||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),this.addExtraQueryParams(e,n),e.nativeBroker&&(n.addNativeBroker(),e.authenticationScheme===Re.POP)){const d=new gi(this.cryptoUtils);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}return n.createQueryString()}createLogoutUrlQueryString(e){const t=new sa(e.correlationId,this.performanceClient);return e.postLogoutRedirectUri&&t.addPostLogoutRedirectUri(e.postLogoutRedirectUri),e.correlationId&&t.addCorrelationId(e.correlationId),e.idTokenHint&&t.addIdTokenHint(e.idTokenHint),e.state&&t.addState(e.state),e.logoutHint&&t.addLogoutHint(e.logoutHint),this.addExtraQueryParams(e,t),t.createQueryString()}addExtraQueryParams(e,t){!(e.extraQueryParameters&&e.extraQueryParameters.hasOwnProperty("instance_aware"))&&this.config.authOptions.instanceAware&&(e.extraQueryParameters=e.extraQueryParameters||{},e.extraQueryParameters.instance_aware="true"),e.extraQueryParameters&&t.addExtraQueryParameters(e.extraQueryParameters)}extractAccountSid(e){var t;return((t=e.idTokenClaims)==null?void 0:t.sid)||null}extractLoginHint(e){var t;return((t=e.idTokenClaims)==null?void 0:t.login_hint)||null}}/*! @azure/msal-common v14.16.0 2024-11-05 */const u0=300;class hd extends eh{constructor(e,t){super(e,t)}async acquireToken(e){var c,d;(c=this.performanceClient)==null||c.addQueueMeasurement(k.RefreshTokenClientAcquireToken,e.correlationId);const t=rr(),n=await B(this.executeTokenRequest.bind(this),k.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),i=(d=n.headers)==null?void 0:d[Ot.X_MS_REQUEST_ID],s=new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body),B(s.handleServerTokenResponse.bind(s),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,i)}async acquireTokenByRefreshToken(e){var n;if(!e)throw Ne(Py);if((n=this.performanceClient)==null||n.addQueueMeasurement(k.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw U(Fd);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(i){const s=i instanceof Fn&&i.errorCode===dc,c=i instanceof Wr&&i.errorCode===Dm.INVALID_GRANT_ERROR&&i.subError===Dm.CLIENT_MISMATCH_ERROR;if(s||c)return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw i}return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const n=wo(this.cacheManager.getRefreshToken.bind(this.cacheManager),k.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!n)throw dd(dc);if(n.expiresOn&&cd(n.expiresOn,e.refreshTokenExpirationOffsetSeconds||u0))throw dd(th);const i={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Re.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}};try{return await B(this.acquireToken.bind(this),k.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(i)}catch(c){if(c instanceof Fn&&c.subError===Nc){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=oi(n);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var f,g;(f=this.performanceClient)==null||f.addQueueMeasurement(k.RefreshTokenClientExecuteTokenRequest,e.correlationId);const n=this.createTokenQueryParameters(e),i=ye.appendQueryString(t.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),c=this.createTokenRequestHeaders(e.ccsCredential),d={clientId:((g=e.tokenBodyParameters)==null?void 0:g.clientId)||this.config.authOptions.clientId,authority:t.canonicalAuthority,scopes:e.scopes,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(i,s,c,d,e.correlationId,k.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s,c;(i=this.performanceClient)==null||i.addQueueMeasurement(k.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=e.correlationId,n=new sa(t,this.performanceClient);if(n.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[go])||this.config.authOptions.clientId),e.redirectUri&&n.addRedirectUri(e.redirectUri),n.addScopes(e.scopes,!0,(c=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),n.addGrantType(iy.REFRESH_TOKEN_GRANT),n.addClientInfo(),n.addLibraryInfo(this.config.libraryInfo),n.addApplicationTelemetry(this.config.telemetry.application),n.addThrottling(),this.serverTelemetryManager&&!ld(this.config)&&n.addServerTelemetry(this.serverTelemetryManager),n.addRefreshToken(e.refreshToken),this.config.clientCredentials.clientSecret&&n.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const d=this.config.clientCredentials.clientAssertion;n.addClientAssertion(await Qy(d.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),n.addClientAssertionType(d.assertionType)}if(e.authenticationScheme===Re.POP){const d=new gi(this.cryptoUtils,this.performanceClient);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)n.addSshJwk(e.sshJwk);else throw Ne(kc);if((!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case on.HOME_ACCOUNT_ID:try{const d=ii(e.ccsCredential.credential);n.addCcsOid(d)}catch(d){this.logger.verbose("Could not parse home account ID for CCS Header: "+d)}break;case on.UPN:n.addCcsUpn(e.ccsCredential.credential);break}return e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&n.addExtraQueryParameters(e.tokenBodyParameters),n.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */class d0 extends eh{constructor(e,t){super(e,t)}async acquireToken(e){var t;try{const[n,i]=await this.acquireCachedToken({...e,scopes:(t=e.scopes)!=null&&t.length?e.scopes:[...pi]});return i===Lr.PROACTIVELY_REFRESHED&&(this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'. It's not expired, but must be refreshed."),new hd(this.config,this.performanceClient).acquireTokenByRefreshToken(e).catch(()=>{})),n}catch(n){if(n instanceof Ac&&n.errorCode===vr)return new hd(this.config,this.performanceClient).acquireTokenByRefreshToken(e);throw n}}async acquireCachedToken(e){var f;(f=this.performanceClient)==null||f.addQueueMeasurement(k.SilentFlowClientAcquireCachedToken,e.correlationId);let t=Lr.NOT_APPLICABLE;if(e.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Un.isEmptyObj(e.claims))throw this.setCacheOutcome(Lr.FORCE_REFRESH_OR_CLAIMS,e.correlationId),U(vr);if(!e.account)throw U(Fd);const n=e.account.tenantId||e0(e.authority),i=this.cacheManager.getTokenKeys(),s=this.cacheManager.getAccessToken(e.account,e,i,n,this.performanceClient,e.correlationId);if(s){if(HN(s.cachedAt)||cd(s.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(Lr.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),U(vr);s.refreshOn&&cd(s.refreshOn,0)&&(t=Lr.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(Lr.NO_CACHED_ACCESS_TOKEN,e.correlationId),U(vr);const c=e.authority||this.authority.getPreferredCache(),d={account:this.cacheManager.readAccountFromCache(e.account),accessToken:s,idToken:this.cacheManager.getIdToken(e.account,i,n,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(c)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await B(this.generateResultFromCacheRecord.bind(this),k.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(d,e),t]}setCacheOutcome(e,t){var n,i;(n=this.serverTelemetryManager)==null||n.setCacheOutcome(e),(i=this.performanceClient)==null||i.addFields({cacheOutcome:e},t),e!==Lr.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var i;(i=this.performanceClient)==null||i.addQueueMeasurement(k.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let n;if(e.idToken&&(n=Co(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||t.maxAge===0){const s=n==null?void 0:n.auth_time;if(!s)throw U(Bd);Ay(s,t.maxAge)}return mo.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,n)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const h0={sendGetRequestAsync:()=>Promise.reject(U(ge)),sendPostRequestAsync:()=>Promise.reject(U(ge))};/*! @azure/msal-common v14.16.0 2024-11-05 */const Xm=",",Zy="|";function f0(r){const{skus:e,libraryName:t,libraryVersion:n,extensionName:i,extensionVersion:s}=r,c=new Map([[0,[t,n]],[2,[i,s]]]);let d=[];if(e!=null&&e.length){if(d=e.split(Xm),d.length<4)return e}else d=Array.from({length:4},()=>Zy);return c.forEach((f,g)=>{var p,w;f.length===2&&((p=f[0])!=null&&p.length)&&((w=f[1])!=null&&w.length)&&g0({skuArr:d,index:g,skuName:f[0],skuVersion:f[1]})}),d.join(Xm)}function g0(r){const{skuArr:e,index:t,skuName:n,skuVersion:i}=r;t>=e.length||(e[t]=[n,i].join(Zy))}class da{constructor(e,t){this.cacheOutcome=Lr.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||P.EMPTY_STRING,this.wrapperVer=e.wrapperVer||P.EMPTY_STRING,this.telemetryCacheKey=gt.CACHE_KEY+St.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${gt.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],n=this.getNativeBrokerErrorCode();n!=null&&n.length&&t.push(`broker_error=${n}`);const i=t.join(gt.VALUE_SEPARATOR),s=this.getRegionDiscoveryFields(),c=[e,s].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,c,i].join(gt.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.failedRequests.slice(0,2*t).join(gt.VALUE_SEPARATOR),i=e.errors.slice(0,t).join(gt.VALUE_SEPARATOR),s=e.errors.length,c=t<s?gt.OVERFLOW_TRUE:gt.OVERFLOW_FALSE,d=[s,c].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,e.cacheHits,n,i,d].join(gt.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=gt.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Fe?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(gt.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||e}clearTelemetryCache(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.errors.length;if(t===n)this.cacheManager.removeItem(this.telemetryCacheKey);else{const i={failedRequests:e.failedRequests.slice(t*2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,i)}}static maxErrorsToSend(e){let t,n=0,i=0;const s=e.errors.length;for(t=0;t<s;t++){const c=e.failedRequests[2*t]||P.EMPTY_STRING,d=e.failedRequests[2*t+1]||P.EMPTY_STRING,f=e.errors[t]||P.EMPTY_STRING;if(i+=c.toString().length+d.toString().length+f.length+3,i<gt.MAX_LAST_HEADER_BYTES)n+=1;else break}return n}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||P.EMPTY_STRING),e.push(this.regionSource||P.EMPTY_STRING),e.push(this.regionOutcome||P.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return f0(e)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const eC="missing_kid_error",tC="missing_alg_error";/*! @azure/msal-common v14.16.0 2024-11-05 */const m0={[eC]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[tC]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class rh extends Fe{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,rh.prototype)}}function Zm(r){return new rh(r,m0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class oh{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Zm(eC);if(!e.alg)throw Zm(tC);const t=new oh({typ:e.typ||SN.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class ep{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class p0{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:ZP.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""},measurement:new ep}}startPerformanceMeasurement(){return new ep}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ih="pkce_not_created",fd="crypto_nonexistent",Pc="empty_navigate_uri",nC="hash_empty_error",ah="no_state_in_hash",rC="hash_does_not_contain_known_properties",oC="unable_to_parse_state",iC="state_interaction_type_mismatch",aC="interaction_in_progress",sC="popup_window_error",cC="empty_window_error",po="user_cancelled",v0="monitor_popup_timeout",lC="monitor_window_timeout",uC="redirect_in_iframe",dC="block_iframe_reload",hC="block_nested_popups",y0="iframe_closed_prematurely",Mc="silent_logout_unsupported",fC="no_account_error",C0="silent_prompt_value_error",gC="no_token_request_cache_error",mC="unable_to_parse_token_request_cache_error",sh="no_cached_authority_error",w0="auth_request_not_set_error",_0="invalid_cache_type",Dc="non_browser_environment",Xo="database_not_open",hc="no_network_connectivity",pC="post_request_failed",vC="get_request_failed",gd="failed_to_parse_response",yC="unable_to_load_token",ch="crypto_key_not_found",CC="auth_code_required",wC="auth_code_or_nativeAccountId_required",_C="spa_code_and_nativeAccountId_present",lh="database_unavailable",TC="unable_to_acquire_token_from_native_platform",EC="native_handshake_timeout",SC="native_extension_not_installed",_a="native_connection_not_established",AC="uninitialized_public_client_application",IC="native_prompt_not_supported",bC="invalid_base64_string",kC="invalid_pop_token_request",RC="failed_to_build_headers",OC="failed_to_parse_headers";/*! @azure/msal-browser v3.28.1 2025-01-14 */const mr="For more visit: aka.ms/msaljs/browser-errors",T0={[ih]:"The PKCE code challenge and verifier could not be generated.",[fd]:"The crypto object or function is not available.",[Pc]:"Navigation URI is empty. Please check stack trace for more info.",[nC]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${mr}`,[ah]:"Hash does not contain state. Please verify that the request originated from msal.",[rC]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${mr}`,[oC]:"Unable to parse state. Please verify that the request originated from msal.",[iC]:"Hash contains state but the interaction type does not match the caller.",[aC]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${mr}`,[sC]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[cC]:"window.open returned null or undefined window object.",[po]:"User cancelled the flow.",[v0]:`Token acquisition in popup failed due to timeout. ${mr}`,[lC]:`Token acquisition in iframe failed due to timeout. ${mr}`,[uC]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[dC]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${mr}`,[hC]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[y0]:"The iframe being monitored was closed prematurely.",[Mc]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[fC]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[C0]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[gC]:"No token request found in cache.",[mC]:"The cached token request could not be parsed.",[sh]:"No cached authority found.",[w0]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[_0]:"Invalid cache type",[Dc]:"Login and token requests are not supported in non-browser environments.",[Xo]:"Database is not open!",[hc]:"No network connectivity. Check your internet connection.",[pC]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[vC]:"Network request failed. Please check the network trace to determine root cause.",[gd]:"Failed to parse network response. Check network trace.",[yC]:"Error loading token to cache.",[ch]:"Cryptographic Key or Keypair not found in browser storage.",[CC]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[wC]:"An authorization code or nativeAccountId must be provided to this flow.",[_C]:"Request cannot contain both spa code and native account id.",[lh]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[TC]:`Unable to acquire token from native platform. ${mr}`,[EC]:"Timed out while attempting to establish connection to browser extension",[SC]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[_a]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${mr}`,[AC]:`You must call and await the initialize function before attempting to call any other MSAL API. ${mr}`,[IC]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[bC]:"Invalid base64 encoded string.",[kC]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[RC]:"Failed to build request headers object.",[OC]:"Failed to parse response headers"};class Ta extends Fe{constructor(e,t){super(e,T0[e],t),Object.setPrototypeOf(this,Ta.prototype),this.name="BrowserAuthError"}}function j(r,e){return new Ta(r,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const en={INTERACTION_IN_PROGRESS_VALUE:"interaction_in_progress",INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},ai={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},uo={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},Ft={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},tp={GET:"GET",POST:"POST"},be={AUTHORITY:"authority",ACQUIRE_TOKEN_ACCOUNT:"acquireToken.account",SESSION_STATE:"session.state",REQUEST_STATE:"request.state",NONCE_IDTOKEN:"nonce.id_token",ORIGIN_URI:"request.origin",RENEW_STATUS:"token.renew.status",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",SCOPES:"scopes",INTERACTION_STATUS_KEY:"interaction.status",CCS_CREDENTIAL:"ccs.credential",CORRELATION_ID:"request.correlationId",NATIVE_REQUEST:"request.native",REDIRECT_CONTEXT:"request.redirect.context"},Dr={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},bs={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},xe={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var X;(function(r){r.Redirect="redirect",r.Popup="popup",r.Silent="silent",r.None="none"})(X||(X={}));const np={scopes:pi},NC="jwk",md="msal.db",E0=1,S0=`${md}.keys`,Qt={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},A0=[Qt.Default,Qt.Skip,Qt.RefreshTokenAndNetwork],I0="msal.browser.log.level",b0="msal.browser.log.pii";/*! @azure/msal-browser v3.28.1 2025-01-14 */function ks(r){return encodeURIComponent(uh(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function xc(r){return PC(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function uh(r){return PC(new TextEncoder().encode(r))}function PC(r){const e=Array.from(r,t=>String.fromCodePoint(t)).join("");return btoa(e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const k0="RSASSA-PKCS1-v1_5",MC="SHA-256",R0=2048,O0=new Uint8Array([1,0,1]),rp="0123456789abcdef",op=new Uint32Array(1),N0="crypto_subtle_undefined",dh={name:k0,hash:MC,modulusLength:R0,publicExponent:O0};function P0(r){if(!window)throw j(Dc);if(!window.crypto)throw j(fd);if(!r&&!window.crypto.subtle)throw j(fd,N0)}async function DC(r,e,t){e==null||e.addQueueMeasurement(k.Sha256Digest,t);const i=new TextEncoder().encode(r);return window.crypto.subtle.digest(MC,i)}function M0(r){return window.crypto.getRandomValues(r)}function Pu(){return window.crypto.getRandomValues(op),op[0]}function Er(){const r=Date.now(),e=Pu()*1024+(Pu()&1023),t=new Uint8Array(16),n=Math.trunc(e/2**30),i=e&2**30-1,s=Pu();t[0]=r/2**40,t[1]=r/2**32,t[2]=r/2**24,t[3]=r/2**16,t[4]=r/2**8,t[5]=r,t[6]=112|n>>>8,t[7]=n,t[8]=128|i>>>24,t[9]=i>>>16,t[10]=i>>>8,t[11]=i,t[12]=s>>>24,t[13]=s>>>16,t[14]=s>>>8,t[15]=s;let c="";for(let d=0;d<t.length;d++)c+=rp.charAt(t[d]>>>4),c+=rp.charAt(t[d]&15),(d===3||d===5||d===7||d===9)&&(c+="-");return c}async function D0(r,e){return window.crypto.subtle.generateKey(dh,r,e)}async function Mu(r){return window.crypto.subtle.exportKey(NC,r)}async function x0(r,e,t){return window.crypto.subtle.importKey(NC,r,dh,e,t)}async function L0(r,e){return window.crypto.subtle.sign(dh,r,e)}async function xC(r){const e=await DC(r),t=new Uint8Array(e);return xc(t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ha="storage_not_supported",pd="stubbed_public_client_application_called",fc="in_mem_redirect_unavailable";/*! @azure/msal-browser v3.28.1 2025-01-14 */const zs={[ha]:"Given storage configuration option was not supported.",[pd]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[fc]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};zs[ha],zs[pd],zs[fc];class hh extends Fe{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,hh.prototype)}}function fh(r){return new hh(r,zs[r])}/*! @azure/msal-browser v3.28.1 2025-01-14 */function U0(r){r.location.hash="",typeof r.history.replaceState=="function"&&r.history.replaceState(null,"",`${r.location.origin}${r.location.pathname}${r.location.search}`)}function B0(r){const e=r.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function gh(){return window.parent!==window}function F0(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${en.POPUP_NAME_PREFIX}.`)===0}function yr(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function H0(){const e=new ye(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function V0(){if(ye.hashContainsKnownProperties(window.location.hash)&&gh())throw j(dC)}function $0(r){if(gh()&&!r)throw j(uC)}function K0(){if(F0())throw j(hC)}function LC(){if(typeof window>"u")throw j(Dc)}function UC(r){if(!r)throw j(AC)}function mh(r){LC(),V0(),K0(),UC(r)}function ip(r,e){if(mh(r),$0(e.system.allowRedirectInIframe),e.cache.cacheLocation===Ft.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw fh(fc)}function BC(r){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(r).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function z0(){return Er()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class gc{navigateInternal(e,t){return gc.defaultNavigateWindow(e,t)}navigateExternal(e,t){return gc.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(n=>{setTimeout(()=>{n(!0)},t.timeout)})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class W0{async sendGetRequestAsync(e,t){let n,i={},s=0;const c=ap(t);try{n=await fetch(e,{method:tp.GET,headers:c})}catch{throw j(window.navigator.onLine?vC:hc)}i=sp(n.headers);try{return s=n.status,{headers:i,body:await n.json(),status:s}}catch{throw Ym(j(gd),s,i)}}async sendPostRequestAsync(e,t){const n=t&&t.body||"",i=ap(t);let s,c=0,d={};try{s=await fetch(e,{method:tp.POST,headers:i,body:n})}catch{throw j(window.navigator.onLine?pC:hc)}d=sp(s.headers);try{return c=s.status,{headers:d,body:await s.json(),status:c}}catch{throw Ym(j(gd),c,d)}}}function ap(r){try{const e=new Headers;if(!(r&&r.headers))return e;const t=r.headers;return Object.entries(t).forEach(([n,i])=>{e.append(n,i)}),e}catch{throw j(RC)}}function sp(r){try{const e={};return r.forEach((t,n)=>{e[n]=t}),e}catch{throw j(OC)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const q0=6e4,vd=1e4,G0=3e4,j0=2e3;function Y0({auth:r,cache:e,system:t,telemetry:n},i){const s={clientId:P.EMPTY_STRING,authority:`${P.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:P.EMPTY_STRING,authorityMetadata:P.EMPTY_STRING,redirectUri:typeof window<"u"?yr():"",postLogoutRedirectUri:P.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:_r.AAD,OIDCOptions:{serverResponseType:wa.FRAGMENT,defaultScopes:[P.OPENID_SCOPE,P.PROFILE_SCOPE,P.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:Kd.None,tenant:P.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},c={cacheLocation:Ft.SessionStorage,temporaryCacheLocation:Ft.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===Ft.LocalStorage),claimsBasedCachingEnabled:!1},d={loggerCallback:()=>{},logLevel:Me.Info,piiLoggingEnabled:!1},g={...{...qy,loggerOptions:d,networkClient:i?new W0:h0,navigationClient:new gc,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)||q0,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)||vd,navigateFrameWait:0,redirectNavigationTimeout:G0,asyncPopups:!1,allowRedirectInIframe:!1,allowNativeBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)||j0,pollIntervalMilliseconds:en.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)||d},p={application:{appName:P.EMPTY_STRING,appVersion:P.EMPTY_STRING},client:new p0};if((r==null?void 0:r.protocolMode)!==_r.OIDC&&(r!=null&&r.OIDCOptions)&&new zr(g.loggerOptions).warning(JSON.stringify(Ne(By))),r!=null&&r.protocolMode&&r.protocolMode!==_r.AAD&&(g!=null&&g.allowNativeBroker))throw Ne(Fy);return{auth:{...s,...r,OIDCOptions:{...s.OIDCOptions,...r==null?void 0:r.OIDCOptions}},cache:{...c,...e},system:g,telemetry:{...p,...n}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const J0="@azure/msal-browser",Lc="3.28.1";/*! @azure/msal-browser v3.28.1 2025-01-14 */class ph{static loggerCallback(e,t){switch(e){case Me.Error:console.error(t);return;case Me.Info:console.info(t);return;case Me.Verbose:console.debug(t);return;case Me.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var f;this.browserEnvironment=typeof window<"u",this.config=Y0(e,this.browserEnvironment);let t;try{t=window[Ft.SessionStorage]}catch{}const n=t==null?void 0:t.getItem(I0),i=(f=t==null?void 0:t.getItem(b0))==null?void 0:f.toLowerCase(),s=i==="true"?!0:i==="false"?!1:void 0,c={...this.config.system.loggerOptions},d=n&&Object.keys(Me).includes(n)?Me[n]:void 0;d&&(c.loggerCallback=ph.loggerCallback,c.logLevel=d),s!==void 0&&(c.piiLoggingEnabled=s),this.logger=new zr(c,J0,Lc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vo extends ph{getModuleName(){return vo.MODULE_NAME}getId(){return vo.ID}async initialize(){return this.available=typeof window<"u",this.available}}vo.MODULE_NAME="";vo.ID="StandardOperatingContext";/*! @azure/msal-browser v3.28.1 2025-01-14 */function tr(r){return new TextDecoder().decode(Q0(r))}function Q0(r){let e=r.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw j(bC)}const t=atob(e);return Uint8Array.from(t,n=>n.codePointAt(0)||0)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class X0{constructor(){this.dbName=md,this.version=E0,this.tableName=S0,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const n=window.indexedDB.open(this.dbName,this.version);n.addEventListener("upgradeneeded",i=>{i.target.result.createObjectStore(this.tableName)}),n.addEventListener("success",i=>{const s=i;this.db=s.target.result,this.dbOpen=!0,e()}),n.addEventListener("error",()=>t(j(lh)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((n,i)=>{if(!this.db)return i(j(Xo));const d=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);d.addEventListener("success",()=>{this.closeConnection(),n()}),d.addEventListener("error",f=>{this.closeConnection(),i(f)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);c.addEventListener("success",()=>{this.closeConnection(),t()}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(j(Xo));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();s.addEventListener("success",c=>{const d=c;this.closeConnection(),e(d.target.result)}),s.addEventListener("error",c=>{this.closeConnection(),t(c)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result===1)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const n=window.indexedDB.deleteDatabase(md),i=setTimeout(()=>t(!1),200);n.addEventListener("success",()=>(clearTimeout(i),e(!0))),n.addEventListener("blocked",()=>(clearTimeout(i),e(!0))),n.addEventListener("error",()=>(clearTimeout(i),t(!1)))})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yd{constructor(){this.cache=new Map}getItem(e){return this.cache.get(e)||null}setItem(e,t){this.cache.set(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,n)=>{e.push(n)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Z0{constructor(e){this.inMemoryCache=new yd,this.indexedDBCache=new X0,this.logger=e}handleDatabaseAccessError(e){if(e instanceof Ta&&e.errorCode===lh)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(n){this.handleDatabaseAccessError(n)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(n){this.handleDatabaseAccessError(n)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(n){this.handleDatabaseAccessError(n)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class mi{constructor(e,t,n){this.logger=e,P0(n??!1),this.cache=new Z0(this.logger),this.performanceClient=t}createNewGuid(){return Er()}base64Encode(e){return uh(e)}base64Decode(e){return tr(e)}base64UrlEncode(e){return ks(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var p;const t=(p=this.performanceClient)==null?void 0:p.startMeasurement(k.CryptoOptsGetPublicKeyThumbprint,e.correlationId),n=await D0(mi.EXTRACTABLE,mi.POP_KEY_USAGES),i=await Mu(n.publicKey),s={e:i.e,kty:i.kty,n:i.n},c=cp(s),d=await this.hashString(c),f=await Mu(n.privateKey),g=await x0(f,!1,["sign"]);return await this.cache.setItem(d,{privateKey:g,publicKey:n.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),d}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,n,i){var V;const s=(V=this.performanceClient)==null?void 0:V.startMeasurement(k.CryptoOptsSignJwt,i),c=await this.cache.getItem(t);if(!c)throw j(ch);const d=await Mu(c.publicKey),f=cp(d),g=ks(JSON.stringify({kid:t})),p=oh.getShrHeaderString({...n==null?void 0:n.header,alg:d.alg,kid:g}),w=ks(p);e.cnf={jwk:JSON.parse(f)};const C=ks(JSON.stringify(e)),S=`${w}.${C}`,b=new TextEncoder().encode(S),N=await L0(c.privateKey,b),K=xc(new Uint8Array(N)),H=`${S}.${K}`;return s&&s.end({success:!0}),H}async hashString(e){return xC(e)}}mi.POP_KEY_USAGES=["sign","verify"];mi.EXTRACTABLE=!0;function cp(r){return JSON.stringify(r,Object.keys(r).sort())}/*! @azure/msal-browser v3.28.1 2025-01-14 */class eM{constructor(){if(!window.localStorage)throw fh(ha)}getItem(e){return window.localStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}removeItem(e){window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class tM{constructor(){if(!window.sessionStorage)throw fh(ha)}getItem(e){return window.sessionStorage.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function FC(r,e){if(!e)return null;try{return Bn.parseRequestState(r,e).libraryState.meta}catch{throw U(hi)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const nM=24*60*60*1e3;class rM{getItem(e){const t=`${encodeURIComponent(e)}`,n=document.cookie.split(";");for(let i=0;i<n.length;i++){const s=n[i],[c,...d]=decodeURIComponent(s).trim().split("="),f=d.join("=");if(c===t)return f}return""}setItem(e,t,n,i=!0){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=Lax;`;if(n){const c=oM(n);s+=`expires=${c};`}i&&(s+="Secure;"),document.cookie=s}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(n=>{const i=decodeURIComponent(n).trim().split("=");t.push(i[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function oM(r){const e=new Date;return new Date(e.getTime()+r*nM).toUTCString()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Cd extends fi{constructor(e,t,n,i,s,c){super(e,n,i,s),this.cacheConfig=t,this.logger=i,this.internalStorage=new yd,this.browserStorage=this.setupBrowserStorage(this.cacheConfig.cacheLocation),this.temporaryCacheStorage=this.setupBrowserStorage(this.cacheConfig.temporaryCacheLocation),this.cookieStorage=new rM,t.cacheMigrationEnabled&&(this.migrateCacheEntries(),this.createKeyMaps()),this.performanceClient=c}setupBrowserStorage(e){try{switch(e){case Ft.LocalStorage:return new eM;case Ft.SessionStorage:return new tM;case Ft.MemoryStorage:default:break}}catch(t){this.logger.error(t)}return this.cacheConfig.cacheLocation=Ft.MemoryStorage,new yd}migrateCacheEntries(){const e=`${P.CACHE_PREFIX}.${st.ID_TOKEN}`,t=`${P.CACHE_PREFIX}.${st.CLIENT_INFO}`,n=`${P.CACHE_PREFIX}.${st.ERROR}`,i=`${P.CACHE_PREFIX}.${st.ERROR_DESC}`,s=this.browserStorage.getItem(e),c=this.browserStorage.getItem(t),d=this.browserStorage.getItem(n),f=this.browserStorage.getItem(i),g=[s,c,d,f];[st.ID_TOKEN,st.CLIENT_INFO,st.ERROR,st.ERROR_DESC].forEach((w,C)=>{const S=g[C];S&&this.setTemporaryCache(w,S,!0)})}createKeyMaps(){this.logger.trace("BrowserCacheManager - createKeyMaps called.");const e=this.getItem(Dr.ACCOUNT_KEYS),t=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e&&t){this.logger.verbose("BrowserCacheManager:createKeyMaps - account and token key maps already exist, skipping migration.");return}this.browserStorage.getKeys().forEach(i=>{if(this.isCredentialKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);if(c&&c.hasOwnProperty("credentialType"))switch(c.credentialType){case re.ID_TOKEN:if(Fm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - idToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - idToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ID_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching idToken schema with value containing idToken credentialType field but value failed IdTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed idToken validation on key: ${i}`);break;case re.ACCESS_TOKEN:case re.ACCESS_TOKEN_WITH_AUTH_SCHEME:if(Bm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - accessToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - accessToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ACCESS_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching accessToken schema with value containing accessToken credentialType field but value failed AccessTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed accessToken validation on key: ${i}`);break;case re.REFRESH_TOKEN:if(Hm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - refreshToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - refreshToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.REFRESH_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching refreshToken schema with value containing refreshToken credentialType field but value failed RefreshTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed refreshToken validation on key: ${i}`);break}}}if(this.isAccountKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);c&&it.isAccountEntity(c)&&(this.logger.trace("BrowserCacheManager:createKeyMaps - account found, saving key to account key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - account with key: ${i} found, saving key to account key map`),this.addAccountKeyToMap(i))}}})}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getItem(e){return this.browserStorage.getItem(e)}setItem(e,t){this.browserStorage.setItem(e,t)}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const n=this.getCachedAccountEntity(e);return this.updateOutdatedCachedAccount(e,n,t)}getCachedAccountEntity(e){const t=this.getItem(e);if(!t)return this.removeAccountKeyFromMap(e),null;const n=this.validateAndParseJson(t);return!n||!it.isAccountEntity(n)?(this.removeAccountKeyFromMap(e),null):fi.toObject(new it,n)}setAccount(e){this.logger.trace("BrowserCacheManager.setAccount called");const t=e.generateAccountKey();this.setItem(t,JSON.stringify(e)),this.addAccountKeyToMap(t)}getAccountKeys(){this.logger.trace("BrowserCacheManager.getAccountKeys called");const e=this.getItem(Dr.ACCOUNT_KEYS);return e?JSON.parse(e):(this.logger.verbose("BrowserCacheManager.getAccountKeys - No account keys found"),[])}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();t.indexOf(e)===-1?(t.push(e),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added")):this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map")}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),n=t.indexOf(e);n>-1?(t.splice(n,1),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}removeOutdatedAccount(e){this.removeItem(e),this.removeAccountKeyFromMap(e)}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,re.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,re.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,re.REFRESH_TOKEN)}getTokenKeys(){this.logger.trace("BrowserCacheManager.getTokenKeys called");const e=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e){const t=this.validateAndParseJson(e);if(t&&t.hasOwnProperty("idToken")&&t.hasOwnProperty("accessToken")&&t.hasOwnProperty("refreshToken"))return t;this.logger.error("BrowserCacheManager.getTokenKeys - Token keys found but in an unknown format. Returning empty key map.")}else this.logger.verbose("BrowserCacheManager.getTokenKeys - No token keys found");return{idToken:[],accessToken:[],refreshToken:[]}}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:n.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),n.idToken.push(e));break;case re.ACCESS_TOKEN:n.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),n.accessToken.push(e));break;case re.REFRESH_TOKEN:n.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),n.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(sd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const i=n.idToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),n.idToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case re.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const s=n.accessToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),n.accessToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case re.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const c=n.refreshToken.indexOf(e);c>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),n.refreshToken.splice(c,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(sd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}getIdTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Fm(n)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n)}setIdTokenCredential(e){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ID_TOKEN)}getAccessTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Bm(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n)}setAccessTokenCredential(e){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Hm(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n)}setRefreshTokenCredential(e){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.REFRESH_TOKEN)}getAppMetadata(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!YN(e,n)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),n)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=jN(e);this.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!qN(e,n)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),n)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return n&&JN(e,n)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(bs.WRAPPER_SKU,e),this.internalStorage.setItem(bs.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(bs.WRAPPER_SKU)||P.EMPTY_STRING,t=this.internalStorage.getItem(bs.WRAPPER_VER)||P.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),t=this.getItem(e);if(!t){this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters cache schema found, looking for legacy schema");const i=this.generateCacheKey(st.ACTIVE_ACCOUNT),s=this.getItem(i);if(!s)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null;const c=this.getAccountInfoFilteredBy({localAccountId:s});return c?(this.logger.trace("BrowserCacheManager.getActiveAccount: Legacy active account cache schema found"),this.logger.trace("BrowserCacheManager.getActiveAccount: Adding active account filters cache schema"),this.setActiveAccount(c),c):null}const n=this.validateAndParseJson(t);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),n=this.generateCacheKey(st.ACTIVE_ACCOUNT);if(e){this.logger.verbose("setActiveAccount: Active account set");const i={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(i)),this.browserStorage.setItem(n,e.localAccountId)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t),this.browserStorage.removeItem(n)}getThrottlingCache(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!GN(e,n)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),n)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const n=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const s=this.cookieStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),s}const i=this.temporaryCacheStorage.getItem(n);if(!i){if(this.cacheConfig.cacheLocation===Ft.LocalStorage){const s=this.browserStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),s}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),i}setTemporaryCache(e,t,n){const i=n?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(i,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(i,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(k.ClearTokensAndKeysWithClaims,t);const n=this.getTokenKeys(),i=[];n.accessToken.forEach(s=>{const c=this.getAccessTokenCredential(s);c!=null&&c.requestedClaimsHash&&s.includes(c.requestedClaimsHash.toLowerCase())&&i.push(this.removeAccessToken(s))}),await Promise.all(i),i.length>0&&this.logger.warning(`${i.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):Un.startsWith(e,P.CACHE_PREFIX)||Un.startsWith(e,st.ADAL_ID_TOKEN)?e:`${P.CACHE_PREFIX}.${this.clientId}.${e}`}generateAuthorityKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.AUTHORITY}.${t}`)}generateNonceKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.NONCE_IDTOKEN}.${t}`)}generateStateKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.REQUEST_STATE}.${t}`)}getCachedAuthority(e){const t=this.generateStateKey(e),n=this.getTemporaryCache(t);if(!n)return null;const i=this.generateAuthorityKey(n);return this.getTemporaryCache(i)}updateCacheEntries(e,t,n,i,s){this.logger.trace("BrowserCacheManager.updateCacheEntries called");const c=this.generateStateKey(e);this.setTemporaryCache(c,e,!1);const d=this.generateNonceKey(e);this.setTemporaryCache(d,t,!1);const f=this.generateAuthorityKey(e);if(this.setTemporaryCache(f,n,!1),s){const g={credential:s.homeAccountId,type:on.HOME_ACCOUNT_ID};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}else if(i){const g={credential:i,type:on.UPN};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}}resetRequestCache(e){this.logger.trace("BrowserCacheManager.resetRequestCache called"),e&&(this.temporaryCacheStorage.getKeys().forEach(t=>{t.indexOf(e)!==-1&&this.removeTemporaryItem(t)}),this.removeTemporaryItem(this.generateStateKey(e)),this.removeTemporaryItem(this.generateNonceKey(e)),this.removeTemporaryItem(this.generateAuthorityKey(e))),this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(be.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(be.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(be.CORRELATION_ID)),this.removeTemporaryItem(this.generateCacheKey(be.CCS_CREDENTIAL)),this.removeTemporaryItem(this.generateCacheKey(be.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cleanRequestByState(e){if(this.logger.trace("BrowserCacheManager.cleanRequestByState called"),e){const t=this.generateStateKey(e),n=this.temporaryCacheStorage.getItem(t);this.logger.infoPii(`BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n||P.EMPTY_STRING)}}cleanRequestByInteractionType(e){this.logger.trace("BrowserCacheManager.cleanRequestByInteractionType called"),this.temporaryCacheStorage.getKeys().forEach(t=>{if(t.indexOf(be.REQUEST_STATE)===-1)return;const n=this.temporaryCacheStorage.getItem(t);if(!n)return;const i=FC(this.cryptoImpl,n);i&&i.interactionType===e&&(this.logger.infoPii(`BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n))}),this.setInteractionInProgress(!1)}cacheCodeRequest(e){this.logger.trace("BrowserCacheManager.cacheCodeRequest called");const t=uh(JSON.stringify(e));this.setTemporaryCache(be.REQUEST_PARAMS,t,!0)}getCachedRequest(e){this.logger.trace("BrowserCacheManager.getCachedRequest called");const t=this.getTemporaryCache(be.REQUEST_PARAMS,!0);if(!t)throw j(gC);let n;try{n=JSON.parse(tr(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${t}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),j(mC)}if(this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),!n.authority){const i=this.generateAuthorityKey(e),s=this.getTemporaryCache(i);if(!s)throw j(sh);n.authority=s}return n}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(be.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw j(aC);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}getLegacyLoginHint(){const e=this.getTemporaryCache(st.ADAL_ID_TOKEN);e&&(this.browserStorage.removeItem(st.ADAL_ID_TOKEN),this.logger.verbose("Cached ADAL id token retrieved."));const t=this.getTemporaryCache(st.ID_TOKEN,!0);t&&(this.browserStorage.removeItem(this.generateCacheKey(st.ID_TOKEN)),this.logger.verbose("Cached MSAL.js v1 id token retrieved"));const n=t||e;if(n){const i=Co(n,tr);if(i.preferred_username)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 preferred_username as loginHint"),i.preferred_username;if(i.upn)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 upn as loginHint"),i.upn;this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, however, no account hint claim found. Enable preferred_username or upn id token claim to get SSO.")}return null}updateCredentialCacheKey(e,t){const n=oi(t);if(e!==n){const i=this.getItem(e);if(i)return this.browserStorage.removeItem(e),this.setItem(n,i),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),n;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}async hydrateCache(e,t){var d,f,g;const n=Ic((d=e.account)==null?void 0:d.homeAccountId,(f=e.account)==null?void 0:f.environment,e.idToken,this.clientId,e.tenantId);let i;t.claims&&(i=await this.cryptoImpl.hashString(t.claims));const s=bc((g=e.account)==null?void 0:g.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?e.expiresOn.getTime()/1e3:0,e.extExpiresOn?e.extExpiresOn.getTime()/1e3:0,tr,void 0,e.tokenType,void 0,t.sshKid,t.claims,i),c={idToken:n,accessToken:s};return this.saveCacheRecord(c)}async saveCacheRecord(e,t,n){try{await super.saveCacheRecord(e,t,n)}catch(i){if(i instanceof ci&&this.performanceClient&&n)try{const s=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:s.refreshToken.length,cacheIdCount:s.idToken.length,cacheAtCount:s.accessToken.length},n)}catch{}throw i}}}const iM=(r,e)=>{const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new Cd(r,t,ac,e)};/*! @azure/msal-browser v3.28.1 2025-01-14 */function aM(r,e,t,n){return r.verbose("getAllAccounts called"),t?e.getAllAccounts(n):[]}function sM(r,e,t){if(e.trace("getAccount called"),Object.keys(r).length===0)return e.warning("getAccount: No accountFilter provided"),null;const n=t.getAccountInfoFilteredBy(r);return n?(e.verbose("getAccount: Account matching provided filter found, returning"),n):(e.verbose("getAccount: No matching account found, returning null"),null)}function cM(r,e,t){if(e.trace("getAccountByUsername called"),!r)return e.warning("getAccountByUsername: No username provided"),null;const n=t.getAccountInfoFilteredBy({username:r});return n?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${r}`),n):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function lM(r,e,t){if(e.trace("getAccountByHomeId called"),!r)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const n=t.getAccountInfoFilteredBy({homeAccountId:r});return n?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${r}`),n):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function uM(r,e,t){if(e.trace("getAccountByLocalId called"),!r)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const n=t.getAccountInfoFilteredBy({localAccountId:r});return n?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${r}`),n):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function dM(r,e){e.setActiveAccount(r)}function hM(r){return r.getActiveAccount()}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ne={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/*! @azure/msal-browser v3.28.1 2025-01-14 */class fM{constructor(e){this.eventCallbacks=new Map,this.logger=e||new zr({})}addEventCallback(e,t,n){if(typeof window<"u"){const i=n||z0();return this.eventCallbacks.has(i)?(this.logger.error(`Event callback with id: ${i} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(i,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${i}`),i)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,n,i){if(typeof window<"u"){const s={eventType:e,interactionType:t||null,payload:n||null,error:i||null,timestamp:Date.now()};this.eventCallbacks.forEach(([c,d],f)=>{(d.length===0||d.includes(e))&&(this.logger.verbose(`Emitting event to callback ${f}: ${e}`),c.apply(null,[s]))})}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HC{constructor(e,t,n,i,s,c,d,f,g){this.config=e,this.browserStorage=t,this.browserCrypto=n,this.networkClient=this.config.system.networkClient,this.eventHandler=s,this.navigationClient=c,this.nativeMessageHandler=f,this.correlationId=g||Er(),this.logger=i.clone(en.MSAL_SKU,Lc,this.correlationId),this.performanceClient=d}async clearCacheOnLogout(e){if(e){it.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(it.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return ye.getAbsoluteUrl(t,yr())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const n={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new da(n,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,n=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const i={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},s=e.requestAuthority||this.config.auth.authority,c=n!=null&&n.length?n==="true":this.config.auth.instanceAware,d=t&&c?this.config.auth.authority.replace(ye.getDomainFromUrl(s),t.environment):s,f=Tt.generateAuthority(d,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),g=await B(Yy,k.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(f,this.config.system.networkClient,this.browserStorage,i,this.logger,this.correlationId,this.performanceClient);if(t&&!g.isAlias(t.environment))throw Ne(Hy);return g}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const gM=32;async function mM(r,e,t){r.addQueueMeasurement(k.GeneratePkceCodes,t);const n=wo(pM,k.GenerateCodeVerifier,e,r,t)(r,e,t),i=await B(vM,k.GenerateCodeChallengeFromVerifier,e,r,t)(n,r,e,t);return{verifier:n,challenge:i}}function pM(r,e,t){try{const n=new Uint8Array(gM);return wo(M0,k.GetRandomValues,e,r,t)(n),xc(n)}catch{throw j(ih)}}async function vM(r,e,t,n){e.addQueueMeasurement(k.GenerateCodeChallengeFromVerifier,n);try{const i=await B(DC,k.Sha256Digest,t,e,n)(r,e,n);return xc(new Uint8Array(i))}catch{throw j(ih)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function vh(r,e,t,n){t.addQueueMeasurement(k.InitializeBaseRequest,r.correlationId);const i=r.authority||e.auth.authority,s=[...r&&r.scopes||[]],c={...r,correlationId:r.correlationId,authority:i,scopes:s};if(!c.authenticationScheme)c.authenticationScheme=Re.BEARER,n.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(c.authenticationScheme===Re.SSH){if(!r.sshJwk)throw Ne(kc);if(!r.sshKid)throw Ne(Uy)}n.verbose(`Authentication Scheme set to "${c.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&r.claims&&!Un.isEmptyObj(r.claims)&&(c.requestedClaimsHash=await xC(r.claims)),c}async function yM(r,e,t,n,i){n.addQueueMeasurement(k.InitializeSilentRequest,r.correlationId);const s=await B(vh,k.InitializeBaseRequest,i,n,r.correlationId)(r,t,n,i);return{...r,...s,account:e,forceRefresh:r.forceRefresh||!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vi extends HC{async initializeAuthorizationCodeRequest(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.correlationId);const t=await B(mM,k.GeneratePkceCodes,this.logger,this.performanceClient,this.correlationId)(this.performanceClient,this.logger,this.correlationId),n={...e,redirectUri:e.redirectUri,code:P.EMPTY_STRING,codeVerifier:t.verifier};return e.codeChallenge=t.challenge,e.codeChallengeMethod=P.S256_CODE_CHALLENGE_METHOD,n}initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId||Er(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const n=this.getLogoutHintFromIdTokenClaims(e.account);n&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=n)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e||e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(e.postLogoutRedirectUri,yr())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,yr())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(yr(),yr())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Xy(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}=e;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetClientConfiguration,this.correlationId);const d=await B(this.getDiscoveredAuthority.bind(this),k.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}),f=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:d,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:f.loggerCallback,piiLoggingEnabled:f.piiLoggingEnabled,logLevel:f.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:en.MSAL_SKU,version:Lc,cpu:P.EMPTY_STRING,os:P.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),i={interactionType:t},s=Bn.setRequestState(this.browserCrypto,e&&e.state||P.EMPTY_STRING,i),d={...await B(vh,k.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:s,nonce:e.nonce||Er(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint||e.sid)return d;const f=e.account||this.browserStorage.getActiveAccount();if(f&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${f.homeAccountId}`,this.correlationId),d.account=f),!d.loginHint&&!f){const g=this.browserStorage.getLegacyLoginHint();g&&(d.loginHint=g)}return d}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const CM="ContentError",VC="user_switch";/*! @azure/msal-browser v3.28.1 2025-01-14 */const wM="USER_INTERACTION_REQUIRED",_M="USER_CANCEL",TM="NO_NETWORK",EM="PERSISTENT_ERROR",SM="DISABLED",AM="ACCOUNT_UNAVAILABLE";/*! @azure/msal-browser v3.28.1 2025-01-14 */const IM=-2147186943,bM={[VC]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Jn extends Fe{constructor(e,t,n){super(e,t),Object.setPrototypeOf(this,Jn.prototype),this.name="NativeAuthError",this.ext=n}}function Zo(r){if(r.ext&&r.ext.status&&(r.ext.status===EM||r.ext.status===SM)||r.ext&&r.ext.error&&r.ext.error===IM)return!0;switch(r.errorCode){case CM:return!0;default:return!1}}function wd(r,e,t){if(t&&t.status)switch(t.status){case AM:return dd(Jy);case wM:return new Fn(r,e);case _M:return j(po);case TM:return j(hc)}return new Jn(r,bM[r]||e,t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class $C extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),n=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),i=new d0(n,this.performanceClient);this.logger.verbose("Silent auth client created");try{const c=(await B(i.acquireCachedToken.bind(i),k.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),c}catch(s){throw s instanceof Ta&&s.errorCode===ch&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),s}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class li extends HC{constructor(e,t,n,i,s,c,d,f,g,p,w,C){var T;super(e,t,n,i,s,c,f,g,C),this.apiId=d,this.accountId=p,this.nativeMessageHandler=g,this.nativeStorageManager=w,this.silentCacheClient=new $C(e,this.nativeStorageManager,n,i,s,c,f,g,C),this.serverTelemetryManager=this.initializeServerTelemetryManager(this.apiId);const S=this.nativeMessageHandler.getExtensionId()===ai.PREFERRED_EXTENSION_ID?"chrome":(T=this.nativeMessageHandler.getExtensionId())!=null&&T.length?"unknown":void 0;this.skus=da.makeExtraSkuString({libraryName:en.MSAL_SKU,libraryVersion:Lc,extensionName:S,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[jP]:this.skus}}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const t=this.performanceClient.startMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),n=rr();try{const i=await this.initializeNativeRequest(e);try{const g=await this.acquireTokensFromCache(this.accountId,i);return t.end({success:!0,isNativeBroker:!1,fromCache:!0}),g}catch{this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...s}=i,c={method:uo.GetToken,request:s},d=await this.nativeMessageHandler.sendMessage(c),f=this.validateNativeResponse(d);return await this.handleNativeResponse(f,i,n).then(g=>(t.end({success:!0,isNativeBroker:!0,requestId:g.requestId}),this.serverTelemetryManager.clearNativeBrokerErrorCode(),g)).catch(g=>{throw t.end({success:!1,errorCode:g.errorCode,subErrorCode:g.subError,isNativeBroker:!0}),g})}catch(i){throw i instanceof Jn&&this.serverTelemetryManager.setNativeBrokerErrorCode(i.errorCode),i}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Ye.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),U(id);const n=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!n)throw U(id);try{const i=this.createSilentCacheRequest(t,n),s=await this.silentCacheClient.acquireToken(i),c={...n,idTokenClaims:s==null?void 0:s.idTokenClaims,idToken:s==null?void 0:s.idToken};return{...s,account:c}}catch(i){throw i}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...n}=e;delete n.onRedirectNavigate;const i=await this.initializeNativeRequest(n),s={method:uo.GetToken,request:i};try{const f=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(f)}catch(f){if(f instanceof Jn&&(this.serverTelemetryManager.setNativeBrokerErrorCode(f.errorCode),Zo(f)))throw f}this.browserStorage.setTemporaryCache(be.NATIVE_REQUEST,JSON.stringify(i),!0);const c={apiId:xe.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(d,c)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const n=this.browserStorage.getCachedNativeRequest();if(!n)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null||e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:i,...s}=n;i&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.NATIVE_REQUEST));const c={method:uo.GetToken,request:s},d=rr();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const f=await this.nativeMessageHandler.sendMessage(c);this.validateNativeResponse(f);const g=this.handleNativeResponse(f,s,d);this.browserStorage.setInteractionInProgress(!1);const p=await g;return this.serverTelemetryManager.clearNativeBrokerErrorCode(),p}catch(f){throw this.browserStorage.setInteractionInProgress(!1),f}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,n){var p;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const i=Co(e.id_token,tr),s=this.createHomeAccountIdentifier(e,i),c=(p=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:p.homeAccountId;if(s!==c&&e.account.id!==t.accountId)throw wd(VC);const d=await this.getDiscoveredAuthority({requestAuthority:t.authority}),f=nh(this.browserStorage,d,s,tr,i,e.client_info,void 0,i.tid,void 0,e.account.id,this.logger),g=await this.generateAuthenticationResult(e,t,i,f,d.canonicalAuthority,n);return this.cacheAccount(f),this.cacheNativeTokens(e,t,s,i,e.access_token,g.tenantId,n),g}createHomeAccountIdentifier(e,t){return it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,Dn.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===Re.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const n=new gi(this.browserCrypto),i={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw U(Vd);return n.signPopToken(e.access_token,t.keyId,i)}else return e.access_token}async generateAuthenticationResult(e,t,n,i,s,c){const d=this.addTelemetryFromNativeResponse(e),f=e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope),g=e.account.properties||{},p=g.UID||n.oid||n.sub||P.EMPTY_STRING,w=g.TenantId||n.tid||P.EMPTY_STRING,C=Jd(i.getAccountInfo(),void 0,n,e.id_token);C.nativeAccountId!==e.account.id&&(C.nativeAccountId=e.account.id);const S=await this.generatePopAccessToken(e,t),T=t.tokenType===Re.POP?Re.POP:Re.BEARER;return{authority:s,uniqueId:p,tenantId:w,scopes:f.asArray(),account:C,idToken:e.id_token,idTokenClaims:n,accessToken:S,fromCache:d?this.isResponseFromCache(d):!1,expiresOn:new Date(Number(c+e.expires_in)*1e3),tokenType:T,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}cacheAccount(e){this.browserStorage.setAccount(e),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,n,i,s,c,d){const f=Ic(n,t.authority,e.id_token||"",t.clientId,i.tid||""),g=t.tokenType===Re.POP?P.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,p=d+g,w=this.generateScopes(e,t),C=bc(n,t.authority,s,t.clientId,i.tid||c,w.printScopes(),p,0,tr,void 0,t.tokenType,void 0,t.keyId),S={idToken:f,accessToken:C};this.nativeStorageManager.saveCacheRecord(S,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw ay(xd,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const n=new ye(t);n.validateAsUri();const{scopes:i,...s}=e,c=new Ye(i||[]);c.appendScopes(pi);const d=()=>{switch(this.apiId){case xe.ssoSilent:case xe.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),lt.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),j(IC)}},f={...s,accountId:this.accountId,clientId:this.config.auth.clientId,authority:n.urlString,scope:c.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:d(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(f.signPopToken&&e.popKid)throw j(kC);if(this.handleExtraBrokerParams(f),f.extraParameters=f.extraParameters||{},f.extraParameters.telemetry=ai.MATS_TELEMETRY,e.authenticationScheme===Re.POP){const g={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},p=new gi(this.browserCrypto);let w;if(f.keyId)w=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:f.keyId})),f.signPopToken=!1;else{const C=await B(p.generateCnf.bind(p),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(g,this.logger);w=C.reqCnfString,f.keyId=C.kid,f.signPopToken=!0}f.reqCnf=w}return this.addRequestSKUs(f),f}handleExtraBrokerParams(e){var s;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(Zd)&&e.extraParameters.hasOwnProperty(ud)&&e.extraParameters.hasOwnProperty(go);if(!e.embeddedClientId&&!t)return;let n="";const i=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,n=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[ud],n=e.extraParameters[go]),e.extraParameters={child_client_id:n,child_redirect_uri:i},(s=this.performanceClient)==null||s.addFields({embeddedClientId:n,embeddedRedirectUri:i},e.correlationId)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Qn{constructor(e,t,n,i){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=i,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=n,this.handshakeEvent=n.startMeasurement(k.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((n,i)=>{this.resolvers.set(t.responseId,{resolve:n,reject:i})})}static async createProvider(e,t,n){e.trace("NativeMessageHandler - createProvider called.");try{const i=new Qn(e,t,n,ai.PREFERRED_EXTENSION_ID);return await i.sendHandshakeRequest(),i}catch{const s=new Qn(e,t,n);return await s.sendHandshakeRequest(),s}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:{method:uo.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,n)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:n}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),n(j(EC)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel||t.channel!==ai.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===uo.HandshakeRequest){const n=this.handshakeResolvers.get(t.responseId);if(!n){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),n.reject(j(SC))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,n=this.resolvers.get(t.responseId),i=this.handshakeResolvers.get(t.responseId);try{const s=t.body.method;if(s===uo.Response){if(!n)return;const c=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(c)}`),c.status!=="Success")n.reject(wd(c.code,c.description,c.ext));else if(c.result)c.result.code&&c.result.description?n.reject(wd(c.result.code,c.result.description,c.result.ext)):n.resolve(c.result);else throw ay(xd,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(s===uo.HandshakeResponse){if(!i){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),i.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(s){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${s}`),this.logger.errorPii(`Unable to parse ${e}`),n?n.reject(s):i&&i.reject(s)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isNativeAvailable(e,t,n,i){if(t.trace("isNativeAvailable called"),!e.system.allowNativeBroker)return t.trace("isNativeAvailable: allowNativeBroker is not enabled, returning false"),!1;if(!n)return t.trace("isNativeAvailable: WAM extension provider is not initialized, returning false"),!1;if(i)switch(i){case Re.BEARER:case Re.POP:return t.trace("isNativeAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isNativeAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yh{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(k.HandleCodeResponse,t.correlationId);let n;try{n=this.authModule.handleFragmentResponse(e,t.state)}catch(i){throw i instanceof Wr&&i.subError===po?j(po):i}return B(this.handleCodeResponseFromServer.bind(this),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(n,t)}async handleCodeResponseFromServer(e,t,n=!0){if(this.performanceClient.addQueueMeasurement(k.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const s=this.createCcsCredentials(t);s&&(this.authCodeRequest.ccsCredential=s)}return await B(this.authModule.acquireToken.bind(this.authModule),k.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:on.UPN}:null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function KC(r,e,t){const n=lc(r);if(!n)throw $y(r)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${r}`),j(rC)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),j(nC));return n}function kM(r,e,t){if(!r.state)throw j(ah);const n=FC(e,r.state);if(!n)throw j(oC);if(n.interactionType!==t)throw j(iC)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class RM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=f}acquireToken(e){try{const n={popupName:this.generatePopupName(e.scopes||pi,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window};return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,n)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),n.popup=this.openSizedPopup("about:blank",n),this.acquireTokenPopupAsync(e,n))}catch(t){return Promise.reject(t)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),n={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)||{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},i=e&&e.authority,s=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,n,i,s)):(this.logger.verbose("asyncPopup set to false, opening popup"),n.popup=this.openSizedPopup("about:blank",n),this.logoutPopupAsync(t,n,i,s))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t){var s;this.logger.verbose("acquireTokenPopupAsync called");const n=this.initializeServerTelemetryManager(xe.acquireTokenPopup),i=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Popup);BC(i.authority);try{const c=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(i),d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),f=Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);let g;f&&(g=this.performanceClient.startMeasurement(k.FetchAccountIdWithNativeBroker,e.correlationId));const p=await d.getAuthCodeUrl({...i,nativeBroker:f}),w=new yh(d,this.browserStorage,c,this.logger,this.performanceClient),C=this.initiateAuthRequest(p,t);this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null);const S=await this.monitorPopupForHash(C,t.popupWindowParent),T=wo(KC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(S,this.config.auth.OIDCOptions.serverResponseType,this.logger);if(Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,c),T.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),g&&g.end({success:!0,isNativeBroker:!0}),!this.nativeMessageHandler)throw j(_a);const N=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,T.accountId,this.nativeStorage,i.correlationId),{userRequestState:K}=Bn.parseRequestState(this.browserCrypto,i.state);return await N.acquireToken({...i,state:K,prompt:void 0})}return await w.handleCodeResponse(T,i)}catch(c){throw(s=t.popup)==null||s.close(),c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),c}}async logoutPopupAsync(e,t,n,i){var c,d,f,g;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(ne.LOGOUT_START,X.Popup,e);const s=this.initializeServerTelemetryManager(xe.logoutPopup);try{await this.clearCacheOnLogout(e.account);const p=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:s,requestAuthority:n,account:e.account||void 0});try{p.authority.endSessionEndpoint}catch{if((c=e.account)!=null&&c.homeAccountId&&e.postLogoutRedirectUri&&p.authority.protocolMode===_r.OIDC){if(this.browserStorage.removeAccount((d=e.account)==null?void 0:d.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());await this.navigationClient.navigateInternal(T,S)}(f=t.popup)==null||f.close();return}}const w=p.getLogoutUri(e);this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e);const C=this.openPopup(w,t);if(this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null),await this.monitorPopupForHash(C,t.popupWindowParent).catch(()=>{}),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${T}`),await this.navigationClient.navigateInternal(T,S)}else this.logger.verbose("No main window navigation requested")}catch(p){throw(g=t.popup)==null||g.close(),p instanceof Fe&&(p.setCorrelationId(this.correlationId),s.cacheFailedRequest(p)),this.browserStorage.setInteractionInProgress(!1),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Popup,null,p),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup),p}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),j(Pc)}monitorPopupForHash(e,t){return new Promise((n,i)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const s=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(s),i(j(po));return}let c="";try{c=e.location.href}catch{}if(!c||c==="about:blank")return;clearInterval(s);let d="";const f=this.config.auth.OIDCOptions.serverResponseType;e&&(f===wa.QUERY?d=e.location.search:d=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),n(d)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let n;if(t.popup?(n=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),n.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),n=this.openSizedPopup(e,t)),!n)throw j(cC);return n.focus&&n.focus(),this.currentWindow=n,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),n}catch(n){throw this.logger.error("error opening popup "+n.message),this.browserStorage.setInteractionInProgress(!1),j(sC)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:n,popupWindowParent:i}){var S,T,b,N;const s=i.screenLeft?i.screenLeft:i.screenX,c=i.screenTop?i.screenTop:i.screenY,d=i.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,f=i.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let g=(S=n.popupSize)==null?void 0:S.width,p=(T=n.popupSize)==null?void 0:T.height,w=(b=n.popupPosition)==null?void 0:b.top,C=(N=n.popupPosition)==null?void 0:N.left;return(!g||g<0||g>d)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),g=en.POPUP_WIDTH),(!p||p<0||p>f)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),p=en.POPUP_HEIGHT),(!w||w<0||w>f)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),w=Math.max(0,f/2-en.POPUP_HEIGHT/2+c)),(!C||C<0||C>d)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),C=Math.max(0,d/2-en.POPUP_WIDTH/2+s)),i.open(e,t,`width=${g}, height=${p}, top=${w}, left=${C}, scrollbars=yes`)}unloadWindow(e){this.browserStorage.cleanRequestByInteractionType(X.Popup),this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow),this.browserStorage.setInteractionInProgress(!1)}generatePopupName(e,t){return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class lp{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){t.redirectStartPage&&(this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page"),this.browserStorage.setTemporaryCache(be.ORIGIN_URI,t.redirectStartPage,!0)),this.browserStorage.setTemporaryCache(be.CORRELATION_ID,this.authCodeRequest.correlationId,!0),this.browserStorage.cacheCodeRequest(this.authCodeRequest),this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const n={apiId:xe.acquireTokenRedirect,timeout:t.redirectTimeout,noHistory:!1};if(typeof t.onRedirectNavigate=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),t.onRedirectNavigate(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await t.navigationClient.navigateExternal(e,n);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await t.navigationClient.navigateExternal(e,n);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),j(Pc)}async handleCodeResponse(e,t){this.logger.verbose("RedirectHandler.handleCodeResponse called"),this.browserStorage.setInteractionInProgress(!1);const n=this.browserStorage.generateStateKey(t),i=this.browserStorage.getTemporaryCache(n);if(!i)throw U(ic,"Cached State");let s;try{s=this.authModule.handleFragmentResponse(e,i)}catch(g){throw g instanceof Wr&&g.subError===po?j(po):g}const c=this.browserStorage.generateNonceKey(i),d=this.browserStorage.getTemporaryCache(c);if(this.authCodeRequest.code=s.code,s.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,this.authCodeRequest.correlationId)(s.cloud_instance_host_name,this.authCodeRequest.correlationId),s.nonce=d||void 0,s.state=i,s.client_info)this.authCodeRequest.clientInfo=s.client_info;else{const g=this.checkCcsCredentials();g&&(this.authCodeRequest.ccsCredential=g)}const f=await this.authModule.acquireToken(this.authCodeRequest,s);return this.browserStorage.cleanRequestByState(t),f}checkCcsCredentials(){const e=this.browserStorage.getTemporaryCache(be.CCS_CREDENTIAL,!0);if(e)try{return JSON.parse(e)}catch{this.authModule.logger.error("Cache credential could not be parsed"),this.authModule.logger.errorPii(`Cache credential could not be parsed: ${e}`)}return null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function OM(){if(typeof window>"u"||typeof window.performance>"u"||typeof window.performance.getEntriesByType!="function")return;const r=window.performance.getEntriesByType("navigation"),e=r.length?r[0]:void 0;return e==null?void 0:e.type}class NM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.nativeStorage=f}async acquireToken(e){const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Redirect);this.browserStorage.updateCacheEntries(t.state,t.nonce,t.authority,t.loginHint||"",t.account||null);const n=this.initializeServerTelemetryManager(xe.acquireTokenRedirect),i=s=>{s.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.cleanRequestByState(t.state),this.eventHandler.emitEvent(ne.RESTORE_FROM_BFCACHE,X.Redirect))};try{const s=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(t),c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),d=new lp(c,this.browserStorage,s,this.logger,this.performanceClient),f=await c.getAuthCodeUrl({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme)}),g=this.getRedirectStartPage(e.redirectStartPage);return this.logger.verbosePii(`Redirect start page: ${g}`),window.addEventListener("pageshow",i),await d.initiateAuthRequest(f,{navigationClient:this.navigationClient,redirectTimeout:this.config.system.redirectNavigationTimeout,redirectStartPage:g,onRedirectNavigate:e.onRedirectNavigate||this.config.auth.onRedirectNavigate})}catch(s){throw s instanceof Fe&&(s.setCorrelationId(this.correlationId),n.cacheFailedRequest(s)),window.removeEventListener("pageshow",i),this.browserStorage.cleanRequestByState(t.state),s}}async handleRedirectPromise(e="",t){const n=this.initializeServerTelemetryManager(xe.handleRedirectPromise);try{if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const[i,s]=this.getRedirectResponse(e||"");if(!i)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.cleanRequestByInteractionType(X.Redirect),OM()!=="back_forward"?t.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(be.ORIGIN_URI,!0)||P.EMPTY_STRING,d=ye.removeHashFromUrl(c),f=ye.removeHashFromUrl(window.location.href);if(d===f&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&B0(c),await this.handleResponse(i,n);if(this.config.auth.navigateToLoginRequestUrl){if(!gh()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(be.URL_HASH,s,!0);const g={apiId:xe.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c||c==="null"){const w=H0();this.browserStorage.setTemporaryCache(be.ORIGIN_URI,w,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(w,g)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,g);if(!p)return await this.handleResponse(i,n)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(i,n);return null}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),this.browserStorage.cleanRequestByInteractionType(X.Redirect),i}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t||(this.config.auth.OIDCOptions.serverResponseType===wa.QUERY?t=window.location.search:t=window.location.hash);let n=lc(t);if(n){try{kM(n,this.browserCrypto,X.Redirect)}catch(s){return s instanceof Fe&&this.logger.error(`Interaction type validation failed due to ${s.errorCode}: ${s.errorMessage}`),[null,""]}return U0(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,t]}const i=this.browserStorage.getTemporaryCache(be.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.URL_HASH)),i&&(n=lc(i),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,i]):[null,""]}async handleResponse(e,t){const n=e.state;if(!n)throw j(ah);const i=this.browserStorage.getCachedRequest(n);if(this.logger.verbose("handleResponse called, retrieved cached request"),e.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(_a);const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,e.accountId,this.nativeStorage,i.correlationId),{userRequestState:g}=Bn.parseRequestState(this.browserCrypto,n);return f.acquireToken({...i,state:g,prompt:void 0}).finally(()=>{this.browserStorage.cleanRequestByState(n)})}const s=this.browserStorage.getCachedAuthority(n);if(!s)throw j(sh);const c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:s});return Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,i),new lp(c,this.browserStorage,i,this.logger,this.performanceClient).handleCodeResponse(e,n)}async logout(e){var i,s;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),n=this.initializeServerTelemetryManager(xe.logout);try{this.eventHandler.emitEvent(ne.LOGOUT_START,X.Redirect,e),await this.clearCacheOnLogout(t.account);const c={apiId:xe.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account||void 0});if(d.authority.protocolMode===_r.OIDC)try{d.authority.endSessionEndpoint}catch{if((i=t.account)!=null&&i.homeAccountId){this.browserStorage.removeAccount((s=t.account)==null?void 0:s.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t);return}}const f=d.getLogoutUri(t);if(this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(f)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}}catch(c){throw c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Redirect,null,c),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect),c}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return ye.getAbsoluteUrl(t,yr())}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function PM(r,e,t,n,i){if(e.addQueueMeasurement(k.SilentHandlerInitiateAuthRequest,n),!r)throw t.info("Navigate url is empty"),j(Pc);return i?B(DM,k.SilentHandlerLoadFrame,t,e,n)(r,i,e,n):wo(xM,k.SilentHandlerLoadFrameSync,t,e,n)(r)}async function MM(r,e,t,n,i,s,c){return n.addQueueMeasurement(k.SilentHandlerMonitorIframeForHash,s),new Promise((d,f)=>{e<vd&&i.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${vd}ms). This may result in timeouts.`);const g=window.setTimeout(()=>{window.clearInterval(p),f(j(lC))},e),p=window.setInterval(()=>{let w="";const C=r.contentWindow;try{w=C?C.location.href:""}catch{}if(!w||w==="about:blank")return;let S="";C&&(c===wa.QUERY?S=C.location.search:S=C.location.hash),window.clearTimeout(g),window.clearInterval(p),d(S)},t)}).finally(()=>{wo(LM,k.RemoveHiddenIframe,i,n,s)(r)})}function DM(r,e,t,n){return t.addQueueMeasurement(k.SilentHandlerLoadFrame,n),new Promise((i,s)=>{const c=zC();window.setTimeout(()=>{if(!c){s("Unable to load iframe");return}c.src=r,i(c)},e)})}function xM(r){const e=zC();return e.src=r,e}function zC(){const r=document.createElement("iframe");return r.className="msalSilentIframe",r.style.visibility="hidden",r.style.position="absolute",r.style.width=r.style.height="0",r.style.border="0",r.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(r),r}function LM(r){document.body===r.parentNode&&document.body.removeChild(r)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class UM extends vi{constructor(e,t,n,i,s,c,d,f,g,p,w){super(e,t,n,i,s,c,f,p,w),this.apiId=d,this.nativeStorage=g}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account||!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==lt.NONE&&t.prompt!==lt.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${lt.NONE}`),t.prompt=lt.NONE):t.prompt=lt.NONE;const n=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);BC(n.authority);const i=this.initializeServerTelemetryManager(this.apiId);let s;try{return s=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:i,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(s,n)}catch(c){if(c instanceof Fe&&(c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c)),!s||!(c instanceof Fe)||c.errorCode!==en.INVALID_GRANT_ERROR)throw c;this.performanceClient.addFields({retryError:c.errorCode},this.correlationId);const d=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);return await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(s,d)}}logout(){return Promise.reject(j(Mc))}async silentTokenHelper(e,t){const n=t.correlationId;this.performanceClient.addQueueMeasurement(k.SilentIframeClientTokenHelper,n);const i=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,n)(t),s=await B(e.getAuthCodeUrl.bind(e),k.GetAuthCodeUrl,this.logger,this.performanceClient,n)({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,t.authenticationScheme)}),c=new yh(e,this.browserStorage,i,this.logger,this.performanceClient),d=await B(PM,k.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,n)(s,this.performanceClient,this.logger,n,this.config.system.navigateFrameWait),f=this.config.auth.OIDCOptions.serverResponseType,g=await B(MM,k.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,n)(d,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,n,f),p=wo(KC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(g,f,this.logger);if(p.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(_a);const w=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.apiId,this.performanceClient,this.nativeMessageHandler,p.accountId,this.browserStorage,n),{userRequestState:C}=Bn.parseRequestState(this.browserCrypto,t.state);return B(w.acquireToken.bind(w),k.NativeInteractionClientAcquireToken,this.logger,this.performanceClient,n)({...t,state:C,prompt:t.prompt||lt.NONE})}return B(c.handleCodeResponse.bind(c),k.HandleCodeResponse,this.logger,this.performanceClient,n)(p,t)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class BM extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentRefreshClientAcquireToken,e.correlationId);const t=await B(vh,k.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),n={...e,...t};e.redirectUri&&(n.redirectUri=this.getRedirectUri(e.redirectUri));const i=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),s=await this.createRefreshTokenClient({serverTelemetryManager:i,authorityUrl:n.authority,azureCloudOptions:n.azureCloudOptions,account:n.account});return B(s.acquireTokenByRefreshToken.bind(s),k.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(n).catch(c=>{throw c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c),c})}logout(){return Promise.reject(j(Mc))}async createRefreshTokenClient(e){const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new hd(t,this.performanceClient)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class FM{constructor(e,t,n,i){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=n,this.cryptoObj=i}loadExternalTokens(e,t,n){if(!this.isBrowserEnvironment)throw j(Dc);const i=t.id_token?Co(t.id_token,tr):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},c=e.authority?new Tt(Tt.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId||Er()):void 0,d=this.loadAccount(e,n.clientInfo||t.client_info||"",i,c),f=this.loadIdToken(t,d.homeAccountId,d.environment,d.realm),g=this.loadAccessToken(e,t,d.homeAccountId,d.environment,d.realm,n),p=this.loadRefreshToken(t,d.homeAccountId,d.environment);return this.generateAuthenticationResult(e,{account:d,idToken:f,accessToken:g,refreshToken:p},i,c)}loadAccount(e,t,n,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const f=it.createFromAccountInfo(e.account);return this.storage.setAccount(f),f}else if(!i||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),j(yC);const s=it.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,n),c=n==null?void 0:n.tid,d=nh(this.storage,i,s,tr,n,t,i.hostnameAndPort,c,void 0,void 0,this.logger);return this.storage.setAccount(d),d}loadIdToken(e,t,n,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Ic(t,n,e.id_token,this.config.auth.clientId,i);return this.storage.setIdTokenCredential(s),s}loadAccessToken(e,t,n,i,s,c){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes||!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const d=t.scope?Ye.fromString(t.scope):new Ye(e.scopes),f=c.expiresOn||t.expires_in+new Date().getTime()/1e3,g=c.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+new Date().getTime()/1e3,p=bc(n,i,t.access_token,this.config.auth.clientId,s,d.printScopes(),f,g,tr);return this.storage.setAccessTokenCredential(p),p}loadRefreshToken(e,t,n){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=Iy(t,n,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return this.storage.setRefreshTokenCredential(i),i}generateAuthenticationResult(e,t,n,i){var p,w,C;let s="",c=[],d=null,f;t!=null&&t.accessToken&&(s=t.accessToken.secret,c=Ye.fromString(t.accessToken.target).asArray(),d=new Date(Number(t.accessToken.expiresOn)*1e3),f=new Date(Number(t.accessToken.extendedExpiresOn)*1e3));const g=t.account;return{authority:i?i.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:c,account:g.getAccountInfo(),idToken:((p=t.idToken)==null?void 0:p.secret)||"",idTokenClaims:n||{},accessToken:s,fromCache:!0,expiresOn:d,correlationId:e.correlationId||"",requestId:"",extExpiresOn:f,familyId:((w=t.refreshToken)==null?void 0:w.familyId)||"",tokenType:((C=t==null?void 0:t.accessToken)==null?void 0:C.tokenType)||"",state:e.state||"",cloudGraphHostName:g.cloudGraphHostName||"",msGraphHost:g.msGraphHost||"",fromNativeBroker:!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HM extends Xy{constructor(e){super(e),this.includeRedirectUri=!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,f,g,p),this.apiId=d}async acquireToken(e){if(!e.code)throw j(CC);const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,X.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const i={...t,code:e.code},s=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),c=new HM(s);this.logger.verbose("Auth code client created");const d=new yh(c,this.browserStorage,i,this.logger,this.performanceClient);return await B(d.handleCodeResponseFromServer.bind(d),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),i}}logout(){return Promise.reject(j(Mc))}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function qn(r){const e=r==null?void 0:r.idTokenClaims;if(e!=null&&e.tfp||e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function Rs(r,e){try{mh(r)}catch(t){throw e.end({success:!1},t),t}}class Uc{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mi(this.logger,this.performanceClient):ac,this.eventHandler=new fM(this.logger),this.browserStorage=this.isBrowserEnvironment?new Cd(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,t0(this.config.auth),this.performanceClient):iM(this.config.auth.clientId,this.logger);const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new Cd(this.config.auth.clientId,t,this.browserCrypto,this.logger,void 0,this.performanceClient),this.tokenCache=new FM(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this),this.listeningToStorageEvents=!1,this.handleAccountCacheChange=this.handleAccountCacheChange.bind(this)}static async createController(e,t){const n=new Uc(e);return await n.initialize(t),n}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)||this.getRequestCorrelationId(),n=this.config.system.allowNativeBroker,i=this.performanceClient.startMeasurement(k.InitializeClientApplication,t);if(this.eventHandler.emitEvent(ne.INITIALIZE_START),n)try{this.nativeExtensionProvider=await Qn.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(s){this.logger.verbose(s)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await B(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),k.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END),i.end({allowNativeBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),UC(this.initialized),this.isBrowserEnvironment){const t=e||"";let n=this.redirectResponse.get(t);return typeof n>"u"?(n=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,n),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),n}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){const t=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e,s=i?n==null?void 0:n.correlationId:this.browserStorage.getTemporaryCache(be.CORRELATION_ID,!0)||"",c=this.performanceClient.startMeasurement(k.AcquireTokenRedirect,s);this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_START,X.Redirect);let d;if(i&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,n.accountId,this.nativeInternalStorage,n.correlationId);d=B(f.handleRedirectPromise.bind(f),k.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(this.performanceClient,c.event.correlationId)}else{this.logger.trace("handleRedirectPromise - acquiring token from web flow");const f=this.createRedirectClient(s);d=B(f.handleRedirectPromise.bind(f),k.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(e,c)}return d.then(f=>(f?(t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),c.end({success:!0,accountType:qn(f.account)})):c.event.errorCode?c.end({success:!1}):c.discard(),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),f)).catch(f=>{const g=f;throw t.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,g):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,g),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),c.end({success:!1},g),f})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenPreRedirect,t);n.add({accountType:qn(e.account),scenarioId:e.scenarioId});const i=e.onRedirectNavigate;if(i)e.onRedirectNavigate=c=>{const d=typeof i=="function"?i(c):void 0;return d!==!1?n.end({success:!0}):n.discard(),d};else{const c=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=d=>{const f=typeof c=="function"?c(d):void 0;return f!==!1?n.end({success:!0}):n.discard(),f}}const s=this.getAllAccounts().length>0;try{ip(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Redirect,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Redirect,e);let c;return this.nativeExtensionProvider&&this.canUseNative(e)?c=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,n).catch(f=>{if(f instanceof Jn&&Zo(f))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(f instanceof Fn)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),f}):c=this.createRedirectClient(t).acquireToken(e),await c}catch(c){throw n.end({success:!1},c),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,c),c}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenPopup,t);n.add({scenarioId:e.scenarioId,accountType:qn(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),Rs(this.initialized,n),this.browserStorage.setInteractionInProgress(!0)}catch(c){return Promise.reject(c)}const i=this.getAllAccounts();i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Popup,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Popup,e);let s;return this.canUseNative(e)?s=this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenPopup).then(c=>(this.browserStorage.setInteractionInProgress(!1),n.end({success:!0,isNativeBroker:!0,accountType:qn(c.account)}),c)).catch(c=>{if(c instanceof Jn&&Zo(c))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e);if(c instanceof Fn)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),c}):s=this.createPopupClient(t).acquireToken(e),s.then(c=>(i.length<this.getAllAccounts().length?this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Popup,c):this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Popup,c),n.end({success:!0,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>(i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Popup,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Popup,null,c),n.end({success:!1},c),Promise.reject(c)))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var s,c;const t=this.getRequestCorrelationId(e),n={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(k.SsoSilent,t),(s=this.ssoSilentMeasurement)==null||s.add({scenarioId:e.scenarioId,accountType:qn(e.account)}),Rs(this.initialized,this.ssoSilentMeasurement),(c=this.ssoSilentMeasurement)==null||c.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(ne.SSO_SILENT_START,X.Silent,n);let i;return this.canUseNative(n)?i=this.acquireTokenNative(n,xe.ssoSilent).catch(d=>{if(d instanceof Jn&&Zo(d))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(n.correlationId).acquireToken(n);throw d}):i=this.createSilentIframeClient(n.correlationId).acquireToken(n),i.then(d=>{var f;return this.eventHandler.emitEvent(ne.SSO_SILENT_SUCCESS,X.Silent,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!0,isNativeBroker:d.fromNativeBroker,accessTokenSize:d.accessToken.length,idTokenSize:d.idToken.length,accountType:qn(d.account)}),d}).catch(d=>{var f;throw this.eventHandler.emitEvent(ne.SSO_SILENT_FAILURE,X.Silent,null,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!1},d),d}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenByCode,t);Rs(this.initialized,n),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_START,X.Silent,e),n.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw j(_C);if(e.code){const i=e.code;let s=this.hybridAuthCodeResponses.get(i);return s?(this.logger.verbose("Existing acquireTokenByCode request found",t),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),s=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(c=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_SUCCESS,X.Silent,c),this.hybridAuthCodeResponses.delete(i),n.end({success:!0,isNativeBroker:c.fromNativeBroker,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>{throw this.hybridAuthCodeResponses.delete(i),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,c),n.end({success:!1},c),c}),this.hybridAuthCodeResponses.set(i,s)),await s}else if(e.nativeAccountId)if(this.canUseNative(e,e.nativeAccountId)){const i=await this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenByCode,e.nativeAccountId).catch(s=>{throw s instanceof Jn&&Zo(s)&&(this.nativeExtensionProvider=void 0),s});return n.end({accountType:qn(i.account),success:!0}),i}else throw j(TC);else throw j(wC)}catch(i){throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,i),n.end({success:!1},i),i}}async acquireTokenByCodeAsync(e){var i;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(k.AcquireTokenByCodeAsync,e.correlationId),(i=this.acquireTokenByCodeAsyncMeasurement)==null||i.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(s=>{var c;return(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!0,fromCache:s.fromCache,isNativeBroker:s.fromNativeBroker}),s}).catch(s=>{var c;throw(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!1},s),s}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenFromCache,e.correlationId),t){case Qt.Default:case Qt.AccessToken:case Qt.AccessTokenAndRefreshToken:const n=this.createSilentCacheClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenByRefreshToken,e.correlationId),t){case Qt.Default:case Qt.AccessTokenAndRefreshToken:case Qt.RefreshToken:case Qt.RefreshTokenAndNetwork:const n=this.createSilentRefreshClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(k.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return B(t.acquireToken.bind(t),k.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return ip(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return mh(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e)}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return aM(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return sM(e,this.logger,this.browserStorage)}getAccountByUsername(e){return cM(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return lM(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return uM(e,this.logger,this.browserStorage)}setActiveAccount(e){dM(e,this.browserStorage)}getActiveAccount(){return hM(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const n=it.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return this.browserStorage.setAccount(n),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,n){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw j(_a);return new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,n||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e)}canUseNative(e,t){if(this.logger.trace("canUseNative called"),!Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUseNative: isNativeAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:this.logger.trace("canUseNative: prompt is compatible with native flow");break;default:return this.logger.trace(`canUseNative: prompt = ${e.prompt} is not compatible with native flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUseNative: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new RM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new NM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new UM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new $C(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new BM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new VM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return LC(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?this.logger.verbose("Account storage listener already registered."):(this.logger.verbose("Adding account storage listener."),this.listeningToStorageEvents=!0,window.addEventListener("storage",this.handleAccountCacheChange)))}disableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?(this.logger.verbose("Removing account storage listener."),window.removeEventListener("storage",this.handleAccountCacheChange),this.listeningToStorageEvents=!1):this.logger.verbose("No account storage listener registered."))}handleAccountCacheChange(e){var t;try{(t=e.key)!=null&&t.includes(st.ACTIVE_ACCOUNT_FILTERS)&&this.eventHandler.emitEvent(ne.ACTIVE_ACCOUNT_CHANGED);const n=e.newValue||e.oldValue;if(!n)return;const i=JSON.parse(n);if(typeof i!="object"||!it.isAccountEntity(i))return;const c=fi.toObject(new it,i).getAccountInfo();!e.oldValue&&e.newValue?(this.logger.info("Account was added to cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_ADDED,void 0,c)):!e.newValue&&e.oldValue&&(this.logger.info("Account was removed from cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_REMOVED,void 0,c))}catch{return}}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?Er():P.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||np})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||np})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenSilent,t);n.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Rs(this.initialized,n),this.logger.verbose("acquireTokenSilent called",t);const i=e.account||this.getActiveAccount();if(!i)throw j(fC);n.add({accountType:qn(i)});const s={clientId:this.config.auth.clientId,authority:e.authority||P.EMPTY_STRING,scopes:e.scopes,homeAccountIdentifier:i.homeAccountId,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,shrOptions:e.shrOptions},c=JSON.stringify(s),d=this.activeSilentTokenRequests.get(c);if(typeof d>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",t);const f=B(this.acquireTokenSilentAsync.bind(this),k.AcquireTokenSilentAsync,this.logger,this.performanceClient,t)({...e,correlationId:t},i).then(g=>(this.activeSilentTokenRequests.delete(c),n.end({success:!0,fromCache:g.fromCache,isNativeBroker:g.fromNativeBroker,cacheLookupPolicy:e.cacheLookupPolicy,accessTokenSize:g.accessToken.length,idTokenSize:g.idToken.length}),g)).catch(g=>{throw this.activeSilentTokenRequests.delete(c),n.end({success:!1},g),g});return this.activeSilentTokenRequests.set(c,f),{...await f,state:e.state}}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",t),n.discard(),{...await d,state:e.state}}async acquireTokenSilentAsync(e,t){const n=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(k.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",n);const i=await B(yM,k.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),s=e.cacheLookupPolicy||Qt.Default;return this.acquireTokenSilentNoIframe(i,s).catch(async d=>{if($M(d,s))if(this.activeIframeRequest)if(s!==Qt.Skip){const[g,p]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${p}`,i.correlationId);const w=this.performanceClient.startMeasurement(k.AwaitConcurrentIframe,i.correlationId);w.add({awaitIframeCorrelationId:p});const C=await g;if(w.end({success:C}),C)return this.logger.verbose(`Parallel iframe request with correlationId: ${p} succeeded. Retrying cache and/or RT redemption`,i.correlationId),this.acquireTokenSilentNoIframe(i,s);throw this.logger.info(`Iframe request with correlationId: ${p} failed. Interaction is required.`),d}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i);else{let g;return this.activeIframeRequest=[new Promise(p=>{g=p}),i.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i).then(p=>(g(!0),p)).catch(p=>{throw g(!1),p}).finally(()=>{this.activeIframeRequest=void 0})}else throw d}).then(d=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Silent,d),e.correlationId&&this.performanceClient.addFields({fromCache:d.fromCache,isNativeBroker:d.fromNativeBroker},e.correlationId),d)).catch(d=>{throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Silent,null,d),d}).finally(()=>{document.removeEventListener("visibilitychange",n)})}async acquireTokenSilentNoIframe(e,t){return Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,xe.acquireTokenSilent_silentFlow).catch(async n=>{throw n instanceof Jn&&Zo(n)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,U(vr)):n})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),B(this.acquireTokenFromCache.bind(this),k.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(n=>{if(t===Qt.AccessToken)throw n;return this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_NETWORK_START,X.Silent,e),B(this.acquireTokenByRefreshToken.bind(this),k.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}}function $M(r,e){const t=!(r instanceof Fn&&r.subError!==Nc),n=r.errorCode===en.INVALID_GRANT_ERROR||r.errorCode===vr,i=t&&n||r.errorCode===dc||r.errorCode===th,s=A0.includes(e);return i&&s}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function KM(r,e){const t=new vo(r);return await t.initialize(),Uc.createController(t,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Ch{static async createPublicClientApplication(e){const t=await KM(e);return new Ch(e,t)}constructor(e,t){this.controller=t||new Uc(new vo(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const Du=process.env.JPLAN_WEBAPP__APP_PROXY_TENANT_NAME??"",zM=process.env.JPLAN_WEBAPP__APP_PROXY_CLIENT_ID??"",WM=process.env.JPLAN_WEBAPP__APP_PROXY_USER_FLOW??"",qM=process.env.JPLAN_WEBAPP__URL_BASE??"",GM={auth:{clientId:zM,authority:`https://${Du}.b2clogin.com/${Du}.onmicrosoft.com/${WM}`,knownAuthorities:[`${Du}.b2clogin.com`],redirectUri:`${qM}/_/dashboard/`},cache:{cacheLocation:"localStorage",storeAuthStateInCookie:!1},system:{loggerOptions:{loggerCallback:(r,e)=>{r===Me.Error&&console.error(e)},logLevel:Me.Warning}}},oo=new Ch(GM),up=u.ref(null);function WC(){async function r(e){var t;if(e)try{const n=e.idTokenClaims;if(!(n!=null&&n.aud))throw new Error("User audience (aud) is missing in ID token claims");const i=localStorage.getItem(`msal.token.keys.${n.aud}`);if(!i)throw new Error(`Token keys para ${n.aud} não encontrados no localStorage`);const s=JSON.parse(i),c=(t=s==null?void 0:s.idToken)==null?void 0:t[0];if(!c)throw new Error("idToken não encontrado nos token keys");const d=localStorage.getItem(c);if(!d)throw new Error(`Dados do token para ID ${c} não encontrados no localStorage`);const f=JSON.parse(d),g=f==null?void 0:f.secret;if(!g)throw new Error("Secret não encontrado nos dados do token");sessionStorage.setItem("isAuthenticated","true"),up.value=g}catch(n){console.error("Erro ao obter token de acesso:",n)}}return{jToken:up,setJToken:r}}const jM="https://app-files.jplan.com.br/pub/msal-auth/index.html",Ko=u.ref(null);function qC(){const{setJToken:r}=WC(),e=u.computed(()=>!!Ko.value),t=u.computed(()=>Ko.value);async function n(){if(!e){await i();return}}const i=async()=>new Promise((d,f)=>{try{localStorage.clear();const g=window.open(jM);if(!g){console.error("Falha ao abrir a janela de autenticação"),f("Falha ao abrir a janela de autenticação");return}const p=setInterval(()=>{Object.keys(localStorage).some(C=>C.startsWith("msal.account.keys"))&&(clearInterval(p),s(),g.close(),d())},500)}catch(g){console.error("Erro no handleRedirect:",g),f(g)}}),s=async()=>{try{await oo.initialize();const d=oo.getActiveAccount();if(d)Ko.value=d;else{const f=await oo.handleRedirectPromise();f?(oo.setActiveAccount(f.account),Ko.value=oo.getActiveAccount()):console.error("Falha na autenticação")}}catch(d){console.error("Erro no processo de autenticação:",d)}};async function c(){try{const d=await oo.acquireTokenSilent({scopes:["https://graph.microsoft.com/.default","openid","profile"]});oo.setActiveAccount(d.account),await r(Ko.value)}catch(d){console.error("Falha ao renovar token, forçando novo login.",d),await n()}}return u.watch(Ko,async(d,f)=>{var p,w,C;if(((p=d==null?void 0:d.idTokenClaims)==null?void 0:p.exp)===((w=f==null?void 0:f.idTokenClaims)==null?void 0:w.exp))return;const g=(C=d==null?void 0:d.idTokenClaims)==null?void 0:C.exp;if(g){const S=Math.floor(Date.now()/1e3),b=(g-S-120)*1e3;b>0&&setTimeout(async()=>{await c()},b)}}),{isAuthenticated:e,account:t,handleRedirect:n}}function GC(r,e){return function(){return r.apply(e,arguments)}}const{toString:YM}=Object.prototype,{getPrototypeOf:wh}=Object,Bc=(r=>e=>{const t=YM.call(e);return r[t]||(r[t]=t.slice(8,-1).toLowerCase())})(Object.create(null)),Vn=r=>(r=r.toLowerCase(),e=>Bc(e)===r),Fc=r=>e=>typeof e===r,{isArray:yi}=Array,fa=Fc("undefined");function JM(r){return r!==null&&!fa(r)&&r.constructor!==null&&!fa(r.constructor)&&an(r.constructor.isBuffer)&&r.constructor.isBuffer(r)}const jC=Vn("ArrayBuffer");function QM(r){let e;return typeof ArrayBuffer<"u"&&ArrayBuffer.isView?e=ArrayBuffer.isView(r):e=r&&r.buffer&&jC(r.buffer),e}const XM=Fc("string"),an=Fc("function"),YC=Fc("number"),Hc=r=>r!==null&&typeof r=="object",ZM=r=>r===!0||r===!1,Ws=r=>{if(Bc(r)!=="object")return!1;const e=wh(r);return(e===null||e===Object.prototype||Object.getPrototypeOf(e)===null)&&!(Symbol.toStringTag in r)&&!(Symbol.iterator in r)},e1=Vn("Date"),t1=Vn("File"),n1=Vn("Blob"),r1=Vn("FileList"),o1=r=>Hc(r)&&an(r.pipe),i1=r=>{let e;return r&&(typeof FormData=="function"&&r instanceof FormData||an(r.append)&&((e=Bc(r))==="formdata"||e==="object"&&an(r.toString)&&r.toString()==="[object FormData]"))},a1=Vn("URLSearchParams"),[s1,c1,l1,u1]=["ReadableStream","Request","Response","Headers"].map(Vn),d1=r=>r.trim?r.trim():r.replace(/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,"");function Ea(r,e,{allOwnKeys:t=!1}={}){if(r===null||typeof r>"u")return;let n,i;if(typeof r!="object"&&(r=[r]),yi(r))for(n=0,i=r.length;n<i;n++)e.call(null,r[n],n,r);else{const s=t?Object.getOwnPropertyNames(r):Object.keys(r),c=s.length;let d;for(n=0;n<c;n++)d=s[n],e.call(null,r[d],d,r)}}function JC(r,e){e=e.toLowerCase();const t=Object.keys(r);let n=t.length,i;for(;n-- >0;)if(i=t[n],e===i.toLowerCase())return i;return null}const ho=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:global,QC=r=>!fa(r)&&r!==ho;function _d(){const{caseless:r}=QC(this)&&this||{},e={},t=(n,i)=>{const s=r&&JC(e,i)||i;Ws(e[s])&&Ws(n)?e[s]=_d(e[s],n):Ws(n)?e[s]=_d({},n):yi(n)?e[s]=n.slice():e[s]=n};for(let n=0,i=arguments.length;n<i;n++)arguments[n]&&Ea(arguments[n],t);return e}const h1=(r,e,t,{allOwnKeys:n}={})=>(Ea(e,(i,s)=>{t&&an(i)?r[s]=GC(i,t):r[s]=i},{allOwnKeys:n}),r),f1=r=>(r.charCodeAt(0)===65279&&(r=r.slice(1)),r),g1=(r,e,t,n)=>{r.prototype=Object.create(e.prototype,n),r.prototype.constructor=r,Object.defineProperty(r,"super",{value:e.prototype}),t&&Object.assign(r.prototype,t)},m1=(r,e,t,n)=>{let i,s,c;const d={};if(e=e||{},r==null)return e;do{for(i=Object.getOwnPropertyNames(r),s=i.length;s-- >0;)c=i[s],(!n||n(c,r,e))&&!d[c]&&(e[c]=r[c],d[c]=!0);r=t!==!1&&wh(r)}while(r&&(!t||t(r,e))&&r!==Object.prototype);return e},p1=(r,e,t)=>{r=String(r),(t===void 0||t>r.length)&&(t=r.length),t-=e.length;const n=r.indexOf(e,t);return n!==-1&&n===t},v1=r=>{if(!r)return null;if(yi(r))return r;let e=r.length;if(!YC(e))return null;const t=new Array(e);for(;e-- >0;)t[e]=r[e];return t},y1=(r=>e=>r&&e instanceof r)(typeof Uint8Array<"u"&&wh(Uint8Array)),C1=(r,e)=>{const n=(r&&r[Symbol.iterator]).call(r);let i;for(;(i=n.next())&&!i.done;){const s=i.value;e.call(r,s[0],s[1])}},w1=(r,e)=>{let t;const n=[];for(;(t=r.exec(e))!==null;)n.push(t);return n},_1=Vn("HTMLFormElement"),T1=r=>r.toLowerCase().replace(/[-_\s]([a-z\d])(\w*)/g,function(t,n,i){return n.toUpperCase()+i}),dp=(({hasOwnProperty:r})=>(e,t)=>r.call(e,t))(Object.prototype),E1=Vn("RegExp"),XC=(r,e)=>{const t=Object.getOwnPropertyDescriptors(r),n={};Ea(t,(i,s)=>{let c;(c=e(i,s,r))!==!1&&(n[s]=c||i)}),Object.defineProperties(r,n)},S1=r=>{XC(r,(e,t)=>{if(an(r)&&["arguments","caller","callee"].indexOf(t)!==-1)return!1;const n=r[t];if(an(n)){if(e.enumerable=!1,"writable"in e){e.writable=!1;return}e.set||(e.set=()=>{throw Error("Can not rewrite read-only method '"+t+"'")})}})},A1=(r,e)=>{const t={},n=i=>{i.forEach(s=>{t[s]=!0})};return yi(r)?n(r):n(String(r).split(e)),t},I1=()=>{},b1=(r,e)=>r!=null&&Number.isFinite(r=+r)?r:e,xu="abcdefghijklmnopqrstuvwxyz",hp="0123456789",ZC={DIGIT:hp,ALPHA:xu,ALPHA_DIGIT:xu+xu.toUpperCase()+hp},k1=(r=16,e=ZC.ALPHA_DIGIT)=>{let t="";const{length:n}=e;for(;r--;)t+=e[Math.random()*n|0];return t};function R1(r){return!!(r&&an(r.append)&&r[Symbol.toStringTag]==="FormData"&&r[Symbol.iterator])}const O1=r=>{const e=new Array(10),t=(n,i)=>{if(Hc(n)){if(e.indexOf(n)>=0)return;if(!("toJSON"in n)){e[i]=n;const s=yi(n)?[]:{};return Ea(n,(c,d)=>{const f=t(c,i+1);!fa(f)&&(s[d]=f)}),e[i]=void 0,s}}return n};return t(r,0)},N1=Vn("AsyncFunction"),P1=r=>r&&(Hc(r)||an(r))&&an(r.then)&&an(r.catch),ew=((r,e)=>r?setImmediate:e?((t,n)=>(ho.addEventListener("message",({source:i,data:s})=>{i===ho&&s===t&&n.length&&n.shift()()},!1),i=>{n.push(i),ho.postMessage(t,"*")}))(`axios@${Math.random()}`,[]):t=>setTimeout(t))(typeof setImmediate=="function",an(ho.postMessage)),M1=typeof queueMicrotask<"u"?queueMicrotask.bind(ho):typeof process<"u"&&process.nextTick||ew,O={isArray:yi,isArrayBuffer:jC,isBuffer:JM,isFormData:i1,isArrayBufferView:QM,isString:XM,isNumber:YC,isBoolean:ZM,isObject:Hc,isPlainObject:Ws,isReadableStream:s1,isRequest:c1,isResponse:l1,isHeaders:u1,isUndefined:fa,isDate:e1,isFile:t1,isBlob:n1,isRegExp:E1,isFunction:an,isStream:o1,isURLSearchParams:a1,isTypedArray:y1,isFileList:r1,forEach:Ea,merge:_d,extend:h1,trim:d1,stripBOM:f1,inherits:g1,toFlatObject:m1,kindOf:Bc,kindOfTest:Vn,endsWith:p1,toArray:v1,forEachEntry:C1,matchAll:w1,isHTMLForm:_1,hasOwnProperty:dp,hasOwnProp:dp,reduceDescriptors:XC,freezeMethods:S1,toObjectSet:A1,toCamelCase:T1,noop:I1,toFiniteNumber:b1,findKey:JC,global:ho,isContextDefined:QC,ALPHABET:ZC,generateString:k1,isSpecCompliantForm:R1,toJSONObject:O1,isAsyncFn:N1,isThenable:P1,setImmediate:ew,asap:M1};function ue(r,e,t,n,i){Error.call(this),Error.captureStackTrace?Error.captureStackTrace(this,this.constructor):this.stack=new Error().stack,this.message=r,this.name="AxiosError",e&&(this.code=e),t&&(this.config=t),n&&(this.request=n),i&&(this.response=i,this.status=i.status?i.status:null)}O.inherits(ue,Error,{toJSON:function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:O.toJSONObject(this.config),code:this.code,status:this.status}}});const tw=ue.prototype,nw={};["ERR_BAD_OPTION_VALUE","ERR_BAD_OPTION","ECONNABORTED","ETIMEDOUT","ERR_NETWORK","ERR_FR_TOO_MANY_REDIRECTS","ERR_DEPRECATED","ERR_BAD_RESPONSE","ERR_BAD_REQUEST","ERR_CANCELED","ERR_NOT_SUPPORT","ERR_INVALID_URL"].forEach(r=>{nw[r]={value:r}});Object.defineProperties(ue,nw);Object.defineProperty(tw,"isAxiosError",{value:!0});ue.from=(r,e,t,n,i,s)=>{const c=Object.create(tw);return O.toFlatObject(r,c,function(f){return f!==Error.prototype},d=>d!=="isAxiosError"),ue.call(c,r.message,e,t,n,i),c.cause=r,c.name=r.name,s&&Object.assign(c,s),c};const D1=null;function Td(r){return O.isPlainObject(r)||O.isArray(r)}function rw(r){return O.endsWith(r,"[]")?r.slice(0,-2):r}function fp(r,e,t){return r?r.concat(e).map(function(i,s){return i=rw(i),!t&&s?"["+i+"]":i}).join(t?".":""):e}function x1(r){return O.isArray(r)&&!r.some(Td)}const L1=O.toFlatObject(O,{},null,function(e){return/^is[A-Z]/.test(e)});function Vc(r,e,t){if(!O.isObject(r))throw new TypeError("target must be an object");e=e||new FormData,t=O.toFlatObject(t,{metaTokens:!0,dots:!1,indexes:!1},!1,function(b,N){return!O.isUndefined(N[b])});const n=t.metaTokens,i=t.visitor||p,s=t.dots,c=t.indexes,f=(t.Blob||typeof Blob<"u"&&Blob)&&O.isSpecCompliantForm(e);if(!O.isFunction(i))throw new TypeError("visitor must be a function");function g(T){if(T===null)return"";if(O.isDate(T))return T.toISOString();if(!f&&O.isBlob(T))throw new ue("Blob is not supported. Use a Buffer instead.");return O.isArrayBuffer(T)||O.isTypedArray(T)?f&&typeof Blob=="function"?new Blob([T]):Buffer.from(T):T}function p(T,b,N){let K=T;if(T&&!N&&typeof T=="object"){if(O.endsWith(b,"{}"))b=n?b:b.slice(0,-2),T=JSON.stringify(T);else if(O.isArray(T)&&x1(T)||(O.isFileList(T)||O.endsWith(b,"[]"))&&(K=O.toArray(T)))return b=rw(b),K.forEach(function(V,z){!(O.isUndefined(V)||V===null)&&e.append(c===!0?fp([b],z,s):c===null?b:b+"[]",g(V))}),!1}return Td(T)?!0:(e.append(fp(N,b,s),g(T)),!1)}const w=[],C=Object.assign(L1,{defaultVisitor:p,convertValue:g,isVisitable:Td});function S(T,b){if(!O.isUndefined(T)){if(w.indexOf(T)!==-1)throw Error("Circular reference detected in "+b.join("."));w.push(T),O.forEach(T,function(K,H){(!(O.isUndefined(K)||K===null)&&i.call(e,K,O.isString(H)?H.trim():H,b,C))===!0&&S(K,b?b.concat(H):[H])}),w.pop()}}if(!O.isObject(r))throw new TypeError("data must be an object");return S(r),e}function gp(r){const e={"!":"%21","'":"%27","(":"%28",")":"%29","~":"%7E","%20":"+","%00":"\0"};return encodeURIComponent(r).replace(/[!'()~]|%20|%00/g,function(n){return e[n]})}function _h(r,e){this._pairs=[],r&&Vc(r,this,e)}const ow=_h.prototype;ow.append=function(e,t){this._pairs.push([e,t])};ow.toString=function(e){const t=e?function(n){return e.call(this,n,gp)}:gp;return this._pairs.map(function(i){return t(i[0])+"="+t(i[1])},"").join("&")};function U1(r){return encodeURIComponent(r).replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,"+").replace(/%5B/gi,"[").replace(/%5D/gi,"]")}function iw(r,e,t){if(!e)return r;const n=t&&t.encode||U1;O.isFunction(t)&&(t={serialize:t});const i=t&&t.serialize;let s;if(i?s=i(e,t):s=O.isURLSearchParams(e)?e.toString():new _h(e,t).toString(n),s){const c=r.indexOf("#");c!==-1&&(r=r.slice(0,c)),r+=(r.indexOf("?")===-1?"?":"&")+s}return r}class mp{constructor(){this.handlers=[]}use(e,t,n){return this.handlers.push({fulfilled:e,rejected:t,synchronous:n?n.synchronous:!1,runWhen:n?n.runWhen:null}),this.handlers.length-1}eject(e){this.handlers[e]&&(this.handlers[e]=null)}clear(){this.handlers&&(this.handlers=[])}forEach(e){O.forEach(this.handlers,function(n){n!==null&&e(n)})}}const aw={silentJSONParsing:!0,forcedJSONParsing:!0,clarifyTimeoutError:!1},B1=typeof URLSearchParams<"u"?URLSearchParams:_h,F1=typeof FormData<"u"?FormData:null,H1=typeof Blob<"u"?Blob:null,V1={isBrowser:!0,classes:{URLSearchParams:B1,FormData:F1,Blob:H1},protocols:["http","https","file","blob","url","data"]},Th=typeof window<"u"&&typeof document<"u",Ed=typeof navigator=="object"&&navigator||void 0,$1=Th&&(!Ed||["ReactNative","NativeScript","NS"].indexOf(Ed.product)<0),K1=typeof WorkerGlobalScope<"u"&&self instanceof WorkerGlobalScope&&typeof self.importScripts=="function",z1=Th&&window.location.href||"http://localhost",W1=Object.freeze(Object.defineProperty({__proto__:null,hasBrowserEnv:Th,hasStandardBrowserEnv:$1,hasStandardBrowserWebWorkerEnv:K1,navigator:Ed,origin:z1},Symbol.toStringTag,{value:"Module"})),At={...W1,...V1};function q1(r,e){return Vc(r,new At.classes.URLSearchParams,Object.assign({visitor:function(t,n,i,s){return At.isNode&&O.isBuffer(t)?(this.append(n,t.toString("base64")),!1):s.defaultVisitor.apply(this,arguments)}},e))}function G1(r){return O.matchAll(/\w+|\[(\w*)]/g,r).map(e=>e[0]==="[]"?"":e[1]||e[0])}function j1(r){const e={},t=Object.keys(r);let n;const i=t.length;let s;for(n=0;n<i;n++)s=t[n],e[s]=r[s];return e}function sw(r){function e(t,n,i,s){let c=t[s++];if(c==="__proto__")return!0;const d=Number.isFinite(+c),f=s>=t.length;return c=!c&&O.isArray(i)?i.length:c,f?(O.hasOwnProp(i,c)?i[c]=[i[c],n]:i[c]=n,!d):((!i[c]||!O.isObject(i[c]))&&(i[c]=[]),e(t,n,i[c],s)&&O.isArray(i[c])&&(i[c]=j1(i[c])),!d)}if(O.isFormData(r)&&O.isFunction(r.entries)){const t={};return O.forEachEntry(r,(n,i)=>{e(G1(n),i,t,0)}),t}return null}function Y1(r,e,t){if(O.isString(r))try{return(e||JSON.parse)(r),O.trim(r)}catch(n){if(n.name!=="SyntaxError")throw n}return(t||JSON.stringify)(r)}const Sa={transitional:aw,adapter:["xhr","http","fetch"],transformRequest:[function(e,t){const n=t.getContentType()||"",i=n.indexOf("application/json")>-1,s=O.isObject(e);if(s&&O.isHTMLForm(e)&&(e=new FormData(e)),O.isFormData(e))return i?JSON.stringify(sw(e)):e;if(O.isArrayBuffer(e)||O.isBuffer(e)||O.isStream(e)||O.isFile(e)||O.isBlob(e)||O.isReadableStream(e))return e;if(O.isArrayBufferView(e))return e.buffer;if(O.isURLSearchParams(e))return t.setContentType("application/x-www-form-urlencoded;charset=utf-8",!1),e.toString();let d;if(s){if(n.indexOf("application/x-www-form-urlencoded")>-1)return q1(e,this.formSerializer).toString();if((d=O.isFileList(e))||n.indexOf("multipart/form-data")>-1){const f=this.env&&this.env.FormData;return Vc(d?{"files[]":e}:e,f&&new f,this.formSerializer)}}return s||i?(t.setContentType("application/json",!1),Y1(e)):e}],transformResponse:[function(e){const t=this.transitional||Sa.transitional,n=t&&t.forcedJSONParsing,i=this.responseType==="json";if(O.isResponse(e)||O.isReadableStream(e))return e;if(e&&O.isString(e)&&(n&&!this.responseType||i)){const c=!(t&&t.silentJSONParsing)&&i;try{return JSON.parse(e)}catch(d){if(c)throw d.name==="SyntaxError"?ue.from(d,ue.ERR_BAD_RESPONSE,this,null,this.response):d}}return e}],timeout:0,xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN",maxContentLength:-1,maxBodyLength:-1,env:{FormData:At.classes.FormData,Blob:At.classes.Blob},validateStatus:function(e){return e>=200&&e<300},headers:{common:{Accept:"application/json, text/plain, */*","Content-Type":void 0}}};O.forEach(["delete","get","head","post","put","patch"],r=>{Sa.headers[r]={}});const J1=O.toObjectSet(["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-since","if-unmodified-since","last-modified","location","max-forwards","proxy-authorization","referer","retry-after","user-agent"]),Q1=r=>{const e={};let t,n,i;return r&&r.split(`
56
+ ${c}`);return}throw Qm(e.error,e.error_description,e.suberror)?new Fn(e.error,e.error_description,e.suberror,e.timestamp||P.EMPTY_STRING,e.trace_id||P.EMPTY_STRING,e.correlation_id||P.EMPTY_STRING,e.claims||P.EMPTY_STRING,s):c}}async handleServerTokenResponse(e,t,n,i,s,c,d,f,g){var T;(T=this.performanceClient)==null||T.addQueueMeasurement(k.HandleServerTokenResponse,e.correlation_id);let p;if(e.id_token){if(p=Co(e.id_token||P.EMPTY_STRING,this.cryptoObj.base64Decode),s&&s.nonce&&p.nonce!==s.nonce)throw U(fy);if(i.maxAge||i.maxAge===0){const b=p.auth_time;if(!b)throw U(Bd);Ay(b,i.maxAge)}}this.homeAccountIdentifier=it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,p);let w;s&&s.state&&(w=Bn.parseRequestState(this.cryptoObj,s.state)),e.key_id=e.key_id||i.sshKid||void 0;const C=this.generateCacheRecord(e,t,n,i,p,c,s);let S;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),S=new c0(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(S)),d&&!f&&C.account){const b=C.account.generateAccountKey();if(!this.cacheStorage.getAccount(b,this.logger))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await mo.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,void 0,g)}await this.cacheStorage.saveCacheRecord(C,i.storeInCache,i.correlationId)}finally{this.persistencePlugin&&this.serializableCache&&S&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(S))}return mo.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,e,g)}generateCacheRecord(e,t,n,i,s,c,d){const f=t.getPreferredCache();if(!f)throw U(Hd);const g=Vy(s);let p,w;e.id_token&&s&&(p=Ic(this.homeAccountIdentifier,f,e.id_token,this.clientId,g||""),w=nh(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,s,e.client_info,f,g,d,void 0,this.logger));let C=null;if(e.access_token){const b=e.scope?Ye.fromString(e.scope):new Ye(i.scopes||[]),N=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,K=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,H=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)||void 0,V=n+N,z=V+K,Q=H&&H>0?n+H:void 0;C=bc(this.homeAccountIdentifier,f,e.access_token,this.clientId,g||t.tenant||"",b.printScopes(),V,z,this.cryptoObj.base64Decode,Q,e.token_type,c,e.key_id,i.claims,i.requestedClaimsHash)}let S=null;if(e.refresh_token){let b;if(e.refresh_token_expires_in){const N=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;b=n+N}S=Iy(this.homeAccountIdentifier,f,e.refresh_token,this.clientId,e.foci,c,b)}let T=null;return e.foci&&(T={clientId:this.clientId,environment:f,familyId:e.foci}),{account:w,idToken:p,accessToken:C,refreshToken:S,appMetadata:T}}static async generateAuthenticationResult(e,t,n,i,s,c,d,f,g){var V,z,Q,we,W;let p=P.EMPTY_STRING,w=[],C=null,S,T,b=P.EMPTY_STRING;if(n.accessToken){if(n.accessToken.tokenType===Re.POP&&!s.popKid){const et=new gi(e),{secret:_e,keyId:Y}=n.accessToken;if(!Y)throw U(Vd);p=await et.signPopToken(_e,Y,s)}else p=n.accessToken.secret;w=Ye.fromString(n.accessToken.target).asArray(),C=new Date(Number(n.accessToken.expiresOn)*1e3),S=new Date(Number(n.accessToken.extendedExpiresOn)*1e3),n.accessToken.refreshOn&&(T=new Date(Number(n.accessToken.refreshOn)*1e3))}n.appMetadata&&(b=n.appMetadata.familyId===ia?ia:"");const N=(c==null?void 0:c.oid)||(c==null?void 0:c.sub)||"",K=(c==null?void 0:c.tid)||"";f!=null&&f.spa_accountid&&n.account&&(n.account.nativeAccountId=f==null?void 0:f.spa_accountid);const H=n.account?Jd(n.account.getAccountInfo(),void 0,c,(V=n.idToken)==null?void 0:V.secret):null;return{authority:t.canonicalAuthority,uniqueId:N,tenantId:K,scopes:w,account:H,idToken:((z=n==null?void 0:n.idToken)==null?void 0:z.secret)||"",idTokenClaims:c||{},accessToken:p,fromCache:i,expiresOn:C,extExpiresOn:S,refreshOn:T,correlationId:s.correlationId,requestId:g||P.EMPTY_STRING,familyId:b,tokenType:((Q=n.accessToken)==null?void 0:Q.tokenType)||P.EMPTY_STRING,state:d?d.userRequestState:P.EMPTY_STRING,cloudGraphHostName:((we=n.account)==null?void 0:we.cloudGraphHostName)||P.EMPTY_STRING,msGraphHost:((W=n.account)==null?void 0:W.msGraphHost)||P.EMPTY_STRING,code:f==null?void 0:f.spa_code,fromNativeBroker:!1}}}function nh(r,e,t,n,i,s,c,d,f,g,p){p==null||p.verbose("setCachedAccount called");const C=r.getAccountKeys().find(K=>K.startsWith(t));let S=null;C&&(S=r.getAccount(C,p));const T=S||it.createAccount({homeAccountId:t,idTokenClaims:i,clientInfo:s,environment:c,cloudGraphHostName:f==null?void 0:f.cloud_graph_host_name,msGraphHost:f==null?void 0:f.msgraph_host,nativeAccountId:g},e,n),b=T.tenantProfiles||[],N=d||T.realm;if(N&&!b.find(K=>K.tenantId===N)){const K=Yd(t,T.localAccountId,N,i);b.push(K)}return T.tenantProfiles=b,T}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Qy(r,e,t){return typeof r=="string"?r:r({clientId:e,tokenEndpoint:t})}/*! @azure/msal-common v14.16.0 2024-11-05 */class Xy extends eh{constructor(e,t){var n;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(n=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:n.defaultScopes}async getAuthCodeUrl(e){var n;(n=this.performanceClient)==null||n.addQueueMeasurement(k.GetAuthCodeUrl,e.correlationId);const t=await B(this.createAuthCodeUrlQueryString.bind(this),k.AuthClientCreateQueryString,this.logger,this.performanceClient,e.correlationId)(e);return ye.appendQueryString(this.authority.authorizationEndpoint,t)}async acquireToken(e,t){var d,f;if((d=this.performanceClient)==null||d.addQueueMeasurement(k.AuthClientAcquireToken,e.correlationId),!e.code)throw U(py);const n=rr(),i=await B(this.executeTokenRequest.bind(this),k.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),s=(f=i.headers)==null?void 0:f[Ot.X_MS_REQUEST_ID],c=new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return c.validateTokenResponse(i.body),B(c.handleServerTokenResponse.bind(c),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(i.body,this.authority,n,e,t,void 0,void 0,void 0,s)}handleFragmentResponse(e,t){if(new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,null,null).validateServerAuthorizationCodeResponse(e,t),!e.code)throw U(_y);return e}getLogoutUri(e){if(!e)throw Ne(My);const t=this.createLogoutUrlQueryString(e);return ye.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var g,p;(g=this.performanceClient)==null||g.addQueueMeasurement(k.AuthClientExecuteTokenRequest,t.correlationId);const n=this.createTokenQueryParameters(t),i=ye.appendQueryString(e.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let c;if(t.clientInfo)try{const w=sc(t.clientInfo,this.cryptoUtils.base64Decode);c={credential:`${w.uid}${St.CLIENT_INFO_SEPARATOR}${w.utid}`,type:on.HOME_ACCOUNT_ID}}catch(w){this.logger.verbose("Could not parse client info for CCS Header: "+w)}const d=this.createTokenRequestHeaders(c||t.ccsCredential),f={clientId:((p=t.tokenBodyParameters)==null?void 0:p.clientId)||this.config.authOptions.clientId,authority:e.canonicalAuthority,scopes:t.scopes,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(i,s,d,f,t.correlationId,k.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s;(i=this.performanceClient)==null||i.addQueueMeasurement(k.AuthClientCreateTokenRequestBody,e.correlationId);const t=new sa(e.correlationId,this.performanceClient);if(t.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[go])||this.config.authOptions.clientId),this.includeRedirectUri?t.addRedirectUri(e.redirectUri):Qo.validateRedirectUri(e.redirectUri),t.addScopes(e.scopes,!0,this.oidcDefaultScopes),t.addAuthorizationCode(e.code),t.addLibraryInfo(this.config.libraryInfo),t.addApplicationTelemetry(this.config.telemetry.application),t.addThrottling(),this.serverTelemetryManager&&!ld(this.config)&&t.addServerTelemetry(this.serverTelemetryManager),e.codeVerifier&&t.addCodeVerifier(e.codeVerifier),this.config.clientCredentials.clientSecret&&t.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const c=this.config.clientCredentials.clientAssertion;t.addClientAssertion(await Qy(c.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),t.addClientAssertionType(c.assertionType)}if(t.addGrantType(iy.AUTHORIZATION_CODE_GRANT),t.addClientInfo(),e.authenticationScheme===Re.POP){const c=new gi(this.cryptoUtils,this.performanceClient);let d;e.popKid?d=this.cryptoUtils.encodeKid(e.popKid):d=(await B(c.generateCnf.bind(c),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,t.addPopToken(d)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)t.addSshJwk(e.sshJwk);else throw Ne(kc);(!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&t.addClaims(e.claims,this.config.authOptions.clientCapabilities);let n;if(e.clientInfo)try{const c=sc(e.clientInfo,this.cryptoUtils.base64Decode);n={credential:`${c.uid}${St.CLIENT_INFO_SEPARATOR}${c.utid}`,type:on.HOME_ACCOUNT_ID}}catch(c){this.logger.verbose("Could not parse client info for CCS Header: "+c)}else n=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&n)switch(n.type){case on.HOME_ACCOUNT_ID:try{const c=ii(n.credential);t.addCcsOid(c)}catch(c){this.logger.verbose("Could not parse home account ID for CCS Header: "+c)}break;case on.UPN:t.addCcsUpn(n.credential);break}return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&t.addExtraQueryParameters(e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters||!e.tokenBodyParameters[jm])&&t.addExtraQueryParameters({[jm]:"1"}),t.createQueryString()}async createAuthCodeUrlQueryString(e){var s,c;const t=e.correlationId||this.config.cryptoInterface.createNewGuid();(s=this.performanceClient)==null||s.addQueueMeasurement(k.AuthClientCreateQueryString,t);const n=new sa(t,this.performanceClient);n.addClientId(e.embeddedClientId||((c=e.extraQueryParameters)==null?void 0:c[go])||this.config.authOptions.clientId);const i=[...e.scopes||[],...e.extraScopesToConsent||[]];if(n.addScopes(i,!0,this.oidcDefaultScopes),n.addRedirectUri(e.redirectUri),n.addCorrelationId(t),n.addResponseMode(e.responseMode),n.addResponseTypeCode(),n.addLibraryInfo(this.config.libraryInfo),ld(this.config)||n.addApplicationTelemetry(this.config.telemetry.application),n.addClientInfo(),e.codeChallenge&&e.codeChallengeMethod&&n.addCodeChallengeParams(e.codeChallenge,e.codeChallengeMethod),e.prompt&&n.addPrompt(e.prompt),e.domainHint&&n.addDomainHint(e.domainHint),e.prompt!==lt.SELECT_ACCOUNT)if(e.sid&&e.prompt===lt.NONE)this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),n.addSid(e.sid);else if(e.account){const d=this.extractAccountSid(e.account);let f=this.extractLoginHint(e.account);if(f&&e.domainHint&&(this.logger.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),f=null),f){this.logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),n.addLoginHint(f);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===lt.NONE){this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),n.addSid(d);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint);else if(e.account.username){this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),n.addLoginHint(e.account.username);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(this.logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint));else this.logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");if(e.nonce&&n.addNonce(e.nonce),e.state&&n.addState(e.state),(e.claims||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),this.addExtraQueryParams(e,n),e.nativeBroker&&(n.addNativeBroker(),e.authenticationScheme===Re.POP)){const d=new gi(this.cryptoUtils);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}return n.createQueryString()}createLogoutUrlQueryString(e){const t=new sa(e.correlationId,this.performanceClient);return e.postLogoutRedirectUri&&t.addPostLogoutRedirectUri(e.postLogoutRedirectUri),e.correlationId&&t.addCorrelationId(e.correlationId),e.idTokenHint&&t.addIdTokenHint(e.idTokenHint),e.state&&t.addState(e.state),e.logoutHint&&t.addLogoutHint(e.logoutHint),this.addExtraQueryParams(e,t),t.createQueryString()}addExtraQueryParams(e,t){!(e.extraQueryParameters&&e.extraQueryParameters.hasOwnProperty("instance_aware"))&&this.config.authOptions.instanceAware&&(e.extraQueryParameters=e.extraQueryParameters||{},e.extraQueryParameters.instance_aware="true"),e.extraQueryParameters&&t.addExtraQueryParameters(e.extraQueryParameters)}extractAccountSid(e){var t;return((t=e.idTokenClaims)==null?void 0:t.sid)||null}extractLoginHint(e){var t;return((t=e.idTokenClaims)==null?void 0:t.login_hint)||null}}/*! @azure/msal-common v14.16.0 2024-11-05 */const u0=300;class hd extends eh{constructor(e,t){super(e,t)}async acquireToken(e){var c,d;(c=this.performanceClient)==null||c.addQueueMeasurement(k.RefreshTokenClientAcquireToken,e.correlationId);const t=rr(),n=await B(this.executeTokenRequest.bind(this),k.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),i=(d=n.headers)==null?void 0:d[Ot.X_MS_REQUEST_ID],s=new mo(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body),B(s.handleServerTokenResponse.bind(s),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,i)}async acquireTokenByRefreshToken(e){var n;if(!e)throw Ne(Py);if((n=this.performanceClient)==null||n.addQueueMeasurement(k.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw U(Fd);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(i){const s=i instanceof Fn&&i.errorCode===dc,c=i instanceof Wr&&i.errorCode===Dm.INVALID_GRANT_ERROR&&i.subError===Dm.CLIENT_MISMATCH_ERROR;if(s||c)return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw i}return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const n=wo(this.cacheManager.getRefreshToken.bind(this.cacheManager),k.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!n)throw dd(dc);if(n.expiresOn&&cd(n.expiresOn,e.refreshTokenExpirationOffsetSeconds||u0))throw dd(th);const i={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Re.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}};try{return await B(this.acquireToken.bind(this),k.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(i)}catch(c){if(c instanceof Fn&&c.subError===Nc){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=oi(n);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var f,g;(f=this.performanceClient)==null||f.addQueueMeasurement(k.RefreshTokenClientExecuteTokenRequest,e.correlationId);const n=this.createTokenQueryParameters(e),i=ye.appendQueryString(t.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),c=this.createTokenRequestHeaders(e.ccsCredential),d={clientId:((g=e.tokenBodyParameters)==null?void 0:g.clientId)||this.config.authOptions.clientId,authority:t.canonicalAuthority,scopes:e.scopes,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(i,s,c,d,e.correlationId,k.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s,c;(i=this.performanceClient)==null||i.addQueueMeasurement(k.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=e.correlationId,n=new sa(t,this.performanceClient);if(n.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[go])||this.config.authOptions.clientId),e.redirectUri&&n.addRedirectUri(e.redirectUri),n.addScopes(e.scopes,!0,(c=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),n.addGrantType(iy.REFRESH_TOKEN_GRANT),n.addClientInfo(),n.addLibraryInfo(this.config.libraryInfo),n.addApplicationTelemetry(this.config.telemetry.application),n.addThrottling(),this.serverTelemetryManager&&!ld(this.config)&&n.addServerTelemetry(this.serverTelemetryManager),n.addRefreshToken(e.refreshToken),this.config.clientCredentials.clientSecret&&n.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const d=this.config.clientCredentials.clientAssertion;n.addClientAssertion(await Qy(d.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),n.addClientAssertionType(d.assertionType)}if(e.authenticationScheme===Re.POP){const d=new gi(this.cryptoUtils,this.performanceClient);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)n.addSshJwk(e.sshJwk);else throw Ne(kc);if((!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case on.HOME_ACCOUNT_ID:try{const d=ii(e.ccsCredential.credential);n.addCcsOid(d)}catch(d){this.logger.verbose("Could not parse home account ID for CCS Header: "+d)}break;case on.UPN:n.addCcsUpn(e.ccsCredential.credential);break}return e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&n.addExtraQueryParameters(e.tokenBodyParameters),n.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */class d0 extends eh{constructor(e,t){super(e,t)}async acquireToken(e){var t;try{const[n,i]=await this.acquireCachedToken({...e,scopes:(t=e.scopes)!=null&&t.length?e.scopes:[...pi]});return i===Lr.PROACTIVELY_REFRESHED&&(this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'. It's not expired, but must be refreshed."),new hd(this.config,this.performanceClient).acquireTokenByRefreshToken(e).catch(()=>{})),n}catch(n){if(n instanceof Ac&&n.errorCode===vr)return new hd(this.config,this.performanceClient).acquireTokenByRefreshToken(e);throw n}}async acquireCachedToken(e){var f;(f=this.performanceClient)==null||f.addQueueMeasurement(k.SilentFlowClientAcquireCachedToken,e.correlationId);let t=Lr.NOT_APPLICABLE;if(e.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Un.isEmptyObj(e.claims))throw this.setCacheOutcome(Lr.FORCE_REFRESH_OR_CLAIMS,e.correlationId),U(vr);if(!e.account)throw U(Fd);const n=e.account.tenantId||e0(e.authority),i=this.cacheManager.getTokenKeys(),s=this.cacheManager.getAccessToken(e.account,e,i,n,this.performanceClient,e.correlationId);if(s){if(HN(s.cachedAt)||cd(s.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(Lr.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),U(vr);s.refreshOn&&cd(s.refreshOn,0)&&(t=Lr.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(Lr.NO_CACHED_ACCESS_TOKEN,e.correlationId),U(vr);const c=e.authority||this.authority.getPreferredCache(),d={account:this.cacheManager.readAccountFromCache(e.account),accessToken:s,idToken:this.cacheManager.getIdToken(e.account,i,n,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(c)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await B(this.generateResultFromCacheRecord.bind(this),k.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(d,e),t]}setCacheOutcome(e,t){var n,i;(n=this.serverTelemetryManager)==null||n.setCacheOutcome(e),(i=this.performanceClient)==null||i.addFields({cacheOutcome:e},t),e!==Lr.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var i;(i=this.performanceClient)==null||i.addQueueMeasurement(k.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let n;if(e.idToken&&(n=Co(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||t.maxAge===0){const s=n==null?void 0:n.auth_time;if(!s)throw U(Bd);Ay(s,t.maxAge)}return mo.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,n)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const h0={sendGetRequestAsync:()=>Promise.reject(U(ge)),sendPostRequestAsync:()=>Promise.reject(U(ge))};/*! @azure/msal-common v14.16.0 2024-11-05 */const Xm=",",Zy="|";function f0(r){const{skus:e,libraryName:t,libraryVersion:n,extensionName:i,extensionVersion:s}=r,c=new Map([[0,[t,n]],[2,[i,s]]]);let d=[];if(e!=null&&e.length){if(d=e.split(Xm),d.length<4)return e}else d=Array.from({length:4},()=>Zy);return c.forEach((f,g)=>{var p,w;f.length===2&&((p=f[0])!=null&&p.length)&&((w=f[1])!=null&&w.length)&&g0({skuArr:d,index:g,skuName:f[0],skuVersion:f[1]})}),d.join(Xm)}function g0(r){const{skuArr:e,index:t,skuName:n,skuVersion:i}=r;t>=e.length||(e[t]=[n,i].join(Zy))}class da{constructor(e,t){this.cacheOutcome=Lr.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||P.EMPTY_STRING,this.wrapperVer=e.wrapperVer||P.EMPTY_STRING,this.telemetryCacheKey=gt.CACHE_KEY+St.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${gt.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],n=this.getNativeBrokerErrorCode();n!=null&&n.length&&t.push(`broker_error=${n}`);const i=t.join(gt.VALUE_SEPARATOR),s=this.getRegionDiscoveryFields(),c=[e,s].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,c,i].join(gt.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.failedRequests.slice(0,2*t).join(gt.VALUE_SEPARATOR),i=e.errors.slice(0,t).join(gt.VALUE_SEPARATOR),s=e.errors.length,c=t<s?gt.OVERFLOW_TRUE:gt.OVERFLOW_FALSE,d=[s,c].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,e.cacheHits,n,i,d].join(gt.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=gt.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Fe?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(gt.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||e}clearTelemetryCache(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.errors.length;if(t===n)this.cacheManager.removeItem(this.telemetryCacheKey);else{const i={failedRequests:e.failedRequests.slice(t*2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,i)}}static maxErrorsToSend(e){let t,n=0,i=0;const s=e.errors.length;for(t=0;t<s;t++){const c=e.failedRequests[2*t]||P.EMPTY_STRING,d=e.failedRequests[2*t+1]||P.EMPTY_STRING,f=e.errors[t]||P.EMPTY_STRING;if(i+=c.toString().length+d.toString().length+f.length+3,i<gt.MAX_LAST_HEADER_BYTES)n+=1;else break}return n}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||P.EMPTY_STRING),e.push(this.regionSource||P.EMPTY_STRING),e.push(this.regionOutcome||P.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return f0(e)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const eC="missing_kid_error",tC="missing_alg_error";/*! @azure/msal-common v14.16.0 2024-11-05 */const m0={[eC]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[tC]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class rh extends Fe{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,rh.prototype)}}function Zm(r){return new rh(r,m0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class oh{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw Zm(eC);if(!e.alg)throw Zm(tC);const t=new oh({typ:e.typ||SN.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class ep{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class p0{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:ZP.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""},measurement:new ep}}startPerformanceMeasurement(){return new ep}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ih="pkce_not_created",fd="crypto_nonexistent",Pc="empty_navigate_uri",nC="hash_empty_error",ah="no_state_in_hash",rC="hash_does_not_contain_known_properties",oC="unable_to_parse_state",iC="state_interaction_type_mismatch",aC="interaction_in_progress",sC="popup_window_error",cC="empty_window_error",po="user_cancelled",v0="monitor_popup_timeout",lC="monitor_window_timeout",uC="redirect_in_iframe",dC="block_iframe_reload",hC="block_nested_popups",y0="iframe_closed_prematurely",Mc="silent_logout_unsupported",fC="no_account_error",C0="silent_prompt_value_error",gC="no_token_request_cache_error",mC="unable_to_parse_token_request_cache_error",sh="no_cached_authority_error",w0="auth_request_not_set_error",_0="invalid_cache_type",Dc="non_browser_environment",Xo="database_not_open",hc="no_network_connectivity",pC="post_request_failed",vC="get_request_failed",gd="failed_to_parse_response",yC="unable_to_load_token",ch="crypto_key_not_found",CC="auth_code_required",wC="auth_code_or_nativeAccountId_required",_C="spa_code_and_nativeAccountId_present",lh="database_unavailable",TC="unable_to_acquire_token_from_native_platform",EC="native_handshake_timeout",SC="native_extension_not_installed",_a="native_connection_not_established",AC="uninitialized_public_client_application",IC="native_prompt_not_supported",bC="invalid_base64_string",kC="invalid_pop_token_request",RC="failed_to_build_headers",OC="failed_to_parse_headers";/*! @azure/msal-browser v3.28.1 2025-01-14 */const mr="For more visit: aka.ms/msaljs/browser-errors",T0={[ih]:"The PKCE code challenge and verifier could not be generated.",[fd]:"The crypto object or function is not available.",[Pc]:"Navigation URI is empty. Please check stack trace for more info.",[nC]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${mr}`,[ah]:"Hash does not contain state. Please verify that the request originated from msal.",[rC]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. ${mr}`,[oC]:"Unable to parse state. Please verify that the request originated from msal.",[iC]:"Hash contains state but the interaction type does not match the caller.",[aC]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. ${mr}`,[sC]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[cC]:"window.open returned null or undefined window object.",[po]:"User cancelled the flow.",[v0]:`Token acquisition in popup failed due to timeout. ${mr}`,[lC]:`Token acquisition in iframe failed due to timeout. ${mr}`,[uC]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[dC]:`Request was blocked inside an iframe because MSAL detected an authentication response. ${mr}`,[hC]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[y0]:"The iframe being monitored was closed prematurely.",[Mc]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[fC]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[C0]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[gC]:"No token request found in cache.",[mC]:"The cached token request could not be parsed.",[sh]:"No cached authority found.",[w0]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[_0]:"Invalid cache type",[Dc]:"Login and token requests are not supported in non-browser environments.",[Xo]:"Database is not open!",[hc]:"No network connectivity. Check your internet connection.",[pC]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[vC]:"Network request failed. Please check the network trace to determine root cause.",[gd]:"Failed to parse network response. Check network trace.",[yC]:"Error loading token to cache.",[ch]:"Cryptographic Key or Keypair not found in browser storage.",[CC]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[wC]:"An authorization code or nativeAccountId must be provided to this flow.",[_C]:"Request cannot contain both spa code and native account id.",[lh]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[TC]:`Unable to acquire token from native platform. ${mr}`,[EC]:"Timed out while attempting to establish connection to browser extension",[SC]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[_a]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). ${mr}`,[AC]:`You must call and await the initialize function before attempting to call any other MSAL API. ${mr}`,[IC]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[bC]:"Invalid base64 encoded string.",[kC]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[RC]:"Failed to build request headers object.",[OC]:"Failed to parse response headers"};class Ta extends Fe{constructor(e,t){super(e,T0[e],t),Object.setPrototypeOf(this,Ta.prototype),this.name="BrowserAuthError"}}function j(r,e){return new Ta(r,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const en={INTERACTION_IN_PROGRESS_VALUE:"interaction_in_progress",INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},ai={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},uo={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},Ft={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},tp={GET:"GET",POST:"POST"},be={AUTHORITY:"authority",ACQUIRE_TOKEN_ACCOUNT:"acquireToken.account",SESSION_STATE:"session.state",REQUEST_STATE:"request.state",NONCE_IDTOKEN:"nonce.id_token",ORIGIN_URI:"request.origin",RENEW_STATUS:"token.renew.status",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",SCOPES:"scopes",INTERACTION_STATUS_KEY:"interaction.status",CCS_CREDENTIAL:"ccs.credential",CORRELATION_ID:"request.correlationId",NATIVE_REQUEST:"request.native",REDIRECT_CONTEXT:"request.redirect.context"},Dr={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},bs={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},xe={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var X;(function(r){r.Redirect="redirect",r.Popup="popup",r.Silent="silent",r.None="none"})(X||(X={}));const np={scopes:pi},NC="jwk",md="msal.db",E0=1,S0=`${md}.keys`,Qt={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},A0=[Qt.Default,Qt.Skip,Qt.RefreshTokenAndNetwork],I0="msal.browser.log.level",b0="msal.browser.log.pii";/*! @azure/msal-browser v3.28.1 2025-01-14 */function ks(r){return encodeURIComponent(uh(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function xc(r){return PC(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function uh(r){return PC(new TextEncoder().encode(r))}function PC(r){const e=Array.from(r,t=>String.fromCodePoint(t)).join("");return btoa(e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const k0="RSASSA-PKCS1-v1_5",MC="SHA-256",R0=2048,O0=new Uint8Array([1,0,1]),rp="0123456789abcdef",op=new Uint32Array(1),N0="crypto_subtle_undefined",dh={name:k0,hash:MC,modulusLength:R0,publicExponent:O0};function P0(r){if(!window)throw j(Dc);if(!window.crypto)throw j(fd);if(!r&&!window.crypto.subtle)throw j(fd,N0)}async function DC(r,e,t){e==null||e.addQueueMeasurement(k.Sha256Digest,t);const i=new TextEncoder().encode(r);return window.crypto.subtle.digest(MC,i)}function M0(r){return window.crypto.getRandomValues(r)}function Pu(){return window.crypto.getRandomValues(op),op[0]}function Er(){const r=Date.now(),e=Pu()*1024+(Pu()&1023),t=new Uint8Array(16),n=Math.trunc(e/2**30),i=e&2**30-1,s=Pu();t[0]=r/2**40,t[1]=r/2**32,t[2]=r/2**24,t[3]=r/2**16,t[4]=r/2**8,t[5]=r,t[6]=112|n>>>8,t[7]=n,t[8]=128|i>>>24,t[9]=i>>>16,t[10]=i>>>8,t[11]=i,t[12]=s>>>24,t[13]=s>>>16,t[14]=s>>>8,t[15]=s;let c="";for(let d=0;d<t.length;d++)c+=rp.charAt(t[d]>>>4),c+=rp.charAt(t[d]&15),(d===3||d===5||d===7||d===9)&&(c+="-");return c}async function D0(r,e){return window.crypto.subtle.generateKey(dh,r,e)}async function Mu(r){return window.crypto.subtle.exportKey(NC,r)}async function x0(r,e,t){return window.crypto.subtle.importKey(NC,r,dh,e,t)}async function L0(r,e){return window.crypto.subtle.sign(dh,r,e)}async function xC(r){const e=await DC(r),t=new Uint8Array(e);return xc(t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ha="storage_not_supported",pd="stubbed_public_client_application_called",fc="in_mem_redirect_unavailable";/*! @azure/msal-browser v3.28.1 2025-01-14 */const zs={[ha]:"Given storage configuration option was not supported.",[pd]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[fc]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};zs[ha],zs[pd],zs[fc];class hh extends Fe{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,hh.prototype)}}function fh(r){return new hh(r,zs[r])}/*! @azure/msal-browser v3.28.1 2025-01-14 */function U0(r){r.location.hash="",typeof r.history.replaceState=="function"&&r.history.replaceState(null,"",`${r.location.origin}${r.location.pathname}${r.location.search}`)}function B0(r){const e=r.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function gh(){return window.parent!==window}function F0(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${en.POPUP_NAME_PREFIX}.`)===0}function yr(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function H0(){const e=new ye(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function V0(){if(ye.hashContainsKnownProperties(window.location.hash)&&gh())throw j(dC)}function $0(r){if(gh()&&!r)throw j(uC)}function K0(){if(F0())throw j(hC)}function LC(){if(typeof window>"u")throw j(Dc)}function UC(r){if(!r)throw j(AC)}function mh(r){LC(),V0(),K0(),UC(r)}function ip(r,e){if(mh(r),$0(e.system.allowRedirectInIframe),e.cache.cacheLocation===Ft.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw fh(fc)}function BC(r){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(r).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function z0(){return Er()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class gc{navigateInternal(e,t){return gc.defaultNavigateWindow(e,t)}navigateExternal(e,t){return gc.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(n=>{setTimeout(()=>{n(!0)},t.timeout)})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class W0{async sendGetRequestAsync(e,t){let n,i={},s=0;const c=ap(t);try{n=await fetch(e,{method:tp.GET,headers:c})}catch{throw j(window.navigator.onLine?vC:hc)}i=sp(n.headers);try{return s=n.status,{headers:i,body:await n.json(),status:s}}catch{throw Ym(j(gd),s,i)}}async sendPostRequestAsync(e,t){const n=t&&t.body||"",i=ap(t);let s,c=0,d={};try{s=await fetch(e,{method:tp.POST,headers:i,body:n})}catch{throw j(window.navigator.onLine?pC:hc)}d=sp(s.headers);try{return c=s.status,{headers:d,body:await s.json(),status:c}}catch{throw Ym(j(gd),c,d)}}}function ap(r){try{const e=new Headers;if(!(r&&r.headers))return e;const t=r.headers;return Object.entries(t).forEach(([n,i])=>{e.append(n,i)}),e}catch{throw j(RC)}}function sp(r){try{const e={};return r.forEach((t,n)=>{e[n]=t}),e}catch{throw j(OC)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const q0=6e4,vd=1e4,G0=3e4,j0=2e3;function Y0({auth:r,cache:e,system:t,telemetry:n},i){const s={clientId:P.EMPTY_STRING,authority:`${P.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:P.EMPTY_STRING,authorityMetadata:P.EMPTY_STRING,redirectUri:typeof window<"u"?yr():"",postLogoutRedirectUri:P.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:_r.AAD,OIDCOptions:{serverResponseType:wa.FRAGMENT,defaultScopes:[P.OPENID_SCOPE,P.PROFILE_SCOPE,P.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:Kd.None,tenant:P.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},c={cacheLocation:Ft.SessionStorage,temporaryCacheLocation:Ft.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===Ft.LocalStorage),claimsBasedCachingEnabled:!1},d={loggerCallback:()=>{},logLevel:Me.Info,piiLoggingEnabled:!1},g={...{...qy,loggerOptions:d,networkClient:i?new W0:h0,navigationClient:new gc,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)||q0,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)||vd,navigateFrameWait:0,redirectNavigationTimeout:G0,asyncPopups:!1,allowRedirectInIframe:!1,allowNativeBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)||j0,pollIntervalMilliseconds:en.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)||d},p={application:{appName:P.EMPTY_STRING,appVersion:P.EMPTY_STRING},client:new p0};if((r==null?void 0:r.protocolMode)!==_r.OIDC&&(r!=null&&r.OIDCOptions)&&new zr(g.loggerOptions).warning(JSON.stringify(Ne(By))),r!=null&&r.protocolMode&&r.protocolMode!==_r.AAD&&(g!=null&&g.allowNativeBroker))throw Ne(Fy);return{auth:{...s,...r,OIDCOptions:{...s.OIDCOptions,...r==null?void 0:r.OIDCOptions}},cache:{...c,...e},system:g,telemetry:{...p,...n}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const J0="@azure/msal-browser",Lc="3.28.1";/*! @azure/msal-browser v3.28.1 2025-01-14 */class ph{static loggerCallback(e,t){switch(e){case Me.Error:console.error(t);return;case Me.Info:console.info(t);return;case Me.Verbose:console.debug(t);return;case Me.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var f;this.browserEnvironment=typeof window<"u",this.config=Y0(e,this.browserEnvironment);let t;try{t=window[Ft.SessionStorage]}catch{}const n=t==null?void 0:t.getItem(I0),i=(f=t==null?void 0:t.getItem(b0))==null?void 0:f.toLowerCase(),s=i==="true"?!0:i==="false"?!1:void 0,c={...this.config.system.loggerOptions},d=n&&Object.keys(Me).includes(n)?Me[n]:void 0;d&&(c.loggerCallback=ph.loggerCallback,c.logLevel=d),s!==void 0&&(c.piiLoggingEnabled=s),this.logger=new zr(c,J0,Lc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vo extends ph{getModuleName(){return vo.MODULE_NAME}getId(){return vo.ID}async initialize(){return this.available=typeof window<"u",this.available}}vo.MODULE_NAME="";vo.ID="StandardOperatingContext";/*! @azure/msal-browser v3.28.1 2025-01-14 */function tr(r){return new TextDecoder().decode(Q0(r))}function Q0(r){let e=r.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw j(bC)}const t=atob(e);return Uint8Array.from(t,n=>n.codePointAt(0)||0)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class X0{constructor(){this.dbName=md,this.version=E0,this.tableName=S0,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const n=window.indexedDB.open(this.dbName,this.version);n.addEventListener("upgradeneeded",i=>{i.target.result.createObjectStore(this.tableName)}),n.addEventListener("success",i=>{const s=i;this.db=s.target.result,this.dbOpen=!0,e()}),n.addEventListener("error",()=>t(j(lh)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((n,i)=>{if(!this.db)return i(j(Xo));const d=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);d.addEventListener("success",()=>{this.closeConnection(),n()}),d.addEventListener("error",f=>{this.closeConnection(),i(f)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);c.addEventListener("success",()=>{this.closeConnection(),t()}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(j(Xo));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();s.addEventListener("success",c=>{const d=c;this.closeConnection(),e(d.target.result)}),s.addEventListener("error",c=>{this.closeConnection(),t(c)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result===1)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const n=window.indexedDB.deleteDatabase(md),i=setTimeout(()=>t(!1),200);n.addEventListener("success",()=>(clearTimeout(i),e(!0))),n.addEventListener("blocked",()=>(clearTimeout(i),e(!0))),n.addEventListener("error",()=>(clearTimeout(i),t(!1)))})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yd{constructor(){this.cache=new Map}getItem(e){return this.cache.get(e)||null}setItem(e,t){this.cache.set(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,n)=>{e.push(n)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Z0{constructor(e){this.inMemoryCache=new yd,this.indexedDBCache=new X0,this.logger=e}handleDatabaseAccessError(e){if(e instanceof Ta&&e.errorCode===lh)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(n){this.handleDatabaseAccessError(n)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(n){this.handleDatabaseAccessError(n)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(n){this.handleDatabaseAccessError(n)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class mi{constructor(e,t,n){this.logger=e,P0(n??!1),this.cache=new Z0(this.logger),this.performanceClient=t}createNewGuid(){return Er()}base64Encode(e){return uh(e)}base64Decode(e){return tr(e)}base64UrlEncode(e){return ks(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var p;const t=(p=this.performanceClient)==null?void 0:p.startMeasurement(k.CryptoOptsGetPublicKeyThumbprint,e.correlationId),n=await D0(mi.EXTRACTABLE,mi.POP_KEY_USAGES),i=await Mu(n.publicKey),s={e:i.e,kty:i.kty,n:i.n},c=cp(s),d=await this.hashString(c),f=await Mu(n.privateKey),g=await x0(f,!1,["sign"]);return await this.cache.setItem(d,{privateKey:g,publicKey:n.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),d}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,n,i){var V;const s=(V=this.performanceClient)==null?void 0:V.startMeasurement(k.CryptoOptsSignJwt,i),c=await this.cache.getItem(t);if(!c)throw j(ch);const d=await Mu(c.publicKey),f=cp(d),g=ks(JSON.stringify({kid:t})),p=oh.getShrHeaderString({...n==null?void 0:n.header,alg:d.alg,kid:g}),w=ks(p);e.cnf={jwk:JSON.parse(f)};const C=ks(JSON.stringify(e)),S=`${w}.${C}`,b=new TextEncoder().encode(S),N=await L0(c.privateKey,b),K=xc(new Uint8Array(N)),H=`${S}.${K}`;return s&&s.end({success:!0}),H}async hashString(e){return xC(e)}}mi.POP_KEY_USAGES=["sign","verify"];mi.EXTRACTABLE=!0;function cp(r){return JSON.stringify(r,Object.keys(r).sort())}/*! @azure/msal-browser v3.28.1 2025-01-14 */class eM{constructor(){if(!window.localStorage)throw fh(ha)}getItem(e){return window.localStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}removeItem(e){window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class tM{constructor(){if(!window.sessionStorage)throw fh(ha)}getItem(e){return window.sessionStorage.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function FC(r,e){if(!e)return null;try{return Bn.parseRequestState(r,e).libraryState.meta}catch{throw U(hi)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const nM=24*60*60*1e3;class rM{getItem(e){const t=`${encodeURIComponent(e)}`,n=document.cookie.split(";");for(let i=0;i<n.length;i++){const s=n[i],[c,...d]=decodeURIComponent(s).trim().split("="),f=d.join("=");if(c===t)return f}return""}setItem(e,t,n,i=!0){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=Lax;`;if(n){const c=oM(n);s+=`expires=${c};`}i&&(s+="Secure;"),document.cookie=s}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(n=>{const i=decodeURIComponent(n).trim().split("=");t.push(i[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function oM(r){const e=new Date;return new Date(e.getTime()+r*nM).toUTCString()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Cd extends fi{constructor(e,t,n,i,s,c){super(e,n,i,s),this.cacheConfig=t,this.logger=i,this.internalStorage=new yd,this.browserStorage=this.setupBrowserStorage(this.cacheConfig.cacheLocation),this.temporaryCacheStorage=this.setupBrowserStorage(this.cacheConfig.temporaryCacheLocation),this.cookieStorage=new rM,t.cacheMigrationEnabled&&(this.migrateCacheEntries(),this.createKeyMaps()),this.performanceClient=c}setupBrowserStorage(e){try{switch(e){case Ft.LocalStorage:return new eM;case Ft.SessionStorage:return new tM;case Ft.MemoryStorage:default:break}}catch(t){this.logger.error(t)}return this.cacheConfig.cacheLocation=Ft.MemoryStorage,new yd}migrateCacheEntries(){const e=`${P.CACHE_PREFIX}.${st.ID_TOKEN}`,t=`${P.CACHE_PREFIX}.${st.CLIENT_INFO}`,n=`${P.CACHE_PREFIX}.${st.ERROR}`,i=`${P.CACHE_PREFIX}.${st.ERROR_DESC}`,s=this.browserStorage.getItem(e),c=this.browserStorage.getItem(t),d=this.browserStorage.getItem(n),f=this.browserStorage.getItem(i),g=[s,c,d,f];[st.ID_TOKEN,st.CLIENT_INFO,st.ERROR,st.ERROR_DESC].forEach((w,C)=>{const S=g[C];S&&this.setTemporaryCache(w,S,!0)})}createKeyMaps(){this.logger.trace("BrowserCacheManager - createKeyMaps called.");const e=this.getItem(Dr.ACCOUNT_KEYS),t=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e&&t){this.logger.verbose("BrowserCacheManager:createKeyMaps - account and token key maps already exist, skipping migration.");return}this.browserStorage.getKeys().forEach(i=>{if(this.isCredentialKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);if(c&&c.hasOwnProperty("credentialType"))switch(c.credentialType){case re.ID_TOKEN:if(Fm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - idToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - idToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ID_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching idToken schema with value containing idToken credentialType field but value failed IdTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed idToken validation on key: ${i}`);break;case re.ACCESS_TOKEN:case re.ACCESS_TOKEN_WITH_AUTH_SCHEME:if(Bm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - accessToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - accessToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ACCESS_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching accessToken schema with value containing accessToken credentialType field but value failed AccessTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed accessToken validation on key: ${i}`);break;case re.REFRESH_TOKEN:if(Hm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - refreshToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - refreshToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.REFRESH_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching refreshToken schema with value containing refreshToken credentialType field but value failed RefreshTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed refreshToken validation on key: ${i}`);break}}}if(this.isAccountKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);c&&it.isAccountEntity(c)&&(this.logger.trace("BrowserCacheManager:createKeyMaps - account found, saving key to account key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - account with key: ${i} found, saving key to account key map`),this.addAccountKeyToMap(i))}}})}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getItem(e){return this.browserStorage.getItem(e)}setItem(e,t){this.browserStorage.setItem(e,t)}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const n=this.getCachedAccountEntity(e);return this.updateOutdatedCachedAccount(e,n,t)}getCachedAccountEntity(e){const t=this.getItem(e);if(!t)return this.removeAccountKeyFromMap(e),null;const n=this.validateAndParseJson(t);return!n||!it.isAccountEntity(n)?(this.removeAccountKeyFromMap(e),null):fi.toObject(new it,n)}setAccount(e){this.logger.trace("BrowserCacheManager.setAccount called");const t=e.generateAccountKey();this.setItem(t,JSON.stringify(e)),this.addAccountKeyToMap(t)}getAccountKeys(){this.logger.trace("BrowserCacheManager.getAccountKeys called");const e=this.getItem(Dr.ACCOUNT_KEYS);return e?JSON.parse(e):(this.logger.verbose("BrowserCacheManager.getAccountKeys - No account keys found"),[])}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();t.indexOf(e)===-1?(t.push(e),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added")):this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map")}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),n=t.indexOf(e);n>-1?(t.splice(n,1),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}removeOutdatedAccount(e){this.removeItem(e),this.removeAccountKeyFromMap(e)}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,re.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,re.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,re.REFRESH_TOKEN)}getTokenKeys(){this.logger.trace("BrowserCacheManager.getTokenKeys called");const e=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e){const t=this.validateAndParseJson(e);if(t&&t.hasOwnProperty("idToken")&&t.hasOwnProperty("accessToken")&&t.hasOwnProperty("refreshToken"))return t;this.logger.error("BrowserCacheManager.getTokenKeys - Token keys found but in an unknown format. Returning empty key map.")}else this.logger.verbose("BrowserCacheManager.getTokenKeys - No token keys found");return{idToken:[],accessToken:[],refreshToken:[]}}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:n.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),n.idToken.push(e));break;case re.ACCESS_TOKEN:n.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),n.accessToken.push(e));break;case re.REFRESH_TOKEN:n.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),n.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(sd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const i=n.idToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),n.idToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case re.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const s=n.accessToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),n.accessToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case re.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const c=n.refreshToken.indexOf(e);c>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),n.refreshToken.splice(c,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(sd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}getIdTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Fm(n)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n)}setIdTokenCredential(e){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ID_TOKEN)}getAccessTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Bm(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n)}setAccessTokenCredential(e){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Hm(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n)}setRefreshTokenCredential(e){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.REFRESH_TOKEN)}getAppMetadata(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!YN(e,n)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),n)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=jN(e);this.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!qN(e,n)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),n)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return n&&JN(e,n)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(bs.WRAPPER_SKU,e),this.internalStorage.setItem(bs.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(bs.WRAPPER_SKU)||P.EMPTY_STRING,t=this.internalStorage.getItem(bs.WRAPPER_VER)||P.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),t=this.getItem(e);if(!t){this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters cache schema found, looking for legacy schema");const i=this.generateCacheKey(st.ACTIVE_ACCOUNT),s=this.getItem(i);if(!s)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null;const c=this.getAccountInfoFilteredBy({localAccountId:s});return c?(this.logger.trace("BrowserCacheManager.getActiveAccount: Legacy active account cache schema found"),this.logger.trace("BrowserCacheManager.getActiveAccount: Adding active account filters cache schema"),this.setActiveAccount(c),c):null}const n=this.validateAndParseJson(t);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),n=this.generateCacheKey(st.ACTIVE_ACCOUNT);if(e){this.logger.verbose("setActiveAccount: Active account set");const i={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(i)),this.browserStorage.setItem(n,e.localAccountId)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t),this.browserStorage.removeItem(n)}getThrottlingCache(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!GN(e,n)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),n)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const n=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const s=this.cookieStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),s}const i=this.temporaryCacheStorage.getItem(n);if(!i){if(this.cacheConfig.cacheLocation===Ft.LocalStorage){const s=this.browserStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),s}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),i}setTemporaryCache(e,t,n){const i=n?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(i,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(i,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(k.ClearTokensAndKeysWithClaims,t);const n=this.getTokenKeys(),i=[];n.accessToken.forEach(s=>{const c=this.getAccessTokenCredential(s);c!=null&&c.requestedClaimsHash&&s.includes(c.requestedClaimsHash.toLowerCase())&&i.push(this.removeAccessToken(s))}),await Promise.all(i),i.length>0&&this.logger.warning(`${i.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):Un.startsWith(e,P.CACHE_PREFIX)||Un.startsWith(e,st.ADAL_ID_TOKEN)?e:`${P.CACHE_PREFIX}.${this.clientId}.${e}`}generateAuthorityKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.AUTHORITY}.${t}`)}generateNonceKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.NONCE_IDTOKEN}.${t}`)}generateStateKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.REQUEST_STATE}.${t}`)}getCachedAuthority(e){const t=this.generateStateKey(e),n=this.getTemporaryCache(t);if(!n)return null;const i=this.generateAuthorityKey(n);return this.getTemporaryCache(i)}updateCacheEntries(e,t,n,i,s){this.logger.trace("BrowserCacheManager.updateCacheEntries called");const c=this.generateStateKey(e);this.setTemporaryCache(c,e,!1);const d=this.generateNonceKey(e);this.setTemporaryCache(d,t,!1);const f=this.generateAuthorityKey(e);if(this.setTemporaryCache(f,n,!1),s){const g={credential:s.homeAccountId,type:on.HOME_ACCOUNT_ID};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}else if(i){const g={credential:i,type:on.UPN};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}}resetRequestCache(e){this.logger.trace("BrowserCacheManager.resetRequestCache called"),e&&(this.temporaryCacheStorage.getKeys().forEach(t=>{t.indexOf(e)!==-1&&this.removeTemporaryItem(t)}),this.removeTemporaryItem(this.generateStateKey(e)),this.removeTemporaryItem(this.generateNonceKey(e)),this.removeTemporaryItem(this.generateAuthorityKey(e))),this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(be.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(be.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(be.CORRELATION_ID)),this.removeTemporaryItem(this.generateCacheKey(be.CCS_CREDENTIAL)),this.removeTemporaryItem(this.generateCacheKey(be.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cleanRequestByState(e){if(this.logger.trace("BrowserCacheManager.cleanRequestByState called"),e){const t=this.generateStateKey(e),n=this.temporaryCacheStorage.getItem(t);this.logger.infoPii(`BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n||P.EMPTY_STRING)}}cleanRequestByInteractionType(e){this.logger.trace("BrowserCacheManager.cleanRequestByInteractionType called"),this.temporaryCacheStorage.getKeys().forEach(t=>{if(t.indexOf(be.REQUEST_STATE)===-1)return;const n=this.temporaryCacheStorage.getItem(t);if(!n)return;const i=FC(this.cryptoImpl,n);i&&i.interactionType===e&&(this.logger.infoPii(`BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n))}),this.setInteractionInProgress(!1)}cacheCodeRequest(e){this.logger.trace("BrowserCacheManager.cacheCodeRequest called");const t=uh(JSON.stringify(e));this.setTemporaryCache(be.REQUEST_PARAMS,t,!0)}getCachedRequest(e){this.logger.trace("BrowserCacheManager.getCachedRequest called");const t=this.getTemporaryCache(be.REQUEST_PARAMS,!0);if(!t)throw j(gC);let n;try{n=JSON.parse(tr(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${t}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),j(mC)}if(this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),!n.authority){const i=this.generateAuthorityKey(e),s=this.getTemporaryCache(i);if(!s)throw j(sh);n.authority=s}return n}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(be.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw j(aC);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}getLegacyLoginHint(){const e=this.getTemporaryCache(st.ADAL_ID_TOKEN);e&&(this.browserStorage.removeItem(st.ADAL_ID_TOKEN),this.logger.verbose("Cached ADAL id token retrieved."));const t=this.getTemporaryCache(st.ID_TOKEN,!0);t&&(this.browserStorage.removeItem(this.generateCacheKey(st.ID_TOKEN)),this.logger.verbose("Cached MSAL.js v1 id token retrieved"));const n=t||e;if(n){const i=Co(n,tr);if(i.preferred_username)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 preferred_username as loginHint"),i.preferred_username;if(i.upn)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 upn as loginHint"),i.upn;this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, however, no account hint claim found. Enable preferred_username or upn id token claim to get SSO.")}return null}updateCredentialCacheKey(e,t){const n=oi(t);if(e!==n){const i=this.getItem(e);if(i)return this.browserStorage.removeItem(e),this.setItem(n,i),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),n;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}async hydrateCache(e,t){var d,f,g;const n=Ic((d=e.account)==null?void 0:d.homeAccountId,(f=e.account)==null?void 0:f.environment,e.idToken,this.clientId,e.tenantId);let i;t.claims&&(i=await this.cryptoImpl.hashString(t.claims));const s=bc((g=e.account)==null?void 0:g.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?e.expiresOn.getTime()/1e3:0,e.extExpiresOn?e.extExpiresOn.getTime()/1e3:0,tr,void 0,e.tokenType,void 0,t.sshKid,t.claims,i),c={idToken:n,accessToken:s};return this.saveCacheRecord(c)}async saveCacheRecord(e,t,n){try{await super.saveCacheRecord(e,t,n)}catch(i){if(i instanceof ci&&this.performanceClient&&n)try{const s=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:s.refreshToken.length,cacheIdCount:s.idToken.length,cacheAtCount:s.accessToken.length},n)}catch{}throw i}}}const iM=(r,e)=>{const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new Cd(r,t,ac,e)};/*! @azure/msal-browser v3.28.1 2025-01-14 */function aM(r,e,t,n){return r.verbose("getAllAccounts called"),t?e.getAllAccounts(n):[]}function sM(r,e,t){if(e.trace("getAccount called"),Object.keys(r).length===0)return e.warning("getAccount: No accountFilter provided"),null;const n=t.getAccountInfoFilteredBy(r);return n?(e.verbose("getAccount: Account matching provided filter found, returning"),n):(e.verbose("getAccount: No matching account found, returning null"),null)}function cM(r,e,t){if(e.trace("getAccountByUsername called"),!r)return e.warning("getAccountByUsername: No username provided"),null;const n=t.getAccountInfoFilteredBy({username:r});return n?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${r}`),n):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function lM(r,e,t){if(e.trace("getAccountByHomeId called"),!r)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const n=t.getAccountInfoFilteredBy({homeAccountId:r});return n?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${r}`),n):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function uM(r,e,t){if(e.trace("getAccountByLocalId called"),!r)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const n=t.getAccountInfoFilteredBy({localAccountId:r});return n?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${r}`),n):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function dM(r,e){e.setActiveAccount(r)}function hM(r){return r.getActiveAccount()}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ne={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/*! @azure/msal-browser v3.28.1 2025-01-14 */class fM{constructor(e){this.eventCallbacks=new Map,this.logger=e||new zr({})}addEventCallback(e,t,n){if(typeof window<"u"){const i=n||z0();return this.eventCallbacks.has(i)?(this.logger.error(`Event callback with id: ${i} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(i,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${i}`),i)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,n,i){if(typeof window<"u"){const s={eventType:e,interactionType:t||null,payload:n||null,error:i||null,timestamp:Date.now()};this.eventCallbacks.forEach(([c,d],f)=>{(d.length===0||d.includes(e))&&(this.logger.verbose(`Emitting event to callback ${f}: ${e}`),c.apply(null,[s]))})}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HC{constructor(e,t,n,i,s,c,d,f,g){this.config=e,this.browserStorage=t,this.browserCrypto=n,this.networkClient=this.config.system.networkClient,this.eventHandler=s,this.navigationClient=c,this.nativeMessageHandler=f,this.correlationId=g||Er(),this.logger=i.clone(en.MSAL_SKU,Lc,this.correlationId),this.performanceClient=d}async clearCacheOnLogout(e){if(e){it.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(it.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return ye.getAbsoluteUrl(t,yr())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const n={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new da(n,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,n=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const i={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},s=e.requestAuthority||this.config.auth.authority,c=n!=null&&n.length?n==="true":this.config.auth.instanceAware,d=t&&c?this.config.auth.authority.replace(ye.getDomainFromUrl(s),t.environment):s,f=Tt.generateAuthority(d,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),g=await B(Yy,k.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(f,this.config.system.networkClient,this.browserStorage,i,this.logger,this.correlationId,this.performanceClient);if(t&&!g.isAlias(t.environment))throw Ne(Hy);return g}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const gM=32;async function mM(r,e,t){r.addQueueMeasurement(k.GeneratePkceCodes,t);const n=wo(pM,k.GenerateCodeVerifier,e,r,t)(r,e,t),i=await B(vM,k.GenerateCodeChallengeFromVerifier,e,r,t)(n,r,e,t);return{verifier:n,challenge:i}}function pM(r,e,t){try{const n=new Uint8Array(gM);return wo(M0,k.GetRandomValues,e,r,t)(n),xc(n)}catch{throw j(ih)}}async function vM(r,e,t,n){e.addQueueMeasurement(k.GenerateCodeChallengeFromVerifier,n);try{const i=await B(DC,k.Sha256Digest,t,e,n)(r,e,n);return xc(new Uint8Array(i))}catch{throw j(ih)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function vh(r,e,t,n){t.addQueueMeasurement(k.InitializeBaseRequest,r.correlationId);const i=r.authority||e.auth.authority,s=[...r&&r.scopes||[]],c={...r,correlationId:r.correlationId,authority:i,scopes:s};if(!c.authenticationScheme)c.authenticationScheme=Re.BEARER,n.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(c.authenticationScheme===Re.SSH){if(!r.sshJwk)throw Ne(kc);if(!r.sshKid)throw Ne(Uy)}n.verbose(`Authentication Scheme set to "${c.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&r.claims&&!Un.isEmptyObj(r.claims)&&(c.requestedClaimsHash=await xC(r.claims)),c}async function yM(r,e,t,n,i){n.addQueueMeasurement(k.InitializeSilentRequest,r.correlationId);const s=await B(vh,k.InitializeBaseRequest,i,n,r.correlationId)(r,t,n,i);return{...r,...s,account:e,forceRefresh:r.forceRefresh||!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vi extends HC{async initializeAuthorizationCodeRequest(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.correlationId);const t=await B(mM,k.GeneratePkceCodes,this.logger,this.performanceClient,this.correlationId)(this.performanceClient,this.logger,this.correlationId),n={...e,redirectUri:e.redirectUri,code:P.EMPTY_STRING,codeVerifier:t.verifier};return e.codeChallenge=t.challenge,e.codeChallengeMethod=P.S256_CODE_CHALLENGE_METHOD,n}initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId||Er(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const n=this.getLogoutHintFromIdTokenClaims(e.account);n&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=n)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e||e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(e.postLogoutRedirectUri,yr())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,yr())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(yr(),yr())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Xy(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}=e;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetClientConfiguration,this.correlationId);const d=await B(this.getDiscoveredAuthority.bind(this),k.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}),f=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:d,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:f.loggerCallback,piiLoggingEnabled:f.piiLoggingEnabled,logLevel:f.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:en.MSAL_SKU,version:Lc,cpu:P.EMPTY_STRING,os:P.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),i={interactionType:t},s=Bn.setRequestState(this.browserCrypto,e&&e.state||P.EMPTY_STRING,i),d={...await B(vh,k.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:s,nonce:e.nonce||Er(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint||e.sid)return d;const f=e.account||this.browserStorage.getActiveAccount();if(f&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${f.homeAccountId}`,this.correlationId),d.account=f),!d.loginHint&&!f){const g=this.browserStorage.getLegacyLoginHint();g&&(d.loginHint=g)}return d}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const CM="ContentError",VC="user_switch";/*! @azure/msal-browser v3.28.1 2025-01-14 */const wM="USER_INTERACTION_REQUIRED",_M="USER_CANCEL",TM="NO_NETWORK",EM="PERSISTENT_ERROR",SM="DISABLED",AM="ACCOUNT_UNAVAILABLE";/*! @azure/msal-browser v3.28.1 2025-01-14 */const IM=-2147186943,bM={[VC]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Jn extends Fe{constructor(e,t,n){super(e,t),Object.setPrototypeOf(this,Jn.prototype),this.name="NativeAuthError",this.ext=n}}function Zo(r){if(r.ext&&r.ext.status&&(r.ext.status===EM||r.ext.status===SM)||r.ext&&r.ext.error&&r.ext.error===IM)return!0;switch(r.errorCode){case CM:return!0;default:return!1}}function wd(r,e,t){if(t&&t.status)switch(t.status){case AM:return dd(Jy);case wM:return new Fn(r,e);case _M:return j(po);case TM:return j(hc)}return new Jn(r,bM[r]||e,t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class $C extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),n=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),i=new d0(n,this.performanceClient);this.logger.verbose("Silent auth client created");try{const c=(await B(i.acquireCachedToken.bind(i),k.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),c}catch(s){throw s instanceof Ta&&s.errorCode===ch&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),s}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class li extends HC{constructor(e,t,n,i,s,c,d,f,g,p,w,C){var T;super(e,t,n,i,s,c,f,g,C),this.apiId=d,this.accountId=p,this.nativeMessageHandler=g,this.nativeStorageManager=w,this.silentCacheClient=new $C(e,this.nativeStorageManager,n,i,s,c,f,g,C),this.serverTelemetryManager=this.initializeServerTelemetryManager(this.apiId);const S=this.nativeMessageHandler.getExtensionId()===ai.PREFERRED_EXTENSION_ID?"chrome":(T=this.nativeMessageHandler.getExtensionId())!=null&&T.length?"unknown":void 0;this.skus=da.makeExtraSkuString({libraryName:en.MSAL_SKU,libraryVersion:Lc,extensionName:S,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[jP]:this.skus}}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const t=this.performanceClient.startMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),n=rr();try{const i=await this.initializeNativeRequest(e);try{const g=await this.acquireTokensFromCache(this.accountId,i);return t.end({success:!0,isNativeBroker:!1,fromCache:!0}),g}catch{this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...s}=i,c={method:uo.GetToken,request:s},d=await this.nativeMessageHandler.sendMessage(c),f=this.validateNativeResponse(d);return await this.handleNativeResponse(f,i,n).then(g=>(t.end({success:!0,isNativeBroker:!0,requestId:g.requestId}),this.serverTelemetryManager.clearNativeBrokerErrorCode(),g)).catch(g=>{throw t.end({success:!1,errorCode:g.errorCode,subErrorCode:g.subError,isNativeBroker:!0}),g})}catch(i){throw i instanceof Jn&&this.serverTelemetryManager.setNativeBrokerErrorCode(i.errorCode),i}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Ye.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),U(id);const n=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!n)throw U(id);try{const i=this.createSilentCacheRequest(t,n),s=await this.silentCacheClient.acquireToken(i),c={...n,idTokenClaims:s==null?void 0:s.idTokenClaims,idToken:s==null?void 0:s.idToken};return{...s,account:c}}catch(i){throw i}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...n}=e;delete n.onRedirectNavigate;const i=await this.initializeNativeRequest(n),s={method:uo.GetToken,request:i};try{const f=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(f)}catch(f){if(f instanceof Jn&&(this.serverTelemetryManager.setNativeBrokerErrorCode(f.errorCode),Zo(f)))throw f}this.browserStorage.setTemporaryCache(be.NATIVE_REQUEST,JSON.stringify(i),!0);const c={apiId:xe.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(d,c)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const n=this.browserStorage.getCachedNativeRequest();if(!n)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null||e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:i,...s}=n;i&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.NATIVE_REQUEST));const c={method:uo.GetToken,request:s},d=rr();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const f=await this.nativeMessageHandler.sendMessage(c);this.validateNativeResponse(f);const g=this.handleNativeResponse(f,s,d);this.browserStorage.setInteractionInProgress(!1);const p=await g;return this.serverTelemetryManager.clearNativeBrokerErrorCode(),p}catch(f){throw this.browserStorage.setInteractionInProgress(!1),f}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,n){var p;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const i=Co(e.id_token,tr),s=this.createHomeAccountIdentifier(e,i),c=(p=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:p.homeAccountId;if(s!==c&&e.account.id!==t.accountId)throw wd(VC);const d=await this.getDiscoveredAuthority({requestAuthority:t.authority}),f=nh(this.browserStorage,d,s,tr,i,e.client_info,void 0,i.tid,void 0,e.account.id,this.logger),g=await this.generateAuthenticationResult(e,t,i,f,d.canonicalAuthority,n);return this.cacheAccount(f),this.cacheNativeTokens(e,t,s,i,e.access_token,g.tenantId,n),g}createHomeAccountIdentifier(e,t){return it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,Dn.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===Re.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const n=new gi(this.browserCrypto),i={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw U(Vd);return n.signPopToken(e.access_token,t.keyId,i)}else return e.access_token}async generateAuthenticationResult(e,t,n,i,s,c){const d=this.addTelemetryFromNativeResponse(e),f=e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope),g=e.account.properties||{},p=g.UID||n.oid||n.sub||P.EMPTY_STRING,w=g.TenantId||n.tid||P.EMPTY_STRING,C=Jd(i.getAccountInfo(),void 0,n,e.id_token);C.nativeAccountId!==e.account.id&&(C.nativeAccountId=e.account.id);const S=await this.generatePopAccessToken(e,t),T=t.tokenType===Re.POP?Re.POP:Re.BEARER;return{authority:s,uniqueId:p,tenantId:w,scopes:f.asArray(),account:C,idToken:e.id_token,idTokenClaims:n,accessToken:S,fromCache:d?this.isResponseFromCache(d):!1,expiresOn:new Date(Number(c+e.expires_in)*1e3),tokenType:T,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}cacheAccount(e){this.browserStorage.setAccount(e),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,n,i,s,c,d){const f=Ic(n,t.authority,e.id_token||"",t.clientId,i.tid||""),g=t.tokenType===Re.POP?P.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,p=d+g,w=this.generateScopes(e,t),C=bc(n,t.authority,s,t.clientId,i.tid||c,w.printScopes(),p,0,tr,void 0,t.tokenType,void 0,t.keyId),S={idToken:f,accessToken:C};this.nativeStorageManager.saveCacheRecord(S,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw ay(xd,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const n=new ye(t);n.validateAsUri();const{scopes:i,...s}=e,c=new Ye(i||[]);c.appendScopes(pi);const d=()=>{switch(this.apiId){case xe.ssoSilent:case xe.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),lt.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),j(IC)}},f={...s,accountId:this.accountId,clientId:this.config.auth.clientId,authority:n.urlString,scope:c.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:d(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(f.signPopToken&&e.popKid)throw j(kC);if(this.handleExtraBrokerParams(f),f.extraParameters=f.extraParameters||{},f.extraParameters.telemetry=ai.MATS_TELEMETRY,e.authenticationScheme===Re.POP){const g={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},p=new gi(this.browserCrypto);let w;if(f.keyId)w=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:f.keyId})),f.signPopToken=!1;else{const C=await B(p.generateCnf.bind(p),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(g,this.logger);w=C.reqCnfString,f.keyId=C.kid,f.signPopToken=!0}f.reqCnf=w}return this.addRequestSKUs(f),f}handleExtraBrokerParams(e){var s;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(Zd)&&e.extraParameters.hasOwnProperty(ud)&&e.extraParameters.hasOwnProperty(go);if(!e.embeddedClientId&&!t)return;let n="";const i=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,n=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[ud],n=e.extraParameters[go]),e.extraParameters={child_client_id:n,child_redirect_uri:i},(s=this.performanceClient)==null||s.addFields({embeddedClientId:n,embeddedRedirectUri:i},e.correlationId)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Qn{constructor(e,t,n,i){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=i,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=n,this.handshakeEvent=n.startMeasurement(k.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((n,i)=>{this.resolvers.set(t.responseId,{resolve:n,reject:i})})}static async createProvider(e,t,n){e.trace("NativeMessageHandler - createProvider called.");try{const i=new Qn(e,t,n,ai.PREFERRED_EXTENSION_ID);return await i.sendHandshakeRequest(),i}catch{const s=new Qn(e,t,n);return await s.sendHandshakeRequest(),s}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:{method:uo.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,n)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:n}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),n(j(EC)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel||t.channel!==ai.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===uo.HandshakeRequest){const n=this.handshakeResolvers.get(t.responseId);if(!n){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),n.reject(j(SC))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,n=this.resolvers.get(t.responseId),i=this.handshakeResolvers.get(t.responseId);try{const s=t.body.method;if(s===uo.Response){if(!n)return;const c=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(c)}`),c.status!=="Success")n.reject(wd(c.code,c.description,c.ext));else if(c.result)c.result.code&&c.result.description?n.reject(wd(c.result.code,c.result.description,c.result.ext)):n.resolve(c.result);else throw ay(xd,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(s===uo.HandshakeResponse){if(!i){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),i.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(s){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${s}`),this.logger.errorPii(`Unable to parse ${e}`),n?n.reject(s):i&&i.reject(s)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isNativeAvailable(e,t,n,i){if(t.trace("isNativeAvailable called"),!e.system.allowNativeBroker)return t.trace("isNativeAvailable: allowNativeBroker is not enabled, returning false"),!1;if(!n)return t.trace("isNativeAvailable: WAM extension provider is not initialized, returning false"),!1;if(i)switch(i){case Re.BEARER:case Re.POP:return t.trace("isNativeAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isNativeAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yh{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(k.HandleCodeResponse,t.correlationId);let n;try{n=this.authModule.handleFragmentResponse(e,t.state)}catch(i){throw i instanceof Wr&&i.subError===po?j(po):i}return B(this.handleCodeResponseFromServer.bind(this),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(n,t)}async handleCodeResponseFromServer(e,t,n=!0){if(this.performanceClient.addQueueMeasurement(k.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const s=this.createCcsCredentials(t);s&&(this.authCodeRequest.ccsCredential=s)}return await B(this.authModule.acquireToken.bind(this.authModule),k.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:on.UPN}:null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function KC(r,e,t){const n=lc(r);if(!n)throw $y(r)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${r}`),j(rC)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),j(nC));return n}function kM(r,e,t){if(!r.state)throw j(ah);const n=FC(e,r.state);if(!n)throw j(oC);if(n.interactionType!==t)throw j(iC)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class RM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=f}acquireToken(e){try{const n={popupName:this.generatePopupName(e.scopes||pi,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window};return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,n)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),n.popup=this.openSizedPopup("about:blank",n),this.acquireTokenPopupAsync(e,n))}catch(t){return Promise.reject(t)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),n={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)||{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},i=e&&e.authority,s=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,n,i,s)):(this.logger.verbose("asyncPopup set to false, opening popup"),n.popup=this.openSizedPopup("about:blank",n),this.logoutPopupAsync(t,n,i,s))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t){var s;this.logger.verbose("acquireTokenPopupAsync called");const n=this.initializeServerTelemetryManager(xe.acquireTokenPopup),i=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Popup);BC(i.authority);try{const c=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(i),d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),f=Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);let g;f&&(g=this.performanceClient.startMeasurement(k.FetchAccountIdWithNativeBroker,e.correlationId));const p=await d.getAuthCodeUrl({...i,nativeBroker:f}),w=new yh(d,this.browserStorage,c,this.logger,this.performanceClient),C=this.initiateAuthRequest(p,t);this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null);const S=await this.monitorPopupForHash(C,t.popupWindowParent),T=wo(KC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(S,this.config.auth.OIDCOptions.serverResponseType,this.logger);if(Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,c),T.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),g&&g.end({success:!0,isNativeBroker:!0}),!this.nativeMessageHandler)throw j(_a);const N=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,T.accountId,this.nativeStorage,i.correlationId),{userRequestState:K}=Bn.parseRequestState(this.browserCrypto,i.state);return await N.acquireToken({...i,state:K,prompt:void 0})}return await w.handleCodeResponse(T,i)}catch(c){throw(s=t.popup)==null||s.close(),c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),c}}async logoutPopupAsync(e,t,n,i){var c,d,f,g;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(ne.LOGOUT_START,X.Popup,e);const s=this.initializeServerTelemetryManager(xe.logoutPopup);try{await this.clearCacheOnLogout(e.account);const p=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:s,requestAuthority:n,account:e.account||void 0});try{p.authority.endSessionEndpoint}catch{if((c=e.account)!=null&&c.homeAccountId&&e.postLogoutRedirectUri&&p.authority.protocolMode===_r.OIDC){if(this.browserStorage.removeAccount((d=e.account)==null?void 0:d.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());await this.navigationClient.navigateInternal(T,S)}(f=t.popup)==null||f.close();return}}const w=p.getLogoutUri(e);this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e);const C=this.openPopup(w,t);if(this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null),await this.monitorPopupForHash(C,t.popupWindowParent).catch(()=>{}),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${T}`),await this.navigationClient.navigateInternal(T,S)}else this.logger.verbose("No main window navigation requested")}catch(p){throw(g=t.popup)==null||g.close(),p instanceof Fe&&(p.setCorrelationId(this.correlationId),s.cacheFailedRequest(p)),this.browserStorage.setInteractionInProgress(!1),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Popup,null,p),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup),p}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),j(Pc)}monitorPopupForHash(e,t){return new Promise((n,i)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const s=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(s),i(j(po));return}let c="";try{c=e.location.href}catch{}if(!c||c==="about:blank")return;clearInterval(s);let d="";const f=this.config.auth.OIDCOptions.serverResponseType;e&&(f===wa.QUERY?d=e.location.search:d=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),n(d)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let n;if(t.popup?(n=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),n.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),n=this.openSizedPopup(e,t)),!n)throw j(cC);return n.focus&&n.focus(),this.currentWindow=n,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),n}catch(n){throw this.logger.error("error opening popup "+n.message),this.browserStorage.setInteractionInProgress(!1),j(sC)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:n,popupWindowParent:i}){var S,T,b,N;const s=i.screenLeft?i.screenLeft:i.screenX,c=i.screenTop?i.screenTop:i.screenY,d=i.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,f=i.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let g=(S=n.popupSize)==null?void 0:S.width,p=(T=n.popupSize)==null?void 0:T.height,w=(b=n.popupPosition)==null?void 0:b.top,C=(N=n.popupPosition)==null?void 0:N.left;return(!g||g<0||g>d)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),g=en.POPUP_WIDTH),(!p||p<0||p>f)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),p=en.POPUP_HEIGHT),(!w||w<0||w>f)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),w=Math.max(0,f/2-en.POPUP_HEIGHT/2+c)),(!C||C<0||C>d)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),C=Math.max(0,d/2-en.POPUP_WIDTH/2+s)),i.open(e,t,`width=${g}, height=${p}, top=${w}, left=${C}, scrollbars=yes`)}unloadWindow(e){this.browserStorage.cleanRequestByInteractionType(X.Popup),this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow),this.browserStorage.setInteractionInProgress(!1)}generatePopupName(e,t){return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class lp{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){t.redirectStartPage&&(this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page"),this.browserStorage.setTemporaryCache(be.ORIGIN_URI,t.redirectStartPage,!0)),this.browserStorage.setTemporaryCache(be.CORRELATION_ID,this.authCodeRequest.correlationId,!0),this.browserStorage.cacheCodeRequest(this.authCodeRequest),this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const n={apiId:xe.acquireTokenRedirect,timeout:t.redirectTimeout,noHistory:!1};if(typeof t.onRedirectNavigate=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),t.onRedirectNavigate(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await t.navigationClient.navigateExternal(e,n);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await t.navigationClient.navigateExternal(e,n);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),j(Pc)}async handleCodeResponse(e,t){this.logger.verbose("RedirectHandler.handleCodeResponse called"),this.browserStorage.setInteractionInProgress(!1);const n=this.browserStorage.generateStateKey(t),i=this.browserStorage.getTemporaryCache(n);if(!i)throw U(ic,"Cached State");let s;try{s=this.authModule.handleFragmentResponse(e,i)}catch(g){throw g instanceof Wr&&g.subError===po?j(po):g}const c=this.browserStorage.generateNonceKey(i),d=this.browserStorage.getTemporaryCache(c);if(this.authCodeRequest.code=s.code,s.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,this.authCodeRequest.correlationId)(s.cloud_instance_host_name,this.authCodeRequest.correlationId),s.nonce=d||void 0,s.state=i,s.client_info)this.authCodeRequest.clientInfo=s.client_info;else{const g=this.checkCcsCredentials();g&&(this.authCodeRequest.ccsCredential=g)}const f=await this.authModule.acquireToken(this.authCodeRequest,s);return this.browserStorage.cleanRequestByState(t),f}checkCcsCredentials(){const e=this.browserStorage.getTemporaryCache(be.CCS_CREDENTIAL,!0);if(e)try{return JSON.parse(e)}catch{this.authModule.logger.error("Cache credential could not be parsed"),this.authModule.logger.errorPii(`Cache credential could not be parsed: ${e}`)}return null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function OM(){if(typeof window>"u"||typeof window.performance>"u"||typeof window.performance.getEntriesByType!="function")return;const r=window.performance.getEntriesByType("navigation"),e=r.length?r[0]:void 0;return e==null?void 0:e.type}class NM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.nativeStorage=f}async acquireToken(e){const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Redirect);this.browserStorage.updateCacheEntries(t.state,t.nonce,t.authority,t.loginHint||"",t.account||null);const n=this.initializeServerTelemetryManager(xe.acquireTokenRedirect),i=s=>{s.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.cleanRequestByState(t.state),this.eventHandler.emitEvent(ne.RESTORE_FROM_BFCACHE,X.Redirect))};try{const s=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(t),c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),d=new lp(c,this.browserStorage,s,this.logger,this.performanceClient),f=await c.getAuthCodeUrl({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme)}),g=this.getRedirectStartPage(e.redirectStartPage);return this.logger.verbosePii(`Redirect start page: ${g}`),window.addEventListener("pageshow",i),await d.initiateAuthRequest(f,{navigationClient:this.navigationClient,redirectTimeout:this.config.system.redirectNavigationTimeout,redirectStartPage:g,onRedirectNavigate:e.onRedirectNavigate||this.config.auth.onRedirectNavigate})}catch(s){throw s instanceof Fe&&(s.setCorrelationId(this.correlationId),n.cacheFailedRequest(s)),window.removeEventListener("pageshow",i),this.browserStorage.cleanRequestByState(t.state),s}}async handleRedirectPromise(e="",t){const n=this.initializeServerTelemetryManager(xe.handleRedirectPromise);try{if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const[i,s]=this.getRedirectResponse(e||"");if(!i)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.cleanRequestByInteractionType(X.Redirect),OM()!=="back_forward"?t.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(be.ORIGIN_URI,!0)||P.EMPTY_STRING,d=ye.removeHashFromUrl(c),f=ye.removeHashFromUrl(window.location.href);if(d===f&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&B0(c),await this.handleResponse(i,n);if(this.config.auth.navigateToLoginRequestUrl){if(!gh()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(be.URL_HASH,s,!0);const g={apiId:xe.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c||c==="null"){const w=H0();this.browserStorage.setTemporaryCache(be.ORIGIN_URI,w,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(w,g)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,g);if(!p)return await this.handleResponse(i,n)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(i,n);return null}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),this.browserStorage.cleanRequestByInteractionType(X.Redirect),i}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t||(this.config.auth.OIDCOptions.serverResponseType===wa.QUERY?t=window.location.search:t=window.location.hash);let n=lc(t);if(n){try{kM(n,this.browserCrypto,X.Redirect)}catch(s){return s instanceof Fe&&this.logger.error(`Interaction type validation failed due to ${s.errorCode}: ${s.errorMessage}`),[null,""]}return U0(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,t]}const i=this.browserStorage.getTemporaryCache(be.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.URL_HASH)),i&&(n=lc(i),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,i]):[null,""]}async handleResponse(e,t){const n=e.state;if(!n)throw j(ah);const i=this.browserStorage.getCachedRequest(n);if(this.logger.verbose("handleResponse called, retrieved cached request"),e.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(_a);const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,e.accountId,this.nativeStorage,i.correlationId),{userRequestState:g}=Bn.parseRequestState(this.browserCrypto,n);return f.acquireToken({...i,state:g,prompt:void 0}).finally(()=>{this.browserStorage.cleanRequestByState(n)})}const s=this.browserStorage.getCachedAuthority(n);if(!s)throw j(sh);const c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:s});return Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,i),new lp(c,this.browserStorage,i,this.logger,this.performanceClient).handleCodeResponse(e,n)}async logout(e){var i,s;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),n=this.initializeServerTelemetryManager(xe.logout);try{this.eventHandler.emitEvent(ne.LOGOUT_START,X.Redirect,e),await this.clearCacheOnLogout(t.account);const c={apiId:xe.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account||void 0});if(d.authority.protocolMode===_r.OIDC)try{d.authority.endSessionEndpoint}catch{if((i=t.account)!=null&&i.homeAccountId){this.browserStorage.removeAccount((s=t.account)==null?void 0:s.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t);return}}const f=d.getLogoutUri(t);if(this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(f)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}}catch(c){throw c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Redirect,null,c),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect),c}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return ye.getAbsoluteUrl(t,yr())}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function PM(r,e,t,n,i){if(e.addQueueMeasurement(k.SilentHandlerInitiateAuthRequest,n),!r)throw t.info("Navigate url is empty"),j(Pc);return i?B(DM,k.SilentHandlerLoadFrame,t,e,n)(r,i,e,n):wo(xM,k.SilentHandlerLoadFrameSync,t,e,n)(r)}async function MM(r,e,t,n,i,s,c){return n.addQueueMeasurement(k.SilentHandlerMonitorIframeForHash,s),new Promise((d,f)=>{e<vd&&i.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${vd}ms). This may result in timeouts.`);const g=window.setTimeout(()=>{window.clearInterval(p),f(j(lC))},e),p=window.setInterval(()=>{let w="";const C=r.contentWindow;try{w=C?C.location.href:""}catch{}if(!w||w==="about:blank")return;let S="";C&&(c===wa.QUERY?S=C.location.search:S=C.location.hash),window.clearTimeout(g),window.clearInterval(p),d(S)},t)}).finally(()=>{wo(LM,k.RemoveHiddenIframe,i,n,s)(r)})}function DM(r,e,t,n){return t.addQueueMeasurement(k.SilentHandlerLoadFrame,n),new Promise((i,s)=>{const c=zC();window.setTimeout(()=>{if(!c){s("Unable to load iframe");return}c.src=r,i(c)},e)})}function xM(r){const e=zC();return e.src=r,e}function zC(){const r=document.createElement("iframe");return r.className="msalSilentIframe",r.style.visibility="hidden",r.style.position="absolute",r.style.width=r.style.height="0",r.style.border="0",r.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(r),r}function LM(r){document.body===r.parentNode&&document.body.removeChild(r)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class UM extends vi{constructor(e,t,n,i,s,c,d,f,g,p,w){super(e,t,n,i,s,c,f,p,w),this.apiId=d,this.nativeStorage=g}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account||!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==lt.NONE&&t.prompt!==lt.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${lt.NONE}`),t.prompt=lt.NONE):t.prompt=lt.NONE;const n=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);BC(n.authority);const i=this.initializeServerTelemetryManager(this.apiId);let s;try{return s=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:i,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(s,n)}catch(c){if(c instanceof Fe&&(c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c)),!s||!(c instanceof Fe)||c.errorCode!==en.INVALID_GRANT_ERROR)throw c;this.performanceClient.addFields({retryError:c.errorCode},this.correlationId);const d=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);return await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(s,d)}}logout(){return Promise.reject(j(Mc))}async silentTokenHelper(e,t){const n=t.correlationId;this.performanceClient.addQueueMeasurement(k.SilentIframeClientTokenHelper,n);const i=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,n)(t),s=await B(e.getAuthCodeUrl.bind(e),k.GetAuthCodeUrl,this.logger,this.performanceClient,n)({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,t.authenticationScheme)}),c=new yh(e,this.browserStorage,i,this.logger,this.performanceClient),d=await B(PM,k.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,n)(s,this.performanceClient,this.logger,n,this.config.system.navigateFrameWait),f=this.config.auth.OIDCOptions.serverResponseType,g=await B(MM,k.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,n)(d,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,n,f),p=wo(KC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(g,f,this.logger);if(p.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(_a);const w=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.apiId,this.performanceClient,this.nativeMessageHandler,p.accountId,this.browserStorage,n),{userRequestState:C}=Bn.parseRequestState(this.browserCrypto,t.state);return B(w.acquireToken.bind(w),k.NativeInteractionClientAcquireToken,this.logger,this.performanceClient,n)({...t,state:C,prompt:t.prompt||lt.NONE})}return B(c.handleCodeResponse.bind(c),k.HandleCodeResponse,this.logger,this.performanceClient,n)(p,t)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class BM extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentRefreshClientAcquireToken,e.correlationId);const t=await B(vh,k.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),n={...e,...t};e.redirectUri&&(n.redirectUri=this.getRedirectUri(e.redirectUri));const i=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),s=await this.createRefreshTokenClient({serverTelemetryManager:i,authorityUrl:n.authority,azureCloudOptions:n.azureCloudOptions,account:n.account});return B(s.acquireTokenByRefreshToken.bind(s),k.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(n).catch(c=>{throw c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c),c})}logout(){return Promise.reject(j(Mc))}async createRefreshTokenClient(e){const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new hd(t,this.performanceClient)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class FM{constructor(e,t,n,i){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=n,this.cryptoObj=i}loadExternalTokens(e,t,n){if(!this.isBrowserEnvironment)throw j(Dc);const i=t.id_token?Co(t.id_token,tr):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},c=e.authority?new Tt(Tt.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId||Er()):void 0,d=this.loadAccount(e,n.clientInfo||t.client_info||"",i,c),f=this.loadIdToken(t,d.homeAccountId,d.environment,d.realm),g=this.loadAccessToken(e,t,d.homeAccountId,d.environment,d.realm,n),p=this.loadRefreshToken(t,d.homeAccountId,d.environment);return this.generateAuthenticationResult(e,{account:d,idToken:f,accessToken:g,refreshToken:p},i,c)}loadAccount(e,t,n,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const f=it.createFromAccountInfo(e.account);return this.storage.setAccount(f),f}else if(!i||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),j(yC);const s=it.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,n),c=n==null?void 0:n.tid,d=nh(this.storage,i,s,tr,n,t,i.hostnameAndPort,c,void 0,void 0,this.logger);return this.storage.setAccount(d),d}loadIdToken(e,t,n,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Ic(t,n,e.id_token,this.config.auth.clientId,i);return this.storage.setIdTokenCredential(s),s}loadAccessToken(e,t,n,i,s,c){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes||!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const d=t.scope?Ye.fromString(t.scope):new Ye(e.scopes),f=c.expiresOn||t.expires_in+new Date().getTime()/1e3,g=c.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+new Date().getTime()/1e3,p=bc(n,i,t.access_token,this.config.auth.clientId,s,d.printScopes(),f,g,tr);return this.storage.setAccessTokenCredential(p),p}loadRefreshToken(e,t,n){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=Iy(t,n,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return this.storage.setRefreshTokenCredential(i),i}generateAuthenticationResult(e,t,n,i){var p,w,C;let s="",c=[],d=null,f;t!=null&&t.accessToken&&(s=t.accessToken.secret,c=Ye.fromString(t.accessToken.target).asArray(),d=new Date(Number(t.accessToken.expiresOn)*1e3),f=new Date(Number(t.accessToken.extendedExpiresOn)*1e3));const g=t.account;return{authority:i?i.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:c,account:g.getAccountInfo(),idToken:((p=t.idToken)==null?void 0:p.secret)||"",idTokenClaims:n||{},accessToken:s,fromCache:!0,expiresOn:d,correlationId:e.correlationId||"",requestId:"",extExpiresOn:f,familyId:((w=t.refreshToken)==null?void 0:w.familyId)||"",tokenType:((C=t==null?void 0:t.accessToken)==null?void 0:C.tokenType)||"",state:e.state||"",cloudGraphHostName:g.cloudGraphHostName||"",msGraphHost:g.msGraphHost||"",fromNativeBroker:!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HM extends Xy{constructor(e){super(e),this.includeRedirectUri=!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,f,g,p),this.apiId=d}async acquireToken(e){if(!e.code)throw j(CC);const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,X.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const i={...t,code:e.code},s=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),c=new HM(s);this.logger.verbose("Auth code client created");const d=new yh(c,this.browserStorage,i,this.logger,this.performanceClient);return await B(d.handleCodeResponseFromServer.bind(d),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),i}}logout(){return Promise.reject(j(Mc))}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function qn(r){const e=r==null?void 0:r.idTokenClaims;if(e!=null&&e.tfp||e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function Rs(r,e){try{mh(r)}catch(t){throw e.end({success:!1},t),t}}class Uc{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mi(this.logger,this.performanceClient):ac,this.eventHandler=new fM(this.logger),this.browserStorage=this.isBrowserEnvironment?new Cd(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,t0(this.config.auth),this.performanceClient):iM(this.config.auth.clientId,this.logger);const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new Cd(this.config.auth.clientId,t,this.browserCrypto,this.logger,void 0,this.performanceClient),this.tokenCache=new FM(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this),this.listeningToStorageEvents=!1,this.handleAccountCacheChange=this.handleAccountCacheChange.bind(this)}static async createController(e,t){const n=new Uc(e);return await n.initialize(t),n}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)||this.getRequestCorrelationId(),n=this.config.system.allowNativeBroker,i=this.performanceClient.startMeasurement(k.InitializeClientApplication,t);if(this.eventHandler.emitEvent(ne.INITIALIZE_START),n)try{this.nativeExtensionProvider=await Qn.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(s){this.logger.verbose(s)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await B(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),k.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END),i.end({allowNativeBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),UC(this.initialized),this.isBrowserEnvironment){const t=e||"";let n=this.redirectResponse.get(t);return typeof n>"u"?(n=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,n),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),n}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){const t=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e,s=i?n==null?void 0:n.correlationId:this.browserStorage.getTemporaryCache(be.CORRELATION_ID,!0)||"",c=this.performanceClient.startMeasurement(k.AcquireTokenRedirect,s);this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_START,X.Redirect);let d;if(i&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,n.accountId,this.nativeInternalStorage,n.correlationId);d=B(f.handleRedirectPromise.bind(f),k.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(this.performanceClient,c.event.correlationId)}else{this.logger.trace("handleRedirectPromise - acquiring token from web flow");const f=this.createRedirectClient(s);d=B(f.handleRedirectPromise.bind(f),k.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(e,c)}return d.then(f=>(f?(t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),c.end({success:!0,accountType:qn(f.account)})):c.event.errorCode?c.end({success:!1}):c.discard(),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),f)).catch(f=>{const g=f;throw t.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,g):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,g),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),c.end({success:!1},g),f})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenPreRedirect,t);n.add({accountType:qn(e.account),scenarioId:e.scenarioId});const i=e.onRedirectNavigate;if(i)e.onRedirectNavigate=c=>{const d=typeof i=="function"?i(c):void 0;return d!==!1?n.end({success:!0}):n.discard(),d};else{const c=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=d=>{const f=typeof c=="function"?c(d):void 0;return f!==!1?n.end({success:!0}):n.discard(),f}}const s=this.getAllAccounts().length>0;try{ip(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Redirect,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Redirect,e);let c;return this.nativeExtensionProvider&&this.canUseNative(e)?c=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,n).catch(f=>{if(f instanceof Jn&&Zo(f))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(f instanceof Fn)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),f}):c=this.createRedirectClient(t).acquireToken(e),await c}catch(c){throw n.end({success:!1},c),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,c),c}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenPopup,t);n.add({scenarioId:e.scenarioId,accountType:qn(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),Rs(this.initialized,n),this.browserStorage.setInteractionInProgress(!0)}catch(c){return Promise.reject(c)}const i=this.getAllAccounts();i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Popup,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Popup,e);let s;return this.canUseNative(e)?s=this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenPopup).then(c=>(this.browserStorage.setInteractionInProgress(!1),n.end({success:!0,isNativeBroker:!0,accountType:qn(c.account)}),c)).catch(c=>{if(c instanceof Jn&&Zo(c))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e);if(c instanceof Fn)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),c}):s=this.createPopupClient(t).acquireToken(e),s.then(c=>(i.length<this.getAllAccounts().length?this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Popup,c):this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Popup,c),n.end({success:!0,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>(i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Popup,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Popup,null,c),n.end({success:!1},c),Promise.reject(c)))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var s,c;const t=this.getRequestCorrelationId(e),n={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(k.SsoSilent,t),(s=this.ssoSilentMeasurement)==null||s.add({scenarioId:e.scenarioId,accountType:qn(e.account)}),Rs(this.initialized,this.ssoSilentMeasurement),(c=this.ssoSilentMeasurement)==null||c.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(ne.SSO_SILENT_START,X.Silent,n);let i;return this.canUseNative(n)?i=this.acquireTokenNative(n,xe.ssoSilent).catch(d=>{if(d instanceof Jn&&Zo(d))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(n.correlationId).acquireToken(n);throw d}):i=this.createSilentIframeClient(n.correlationId).acquireToken(n),i.then(d=>{var f;return this.eventHandler.emitEvent(ne.SSO_SILENT_SUCCESS,X.Silent,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!0,isNativeBroker:d.fromNativeBroker,accessTokenSize:d.accessToken.length,idTokenSize:d.idToken.length,accountType:qn(d.account)}),d}).catch(d=>{var f;throw this.eventHandler.emitEvent(ne.SSO_SILENT_FAILURE,X.Silent,null,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!1},d),d}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenByCode,t);Rs(this.initialized,n),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_START,X.Silent,e),n.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw j(_C);if(e.code){const i=e.code;let s=this.hybridAuthCodeResponses.get(i);return s?(this.logger.verbose("Existing acquireTokenByCode request found",t),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),s=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(c=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_SUCCESS,X.Silent,c),this.hybridAuthCodeResponses.delete(i),n.end({success:!0,isNativeBroker:c.fromNativeBroker,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>{throw this.hybridAuthCodeResponses.delete(i),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,c),n.end({success:!1},c),c}),this.hybridAuthCodeResponses.set(i,s)),await s}else if(e.nativeAccountId)if(this.canUseNative(e,e.nativeAccountId)){const i=await this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenByCode,e.nativeAccountId).catch(s=>{throw s instanceof Jn&&Zo(s)&&(this.nativeExtensionProvider=void 0),s});return n.end({accountType:qn(i.account),success:!0}),i}else throw j(TC);else throw j(wC)}catch(i){throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,i),n.end({success:!1},i),i}}async acquireTokenByCodeAsync(e){var i;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(k.AcquireTokenByCodeAsync,e.correlationId),(i=this.acquireTokenByCodeAsyncMeasurement)==null||i.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(s=>{var c;return(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!0,fromCache:s.fromCache,isNativeBroker:s.fromNativeBroker}),s}).catch(s=>{var c;throw(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!1},s),s}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenFromCache,e.correlationId),t){case Qt.Default:case Qt.AccessToken:case Qt.AccessTokenAndRefreshToken:const n=this.createSilentCacheClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenByRefreshToken,e.correlationId),t){case Qt.Default:case Qt.AccessTokenAndRefreshToken:case Qt.RefreshToken:case Qt.RefreshTokenAndNetwork:const n=this.createSilentRefreshClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(k.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return B(t.acquireToken.bind(t),k.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return ip(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return mh(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e)}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return aM(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return sM(e,this.logger,this.browserStorage)}getAccountByUsername(e){return cM(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return lM(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return uM(e,this.logger,this.browserStorage)}setActiveAccount(e){dM(e,this.browserStorage)}getActiveAccount(){return hM(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const n=it.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return this.browserStorage.setAccount(n),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,n){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw j(_a);return new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,n||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e)}canUseNative(e,t){if(this.logger.trace("canUseNative called"),!Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUseNative: isNativeAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:this.logger.trace("canUseNative: prompt is compatible with native flow");break;default:return this.logger.trace(`canUseNative: prompt = ${e.prompt} is not compatible with native flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUseNative: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new RM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new NM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new UM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new $C(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new BM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new VM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return LC(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?this.logger.verbose("Account storage listener already registered."):(this.logger.verbose("Adding account storage listener."),this.listeningToStorageEvents=!0,window.addEventListener("storage",this.handleAccountCacheChange)))}disableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?(this.logger.verbose("Removing account storage listener."),window.removeEventListener("storage",this.handleAccountCacheChange),this.listeningToStorageEvents=!1):this.logger.verbose("No account storage listener registered."))}handleAccountCacheChange(e){var t;try{(t=e.key)!=null&&t.includes(st.ACTIVE_ACCOUNT_FILTERS)&&this.eventHandler.emitEvent(ne.ACTIVE_ACCOUNT_CHANGED);const n=e.newValue||e.oldValue;if(!n)return;const i=JSON.parse(n);if(typeof i!="object"||!it.isAccountEntity(i))return;const c=fi.toObject(new it,i).getAccountInfo();!e.oldValue&&e.newValue?(this.logger.info("Account was added to cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_ADDED,void 0,c)):!e.newValue&&e.oldValue&&(this.logger.info("Account was removed from cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_REMOVED,void 0,c))}catch{return}}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?Er():P.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||np})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||np})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenSilent,t);n.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),Rs(this.initialized,n),this.logger.verbose("acquireTokenSilent called",t);const i=e.account||this.getActiveAccount();if(!i)throw j(fC);n.add({accountType:qn(i)});const s={clientId:this.config.auth.clientId,authority:e.authority||P.EMPTY_STRING,scopes:e.scopes,homeAccountIdentifier:i.homeAccountId,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,shrOptions:e.shrOptions},c=JSON.stringify(s),d=this.activeSilentTokenRequests.get(c);if(typeof d>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",t);const f=B(this.acquireTokenSilentAsync.bind(this),k.AcquireTokenSilentAsync,this.logger,this.performanceClient,t)({...e,correlationId:t},i).then(g=>(this.activeSilentTokenRequests.delete(c),n.end({success:!0,fromCache:g.fromCache,isNativeBroker:g.fromNativeBroker,cacheLookupPolicy:e.cacheLookupPolicy,accessTokenSize:g.accessToken.length,idTokenSize:g.idToken.length}),g)).catch(g=>{throw this.activeSilentTokenRequests.delete(c),n.end({success:!1},g),g});return this.activeSilentTokenRequests.set(c,f),{...await f,state:e.state}}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",t),n.discard(),{...await d,state:e.state}}async acquireTokenSilentAsync(e,t){const n=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(k.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",n);const i=await B(yM,k.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),s=e.cacheLookupPolicy||Qt.Default;return this.acquireTokenSilentNoIframe(i,s).catch(async d=>{if($M(d,s))if(this.activeIframeRequest)if(s!==Qt.Skip){const[g,p]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${p}`,i.correlationId);const w=this.performanceClient.startMeasurement(k.AwaitConcurrentIframe,i.correlationId);w.add({awaitIframeCorrelationId:p});const C=await g;if(w.end({success:C}),C)return this.logger.verbose(`Parallel iframe request with correlationId: ${p} succeeded. Retrying cache and/or RT redemption`,i.correlationId),this.acquireTokenSilentNoIframe(i,s);throw this.logger.info(`Iframe request with correlationId: ${p} failed. Interaction is required.`),d}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i);else{let g;return this.activeIframeRequest=[new Promise(p=>{g=p}),i.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i).then(p=>(g(!0),p)).catch(p=>{throw g(!1),p}).finally(()=>{this.activeIframeRequest=void 0})}else throw d}).then(d=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Silent,d),e.correlationId&&this.performanceClient.addFields({fromCache:d.fromCache,isNativeBroker:d.fromNativeBroker},e.correlationId),d)).catch(d=>{throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Silent,null,d),d}).finally(()=>{document.removeEventListener("visibilitychange",n)})}async acquireTokenSilentNoIframe(e,t){return Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,xe.acquireTokenSilent_silentFlow).catch(async n=>{throw n instanceof Jn&&Zo(n)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,U(vr)):n})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),B(this.acquireTokenFromCache.bind(this),k.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(n=>{if(t===Qt.AccessToken)throw n;return this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_NETWORK_START,X.Silent,e),B(this.acquireTokenByRefreshToken.bind(this),k.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}}function $M(r,e){const t=!(r instanceof Fn&&r.subError!==Nc),n=r.errorCode===en.INVALID_GRANT_ERROR||r.errorCode===vr,i=t&&n||r.errorCode===dc||r.errorCode===th,s=A0.includes(e);return i&&s}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function KM(r,e){const t=new vo(r);return await t.initialize(),Uc.createController(t,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Ch{static async createPublicClientApplication(e){const t=await KM(e);return new Ch(e,t)}constructor(e,t){this.controller=t||new Uc(new vo(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const Du=process.env.JPLAN_WEBAPP__APP_PROXY_TENANT_NAME??"",zM=process.env.JPLAN_WEBAPP__APP_PROXY_CLIENT_ID??"",WM=process.env.JPLAN_WEBAPP__APP_PROXY_USER_FLOW??"",qM=process.env.JPLAN_WEBAPP__URL_BASE??"",GM={auth:{clientId:zM,authority:`https://${Du}.b2clogin.com/${Du}.onmicrosoft.com/${WM}`,knownAuthorities:[`${Du}.b2clogin.com`],redirectUri:`${qM}/_/dashboard/`},cache:{cacheLocation:"localStorage",storeAuthStateInCookie:!1},system:{loggerOptions:{loggerCallback:(r,e)=>{r===Me.Error&&console.error(e)},logLevel:Me.Warning}}},oo=new Ch(GM),up=u.ref(null);function WC(){async function r(e){var t;if(e)try{const n=e.idTokenClaims;if(!(n!=null&&n.aud))throw new Error("User audience (aud) is missing in ID token claims");const i=localStorage.getItem(`msal.token.keys.${n.aud}`);if(!i)throw new Error(`Token keys para ${n.aud} não encontrados no localStorage`);const s=JSON.parse(i),c=(t=s==null?void 0:s.idToken)==null?void 0:t[0];if(!c)throw new Error("idToken não encontrado nos token keys");const d=localStorage.getItem(c);if(!d)throw new Error(`Dados do token para ID ${c} não encontrados no localStorage`);const f=JSON.parse(d),g=f==null?void 0:f.secret;if(!g)throw new Error("Secret não encontrado nos dados do token");sessionStorage.setItem("isAuthenticated","true"),up.value=g}catch(n){console.error("Erro ao obter token de acesso:",n)}}return{jToken:up,setJToken:r}}const jM="https://app-files.jplan.com.br/pub/msal-auth/index.html",Ko=u.ref(null);function qC(){const{setJToken:r}=WC(),e=u.computed(()=>!!Ko.value),t=u.computed(()=>Ko.value);async function n(){debugger;e.value||await i()}const i=async()=>new Promise((d,f)=>{try{localStorage.clear();const g=window.open(jM);if(!g){console.error("Falha ao abrir a janela de autenticação"),f("Falha ao abrir a janela de autenticação");return}const p=setInterval(()=>{Object.keys(localStorage).some(C=>C.startsWith("msal.account.keys"))&&(clearInterval(p),s(),g.close(),d())},500)}catch(g){console.error("Erro no handleRedirect:",g),f(g)}}),s=async()=>{try{await oo.initialize();const d=oo.getActiveAccount();if(d)Ko.value=d;else{const f=await oo.handleRedirectPromise();f?(oo.setActiveAccount(f.account),Ko.value=oo.getActiveAccount()):console.error("Falha na autenticação")}}catch(d){console.error("Erro no processo de autenticação:",d)}};async function c(){try{const d=await oo.acquireTokenSilent({scopes:["https://graph.microsoft.com/.default","openid","profile"]});oo.setActiveAccount(d.account),await r(Ko.value)}catch(d){console.error("Falha ao renovar token, forçando novo login.",d),await n()}}return u.watch(Ko,async(d,f)=>{var p,w,C;if(((p=d==null?void 0:d.idTokenClaims)==null?void 0:p.exp)===((w=f==null?void 0:f.idTokenClaims)==null?void 0:w.exp))return;const g=(C=d==null?void 0:d.idTokenClaims)==null?void 0:C.exp;if(g){const S=Math.floor(Date.now()/1e3),b=(g-S-120)*1e3;b>0&&setTimeout(async()=>{await c()},b)}}),{isAuthenticated:e,account:t,handleRedirect:n}}function GC(r,e){return function(){return r.apply(e,arguments)}}const{toString:YM}=Object.prototype,{getPrototypeOf:wh}=Object,Bc=(r=>e=>{const t=YM.call(e);return r[t]||(r[t]=t.slice(8,-1).toLowerCase())})(Object.create(null)),Vn=r=>(r=r.toLowerCase(),e=>Bc(e)===r),Fc=r=>e=>typeof e===r,{isArray:yi}=Array,fa=Fc("undefined");function JM(r){return r!==null&&!fa(r)&&r.constructor!==null&&!fa(r.constructor)&&an(r.constructor.isBuffer)&&r.constructor.isBuffer(r)}const jC=Vn("ArrayBuffer");function QM(r){let e;return typeof ArrayBuffer<"u"&&ArrayBuffer.isView?e=ArrayBuffer.isView(r):e=r&&r.buffer&&jC(r.buffer),e}const XM=Fc("string"),an=Fc("function"),YC=Fc("number"),Hc=r=>r!==null&&typeof r=="object",ZM=r=>r===!0||r===!1,Ws=r=>{if(Bc(r)!=="object")return!1;const e=wh(r);return(e===null||e===Object.prototype||Object.getPrototypeOf(e)===null)&&!(Symbol.toStringTag in r)&&!(Symbol.iterator in r)},e1=Vn("Date"),t1=Vn("File"),n1=Vn("Blob"),r1=Vn("FileList"),o1=r=>Hc(r)&&an(r.pipe),i1=r=>{let e;return r&&(typeof FormData=="function"&&r instanceof FormData||an(r.append)&&((e=Bc(r))==="formdata"||e==="object"&&an(r.toString)&&r.toString()==="[object FormData]"))},a1=Vn("URLSearchParams"),[s1,c1,l1,u1]=["ReadableStream","Request","Response","Headers"].map(Vn),d1=r=>r.trim?r.trim():r.replace(/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,"");function Ea(r,e,{allOwnKeys:t=!1}={}){if(r===null||typeof r>"u")return;let n,i;if(typeof r!="object"&&(r=[r]),yi(r))for(n=0,i=r.length;n<i;n++)e.call(null,r[n],n,r);else{const s=t?Object.getOwnPropertyNames(r):Object.keys(r),c=s.length;let d;for(n=0;n<c;n++)d=s[n],e.call(null,r[d],d,r)}}function JC(r,e){e=e.toLowerCase();const t=Object.keys(r);let n=t.length,i;for(;n-- >0;)if(i=t[n],e===i.toLowerCase())return i;return null}const ho=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:global,QC=r=>!fa(r)&&r!==ho;function _d(){const{caseless:r}=QC(this)&&this||{},e={},t=(n,i)=>{const s=r&&JC(e,i)||i;Ws(e[s])&&Ws(n)?e[s]=_d(e[s],n):Ws(n)?e[s]=_d({},n):yi(n)?e[s]=n.slice():e[s]=n};for(let n=0,i=arguments.length;n<i;n++)arguments[n]&&Ea(arguments[n],t);return e}const h1=(r,e,t,{allOwnKeys:n}={})=>(Ea(e,(i,s)=>{t&&an(i)?r[s]=GC(i,t):r[s]=i},{allOwnKeys:n}),r),f1=r=>(r.charCodeAt(0)===65279&&(r=r.slice(1)),r),g1=(r,e,t,n)=>{r.prototype=Object.create(e.prototype,n),r.prototype.constructor=r,Object.defineProperty(r,"super",{value:e.prototype}),t&&Object.assign(r.prototype,t)},m1=(r,e,t,n)=>{let i,s,c;const d={};if(e=e||{},r==null)return e;do{for(i=Object.getOwnPropertyNames(r),s=i.length;s-- >0;)c=i[s],(!n||n(c,r,e))&&!d[c]&&(e[c]=r[c],d[c]=!0);r=t!==!1&&wh(r)}while(r&&(!t||t(r,e))&&r!==Object.prototype);return e},p1=(r,e,t)=>{r=String(r),(t===void 0||t>r.length)&&(t=r.length),t-=e.length;const n=r.indexOf(e,t);return n!==-1&&n===t},v1=r=>{if(!r)return null;if(yi(r))return r;let e=r.length;if(!YC(e))return null;const t=new Array(e);for(;e-- >0;)t[e]=r[e];return t},y1=(r=>e=>r&&e instanceof r)(typeof Uint8Array<"u"&&wh(Uint8Array)),C1=(r,e)=>{const n=(r&&r[Symbol.iterator]).call(r);let i;for(;(i=n.next())&&!i.done;){const s=i.value;e.call(r,s[0],s[1])}},w1=(r,e)=>{let t;const n=[];for(;(t=r.exec(e))!==null;)n.push(t);return n},_1=Vn("HTMLFormElement"),T1=r=>r.toLowerCase().replace(/[-_\s]([a-z\d])(\w*)/g,function(t,n,i){return n.toUpperCase()+i}),dp=(({hasOwnProperty:r})=>(e,t)=>r.call(e,t))(Object.prototype),E1=Vn("RegExp"),XC=(r,e)=>{const t=Object.getOwnPropertyDescriptors(r),n={};Ea(t,(i,s)=>{let c;(c=e(i,s,r))!==!1&&(n[s]=c||i)}),Object.defineProperties(r,n)},S1=r=>{XC(r,(e,t)=>{if(an(r)&&["arguments","caller","callee"].indexOf(t)!==-1)return!1;const n=r[t];if(an(n)){if(e.enumerable=!1,"writable"in e){e.writable=!1;return}e.set||(e.set=()=>{throw Error("Can not rewrite read-only method '"+t+"'")})}})},A1=(r,e)=>{const t={},n=i=>{i.forEach(s=>{t[s]=!0})};return yi(r)?n(r):n(String(r).split(e)),t},I1=()=>{},b1=(r,e)=>r!=null&&Number.isFinite(r=+r)?r:e,xu="abcdefghijklmnopqrstuvwxyz",hp="0123456789",ZC={DIGIT:hp,ALPHA:xu,ALPHA_DIGIT:xu+xu.toUpperCase()+hp},k1=(r=16,e=ZC.ALPHA_DIGIT)=>{let t="";const{length:n}=e;for(;r--;)t+=e[Math.random()*n|0];return t};function R1(r){return!!(r&&an(r.append)&&r[Symbol.toStringTag]==="FormData"&&r[Symbol.iterator])}const O1=r=>{const e=new Array(10),t=(n,i)=>{if(Hc(n)){if(e.indexOf(n)>=0)return;if(!("toJSON"in n)){e[i]=n;const s=yi(n)?[]:{};return Ea(n,(c,d)=>{const f=t(c,i+1);!fa(f)&&(s[d]=f)}),e[i]=void 0,s}}return n};return t(r,0)},N1=Vn("AsyncFunction"),P1=r=>r&&(Hc(r)||an(r))&&an(r.then)&&an(r.catch),ew=((r,e)=>r?setImmediate:e?((t,n)=>(ho.addEventListener("message",({source:i,data:s})=>{i===ho&&s===t&&n.length&&n.shift()()},!1),i=>{n.push(i),ho.postMessage(t,"*")}))(`axios@${Math.random()}`,[]):t=>setTimeout(t))(typeof setImmediate=="function",an(ho.postMessage)),M1=typeof queueMicrotask<"u"?queueMicrotask.bind(ho):typeof process<"u"&&process.nextTick||ew,O={isArray:yi,isArrayBuffer:jC,isBuffer:JM,isFormData:i1,isArrayBufferView:QM,isString:XM,isNumber:YC,isBoolean:ZM,isObject:Hc,isPlainObject:Ws,isReadableStream:s1,isRequest:c1,isResponse:l1,isHeaders:u1,isUndefined:fa,isDate:e1,isFile:t1,isBlob:n1,isRegExp:E1,isFunction:an,isStream:o1,isURLSearchParams:a1,isTypedArray:y1,isFileList:r1,forEach:Ea,merge:_d,extend:h1,trim:d1,stripBOM:f1,inherits:g1,toFlatObject:m1,kindOf:Bc,kindOfTest:Vn,endsWith:p1,toArray:v1,forEachEntry:C1,matchAll:w1,isHTMLForm:_1,hasOwnProperty:dp,hasOwnProp:dp,reduceDescriptors:XC,freezeMethods:S1,toObjectSet:A1,toCamelCase:T1,noop:I1,toFiniteNumber:b1,findKey:JC,global:ho,isContextDefined:QC,ALPHABET:ZC,generateString:k1,isSpecCompliantForm:R1,toJSONObject:O1,isAsyncFn:N1,isThenable:P1,setImmediate:ew,asap:M1};function ue(r,e,t,n,i){Error.call(this),Error.captureStackTrace?Error.captureStackTrace(this,this.constructor):this.stack=new Error().stack,this.message=r,this.name="AxiosError",e&&(this.code=e),t&&(this.config=t),n&&(this.request=n),i&&(this.response=i,this.status=i.status?i.status:null)}O.inherits(ue,Error,{toJSON:function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:O.toJSONObject(this.config),code:this.code,status:this.status}}});const tw=ue.prototype,nw={};["ERR_BAD_OPTION_VALUE","ERR_BAD_OPTION","ECONNABORTED","ETIMEDOUT","ERR_NETWORK","ERR_FR_TOO_MANY_REDIRECTS","ERR_DEPRECATED","ERR_BAD_RESPONSE","ERR_BAD_REQUEST","ERR_CANCELED","ERR_NOT_SUPPORT","ERR_INVALID_URL"].forEach(r=>{nw[r]={value:r}});Object.defineProperties(ue,nw);Object.defineProperty(tw,"isAxiosError",{value:!0});ue.from=(r,e,t,n,i,s)=>{const c=Object.create(tw);return O.toFlatObject(r,c,function(f){return f!==Error.prototype},d=>d!=="isAxiosError"),ue.call(c,r.message,e,t,n,i),c.cause=r,c.name=r.name,s&&Object.assign(c,s),c};const D1=null;function Td(r){return O.isPlainObject(r)||O.isArray(r)}function rw(r){return O.endsWith(r,"[]")?r.slice(0,-2):r}function fp(r,e,t){return r?r.concat(e).map(function(i,s){return i=rw(i),!t&&s?"["+i+"]":i}).join(t?".":""):e}function x1(r){return O.isArray(r)&&!r.some(Td)}const L1=O.toFlatObject(O,{},null,function(e){return/^is[A-Z]/.test(e)});function Vc(r,e,t){if(!O.isObject(r))throw new TypeError("target must be an object");e=e||new FormData,t=O.toFlatObject(t,{metaTokens:!0,dots:!1,indexes:!1},!1,function(b,N){return!O.isUndefined(N[b])});const n=t.metaTokens,i=t.visitor||p,s=t.dots,c=t.indexes,f=(t.Blob||typeof Blob<"u"&&Blob)&&O.isSpecCompliantForm(e);if(!O.isFunction(i))throw new TypeError("visitor must be a function");function g(T){if(T===null)return"";if(O.isDate(T))return T.toISOString();if(!f&&O.isBlob(T))throw new ue("Blob is not supported. Use a Buffer instead.");return O.isArrayBuffer(T)||O.isTypedArray(T)?f&&typeof Blob=="function"?new Blob([T]):Buffer.from(T):T}function p(T,b,N){let K=T;if(T&&!N&&typeof T=="object"){if(O.endsWith(b,"{}"))b=n?b:b.slice(0,-2),T=JSON.stringify(T);else if(O.isArray(T)&&x1(T)||(O.isFileList(T)||O.endsWith(b,"[]"))&&(K=O.toArray(T)))return b=rw(b),K.forEach(function(V,z){!(O.isUndefined(V)||V===null)&&e.append(c===!0?fp([b],z,s):c===null?b:b+"[]",g(V))}),!1}return Td(T)?!0:(e.append(fp(N,b,s),g(T)),!1)}const w=[],C=Object.assign(L1,{defaultVisitor:p,convertValue:g,isVisitable:Td});function S(T,b){if(!O.isUndefined(T)){if(w.indexOf(T)!==-1)throw Error("Circular reference detected in "+b.join("."));w.push(T),O.forEach(T,function(K,H){(!(O.isUndefined(K)||K===null)&&i.call(e,K,O.isString(H)?H.trim():H,b,C))===!0&&S(K,b?b.concat(H):[H])}),w.pop()}}if(!O.isObject(r))throw new TypeError("data must be an object");return S(r),e}function gp(r){const e={"!":"%21","'":"%27","(":"%28",")":"%29","~":"%7E","%20":"+","%00":"\0"};return encodeURIComponent(r).replace(/[!'()~]|%20|%00/g,function(n){return e[n]})}function _h(r,e){this._pairs=[],r&&Vc(r,this,e)}const ow=_h.prototype;ow.append=function(e,t){this._pairs.push([e,t])};ow.toString=function(e){const t=e?function(n){return e.call(this,n,gp)}:gp;return this._pairs.map(function(i){return t(i[0])+"="+t(i[1])},"").join("&")};function U1(r){return encodeURIComponent(r).replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,"+").replace(/%5B/gi,"[").replace(/%5D/gi,"]")}function iw(r,e,t){if(!e)return r;const n=t&&t.encode||U1;O.isFunction(t)&&(t={serialize:t});const i=t&&t.serialize;let s;if(i?s=i(e,t):s=O.isURLSearchParams(e)?e.toString():new _h(e,t).toString(n),s){const c=r.indexOf("#");c!==-1&&(r=r.slice(0,c)),r+=(r.indexOf("?")===-1?"?":"&")+s}return r}class mp{constructor(){this.handlers=[]}use(e,t,n){return this.handlers.push({fulfilled:e,rejected:t,synchronous:n?n.synchronous:!1,runWhen:n?n.runWhen:null}),this.handlers.length-1}eject(e){this.handlers[e]&&(this.handlers[e]=null)}clear(){this.handlers&&(this.handlers=[])}forEach(e){O.forEach(this.handlers,function(n){n!==null&&e(n)})}}const aw={silentJSONParsing:!0,forcedJSONParsing:!0,clarifyTimeoutError:!1},B1=typeof URLSearchParams<"u"?URLSearchParams:_h,F1=typeof FormData<"u"?FormData:null,H1=typeof Blob<"u"?Blob:null,V1={isBrowser:!0,classes:{URLSearchParams:B1,FormData:F1,Blob:H1},protocols:["http","https","file","blob","url","data"]},Th=typeof window<"u"&&typeof document<"u",Ed=typeof navigator=="object"&&navigator||void 0,$1=Th&&(!Ed||["ReactNative","NativeScript","NS"].indexOf(Ed.product)<0),K1=typeof WorkerGlobalScope<"u"&&self instanceof WorkerGlobalScope&&typeof self.importScripts=="function",z1=Th&&window.location.href||"http://localhost",W1=Object.freeze(Object.defineProperty({__proto__:null,hasBrowserEnv:Th,hasStandardBrowserEnv:$1,hasStandardBrowserWebWorkerEnv:K1,navigator:Ed,origin:z1},Symbol.toStringTag,{value:"Module"})),At={...W1,...V1};function q1(r,e){return Vc(r,new At.classes.URLSearchParams,Object.assign({visitor:function(t,n,i,s){return At.isNode&&O.isBuffer(t)?(this.append(n,t.toString("base64")),!1):s.defaultVisitor.apply(this,arguments)}},e))}function G1(r){return O.matchAll(/\w+|\[(\w*)]/g,r).map(e=>e[0]==="[]"?"":e[1]||e[0])}function j1(r){const e={},t=Object.keys(r);let n;const i=t.length;let s;for(n=0;n<i;n++)s=t[n],e[s]=r[s];return e}function sw(r){function e(t,n,i,s){let c=t[s++];if(c==="__proto__")return!0;const d=Number.isFinite(+c),f=s>=t.length;return c=!c&&O.isArray(i)?i.length:c,f?(O.hasOwnProp(i,c)?i[c]=[i[c],n]:i[c]=n,!d):((!i[c]||!O.isObject(i[c]))&&(i[c]=[]),e(t,n,i[c],s)&&O.isArray(i[c])&&(i[c]=j1(i[c])),!d)}if(O.isFormData(r)&&O.isFunction(r.entries)){const t={};return O.forEachEntry(r,(n,i)=>{e(G1(n),i,t,0)}),t}return null}function Y1(r,e,t){if(O.isString(r))try{return(e||JSON.parse)(r),O.trim(r)}catch(n){if(n.name!=="SyntaxError")throw n}return(t||JSON.stringify)(r)}const Sa={transitional:aw,adapter:["xhr","http","fetch"],transformRequest:[function(e,t){const n=t.getContentType()||"",i=n.indexOf("application/json")>-1,s=O.isObject(e);if(s&&O.isHTMLForm(e)&&(e=new FormData(e)),O.isFormData(e))return i?JSON.stringify(sw(e)):e;if(O.isArrayBuffer(e)||O.isBuffer(e)||O.isStream(e)||O.isFile(e)||O.isBlob(e)||O.isReadableStream(e))return e;if(O.isArrayBufferView(e))return e.buffer;if(O.isURLSearchParams(e))return t.setContentType("application/x-www-form-urlencoded;charset=utf-8",!1),e.toString();let d;if(s){if(n.indexOf("application/x-www-form-urlencoded")>-1)return q1(e,this.formSerializer).toString();if((d=O.isFileList(e))||n.indexOf("multipart/form-data")>-1){const f=this.env&&this.env.FormData;return Vc(d?{"files[]":e}:e,f&&new f,this.formSerializer)}}return s||i?(t.setContentType("application/json",!1),Y1(e)):e}],transformResponse:[function(e){const t=this.transitional||Sa.transitional,n=t&&t.forcedJSONParsing,i=this.responseType==="json";if(O.isResponse(e)||O.isReadableStream(e))return e;if(e&&O.isString(e)&&(n&&!this.responseType||i)){const c=!(t&&t.silentJSONParsing)&&i;try{return JSON.parse(e)}catch(d){if(c)throw d.name==="SyntaxError"?ue.from(d,ue.ERR_BAD_RESPONSE,this,null,this.response):d}}return e}],timeout:0,xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN",maxContentLength:-1,maxBodyLength:-1,env:{FormData:At.classes.FormData,Blob:At.classes.Blob},validateStatus:function(e){return e>=200&&e<300},headers:{common:{Accept:"application/json, text/plain, */*","Content-Type":void 0}}};O.forEach(["delete","get","head","post","put","patch"],r=>{Sa.headers[r]={}});const J1=O.toObjectSet(["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-since","if-unmodified-since","last-modified","location","max-forwards","proxy-authorization","referer","retry-after","user-agent"]),Q1=r=>{const e={};let t,n,i;return r&&r.split(`
57
57
  `).forEach(function(c){i=c.indexOf(":"),t=c.substring(0,i).trim().toLowerCase(),n=c.substring(i+1).trim(),!(!t||e[t]&&J1[t])&&(t==="set-cookie"?e[t]?e[t].push(n):e[t]=[n]:e[t]=e[t]?e[t]+", "+n:n)}),e},pp=Symbol("internals");function qi(r){return r&&String(r).trim().toLowerCase()}function qs(r){return r===!1||r==null?r:O.isArray(r)?r.map(qs):String(r)}function X1(r){const e=Object.create(null),t=/([^\s,;=]+)\s*(?:=\s*([^,;]+))?/g;let n;for(;n=t.exec(r);)e[n[1]]=n[2];return e}const Z1=r=>/^[-_a-zA-Z0-9^`|~,!#$%&'*+.]+$/.test(r.trim());function Lu(r,e,t,n,i){if(O.isFunction(n))return n.call(this,e,t);if(i&&(e=t),!!O.isString(e)){if(O.isString(n))return e.indexOf(n)!==-1;if(O.isRegExp(n))return n.test(e)}}function eD(r){return r.trim().toLowerCase().replace(/([a-z\d])(\w*)/g,(e,t,n)=>t.toUpperCase()+n)}function tD(r,e){const t=O.toCamelCase(" "+e);["get","set","has"].forEach(n=>{Object.defineProperty(r,n+t,{value:function(i,s,c){return this[n].call(this,e,i,s,c)},configurable:!0})})}class Ht{constructor(e){e&&this.set(e)}set(e,t,n){const i=this;function s(d,f,g){const p=qi(f);if(!p)throw new Error("header name must be a non-empty string");const w=O.findKey(i,p);(!w||i[w]===void 0||g===!0||g===void 0&&i[w]!==!1)&&(i[w||f]=qs(d))}const c=(d,f)=>O.forEach(d,(g,p)=>s(g,p,f));if(O.isPlainObject(e)||e instanceof this.constructor)c(e,t);else if(O.isString(e)&&(e=e.trim())&&!Z1(e))c(Q1(e),t);else if(O.isHeaders(e))for(const[d,f]of e.entries())s(f,d,n);else e!=null&&s(t,e,n);return this}get(e,t){if(e=qi(e),e){const n=O.findKey(this,e);if(n){const i=this[n];if(!t)return i;if(t===!0)return X1(i);if(O.isFunction(t))return t.call(this,i,n);if(O.isRegExp(t))return t.exec(i);throw new TypeError("parser must be boolean|regexp|function")}}}has(e,t){if(e=qi(e),e){const n=O.findKey(this,e);return!!(n&&this[n]!==void 0&&(!t||Lu(this,this[n],n,t)))}return!1}delete(e,t){const n=this;let i=!1;function s(c){if(c=qi(c),c){const d=O.findKey(n,c);d&&(!t||Lu(n,n[d],d,t))&&(delete n[d],i=!0)}}return O.isArray(e)?e.forEach(s):s(e),i}clear(e){const t=Object.keys(this);let n=t.length,i=!1;for(;n--;){const s=t[n];(!e||Lu(this,this[s],s,e,!0))&&(delete this[s],i=!0)}return i}normalize(e){const t=this,n={};return O.forEach(this,(i,s)=>{const c=O.findKey(n,s);if(c){t[c]=qs(i),delete t[s];return}const d=e?eD(s):String(s).trim();d!==s&&delete t[s],t[d]=qs(i),n[d]=!0}),this}concat(...e){return this.constructor.concat(this,...e)}toJSON(e){const t=Object.create(null);return O.forEach(this,(n,i)=>{n!=null&&n!==!1&&(t[i]=e&&O.isArray(n)?n.join(", "):n)}),t}[Symbol.iterator](){return Object.entries(this.toJSON())[Symbol.iterator]()}toString(){return Object.entries(this.toJSON()).map(([e,t])=>e+": "+t).join(`
58
58
  `)}get[Symbol.toStringTag](){return"AxiosHeaders"}static from(e){return e instanceof this?e:new this(e)}static concat(e,...t){const n=new this(e);return t.forEach(i=>n.set(i)),n}static accessor(e){const n=(this[pp]=this[pp]={accessors:{}}).accessors,i=this.prototype;function s(c){const d=qi(c);n[d]||(tD(i,c),n[d]=!0)}return O.isArray(e)?e.forEach(s):s(e),this}}Ht.accessor(["Content-Type","Content-Length","Accept","Accept-Encoding","User-Agent","Authorization"]);O.reduceDescriptors(Ht.prototype,({value:r},e)=>{let t=e[0].toUpperCase()+e.slice(1);return{get:()=>r,set(n){this[t]=n}}});O.freezeMethods(Ht);function Uu(r,e){const t=this||Sa,n=e||t,i=Ht.from(n.headers);let s=n.data;return O.forEach(r,function(d){s=d.call(t,s,i.normalize(),e?e.status:void 0)}),i.normalize(),s}function cw(r){return!!(r&&r.__CANCEL__)}function Ci(r,e,t){ue.call(this,r??"canceled",ue.ERR_CANCELED,e,t),this.name="CanceledError"}O.inherits(Ci,ue,{__CANCEL__:!0});function lw(r,e,t){const n=t.config.validateStatus;!t.status||!n||n(t.status)?r(t):e(new ue("Request failed with status code "+t.status,[ue.ERR_BAD_REQUEST,ue.ERR_BAD_RESPONSE][Math.floor(t.status/100)-4],t.config,t.request,t))}function nD(r){const e=/^([-+\w]{1,25})(:?\/\/|:)/.exec(r);return e&&e[1]||""}function rD(r,e){r=r||10;const t=new Array(r),n=new Array(r);let i=0,s=0,c;return e=e!==void 0?e:1e3,function(f){const g=Date.now(),p=n[s];c||(c=g),t[i]=f,n[i]=g;let w=s,C=0;for(;w!==i;)C+=t[w++],w=w%r;if(i=(i+1)%r,i===s&&(s=(s+1)%r),g-c<e)return;const S=p&&g-p;return S?Math.round(C*1e3/S):void 0}}function oD(r,e){let t=0,n=1e3/e,i,s;const c=(g,p=Date.now())=>{t=p,i=null,s&&(clearTimeout(s),s=null),r.apply(null,g)};return[(...g)=>{const p=Date.now(),w=p-t;w>=n?c(g,p):(i=g,s||(s=setTimeout(()=>{s=null,c(i)},n-w)))},()=>i&&c(i)]}const mc=(r,e,t=3)=>{let n=0;const i=rD(50,250);return oD(s=>{const c=s.loaded,d=s.lengthComputable?s.total:void 0,f=c-n,g=i(f),p=c<=d;n=c;const w={loaded:c,total:d,progress:d?c/d:void 0,bytes:f,rate:g||void 0,estimated:g&&d&&p?(d-c)/g:void 0,event:s,lengthComputable:d!=null,[e?"download":"upload"]:!0};r(w)},t)},vp=(r,e)=>{const t=r!=null;return[n=>e[0]({lengthComputable:t,total:r,loaded:n}),e[1]]},yp=r=>(...e)=>O.asap(()=>r(...e)),iD=At.hasStandardBrowserEnv?((r,e)=>t=>(t=new URL(t,At.origin),r.protocol===t.protocol&&r.host===t.host&&(e||r.port===t.port)))(new URL(At.origin),At.navigator&&/(msie|trident)/i.test(At.navigator.userAgent)):()=>!0,aD=At.hasStandardBrowserEnv?{write(r,e,t,n,i,s){const c=[r+"="+encodeURIComponent(e)];O.isNumber(t)&&c.push("expires="+new Date(t).toGMTString()),O.isString(n)&&c.push("path="+n),O.isString(i)&&c.push("domain="+i),s===!0&&c.push("secure"),document.cookie=c.join("; ")},read(r){const e=document.cookie.match(new RegExp("(^|;\\s*)("+r+")=([^;]*)"));return e?decodeURIComponent(e[3]):null},remove(r){this.write(r,"",Date.now()-864e5)}}:{write(){},read(){return null},remove(){}};function sD(r){return/^([a-z][a-z\d+\-.]*:)?\/\//i.test(r)}function cD(r,e){return e?r.replace(/\/?\/$/,"")+"/"+e.replace(/^\/+/,""):r}function uw(r,e){return r&&!sD(e)?cD(r,e):e}const Cp=r=>r instanceof Ht?{...r}:r;function yo(r,e){e=e||{};const t={};function n(g,p,w,C){return O.isPlainObject(g)&&O.isPlainObject(p)?O.merge.call({caseless:C},g,p):O.isPlainObject(p)?O.merge({},p):O.isArray(p)?p.slice():p}function i(g,p,w,C){if(O.isUndefined(p)){if(!O.isUndefined(g))return n(void 0,g,w,C)}else return n(g,p,w,C)}function s(g,p){if(!O.isUndefined(p))return n(void 0,p)}function c(g,p){if(O.isUndefined(p)){if(!O.isUndefined(g))return n(void 0,g)}else return n(void 0,p)}function d(g,p,w){if(w in e)return n(g,p);if(w in r)return n(void 0,g)}const f={url:s,method:s,data:s,baseURL:c,transformRequest:c,transformResponse:c,paramsSerializer:c,timeout:c,timeoutMessage:c,withCredentials:c,withXSRFToken:c,adapter:c,responseType:c,xsrfCookieName:c,xsrfHeaderName:c,onUploadProgress:c,onDownloadProgress:c,decompress:c,maxContentLength:c,maxBodyLength:c,beforeRedirect:c,transport:c,httpAgent:c,httpsAgent:c,cancelToken:c,socketPath:c,responseEncoding:c,validateStatus:d,headers:(g,p,w)=>i(Cp(g),Cp(p),w,!0)};return O.forEach(Object.keys(Object.assign({},r,e)),function(p){const w=f[p]||i,C=w(r[p],e[p],p);O.isUndefined(C)&&w!==d||(t[p]=C)}),t}const dw=r=>{const e=yo({},r);let{data:t,withXSRFToken:n,xsrfHeaderName:i,xsrfCookieName:s,headers:c,auth:d}=e;e.headers=c=Ht.from(c),e.url=iw(uw(e.baseURL,e.url),r.params,r.paramsSerializer),d&&c.set("Authorization","Basic "+btoa((d.username||"")+":"+(d.password?unescape(encodeURIComponent(d.password)):"")));let f;if(O.isFormData(t)){if(At.hasStandardBrowserEnv||At.hasStandardBrowserWebWorkerEnv)c.setContentType(void 0);else if((f=c.getContentType())!==!1){const[g,...p]=f?f.split(";").map(w=>w.trim()).filter(Boolean):[];c.setContentType([g||"multipart/form-data",...p].join("; "))}}if(At.hasStandardBrowserEnv&&(n&&O.isFunction(n)&&(n=n(e)),n||n!==!1&&iD(e.url))){const g=i&&s&&aD.read(s);g&&c.set(i,g)}return e},lD=typeof XMLHttpRequest<"u",uD=lD&&function(r){return new Promise(function(t,n){const i=dw(r);let s=i.data;const c=Ht.from(i.headers).normalize();let{responseType:d,onUploadProgress:f,onDownloadProgress:g}=i,p,w,C,S,T;function b(){S&&S(),T&&T(),i.cancelToken&&i.cancelToken.unsubscribe(p),i.signal&&i.signal.removeEventListener("abort",p)}let N=new XMLHttpRequest;N.open(i.method.toUpperCase(),i.url,!0),N.timeout=i.timeout;function K(){if(!N)return;const V=Ht.from("getAllResponseHeaders"in N&&N.getAllResponseHeaders()),Q={data:!d||d==="text"||d==="json"?N.responseText:N.response,status:N.status,statusText:N.statusText,headers:V,config:r,request:N};lw(function(W){t(W),b()},function(W){n(W),b()},Q),N=null}"onloadend"in N?N.onloadend=K:N.onreadystatechange=function(){!N||N.readyState!==4||N.status===0&&!(N.responseURL&&N.responseURL.indexOf("file:")===0)||setTimeout(K)},N.onabort=function(){N&&(n(new ue("Request aborted",ue.ECONNABORTED,r,N)),N=null)},N.onerror=function(){n(new ue("Network Error",ue.ERR_NETWORK,r,N)),N=null},N.ontimeout=function(){let z=i.timeout?"timeout of "+i.timeout+"ms exceeded":"timeout exceeded";const Q=i.transitional||aw;i.timeoutErrorMessage&&(z=i.timeoutErrorMessage),n(new ue(z,Q.clarifyTimeoutError?ue.ETIMEDOUT:ue.ECONNABORTED,r,N)),N=null},s===void 0&&c.setContentType(null),"setRequestHeader"in N&&O.forEach(c.toJSON(),function(z,Q){N.setRequestHeader(Q,z)}),O.isUndefined(i.withCredentials)||(N.withCredentials=!!i.withCredentials),d&&d!=="json"&&(N.responseType=i.responseType),g&&([C,T]=mc(g,!0),N.addEventListener("progress",C)),f&&N.upload&&([w,S]=mc(f),N.upload.addEventListener("progress",w),N.upload.addEventListener("loadend",S)),(i.cancelToken||i.signal)&&(p=V=>{N&&(n(!V||V.type?new Ci(null,r,N):V),N.abort(),N=null)},i.cancelToken&&i.cancelToken.subscribe(p),i.signal&&(i.signal.aborted?p():i.signal.addEventListener("abort",p)));const H=nD(i.url);if(H&&At.protocols.indexOf(H)===-1){n(new ue("Unsupported protocol "+H+":",ue.ERR_BAD_REQUEST,r));return}N.send(s||null)})},dD=(r,e)=>{const{length:t}=r=r?r.filter(Boolean):[];if(e||t){let n=new AbortController,i;const s=function(g){if(!i){i=!0,d();const p=g instanceof Error?g:this.reason;n.abort(p instanceof ue?p:new Ci(p instanceof Error?p.message:p))}};let c=e&&setTimeout(()=>{c=null,s(new ue(`timeout ${e} of ms exceeded`,ue.ETIMEDOUT))},e);const d=()=>{r&&(c&&clearTimeout(c),c=null,r.forEach(g=>{g.unsubscribe?g.unsubscribe(s):g.removeEventListener("abort",s)}),r=null)};r.forEach(g=>g.addEventListener("abort",s));const{signal:f}=n;return f.unsubscribe=()=>O.asap(d),f}},hD=function*(r,e){let t=r.byteLength;if(t<e){yield r;return}let n=0,i;for(;n<t;)i=n+e,yield r.slice(n,i),n=i},fD=async function*(r,e){for await(const t of gD(r))yield*hD(t,e)},gD=async function*(r){if(r[Symbol.asyncIterator]){yield*r;return}const e=r.getReader();try{for(;;){const{done:t,value:n}=await e.read();if(t)break;yield n}}finally{await e.cancel()}},wp=(r,e,t,n)=>{const i=fD(r,e);let s=0,c,d=f=>{c||(c=!0,n&&n(f))};return new ReadableStream({async pull(f){try{const{done:g,value:p}=await i.next();if(g){d(),f.close();return}let w=p.byteLength;if(t){let C=s+=w;t(C)}f.enqueue(new Uint8Array(p))}catch(g){throw d(g),g}},cancel(f){return d(f),i.return()}},{highWaterMark:2})},$c=typeof fetch=="function"&&typeof Request=="function"&&typeof Response=="function",hw=$c&&typeof ReadableStream=="function",mD=$c&&(typeof TextEncoder=="function"?(r=>e=>r.encode(e))(new TextEncoder):async r=>new Uint8Array(await new Response(r).arrayBuffer())),fw=(r,...e)=>{try{return!!r(...e)}catch{return!1}},pD=hw&&fw(()=>{let r=!1;const e=new Request(At.origin,{body:new ReadableStream,method:"POST",get duplex(){return r=!0,"half"}}).headers.has("Content-Type");return r&&!e}),_p=64*1024,Sd=hw&&fw(()=>O.isReadableStream(new Response("").body)),pc={stream:Sd&&(r=>r.body)};$c&&(r=>{["text","arrayBuffer","blob","formData","stream"].forEach(e=>{!pc[e]&&(pc[e]=O.isFunction(r[e])?t=>t[e]():(t,n)=>{throw new ue(`Response type '${e}' is not supported`,ue.ERR_NOT_SUPPORT,n)})})})(new Response);const vD=async r=>{if(r==null)return 0;if(O.isBlob(r))return r.size;if(O.isSpecCompliantForm(r))return(await new Request(At.origin,{method:"POST",body:r}).arrayBuffer()).byteLength;if(O.isArrayBufferView(r)||O.isArrayBuffer(r))return r.byteLength;if(O.isURLSearchParams(r)&&(r=r+""),O.isString(r))return(await mD(r)).byteLength},yD=async(r,e)=>{const t=O.toFiniteNumber(r.getContentLength());return t??vD(e)},CD=$c&&(async r=>{let{url:e,method:t,data:n,signal:i,cancelToken:s,timeout:c,onDownloadProgress:d,onUploadProgress:f,responseType:g,headers:p,withCredentials:w="same-origin",fetchOptions:C}=dw(r);g=g?(g+"").toLowerCase():"text";let S=dD([i,s&&s.toAbortSignal()],c),T;const b=S&&S.unsubscribe&&(()=>{S.unsubscribe()});let N;try{if(f&&pD&&t!=="get"&&t!=="head"&&(N=await yD(p,n))!==0){let Q=new Request(e,{method:"POST",body:n,duplex:"half"}),we;if(O.isFormData(n)&&(we=Q.headers.get("content-type"))&&p.setContentType(we),Q.body){const[W,et]=vp(N,mc(yp(f)));n=wp(Q.body,_p,W,et)}}O.isString(w)||(w=w?"include":"omit");const K="credentials"in Request.prototype;T=new Request(e,{...C,signal:S,method:t.toUpperCase(),headers:p.normalize().toJSON(),body:n,duplex:"half",credentials:K?w:void 0});let H=await fetch(T);const V=Sd&&(g==="stream"||g==="response");if(Sd&&(d||V&&b)){const Q={};["status","statusText","headers"].forEach(_e=>{Q[_e]=H[_e]});const we=O.toFiniteNumber(H.headers.get("content-length")),[W,et]=d&&vp(we,mc(yp(d),!0))||[];H=new Response(wp(H.body,_p,W,()=>{et&&et(),b&&b()}),Q)}g=g||"text";let z=await pc[O.findKey(pc,g)||"text"](H,r);return!V&&b&&b(),await new Promise((Q,we)=>{lw(Q,we,{data:z,headers:Ht.from(H.headers),status:H.status,statusText:H.statusText,config:r,request:T})})}catch(K){throw b&&b(),K&&K.name==="TypeError"&&/fetch/i.test(K.message)?Object.assign(new ue("Network Error",ue.ERR_NETWORK,r,T),{cause:K.cause||K}):ue.from(K,K&&K.code,r,T)}}),Ad={http:D1,xhr:uD,fetch:CD};O.forEach(Ad,(r,e)=>{if(r){try{Object.defineProperty(r,"name",{value:e})}catch{}Object.defineProperty(r,"adapterName",{value:e})}});const Tp=r=>`- ${r}`,wD=r=>O.isFunction(r)||r===null||r===!1,gw={getAdapter:r=>{r=O.isArray(r)?r:[r];const{length:e}=r;let t,n;const i={};for(let s=0;s<e;s++){t=r[s];let c;if(n=t,!wD(t)&&(n=Ad[(c=String(t)).toLowerCase()],n===void 0))throw new ue(`Unknown adapter '${c}'`);if(n)break;i[c||"#"+s]=n}if(!n){const s=Object.entries(i).map(([d,f])=>`adapter ${d} `+(f===!1?"is not supported by the environment":"is not available in the build"));let c=e?s.length>1?`since :
59
59
  `+s.map(Tp).join(`
@@ -14826,10 +14826,8 @@ const tD = "https://app-files.jplan.com.br/pub/msal-auth/index.html", ro = se(nu
14826
14826
  function yC() {
14827
14827
  const { setJToken: r } = vC(), e = Qt(() => !!ro.value), t = Qt(() => ro.value);
14828
14828
  async function n() {
14829
- if (!e) {
14830
- await o();
14831
- return;
14832
- }
14829
+ debugger;
14830
+ e.value || await o();
14833
14831
  }
14834
14832
  const o = async () => new Promise((u, h) => {
14835
14833
  try {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "jplan-pack",
3
- "version": "0.5.50",
3
+ "version": "0.5.51",
4
4
  "main": "./dist/jplan-pack.cjs.js",
5
5
  "module": "./dist/jplan-pack.es.js",
6
6
  "types": "dist/types/index.d.ts",