npm - jplan-pack - Versions diffs - 0.5.75 → 0.5.77 - Mend

jplan-pack 0.5.75 → 0.5.77

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/jplan-pack.cjs.js CHANGED Viewed

@@ -53,7 +53,7 @@ Error Description: ${s.errorMessage}`);else{const c=s;this.logger.error(`A non-M
 Error: ${c.name}
 Error Description: ${c.message}`)}return null}return n||(this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),n=Tt.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),n}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter(t=>t&&ye.getDomainFromUrl(t).toLowerCase()===this.hostnameAndPort).length>0}static generateAuthority(e,t){let n;if(t&&t.azureCloudInstance!==zd.None){const i=t.tenant?t.tenant:P.DEFAULT_COMMON_TENANT;n=`${t.azureCloudInstance}/${i}/`}return n||e}static createCloudDiscoveryMetadataFromHost(e){return{preferred_network:e,preferred_cache:e,aliases:[e]}}getPreferredCache(){if(this.managedIdentity)return P.DEFAULT_AUTHORITY_HOST;if(this.discoveryComplete())return this.metadata.preferred_cache;throw U(pr)}isAlias(e){return this.metadata.aliases.indexOf(e)>-1}isAliasOfKnownMicrosoftAuthority(e){return Wy.has(e)}static isPublicCloudAuthority(e){return P.KNOWN_PUBLIC_CLOUDS.indexOf(e)>=0}static buildRegionalAuthorityString(e,t,n){const i=new ye(e);i.validateAsUri();const s=i.getUrlComponents();let c=`${t}.${s.HostNameAndPort}`;this.isPublicCloudAuthority(s.HostNameAndPort)&&(c=`${t}.${P.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`);const d=ye.constructAuthorityUriFromObject({...i.getUrlComponents(),HostNameAndPort:c}).urlString;return n?`${d}?${n}`:d}static replaceWithRegionalInformation(e,t){const n={...e};return n.authorization_endpoint=Tt.buildRegionalAuthorityString(n.authorization_endpoint,t),n.token_endpoint=Tt.buildRegionalAuthorityString(n.token_endpoint,t),n.end_session_endpoint&&(n.end_session_endpoint=Tt.buildRegionalAuthorityString(n.end_session_endpoint,t)),n}static transformCIAMAuthority(e){let t=e;const i=new ye(e).getUrlComponents();if(i.PathSegments.length===0&&i.HostNameAndPort.endsWith(P.CIAM_AUTH_URL)){const s=i.HostNameAndPort.split(".")[0];t=`${t}${s}${P.AAD_TENANT_DOMAIN_SUFFIX}`}return t}}Tt.reservedTenantDomains=new Set(["{tenant}","{tenantid}",zr.COMMON,zr.CONSUMERS,zr.ORGANIZATIONS]);function n0(r){var i;const n=(i=new ye(r).getUrlComponents().PathSegments.slice(-1)[0])==null?void 0:i.toLowerCase();switch(n){case zr.COMMON:case zr.ORGANIZATIONS:case zr.CONSUMERS:return;default:return n}}function Yy(r){return r.endsWith(P.FORWARD_SLASH)?r:`${r}${P.FORWARD_SLASH}`}function r0(r){const e=r.cloudDiscoveryMetadata;let t;if(e)try{t=JSON.parse(e)}catch{throw Ne(jd)}return{canonicalAuthority:r.authority?Yy(r.authority):void 0,knownAuthorities:r.knownAuthorities,cloudDiscoveryMetadata:t}}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Jy(r,e,t,n,i,s,c){c==null||c.addQueueMeasurement(k.AuthorityFactoryCreateDiscoveredInstance,s);const d=Tt.transformCIAMAuthority(Yy(r)),f=new Tt(d,e,t,n,i,s,c);try{return await B(f.resolveEndpointsAsync.bind(f),k.AuthorityResolveEndpointsAsync,i,c,s)(),f}catch{throw U(pr)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class qr extends Fe{constructor(e,t,n,i,s){super(e,t,n),this.name="ServerError",this.errorNo=i,this.status=s,Object.setPrototypeOf(this,qr.prototype)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class Yn{static generateThrottlingStorageKey(e){return`${aa.THROTTLING_PREFIX}.${JSON.stringify(e)}`}static preProcess(e,t){var s;const n=Yn.generateThrottlingStorageKey(t),i=e.getThrottlingCache(n);if(i){if(i.throttleTime<Date.now()){e.removeItem(n);return}throw new qr(((s=i.errorCodes)==null?void 0:s.join(" "))||P.EMPTY_STRING,i.errorMessage,i.subError)}}static postProcess(e,t,n){if(Yn.checkResponseStatus(n)||Yn.checkResponseForRetryAfter(n)){const i={throttleTime:Yn.calculateThrottleTime(parseInt(n.headers[Ot.RETRY_AFTER])),error:n.body.error,errorCodes:n.body.error_codes,errorMessage:n.body.error_description,subError:n.body.suberror};e.setThrottlingCache(Yn.generateThrottlingStorageKey(t),i)}}static checkResponseStatus(e){return e.status===429||e.status>=500&&e.status<600}static checkResponseForRetryAfter(e){return e.headers?e.headers.hasOwnProperty(Ot.RETRY_AFTER)&&(e.status<200||e.status>=300):!1}static calculateThrottleTime(e){const t=e<=0?0:e,n=Date.now()/1e3;return Math.floor(Math.min(n+(t||aa.DEFAULT_THROTTLE_TIME_SECONDS),n+aa.DEFAULT_MAX_THROTTLE_TIME_SECONDS)*1e3)}static removeThrottle(e,t,n,i){const s={clientId:t,authority:n.authority,scopes:n.scopes,homeAccountIdentifier:i,claims:n.claims,authenticationScheme:n.authenticationScheme,resourceRequestMethod:n.resourceRequestMethod,resourceRequestUri:n.resourceRequestUri,shrClaims:n.shrClaims,sshKid:n.sshKid},c=this.generateThrottlingStorageKey(s);e.removeItem(c)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class Oc extends Fe{constructor(e,t,n){super(e.errorCode,e.errorMessage,e.subError),Object.setPrototypeOf(this,Oc.prototype),this.name="NetworkError",this.error=e,this.httpStatus=t,this.responseHeaders=n}}function Jm(r,e,t){return new Oc(r,e,t)}/*! @azure/msal-common v14.16.0 2024-11-05 */class th{constructor(e,t){this.config=fP(e),this.logger=new Wr(this.config.loggerOptions,Ay,Kd),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=t}createTokenRequestHeaders(e){const t={};if(t[Ot.CONTENT_TYPE]=P.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&e)switch(e.type){case on.HOME_ACCOUNT_ID:try{const n=ii(e.credential);t[Ot.CCS_HEADER]=`Oid:${n.uid}@${n.utid}`}catch(n){this.logger.verbose("Could not parse home account ID for CCS Header: "+n)}break;case on.UPN:t[Ot.CCS_HEADER]=`UPN: ${e.credential}`;break}return t}async executePostToTokenEndpoint(e,t,n,i,s,c){var f;c&&((f=this.performanceClient)==null||f.addQueueMeasurement(c,s));const d=await this.sendPostRequest(i,e,{body:t,headers:n},s);return this.config.serverTelemetryManager&&d.status<500&&d.status!==429&&this.config.serverTelemetryManager.clearTelemetryCache(),d}async sendPostRequest(e,t,n,i){var c,d,f;Yn.preProcess(this.cacheManager,e);let s;try{s=await B(this.networkClient.sendPostRequestAsync.bind(this.networkClient),k.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,i)(t,n);const g=s.headers||{};(d=this.performanceClient)==null||d.addFields({refreshTokenSize:((c=s.body.refresh_token)==null?void 0:c.length)||0,httpVerToken:g[Ot.X_MS_HTTP_VERSION]||"",requestId:g[Ot.X_MS_REQUEST_ID]||""},i)}catch(g){if(g instanceof Oc){const p=g.responseHeaders;throw p&&((f=this.performanceClient)==null||f.addFields({httpVerToken:p[Ot.X_MS_HTTP_VERSION]||"",requestId:p[Ot.X_MS_REQUEST_ID]||"",contentTypeHeader:p[Ot.CONTENT_TYPE]||void 0,contentLengthHeader:p[Ot.CONTENT_LENGTH]||void 0,httpStatus:g.httpStatus},i)),g.error}throw g instanceof Fe?g:U(uy)}return Yn.postProcess(this.cacheManager,e,s),s}async updateAuthority(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.UpdateTokenEndpointAuthority,t);const n=`https://${e}/${this.authority.tenant}/`,i=await Jy(n,this.networkClient,this.cacheManager,this.authority.options,this.logger,t,this.performanceClient);this.authority=i}createTokenQueryParameters(e){const t=new sa(e.correlationId,this.performanceClient);return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenQueryParameters&&t.addExtraQueryParameters(e.tokenQueryParameters),t.addCorrelationId(e.correlationId),t.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */const uc="no_tokens_found",Qy="native_account_unavailable",nh="refresh_token_expired",o0="interaction_required",i0="consent_required",a0="login_required",Nc="bad_token";/*! @azure/msal-common v14.16.0 2024-11-05 */const Qm=[o0,i0,a0,Nc],s0=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],c0={[uc]:"No refresh token found in the cache. Please sign-in.",[Qy]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[nh]:"Refresh token has expired.",[Nc]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve."};class Fn extends Fe{constructor(e,t,n,i,s,c,d,f){super(e,t,n),Object.setPrototypeOf(this,Fn.prototype),this.timestamp=i||P.EMPTY_STRING,this.traceId=s||P.EMPTY_STRING,this.correlationId=c||P.EMPTY_STRING,this.claims=d||P.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=f}}function Xm(r,e,t){const n=!!r&&Qm.indexOf(r)>-1,i=!!t&&s0.indexOf(t)>-1,s=!!e&&Qm.some(c=>e.indexOf(c)>-1);return n||s||i}function hd(r){return new Fn(r,c0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class Bn{static setRequestState(e,t,n){const i=Bn.generateLibraryState(e,n);return t?`${i}${P.RESOURCE_DELIM}${t}`:i}static generateLibraryState(e,t){if(!e)throw U(sd);const n={id:e.createNewGuid()};t&&(n.meta=t);const i=JSON.stringify(n);return e.base64Encode(i)}static parseRequestState(e,t){if(!e)throw U(sd);if(!t)throw U(hi);try{const n=t.split(P.RESOURCE_DELIM),i=n[0],s=n.length>1?n.slice(1).join(P.RESOURCE_DELIM):P.EMPTY_STRING,c=e.base64Decode(i),d=JSON.parse(c);return{userRequestState:s||P.EMPTY_STRING,libraryState:d}}catch{throw U(hi)}}}/*! @azure/msal-common v14.16.0 2024-11-05 */const l0={SW:"sw",UHW:"uhw"};class gi{constructor(e,t){this.cryptoUtils=e,this.performanceClient=t}async generateCnf(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.PopTokenGenerateCnf,e.correlationId);const n=await B(this.generateKid.bind(this),k.PopTokenGenerateCnf,t,this.performanceClient,e.correlationId)(e),i=this.cryptoUtils.base64UrlEncode(JSON.stringify(n));return{kid:n.kid,reqCnfString:i}}async generateKid(e){var n;return(n=this.performanceClient)==null||n.addQueueMeasurement(k.PopTokenGenerateKid,e.correlationId),{kid:await this.cryptoUtils.getPublicKeyThumbprint(e),xms_ksl:l0.SW}}async signPopToken(e,t,n){return this.signPayload(e,t,n)}async signPayload(e,t,n,i){const{resourceRequestMethod:s,resourceRequestUri:c,shrClaims:d,shrNonce:f,shrOptions:g}=n,p=c?new ye(c):void 0,w=p==null?void 0:p.getUrlComponents();return this.cryptoUtils.signJwt({at:e,ts:rr(),m:s==null?void 0:s.toUpperCase(),u:w==null?void 0:w.HostNameAndPort,nonce:f||this.cryptoUtils.createNewGuid(),p:w==null?void 0:w.AbsolutePath,q:w!=null&&w.QueryString?[[],w.QueryString]:void 0,client_claims:d||void 0,...i},t,g,n.correlationId)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class u0{constructor(e,t){this.cache=e,this.hasChanged=t}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}/*! @azure/msal-common v14.16.0 2024-11-05 */function d0(r){var n,i;const e="code=",t=(n=r.error_uri)==null?void 0:n.lastIndexOf(e);return t&&t>=0?(i=r.error_uri)==null?void 0:i.substring(t+e.length):void 0}class po{constructor(e,t,n,i,s,c,d){this.clientId=e,this.cacheStorage=t,this.cryptoObj=n,this.logger=i,this.serializableCache=s,this.persistencePlugin=c,this.performanceClient=d}validateServerAuthorizationCodeResponse(e,t){if(!e.state||!t)throw e.state?U(oc,"Cached State"):U(oc,"Server State");let n,i;try{n=decodeURIComponent(e.state)}catch{throw U(hi,e.state)}try{i=decodeURIComponent(t)}catch{throw U(hi,e.state)}if(n!==i)throw U(fy);if(e.error||e.error_description||e.suberror){const s=d0(e);throw Xm(e.error,e.error_description,e.suberror)?new Fn(e.error||"",e.error_description,e.suberror,e.timestamp||"",e.trace_id||"",e.correlation_id||"",e.claims||"",s):new qr(e.error||"",e.error_description,e.suberror,s)}}validateTokenResponse(e,t){var n;if(e.error||e.error_description||e.suberror){const i=`Error(s): ${e.error_codes||P.NOT_AVAILABLE} - Timestamp: ${e.timestamp||P.NOT_AVAILABLE} - Description: ${e.error_description||P.NOT_AVAILABLE} - Correlation ID: ${e.correlation_id||P.NOT_AVAILABLE} - Trace ID: ${e.trace_id||P.NOT_AVAILABLE}`,s=(n=e.error_codes)!=null&&n.length?e.error_codes[0]:void 0,c=new qr(e.error,i,e.suberror,s,e.status);if(t&&e.status&&e.status>=_s.SERVER_ERROR_RANGE_START&&e.status<=_s.SERVER_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed.
 ${c}`);return}else if(t&&e.status&&e.status>=_s.CLIENT_ERROR_RANGE_START&&e.status<=_s.CLIENT_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token.
-${c}`);return}throw Xm(e.error,e.error_description,e.suberror)?new Fn(e.error,e.error_description,e.suberror,e.timestamp||P.EMPTY_STRING,e.trace_id||P.EMPTY_STRING,e.correlation_id||P.EMPTY_STRING,e.claims||P.EMPTY_STRING,s):c}}async handleServerTokenResponse(e,t,n,i,s,c,d,f,g){var T;(T=this.performanceClient)==null||T.addQueueMeasurement(k.HandleServerTokenResponse,e.correlation_id);let p;if(e.id_token){if(p=wo(e.id_token||P.EMPTY_STRING,this.cryptoObj.base64Decode),s&&s.nonce&&p.nonce!==s.nonce)throw U(gy);if(i.maxAge||i.maxAge===0){const b=p.auth_time;if(!b)throw U(Fd);Iy(b,i.maxAge)}}this.homeAccountIdentifier=it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,p);let w;s&&s.state&&(w=Bn.parseRequestState(this.cryptoObj,s.state)),e.key_id=e.key_id||i.sshKid||void 0;const C=this.generateCacheRecord(e,t,n,i,p,c,s);let S;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),S=new u0(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(S)),d&&!f&&C.account){const b=C.account.generateAccountKey();if(!this.cacheStorage.getAccount(b,this.logger))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await po.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,void 0,g)}await this.cacheStorage.saveCacheRecord(C,i.storeInCache,i.correlationId)}finally{this.persistencePlugin&&this.serializableCache&&S&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(S))}return po.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,e,g)}generateCacheRecord(e,t,n,i,s,c,d){const f=t.getPreferredCache();if(!f)throw U(Vd);const g=$y(s);let p,w;e.id_token&&s&&(p=Ic(this.homeAccountIdentifier,f,e.id_token,this.clientId,g||""),w=rh(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,s,e.client_info,f,g,d,void 0,this.logger));let C=null;if(e.access_token){const b=e.scope?Ye.fromString(e.scope):new Ye(i.scopes||[]),N=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,K=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,H=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)||void 0,V=n+N,z=V+K,Q=H&&H>0?n+H:void 0;C=bc(this.homeAccountIdentifier,f,e.access_token,this.clientId,g||t.tenant||"",b.printScopes(),V,z,this.cryptoObj.base64Decode,Q,e.token_type,c,e.key_id,i.claims,i.requestedClaimsHash)}let S=null;if(e.refresh_token){let b;if(e.refresh_token_expires_in){const N=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;b=n+N}S=by(this.homeAccountIdentifier,f,e.refresh_token,this.clientId,e.foci,c,b)}let T=null;return e.foci&&(T={clientId:this.clientId,environment:f,familyId:e.foci}),{account:w,idToken:p,accessToken:C,refreshToken:S,appMetadata:T}}static async generateAuthenticationResult(e,t,n,i,s,c,d,f,g){var V,z,Q,we,W;let p=P.EMPTY_STRING,w=[],C=null,S,T,b=P.EMPTY_STRING;if(n.accessToken){if(n.accessToken.tokenType===Re.POP&&!s.popKid){const et=new gi(e),{secret:_e,keyId:Y}=n.accessToken;if(!Y)throw U($d);p=await et.signPopToken(_e,Y,s)}else p=n.accessToken.secret;w=Ye.fromString(n.accessToken.target).asArray(),C=new Date(Number(n.accessToken.expiresOn)*1e3),S=new Date(Number(n.accessToken.extendedExpiresOn)*1e3),n.accessToken.refreshOn&&(T=new Date(Number(n.accessToken.refreshOn)*1e3))}n.appMetadata&&(b=n.appMetadata.familyId===ia?ia:"");const N=(c==null?void 0:c.oid)||(c==null?void 0:c.sub)||"",K=(c==null?void 0:c.tid)||"";f!=null&&f.spa_accountid&&n.account&&(n.account.nativeAccountId=f==null?void 0:f.spa_accountid);const H=n.account?Qd(n.account.getAccountInfo(),void 0,c,(V=n.idToken)==null?void 0:V.secret):null;return{authority:t.canonicalAuthority,uniqueId:N,tenantId:K,scopes:w,account:H,idToken:((z=n==null?void 0:n.idToken)==null?void 0:z.secret)||"",idTokenClaims:c||{},accessToken:p,fromCache:i,expiresOn:C,extExpiresOn:S,refreshOn:T,correlationId:s.correlationId,requestId:g||P.EMPTY_STRING,familyId:b,tokenType:((Q=n.accessToken)==null?void 0:Q.tokenType)||P.EMPTY_STRING,state:d?d.userRequestState:P.EMPTY_STRING,cloudGraphHostName:((we=n.account)==null?void 0:we.cloudGraphHostName)||P.EMPTY_STRING,msGraphHost:((W=n.account)==null?void 0:W.msGraphHost)||P.EMPTY_STRING,code:f==null?void 0:f.spa_code,fromNativeBroker:!1}}}function rh(r,e,t,n,i,s,c,d,f,g,p){p==null||p.verbose("setCachedAccount called");const C=r.getAccountKeys().find(K=>K.startsWith(t));let S=null;C&&(S=r.getAccount(C,p));const T=S||it.createAccount({homeAccountId:t,idTokenClaims:i,clientInfo:s,environment:c,cloudGraphHostName:f==null?void 0:f.cloud_graph_host_name,msGraphHost:f==null?void 0:f.msgraph_host,nativeAccountId:g},e,n),b=T.tenantProfiles||[],N=d||T.realm;if(N&&!b.find(K=>K.tenantId===N)){const K=Jd(t,T.localAccountId,N,i);b.push(K)}return T.tenantProfiles=b,T}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Xy(r,e,t){return typeof r=="string"?r:r({clientId:e,tokenEndpoint:t})}/*! @azure/msal-common v14.16.0 2024-11-05 */class Zy extends th{constructor(e,t){var n;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(n=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:n.defaultScopes}async getAuthCodeUrl(e){var n;(n=this.performanceClient)==null||n.addQueueMeasurement(k.GetAuthCodeUrl,e.correlationId);const t=await B(this.createAuthCodeUrlQueryString.bind(this),k.AuthClientCreateQueryString,this.logger,this.performanceClient,e.correlationId)(e);return ye.appendQueryString(this.authority.authorizationEndpoint,t)}async acquireToken(e,t){var d,f;if((d=this.performanceClient)==null||d.addQueueMeasurement(k.AuthClientAcquireToken,e.correlationId),!e.code)throw U(vy);const n=rr(),i=await B(this.executeTokenRequest.bind(this),k.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),s=(f=i.headers)==null?void 0:f[Ot.X_MS_REQUEST_ID],c=new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return c.validateTokenResponse(i.body),B(c.handleServerTokenResponse.bind(c),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(i.body,this.authority,n,e,t,void 0,void 0,void 0,s)}handleFragmentResponse(e,t){if(new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,null,null).validateServerAuthorizationCodeResponse(e,t),!e.code)throw U(Ty);return e}getLogoutUri(e){if(!e)throw Ne(Dy);const t=this.createLogoutUrlQueryString(e);return ye.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var g,p;(g=this.performanceClient)==null||g.addQueueMeasurement(k.AuthClientExecuteTokenRequest,t.correlationId);const n=this.createTokenQueryParameters(t),i=ye.appendQueryString(e.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let c;if(t.clientInfo)try{const w=ac(t.clientInfo,this.cryptoUtils.base64Decode);c={credential:`${w.uid}${St.CLIENT_INFO_SEPARATOR}${w.utid}`,type:on.HOME_ACCOUNT_ID}}catch(w){this.logger.verbose("Could not parse client info for CCS Header: "+w)}const d=this.createTokenRequestHeaders(c||t.ccsCredential),f={clientId:((p=t.tokenBodyParameters)==null?void 0:p.clientId)||this.config.authOptions.clientId,authority:e.canonicalAuthority,scopes:t.scopes,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(i,s,d,f,t.correlationId,k.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s;(i=this.performanceClient)==null||i.addQueueMeasurement(k.AuthClientCreateTokenRequestBody,e.correlationId);const t=new sa(e.correlationId,this.performanceClient);if(t.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[mo])||this.config.authOptions.clientId),this.includeRedirectUri?t.addRedirectUri(e.redirectUri):Qo.validateRedirectUri(e.redirectUri),t.addScopes(e.scopes,!0,this.oidcDefaultScopes),t.addAuthorizationCode(e.code),t.addLibraryInfo(this.config.libraryInfo),t.addApplicationTelemetry(this.config.telemetry.application),t.addThrottling(),this.serverTelemetryManager&&!ud(this.config)&&t.addServerTelemetry(this.serverTelemetryManager),e.codeVerifier&&t.addCodeVerifier(e.codeVerifier),this.config.clientCredentials.clientSecret&&t.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const c=this.config.clientCredentials.clientAssertion;t.addClientAssertion(await Xy(c.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),t.addClientAssertionType(c.assertionType)}if(t.addGrantType(ay.AUTHORIZATION_CODE_GRANT),t.addClientInfo(),e.authenticationScheme===Re.POP){const c=new gi(this.cryptoUtils,this.performanceClient);let d;e.popKid?d=this.cryptoUtils.encodeKid(e.popKid):d=(await B(c.generateCnf.bind(c),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,t.addPopToken(d)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)t.addSshJwk(e.sshJwk);else throw Ne(kc);(!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&t.addClaims(e.claims,this.config.authOptions.clientCapabilities);let n;if(e.clientInfo)try{const c=ac(e.clientInfo,this.cryptoUtils.base64Decode);n={credential:`${c.uid}${St.CLIENT_INFO_SEPARATOR}${c.utid}`,type:on.HOME_ACCOUNT_ID}}catch(c){this.logger.verbose("Could not parse client info for CCS Header: "+c)}else n=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&n)switch(n.type){case on.HOME_ACCOUNT_ID:try{const c=ii(n.credential);t.addCcsOid(c)}catch(c){this.logger.verbose("Could not parse home account ID for CCS Header: "+c)}break;case on.UPN:t.addCcsUpn(n.credential);break}return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&t.addExtraQueryParameters(e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters||!e.tokenBodyParameters[Ym])&&t.addExtraQueryParameters({[Ym]:"1"}),t.createQueryString()}async createAuthCodeUrlQueryString(e){var s,c;const t=e.correlationId||this.config.cryptoInterface.createNewGuid();(s=this.performanceClient)==null||s.addQueueMeasurement(k.AuthClientCreateQueryString,t);const n=new sa(t,this.performanceClient);n.addClientId(e.embeddedClientId||((c=e.extraQueryParameters)==null?void 0:c[mo])||this.config.authOptions.clientId);const i=[...e.scopes||[],...e.extraScopesToConsent||[]];if(n.addScopes(i,!0,this.oidcDefaultScopes),n.addRedirectUri(e.redirectUri),n.addCorrelationId(t),n.addResponseMode(e.responseMode),n.addResponseTypeCode(),n.addLibraryInfo(this.config.libraryInfo),ud(this.config)||n.addApplicationTelemetry(this.config.telemetry.application),n.addClientInfo(),e.codeChallenge&&e.codeChallengeMethod&&n.addCodeChallengeParams(e.codeChallenge,e.codeChallengeMethod),e.prompt&&n.addPrompt(e.prompt),e.domainHint&&n.addDomainHint(e.domainHint),e.prompt!==lt.SELECT_ACCOUNT)if(e.sid&&e.prompt===lt.NONE)this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),n.addSid(e.sid);else if(e.account){const d=this.extractAccountSid(e.account);let f=this.extractLoginHint(e.account);if(f&&e.domainHint&&(this.logger.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),f=null),f){this.logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),n.addLoginHint(f);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===lt.NONE){this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),n.addSid(d);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint);else if(e.account.username){this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),n.addLoginHint(e.account.username);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(this.logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint));else this.logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");if(e.nonce&&n.addNonce(e.nonce),e.state&&n.addState(e.state),(e.claims||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),this.addExtraQueryParams(e,n),e.nativeBroker&&(n.addNativeBroker(),e.authenticationScheme===Re.POP)){const d=new gi(this.cryptoUtils);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}return n.createQueryString()}createLogoutUrlQueryString(e){const t=new sa(e.correlationId,this.performanceClient);return e.postLogoutRedirectUri&&t.addPostLogoutRedirectUri(e.postLogoutRedirectUri),e.correlationId&&t.addCorrelationId(e.correlationId),e.idTokenHint&&t.addIdTokenHint(e.idTokenHint),e.state&&t.addState(e.state),e.logoutHint&&t.addLogoutHint(e.logoutHint),this.addExtraQueryParams(e,t),t.createQueryString()}addExtraQueryParams(e,t){!(e.extraQueryParameters&&e.extraQueryParameters.hasOwnProperty("instance_aware"))&&this.config.authOptions.instanceAware&&(e.extraQueryParameters=e.extraQueryParameters||{},e.extraQueryParameters.instance_aware="true"),e.extraQueryParameters&&t.addExtraQueryParameters(e.extraQueryParameters)}extractAccountSid(e){var t;return((t=e.idTokenClaims)==null?void 0:t.sid)||null}extractLoginHint(e){var t;return((t=e.idTokenClaims)==null?void 0:t.login_hint)||null}}/*! @azure/msal-common v14.16.0 2024-11-05 */const h0=300;class fd extends th{constructor(e,t){super(e,t)}async acquireToken(e){var c,d;(c=this.performanceClient)==null||c.addQueueMeasurement(k.RefreshTokenClientAcquireToken,e.correlationId);const t=rr(),n=await B(this.executeTokenRequest.bind(this),k.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),i=(d=n.headers)==null?void 0:d[Ot.X_MS_REQUEST_ID],s=new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body),B(s.handleServerTokenResponse.bind(s),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,i)}async acquireTokenByRefreshToken(e){var n;if(!e)throw Ne(My);if((n=this.performanceClient)==null||n.addQueueMeasurement(k.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw U(Hd);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(i){const s=i instanceof Fn&&i.errorCode===uc,c=i instanceof qr&&i.errorCode===xm.INVALID_GRANT_ERROR&&i.subError===xm.CLIENT_MISMATCH_ERROR;if(s||c)return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw i}return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const n=_o(this.cacheManager.getRefreshToken.bind(this.cacheManager),k.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!n)throw hd(uc);if(n.expiresOn&&ld(n.expiresOn,e.refreshTokenExpirationOffsetSeconds||h0))throw hd(nh);const i={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Re.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}};try{return await B(this.acquireToken.bind(this),k.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(i)}catch(c){if(c instanceof Fn&&c.subError===Nc){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=oi(n);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var f,g;(f=this.performanceClient)==null||f.addQueueMeasurement(k.RefreshTokenClientExecuteTokenRequest,e.correlationId);const n=this.createTokenQueryParameters(e),i=ye.appendQueryString(t.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),c=this.createTokenRequestHeaders(e.ccsCredential),d={clientId:((g=e.tokenBodyParameters)==null?void 0:g.clientId)||this.config.authOptions.clientId,authority:t.canonicalAuthority,scopes:e.scopes,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(i,s,c,d,e.correlationId,k.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s,c;(i=this.performanceClient)==null||i.addQueueMeasurement(k.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=e.correlationId,n=new sa(t,this.performanceClient);if(n.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[mo])||this.config.authOptions.clientId),e.redirectUri&&n.addRedirectUri(e.redirectUri),n.addScopes(e.scopes,!0,(c=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),n.addGrantType(ay.REFRESH_TOKEN_GRANT),n.addClientInfo(),n.addLibraryInfo(this.config.libraryInfo),n.addApplicationTelemetry(this.config.telemetry.application),n.addThrottling(),this.serverTelemetryManager&&!ud(this.config)&&n.addServerTelemetry(this.serverTelemetryManager),n.addRefreshToken(e.refreshToken),this.config.clientCredentials.clientSecret&&n.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const d=this.config.clientCredentials.clientAssertion;n.addClientAssertion(await Xy(d.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),n.addClientAssertionType(d.assertionType)}if(e.authenticationScheme===Re.POP){const d=new gi(this.cryptoUtils,this.performanceClient);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)n.addSshJwk(e.sshJwk);else throw Ne(kc);if((!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case on.HOME_ACCOUNT_ID:try{const d=ii(e.ccsCredential.credential);n.addCcsOid(d)}catch(d){this.logger.verbose("Could not parse home account ID for CCS Header: "+d)}break;case on.UPN:n.addCcsUpn(e.ccsCredential.credential);break}return e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&n.addExtraQueryParameters(e.tokenBodyParameters),n.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */class f0 extends th{constructor(e,t){super(e,t)}async acquireToken(e){var t;try{const[n,i]=await this.acquireCachedToken({...e,scopes:(t=e.scopes)!=null&&t.length?e.scopes:[...pi]});return i===Ur.PROACTIVELY_REFRESHED&&(this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'. It's not expired, but must be refreshed."),new fd(this.config,this.performanceClient).acquireTokenByRefreshToken(e).catch(()=>{})),n}catch(n){if(n instanceof Ac&&n.errorCode===vr)return new fd(this.config,this.performanceClient).acquireTokenByRefreshToken(e);throw n}}async acquireCachedToken(e){var f;(f=this.performanceClient)==null||f.addQueueMeasurement(k.SilentFlowClientAcquireCachedToken,e.correlationId);let t=Ur.NOT_APPLICABLE;if(e.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Un.isEmptyObj(e.claims))throw this.setCacheOutcome(Ur.FORCE_REFRESH_OR_CLAIMS,e.correlationId),U(vr);if(!e.account)throw U(Hd);const n=e.account.tenantId||n0(e.authority),i=this.cacheManager.getTokenKeys(),s=this.cacheManager.getAccessToken(e.account,e,i,n,this.performanceClient,e.correlationId);if(s){if($N(s.cachedAt)||ld(s.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(Ur.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),U(vr);s.refreshOn&&ld(s.refreshOn,0)&&(t=Ur.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(Ur.NO_CACHED_ACCESS_TOKEN,e.correlationId),U(vr);const c=e.authority||this.authority.getPreferredCache(),d={account:this.cacheManager.readAccountFromCache(e.account),accessToken:s,idToken:this.cacheManager.getIdToken(e.account,i,n,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(c)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await B(this.generateResultFromCacheRecord.bind(this),k.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(d,e),t]}setCacheOutcome(e,t){var n,i;(n=this.serverTelemetryManager)==null||n.setCacheOutcome(e),(i=this.performanceClient)==null||i.addFields({cacheOutcome:e},t),e!==Ur.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var i;(i=this.performanceClient)==null||i.addQueueMeasurement(k.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let n;if(e.idToken&&(n=wo(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||t.maxAge===0){const s=n==null?void 0:n.auth_time;if(!s)throw U(Fd);Iy(s,t.maxAge)}return po.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,n)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const g0={sendGetRequestAsync:()=>Promise.reject(U(ge)),sendPostRequestAsync:()=>Promise.reject(U(ge))};/*! @azure/msal-common v14.16.0 2024-11-05 */const Zm=",",eC="|";function m0(r){const{skus:e,libraryName:t,libraryVersion:n,extensionName:i,extensionVersion:s}=r,c=new Map([[0,[t,n]],[2,[i,s]]]);let d=[];if(e!=null&&e.length){if(d=e.split(Zm),d.length<4)return e}else d=Array.from({length:4},()=>eC);return c.forEach((f,g)=>{var p,w;f.length===2&&((p=f[0])!=null&&p.length)&&((w=f[1])!=null&&w.length)&&p0({skuArr:d,index:g,skuName:f[0],skuVersion:f[1]})}),d.join(Zm)}function p0(r){const{skuArr:e,index:t,skuName:n,skuVersion:i}=r;t>=e.length||(e[t]=[n,i].join(eC))}class da{constructor(e,t){this.cacheOutcome=Ur.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||P.EMPTY_STRING,this.wrapperVer=e.wrapperVer||P.EMPTY_STRING,this.telemetryCacheKey=gt.CACHE_KEY+St.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${gt.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],n=this.getNativeBrokerErrorCode();n!=null&&n.length&&t.push(`broker_error=${n}`);const i=t.join(gt.VALUE_SEPARATOR),s=this.getRegionDiscoveryFields(),c=[e,s].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,c,i].join(gt.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.failedRequests.slice(0,2*t).join(gt.VALUE_SEPARATOR),i=e.errors.slice(0,t).join(gt.VALUE_SEPARATOR),s=e.errors.length,c=t<s?gt.OVERFLOW_TRUE:gt.OVERFLOW_FALSE,d=[s,c].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,e.cacheHits,n,i,d].join(gt.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=gt.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Fe?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(gt.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||e}clearTelemetryCache(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.errors.length;if(t===n)this.cacheManager.removeItem(this.telemetryCacheKey);else{const i={failedRequests:e.failedRequests.slice(t*2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,i)}}static maxErrorsToSend(e){let t,n=0,i=0;const s=e.errors.length;for(t=0;t<s;t++){const c=e.failedRequests[2*t]||P.EMPTY_STRING,d=e.failedRequests[2*t+1]||P.EMPTY_STRING,f=e.errors[t]||P.EMPTY_STRING;if(i+=c.toString().length+d.toString().length+f.length+3,i<gt.MAX_LAST_HEADER_BYTES)n+=1;else break}return n}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||P.EMPTY_STRING),e.push(this.regionSource||P.EMPTY_STRING),e.push(this.regionOutcome||P.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return m0(e)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const tC="missing_kid_error",nC="missing_alg_error";/*! @azure/msal-common v14.16.0 2024-11-05 */const v0={[tC]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[nC]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class oh extends Fe{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,oh.prototype)}}function ep(r){return new oh(r,v0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class ih{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw ep(tC);if(!e.alg)throw ep(nC);const t=new ih({typ:e.typ||IN.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class tp{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class y0{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:t0.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""},measurement:new tp}}startPerformanceMeasurement(){return new tp}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ah="pkce_not_created",gd="crypto_nonexistent",Pc="empty_navigate_uri",rC="hash_empty_error",sh="no_state_in_hash",oC="hash_does_not_contain_known_properties",iC="unable_to_parse_state",aC="state_interaction_type_mismatch",sC="interaction_in_progress",cC="popup_window_error",lC="empty_window_error",vo="user_cancelled",C0="monitor_popup_timeout",uC="monitor_window_timeout",dC="redirect_in_iframe",hC="block_iframe_reload",fC="block_nested_popups",w0="iframe_closed_prematurely",Mc="silent_logout_unsupported",gC="no_account_error",_0="silent_prompt_value_error",mC="no_token_request_cache_error",pC="unable_to_parse_token_request_cache_error",ch="no_cached_authority_error",T0="auth_request_not_set_error",E0="invalid_cache_type",Dc="non_browser_environment",Xo="database_not_open",dc="no_network_connectivity",vC="post_request_failed",yC="get_request_failed",md="failed_to_parse_response",CC="unable_to_load_token",lh="crypto_key_not_found",wC="auth_code_required",_C="auth_code_or_nativeAccountId_required",TC="spa_code_and_nativeAccountId_present",uh="database_unavailable",EC="unable_to_acquire_token_from_native_platform",SC="native_handshake_timeout",AC="native_extension_not_installed",wa="native_connection_not_established",IC="uninitialized_public_client_application",bC="native_prompt_not_supported",kC="invalid_base64_string",RC="invalid_pop_token_request",OC="failed_to_build_headers",NC="failed_to_parse_headers";/*! @azure/msal-browser v3.28.1 2025-01-14 */const mr="For more visit: aka.ms/msaljs/browser-errors",S0={[ah]:"The PKCE code challenge and verifier could not be generated.",[gd]:"The crypto object or function is not available.",[Pc]:"Navigation URI is empty. Please check stack trace for more info.",[rC]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${mr}`,[sh]:"Hash does not contain state. Please verify that the request originated from msal.",[oC]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash.  ${mr}`,[iC]:"Unable to parse state. Please verify that the request originated from msal.",[aC]:"Hash contains state but the interaction type does not match the caller.",[sC]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API.   ${mr}`,[cC]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[lC]:"window.open returned null or undefined window object.",[vo]:"User cancelled the flow.",[C0]:`Token acquisition in popup failed due to timeout.  ${mr}`,[uC]:`Token acquisition in iframe failed due to timeout.  ${mr}`,[dC]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[hC]:`Request was blocked inside an iframe because MSAL detected an authentication response.  ${mr}`,[fC]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[w0]:"The iframe being monitored was closed prematurely.",[Mc]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[gC]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[_0]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[mC]:"No token request found in cache.",[pC]:"The cached token request could not be parsed.",[ch]:"No cached authority found.",[T0]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[E0]:"Invalid cache type",[Dc]:"Login and token requests are not supported in non-browser environments.",[Xo]:"Database is not open!",[dc]:"No network connectivity. Check your internet connection.",[vC]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[yC]:"Network request failed. Please check the network trace to determine root cause.",[md]:"Failed to parse network response. Check network trace.",[CC]:"Error loading token to cache.",[lh]:"Cryptographic Key or Keypair not found in browser storage.",[wC]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[_C]:"An authorization code or nativeAccountId must be provided to this flow.",[TC]:"Request cannot contain both spa code and native account id.",[uh]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[EC]:`Unable to acquire token from native platform.  ${mr}`,[SC]:"Timed out while attempting to establish connection to browser extension",[AC]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[wa]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize().  ${mr}`,[IC]:`You must call and await the initialize function before attempting to call any other MSAL API.  ${mr}`,[bC]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[kC]:"Invalid base64 encoded string.",[RC]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[OC]:"Failed to build request headers object.",[NC]:"Failed to parse response headers"};class _a extends Fe{constructor(e,t){super(e,S0[e],t),Object.setPrototypeOf(this,_a.prototype),this.name="BrowserAuthError"}}function j(r,e){return new _a(r,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const en={INTERACTION_IN_PROGRESS_VALUE:"interaction_in_progress",INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},ai={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},ho={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},Ft={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},np={GET:"GET",POST:"POST"},be={AUTHORITY:"authority",ACQUIRE_TOKEN_ACCOUNT:"acquireToken.account",SESSION_STATE:"session.state",REQUEST_STATE:"request.state",NONCE_IDTOKEN:"nonce.id_token",ORIGIN_URI:"request.origin",RENEW_STATUS:"token.renew.status",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",SCOPES:"scopes",INTERACTION_STATUS_KEY:"interaction.status",CCS_CREDENTIAL:"ccs.credential",CORRELATION_ID:"request.correlationId",NATIVE_REQUEST:"request.native",REDIRECT_CONTEXT:"request.redirect.context"},Dr={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},Is={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},xe={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var X;(function(r){r.Redirect="redirect",r.Popup="popup",r.Silent="silent",r.None="none"})(X||(X={}));const rp={scopes:pi},PC="jwk",pd="msal.db",A0=1,I0=`${pd}.keys`,Qt={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},b0=[Qt.Default,Qt.Skip,Qt.RefreshTokenAndNetwork],k0="msal.browser.log.level",R0="msal.browser.log.pii";/*! @azure/msal-browser v3.28.1 2025-01-14 */function bs(r){return encodeURIComponent(dh(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function xc(r){return MC(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function dh(r){return MC(new TextEncoder().encode(r))}function MC(r){const e=Array.from(r,t=>String.fromCodePoint(t)).join("");return btoa(e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const O0="RSASSA-PKCS1-v1_5",DC="SHA-256",N0=2048,P0=new Uint8Array([1,0,1]),op="0123456789abcdef",ip=new Uint32Array(1),M0="crypto_subtle_undefined",hh={name:O0,hash:DC,modulusLength:N0,publicExponent:P0};function D0(r){if(!window)throw j(Dc);if(!window.crypto)throw j(gd);if(!r&&!window.crypto.subtle)throw j(gd,M0)}async function xC(r,e,t){e==null||e.addQueueMeasurement(k.Sha256Digest,t);const i=new TextEncoder().encode(r);return window.crypto.subtle.digest(DC,i)}function x0(r){return window.crypto.getRandomValues(r)}function Mu(){return window.crypto.getRandomValues(ip),ip[0]}function Er(){const r=Date.now(),e=Mu()*1024+(Mu()&1023),t=new Uint8Array(16),n=Math.trunc(e/2**30),i=e&2**30-1,s=Mu();t[0]=r/2**40,t[1]=r/2**32,t[2]=r/2**24,t[3]=r/2**16,t[4]=r/2**8,t[5]=r,t[6]=112|n>>>8,t[7]=n,t[8]=128|i>>>24,t[9]=i>>>16,t[10]=i>>>8,t[11]=i,t[12]=s>>>24,t[13]=s>>>16,t[14]=s>>>8,t[15]=s;let c="";for(let d=0;d<t.length;d++)c+=op.charAt(t[d]>>>4),c+=op.charAt(t[d]&15),(d===3||d===5||d===7||d===9)&&(c+="-");return c}async function L0(r,e){return window.crypto.subtle.generateKey(hh,r,e)}async function Du(r){return window.crypto.subtle.exportKey(PC,r)}async function U0(r,e,t){return window.crypto.subtle.importKey(PC,r,hh,e,t)}async function B0(r,e){return window.crypto.subtle.sign(hh,r,e)}async function LC(r){const e=await xC(r),t=new Uint8Array(e);return xc(t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ha="storage_not_supported",vd="stubbed_public_client_application_called",hc="in_mem_redirect_unavailable";/*! @azure/msal-browser v3.28.1 2025-01-14 */const Ks={[ha]:"Given storage configuration option was not supported.",[vd]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[hc]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};Ks[ha],Ks[vd],Ks[hc];class fh extends Fe{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,fh.prototype)}}function gh(r){return new fh(r,Ks[r])}/*! @azure/msal-browser v3.28.1 2025-01-14 */function F0(r){r.location.hash="",typeof r.history.replaceState=="function"&&r.history.replaceState(null,"",`${r.location.origin}${r.location.pathname}${r.location.search}`)}function H0(r){const e=r.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function mh(){return window.parent!==window}function V0(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${en.POPUP_NAME_PREFIX}.`)===0}function yr(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function $0(){const e=new ye(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function K0(){if(ye.hashContainsKnownProperties(window.location.hash)&&mh())throw j(hC)}function z0(r){if(mh()&&!r)throw j(dC)}function W0(){if(V0())throw j(fC)}function UC(){if(typeof window>"u")throw j(Dc)}function BC(r){if(!r)throw j(IC)}function ph(r){UC(),K0(),W0(),BC(r)}function ap(r,e){if(ph(r),z0(e.system.allowRedirectInIframe),e.cache.cacheLocation===Ft.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw gh(hc)}function FC(r){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(r).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function q0(){return Er()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class fc{navigateInternal(e,t){return fc.defaultNavigateWindow(e,t)}navigateExternal(e,t){return fc.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(n=>{setTimeout(()=>{n(!0)},t.timeout)})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class G0{async sendGetRequestAsync(e,t){let n,i={},s=0;const c=sp(t);try{n=await fetch(e,{method:np.GET,headers:c})}catch{throw j(window.navigator.onLine?yC:dc)}i=cp(n.headers);try{return s=n.status,{headers:i,body:await n.json(),status:s}}catch{throw Jm(j(md),s,i)}}async sendPostRequestAsync(e,t){const n=t&&t.body||"",i=sp(t);let s,c=0,d={};try{s=await fetch(e,{method:np.POST,headers:i,body:n})}catch{throw j(window.navigator.onLine?vC:dc)}d=cp(s.headers);try{return c=s.status,{headers:d,body:await s.json(),status:c}}catch{throw Jm(j(md),c,d)}}}function sp(r){try{const e=new Headers;if(!(r&&r.headers))return e;const t=r.headers;return Object.entries(t).forEach(([n,i])=>{e.append(n,i)}),e}catch{throw j(OC)}}function cp(r){try{const e={};return r.forEach((t,n)=>{e[n]=t}),e}catch{throw j(NC)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const j0=6e4,yd=1e4,Y0=3e4,J0=2e3;function Q0({auth:r,cache:e,system:t,telemetry:n},i){const s={clientId:P.EMPTY_STRING,authority:`${P.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:P.EMPTY_STRING,authorityMetadata:P.EMPTY_STRING,redirectUri:typeof window<"u"?yr():"",postLogoutRedirectUri:P.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:_r.AAD,OIDCOptions:{serverResponseType:Ca.FRAGMENT,defaultScopes:[P.OPENID_SCOPE,P.PROFILE_SCOPE,P.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:zd.None,tenant:P.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},c={cacheLocation:Ft.SessionStorage,temporaryCacheLocation:Ft.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===Ft.LocalStorage),claimsBasedCachingEnabled:!1},d={loggerCallback:()=>{},logLevel:Me.Info,piiLoggingEnabled:!1},g={...{...Gy,loggerOptions:d,networkClient:i?new G0:g0,navigationClient:new fc,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)||j0,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)||yd,navigateFrameWait:0,redirectNavigationTimeout:Y0,asyncPopups:!1,allowRedirectInIframe:!1,allowNativeBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)||J0,pollIntervalMilliseconds:en.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)||d},p={application:{appName:P.EMPTY_STRING,appVersion:P.EMPTY_STRING},client:new y0};if((r==null?void 0:r.protocolMode)!==_r.OIDC&&(r!=null&&r.OIDCOptions)&&new Wr(g.loggerOptions).warning(JSON.stringify(Ne(Fy))),r!=null&&r.protocolMode&&r.protocolMode!==_r.AAD&&(g!=null&&g.allowNativeBroker))throw Ne(Hy);return{auth:{...s,...r,OIDCOptions:{...s.OIDCOptions,...r==null?void 0:r.OIDCOptions}},cache:{...c,...e},system:g,telemetry:{...p,...n}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const X0="@azure/msal-browser",Lc="3.28.1";/*! @azure/msal-browser v3.28.1 2025-01-14 */class vh{static loggerCallback(e,t){switch(e){case Me.Error:console.error(t);return;case Me.Info:console.info(t);return;case Me.Verbose:console.debug(t);return;case Me.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var f;this.browserEnvironment=typeof window<"u",this.config=Q0(e,this.browserEnvironment);let t;try{t=window[Ft.SessionStorage]}catch{}const n=t==null?void 0:t.getItem(k0),i=(f=t==null?void 0:t.getItem(R0))==null?void 0:f.toLowerCase(),s=i==="true"?!0:i==="false"?!1:void 0,c={...this.config.system.loggerOptions},d=n&&Object.keys(Me).includes(n)?Me[n]:void 0;d&&(c.loggerCallback=vh.loggerCallback,c.logLevel=d),s!==void 0&&(c.piiLoggingEnabled=s),this.logger=new Wr(c,X0,Lc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yo extends vh{getModuleName(){return yo.MODULE_NAME}getId(){return yo.ID}async initialize(){return this.available=typeof window<"u",this.available}}yo.MODULE_NAME="";yo.ID="StandardOperatingContext";/*! @azure/msal-browser v3.28.1 2025-01-14 */function tr(r){return new TextDecoder().decode(Z0(r))}function Z0(r){let e=r.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw j(kC)}const t=atob(e);return Uint8Array.from(t,n=>n.codePointAt(0)||0)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class eM{constructor(){this.dbName=pd,this.version=A0,this.tableName=I0,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const n=window.indexedDB.open(this.dbName,this.version);n.addEventListener("upgradeneeded",i=>{i.target.result.createObjectStore(this.tableName)}),n.addEventListener("success",i=>{const s=i;this.db=s.target.result,this.dbOpen=!0,e()}),n.addEventListener("error",()=>t(j(uh)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((n,i)=>{if(!this.db)return i(j(Xo));const d=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);d.addEventListener("success",()=>{this.closeConnection(),n()}),d.addEventListener("error",f=>{this.closeConnection(),i(f)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);c.addEventListener("success",()=>{this.closeConnection(),t()}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(j(Xo));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();s.addEventListener("success",c=>{const d=c;this.closeConnection(),e(d.target.result)}),s.addEventListener("error",c=>{this.closeConnection(),t(c)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result===1)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const n=window.indexedDB.deleteDatabase(pd),i=setTimeout(()=>t(!1),200);n.addEventListener("success",()=>(clearTimeout(i),e(!0))),n.addEventListener("blocked",()=>(clearTimeout(i),e(!0))),n.addEventListener("error",()=>(clearTimeout(i),t(!1)))})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Cd{constructor(){this.cache=new Map}getItem(e){return this.cache.get(e)||null}setItem(e,t){this.cache.set(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,n)=>{e.push(n)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class tM{constructor(e){this.inMemoryCache=new Cd,this.indexedDBCache=new eM,this.logger=e}handleDatabaseAccessError(e){if(e instanceof _a&&e.errorCode===uh)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(n){this.handleDatabaseAccessError(n)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(n){this.handleDatabaseAccessError(n)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(n){this.handleDatabaseAccessError(n)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class mi{constructor(e,t,n){this.logger=e,D0(n??!1),this.cache=new tM(this.logger),this.performanceClient=t}createNewGuid(){return Er()}base64Encode(e){return dh(e)}base64Decode(e){return tr(e)}base64UrlEncode(e){return bs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var p;const t=(p=this.performanceClient)==null?void 0:p.startMeasurement(k.CryptoOptsGetPublicKeyThumbprint,e.correlationId),n=await L0(mi.EXTRACTABLE,mi.POP_KEY_USAGES),i=await Du(n.publicKey),s={e:i.e,kty:i.kty,n:i.n},c=lp(s),d=await this.hashString(c),f=await Du(n.privateKey),g=await U0(f,!1,["sign"]);return await this.cache.setItem(d,{privateKey:g,publicKey:n.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),d}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,n,i){var V;const s=(V=this.performanceClient)==null?void 0:V.startMeasurement(k.CryptoOptsSignJwt,i),c=await this.cache.getItem(t);if(!c)throw j(lh);const d=await Du(c.publicKey),f=lp(d),g=bs(JSON.stringify({kid:t})),p=ih.getShrHeaderString({...n==null?void 0:n.header,alg:d.alg,kid:g}),w=bs(p);e.cnf={jwk:JSON.parse(f)};const C=bs(JSON.stringify(e)),S=`${w}.${C}`,b=new TextEncoder().encode(S),N=await B0(c.privateKey,b),K=xc(new Uint8Array(N)),H=`${S}.${K}`;return s&&s.end({success:!0}),H}async hashString(e){return LC(e)}}mi.POP_KEY_USAGES=["sign","verify"];mi.EXTRACTABLE=!0;function lp(r){return JSON.stringify(r,Object.keys(r).sort())}/*! @azure/msal-browser v3.28.1 2025-01-14 */class nM{constructor(){if(!window.localStorage)throw gh(ha)}getItem(e){return window.localStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}removeItem(e){window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class rM{constructor(){if(!window.sessionStorage)throw gh(ha)}getItem(e){return window.sessionStorage.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function HC(r,e){if(!e)return null;try{return Bn.parseRequestState(r,e).libraryState.meta}catch{throw U(hi)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const oM=24*60*60*1e3;class iM{getItem(e){const t=`${encodeURIComponent(e)}`,n=document.cookie.split(";");for(let i=0;i<n.length;i++){const s=n[i],[c,...d]=decodeURIComponent(s).trim().split("="),f=d.join("=");if(c===t)return f}return""}setItem(e,t,n,i=!0){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=Lax;`;if(n){const c=aM(n);s+=`expires=${c};`}i&&(s+="Secure;"),document.cookie=s}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(n=>{const i=decodeURIComponent(n).trim().split("=");t.push(i[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function aM(r){const e=new Date;return new Date(e.getTime()+r*oM).toUTCString()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class wd extends fi{constructor(e,t,n,i,s,c){super(e,n,i,s),this.cacheConfig=t,this.logger=i,this.internalStorage=new Cd,this.browserStorage=this.setupBrowserStorage(this.cacheConfig.cacheLocation),this.temporaryCacheStorage=this.setupBrowserStorage(this.cacheConfig.temporaryCacheLocation),this.cookieStorage=new iM,t.cacheMigrationEnabled&&(this.migrateCacheEntries(),this.createKeyMaps()),this.performanceClient=c}setupBrowserStorage(e){try{switch(e){case Ft.LocalStorage:return new nM;case Ft.SessionStorage:return new rM;case Ft.MemoryStorage:default:break}}catch(t){this.logger.error(t)}return this.cacheConfig.cacheLocation=Ft.MemoryStorage,new Cd}migrateCacheEntries(){const e=`${P.CACHE_PREFIX}.${st.ID_TOKEN}`,t=`${P.CACHE_PREFIX}.${st.CLIENT_INFO}`,n=`${P.CACHE_PREFIX}.${st.ERROR}`,i=`${P.CACHE_PREFIX}.${st.ERROR_DESC}`,s=this.browserStorage.getItem(e),c=this.browserStorage.getItem(t),d=this.browserStorage.getItem(n),f=this.browserStorage.getItem(i),g=[s,c,d,f];[st.ID_TOKEN,st.CLIENT_INFO,st.ERROR,st.ERROR_DESC].forEach((w,C)=>{const S=g[C];S&&this.setTemporaryCache(w,S,!0)})}createKeyMaps(){this.logger.trace("BrowserCacheManager - createKeyMaps called.");const e=this.getItem(Dr.ACCOUNT_KEYS),t=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e&&t){this.logger.verbose("BrowserCacheManager:createKeyMaps - account and token key maps already exist, skipping migration.");return}this.browserStorage.getKeys().forEach(i=>{if(this.isCredentialKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);if(c&&c.hasOwnProperty("credentialType"))switch(c.credentialType){case re.ID_TOKEN:if(Hm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - idToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - idToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ID_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching idToken schema with value containing idToken credentialType field but value failed IdTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed idToken validation on key: ${i}`);break;case re.ACCESS_TOKEN:case re.ACCESS_TOKEN_WITH_AUTH_SCHEME:if(Fm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - accessToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - accessToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ACCESS_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching accessToken schema with value containing accessToken credentialType field but value failed AccessTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed accessToken validation on key: ${i}`);break;case re.REFRESH_TOKEN:if(Vm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - refreshToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - refreshToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.REFRESH_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching refreshToken schema with value containing refreshToken credentialType field but value failed RefreshTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed refreshToken validation on key: ${i}`);break}}}if(this.isAccountKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);c&&it.isAccountEntity(c)&&(this.logger.trace("BrowserCacheManager:createKeyMaps - account found, saving key to account key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - account with key: ${i} found, saving key to account key map`),this.addAccountKeyToMap(i))}}})}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getItem(e){return this.browserStorage.getItem(e)}setItem(e,t){this.browserStorage.setItem(e,t)}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const n=this.getCachedAccountEntity(e);return this.updateOutdatedCachedAccount(e,n,t)}getCachedAccountEntity(e){const t=this.getItem(e);if(!t)return this.removeAccountKeyFromMap(e),null;const n=this.validateAndParseJson(t);return!n||!it.isAccountEntity(n)?(this.removeAccountKeyFromMap(e),null):fi.toObject(new it,n)}setAccount(e){this.logger.trace("BrowserCacheManager.setAccount called");const t=e.generateAccountKey();this.setItem(t,JSON.stringify(e)),this.addAccountKeyToMap(t)}getAccountKeys(){this.logger.trace("BrowserCacheManager.getAccountKeys called");const e=this.getItem(Dr.ACCOUNT_KEYS);return e?JSON.parse(e):(this.logger.verbose("BrowserCacheManager.getAccountKeys - No account keys found"),[])}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();t.indexOf(e)===-1?(t.push(e),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added")):this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map")}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),n=t.indexOf(e);n>-1?(t.splice(n,1),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}removeOutdatedAccount(e){this.removeItem(e),this.removeAccountKeyFromMap(e)}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,re.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,re.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,re.REFRESH_TOKEN)}getTokenKeys(){this.logger.trace("BrowserCacheManager.getTokenKeys called");const e=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e){const t=this.validateAndParseJson(e);if(t&&t.hasOwnProperty("idToken")&&t.hasOwnProperty("accessToken")&&t.hasOwnProperty("refreshToken"))return t;this.logger.error("BrowserCacheManager.getTokenKeys - Token keys found but in an unknown format. Returning empty key map.")}else this.logger.verbose("BrowserCacheManager.getTokenKeys - No token keys found");return{idToken:[],accessToken:[],refreshToken:[]}}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:n.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),n.idToken.push(e));break;case re.ACCESS_TOKEN:n.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),n.accessToken.push(e));break;case re.REFRESH_TOKEN:n.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),n.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(cd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const i=n.idToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),n.idToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case re.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const s=n.accessToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),n.accessToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case re.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const c=n.refreshToken.indexOf(e);c>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),n.refreshToken.splice(c,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(cd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}getIdTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Hm(n)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n)}setIdTokenCredential(e){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ID_TOKEN)}getAccessTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Fm(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n)}setAccessTokenCredential(e){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Vm(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n)}setRefreshTokenCredential(e){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.REFRESH_TOKEN)}getAppMetadata(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!QN(e,n)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),n)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=JN(e);this.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!jN(e,n)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),n)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return n&&XN(e,n)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(Is.WRAPPER_SKU,e),this.internalStorage.setItem(Is.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(Is.WRAPPER_SKU)||P.EMPTY_STRING,t=this.internalStorage.getItem(Is.WRAPPER_VER)||P.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),t=this.getItem(e);if(!t){this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters cache schema found, looking for legacy schema");const i=this.generateCacheKey(st.ACTIVE_ACCOUNT),s=this.getItem(i);if(!s)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null;const c=this.getAccountInfoFilteredBy({localAccountId:s});return c?(this.logger.trace("BrowserCacheManager.getActiveAccount: Legacy active account cache schema found"),this.logger.trace("BrowserCacheManager.getActiveAccount: Adding active account filters cache schema"),this.setActiveAccount(c),c):null}const n=this.validateAndParseJson(t);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),n=this.generateCacheKey(st.ACTIVE_ACCOUNT);if(e){this.logger.verbose("setActiveAccount: Active account set");const i={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(i)),this.browserStorage.setItem(n,e.localAccountId)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t),this.browserStorage.removeItem(n)}getThrottlingCache(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!YN(e,n)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),n)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const n=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const s=this.cookieStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),s}const i=this.temporaryCacheStorage.getItem(n);if(!i){if(this.cacheConfig.cacheLocation===Ft.LocalStorage){const s=this.browserStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),s}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),i}setTemporaryCache(e,t,n){const i=n?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(i,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(i,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(k.ClearTokensAndKeysWithClaims,t);const n=this.getTokenKeys(),i=[];n.accessToken.forEach(s=>{const c=this.getAccessTokenCredential(s);c!=null&&c.requestedClaimsHash&&s.includes(c.requestedClaimsHash.toLowerCase())&&i.push(this.removeAccessToken(s))}),await Promise.all(i),i.length>0&&this.logger.warning(`${i.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):Un.startsWith(e,P.CACHE_PREFIX)||Un.startsWith(e,st.ADAL_ID_TOKEN)?e:`${P.CACHE_PREFIX}.${this.clientId}.${e}`}generateAuthorityKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.AUTHORITY}.${t}`)}generateNonceKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.NONCE_IDTOKEN}.${t}`)}generateStateKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.REQUEST_STATE}.${t}`)}getCachedAuthority(e){const t=this.generateStateKey(e),n=this.getTemporaryCache(t);if(!n)return null;const i=this.generateAuthorityKey(n);return this.getTemporaryCache(i)}updateCacheEntries(e,t,n,i,s){this.logger.trace("BrowserCacheManager.updateCacheEntries called");const c=this.generateStateKey(e);this.setTemporaryCache(c,e,!1);const d=this.generateNonceKey(e);this.setTemporaryCache(d,t,!1);const f=this.generateAuthorityKey(e);if(this.setTemporaryCache(f,n,!1),s){const g={credential:s.homeAccountId,type:on.HOME_ACCOUNT_ID};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}else if(i){const g={credential:i,type:on.UPN};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}}resetRequestCache(e){this.logger.trace("BrowserCacheManager.resetRequestCache called"),e&&(this.temporaryCacheStorage.getKeys().forEach(t=>{t.indexOf(e)!==-1&&this.removeTemporaryItem(t)}),this.removeTemporaryItem(this.generateStateKey(e)),this.removeTemporaryItem(this.generateNonceKey(e)),this.removeTemporaryItem(this.generateAuthorityKey(e))),this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(be.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(be.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(be.CORRELATION_ID)),this.removeTemporaryItem(this.generateCacheKey(be.CCS_CREDENTIAL)),this.removeTemporaryItem(this.generateCacheKey(be.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cleanRequestByState(e){if(this.logger.trace("BrowserCacheManager.cleanRequestByState called"),e){const t=this.generateStateKey(e),n=this.temporaryCacheStorage.getItem(t);this.logger.infoPii(`BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n||P.EMPTY_STRING)}}cleanRequestByInteractionType(e){this.logger.trace("BrowserCacheManager.cleanRequestByInteractionType called"),this.temporaryCacheStorage.getKeys().forEach(t=>{if(t.indexOf(be.REQUEST_STATE)===-1)return;const n=this.temporaryCacheStorage.getItem(t);if(!n)return;const i=HC(this.cryptoImpl,n);i&&i.interactionType===e&&(this.logger.infoPii(`BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n))}),this.setInteractionInProgress(!1)}cacheCodeRequest(e){this.logger.trace("BrowserCacheManager.cacheCodeRequest called");const t=dh(JSON.stringify(e));this.setTemporaryCache(be.REQUEST_PARAMS,t,!0)}getCachedRequest(e){this.logger.trace("BrowserCacheManager.getCachedRequest called");const t=this.getTemporaryCache(be.REQUEST_PARAMS,!0);if(!t)throw j(mC);let n;try{n=JSON.parse(tr(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${t}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),j(pC)}if(this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),!n.authority){const i=this.generateAuthorityKey(e),s=this.getTemporaryCache(i);if(!s)throw j(ch);n.authority=s}return n}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(be.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw j(sC);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}getLegacyLoginHint(){const e=this.getTemporaryCache(st.ADAL_ID_TOKEN);e&&(this.browserStorage.removeItem(st.ADAL_ID_TOKEN),this.logger.verbose("Cached ADAL id token retrieved."));const t=this.getTemporaryCache(st.ID_TOKEN,!0);t&&(this.browserStorage.removeItem(this.generateCacheKey(st.ID_TOKEN)),this.logger.verbose("Cached MSAL.js v1 id token retrieved"));const n=t||e;if(n){const i=wo(n,tr);if(i.preferred_username)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 preferred_username as loginHint"),i.preferred_username;if(i.upn)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 upn as loginHint"),i.upn;this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, however, no account hint claim found. Enable preferred_username or upn id token claim to get SSO.")}return null}updateCredentialCacheKey(e,t){const n=oi(t);if(e!==n){const i=this.getItem(e);if(i)return this.browserStorage.removeItem(e),this.setItem(n,i),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),n;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}async hydrateCache(e,t){var d,f,g;const n=Ic((d=e.account)==null?void 0:d.homeAccountId,(f=e.account)==null?void 0:f.environment,e.idToken,this.clientId,e.tenantId);let i;t.claims&&(i=await this.cryptoImpl.hashString(t.claims));const s=bc((g=e.account)==null?void 0:g.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?e.expiresOn.getTime()/1e3:0,e.extExpiresOn?e.extExpiresOn.getTime()/1e3:0,tr,void 0,e.tokenType,void 0,t.sshKid,t.claims,i),c={idToken:n,accessToken:s};return this.saveCacheRecord(c)}async saveCacheRecord(e,t,n){try{await super.saveCacheRecord(e,t,n)}catch(i){if(i instanceof ci&&this.performanceClient&&n)try{const s=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:s.refreshToken.length,cacheIdCount:s.idToken.length,cacheAtCount:s.accessToken.length},n)}catch{}throw i}}}const sM=(r,e)=>{const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new wd(r,t,ic,e)};/*! @azure/msal-browser v3.28.1 2025-01-14 */function cM(r,e,t,n){return r.verbose("getAllAccounts called"),t?e.getAllAccounts(n):[]}function lM(r,e,t){if(e.trace("getAccount called"),Object.keys(r).length===0)return e.warning("getAccount: No accountFilter provided"),null;const n=t.getAccountInfoFilteredBy(r);return n?(e.verbose("getAccount: Account matching provided filter found, returning"),n):(e.verbose("getAccount: No matching account found, returning null"),null)}function uM(r,e,t){if(e.trace("getAccountByUsername called"),!r)return e.warning("getAccountByUsername: No username provided"),null;const n=t.getAccountInfoFilteredBy({username:r});return n?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${r}`),n):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function dM(r,e,t){if(e.trace("getAccountByHomeId called"),!r)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const n=t.getAccountInfoFilteredBy({homeAccountId:r});return n?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${r}`),n):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function hM(r,e,t){if(e.trace("getAccountByLocalId called"),!r)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const n=t.getAccountInfoFilteredBy({localAccountId:r});return n?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${r}`),n):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function fM(r,e){e.setActiveAccount(r)}function gM(r){return r.getActiveAccount()}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ne={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/*! @azure/msal-browser v3.28.1 2025-01-14 */class mM{constructor(e){this.eventCallbacks=new Map,this.logger=e||new Wr({})}addEventCallback(e,t,n){if(typeof window<"u"){const i=n||q0();return this.eventCallbacks.has(i)?(this.logger.error(`Event callback with id: ${i} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(i,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${i}`),i)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,n,i){if(typeof window<"u"){const s={eventType:e,interactionType:t||null,payload:n||null,error:i||null,timestamp:Date.now()};this.eventCallbacks.forEach(([c,d],f)=>{(d.length===0||d.includes(e))&&(this.logger.verbose(`Emitting event to callback ${f}: ${e}`),c.apply(null,[s]))})}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VC{constructor(e,t,n,i,s,c,d,f,g){this.config=e,this.browserStorage=t,this.browserCrypto=n,this.networkClient=this.config.system.networkClient,this.eventHandler=s,this.navigationClient=c,this.nativeMessageHandler=f,this.correlationId=g||Er(),this.logger=i.clone(en.MSAL_SKU,Lc,this.correlationId),this.performanceClient=d}async clearCacheOnLogout(e){if(e){it.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(it.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return ye.getAbsoluteUrl(t,yr())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const n={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new da(n,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,n=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const i={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},s=e.requestAuthority||this.config.auth.authority,c=n!=null&&n.length?n==="true":this.config.auth.instanceAware,d=t&&c?this.config.auth.authority.replace(ye.getDomainFromUrl(s),t.environment):s,f=Tt.generateAuthority(d,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),g=await B(Jy,k.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(f,this.config.system.networkClient,this.browserStorage,i,this.logger,this.correlationId,this.performanceClient);if(t&&!g.isAlias(t.environment))throw Ne(Vy);return g}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const pM=32;async function vM(r,e,t){r.addQueueMeasurement(k.GeneratePkceCodes,t);const n=_o(yM,k.GenerateCodeVerifier,e,r,t)(r,e,t),i=await B(CM,k.GenerateCodeChallengeFromVerifier,e,r,t)(n,r,e,t);return{verifier:n,challenge:i}}function yM(r,e,t){try{const n=new Uint8Array(pM);return _o(x0,k.GetRandomValues,e,r,t)(n),xc(n)}catch{throw j(ah)}}async function CM(r,e,t,n){e.addQueueMeasurement(k.GenerateCodeChallengeFromVerifier,n);try{const i=await B(xC,k.Sha256Digest,t,e,n)(r,e,n);return xc(new Uint8Array(i))}catch{throw j(ah)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function yh(r,e,t,n){t.addQueueMeasurement(k.InitializeBaseRequest,r.correlationId);const i=r.authority||e.auth.authority,s=[...r&&r.scopes||[]],c={...r,correlationId:r.correlationId,authority:i,scopes:s};if(!c.authenticationScheme)c.authenticationScheme=Re.BEARER,n.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(c.authenticationScheme===Re.SSH){if(!r.sshJwk)throw Ne(kc);if(!r.sshKid)throw Ne(By)}n.verbose(`Authentication Scheme set to "${c.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&r.claims&&!Un.isEmptyObj(r.claims)&&(c.requestedClaimsHash=await LC(r.claims)),c}async function wM(r,e,t,n,i){n.addQueueMeasurement(k.InitializeSilentRequest,r.correlationId);const s=await B(yh,k.InitializeBaseRequest,i,n,r.correlationId)(r,t,n,i);return{...r,...s,account:e,forceRefresh:r.forceRefresh||!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vi extends VC{async initializeAuthorizationCodeRequest(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.correlationId);const t=await B(vM,k.GeneratePkceCodes,this.logger,this.performanceClient,this.correlationId)(this.performanceClient,this.logger,this.correlationId),n={...e,redirectUri:e.redirectUri,code:P.EMPTY_STRING,codeVerifier:t.verifier};return e.codeChallenge=t.challenge,e.codeChallengeMethod=P.S256_CODE_CHALLENGE_METHOD,n}initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId||Er(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const n=this.getLogoutHintFromIdTokenClaims(e.account);n&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=n)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e||e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(e.postLogoutRedirectUri,yr())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,yr())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(yr(),yr())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Zy(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}=e;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetClientConfiguration,this.correlationId);const d=await B(this.getDiscoveredAuthority.bind(this),k.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}),f=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:d,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:f.loggerCallback,piiLoggingEnabled:f.piiLoggingEnabled,logLevel:f.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:en.MSAL_SKU,version:Lc,cpu:P.EMPTY_STRING,os:P.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),i={interactionType:t},s=Bn.setRequestState(this.browserCrypto,e&&e.state||P.EMPTY_STRING,i),d={...await B(yh,k.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:s,nonce:e.nonce||Er(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint||e.sid)return d;const f=e.account||this.browserStorage.getActiveAccount();if(f&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${f.homeAccountId}`,this.correlationId),d.account=f),!d.loginHint&&!f){const g=this.browserStorage.getLegacyLoginHint();g&&(d.loginHint=g)}return d}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const _M="ContentError",$C="user_switch";/*! @azure/msal-browser v3.28.1 2025-01-14 */const TM="USER_INTERACTION_REQUIRED",EM="USER_CANCEL",SM="NO_NETWORK",AM="PERSISTENT_ERROR",IM="DISABLED",bM="ACCOUNT_UNAVAILABLE";/*! @azure/msal-browser v3.28.1 2025-01-14 */const kM=-2147186943,RM={[$C]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Jn extends Fe{constructor(e,t,n){super(e,t),Object.setPrototypeOf(this,Jn.prototype),this.name="NativeAuthError",this.ext=n}}function Zo(r){if(r.ext&&r.ext.status&&(r.ext.status===AM||r.ext.status===IM)||r.ext&&r.ext.error&&r.ext.error===kM)return!0;switch(r.errorCode){case _M:return!0;default:return!1}}function _d(r,e,t){if(t&&t.status)switch(t.status){case bM:return hd(Qy);case TM:return new Fn(r,e);case EM:return j(vo);case SM:return j(dc)}return new Jn(r,RM[r]||e,t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class KC extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),n=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),i=new f0(n,this.performanceClient);this.logger.verbose("Silent auth client created");try{const c=(await B(i.acquireCachedToken.bind(i),k.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),c}catch(s){throw s instanceof _a&&s.errorCode===lh&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),s}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class li extends VC{constructor(e,t,n,i,s,c,d,f,g,p,w,C){var T;super(e,t,n,i,s,c,f,g,C),this.apiId=d,this.accountId=p,this.nativeMessageHandler=g,this.nativeStorageManager=w,this.silentCacheClient=new KC(e,this.nativeStorageManager,n,i,s,c,f,g,C),this.serverTelemetryManager=this.initializeServerTelemetryManager(this.apiId);const S=this.nativeMessageHandler.getExtensionId()===ai.PREFERRED_EXTENSION_ID?"chrome":(T=this.nativeMessageHandler.getExtensionId())!=null&&T.length?"unknown":void 0;this.skus=da.makeExtraSkuString({libraryName:en.MSAL_SKU,libraryVersion:Lc,extensionName:S,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[JP]:this.skus}}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const t=this.performanceClient.startMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),n=rr();try{const i=await this.initializeNativeRequest(e);try{const g=await this.acquireTokensFromCache(this.accountId,i);return t.end({success:!0,isNativeBroker:!1,fromCache:!0}),g}catch{this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...s}=i,c={method:ho.GetToken,request:s},d=await this.nativeMessageHandler.sendMessage(c),f=this.validateNativeResponse(d);return await this.handleNativeResponse(f,i,n).then(g=>(t.end({success:!0,isNativeBroker:!0,requestId:g.requestId}),this.serverTelemetryManager.clearNativeBrokerErrorCode(),g)).catch(g=>{throw t.end({success:!1,errorCode:g.errorCode,subErrorCode:g.subError,isNativeBroker:!0}),g})}catch(i){throw i instanceof Jn&&this.serverTelemetryManager.setNativeBrokerErrorCode(i.errorCode),i}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Ye.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),U(ad);const n=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!n)throw U(ad);try{const i=this.createSilentCacheRequest(t,n),s=await this.silentCacheClient.acquireToken(i),c={...n,idTokenClaims:s==null?void 0:s.idTokenClaims,idToken:s==null?void 0:s.idToken};return{...s,account:c}}catch(i){throw i}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...n}=e;delete n.onRedirectNavigate;const i=await this.initializeNativeRequest(n),s={method:ho.GetToken,request:i};try{const f=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(f)}catch(f){if(f instanceof Jn&&(this.serverTelemetryManager.setNativeBrokerErrorCode(f.errorCode),Zo(f)))throw f}this.browserStorage.setTemporaryCache(be.NATIVE_REQUEST,JSON.stringify(i),!0);const c={apiId:xe.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(d,c)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const n=this.browserStorage.getCachedNativeRequest();if(!n)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null||e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:i,...s}=n;i&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.NATIVE_REQUEST));const c={method:ho.GetToken,request:s},d=rr();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const f=await this.nativeMessageHandler.sendMessage(c);this.validateNativeResponse(f);const g=this.handleNativeResponse(f,s,d);this.browserStorage.setInteractionInProgress(!1);const p=await g;return this.serverTelemetryManager.clearNativeBrokerErrorCode(),p}catch(f){throw this.browserStorage.setInteractionInProgress(!1),f}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,n){var p;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const i=wo(e.id_token,tr),s=this.createHomeAccountIdentifier(e,i),c=(p=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:p.homeAccountId;if(s!==c&&e.account.id!==t.accountId)throw _d($C);const d=await this.getDiscoveredAuthority({requestAuthority:t.authority}),f=rh(this.browserStorage,d,s,tr,i,e.client_info,void 0,i.tid,void 0,e.account.id,this.logger),g=await this.generateAuthenticationResult(e,t,i,f,d.canonicalAuthority,n);return this.cacheAccount(f),this.cacheNativeTokens(e,t,s,i,e.access_token,g.tenantId,n),g}createHomeAccountIdentifier(e,t){return it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,Dn.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===Re.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const n=new gi(this.browserCrypto),i={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw U($d);return n.signPopToken(e.access_token,t.keyId,i)}else return e.access_token}async generateAuthenticationResult(e,t,n,i,s,c){const d=this.addTelemetryFromNativeResponse(e),f=e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope),g=e.account.properties||{},p=g.UID||n.oid||n.sub||P.EMPTY_STRING,w=g.TenantId||n.tid||P.EMPTY_STRING,C=Qd(i.getAccountInfo(),void 0,n,e.id_token);C.nativeAccountId!==e.account.id&&(C.nativeAccountId=e.account.id);const S=await this.generatePopAccessToken(e,t),T=t.tokenType===Re.POP?Re.POP:Re.BEARER;return{authority:s,uniqueId:p,tenantId:w,scopes:f.asArray(),account:C,idToken:e.id_token,idTokenClaims:n,accessToken:S,fromCache:d?this.isResponseFromCache(d):!1,expiresOn:new Date(Number(c+e.expires_in)*1e3),tokenType:T,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}cacheAccount(e){this.browserStorage.setAccount(e),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,n,i,s,c,d){const f=Ic(n,t.authority,e.id_token||"",t.clientId,i.tid||""),g=t.tokenType===Re.POP?P.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,p=d+g,w=this.generateScopes(e,t),C=bc(n,t.authority,s,t.clientId,i.tid||c,w.printScopes(),p,0,tr,void 0,t.tokenType,void 0,t.keyId),S={idToken:f,accessToken:C};this.nativeStorageManager.saveCacheRecord(S,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw sy(Ld,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const n=new ye(t);n.validateAsUri();const{scopes:i,...s}=e,c=new Ye(i||[]);c.appendScopes(pi);const d=()=>{switch(this.apiId){case xe.ssoSilent:case xe.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),lt.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),j(bC)}},f={...s,accountId:this.accountId,clientId:this.config.auth.clientId,authority:n.urlString,scope:c.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:d(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(f.signPopToken&&e.popKid)throw j(RC);if(this.handleExtraBrokerParams(f),f.extraParameters=f.extraParameters||{},f.extraParameters.telemetry=ai.MATS_TELEMETRY,e.authenticationScheme===Re.POP){const g={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},p=new gi(this.browserCrypto);let w;if(f.keyId)w=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:f.keyId})),f.signPopToken=!1;else{const C=await B(p.generateCnf.bind(p),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(g,this.logger);w=C.reqCnfString,f.keyId=C.kid,f.signPopToken=!0}f.reqCnf=w}return this.addRequestSKUs(f),f}handleExtraBrokerParams(e){var s;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(eh)&&e.extraParameters.hasOwnProperty(dd)&&e.extraParameters.hasOwnProperty(mo);if(!e.embeddedClientId&&!t)return;let n="";const i=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,n=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[dd],n=e.extraParameters[mo]),e.extraParameters={child_client_id:n,child_redirect_uri:i},(s=this.performanceClient)==null||s.addFields({embeddedClientId:n,embeddedRedirectUri:i},e.correlationId)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Qn{constructor(e,t,n,i){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=i,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=n,this.handshakeEvent=n.startMeasurement(k.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((n,i)=>{this.resolvers.set(t.responseId,{resolve:n,reject:i})})}static async createProvider(e,t,n){e.trace("NativeMessageHandler - createProvider called.");try{const i=new Qn(e,t,n,ai.PREFERRED_EXTENSION_ID);return await i.sendHandshakeRequest(),i}catch{const s=new Qn(e,t,n);return await s.sendHandshakeRequest(),s}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:{method:ho.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,n)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:n}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),n(j(SC)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel||t.channel!==ai.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===ho.HandshakeRequest){const n=this.handshakeResolvers.get(t.responseId);if(!n){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),n.reject(j(AC))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,n=this.resolvers.get(t.responseId),i=this.handshakeResolvers.get(t.responseId);try{const s=t.body.method;if(s===ho.Response){if(!n)return;const c=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(c)}`),c.status!=="Success")n.reject(_d(c.code,c.description,c.ext));else if(c.result)c.result.code&&c.result.description?n.reject(_d(c.result.code,c.result.description,c.result.ext)):n.resolve(c.result);else throw sy(Ld,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(s===ho.HandshakeResponse){if(!i){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),i.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(s){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${s}`),this.logger.errorPii(`Unable to parse ${e}`),n?n.reject(s):i&&i.reject(s)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isNativeAvailable(e,t,n,i){if(t.trace("isNativeAvailable called"),!e.system.allowNativeBroker)return t.trace("isNativeAvailable: allowNativeBroker is not enabled, returning false"),!1;if(!n)return t.trace("isNativeAvailable: WAM extension provider is not initialized, returning false"),!1;if(i)switch(i){case Re.BEARER:case Re.POP:return t.trace("isNativeAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isNativeAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Ch{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(k.HandleCodeResponse,t.correlationId);let n;try{n=this.authModule.handleFragmentResponse(e,t.state)}catch(i){throw i instanceof qr&&i.subError===vo?j(vo):i}return B(this.handleCodeResponseFromServer.bind(this),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(n,t)}async handleCodeResponseFromServer(e,t,n=!0){if(this.performanceClient.addQueueMeasurement(k.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const s=this.createCcsCredentials(t);s&&(this.authCodeRequest.ccsCredential=s)}return await B(this.authModule.acquireToken.bind(this.authModule),k.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:on.UPN}:null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function zC(r,e,t){const n=cc(r);if(!n)throw Ky(r)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${r}`),j(oC)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),j(rC));return n}function OM(r,e,t){if(!r.state)throw j(sh);const n=HC(e,r.state);if(!n)throw j(iC);if(n.interactionType!==t)throw j(aC)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class NM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=f}acquireToken(e){try{const n={popupName:this.generatePopupName(e.scopes||pi,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window};return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,n)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),n.popup=this.openSizedPopup("about:blank",n),this.acquireTokenPopupAsync(e,n))}catch(t){return Promise.reject(t)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),n={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)||{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},i=e&&e.authority,s=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,n,i,s)):(this.logger.verbose("asyncPopup set to false, opening popup"),n.popup=this.openSizedPopup("about:blank",n),this.logoutPopupAsync(t,n,i,s))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t){var s;this.logger.verbose("acquireTokenPopupAsync called");const n=this.initializeServerTelemetryManager(xe.acquireTokenPopup),i=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Popup);FC(i.authority);try{const c=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(i),d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),f=Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);let g;f&&(g=this.performanceClient.startMeasurement(k.FetchAccountIdWithNativeBroker,e.correlationId));const p=await d.getAuthCodeUrl({...i,nativeBroker:f}),w=new Ch(d,this.browserStorage,c,this.logger,this.performanceClient),C=this.initiateAuthRequest(p,t);this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null);const S=await this.monitorPopupForHash(C,t.popupWindowParent),T=_o(zC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(S,this.config.auth.OIDCOptions.serverResponseType,this.logger);if(Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,c),T.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),g&&g.end({success:!0,isNativeBroker:!0}),!this.nativeMessageHandler)throw j(wa);const N=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,T.accountId,this.nativeStorage,i.correlationId),{userRequestState:K}=Bn.parseRequestState(this.browserCrypto,i.state);return await N.acquireToken({...i,state:K,prompt:void 0})}return await w.handleCodeResponse(T,i)}catch(c){throw(s=t.popup)==null||s.close(),c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),c}}async logoutPopupAsync(e,t,n,i){var c,d,f,g;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(ne.LOGOUT_START,X.Popup,e);const s=this.initializeServerTelemetryManager(xe.logoutPopup);try{await this.clearCacheOnLogout(e.account);const p=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:s,requestAuthority:n,account:e.account||void 0});try{p.authority.endSessionEndpoint}catch{if((c=e.account)!=null&&c.homeAccountId&&e.postLogoutRedirectUri&&p.authority.protocolMode===_r.OIDC){if(this.browserStorage.removeAccount((d=e.account)==null?void 0:d.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());await this.navigationClient.navigateInternal(T,S)}(f=t.popup)==null||f.close();return}}const w=p.getLogoutUri(e);this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e);const C=this.openPopup(w,t);if(this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null),await this.monitorPopupForHash(C,t.popupWindowParent).catch(()=>{}),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${T}`),await this.navigationClient.navigateInternal(T,S)}else this.logger.verbose("No main window navigation requested")}catch(p){throw(g=t.popup)==null||g.close(),p instanceof Fe&&(p.setCorrelationId(this.correlationId),s.cacheFailedRequest(p)),this.browserStorage.setInteractionInProgress(!1),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Popup,null,p),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup),p}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),j(Pc)}monitorPopupForHash(e,t){return new Promise((n,i)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const s=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(s),i(j(vo));return}let c="";try{c=e.location.href}catch{}if(!c||c==="about:blank")return;clearInterval(s);let d="";const f=this.config.auth.OIDCOptions.serverResponseType;e&&(f===Ca.QUERY?d=e.location.search:d=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),n(d)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let n;if(t.popup?(n=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),n.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),n=this.openSizedPopup(e,t)),!n)throw j(lC);return n.focus&&n.focus(),this.currentWindow=n,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),n}catch(n){throw this.logger.error("error opening popup "+n.message),this.browserStorage.setInteractionInProgress(!1),j(cC)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:n,popupWindowParent:i}){var S,T,b,N;const s=i.screenLeft?i.screenLeft:i.screenX,c=i.screenTop?i.screenTop:i.screenY,d=i.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,f=i.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let g=(S=n.popupSize)==null?void 0:S.width,p=(T=n.popupSize)==null?void 0:T.height,w=(b=n.popupPosition)==null?void 0:b.top,C=(N=n.popupPosition)==null?void 0:N.left;return(!g||g<0||g>d)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),g=en.POPUP_WIDTH),(!p||p<0||p>f)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),p=en.POPUP_HEIGHT),(!w||w<0||w>f)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),w=Math.max(0,f/2-en.POPUP_HEIGHT/2+c)),(!C||C<0||C>d)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),C=Math.max(0,d/2-en.POPUP_WIDTH/2+s)),i.open(e,t,`width=${g}, height=${p}, top=${w}, left=${C}, scrollbars=yes`)}unloadWindow(e){this.browserStorage.cleanRequestByInteractionType(X.Popup),this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow),this.browserStorage.setInteractionInProgress(!1)}generatePopupName(e,t){return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class up{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){t.redirectStartPage&&(this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page"),this.browserStorage.setTemporaryCache(be.ORIGIN_URI,t.redirectStartPage,!0)),this.browserStorage.setTemporaryCache(be.CORRELATION_ID,this.authCodeRequest.correlationId,!0),this.browserStorage.cacheCodeRequest(this.authCodeRequest),this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const n={apiId:xe.acquireTokenRedirect,timeout:t.redirectTimeout,noHistory:!1};if(typeof t.onRedirectNavigate=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),t.onRedirectNavigate(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await t.navigationClient.navigateExternal(e,n);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await t.navigationClient.navigateExternal(e,n);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),j(Pc)}async handleCodeResponse(e,t){this.logger.verbose("RedirectHandler.handleCodeResponse called"),this.browserStorage.setInteractionInProgress(!1);const n=this.browserStorage.generateStateKey(t),i=this.browserStorage.getTemporaryCache(n);if(!i)throw U(oc,"Cached State");let s;try{s=this.authModule.handleFragmentResponse(e,i)}catch(g){throw g instanceof qr&&g.subError===vo?j(vo):g}const c=this.browserStorage.generateNonceKey(i),d=this.browserStorage.getTemporaryCache(c);if(this.authCodeRequest.code=s.code,s.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,this.authCodeRequest.correlationId)(s.cloud_instance_host_name,this.authCodeRequest.correlationId),s.nonce=d||void 0,s.state=i,s.client_info)this.authCodeRequest.clientInfo=s.client_info;else{const g=this.checkCcsCredentials();g&&(this.authCodeRequest.ccsCredential=g)}const f=await this.authModule.acquireToken(this.authCodeRequest,s);return this.browserStorage.cleanRequestByState(t),f}checkCcsCredentials(){const e=this.browserStorage.getTemporaryCache(be.CCS_CREDENTIAL,!0);if(e)try{return JSON.parse(e)}catch{this.authModule.logger.error("Cache credential could not be parsed"),this.authModule.logger.errorPii(`Cache credential could not be parsed: ${e}`)}return null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function PM(){if(typeof window>"u"||typeof window.performance>"u"||typeof window.performance.getEntriesByType!="function")return;const r=window.performance.getEntriesByType("navigation"),e=r.length?r[0]:void 0;return e==null?void 0:e.type}class MM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.nativeStorage=f}async acquireToken(e){const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Redirect);this.browserStorage.updateCacheEntries(t.state,t.nonce,t.authority,t.loginHint||"",t.account||null);const n=this.initializeServerTelemetryManager(xe.acquireTokenRedirect),i=s=>{s.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.cleanRequestByState(t.state),this.eventHandler.emitEvent(ne.RESTORE_FROM_BFCACHE,X.Redirect))};try{const s=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(t),c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),d=new up(c,this.browserStorage,s,this.logger,this.performanceClient),f=await c.getAuthCodeUrl({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme)}),g=this.getRedirectStartPage(e.redirectStartPage);return this.logger.verbosePii(`Redirect start page: ${g}`),window.addEventListener("pageshow",i),await d.initiateAuthRequest(f,{navigationClient:this.navigationClient,redirectTimeout:this.config.system.redirectNavigationTimeout,redirectStartPage:g,onRedirectNavigate:e.onRedirectNavigate||this.config.auth.onRedirectNavigate})}catch(s){throw s instanceof Fe&&(s.setCorrelationId(this.correlationId),n.cacheFailedRequest(s)),window.removeEventListener("pageshow",i),this.browserStorage.cleanRequestByState(t.state),s}}async handleRedirectPromise(e="",t){const n=this.initializeServerTelemetryManager(xe.handleRedirectPromise);try{if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const[i,s]=this.getRedirectResponse(e||"");if(!i)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.cleanRequestByInteractionType(X.Redirect),PM()!=="back_forward"?t.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(be.ORIGIN_URI,!0)||P.EMPTY_STRING,d=ye.removeHashFromUrl(c),f=ye.removeHashFromUrl(window.location.href);if(d===f&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&H0(c),await this.handleResponse(i,n);if(this.config.auth.navigateToLoginRequestUrl){if(!mh()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(be.URL_HASH,s,!0);const g={apiId:xe.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c||c==="null"){const w=$0();this.browserStorage.setTemporaryCache(be.ORIGIN_URI,w,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(w,g)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,g);if(!p)return await this.handleResponse(i,n)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(i,n);return null}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),this.browserStorage.cleanRequestByInteractionType(X.Redirect),i}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t||(this.config.auth.OIDCOptions.serverResponseType===Ca.QUERY?t=window.location.search:t=window.location.hash);let n=cc(t);if(n){try{OM(n,this.browserCrypto,X.Redirect)}catch(s){return s instanceof Fe&&this.logger.error(`Interaction type validation failed due to ${s.errorCode}: ${s.errorMessage}`),[null,""]}return F0(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,t]}const i=this.browserStorage.getTemporaryCache(be.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.URL_HASH)),i&&(n=cc(i),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,i]):[null,""]}async handleResponse(e,t){const n=e.state;if(!n)throw j(sh);const i=this.browserStorage.getCachedRequest(n);if(this.logger.verbose("handleResponse called, retrieved cached request"),e.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(wa);const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,e.accountId,this.nativeStorage,i.correlationId),{userRequestState:g}=Bn.parseRequestState(this.browserCrypto,n);return f.acquireToken({...i,state:g,prompt:void 0}).finally(()=>{this.browserStorage.cleanRequestByState(n)})}const s=this.browserStorage.getCachedAuthority(n);if(!s)throw j(ch);const c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:s});return Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,i),new up(c,this.browserStorage,i,this.logger,this.performanceClient).handleCodeResponse(e,n)}async logout(e){var i,s;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),n=this.initializeServerTelemetryManager(xe.logout);try{this.eventHandler.emitEvent(ne.LOGOUT_START,X.Redirect,e),await this.clearCacheOnLogout(t.account);const c={apiId:xe.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account||void 0});if(d.authority.protocolMode===_r.OIDC)try{d.authority.endSessionEndpoint}catch{if((i=t.account)!=null&&i.homeAccountId){this.browserStorage.removeAccount((s=t.account)==null?void 0:s.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t);return}}const f=d.getLogoutUri(t);if(this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(f)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}}catch(c){throw c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Redirect,null,c),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect),c}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return ye.getAbsoluteUrl(t,yr())}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function DM(r,e,t,n,i){if(e.addQueueMeasurement(k.SilentHandlerInitiateAuthRequest,n),!r)throw t.info("Navigate url is empty"),j(Pc);return i?B(LM,k.SilentHandlerLoadFrame,t,e,n)(r,i,e,n):_o(UM,k.SilentHandlerLoadFrameSync,t,e,n)(r)}async function xM(r,e,t,n,i,s,c){return n.addQueueMeasurement(k.SilentHandlerMonitorIframeForHash,s),new Promise((d,f)=>{e<yd&&i.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${yd}ms). This may result in timeouts.`);const g=window.setTimeout(()=>{window.clearInterval(p),f(j(uC))},e),p=window.setInterval(()=>{let w="";const C=r.contentWindow;try{w=C?C.location.href:""}catch{}if(!w||w==="about:blank")return;let S="";C&&(c===Ca.QUERY?S=C.location.search:S=C.location.hash),window.clearTimeout(g),window.clearInterval(p),d(S)},t)}).finally(()=>{_o(BM,k.RemoveHiddenIframe,i,n,s)(r)})}function LM(r,e,t,n){return t.addQueueMeasurement(k.SilentHandlerLoadFrame,n),new Promise((i,s)=>{const c=WC();window.setTimeout(()=>{if(!c){s("Unable to load iframe");return}c.src=r,i(c)},e)})}function UM(r){const e=WC();return e.src=r,e}function WC(){const r=document.createElement("iframe");return r.className="msalSilentIframe",r.style.visibility="hidden",r.style.position="absolute",r.style.width=r.style.height="0",r.style.border="0",r.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(r),r}function BM(r){document.body===r.parentNode&&document.body.removeChild(r)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class FM extends vi{constructor(e,t,n,i,s,c,d,f,g,p,w){super(e,t,n,i,s,c,f,p,w),this.apiId=d,this.nativeStorage=g}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account||!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==lt.NONE&&t.prompt!==lt.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${lt.NONE}`),t.prompt=lt.NONE):t.prompt=lt.NONE;const n=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);FC(n.authority);const i=this.initializeServerTelemetryManager(this.apiId);let s;try{return s=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:i,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(s,n)}catch(c){if(c instanceof Fe&&(c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c)),!s||!(c instanceof Fe)||c.errorCode!==en.INVALID_GRANT_ERROR)throw c;this.performanceClient.addFields({retryError:c.errorCode},this.correlationId);const d=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);return await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(s,d)}}logout(){return Promise.reject(j(Mc))}async silentTokenHelper(e,t){const n=t.correlationId;this.performanceClient.addQueueMeasurement(k.SilentIframeClientTokenHelper,n);const i=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,n)(t),s=await B(e.getAuthCodeUrl.bind(e),k.GetAuthCodeUrl,this.logger,this.performanceClient,n)({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,t.authenticationScheme)}),c=new Ch(e,this.browserStorage,i,this.logger,this.performanceClient),d=await B(DM,k.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,n)(s,this.performanceClient,this.logger,n,this.config.system.navigateFrameWait),f=this.config.auth.OIDCOptions.serverResponseType,g=await B(xM,k.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,n)(d,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,n,f),p=_o(zC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(g,f,this.logger);if(p.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(wa);const w=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.apiId,this.performanceClient,this.nativeMessageHandler,p.accountId,this.browserStorage,n),{userRequestState:C}=Bn.parseRequestState(this.browserCrypto,t.state);return B(w.acquireToken.bind(w),k.NativeInteractionClientAcquireToken,this.logger,this.performanceClient,n)({...t,state:C,prompt:t.prompt||lt.NONE})}return B(c.handleCodeResponse.bind(c),k.HandleCodeResponse,this.logger,this.performanceClient,n)(p,t)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HM extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentRefreshClientAcquireToken,e.correlationId);const t=await B(yh,k.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),n={...e,...t};e.redirectUri&&(n.redirectUri=this.getRedirectUri(e.redirectUri));const i=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),s=await this.createRefreshTokenClient({serverTelemetryManager:i,authorityUrl:n.authority,azureCloudOptions:n.azureCloudOptions,account:n.account});return B(s.acquireTokenByRefreshToken.bind(s),k.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(n).catch(c=>{throw c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c),c})}logout(){return Promise.reject(j(Mc))}async createRefreshTokenClient(e){const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new fd(t,this.performanceClient)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VM{constructor(e,t,n,i){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=n,this.cryptoObj=i}loadExternalTokens(e,t,n){if(!this.isBrowserEnvironment)throw j(Dc);const i=t.id_token?wo(t.id_token,tr):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},c=e.authority?new Tt(Tt.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId||Er()):void 0,d=this.loadAccount(e,n.clientInfo||t.client_info||"",i,c),f=this.loadIdToken(t,d.homeAccountId,d.environment,d.realm),g=this.loadAccessToken(e,t,d.homeAccountId,d.environment,d.realm,n),p=this.loadRefreshToken(t,d.homeAccountId,d.environment);return this.generateAuthenticationResult(e,{account:d,idToken:f,accessToken:g,refreshToken:p},i,c)}loadAccount(e,t,n,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const f=it.createFromAccountInfo(e.account);return this.storage.setAccount(f),f}else if(!i||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),j(CC);const s=it.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,n),c=n==null?void 0:n.tid,d=rh(this.storage,i,s,tr,n,t,i.hostnameAndPort,c,void 0,void 0,this.logger);return this.storage.setAccount(d),d}loadIdToken(e,t,n,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Ic(t,n,e.id_token,this.config.auth.clientId,i);return this.storage.setIdTokenCredential(s),s}loadAccessToken(e,t,n,i,s,c){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes||!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const d=t.scope?Ye.fromString(t.scope):new Ye(e.scopes),f=c.expiresOn||t.expires_in+new Date().getTime()/1e3,g=c.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+new Date().getTime()/1e3,p=bc(n,i,t.access_token,this.config.auth.clientId,s,d.printScopes(),f,g,tr);return this.storage.setAccessTokenCredential(p),p}loadRefreshToken(e,t,n){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=by(t,n,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return this.storage.setRefreshTokenCredential(i),i}generateAuthenticationResult(e,t,n,i){var p,w,C;let s="",c=[],d=null,f;t!=null&&t.accessToken&&(s=t.accessToken.secret,c=Ye.fromString(t.accessToken.target).asArray(),d=new Date(Number(t.accessToken.expiresOn)*1e3),f=new Date(Number(t.accessToken.extendedExpiresOn)*1e3));const g=t.account;return{authority:i?i.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:c,account:g.getAccountInfo(),idToken:((p=t.idToken)==null?void 0:p.secret)||"",idTokenClaims:n||{},accessToken:s,fromCache:!0,expiresOn:d,correlationId:e.correlationId||"",requestId:"",extExpiresOn:f,familyId:((w=t.refreshToken)==null?void 0:w.familyId)||"",tokenType:((C=t==null?void 0:t.accessToken)==null?void 0:C.tokenType)||"",state:e.state||"",cloudGraphHostName:g.cloudGraphHostName||"",msGraphHost:g.msGraphHost||"",fromNativeBroker:!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class $M extends Zy{constructor(e){super(e),this.includeRedirectUri=!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class KM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,f,g,p),this.apiId=d}async acquireToken(e){if(!e.code)throw j(wC);const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,X.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const i={...t,code:e.code},s=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),c=new $M(s);this.logger.verbose("Auth code client created");const d=new Ch(c,this.browserStorage,i,this.logger,this.performanceClient);return await B(d.handleCodeResponseFromServer.bind(d),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),i}}logout(){return Promise.reject(j(Mc))}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function qn(r){const e=r==null?void 0:r.idTokenClaims;if(e!=null&&e.tfp||e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function ks(r,e){try{ph(r)}catch(t){throw e.end({success:!1},t),t}}class Uc{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mi(this.logger,this.performanceClient):ic,this.eventHandler=new mM(this.logger),this.browserStorage=this.isBrowserEnvironment?new wd(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,r0(this.config.auth),this.performanceClient):sM(this.config.auth.clientId,this.logger);const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new wd(this.config.auth.clientId,t,this.browserCrypto,this.logger,void 0,this.performanceClient),this.tokenCache=new VM(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this),this.listeningToStorageEvents=!1,this.handleAccountCacheChange=this.handleAccountCacheChange.bind(this)}static async createController(e,t){const n=new Uc(e);return await n.initialize(t),n}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)||this.getRequestCorrelationId(),n=this.config.system.allowNativeBroker,i=this.performanceClient.startMeasurement(k.InitializeClientApplication,t);if(this.eventHandler.emitEvent(ne.INITIALIZE_START),n)try{this.nativeExtensionProvider=await Qn.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(s){this.logger.verbose(s)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await B(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),k.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END),i.end({allowNativeBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),BC(this.initialized),this.isBrowserEnvironment){const t=e||"";let n=this.redirectResponse.get(t);return typeof n>"u"?(n=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,n),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),n}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){const t=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e,s=i?n==null?void 0:n.correlationId:this.browserStorage.getTemporaryCache(be.CORRELATION_ID,!0)||"",c=this.performanceClient.startMeasurement(k.AcquireTokenRedirect,s);this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_START,X.Redirect);let d;if(i&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,n.accountId,this.nativeInternalStorage,n.correlationId);d=B(f.handleRedirectPromise.bind(f),k.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(this.performanceClient,c.event.correlationId)}else{this.logger.trace("handleRedirectPromise - acquiring token from web flow");const f=this.createRedirectClient(s);d=B(f.handleRedirectPromise.bind(f),k.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(e,c)}return d.then(f=>(f?(t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),c.end({success:!0,accountType:qn(f.account)})):c.event.errorCode?c.end({success:!1}):c.discard(),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),f)).catch(f=>{const g=f;throw t.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,g):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,g),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),c.end({success:!1},g),f})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenPreRedirect,t);n.add({accountType:qn(e.account),scenarioId:e.scenarioId});const i=e.onRedirectNavigate;if(i)e.onRedirectNavigate=c=>{const d=typeof i=="function"?i(c):void 0;return d!==!1?n.end({success:!0}):n.discard(),d};else{const c=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=d=>{const f=typeof c=="function"?c(d):void 0;return f!==!1?n.end({success:!0}):n.discard(),f}}const s=this.getAllAccounts().length>0;try{ap(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Redirect,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Redirect,e);let c;return this.nativeExtensionProvider&&this.canUseNative(e)?c=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,n).catch(f=>{if(f instanceof Jn&&Zo(f))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(f instanceof Fn)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),f}):c=this.createRedirectClient(t).acquireToken(e),await c}catch(c){throw n.end({success:!1},c),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,c),c}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenPopup,t);n.add({scenarioId:e.scenarioId,accountType:qn(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),ks(this.initialized,n),this.browserStorage.setInteractionInProgress(!0)}catch(c){return Promise.reject(c)}const i=this.getAllAccounts();i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Popup,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Popup,e);let s;return this.canUseNative(e)?s=this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenPopup).then(c=>(this.browserStorage.setInteractionInProgress(!1),n.end({success:!0,isNativeBroker:!0,accountType:qn(c.account)}),c)).catch(c=>{if(c instanceof Jn&&Zo(c))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e);if(c instanceof Fn)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),c}):s=this.createPopupClient(t).acquireToken(e),s.then(c=>(i.length<this.getAllAccounts().length?this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Popup,c):this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Popup,c),n.end({success:!0,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>(i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Popup,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Popup,null,c),n.end({success:!1},c),Promise.reject(c)))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var s,c;const t=this.getRequestCorrelationId(e),n={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(k.SsoSilent,t),(s=this.ssoSilentMeasurement)==null||s.add({scenarioId:e.scenarioId,accountType:qn(e.account)}),ks(this.initialized,this.ssoSilentMeasurement),(c=this.ssoSilentMeasurement)==null||c.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(ne.SSO_SILENT_START,X.Silent,n);let i;return this.canUseNative(n)?i=this.acquireTokenNative(n,xe.ssoSilent).catch(d=>{if(d instanceof Jn&&Zo(d))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(n.correlationId).acquireToken(n);throw d}):i=this.createSilentIframeClient(n.correlationId).acquireToken(n),i.then(d=>{var f;return this.eventHandler.emitEvent(ne.SSO_SILENT_SUCCESS,X.Silent,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!0,isNativeBroker:d.fromNativeBroker,accessTokenSize:d.accessToken.length,idTokenSize:d.idToken.length,accountType:qn(d.account)}),d}).catch(d=>{var f;throw this.eventHandler.emitEvent(ne.SSO_SILENT_FAILURE,X.Silent,null,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!1},d),d}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenByCode,t);ks(this.initialized,n),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_START,X.Silent,e),n.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw j(TC);if(e.code){const i=e.code;let s=this.hybridAuthCodeResponses.get(i);return s?(this.logger.verbose("Existing acquireTokenByCode request found",t),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),s=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(c=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_SUCCESS,X.Silent,c),this.hybridAuthCodeResponses.delete(i),n.end({success:!0,isNativeBroker:c.fromNativeBroker,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>{throw this.hybridAuthCodeResponses.delete(i),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,c),n.end({success:!1},c),c}),this.hybridAuthCodeResponses.set(i,s)),await s}else if(e.nativeAccountId)if(this.canUseNative(e,e.nativeAccountId)){const i=await this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenByCode,e.nativeAccountId).catch(s=>{throw s instanceof Jn&&Zo(s)&&(this.nativeExtensionProvider=void 0),s});return n.end({accountType:qn(i.account),success:!0}),i}else throw j(EC);else throw j(_C)}catch(i){throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,i),n.end({success:!1},i),i}}async acquireTokenByCodeAsync(e){var i;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(k.AcquireTokenByCodeAsync,e.correlationId),(i=this.acquireTokenByCodeAsyncMeasurement)==null||i.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(s=>{var c;return(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!0,fromCache:s.fromCache,isNativeBroker:s.fromNativeBroker}),s}).catch(s=>{var c;throw(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!1},s),s}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenFromCache,e.correlationId),t){case Qt.Default:case Qt.AccessToken:case Qt.AccessTokenAndRefreshToken:const n=this.createSilentCacheClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenByRefreshToken,e.correlationId),t){case Qt.Default:case Qt.AccessTokenAndRefreshToken:case Qt.RefreshToken:case Qt.RefreshTokenAndNetwork:const n=this.createSilentRefreshClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(k.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return B(t.acquireToken.bind(t),k.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return ap(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return ph(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e)}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return cM(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return lM(e,this.logger,this.browserStorage)}getAccountByUsername(e){return uM(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return dM(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return hM(e,this.logger,this.browserStorage)}setActiveAccount(e){fM(e,this.browserStorage)}getActiveAccount(){return gM(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const n=it.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return this.browserStorage.setAccount(n),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,n){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw j(wa);return new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,n||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e)}canUseNative(e,t){if(this.logger.trace("canUseNative called"),!Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUseNative: isNativeAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:this.logger.trace("canUseNative: prompt is compatible with native flow");break;default:return this.logger.trace(`canUseNative: prompt = ${e.prompt} is not compatible with native flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUseNative: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new NM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new MM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new FM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new KC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new HM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new KM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return UC(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?this.logger.verbose("Account storage listener already registered."):(this.logger.verbose("Adding account storage listener."),this.listeningToStorageEvents=!0,window.addEventListener("storage",this.handleAccountCacheChange)))}disableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?(this.logger.verbose("Removing account storage listener."),window.removeEventListener("storage",this.handleAccountCacheChange),this.listeningToStorageEvents=!1):this.logger.verbose("No account storage listener registered."))}handleAccountCacheChange(e){var t;try{(t=e.key)!=null&&t.includes(st.ACTIVE_ACCOUNT_FILTERS)&&this.eventHandler.emitEvent(ne.ACTIVE_ACCOUNT_CHANGED);const n=e.newValue||e.oldValue;if(!n)return;const i=JSON.parse(n);if(typeof i!="object"||!it.isAccountEntity(i))return;const c=fi.toObject(new it,i).getAccountInfo();!e.oldValue&&e.newValue?(this.logger.info("Account was added to cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_ADDED,void 0,c)):!e.newValue&&e.oldValue&&(this.logger.info("Account was removed from cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_REMOVED,void 0,c))}catch{return}}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?Er():P.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||rp})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||rp})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenSilent,t);n.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),ks(this.initialized,n),this.logger.verbose("acquireTokenSilent called",t);const i=e.account||this.getActiveAccount();if(!i)throw j(gC);n.add({accountType:qn(i)});const s={clientId:this.config.auth.clientId,authority:e.authority||P.EMPTY_STRING,scopes:e.scopes,homeAccountIdentifier:i.homeAccountId,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,shrOptions:e.shrOptions},c=JSON.stringify(s),d=this.activeSilentTokenRequests.get(c);if(typeof d>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",t);const f=B(this.acquireTokenSilentAsync.bind(this),k.AcquireTokenSilentAsync,this.logger,this.performanceClient,t)({...e,correlationId:t},i).then(g=>(this.activeSilentTokenRequests.delete(c),n.end({success:!0,fromCache:g.fromCache,isNativeBroker:g.fromNativeBroker,cacheLookupPolicy:e.cacheLookupPolicy,accessTokenSize:g.accessToken.length,idTokenSize:g.idToken.length}),g)).catch(g=>{throw this.activeSilentTokenRequests.delete(c),n.end({success:!1},g),g});return this.activeSilentTokenRequests.set(c,f),{...await f,state:e.state}}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",t),n.discard(),{...await d,state:e.state}}async acquireTokenSilentAsync(e,t){const n=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(k.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",n);const i=await B(wM,k.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),s=e.cacheLookupPolicy||Qt.Default;return this.acquireTokenSilentNoIframe(i,s).catch(async d=>{if(zM(d,s))if(this.activeIframeRequest)if(s!==Qt.Skip){const[g,p]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${p}`,i.correlationId);const w=this.performanceClient.startMeasurement(k.AwaitConcurrentIframe,i.correlationId);w.add({awaitIframeCorrelationId:p});const C=await g;if(w.end({success:C}),C)return this.logger.verbose(`Parallel iframe request with correlationId: ${p} succeeded. Retrying cache and/or RT redemption`,i.correlationId),this.acquireTokenSilentNoIframe(i,s);throw this.logger.info(`Iframe request with correlationId: ${p} failed. Interaction is required.`),d}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i);else{let g;return this.activeIframeRequest=[new Promise(p=>{g=p}),i.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i).then(p=>(g(!0),p)).catch(p=>{throw g(!1),p}).finally(()=>{this.activeIframeRequest=void 0})}else throw d}).then(d=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Silent,d),e.correlationId&&this.performanceClient.addFields({fromCache:d.fromCache,isNativeBroker:d.fromNativeBroker},e.correlationId),d)).catch(d=>{throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Silent,null,d),d}).finally(()=>{document.removeEventListener("visibilitychange",n)})}async acquireTokenSilentNoIframe(e,t){return Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,xe.acquireTokenSilent_silentFlow).catch(async n=>{throw n instanceof Jn&&Zo(n)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,U(vr)):n})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),B(this.acquireTokenFromCache.bind(this),k.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(n=>{if(t===Qt.AccessToken)throw n;return this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_NETWORK_START,X.Silent,e),B(this.acquireTokenByRefreshToken.bind(this),k.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}}function zM(r,e){const t=!(r instanceof Fn&&r.subError!==Nc),n=r.errorCode===en.INVALID_GRANT_ERROR||r.errorCode===vr,i=t&&n||r.errorCode===uc||r.errorCode===nh,s=b0.includes(e);return i&&s}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function WM(r,e){const t=new yo(r);return await t.initialize(),Uc.createController(t,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class wh{static async createPublicClientApplication(e){const t=await WM(e);return new wh(e,t)}constructor(e,t){this.controller=t||new Uc(new yo(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const xu=process.env.JPLAN_WEBAPP__APP_PROXY_TENANT_NAME??"",qM=process.env.JPLAN_WEBAPP__APP_PROXY_CLIENT_ID??"",GM=process.env.JPLAN_WEBAPP__APP_PROXY_USER_FLOW??"",jM=process.env.JPLAN_WEBAPP__URL_BASE??"",YM={auth:{clientId:qM,authority:`https://${xu}.b2clogin.com/${xu}.onmicrosoft.com/${GM}`,knownAuthorities:[`${xu}.b2clogin.com`],redirectUri:`${jM}/_/dashboard/`},cache:{cacheLocation:"localStorage",storeAuthStateInCookie:!1},system:{loggerOptions:{loggerCallback:(r,e)=>{r===Me.Error&&console.error(e)},logLevel:Me.Warning}}},io=new wh(YM),dp=u.ref(null);function qC(){async function r(e){var t;if(e)try{const n=e.idTokenClaims;if(!(n!=null&&n.aud))throw new Error("User audience (aud) is missing in ID token claims");const i=localStorage.getItem(`msal.token.keys.${n.aud}`);if(!i)throw new Error(`Token keys para ${n.aud} não encontrados no localStorage`);const s=JSON.parse(i),c=(t=s==null?void 0:s.idToken)==null?void 0:t[0];if(!c)throw new Error("idToken não encontrado nos token keys");const d=localStorage.getItem(c);if(!d)throw new Error(`Dados do token para ID ${c} não encontrados no localStorage`);const f=JSON.parse(d),g=f==null?void 0:f.secret;if(!g)throw new Error("Secret não encontrado nos dados do token");sessionStorage.setItem("isAuthenticated","true"),dp.value=g}catch(n){console.error("Erro ao obter token de acesso:",n)}}return{jToken:dp,setJToken:r}}const JM="https://app-files.jplan.com.br/pub/msal-auth/index.html",xr=u.ref(null);function GC(){const{setJToken:r}=qC(),e=u.computed(()=>!!xr.value),t=u.computed(()=>xr.value);async function n(){e.value||await i()}const i=async()=>new Promise((d,f)=>{try{localStorage.clear();const g=window.open(JM);if(!g){console.error("Falha ao abrir a janela de autenticação"),f("Falha ao abrir a janela de autenticação");return}const p=setInterval(()=>{Object.keys(localStorage).some(C=>C.startsWith("msal.account.keys"))&&(clearInterval(p),s(),g.close(),d())},500)}catch(g){console.error("Erro no handleRedirect:",g),f(g)}}),s=async()=>{try{await io.initialize();const d=io.getActiveAccount();if(d)xr.value=d;else{const f=await io.handleRedirectPromise();f?(io.setActiveAccount(f.account),xr.value=io.getActiveAccount()):console.error("Falha na autenticação")}}catch(d){console.error("Erro no processo de autenticação:",d)}xr.value&&await r(xr.value)};async function c(){try{const d=await io.acquireTokenSilent({scopes:["https://graph.microsoft.com/.default","openid","profile"]});io.setActiveAccount(d.account),await r(xr.value)}catch(d){console.error("Falha ao renovar token, forçando novo login.",d),await n()}}return u.watch(xr,async(d,f)=>{var p,w,C;if(((p=d==null?void 0:d.idTokenClaims)==null?void 0:p.exp)===((w=f==null?void 0:f.idTokenClaims)==null?void 0:w.exp))return;const g=(C=d==null?void 0:d.idTokenClaims)==null?void 0:C.exp;if(g){const S=Math.floor(Date.now()/1e3),b=(g-S-120)*1e3;b>0&&setTimeout(async()=>{await c()},b)}},{immediate:!0}),{isAuthenticated:e,account:t,handleRedirect:n}}function jC(r,e){return function(){return r.apply(e,arguments)}}const{toString:QM}=Object.prototype,{getPrototypeOf:_h}=Object,Bc=(r=>e=>{const t=QM.call(e);return r[t]||(r[t]=t.slice(8,-1).toLowerCase())})(Object.create(null)),Vn=r=>(r=r.toLowerCase(),e=>Bc(e)===r),Fc=r=>e=>typeof e===r,{isArray:yi}=Array,fa=Fc("undefined");function XM(r){return r!==null&&!fa(r)&&r.constructor!==null&&!fa(r.constructor)&&an(r.constructor.isBuffer)&&r.constructor.isBuffer(r)}const YC=Vn("ArrayBuffer");function ZM(r){let e;return typeof ArrayBuffer<"u"&&ArrayBuffer.isView?e=ArrayBuffer.isView(r):e=r&&r.buffer&&YC(r.buffer),e}const e1=Fc("string"),an=Fc("function"),JC=Fc("number"),Hc=r=>r!==null&&typeof r=="object",t1=r=>r===!0||r===!1,zs=r=>{if(Bc(r)!=="object")return!1;const e=_h(r);return(e===null||e===Object.prototype||Object.getPrototypeOf(e)===null)&&!(Symbol.toStringTag in r)&&!(Symbol.iterator in r)},n1=Vn("Date"),r1=Vn("File"),o1=Vn("Blob"),i1=Vn("FileList"),a1=r=>Hc(r)&&an(r.pipe),s1=r=>{let e;return r&&(typeof FormData=="function"&&r instanceof FormData||an(r.append)&&((e=Bc(r))==="formdata"||e==="object"&&an(r.toString)&&r.toString()==="[object FormData]"))},c1=Vn("URLSearchParams"),[l1,u1,d1,h1]=["ReadableStream","Request","Response","Headers"].map(Vn),f1=r=>r.trim?r.trim():r.replace(/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,"");function Ta(r,e,{allOwnKeys:t=!1}={}){if(r===null||typeof r>"u")return;let n,i;if(typeof r!="object"&&(r=[r]),yi(r))for(n=0,i=r.length;n<i;n++)e.call(null,r[n],n,r);else{const s=t?Object.getOwnPropertyNames(r):Object.keys(r),c=s.length;let d;for(n=0;n<c;n++)d=s[n],e.call(null,r[d],d,r)}}function QC(r,e){e=e.toLowerCase();const t=Object.keys(r);let n=t.length,i;for(;n-- >0;)if(i=t[n],e===i.toLowerCase())return i;return null}const fo=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:global,XC=r=>!fa(r)&&r!==fo;function Td(){const{caseless:r}=XC(this)&&this||{},e={},t=(n,i)=>{const s=r&&QC(e,i)||i;zs(e[s])&&zs(n)?e[s]=Td(e[s],n):zs(n)?e[s]=Td({},n):yi(n)?e[s]=n.slice():e[s]=n};for(let n=0,i=arguments.length;n<i;n++)arguments[n]&&Ta(arguments[n],t);return e}const g1=(r,e,t,{allOwnKeys:n}={})=>(Ta(e,(i,s)=>{t&&an(i)?r[s]=jC(i,t):r[s]=i},{allOwnKeys:n}),r),m1=r=>(r.charCodeAt(0)===65279&&(r=r.slice(1)),r),p1=(r,e,t,n)=>{r.prototype=Object.create(e.prototype,n),r.prototype.constructor=r,Object.defineProperty(r,"super",{value:e.prototype}),t&&Object.assign(r.prototype,t)},v1=(r,e,t,n)=>{let i,s,c;const d={};if(e=e||{},r==null)return e;do{for(i=Object.getOwnPropertyNames(r),s=i.length;s-- >0;)c=i[s],(!n||n(c,r,e))&&!d[c]&&(e[c]=r[c],d[c]=!0);r=t!==!1&&_h(r)}while(r&&(!t||t(r,e))&&r!==Object.prototype);return e},y1=(r,e,t)=>{r=String(r),(t===void 0||t>r.length)&&(t=r.length),t-=e.length;const n=r.indexOf(e,t);return n!==-1&&n===t},C1=r=>{if(!r)return null;if(yi(r))return r;let e=r.length;if(!JC(e))return null;const t=new Array(e);for(;e-- >0;)t[e]=r[e];return t},w1=(r=>e=>r&&e instanceof r)(typeof Uint8Array<"u"&&_h(Uint8Array)),_1=(r,e)=>{const n=(r&&r[Symbol.iterator]).call(r);let i;for(;(i=n.next())&&!i.done;){const s=i.value;e.call(r,s[0],s[1])}},T1=(r,e)=>{let t;const n=[];for(;(t=r.exec(e))!==null;)n.push(t);return n},E1=Vn("HTMLFormElement"),S1=r=>r.toLowerCase().replace(/[-_\s]([a-z\d])(\w*)/g,function(t,n,i){return n.toUpperCase()+i}),hp=(({hasOwnProperty:r})=>(e,t)=>r.call(e,t))(Object.prototype),A1=Vn("RegExp"),ZC=(r,e)=>{const t=Object.getOwnPropertyDescriptors(r),n={};Ta(t,(i,s)=>{let c;(c=e(i,s,r))!==!1&&(n[s]=c||i)}),Object.defineProperties(r,n)},I1=r=>{ZC(r,(e,t)=>{if(an(r)&&["arguments","caller","callee"].indexOf(t)!==-1)return!1;const n=r[t];if(an(n)){if(e.enumerable=!1,"writable"in e){e.writable=!1;return}e.set||(e.set=()=>{throw Error("Can not rewrite read-only method '"+t+"'")})}})},b1=(r,e)=>{const t={},n=i=>{i.forEach(s=>{t[s]=!0})};return yi(r)?n(r):n(String(r).split(e)),t},k1=()=>{},R1=(r,e)=>r!=null&&Number.isFinite(r=+r)?r:e,Lu="abcdefghijklmnopqrstuvwxyz",fp="0123456789",ew={DIGIT:fp,ALPHA:Lu,ALPHA_DIGIT:Lu+Lu.toUpperCase()+fp},O1=(r=16,e=ew.ALPHA_DIGIT)=>{let t="";const{length:n}=e;for(;r--;)t+=e[Math.random()*n|0];return t};function N1(r){return!!(r&&an(r.append)&&r[Symbol.toStringTag]==="FormData"&&r[Symbol.iterator])}const P1=r=>{const e=new Array(10),t=(n,i)=>{if(Hc(n)){if(e.indexOf(n)>=0)return;if(!("toJSON"in n)){e[i]=n;const s=yi(n)?[]:{};return Ta(n,(c,d)=>{const f=t(c,i+1);!fa(f)&&(s[d]=f)}),e[i]=void 0,s}}return n};return t(r,0)},M1=Vn("AsyncFunction"),D1=r=>r&&(Hc(r)||an(r))&&an(r.then)&&an(r.catch),tw=((r,e)=>r?setImmediate:e?((t,n)=>(fo.addEventListener("message",({source:i,data:s})=>{i===fo&&s===t&&n.length&&n.shift()()},!1),i=>{n.push(i),fo.postMessage(t,"*")}))(`axios@${Math.random()}`,[]):t=>setTimeout(t))(typeof setImmediate=="function",an(fo.postMessage)),x1=typeof queueMicrotask<"u"?queueMicrotask.bind(fo):typeof process<"u"&&process.nextTick||tw,O={isArray:yi,isArrayBuffer:YC,isBuffer:XM,isFormData:s1,isArrayBufferView:ZM,isString:e1,isNumber:JC,isBoolean:t1,isObject:Hc,isPlainObject:zs,isReadableStream:l1,isRequest:u1,isResponse:d1,isHeaders:h1,isUndefined:fa,isDate:n1,isFile:r1,isBlob:o1,isRegExp:A1,isFunction:an,isStream:a1,isURLSearchParams:c1,isTypedArray:w1,isFileList:i1,forEach:Ta,merge:Td,extend:g1,trim:f1,stripBOM:m1,inherits:p1,toFlatObject:v1,kindOf:Bc,kindOfTest:Vn,endsWith:y1,toArray:C1,forEachEntry:_1,matchAll:T1,isHTMLForm:E1,hasOwnProperty:hp,hasOwnProp:hp,reduceDescriptors:ZC,freezeMethods:I1,toObjectSet:b1,toCamelCase:S1,noop:k1,toFiniteNumber:R1,findKey:QC,global:fo,isContextDefined:XC,ALPHABET:ew,generateString:O1,isSpecCompliantForm:N1,toJSONObject:P1,isAsyncFn:M1,isThenable:D1,setImmediate:tw,asap:x1};function ue(r,e,t,n,i){Error.call(this),Error.captureStackTrace?Error.captureStackTrace(this,this.constructor):this.stack=new Error().stack,this.message=r,this.name="AxiosError",e&&(this.code=e),t&&(this.config=t),n&&(this.request=n),i&&(this.response=i,this.status=i.status?i.status:null)}O.inherits(ue,Error,{toJSON:function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:O.toJSONObject(this.config),code:this.code,status:this.status}}});const nw=ue.prototype,rw={};["ERR_BAD_OPTION_VALUE","ERR_BAD_OPTION","ECONNABORTED","ETIMEDOUT","ERR_NETWORK","ERR_FR_TOO_MANY_REDIRECTS","ERR_DEPRECATED","ERR_BAD_RESPONSE","ERR_BAD_REQUEST","ERR_CANCELED","ERR_NOT_SUPPORT","ERR_INVALID_URL"].forEach(r=>{rw[r]={value:r}});Object.defineProperties(ue,rw);Object.defineProperty(nw,"isAxiosError",{value:!0});ue.from=(r,e,t,n,i,s)=>{const c=Object.create(nw);return O.toFlatObject(r,c,function(f){return f!==Error.prototype},d=>d!=="isAxiosError"),ue.call(c,r.message,e,t,n,i),c.cause=r,c.name=r.name,s&&Object.assign(c,s),c};const L1=null;function Ed(r){return O.isPlainObject(r)||O.isArray(r)}function ow(r){return O.endsWith(r,"[]")?r.slice(0,-2):r}function gp(r,e,t){return r?r.concat(e).map(function(i,s){return i=ow(i),!t&&s?"["+i+"]":i}).join(t?".":""):e}function U1(r){return O.isArray(r)&&!r.some(Ed)}const B1=O.toFlatObject(O,{},null,function(e){return/^is[A-Z]/.test(e)});function Vc(r,e,t){if(!O.isObject(r))throw new TypeError("target must be an object");e=e||new FormData,t=O.toFlatObject(t,{metaTokens:!0,dots:!1,indexes:!1},!1,function(b,N){return!O.isUndefined(N[b])});const n=t.metaTokens,i=t.visitor||p,s=t.dots,c=t.indexes,f=(t.Blob||typeof Blob<"u"&&Blob)&&O.isSpecCompliantForm(e);if(!O.isFunction(i))throw new TypeError("visitor must be a function");function g(T){if(T===null)return"";if(O.isDate(T))return T.toISOString();if(!f&&O.isBlob(T))throw new ue("Blob is not supported. Use a Buffer instead.");return O.isArrayBuffer(T)||O.isTypedArray(T)?f&&typeof Blob=="function"?new Blob([T]):Buffer.from(T):T}function p(T,b,N){let K=T;if(T&&!N&&typeof T=="object"){if(O.endsWith(b,"{}"))b=n?b:b.slice(0,-2),T=JSON.stringify(T);else if(O.isArray(T)&&U1(T)||(O.isFileList(T)||O.endsWith(b,"[]"))&&(K=O.toArray(T)))return b=ow(b),K.forEach(function(V,z){!(O.isUndefined(V)||V===null)&&e.append(c===!0?gp([b],z,s):c===null?b:b+"[]",g(V))}),!1}return Ed(T)?!0:(e.append(gp(N,b,s),g(T)),!1)}const w=[],C=Object.assign(B1,{defaultVisitor:p,convertValue:g,isVisitable:Ed});function S(T,b){if(!O.isUndefined(T)){if(w.indexOf(T)!==-1)throw Error("Circular reference detected in "+b.join("."));w.push(T),O.forEach(T,function(K,H){(!(O.isUndefined(K)||K===null)&&i.call(e,K,O.isString(H)?H.trim():H,b,C))===!0&&S(K,b?b.concat(H):[H])}),w.pop()}}if(!O.isObject(r))throw new TypeError("data must be an object");return S(r),e}function mp(r){const e={"!":"%21","'":"%27","(":"%28",")":"%29","~":"%7E","%20":"+","%00":"\0"};return encodeURIComponent(r).replace(/[!'()~]|%20|%00/g,function(n){return e[n]})}function Th(r,e){this._pairs=[],r&&Vc(r,this,e)}const iw=Th.prototype;iw.append=function(e,t){this._pairs.push([e,t])};iw.toString=function(e){const t=e?function(n){return e.call(this,n,mp)}:mp;return this._pairs.map(function(i){return t(i[0])+"="+t(i[1])},"").join("&")};function F1(r){return encodeURIComponent(r).replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,"+").replace(/%5B/gi,"[").replace(/%5D/gi,"]")}function aw(r,e,t){if(!e)return r;const n=t&&t.encode||F1;O.isFunction(t)&&(t={serialize:t});const i=t&&t.serialize;let s;if(i?s=i(e,t):s=O.isURLSearchParams(e)?e.toString():new Th(e,t).toString(n),s){const c=r.indexOf("#");c!==-1&&(r=r.slice(0,c)),r+=(r.indexOf("?")===-1?"?":"&")+s}return r}class pp{constructor(){this.handlers=[]}use(e,t,n){return this.handlers.push({fulfilled:e,rejected:t,synchronous:n?n.synchronous:!1,runWhen:n?n.runWhen:null}),this.handlers.length-1}eject(e){this.handlers[e]&&(this.handlers[e]=null)}clear(){this.handlers&&(this.handlers=[])}forEach(e){O.forEach(this.handlers,function(n){n!==null&&e(n)})}}const sw={silentJSONParsing:!0,forcedJSONParsing:!0,clarifyTimeoutError:!1},H1=typeof URLSearchParams<"u"?URLSearchParams:Th,V1=typeof FormData<"u"?FormData:null,$1=typeof Blob<"u"?Blob:null,K1={isBrowser:!0,classes:{URLSearchParams:H1,FormData:V1,Blob:$1},protocols:["http","https","file","blob","url","data"]},Eh=typeof window<"u"&&typeof document<"u",Sd=typeof navigator=="object"&&navigator||void 0,z1=Eh&&(!Sd||["ReactNative","NativeScript","NS"].indexOf(Sd.product)<0),W1=typeof WorkerGlobalScope<"u"&&self instanceof WorkerGlobalScope&&typeof self.importScripts=="function",q1=Eh&&window.location.href||"http://localhost",G1=Object.freeze(Object.defineProperty({__proto__:null,hasBrowserEnv:Eh,hasStandardBrowserEnv:z1,hasStandardBrowserWebWorkerEnv:W1,navigator:Sd,origin:q1},Symbol.toStringTag,{value:"Module"})),At={...G1,...K1};function j1(r,e){return Vc(r,new At.classes.URLSearchParams,Object.assign({visitor:function(t,n,i,s){return At.isNode&&O.isBuffer(t)?(this.append(n,t.toString("base64")),!1):s.defaultVisitor.apply(this,arguments)}},e))}function Y1(r){return O.matchAll(/\w+|\[(\w*)]/g,r).map(e=>e[0]==="[]"?"":e[1]||e[0])}function J1(r){const e={},t=Object.keys(r);let n;const i=t.length;let s;for(n=0;n<i;n++)s=t[n],e[s]=r[s];return e}function cw(r){function e(t,n,i,s){let c=t[s++];if(c==="__proto__")return!0;const d=Number.isFinite(+c),f=s>=t.length;return c=!c&&O.isArray(i)?i.length:c,f?(O.hasOwnProp(i,c)?i[c]=[i[c],n]:i[c]=n,!d):((!i[c]||!O.isObject(i[c]))&&(i[c]=[]),e(t,n,i[c],s)&&O.isArray(i[c])&&(i[c]=J1(i[c])),!d)}if(O.isFormData(r)&&O.isFunction(r.entries)){const t={};return O.forEachEntry(r,(n,i)=>{e(Y1(n),i,t,0)}),t}return null}function Q1(r,e,t){if(O.isString(r))try{return(e||JSON.parse)(r),O.trim(r)}catch(n){if(n.name!=="SyntaxError")throw n}return(t||JSON.stringify)(r)}const Ea={transitional:sw,adapter:["xhr","http","fetch"],transformRequest:[function(e,t){const n=t.getContentType()||"",i=n.indexOf("application/json")>-1,s=O.isObject(e);if(s&&O.isHTMLForm(e)&&(e=new FormData(e)),O.isFormData(e))return i?JSON.stringify(cw(e)):e;if(O.isArrayBuffer(e)||O.isBuffer(e)||O.isStream(e)||O.isFile(e)||O.isBlob(e)||O.isReadableStream(e))return e;if(O.isArrayBufferView(e))return e.buffer;if(O.isURLSearchParams(e))return t.setContentType("application/x-www-form-urlencoded;charset=utf-8",!1),e.toString();let d;if(s){if(n.indexOf("application/x-www-form-urlencoded")>-1)return j1(e,this.formSerializer).toString();if((d=O.isFileList(e))||n.indexOf("multipart/form-data")>-1){const f=this.env&&this.env.FormData;return Vc(d?{"files[]":e}:e,f&&new f,this.formSerializer)}}return s||i?(t.setContentType("application/json",!1),Q1(e)):e}],transformResponse:[function(e){const t=this.transitional||Ea.transitional,n=t&&t.forcedJSONParsing,i=this.responseType==="json";if(O.isResponse(e)||O.isReadableStream(e))return e;if(e&&O.isString(e)&&(n&&!this.responseType||i)){const c=!(t&&t.silentJSONParsing)&&i;try{return JSON.parse(e)}catch(d){if(c)throw d.name==="SyntaxError"?ue.from(d,ue.ERR_BAD_RESPONSE,this,null,this.response):d}}return e}],timeout:0,xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN",maxContentLength:-1,maxBodyLength:-1,env:{FormData:At.classes.FormData,Blob:At.classes.Blob},validateStatus:function(e){return e>=200&&e<300},headers:{common:{Accept:"application/json, text/plain, */*","Content-Type":void 0}}};O.forEach(["delete","get","head","post","put","patch"],r=>{Ea.headers[r]={}});const X1=O.toObjectSet(["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-since","if-unmodified-since","last-modified","location","max-forwards","proxy-authorization","referer","retry-after","user-agent"]),Z1=r=>{const e={};let t,n,i;return r&&r.split(`
+${c}`);return}throw Xm(e.error,e.error_description,e.suberror)?new Fn(e.error,e.error_description,e.suberror,e.timestamp||P.EMPTY_STRING,e.trace_id||P.EMPTY_STRING,e.correlation_id||P.EMPTY_STRING,e.claims||P.EMPTY_STRING,s):c}}async handleServerTokenResponse(e,t,n,i,s,c,d,f,g){var T;(T=this.performanceClient)==null||T.addQueueMeasurement(k.HandleServerTokenResponse,e.correlation_id);let p;if(e.id_token){if(p=wo(e.id_token||P.EMPTY_STRING,this.cryptoObj.base64Decode),s&&s.nonce&&p.nonce!==s.nonce)throw U(gy);if(i.maxAge||i.maxAge===0){const b=p.auth_time;if(!b)throw U(Fd);Iy(b,i.maxAge)}}this.homeAccountIdentifier=it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,t.authorityType,this.logger,this.cryptoObj,p);let w;s&&s.state&&(w=Bn.parseRequestState(this.cryptoObj,s.state)),e.key_id=e.key_id||i.sshKid||void 0;const C=this.generateCacheRecord(e,t,n,i,p,c,s);let S;try{if(this.persistencePlugin&&this.serializableCache&&(this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),S=new u0(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(S)),d&&!f&&C.account){const b=C.account.generateAccountKey();if(!this.cacheStorage.getAccount(b,this.logger))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await po.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,void 0,g)}await this.cacheStorage.saveCacheRecord(C,i.storeInCache,i.correlationId)}finally{this.persistencePlugin&&this.serializableCache&&S&&(this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(S))}return po.generateAuthenticationResult(this.cryptoObj,t,C,!1,i,p,w,e,g)}generateCacheRecord(e,t,n,i,s,c,d){const f=t.getPreferredCache();if(!f)throw U(Vd);const g=$y(s);let p,w;e.id_token&&s&&(p=Ic(this.homeAccountIdentifier,f,e.id_token,this.clientId,g||""),w=rh(this.cacheStorage,t,this.homeAccountIdentifier,this.cryptoObj.base64Decode,s,e.client_info,f,g,d,void 0,this.logger));let C=null;if(e.access_token){const b=e.scope?Ye.fromString(e.scope):new Ye(i.scopes||[]),N=(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,K=(typeof e.ext_expires_in=="string"?parseInt(e.ext_expires_in,10):e.ext_expires_in)||0,H=(typeof e.refresh_in=="string"?parseInt(e.refresh_in,10):e.refresh_in)||void 0,V=n+N,z=V+K,Q=H&&H>0?n+H:void 0;C=bc(this.homeAccountIdentifier,f,e.access_token,this.clientId,g||t.tenant||"",b.printScopes(),V,z,this.cryptoObj.base64Decode,Q,e.token_type,c,e.key_id,i.claims,i.requestedClaimsHash)}let S=null;if(e.refresh_token){let b;if(e.refresh_token_expires_in){const N=typeof e.refresh_token_expires_in=="string"?parseInt(e.refresh_token_expires_in,10):e.refresh_token_expires_in;b=n+N}S=by(this.homeAccountIdentifier,f,e.refresh_token,this.clientId,e.foci,c,b)}let T=null;return e.foci&&(T={clientId:this.clientId,environment:f,familyId:e.foci}),{account:w,idToken:p,accessToken:C,refreshToken:S,appMetadata:T}}static async generateAuthenticationResult(e,t,n,i,s,c,d,f,g){var V,z,Q,we,W;let p=P.EMPTY_STRING,w=[],C=null,S,T,b=P.EMPTY_STRING;if(n.accessToken){if(n.accessToken.tokenType===Re.POP&&!s.popKid){const et=new gi(e),{secret:_e,keyId:Y}=n.accessToken;if(!Y)throw U($d);p=await et.signPopToken(_e,Y,s)}else p=n.accessToken.secret;w=Ye.fromString(n.accessToken.target).asArray(),C=new Date(Number(n.accessToken.expiresOn)*1e3),S=new Date(Number(n.accessToken.extendedExpiresOn)*1e3),n.accessToken.refreshOn&&(T=new Date(Number(n.accessToken.refreshOn)*1e3))}n.appMetadata&&(b=n.appMetadata.familyId===ia?ia:"");const N=(c==null?void 0:c.oid)||(c==null?void 0:c.sub)||"",K=(c==null?void 0:c.tid)||"";f!=null&&f.spa_accountid&&n.account&&(n.account.nativeAccountId=f==null?void 0:f.spa_accountid);const H=n.account?Qd(n.account.getAccountInfo(),void 0,c,(V=n.idToken)==null?void 0:V.secret):null;return{authority:t.canonicalAuthority,uniqueId:N,tenantId:K,scopes:w,account:H,idToken:((z=n==null?void 0:n.idToken)==null?void 0:z.secret)||"",idTokenClaims:c||{},accessToken:p,fromCache:i,expiresOn:C,extExpiresOn:S,refreshOn:T,correlationId:s.correlationId,requestId:g||P.EMPTY_STRING,familyId:b,tokenType:((Q=n.accessToken)==null?void 0:Q.tokenType)||P.EMPTY_STRING,state:d?d.userRequestState:P.EMPTY_STRING,cloudGraphHostName:((we=n.account)==null?void 0:we.cloudGraphHostName)||P.EMPTY_STRING,msGraphHost:((W=n.account)==null?void 0:W.msGraphHost)||P.EMPTY_STRING,code:f==null?void 0:f.spa_code,fromNativeBroker:!1}}}function rh(r,e,t,n,i,s,c,d,f,g,p){p==null||p.verbose("setCachedAccount called");const C=r.getAccountKeys().find(K=>K.startsWith(t));let S=null;C&&(S=r.getAccount(C,p));const T=S||it.createAccount({homeAccountId:t,idTokenClaims:i,clientInfo:s,environment:c,cloudGraphHostName:f==null?void 0:f.cloud_graph_host_name,msGraphHost:f==null?void 0:f.msgraph_host,nativeAccountId:g},e,n),b=T.tenantProfiles||[],N=d||T.realm;if(N&&!b.find(K=>K.tenantId===N)){const K=Jd(t,T.localAccountId,N,i);b.push(K)}return T.tenantProfiles=b,T}/*! @azure/msal-common v14.16.0 2024-11-05 */async function Xy(r,e,t){return typeof r=="string"?r:r({clientId:e,tokenEndpoint:t})}/*! @azure/msal-common v14.16.0 2024-11-05 */class Zy extends th{constructor(e,t){var n;super(e,t),this.includeRedirectUri=!0,this.oidcDefaultScopes=(n=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:n.defaultScopes}async getAuthCodeUrl(e){var n;(n=this.performanceClient)==null||n.addQueueMeasurement(k.GetAuthCodeUrl,e.correlationId);const t=await B(this.createAuthCodeUrlQueryString.bind(this),k.AuthClientCreateQueryString,this.logger,this.performanceClient,e.correlationId)(e);return ye.appendQueryString(this.authority.authorizationEndpoint,t)}async acquireToken(e,t){var d,f;if((d=this.performanceClient)==null||d.addQueueMeasurement(k.AuthClientAcquireToken,e.correlationId),!e.code)throw U(vy);const n=rr(),i=await B(this.executeTokenRequest.bind(this),k.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(this.authority,e),s=(f=i.headers)==null?void 0:f[Ot.X_MS_REQUEST_ID],c=new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return c.validateTokenResponse(i.body),B(c.handleServerTokenResponse.bind(c),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(i.body,this.authority,n,e,t,void 0,void 0,void 0,s)}handleFragmentResponse(e,t){if(new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,null,null).validateServerAuthorizationCodeResponse(e,t),!e.code)throw U(Ty);return e}getLogoutUri(e){if(!e)throw Ne(Dy);const t=this.createLogoutUrlQueryString(e);return ye.appendQueryString(this.authority.endSessionEndpoint,t)}async executeTokenRequest(e,t){var g,p;(g=this.performanceClient)==null||g.addQueueMeasurement(k.AuthClientExecuteTokenRequest,t.correlationId);const n=this.createTokenQueryParameters(t),i=ye.appendQueryString(e.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,t.correlationId)(t);let c;if(t.clientInfo)try{const w=ac(t.clientInfo,this.cryptoUtils.base64Decode);c={credential:`${w.uid}${St.CLIENT_INFO_SEPARATOR}${w.utid}`,type:on.HOME_ACCOUNT_ID}}catch(w){this.logger.verbose("Could not parse client info for CCS Header: "+w)}const d=this.createTokenRequestHeaders(c||t.ccsCredential),f={clientId:((p=t.tokenBodyParameters)==null?void 0:p.clientId)||this.config.authOptions.clientId,authority:e.canonicalAuthority,scopes:t.scopes,claims:t.claims,authenticationScheme:t.authenticationScheme,resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,sshKid:t.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,t.correlationId)(i,s,d,f,t.correlationId,k.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s;(i=this.performanceClient)==null||i.addQueueMeasurement(k.AuthClientCreateTokenRequestBody,e.correlationId);const t=new sa(e.correlationId,this.performanceClient);if(t.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[mo])||this.config.authOptions.clientId),this.includeRedirectUri?t.addRedirectUri(e.redirectUri):Qo.validateRedirectUri(e.redirectUri),t.addScopes(e.scopes,!0,this.oidcDefaultScopes),t.addAuthorizationCode(e.code),t.addLibraryInfo(this.config.libraryInfo),t.addApplicationTelemetry(this.config.telemetry.application),t.addThrottling(),this.serverTelemetryManager&&!ud(this.config)&&t.addServerTelemetry(this.serverTelemetryManager),e.codeVerifier&&t.addCodeVerifier(e.codeVerifier),this.config.clientCredentials.clientSecret&&t.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const c=this.config.clientCredentials.clientAssertion;t.addClientAssertion(await Xy(c.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),t.addClientAssertionType(c.assertionType)}if(t.addGrantType(ay.AUTHORIZATION_CODE_GRANT),t.addClientInfo(),e.authenticationScheme===Re.POP){const c=new gi(this.cryptoUtils,this.performanceClient);let d;e.popKid?d=this.cryptoUtils.encodeKid(e.popKid):d=(await B(c.generateCnf.bind(c),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,t.addPopToken(d)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)t.addSshJwk(e.sshJwk);else throw Ne(kc);(!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&t.addClaims(e.claims,this.config.authOptions.clientCapabilities);let n;if(e.clientInfo)try{const c=ac(e.clientInfo,this.cryptoUtils.base64Decode);n={credential:`${c.uid}${St.CLIENT_INFO_SEPARATOR}${c.utid}`,type:on.HOME_ACCOUNT_ID}}catch(c){this.logger.verbose("Could not parse client info for CCS Header: "+c)}else n=e.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&n)switch(n.type){case on.HOME_ACCOUNT_ID:try{const c=ii(n.credential);t.addCcsOid(c)}catch(c){this.logger.verbose("Could not parse home account ID for CCS Header: "+c)}break;case on.UPN:t.addCcsUpn(n.credential);break}return e.embeddedClientId&&t.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&t.addExtraQueryParameters(e.tokenBodyParameters),e.enableSpaAuthorizationCode&&(!e.tokenBodyParameters||!e.tokenBodyParameters[Ym])&&t.addExtraQueryParameters({[Ym]:"1"}),t.createQueryString()}async createAuthCodeUrlQueryString(e){var s,c;const t=e.correlationId||this.config.cryptoInterface.createNewGuid();(s=this.performanceClient)==null||s.addQueueMeasurement(k.AuthClientCreateQueryString,t);const n=new sa(t,this.performanceClient);n.addClientId(e.embeddedClientId||((c=e.extraQueryParameters)==null?void 0:c[mo])||this.config.authOptions.clientId);const i=[...e.scopes||[],...e.extraScopesToConsent||[]];if(n.addScopes(i,!0,this.oidcDefaultScopes),n.addRedirectUri(e.redirectUri),n.addCorrelationId(t),n.addResponseMode(e.responseMode),n.addResponseTypeCode(),n.addLibraryInfo(this.config.libraryInfo),ud(this.config)||n.addApplicationTelemetry(this.config.telemetry.application),n.addClientInfo(),e.codeChallenge&&e.codeChallengeMethod&&n.addCodeChallengeParams(e.codeChallenge,e.codeChallengeMethod),e.prompt&&n.addPrompt(e.prompt),e.domainHint&&n.addDomainHint(e.domainHint),e.prompt!==lt.SELECT_ACCOUNT)if(e.sid&&e.prompt===lt.NONE)this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),n.addSid(e.sid);else if(e.account){const d=this.extractAccountSid(e.account);let f=this.extractLoginHint(e.account);if(f&&e.domainHint&&(this.logger.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),f=null),f){this.logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),n.addLoginHint(f);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(d&&e.prompt===lt.NONE){this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),n.addSid(d);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(e.loginHint)this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint);else if(e.account.username){this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),n.addLoginHint(e.account.username);try{const g=ii(e.account.homeAccountId);n.addCcsOid(g)}catch{this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else e.loginHint&&(this.logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),n.addLoginHint(e.loginHint),n.addCcsUpn(e.loginHint));else this.logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");if(e.nonce&&n.addNonce(e.nonce),e.state&&n.addState(e.state),(e.claims||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),this.addExtraQueryParams(e,n),e.nativeBroker&&(n.addNativeBroker(),e.authenticationScheme===Re.POP)){const d=new gi(this.cryptoUtils);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}return n.createQueryString()}createLogoutUrlQueryString(e){const t=new sa(e.correlationId,this.performanceClient);return e.postLogoutRedirectUri&&t.addPostLogoutRedirectUri(e.postLogoutRedirectUri),e.correlationId&&t.addCorrelationId(e.correlationId),e.idTokenHint&&t.addIdTokenHint(e.idTokenHint),e.state&&t.addState(e.state),e.logoutHint&&t.addLogoutHint(e.logoutHint),this.addExtraQueryParams(e,t),t.createQueryString()}addExtraQueryParams(e,t){!(e.extraQueryParameters&&e.extraQueryParameters.hasOwnProperty("instance_aware"))&&this.config.authOptions.instanceAware&&(e.extraQueryParameters=e.extraQueryParameters||{},e.extraQueryParameters.instance_aware="true"),e.extraQueryParameters&&t.addExtraQueryParameters(e.extraQueryParameters)}extractAccountSid(e){var t;return((t=e.idTokenClaims)==null?void 0:t.sid)||null}extractLoginHint(e){var t;return((t=e.idTokenClaims)==null?void 0:t.login_hint)||null}}/*! @azure/msal-common v14.16.0 2024-11-05 */const h0=300;class fd extends th{constructor(e,t){super(e,t)}async acquireToken(e){var c,d;(c=this.performanceClient)==null||c.addQueueMeasurement(k.RefreshTokenClientAcquireToken,e.correlationId);const t=rr(),n=await B(this.executeTokenRequest.bind(this),k.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,e.correlationId)(e,this.authority),i=(d=n.headers)==null?void 0:d[Ot.X_MS_REQUEST_ID],s=new po(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return s.validateTokenResponse(n.body),B(s.handleServerTokenResponse.bind(s),k.HandleServerTokenResponse,this.logger,this.performanceClient,e.correlationId)(n.body,this.authority,t,e,void 0,void 0,!0,e.forceCache,i)}async acquireTokenByRefreshToken(e){var n;if(!e)throw Ne(My);if((n=this.performanceClient)==null||n.addQueueMeasurement(k.RefreshTokenClientAcquireTokenByRefreshToken,e.correlationId),!e.account)throw U(Hd);if(this.cacheManager.isAppMetadataFOCI(e.account.environment))try{return await B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!0)}catch(i){const s=i instanceof Fn&&i.errorCode===uc,c=i instanceof qr&&i.errorCode===xm.INVALID_GRANT_ERROR&&i.subError===xm.CLIENT_MISMATCH_ERROR;if(s||c)return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1);throw i}return B(this.acquireTokenWithCachedRefreshToken.bind(this),k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,!1)}async acquireTokenWithCachedRefreshToken(e,t){var s;(s=this.performanceClient)==null||s.addQueueMeasurement(k.RefreshTokenClientAcquireTokenWithCachedRefreshToken,e.correlationId);const n=_o(this.cacheManager.getRefreshToken.bind(this.cacheManager),k.CacheManagerGetRefreshToken,this.logger,this.performanceClient,e.correlationId)(e.account,t,void 0,this.performanceClient,e.correlationId);if(!n)throw hd(uc);if(n.expiresOn&&ld(n.expiresOn,e.refreshTokenExpirationOffsetSeconds||h0))throw hd(nh);const i={...e,refreshToken:n.secret,authenticationScheme:e.authenticationScheme||Re.BEARER,ccsCredential:{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}};try{return await B(this.acquireToken.bind(this),k.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(i)}catch(c){if(c instanceof Fn&&c.subError===Nc){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");const d=oi(n);this.cacheManager.removeRefreshToken(d)}throw c}}async executeTokenRequest(e,t){var f,g;(f=this.performanceClient)==null||f.addQueueMeasurement(k.RefreshTokenClientExecuteTokenRequest,e.correlationId);const n=this.createTokenQueryParameters(e),i=ye.appendQueryString(t.tokenEndpoint,n),s=await B(this.createTokenRequestBody.bind(this),k.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,e.correlationId)(e),c=this.createTokenRequestHeaders(e.ccsCredential),d={clientId:((g=e.tokenBodyParameters)==null?void 0:g.clientId)||this.config.authOptions.clientId,authority:t.canonicalAuthority,scopes:e.scopes,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid};return B(this.executePostToTokenEndpoint.bind(this),k.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,e.correlationId)(i,s,c,d,e.correlationId,k.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(e){var i,s,c;(i=this.performanceClient)==null||i.addQueueMeasurement(k.RefreshTokenClientCreateTokenRequestBody,e.correlationId);const t=e.correlationId,n=new sa(t,this.performanceClient);if(n.addClientId(e.embeddedClientId||((s=e.tokenBodyParameters)==null?void 0:s[mo])||this.config.authOptions.clientId),e.redirectUri&&n.addRedirectUri(e.redirectUri),n.addScopes(e.scopes,!0,(c=this.config.authOptions.authority.options.OIDCOptions)==null?void 0:c.defaultScopes),n.addGrantType(ay.REFRESH_TOKEN_GRANT),n.addClientInfo(),n.addLibraryInfo(this.config.libraryInfo),n.addApplicationTelemetry(this.config.telemetry.application),n.addThrottling(),this.serverTelemetryManager&&!ud(this.config)&&n.addServerTelemetry(this.serverTelemetryManager),n.addRefreshToken(e.refreshToken),this.config.clientCredentials.clientSecret&&n.addClientSecret(this.config.clientCredentials.clientSecret),this.config.clientCredentials.clientAssertion){const d=this.config.clientCredentials.clientAssertion;n.addClientAssertion(await Xy(d.assertion,this.config.authOptions.clientId,e.resourceRequestUri)),n.addClientAssertionType(d.assertionType)}if(e.authenticationScheme===Re.POP){const d=new gi(this.cryptoUtils,this.performanceClient);let f;e.popKid?f=this.cryptoUtils.encodeKid(e.popKid):f=(await B(d.generateCnf.bind(d),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(e,this.logger)).reqCnfString,n.addPopToken(f)}else if(e.authenticationScheme===Re.SSH)if(e.sshJwk)n.addSshJwk(e.sshJwk);else throw Ne(kc);if((!Un.isEmptyObj(e.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)&&n.addClaims(e.claims,this.config.authOptions.clientCapabilities),this.config.systemOptions.preventCorsPreflight&&e.ccsCredential)switch(e.ccsCredential.type){case on.HOME_ACCOUNT_ID:try{const d=ii(e.ccsCredential.credential);n.addCcsOid(d)}catch(d){this.logger.verbose("Could not parse home account ID for CCS Header: "+d)}break;case on.UPN:n.addCcsUpn(e.ccsCredential.credential);break}return e.embeddedClientId&&n.addBrokerParameters({brokerClientId:this.config.authOptions.clientId,brokerRedirectUri:this.config.authOptions.redirectUri}),e.tokenBodyParameters&&n.addExtraQueryParameters(e.tokenBodyParameters),n.createQueryString()}}/*! @azure/msal-common v14.16.0 2024-11-05 */class f0 extends th{constructor(e,t){super(e,t)}async acquireToken(e){var t;try{const[n,i]=await this.acquireCachedToken({...e,scopes:(t=e.scopes)!=null&&t.length?e.scopes:[...pi]});return i===Ur.PROACTIVELY_REFRESHED&&(this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'. It's not expired, but must be refreshed."),new fd(this.config,this.performanceClient).acquireTokenByRefreshToken(e).catch(()=>{})),n}catch(n){if(n instanceof Ac&&n.errorCode===vr)return new fd(this.config,this.performanceClient).acquireTokenByRefreshToken(e);throw n}}async acquireCachedToken(e){var f;(f=this.performanceClient)==null||f.addQueueMeasurement(k.SilentFlowClientAcquireCachedToken,e.correlationId);let t=Ur.NOT_APPLICABLE;if(e.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Un.isEmptyObj(e.claims))throw this.setCacheOutcome(Ur.FORCE_REFRESH_OR_CLAIMS,e.correlationId),U(vr);if(!e.account)throw U(Hd);const n=e.account.tenantId||n0(e.authority),i=this.cacheManager.getTokenKeys(),s=this.cacheManager.getAccessToken(e.account,e,i,n,this.performanceClient,e.correlationId);if(s){if($N(s.cachedAt)||ld(s.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(Ur.CACHED_ACCESS_TOKEN_EXPIRED,e.correlationId),U(vr);s.refreshOn&&ld(s.refreshOn,0)&&(t=Ur.PROACTIVELY_REFRESHED)}else throw this.setCacheOutcome(Ur.NO_CACHED_ACCESS_TOKEN,e.correlationId),U(vr);const c=e.authority||this.authority.getPreferredCache(),d={account:this.cacheManager.readAccountFromCache(e.account),accessToken:s,idToken:this.cacheManager.getIdToken(e.account,i,n,this.performanceClient,e.correlationId),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache(c)};return this.setCacheOutcome(t,e.correlationId),this.config.serverTelemetryManager&&this.config.serverTelemetryManager.incrementCacheHits(),[await B(this.generateResultFromCacheRecord.bind(this),k.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,e.correlationId)(d,e),t]}setCacheOutcome(e,t){var n,i;(n=this.serverTelemetryManager)==null||n.setCacheOutcome(e),(i=this.performanceClient)==null||i.addFields({cacheOutcome:e},t),e!==Ur.NOT_APPLICABLE&&this.logger.info(`Token refresh is required due to cache outcome: ${e}`)}async generateResultFromCacheRecord(e,t){var i;(i=this.performanceClient)==null||i.addQueueMeasurement(k.SilentFlowClientGenerateResultFromCacheRecord,t.correlationId);let n;if(e.idToken&&(n=wo(e.idToken.secret,this.config.cryptoInterface.base64Decode)),t.maxAge||t.maxAge===0){const s=n==null?void 0:n.auth_time;if(!s)throw U(Fd);Iy(s,t.maxAge)}return po.generateAuthenticationResult(this.cryptoUtils,this.authority,e,!0,t,n)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const g0={sendGetRequestAsync:()=>Promise.reject(U(ge)),sendPostRequestAsync:()=>Promise.reject(U(ge))};/*! @azure/msal-common v14.16.0 2024-11-05 */const Zm=",",eC="|";function m0(r){const{skus:e,libraryName:t,libraryVersion:n,extensionName:i,extensionVersion:s}=r,c=new Map([[0,[t,n]],[2,[i,s]]]);let d=[];if(e!=null&&e.length){if(d=e.split(Zm),d.length<4)return e}else d=Array.from({length:4},()=>eC);return c.forEach((f,g)=>{var p,w;f.length===2&&((p=f[0])!=null&&p.length)&&((w=f[1])!=null&&w.length)&&p0({skuArr:d,index:g,skuName:f[0],skuVersion:f[1]})}),d.join(Zm)}function p0(r){const{skuArr:e,index:t,skuName:n,skuVersion:i}=r;t>=e.length||(e[t]=[n,i].join(eC))}class da{constructor(e,t){this.cacheOutcome=Ur.NOT_APPLICABLE,this.cacheManager=t,this.apiId=e.apiId,this.correlationId=e.correlationId,this.wrapperSKU=e.wrapperSKU||P.EMPTY_STRING,this.wrapperVer=e.wrapperVer||P.EMPTY_STRING,this.telemetryCacheKey=gt.CACHE_KEY+St.CACHE_KEY_SEPARATOR+e.clientId}generateCurrentRequestHeaderValue(){const e=`${this.apiId}${gt.VALUE_SEPARATOR}${this.cacheOutcome}`,t=[this.wrapperSKU,this.wrapperVer],n=this.getNativeBrokerErrorCode();n!=null&&n.length&&t.push(`broker_error=${n}`);const i=t.join(gt.VALUE_SEPARATOR),s=this.getRegionDiscoveryFields(),c=[e,s].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,c,i].join(gt.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.failedRequests.slice(0,2*t).join(gt.VALUE_SEPARATOR),i=e.errors.slice(0,t).join(gt.VALUE_SEPARATOR),s=e.errors.length,c=t<s?gt.OVERFLOW_TRUE:gt.OVERFLOW_FALSE,d=[s,c].join(gt.VALUE_SEPARATOR);return[gt.SCHEMA_VERSION,e.cacheHits,n,i,d].join(gt.CATEGORY_SEPARATOR)}cacheFailedRequest(e){const t=this.getLastRequests();t.errors.length>=gt.MAX_CACHED_ERRORS&&(t.failedRequests.shift(),t.failedRequests.shift(),t.errors.shift()),t.failedRequests.push(this.apiId,this.correlationId),e instanceof Error&&e&&e.toString()?e instanceof Fe?e.subError?t.errors.push(e.subError):e.errorCode?t.errors.push(e.errorCode):t.errors.push(e.toString()):t.errors.push(e.toString()):t.errors.push(gt.UNKNOWN_ERROR),this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}incrementCacheHits(){const e=this.getLastRequests();return e.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e),e.cacheHits}getLastRequests(){const e={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||e}clearTelemetryCache(){const e=this.getLastRequests(),t=da.maxErrorsToSend(e),n=e.errors.length;if(t===n)this.cacheManager.removeItem(this.telemetryCacheKey);else{const i={failedRequests:e.failedRequests.slice(t*2),errors:e.errors.slice(t),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,i)}}static maxErrorsToSend(e){let t,n=0,i=0;const s=e.errors.length;for(t=0;t<s;t++){const c=e.failedRequests[2*t]||P.EMPTY_STRING,d=e.failedRequests[2*t+1]||P.EMPTY_STRING,f=e.errors[t]||P.EMPTY_STRING;if(i+=c.toString().length+d.toString().length+f.length+3,i<gt.MAX_LAST_HEADER_BYTES)n+=1;else break}return n}getRegionDiscoveryFields(){const e=[];return e.push(this.regionUsed||P.EMPTY_STRING),e.push(this.regionSource||P.EMPTY_STRING),e.push(this.regionOutcome||P.EMPTY_STRING),e.join(",")}updateRegionDiscoveryMetadata(e){this.regionUsed=e.region_used,this.regionSource=e.region_source,this.regionOutcome=e.region_outcome}setCacheOutcome(e){this.cacheOutcome=e}setNativeBrokerErrorCode(e){const t=this.getLastRequests();t.nativeBrokerErrorCode=e,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,t)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){const e=this.getLastRequests();delete e.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,e)}static makeExtraSkuString(e){return m0(e)}}/*! @azure/msal-common v14.16.0 2024-11-05 */const tC="missing_kid_error",nC="missing_alg_error";/*! @azure/msal-common v14.16.0 2024-11-05 */const v0={[tC]:"The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.",[nC]:"The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided."};class oh extends Fe{constructor(e,t){super(e,t),this.name="JoseHeaderError",Object.setPrototypeOf(this,oh.prototype)}}function ep(r){return new oh(r,v0[r])}/*! @azure/msal-common v14.16.0 2024-11-05 */class ih{constructor(e){this.typ=e.typ,this.alg=e.alg,this.kid=e.kid}static getShrHeaderString(e){if(!e.kid)throw ep(tC);if(!e.alg)throw ep(nC);const t=new ih({typ:e.typ||IN.Pop,kid:e.kid,alg:e.alg});return JSON.stringify(t)}}/*! @azure/msal-common v14.16.0 2024-11-05 */class tp{startMeasurement(){}endMeasurement(){}flushMeasurement(){return null}}class y0{generateId(){return"callback-id"}startMeasurement(e,t){return{end:()=>null,discard:()=>{},add:()=>{},increment:()=>{},event:{eventId:this.generateId(),status:t0.InProgress,authority:"",libraryName:"",libraryVersion:"",clientId:"",name:e,startTimeMs:Date.now(),correlationId:t||""},measurement:new tp}}startPerformanceMeasurement(){return new tp}calculateQueuedTime(){return 0}addQueueMeasurement(){}setPreQueueTime(){}endMeasurement(){return null}discardMeasurements(){}removePerformanceCallback(){return!0}addPerformanceCallback(){return""}emitEvents(){}addFields(){}incrementFields(){}cacheEventByCorrelationId(){}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ah="pkce_not_created",gd="crypto_nonexistent",Pc="empty_navigate_uri",rC="hash_empty_error",sh="no_state_in_hash",oC="hash_does_not_contain_known_properties",iC="unable_to_parse_state",aC="state_interaction_type_mismatch",sC="interaction_in_progress",cC="popup_window_error",lC="empty_window_error",vo="user_cancelled",C0="monitor_popup_timeout",uC="monitor_window_timeout",dC="redirect_in_iframe",hC="block_iframe_reload",fC="block_nested_popups",w0="iframe_closed_prematurely",Mc="silent_logout_unsupported",gC="no_account_error",_0="silent_prompt_value_error",mC="no_token_request_cache_error",pC="unable_to_parse_token_request_cache_error",ch="no_cached_authority_error",T0="auth_request_not_set_error",E0="invalid_cache_type",Dc="non_browser_environment",Xo="database_not_open",dc="no_network_connectivity",vC="post_request_failed",yC="get_request_failed",md="failed_to_parse_response",CC="unable_to_load_token",lh="crypto_key_not_found",wC="auth_code_required",_C="auth_code_or_nativeAccountId_required",TC="spa_code_and_nativeAccountId_present",uh="database_unavailable",EC="unable_to_acquire_token_from_native_platform",SC="native_handshake_timeout",AC="native_extension_not_installed",wa="native_connection_not_established",IC="uninitialized_public_client_application",bC="native_prompt_not_supported",kC="invalid_base64_string",RC="invalid_pop_token_request",OC="failed_to_build_headers",NC="failed_to_parse_headers";/*! @azure/msal-browser v3.28.1 2025-01-14 */const mr="For more visit: aka.ms/msaljs/browser-errors",S0={[ah]:"The PKCE code challenge and verifier could not be generated.",[gd]:"The crypto object or function is not available.",[Pc]:"Navigation URI is empty. Please check stack trace for more info.",[rC]:`Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. ${mr}`,[sh]:"Hash does not contain state. Please verify that the request originated from msal.",[oC]:`Hash does not contain known properites. Please verify that your redirectUri is not changing the hash.  ${mr}`,[iC]:"Unable to parse state. Please verify that the request originated from msal.",[aC]:"Hash contains state but the interaction type does not match the caller.",[sC]:`Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API.   ${mr}`,[cC]:"Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser.",[lC]:"window.open returned null or undefined window object.",[vo]:"User cancelled the flow.",[C0]:`Token acquisition in popup failed due to timeout.  ${mr}`,[uC]:`Token acquisition in iframe failed due to timeout.  ${mr}`,[dC]:"Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs.",[hC]:`Request was blocked inside an iframe because MSAL detected an authentication response.  ${mr}`,[fC]:"Request was blocked inside a popup because MSAL detected it was running in a popup.",[w0]:"The iframe being monitored was closed prematurely.",[Mc]:"Silent logout not supported. Please call logoutRedirect or logoutPopup instead.",[gC]:"No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request.",[_0]:"The value given for the prompt value is not valid for silent requests - must be set to 'none' or 'no_session'.",[mC]:"No token request found in cache.",[pC]:"The cached token request could not be parsed.",[ch]:"No cached authority found.",[T0]:"Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler",[E0]:"Invalid cache type",[Dc]:"Login and token requests are not supported in non-browser environments.",[Xo]:"Database is not open!",[dc]:"No network connectivity. Check your internet connection.",[vC]:"Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'",[yC]:"Network request failed. Please check the network trace to determine root cause.",[md]:"Failed to parse network response. Check network trace.",[CC]:"Error loading token to cache.",[lh]:"Cryptographic Key or Keypair not found in browser storage.",[wC]:"An authorization code must be provided (as the `code` property on the request) to this flow.",[_C]:"An authorization code or nativeAccountId must be provided to this flow.",[TC]:"Request cannot contain both spa code and native account id.",[uh]:"IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts.",[EC]:`Unable to acquire token from native platform.  ${mr}`,[SC]:"Timed out while attempting to establish connection to browser extension",[AC]:"Native extension is not installed. If you think this is a mistake call the initialize function.",[wa]:`Connection to native platform has not been established. Please install a compatible browser extension and run initialize().  ${mr}`,[IC]:`You must call and await the initialize function before attempting to call any other MSAL API.  ${mr}`,[bC]:"The provided prompt is not supported by the native platform. This request should be routed to the web based flow.",[kC]:"Invalid base64 encoded string.",[RC]:"Invalid PoP token request. The request should not have both a popKid value and signPopToken set to true.",[OC]:"Failed to build request headers object.",[NC]:"Failed to parse response headers"};class _a extends Fe{constructor(e,t){super(e,S0[e],t),Object.setPrototypeOf(this,_a.prototype),this.name="BrowserAuthError"}}function j(r,e){return new _a(r,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const en={INTERACTION_IN_PROGRESS_VALUE:"interaction_in_progress",INVALID_GRANT_ERROR:"invalid_grant",POPUP_WIDTH:483,POPUP_HEIGHT:600,POPUP_NAME_PREFIX:"msal",DEFAULT_POLL_INTERVAL_MS:30,MSAL_SKU:"msal.js.browser"},ai={CHANNEL_ID:"53ee284d-920a-4b59-9d30-a60315b26836",PREFERRED_EXTENSION_ID:"ppnbnpeolgkicgegkbkbjmhlideopiji",MATS_TELEMETRY:"MATS"},ho={HandshakeRequest:"Handshake",HandshakeResponse:"HandshakeResponse",GetToken:"GetToken",Response:"Response"},Ft={LocalStorage:"localStorage",SessionStorage:"sessionStorage",MemoryStorage:"memoryStorage"},np={GET:"GET",POST:"POST"},be={AUTHORITY:"authority",ACQUIRE_TOKEN_ACCOUNT:"acquireToken.account",SESSION_STATE:"session.state",REQUEST_STATE:"request.state",NONCE_IDTOKEN:"nonce.id_token",ORIGIN_URI:"request.origin",RENEW_STATUS:"token.renew.status",URL_HASH:"urlHash",REQUEST_PARAMS:"request.params",SCOPES:"scopes",INTERACTION_STATUS_KEY:"interaction.status",CCS_CREDENTIAL:"ccs.credential",CORRELATION_ID:"request.correlationId",NATIVE_REQUEST:"request.native",REDIRECT_CONTEXT:"request.redirect.context"},Dr={ACCOUNT_KEYS:"msal.account.keys",TOKEN_KEYS:"msal.token.keys"},Is={WRAPPER_SKU:"wrapper.sku",WRAPPER_VER:"wrapper.version"},xe={acquireTokenRedirect:861,acquireTokenPopup:862,ssoSilent:863,acquireTokenSilent_authCode:864,handleRedirectPromise:865,acquireTokenByCode:866,acquireTokenSilent_silentFlow:61,logout:961,logoutPopup:962};var X;(function(r){r.Redirect="redirect",r.Popup="popup",r.Silent="silent",r.None="none"})(X||(X={}));const rp={scopes:pi},PC="jwk",pd="msal.db",A0=1,I0=`${pd}.keys`,Qt={Default:0,AccessToken:1,AccessTokenAndRefreshToken:2,RefreshToken:3,RefreshTokenAndNetwork:4,Skip:5},b0=[Qt.Default,Qt.Skip,Qt.RefreshTokenAndNetwork],k0="msal.browser.log.level",R0="msal.browser.log.pii";/*! @azure/msal-browser v3.28.1 2025-01-14 */function bs(r){return encodeURIComponent(dh(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"))}function xc(r){return MC(r).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")}function dh(r){return MC(new TextEncoder().encode(r))}function MC(r){const e=Array.from(r,t=>String.fromCodePoint(t)).join("");return btoa(e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const O0="RSASSA-PKCS1-v1_5",DC="SHA-256",N0=2048,P0=new Uint8Array([1,0,1]),op="0123456789abcdef",ip=new Uint32Array(1),M0="crypto_subtle_undefined",hh={name:O0,hash:DC,modulusLength:N0,publicExponent:P0};function D0(r){if(!window)throw j(Dc);if(!window.crypto)throw j(gd);if(!r&&!window.crypto.subtle)throw j(gd,M0)}async function xC(r,e,t){e==null||e.addQueueMeasurement(k.Sha256Digest,t);const i=new TextEncoder().encode(r);return window.crypto.subtle.digest(DC,i)}function x0(r){return window.crypto.getRandomValues(r)}function Mu(){return window.crypto.getRandomValues(ip),ip[0]}function Er(){const r=Date.now(),e=Mu()*1024+(Mu()&1023),t=new Uint8Array(16),n=Math.trunc(e/2**30),i=e&2**30-1,s=Mu();t[0]=r/2**40,t[1]=r/2**32,t[2]=r/2**24,t[3]=r/2**16,t[4]=r/2**8,t[5]=r,t[6]=112|n>>>8,t[7]=n,t[8]=128|i>>>24,t[9]=i>>>16,t[10]=i>>>8,t[11]=i,t[12]=s>>>24,t[13]=s>>>16,t[14]=s>>>8,t[15]=s;let c="";for(let d=0;d<t.length;d++)c+=op.charAt(t[d]>>>4),c+=op.charAt(t[d]&15),(d===3||d===5||d===7||d===9)&&(c+="-");return c}async function L0(r,e){return window.crypto.subtle.generateKey(hh,r,e)}async function Du(r){return window.crypto.subtle.exportKey(PC,r)}async function U0(r,e,t){return window.crypto.subtle.importKey(PC,r,hh,e,t)}async function B0(r,e){return window.crypto.subtle.sign(hh,r,e)}async function LC(r){const e=await xC(r),t=new Uint8Array(e);return xc(t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ha="storage_not_supported",vd="stubbed_public_client_application_called",hc="in_mem_redirect_unavailable";/*! @azure/msal-browser v3.28.1 2025-01-14 */const Ks={[ha]:"Given storage configuration option was not supported.",[vd]:"Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors",[hc]:"Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."};Ks[ha],Ks[vd],Ks[hc];class fh extends Fe{constructor(e,t){super(e,t),this.name="BrowserConfigurationAuthError",Object.setPrototypeOf(this,fh.prototype)}}function gh(r){return new fh(r,Ks[r])}/*! @azure/msal-browser v3.28.1 2025-01-14 */function F0(r){r.location.hash="",typeof r.history.replaceState=="function"&&r.history.replaceState(null,"",`${r.location.origin}${r.location.pathname}${r.location.search}`)}function H0(r){const e=r.split("#");e.shift(),window.location.hash=e.length>0?e.join("#"):""}function mh(){return window.parent!==window}function V0(){return typeof window<"u"&&!!window.opener&&window.opener!==window&&typeof window.name=="string"&&window.name.indexOf(`${en.POPUP_NAME_PREFIX}.`)===0}function yr(){return typeof window<"u"&&window.location?window.location.href.split("?")[0].split("#")[0]:""}function $0(){const e=new ye(window.location.href).getUrlComponents();return`${e.Protocol}//${e.HostNameAndPort}/`}function K0(){if(ye.hashContainsKnownProperties(window.location.hash)&&mh())throw j(hC)}function z0(r){if(mh()&&!r)throw j(dC)}function W0(){if(V0())throw j(fC)}function UC(){if(typeof window>"u")throw j(Dc)}function BC(r){if(!r)throw j(IC)}function ph(r){UC(),K0(),W0(),BC(r)}function ap(r,e){if(ph(r),z0(e.system.allowRedirectInIframe),e.cache.cacheLocation===Ft.MemoryStorage&&!e.cache.storeAuthStateInCookie)throw gh(hc)}function FC(r){const e=document.createElement("link");e.rel="preconnect",e.href=new URL(r).origin,e.crossOrigin="anonymous",document.head.appendChild(e),window.setTimeout(()=>{try{document.head.removeChild(e)}catch{}},1e4)}function q0(){return Er()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class fc{navigateInternal(e,t){return fc.defaultNavigateWindow(e,t)}navigateExternal(e,t){return fc.defaultNavigateWindow(e,t)}static defaultNavigateWindow(e,t){return t.noHistory?window.location.replace(e):window.location.assign(e),new Promise(n=>{setTimeout(()=>{n(!0)},t.timeout)})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class G0{async sendGetRequestAsync(e,t){let n,i={},s=0;const c=sp(t);try{n=await fetch(e,{method:np.GET,headers:c})}catch{throw j(window.navigator.onLine?yC:dc)}i=cp(n.headers);try{return s=n.status,{headers:i,body:await n.json(),status:s}}catch{throw Jm(j(md),s,i)}}async sendPostRequestAsync(e,t){const n=t&&t.body||"",i=sp(t);let s,c=0,d={};try{s=await fetch(e,{method:np.POST,headers:i,body:n})}catch{throw j(window.navigator.onLine?vC:dc)}d=cp(s.headers);try{return c=s.status,{headers:d,body:await s.json(),status:c}}catch{throw Jm(j(md),c,d)}}}function sp(r){try{const e=new Headers;if(!(r&&r.headers))return e;const t=r.headers;return Object.entries(t).forEach(([n,i])=>{e.append(n,i)}),e}catch{throw j(OC)}}function cp(r){try{const e={};return r.forEach((t,n)=>{e[n]=t}),e}catch{throw j(NC)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const j0=6e4,yd=1e4,Y0=3e4,J0=2e3;function Q0({auth:r,cache:e,system:t,telemetry:n},i){const s={clientId:P.EMPTY_STRING,authority:`${P.DEFAULT_AUTHORITY}`,knownAuthorities:[],cloudDiscoveryMetadata:P.EMPTY_STRING,authorityMetadata:P.EMPTY_STRING,redirectUri:typeof window<"u"?yr():"",postLogoutRedirectUri:P.EMPTY_STRING,navigateToLoginRequestUrl:!0,clientCapabilities:[],protocolMode:_r.AAD,OIDCOptions:{serverResponseType:Ca.FRAGMENT,defaultScopes:[P.OPENID_SCOPE,P.PROFILE_SCOPE,P.OFFLINE_ACCESS_SCOPE]},azureCloudOptions:{azureCloudInstance:zd.None,tenant:P.EMPTY_STRING},skipAuthorityMetadataCache:!1,supportsNestedAppAuth:!1,instanceAware:!1},c={cacheLocation:Ft.SessionStorage,temporaryCacheLocation:Ft.SessionStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!!(e&&e.cacheLocation===Ft.LocalStorage),claimsBasedCachingEnabled:!1},d={loggerCallback:()=>{},logLevel:Me.Info,piiLoggingEnabled:!1},g={...{...Gy,loggerOptions:d,networkClient:i?new G0:g0,navigationClient:new fc,loadFrameTimeout:0,windowHashTimeout:(t==null?void 0:t.loadFrameTimeout)||j0,iframeHashTimeout:(t==null?void 0:t.loadFrameTimeout)||yd,navigateFrameWait:0,redirectNavigationTimeout:Y0,asyncPopups:!1,allowRedirectInIframe:!1,allowNativeBroker:!1,nativeBrokerHandshakeTimeout:(t==null?void 0:t.nativeBrokerHandshakeTimeout)||J0,pollIntervalMilliseconds:en.DEFAULT_POLL_INTERVAL_MS},...t,loggerOptions:(t==null?void 0:t.loggerOptions)||d},p={application:{appName:P.EMPTY_STRING,appVersion:P.EMPTY_STRING},client:new y0};if((r==null?void 0:r.protocolMode)!==_r.OIDC&&(r!=null&&r.OIDCOptions)&&new Wr(g.loggerOptions).warning(JSON.stringify(Ne(Fy))),r!=null&&r.protocolMode&&r.protocolMode!==_r.AAD&&(g!=null&&g.allowNativeBroker))throw Ne(Hy);return{auth:{...s,...r,OIDCOptions:{...s.OIDCOptions,...r==null?void 0:r.OIDCOptions}},cache:{...c,...e},system:g,telemetry:{...p,...n}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const X0="@azure/msal-browser",Lc="3.28.1";/*! @azure/msal-browser v3.28.1 2025-01-14 */class vh{static loggerCallback(e,t){switch(e){case Me.Error:console.error(t);return;case Me.Info:console.info(t);return;case Me.Verbose:console.debug(t);return;case Me.Warning:console.warn(t);return;default:console.log(t);return}}constructor(e){var f;this.browserEnvironment=typeof window<"u",this.config=Q0(e,this.browserEnvironment);let t;try{t=window[Ft.SessionStorage]}catch{}const n=t==null?void 0:t.getItem(k0),i=(f=t==null?void 0:t.getItem(R0))==null?void 0:f.toLowerCase(),s=i==="true"?!0:i==="false"?!1:void 0,c={...this.config.system.loggerOptions},d=n&&Object.keys(Me).includes(n)?Me[n]:void 0;d&&(c.loggerCallback=vh.loggerCallback,c.logLevel=d),s!==void 0&&(c.piiLoggingEnabled=s),this.logger=new Wr(c,X0,Lc),this.available=!1}getConfig(){return this.config}getLogger(){return this.logger}isAvailable(){return this.available}isBrowserEnvironment(){return this.browserEnvironment}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class yo extends vh{getModuleName(){return yo.MODULE_NAME}getId(){return yo.ID}async initialize(){return this.available=typeof window<"u",this.available}}yo.MODULE_NAME="";yo.ID="StandardOperatingContext";/*! @azure/msal-browser v3.28.1 2025-01-14 */function tr(r){return new TextDecoder().decode(Z0(r))}function Z0(r){let e=r.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw j(kC)}const t=atob(e);return Uint8Array.from(t,n=>n.codePointAt(0)||0)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class eM{constructor(){this.dbName=pd,this.version=A0,this.tableName=I0,this.dbOpen=!1}async open(){return new Promise((e,t)=>{const n=window.indexedDB.open(this.dbName,this.version);n.addEventListener("upgradeneeded",i=>{i.target.result.createObjectStore(this.tableName)}),n.addEventListener("success",i=>{const s=i;this.db=s.target.result,this.dbOpen=!0,e()}),n.addEventListener("error",()=>t(j(uh)))})}closeConnection(){const e=this.db;e&&this.dbOpen&&(e.close(),this.dbOpen=!1)}async validateDbIsOpen(){if(!this.dbOpen)return this.open()}async getItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).get(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async setItem(e,t){return await this.validateDbIsOpen(),new Promise((n,i)=>{if(!this.db)return i(j(Xo));const d=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).put(t,e);d.addEventListener("success",()=>{this.closeConnection(),n()}),d.addEventListener("error",f=>{this.closeConnection(),i(f)})})}async removeItem(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readwrite").objectStore(this.tableName).delete(e);c.addEventListener("success",()=>{this.closeConnection(),t()}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async getKeys(){return await this.validateDbIsOpen(),new Promise((e,t)=>{if(!this.db)return t(j(Xo));const s=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).getAllKeys();s.addEventListener("success",c=>{const d=c;this.closeConnection(),e(d.target.result)}),s.addEventListener("error",c=>{this.closeConnection(),t(c)})})}async containsKey(e){return await this.validateDbIsOpen(),new Promise((t,n)=>{if(!this.db)return n(j(Xo));const c=this.db.transaction([this.tableName],"readonly").objectStore(this.tableName).count(e);c.addEventListener("success",d=>{const f=d;this.closeConnection(),t(f.target.result===1)}),c.addEventListener("error",d=>{this.closeConnection(),n(d)})})}async deleteDatabase(){return this.db&&this.dbOpen&&this.closeConnection(),new Promise((e,t)=>{const n=window.indexedDB.deleteDatabase(pd),i=setTimeout(()=>t(!1),200);n.addEventListener("success",()=>(clearTimeout(i),e(!0))),n.addEventListener("blocked",()=>(clearTimeout(i),e(!0))),n.addEventListener("error",()=>(clearTimeout(i),t(!1)))})}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Cd{constructor(){this.cache=new Map}getItem(e){return this.cache.get(e)||null}setItem(e,t){this.cache.set(e,t)}removeItem(e){this.cache.delete(e)}getKeys(){const e=[];return this.cache.forEach((t,n)=>{e.push(n)}),e}containsKey(e){return this.cache.has(e)}clear(){this.cache.clear()}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class tM{constructor(e){this.inMemoryCache=new Cd,this.indexedDBCache=new eM,this.logger=e}handleDatabaseAccessError(e){if(e instanceof _a&&e.errorCode===uh)this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.");else throw e}async getItem(e){const t=this.inMemoryCache.getItem(e);if(!t)try{return this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.getItem(e)}catch(n){this.handleDatabaseAccessError(n)}return t}async setItem(e,t){this.inMemoryCache.setItem(e,t);try{await this.indexedDBCache.setItem(e,t)}catch(n){this.handleDatabaseAccessError(n)}}async removeItem(e){this.inMemoryCache.removeItem(e);try{await this.indexedDBCache.removeItem(e)}catch(t){this.handleDatabaseAccessError(t)}}async getKeys(){const e=this.inMemoryCache.getKeys();if(e.length===0)try{return this.logger.verbose("In-memory cache is empty, now querying persistent storage."),await this.indexedDBCache.getKeys()}catch(t){this.handleDatabaseAccessError(t)}return e}async containsKey(e){const t=this.inMemoryCache.containsKey(e);if(!t)try{return this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),await this.indexedDBCache.containsKey(e)}catch(n){this.handleDatabaseAccessError(n)}return t}clearInMemory(){this.logger.verbose("Deleting in-memory keystore"),this.inMemoryCache.clear(),this.logger.verbose("In-memory keystore deleted")}async clearPersistent(){try{this.logger.verbose("Deleting persistent keystore");const e=await this.indexedDBCache.deleteDatabase();return e&&this.logger.verbose("Persistent keystore deleted"),e}catch(e){return this.handleDatabaseAccessError(e),!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class mi{constructor(e,t,n){this.logger=e,D0(n??!1),this.cache=new tM(this.logger),this.performanceClient=t}createNewGuid(){return Er()}base64Encode(e){return dh(e)}base64Decode(e){return tr(e)}base64UrlEncode(e){return bs(e)}encodeKid(e){return this.base64UrlEncode(JSON.stringify({kid:e}))}async getPublicKeyThumbprint(e){var p;const t=(p=this.performanceClient)==null?void 0:p.startMeasurement(k.CryptoOptsGetPublicKeyThumbprint,e.correlationId),n=await L0(mi.EXTRACTABLE,mi.POP_KEY_USAGES),i=await Du(n.publicKey),s={e:i.e,kty:i.kty,n:i.n},c=lp(s),d=await this.hashString(c),f=await Du(n.privateKey),g=await U0(f,!1,["sign"]);return await this.cache.setItem(d,{privateKey:g,publicKey:n.publicKey,requestMethod:e.resourceRequestMethod,requestUri:e.resourceRequestUri}),t&&t.end({success:!0}),d}async removeTokenBindingKey(e){return await this.cache.removeItem(e),!await this.cache.containsKey(e)}async clearKeystore(){this.cache.clearInMemory();try{return await this.cache.clearPersistent(),!0}catch(e){return e instanceof Error?this.logger.error(`Clearing keystore failed with error: ${e.message}`):this.logger.error("Clearing keystore failed with unknown error"),!1}}async signJwt(e,t,n,i){var V;const s=(V=this.performanceClient)==null?void 0:V.startMeasurement(k.CryptoOptsSignJwt,i),c=await this.cache.getItem(t);if(!c)throw j(lh);const d=await Du(c.publicKey),f=lp(d),g=bs(JSON.stringify({kid:t})),p=ih.getShrHeaderString({...n==null?void 0:n.header,alg:d.alg,kid:g}),w=bs(p);e.cnf={jwk:JSON.parse(f)};const C=bs(JSON.stringify(e)),S=`${w}.${C}`,b=new TextEncoder().encode(S),N=await B0(c.privateKey,b),K=xc(new Uint8Array(N)),H=`${S}.${K}`;return s&&s.end({success:!0}),H}async hashString(e){return LC(e)}}mi.POP_KEY_USAGES=["sign","verify"];mi.EXTRACTABLE=!0;function lp(r){return JSON.stringify(r,Object.keys(r).sort())}/*! @azure/msal-browser v3.28.1 2025-01-14 */class nM{constructor(){if(!window.localStorage)throw gh(ha)}getItem(e){return window.localStorage.getItem(e)}setItem(e,t){window.localStorage.setItem(e,t)}removeItem(e){window.localStorage.removeItem(e)}getKeys(){return Object.keys(window.localStorage)}containsKey(e){return window.localStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class rM{constructor(){if(!window.sessionStorage)throw gh(ha)}getItem(e){return window.sessionStorage.getItem(e)}setItem(e,t){window.sessionStorage.setItem(e,t)}removeItem(e){window.sessionStorage.removeItem(e)}getKeys(){return Object.keys(window.sessionStorage)}containsKey(e){return window.sessionStorage.hasOwnProperty(e)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function HC(r,e){if(!e)return null;try{return Bn.parseRequestState(r,e).libraryState.meta}catch{throw U(hi)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const oM=24*60*60*1e3;class iM{getItem(e){const t=`${encodeURIComponent(e)}`,n=document.cookie.split(";");for(let i=0;i<n.length;i++){const s=n[i],[c,...d]=decodeURIComponent(s).trim().split("="),f=d.join("=");if(c===t)return f}return""}setItem(e,t,n,i=!0){let s=`${encodeURIComponent(e)}=${encodeURIComponent(t)};path=/;SameSite=Lax;`;if(n){const c=aM(n);s+=`expires=${c};`}i&&(s+="Secure;"),document.cookie=s}removeItem(e){this.setItem(e,"",-1)}getKeys(){const e=document.cookie.split(";"),t=[];return e.forEach(n=>{const i=decodeURIComponent(n).trim().split("=");t.push(i[0])}),t}containsKey(e){return this.getKeys().includes(e)}}function aM(r){const e=new Date;return new Date(e.getTime()+r*oM).toUTCString()}/*! @azure/msal-browser v3.28.1 2025-01-14 */class wd extends fi{constructor(e,t,n,i,s,c){super(e,n,i,s),this.cacheConfig=t,this.logger=i,this.internalStorage=new Cd,this.browserStorage=this.setupBrowserStorage(this.cacheConfig.cacheLocation),this.temporaryCacheStorage=this.setupBrowserStorage(this.cacheConfig.temporaryCacheLocation),this.cookieStorage=new iM,t.cacheMigrationEnabled&&(this.migrateCacheEntries(),this.createKeyMaps()),this.performanceClient=c}setupBrowserStorage(e){try{switch(e){case Ft.LocalStorage:return new nM;case Ft.SessionStorage:return new rM;case Ft.MemoryStorage:default:break}}catch(t){this.logger.error(t)}return this.cacheConfig.cacheLocation=Ft.MemoryStorage,new Cd}migrateCacheEntries(){const e=`${P.CACHE_PREFIX}.${st.ID_TOKEN}`,t=`${P.CACHE_PREFIX}.${st.CLIENT_INFO}`,n=`${P.CACHE_PREFIX}.${st.ERROR}`,i=`${P.CACHE_PREFIX}.${st.ERROR_DESC}`,s=this.browserStorage.getItem(e),c=this.browserStorage.getItem(t),d=this.browserStorage.getItem(n),f=this.browserStorage.getItem(i),g=[s,c,d,f];[st.ID_TOKEN,st.CLIENT_INFO,st.ERROR,st.ERROR_DESC].forEach((w,C)=>{const S=g[C];S&&this.setTemporaryCache(w,S,!0)})}createKeyMaps(){this.logger.trace("BrowserCacheManager - createKeyMaps called.");const e=this.getItem(Dr.ACCOUNT_KEYS),t=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e&&t){this.logger.verbose("BrowserCacheManager:createKeyMaps - account and token key maps already exist, skipping migration.");return}this.browserStorage.getKeys().forEach(i=>{if(this.isCredentialKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);if(c&&c.hasOwnProperty("credentialType"))switch(c.credentialType){case re.ID_TOKEN:if(Hm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - idToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - idToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ID_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching idToken schema with value containing idToken credentialType field but value failed IdTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed idToken validation on key: ${i}`);break;case re.ACCESS_TOKEN:case re.ACCESS_TOKEN_WITH_AUTH_SCHEME:if(Fm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - accessToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - accessToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.ACCESS_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching accessToken schema with value containing accessToken credentialType field but value failed AccessTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed accessToken validation on key: ${i}`);break;case re.REFRESH_TOKEN:if(Vm(c)){this.logger.trace("BrowserCacheManager:createKeyMaps - refreshToken found, saving key to token key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - refreshToken with key: ${i} found, saving key to token key map`);const d=c,f=this.updateCredentialCacheKey(i,d);this.addTokenKey(f,re.REFRESH_TOKEN);return}else this.logger.trace("BrowserCacheManager:createKeyMaps - key found matching refreshToken schema with value containing refreshToken credentialType field but value failed RefreshTokenEntity validation, skipping."),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - failed refreshToken validation on key: ${i}`);break}}}if(this.isAccountKey(i)){const s=this.getItem(i);if(s){const c=this.validateAndParseJson(s);c&&it.isAccountEntity(c)&&(this.logger.trace("BrowserCacheManager:createKeyMaps - account found, saving key to account key map"),this.logger.tracePii(`BrowserCacheManager:createKeyMaps - account with key: ${i} found, saving key to account key map`),this.addAccountKeyToMap(i))}}})}validateAndParseJson(e){try{const t=JSON.parse(e);return t&&typeof t=="object"?t:null}catch{return null}}getItem(e){return this.browserStorage.getItem(e)}setItem(e,t){this.browserStorage.setItem(e,t)}getAccount(e,t){this.logger.trace("BrowserCacheManager.getAccount called");const n=this.getCachedAccountEntity(e);return this.updateOutdatedCachedAccount(e,n,t)}getCachedAccountEntity(e){const t=this.getItem(e);if(!t)return this.removeAccountKeyFromMap(e),null;const n=this.validateAndParseJson(t);return!n||!it.isAccountEntity(n)?(this.removeAccountKeyFromMap(e),null):fi.toObject(new it,n)}setAccount(e){this.logger.trace("BrowserCacheManager.setAccount called");const t=e.generateAccountKey();this.setItem(t,JSON.stringify(e)),this.addAccountKeyToMap(t)}getAccountKeys(){this.logger.trace("BrowserCacheManager.getAccountKeys called");const e=this.getItem(Dr.ACCOUNT_KEYS);return e?JSON.parse(e):(this.logger.verbose("BrowserCacheManager.getAccountKeys - No account keys found"),[])}addAccountKeyToMap(e){this.logger.trace("BrowserCacheManager.addAccountKeyToMap called"),this.logger.tracePii(`BrowserCacheManager.addAccountKeyToMap called with key: ${e}`);const t=this.getAccountKeys();t.indexOf(e)===-1?(t.push(e),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key added")):this.logger.verbose("BrowserCacheManager.addAccountKeyToMap account key already exists in map")}removeAccountKeyFromMap(e){this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap called"),this.logger.tracePii(`BrowserCacheManager.removeAccountKeyFromMap called with key: ${e}`);const t=this.getAccountKeys(),n=t.indexOf(e);n>-1?(t.splice(n,1),this.setItem(Dr.ACCOUNT_KEYS,JSON.stringify(t)),this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap account key removed")):this.logger.trace("BrowserCacheManager.removeAccountKeyFromMap key not found in existing map")}async removeAccount(e){super.removeAccount(e),this.removeAccountKeyFromMap(e)}removeOutdatedAccount(e){this.removeItem(e),this.removeAccountKeyFromMap(e)}removeIdToken(e){super.removeIdToken(e),this.removeTokenKey(e,re.ID_TOKEN)}async removeAccessToken(e){super.removeAccessToken(e),this.removeTokenKey(e,re.ACCESS_TOKEN)}removeRefreshToken(e){super.removeRefreshToken(e),this.removeTokenKey(e,re.REFRESH_TOKEN)}getTokenKeys(){this.logger.trace("BrowserCacheManager.getTokenKeys called");const e=this.getItem(`${Dr.TOKEN_KEYS}.${this.clientId}`);if(e){const t=this.validateAndParseJson(e);if(t&&t.hasOwnProperty("idToken")&&t.hasOwnProperty("accessToken")&&t.hasOwnProperty("refreshToken"))return t;this.logger.error("BrowserCacheManager.getTokenKeys - Token keys found but in an unknown format. Returning empty key map.")}else this.logger.verbose("BrowserCacheManager.getTokenKeys - No token keys found");return{idToken:[],accessToken:[],refreshToken:[]}}addTokenKey(e,t){this.logger.trace("BrowserCacheManager addTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:n.idToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - idToken added to map"),n.idToken.push(e));break;case re.ACCESS_TOKEN:n.accessToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - accessToken added to map"),n.accessToken.push(e));break;case re.REFRESH_TOKEN:n.refreshToken.indexOf(e)===-1&&(this.logger.info("BrowserCacheManager: addTokenKey - refreshToken added to map"),n.refreshToken.push(e));break;default:throw this.logger.error(`BrowserCacheManager:addTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(cd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}removeTokenKey(e,t){this.logger.trace("BrowserCacheManager removeTokenKey called");const n=this.getTokenKeys();switch(t){case re.ID_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove idToken with key: ${e} from map`);const i=n.idToken.indexOf(e);i>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - idToken removed from map"),n.idToken.splice(i,1)):this.logger.info("BrowserCacheManager: removeTokenKey - idToken does not exist in map. Either it was previously removed or it was never added.");break;case re.ACCESS_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove accessToken with key: ${e} from map`);const s=n.accessToken.indexOf(e);s>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - accessToken removed from map"),n.accessToken.splice(s,1)):this.logger.info("BrowserCacheManager: removeTokenKey - accessToken does not exist in map. Either it was previously removed or it was never added.");break;case re.REFRESH_TOKEN:this.logger.infoPii(`BrowserCacheManager: removeTokenKey - attempting to remove refreshToken with key: ${e} from map`);const c=n.refreshToken.indexOf(e);c>-1?(this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken removed from map"),n.refreshToken.splice(c,1)):this.logger.info("BrowserCacheManager: removeTokenKey - refreshToken does not exist in map. Either it was previously removed or it was never added.");break;default:throw this.logger.error(`BrowserCacheManager:removeTokenKey - CredentialType provided invalid. CredentialType: ${t}`),U(cd)}this.setItem(`${Dr.TOKEN_KEYS}.${this.clientId}`,JSON.stringify(n))}getIdTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Hm(n)?(this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ID_TOKEN),null):(this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),n)}setIdTokenCredential(e){this.logger.trace("BrowserCacheManager.setIdTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ID_TOKEN)}getAccessTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Fm(n)?(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.ACCESS_TOKEN),null):(this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),n)}setAccessTokenCredential(e){this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.ACCESS_TOKEN)}getRefreshTokenCredential(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null;const n=this.validateAndParseJson(t);return!n||!Vm(n)?(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),this.removeTokenKey(e,re.REFRESH_TOKEN),null):(this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),n)}setRefreshTokenCredential(e){this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");const t=oi(e);this.setItem(t,JSON.stringify(e)),this.addTokenKey(t,re.REFRESH_TOKEN)}getAppMetadata(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!QN(e,n)?(this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),n)}setAppMetadata(e){this.logger.trace("BrowserCacheManager.setAppMetadata called");const t=JN(e);this.setItem(t,JSON.stringify(e))}getServerTelemetry(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!jN(e,n)?(this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),n)}setServerTelemetry(e,t){this.logger.trace("BrowserCacheManager.setServerTelemetry called"),this.setItem(e,JSON.stringify(t))}getAuthorityMetadata(e){const t=this.internalStorage.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),null;const n=this.validateAndParseJson(t);return n&&XN(e,n)?(this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),n):null}getAuthorityMetadataKeys(){return this.internalStorage.getKeys().filter(t=>this.isAuthorityMetadata(t))}setWrapperMetadata(e,t){this.internalStorage.setItem(Is.WRAPPER_SKU,e),this.internalStorage.setItem(Is.WRAPPER_VER,t)}getWrapperMetadata(){const e=this.internalStorage.getItem(Is.WRAPPER_SKU)||P.EMPTY_STRING,t=this.internalStorage.getItem(Is.WRAPPER_VER)||P.EMPTY_STRING;return[e,t]}setAuthorityMetadata(e,t){this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),this.internalStorage.setItem(e,JSON.stringify(t))}getActiveAccount(){const e=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),t=this.getItem(e);if(!t){this.logger.trace("BrowserCacheManager.getActiveAccount: No active account filters cache schema found, looking for legacy schema");const i=this.generateCacheKey(st.ACTIVE_ACCOUNT),s=this.getItem(i);if(!s)return this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null;const c=this.getAccountInfoFilteredBy({localAccountId:s});return c?(this.logger.trace("BrowserCacheManager.getActiveAccount: Legacy active account cache schema found"),this.logger.trace("BrowserCacheManager.getActiveAccount: Adding active account filters cache schema"),this.setActiveAccount(c),c):null}const n=this.validateAndParseJson(t);return n?(this.logger.trace("BrowserCacheManager.getActiveAccount: Active account filters schema found"),this.getAccountInfoFilteredBy({homeAccountId:n.homeAccountId,localAccountId:n.localAccountId,tenantId:n.tenantId})):(this.logger.trace("BrowserCacheManager.getActiveAccount: No active account found"),null)}setActiveAccount(e){const t=this.generateCacheKey(st.ACTIVE_ACCOUNT_FILTERS),n=this.generateCacheKey(st.ACTIVE_ACCOUNT);if(e){this.logger.verbose("setActiveAccount: Active account set");const i={homeAccountId:e.homeAccountId,localAccountId:e.localAccountId,tenantId:e.tenantId};this.browserStorage.setItem(t,JSON.stringify(i)),this.browserStorage.setItem(n,e.localAccountId)}else this.logger.verbose("setActiveAccount: No account passed, active account not set"),this.browserStorage.removeItem(t),this.browserStorage.removeItem(n)}getThrottlingCache(e){const t=this.getItem(e);if(!t)return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null;const n=this.validateAndParseJson(t);return!n||!YN(e,n)?(this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),null):(this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),n)}setThrottlingCache(e,t){this.logger.trace("BrowserCacheManager.setThrottlingCache called"),this.setItem(e,JSON.stringify(t))}getTemporaryCache(e,t){const n=t?this.generateCacheKey(e):e;if(this.cacheConfig.storeAuthStateInCookie){const s=this.cookieStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),s}const i=this.temporaryCacheStorage.getItem(n);if(!i){if(this.cacheConfig.cacheLocation===Ft.LocalStorage){const s=this.browserStorage.getItem(n);if(s)return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),s}return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),null}return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),i}setTemporaryCache(e,t,n){const i=n?this.generateCacheKey(e):e;this.temporaryCacheStorage.setItem(i,t),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),this.cookieStorage.setItem(i,t,void 0,this.cacheConfig.secureCookies))}removeItem(e){this.browserStorage.removeItem(e)}removeTemporaryItem(e){this.temporaryCacheStorage.removeItem(e),this.cacheConfig.storeAuthStateInCookie&&(this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),this.cookieStorage.removeItem(e))}getKeys(){return this.browserStorage.getKeys()}async clear(){await this.removeAllAccounts(),this.removeAppMetadata(),this.temporaryCacheStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.removeTemporaryItem(e)}),this.browserStorage.getKeys().forEach(e=>{(e.indexOf(P.CACHE_PREFIX)!==-1||e.indexOf(this.clientId)!==-1)&&this.browserStorage.removeItem(e)}),this.internalStorage.clear()}async clearTokensAndKeysWithClaims(e,t){e.addQueueMeasurement(k.ClearTokensAndKeysWithClaims,t);const n=this.getTokenKeys(),i=[];n.accessToken.forEach(s=>{const c=this.getAccessTokenCredential(s);c!=null&&c.requestedClaimsHash&&s.includes(c.requestedClaimsHash.toLowerCase())&&i.push(this.removeAccessToken(s))}),await Promise.all(i),i.length>0&&this.logger.warning(`${i.length} access tokens with claims in the cache keys have been removed from the cache.`)}generateCacheKey(e){return this.validateAndParseJson(e)?JSON.stringify(e):Un.startsWith(e,P.CACHE_PREFIX)||Un.startsWith(e,st.ADAL_ID_TOKEN)?e:`${P.CACHE_PREFIX}.${this.clientId}.${e}`}generateAuthorityKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.AUTHORITY}.${t}`)}generateNonceKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.NONCE_IDTOKEN}.${t}`)}generateStateKey(e){const{libraryState:{id:t}}=Bn.parseRequestState(this.cryptoImpl,e);return this.generateCacheKey(`${be.REQUEST_STATE}.${t}`)}getCachedAuthority(e){const t=this.generateStateKey(e),n=this.getTemporaryCache(t);if(!n)return null;const i=this.generateAuthorityKey(n);return this.getTemporaryCache(i)}updateCacheEntries(e,t,n,i,s){this.logger.trace("BrowserCacheManager.updateCacheEntries called");const c=this.generateStateKey(e);this.setTemporaryCache(c,e,!1);const d=this.generateNonceKey(e);this.setTemporaryCache(d,t,!1);const f=this.generateAuthorityKey(e);if(this.setTemporaryCache(f,n,!1),s){const g={credential:s.homeAccountId,type:on.HOME_ACCOUNT_ID};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}else if(i){const g={credential:i,type:on.UPN};this.setTemporaryCache(be.CCS_CREDENTIAL,JSON.stringify(g),!0)}}resetRequestCache(e){this.logger.trace("BrowserCacheManager.resetRequestCache called"),e&&(this.temporaryCacheStorage.getKeys().forEach(t=>{t.indexOf(e)!==-1&&this.removeTemporaryItem(t)}),this.removeTemporaryItem(this.generateStateKey(e)),this.removeTemporaryItem(this.generateNonceKey(e)),this.removeTemporaryItem(this.generateAuthorityKey(e))),this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),this.removeTemporaryItem(this.generateCacheKey(be.ORIGIN_URI)),this.removeTemporaryItem(this.generateCacheKey(be.URL_HASH)),this.removeTemporaryItem(this.generateCacheKey(be.CORRELATION_ID)),this.removeTemporaryItem(this.generateCacheKey(be.CCS_CREDENTIAL)),this.removeTemporaryItem(this.generateCacheKey(be.NATIVE_REQUEST)),this.setInteractionInProgress(!1)}cleanRequestByState(e){if(this.logger.trace("BrowserCacheManager.cleanRequestByState called"),e){const t=this.generateStateKey(e),n=this.temporaryCacheStorage.getItem(t);this.logger.infoPii(`BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n||P.EMPTY_STRING)}}cleanRequestByInteractionType(e){this.logger.trace("BrowserCacheManager.cleanRequestByInteractionType called"),this.temporaryCacheStorage.getKeys().forEach(t=>{if(t.indexOf(be.REQUEST_STATE)===-1)return;const n=this.temporaryCacheStorage.getItem(t);if(!n)return;const i=HC(this.cryptoImpl,n);i&&i.interactionType===e&&(this.logger.infoPii(`BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: ${n}`),this.resetRequestCache(n))}),this.setInteractionInProgress(!1)}cacheCodeRequest(e){this.logger.trace("BrowserCacheManager.cacheCodeRequest called");const t=dh(JSON.stringify(e));this.setTemporaryCache(be.REQUEST_PARAMS,t,!0)}getCachedRequest(e){this.logger.trace("BrowserCacheManager.getCachedRequest called");const t=this.getTemporaryCache(be.REQUEST_PARAMS,!0);if(!t)throw j(mC);let n;try{n=JSON.parse(tr(t))}catch(i){throw this.logger.errorPii(`Attempted to parse: ${t}`),this.logger.error(`Parsing cached token request threw with error: ${i}`),j(pC)}if(this.removeTemporaryItem(this.generateCacheKey(be.REQUEST_PARAMS)),!n.authority){const i=this.generateAuthorityKey(e),s=this.getTemporaryCache(i);if(!s)throw j(ch);n.authority=s}return n}getCachedNativeRequest(){this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");const e=this.getTemporaryCache(be.NATIVE_REQUEST,!0);if(!e)return this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),null;const t=this.validateAndParseJson(e);return t||(this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),null)}isInteractionInProgress(e){const t=this.getInteractionInProgress();return e?t===this.clientId:!!t}getInteractionInProgress(){const e=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;return this.getTemporaryCache(e,!1)}setInteractionInProgress(e){const t=`${P.CACHE_PREFIX}.${be.INTERACTION_STATUS_KEY}`;if(e){if(this.getInteractionInProgress())throw j(sC);this.setTemporaryCache(t,this.clientId,!1)}else!e&&this.getInteractionInProgress()===this.clientId&&this.removeTemporaryItem(t)}getLegacyLoginHint(){const e=this.getTemporaryCache(st.ADAL_ID_TOKEN);e&&(this.browserStorage.removeItem(st.ADAL_ID_TOKEN),this.logger.verbose("Cached ADAL id token retrieved."));const t=this.getTemporaryCache(st.ID_TOKEN,!0);t&&(this.browserStorage.removeItem(this.generateCacheKey(st.ID_TOKEN)),this.logger.verbose("Cached MSAL.js v1 id token retrieved"));const n=t||e;if(n){const i=wo(n,tr);if(i.preferred_username)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 preferred_username as loginHint"),i.preferred_username;if(i.upn)return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 upn as loginHint"),i.upn;this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, however, no account hint claim found. Enable preferred_username or upn id token claim to get SSO.")}return null}updateCredentialCacheKey(e,t){const n=oi(t);if(e!==n){const i=this.getItem(e);if(i)return this.browserStorage.removeItem(e),this.setItem(n,i),this.logger.verbose(`Updated an outdated ${t.credentialType} cache key`),n;this.logger.error(`Attempted to update an outdated ${t.credentialType} cache key but no item matching the outdated key was found in storage`)}return e}async hydrateCache(e,t){var d,f,g;const n=Ic((d=e.account)==null?void 0:d.homeAccountId,(f=e.account)==null?void 0:f.environment,e.idToken,this.clientId,e.tenantId);let i;t.claims&&(i=await this.cryptoImpl.hashString(t.claims));const s=bc((g=e.account)==null?void 0:g.homeAccountId,e.account.environment,e.accessToken,this.clientId,e.tenantId,e.scopes.join(" "),e.expiresOn?e.expiresOn.getTime()/1e3:0,e.extExpiresOn?e.extExpiresOn.getTime()/1e3:0,tr,void 0,e.tokenType,void 0,t.sshKid,t.claims,i),c={idToken:n,accessToken:s};return this.saveCacheRecord(c)}async saveCacheRecord(e,t,n){try{await super.saveCacheRecord(e,t,n)}catch(i){if(i instanceof ci&&this.performanceClient&&n)try{const s=this.getTokenKeys();this.performanceClient.addFields({cacheRtCount:s.refreshToken.length,cacheIdCount:s.idToken.length,cacheAtCount:s.accessToken.length},n)}catch{}throw i}}}const sM=(r,e)=>{const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};return new wd(r,t,ic,e)};/*! @azure/msal-browser v3.28.1 2025-01-14 */function cM(r,e,t,n){return r.verbose("getAllAccounts called"),t?e.getAllAccounts(n):[]}function lM(r,e,t){if(e.trace("getAccount called"),Object.keys(r).length===0)return e.warning("getAccount: No accountFilter provided"),null;const n=t.getAccountInfoFilteredBy(r);return n?(e.verbose("getAccount: Account matching provided filter found, returning"),n):(e.verbose("getAccount: No matching account found, returning null"),null)}function uM(r,e,t){if(e.trace("getAccountByUsername called"),!r)return e.warning("getAccountByUsername: No username provided"),null;const n=t.getAccountInfoFilteredBy({username:r});return n?(e.verbose("getAccountByUsername: Account matching username found, returning"),e.verbosePii(`getAccountByUsername: Returning signed-in accounts matching username: ${r}`),n):(e.verbose("getAccountByUsername: No matching account found, returning null"),null)}function dM(r,e,t){if(e.trace("getAccountByHomeId called"),!r)return e.warning("getAccountByHomeId: No homeAccountId provided"),null;const n=t.getAccountInfoFilteredBy({homeAccountId:r});return n?(e.verbose("getAccountByHomeId: Account matching homeAccountId found, returning"),e.verbosePii(`getAccountByHomeId: Returning signed-in accounts matching homeAccountId: ${r}`),n):(e.verbose("getAccountByHomeId: No matching account found, returning null"),null)}function hM(r,e,t){if(e.trace("getAccountByLocalId called"),!r)return e.warning("getAccountByLocalId: No localAccountId provided"),null;const n=t.getAccountInfoFilteredBy({localAccountId:r});return n?(e.verbose("getAccountByLocalId: Account matching localAccountId found, returning"),e.verbosePii(`getAccountByLocalId: Returning signed-in accounts matching localAccountId: ${r}`),n):(e.verbose("getAccountByLocalId: No matching account found, returning null"),null)}function fM(r,e){e.setActiveAccount(r)}function gM(r){return r.getActiveAccount()}/*! @azure/msal-browser v3.28.1 2025-01-14 */const ne={INITIALIZE_START:"msal:initializeStart",INITIALIZE_END:"msal:initializeEnd",ACCOUNT_ADDED:"msal:accountAdded",ACCOUNT_REMOVED:"msal:accountRemoved",ACTIVE_ACCOUNT_CHANGED:"msal:activeAccountChanged",LOGIN_START:"msal:loginStart",LOGIN_SUCCESS:"msal:loginSuccess",LOGIN_FAILURE:"msal:loginFailure",ACQUIRE_TOKEN_START:"msal:acquireTokenStart",ACQUIRE_TOKEN_SUCCESS:"msal:acquireTokenSuccess",ACQUIRE_TOKEN_FAILURE:"msal:acquireTokenFailure",ACQUIRE_TOKEN_NETWORK_START:"msal:acquireTokenFromNetworkStart",SSO_SILENT_START:"msal:ssoSilentStart",SSO_SILENT_SUCCESS:"msal:ssoSilentSuccess",SSO_SILENT_FAILURE:"msal:ssoSilentFailure",ACQUIRE_TOKEN_BY_CODE_START:"msal:acquireTokenByCodeStart",ACQUIRE_TOKEN_BY_CODE_SUCCESS:"msal:acquireTokenByCodeSuccess",ACQUIRE_TOKEN_BY_CODE_FAILURE:"msal:acquireTokenByCodeFailure",HANDLE_REDIRECT_START:"msal:handleRedirectStart",HANDLE_REDIRECT_END:"msal:handleRedirectEnd",POPUP_OPENED:"msal:popupOpened",LOGOUT_START:"msal:logoutStart",LOGOUT_SUCCESS:"msal:logoutSuccess",LOGOUT_FAILURE:"msal:logoutFailure",LOGOUT_END:"msal:logoutEnd",RESTORE_FROM_BFCACHE:"msal:restoreFromBFCache"};/*! @azure/msal-browser v3.28.1 2025-01-14 */class mM{constructor(e){this.eventCallbacks=new Map,this.logger=e||new Wr({})}addEventCallback(e,t,n){if(typeof window<"u"){const i=n||q0();return this.eventCallbacks.has(i)?(this.logger.error(`Event callback with id: ${i} is already registered. Please provide a unique id or remove the existing callback and try again.`),null):(this.eventCallbacks.set(i,[e,t||[]]),this.logger.verbose(`Event callback registered with id: ${i}`),i)}return null}removeEventCallback(e){this.eventCallbacks.delete(e),this.logger.verbose(`Event callback ${e} removed.`)}emitEvent(e,t,n,i){if(typeof window<"u"){const s={eventType:e,interactionType:t||null,payload:n||null,error:i||null,timestamp:Date.now()};this.eventCallbacks.forEach(([c,d],f)=>{(d.length===0||d.includes(e))&&(this.logger.verbose(`Emitting event to callback ${f}: ${e}`),c.apply(null,[s]))})}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VC{constructor(e,t,n,i,s,c,d,f,g){this.config=e,this.browserStorage=t,this.browserCrypto=n,this.networkClient=this.config.system.networkClient,this.eventHandler=s,this.navigationClient=c,this.nativeMessageHandler=f,this.correlationId=g||Er(),this.logger=i.clone(en.MSAL_SKU,Lc,this.correlationId),this.performanceClient=d}async clearCacheOnLogout(e){if(e){it.accountInfoIsEqual(e,this.browserStorage.getActiveAccount(),!1)&&(this.logger.verbose("Setting active account to null"),this.browserStorage.setActiveAccount(null));try{await this.browserStorage.removeAccount(it.generateAccountCacheKey(e)),this.logger.verbose("Cleared cache items belonging to the account provided in the logout request.")}catch{this.logger.error("Account provided in logout request was not found. Local cache unchanged.")}}else try{this.logger.verbose("No account provided in logout request, clearing all cache items.",this.correlationId),await this.browserStorage.clear(),await this.browserCrypto.clearKeystore()}catch{this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged.")}}getRedirectUri(e){this.logger.verbose("getRedirectUri called");const t=e||this.config.auth.redirectUri;return ye.getAbsoluteUrl(t,yr())}initializeServerTelemetryManager(e,t){this.logger.verbose("initializeServerTelemetryManager called");const n={clientId:this.config.auth.clientId,correlationId:this.correlationId,apiId:e,forceRefresh:t||!1,wrapperSKU:this.browserStorage.getWrapperMetadata()[0],wrapperVer:this.browserStorage.getWrapperMetadata()[1]};return new da(n,this.browserStorage)}async getDiscoveredAuthority(e){const{account:t}=e,n=e.requestExtraQueryParameters&&e.requestExtraQueryParameters.hasOwnProperty("instance_aware")?e.requestExtraQueryParameters.instance_aware:void 0;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetDiscoveredAuthority,this.correlationId);const i={protocolMode:this.config.auth.protocolMode,OIDCOptions:this.config.auth.OIDCOptions,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},s=e.requestAuthority||this.config.auth.authority,c=n!=null&&n.length?n==="true":this.config.auth.instanceAware,d=t&&c?this.config.auth.authority.replace(ye.getDomainFromUrl(s),t.environment):s,f=Tt.generateAuthority(d,e.requestAzureCloudOptions||this.config.auth.azureCloudOptions),g=await B(Jy,k.AuthorityFactoryCreateDiscoveredInstance,this.logger,this.performanceClient,this.correlationId)(f,this.config.system.networkClient,this.browserStorage,i,this.logger,this.correlationId,this.performanceClient);if(t&&!g.isAlias(t.environment))throw Ne(Vy);return g}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const pM=32;async function vM(r,e,t){r.addQueueMeasurement(k.GeneratePkceCodes,t);const n=_o(yM,k.GenerateCodeVerifier,e,r,t)(r,e,t),i=await B(CM,k.GenerateCodeChallengeFromVerifier,e,r,t)(n,r,e,t);return{verifier:n,challenge:i}}function yM(r,e,t){try{const n=new Uint8Array(pM);return _o(x0,k.GetRandomValues,e,r,t)(n),xc(n)}catch{throw j(ah)}}async function CM(r,e,t,n){e.addQueueMeasurement(k.GenerateCodeChallengeFromVerifier,n);try{const i=await B(xC,k.Sha256Digest,t,e,n)(r,e,n);return xc(new Uint8Array(i))}catch{throw j(ah)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function yh(r,e,t,n){t.addQueueMeasurement(k.InitializeBaseRequest,r.correlationId);const i=r.authority||e.auth.authority,s=[...r&&r.scopes||[]],c={...r,correlationId:r.correlationId,authority:i,scopes:s};if(!c.authenticationScheme)c.authenticationScheme=Re.BEARER,n.verbose(`Authentication Scheme wasn't explicitly set in request, defaulting to "Bearer" request`);else{if(c.authenticationScheme===Re.SSH){if(!r.sshJwk)throw Ne(kc);if(!r.sshKid)throw Ne(By)}n.verbose(`Authentication Scheme set to "${c.authenticationScheme}" as configured in Auth request`)}return e.cache.claimsBasedCachingEnabled&&r.claims&&!Un.isEmptyObj(r.claims)&&(c.requestedClaimsHash=await LC(r.claims)),c}async function wM(r,e,t,n,i){n.addQueueMeasurement(k.InitializeSilentRequest,r.correlationId);const s=await B(yh,k.InitializeBaseRequest,i,n,r.correlationId)(r,t,n,i);return{...r,...s,account:e,forceRefresh:r.forceRefresh||!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class vi extends VC{async initializeAuthorizationCodeRequest(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.correlationId);const t=await B(vM,k.GeneratePkceCodes,this.logger,this.performanceClient,this.correlationId)(this.performanceClient,this.logger,this.correlationId),n={...e,redirectUri:e.redirectUri,code:P.EMPTY_STRING,codeVerifier:t.verifier};return e.codeChallenge=t.challenge,e.codeChallengeMethod=P.S256_CODE_CHALLENGE_METHOD,n}initializeLogoutRequest(e){this.logger.verbose("initializeLogoutRequest called",e==null?void 0:e.correlationId);const t={correlationId:this.correlationId||Er(),...e};if(e)if(e.logoutHint)this.logger.verbose("logoutHint has already been set in logoutRequest");else if(e.account){const n=this.getLogoutHintFromIdTokenClaims(e.account);n&&(this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),t.logoutHint=n)}else this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");else this.logger.verbose("logoutHint will not be set since no logout request was configured");return!e||e.postLogoutRedirectUri!==null?e&&e.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(e.postLogoutRedirectUri,yr())):this.config.auth.postLogoutRedirectUri===null?this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect",t.correlationId):this.config.auth.postLogoutRedirectUri?(this.logger.verbose("Setting postLogoutRedirectUri to configured uri",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri,yr())):(this.logger.verbose("Setting postLogoutRedirectUri to current page",t.correlationId),t.postLogoutRedirectUri=ye.getAbsoluteUrl(yr(),yr())):this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri",t.correlationId),t}getLogoutHintFromIdTokenClaims(e){const t=e.idTokenClaims;if(t){if(t.login_hint)return t.login_hint;this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")}else this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");return null}async createAuthCodeClient(e){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientCreateAuthCodeClient,this.correlationId);const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)(e);return new Zy(t,this.performanceClient)}async getClientConfiguration(e){const{serverTelemetryManager:t,requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}=e;this.performanceClient.addQueueMeasurement(k.StandardInteractionClientGetClientConfiguration,this.correlationId);const d=await B(this.getDiscoveredAuthority.bind(this),k.StandardInteractionClientGetDiscoveredAuthority,this.logger,this.performanceClient,this.correlationId)({requestAuthority:n,requestAzureCloudOptions:i,requestExtraQueryParameters:s,account:c}),f=this.config.system.loggerOptions;return{authOptions:{clientId:this.config.auth.clientId,authority:d,clientCapabilities:this.config.auth.clientCapabilities,redirectUri:this.config.auth.redirectUri},systemOptions:{tokenRenewalOffsetSeconds:this.config.system.tokenRenewalOffsetSeconds,preventCorsPreflight:!0},loggerOptions:{loggerCallback:f.loggerCallback,piiLoggingEnabled:f.piiLoggingEnabled,logLevel:f.logLevel,correlationId:this.correlationId},cacheOptions:{claimsBasedCachingEnabled:this.config.cache.claimsBasedCachingEnabled},cryptoInterface:this.browserCrypto,networkInterface:this.networkClient,storageInterface:this.browserStorage,serverTelemetryManager:t,libraryInfo:{sku:en.MSAL_SKU,version:Lc,cpu:P.EMPTY_STRING,os:P.EMPTY_STRING},telemetry:this.config.telemetry}}async initializeAuthorizationRequest(e,t){this.performanceClient.addQueueMeasurement(k.StandardInteractionClientInitializeAuthorizationRequest,this.correlationId);const n=this.getRedirectUri(e.redirectUri),i={interactionType:t},s=Bn.setRequestState(this.browserCrypto,e&&e.state||P.EMPTY_STRING,i),d={...await B(yh,k.InitializeBaseRequest,this.logger,this.performanceClient,this.correlationId)({...e,correlationId:this.correlationId},this.config,this.performanceClient,this.logger),redirectUri:n,state:s,nonce:e.nonce||Er(),responseMode:this.config.auth.OIDCOptions.serverResponseType};if(e.loginHint||e.sid)return d;const f=e.account||this.browserStorage.getActiveAccount();if(f&&(this.logger.verbose("Setting validated request account",this.correlationId),this.logger.verbosePii(`Setting validated request account: ${f.homeAccountId}`,this.correlationId),d.account=f),!d.loginHint&&!f){const g=this.browserStorage.getLegacyLoginHint();g&&(d.loginHint=g)}return d}}/*! @azure/msal-browser v3.28.1 2025-01-14 */const _M="ContentError",$C="user_switch";/*! @azure/msal-browser v3.28.1 2025-01-14 */const TM="USER_INTERACTION_REQUIRED",EM="USER_CANCEL",SM="NO_NETWORK",AM="PERSISTENT_ERROR",IM="DISABLED",bM="ACCOUNT_UNAVAILABLE";/*! @azure/msal-browser v3.28.1 2025-01-14 */const kM=-2147186943,RM={[$C]:"User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again."};class Jn extends Fe{constructor(e,t,n){super(e,t),Object.setPrototypeOf(this,Jn.prototype),this.name="NativeAuthError",this.ext=n}}function Zo(r){if(r.ext&&r.ext.status&&(r.ext.status===AM||r.ext.status===IM)||r.ext&&r.ext.error&&r.ext.error===kM)return!0;switch(r.errorCode){case _M:return!0;default:return!1}}function _d(r,e,t){if(t&&t.status)switch(t.status){case bM:return hd(Qy);case TM:return new Fn(r,e);case EM:return j(vo);case SM:return j(dc)}return new Jn(r,RM[r]||e,t)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class KC extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentCacheClientAcquireToken,e.correlationId);const t=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),n=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:e.authority,requestAzureCloudOptions:e.azureCloudOptions,account:e.account}),i=new f0(n,this.performanceClient);this.logger.verbose("Silent auth client created");try{const c=(await B(i.acquireCachedToken.bind(i),k.SilentFlowClientAcquireCachedToken,this.logger,this.performanceClient,e.correlationId)(e))[0];return this.performanceClient.addFields({fromCache:!0},e.correlationId),c}catch(s){throw s instanceof _a&&s.errorCode===lh&&this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),s}}logout(e){this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e);return this.clearCacheOnLogout(t==null?void 0:t.account)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class li extends VC{constructor(e,t,n,i,s,c,d,f,g,p,w,C){var T;super(e,t,n,i,s,c,f,g,C),this.apiId=d,this.accountId=p,this.nativeMessageHandler=g,this.nativeStorageManager=w,this.silentCacheClient=new KC(e,this.nativeStorageManager,n,i,s,c,f,g,C),this.serverTelemetryManager=this.initializeServerTelemetryManager(this.apiId);const S=this.nativeMessageHandler.getExtensionId()===ai.PREFERRED_EXTENSION_ID?"chrome":(T=this.nativeMessageHandler.getExtensionId())!=null&&T.length?"unknown":void 0;this.skus=da.makeExtraSkuString({libraryName:en.MSAL_SKU,libraryVersion:Lc,extensionName:S,extensionVersion:this.nativeMessageHandler.getExtensionVersion()})}addRequestSKUs(e){e.extraParameters={...e.extraParameters,[JP]:this.skus}}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),this.logger.trace("NativeInteractionClient - acquireToken called.");const t=this.performanceClient.startMeasurement(k.NativeInteractionClientAcquireToken,e.correlationId),n=rr();try{const i=await this.initializeNativeRequest(e);try{const g=await this.acquireTokensFromCache(this.accountId,i);return t.end({success:!0,isNativeBroker:!1,fromCache:!0}),g}catch{this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call")}const{...s}=i,c={method:ho.GetToken,request:s},d=await this.nativeMessageHandler.sendMessage(c),f=this.validateNativeResponse(d);return await this.handleNativeResponse(f,i,n).then(g=>(t.end({success:!0,isNativeBroker:!0,requestId:g.requestId}),this.serverTelemetryManager.clearNativeBrokerErrorCode(),g)).catch(g=>{throw t.end({success:!1,errorCode:g.errorCode,subErrorCode:g.subError,isNativeBroker:!0}),g})}catch(i){throw i instanceof Jn&&this.serverTelemetryManager.setNativeBrokerErrorCode(i.errorCode),i}}createSilentCacheRequest(e,t){return{authority:e.authority,correlationId:this.correlationId,scopes:Ye.fromString(e.scope).asArray(),account:t,forceRefresh:!1}}async acquireTokensFromCache(e,t){if(!e)throw this.logger.warning("NativeInteractionClient:acquireTokensFromCache - No nativeAccountId provided"),U(ad);const n=this.browserStorage.getBaseAccountInfo({nativeAccountId:e});if(!n)throw U(ad);try{const i=this.createSilentCacheRequest(t,n),s=await this.silentCacheClient.acquireToken(i),c={...n,idTokenClaims:s==null?void 0:s.idTokenClaims,idToken:s==null?void 0:s.idToken};return{...s,account:c}}catch(i){throw i}}async acquireTokenRedirect(e,t){this.logger.trace("NativeInteractionClient - acquireTokenRedirect called.");const{...n}=e;delete n.onRedirectNavigate;const i=await this.initializeNativeRequest(n),s={method:ho.GetToken,request:i};try{const f=await this.nativeMessageHandler.sendMessage(s);this.validateNativeResponse(f)}catch(f){if(f instanceof Jn&&(this.serverTelemetryManager.setNativeBrokerErrorCode(f.errorCode),Zo(f)))throw f}this.browserStorage.setTemporaryCache(be.NATIVE_REQUEST,JSON.stringify(i),!0);const c={apiId:xe.acquireTokenRedirect,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=this.config.auth.navigateToLoginRequestUrl?window.location.href:this.getRedirectUri(e.redirectUri);t.end({success:!0}),await this.navigationClient.navigateExternal(d,c)}async handleRedirectPromise(e,t){if(this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const n=this.browserStorage.getCachedNativeRequest();if(!n)return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),e&&t&&(e==null||e.addFields({errorCode:"no_cached_request"},t)),null;const{prompt:i,...s}=n;i&&this.logger.verbose("NativeInteractionClient - handleRedirectPromise called and prompt was included in the original request, removing prompt from cached request to prevent second interaction with native broker window."),this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.NATIVE_REQUEST));const c={method:ho.GetToken,request:s},d=rr();try{this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker.");const f=await this.nativeMessageHandler.sendMessage(c);this.validateNativeResponse(f);const g=this.handleNativeResponse(f,s,d);this.browserStorage.setInteractionInProgress(!1);const p=await g;return this.serverTelemetryManager.clearNativeBrokerErrorCode(),p}catch(f){throw this.browserStorage.setInteractionInProgress(!1),f}}logout(){return this.logger.trace("NativeInteractionClient - logout called."),Promise.reject("Logout not implemented yet")}async handleNativeResponse(e,t,n){var p;this.logger.trace("NativeInteractionClient - handleNativeResponse called.");const i=wo(e.id_token,tr),s=this.createHomeAccountIdentifier(e,i),c=(p=this.browserStorage.getAccountInfoFilteredBy({nativeAccountId:t.accountId}))==null?void 0:p.homeAccountId;if(s!==c&&e.account.id!==t.accountId)throw _d($C);const d=await this.getDiscoveredAuthority({requestAuthority:t.authority}),f=rh(this.browserStorage,d,s,tr,i,e.client_info,void 0,i.tid,void 0,e.account.id,this.logger),g=await this.generateAuthenticationResult(e,t,i,f,d.canonicalAuthority,n);return this.cacheAccount(f),this.cacheNativeTokens(e,t,s,i,e.access_token,g.tenantId,n),g}createHomeAccountIdentifier(e,t){return it.generateHomeAccountId(e.client_info||P.EMPTY_STRING,Dn.Default,this.logger,this.browserCrypto,t)}generateScopes(e,t){return e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope)}async generatePopAccessToken(e,t){if(t.tokenType===Re.POP&&t.signPopToken){if(e.shr)return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),e.shr;const n=new gi(this.browserCrypto),i={resourceRequestMethod:t.resourceRequestMethod,resourceRequestUri:t.resourceRequestUri,shrClaims:t.shrClaims,shrNonce:t.shrNonce};if(!t.keyId)throw U($d);return n.signPopToken(e.access_token,t.keyId,i)}else return e.access_token}async generateAuthenticationResult(e,t,n,i,s,c){const d=this.addTelemetryFromNativeResponse(e),f=e.scope?Ye.fromString(e.scope):Ye.fromString(t.scope),g=e.account.properties||{},p=g.UID||n.oid||n.sub||P.EMPTY_STRING,w=g.TenantId||n.tid||P.EMPTY_STRING,C=Qd(i.getAccountInfo(),void 0,n,e.id_token);C.nativeAccountId!==e.account.id&&(C.nativeAccountId=e.account.id);const S=await this.generatePopAccessToken(e,t),T=t.tokenType===Re.POP?Re.POP:Re.BEARER;return{authority:s,uniqueId:p,tenantId:w,scopes:f.asArray(),account:C,idToken:e.id_token,idTokenClaims:n,accessToken:S,fromCache:d?this.isResponseFromCache(d):!1,expiresOn:new Date(Number(c+e.expires_in)*1e3),tokenType:T,correlationId:this.correlationId,state:e.state,fromNativeBroker:!0}}cacheAccount(e){this.browserStorage.setAccount(e),this.browserStorage.removeAccountContext(e).catch(t=>{this.logger.error(`Error occurred while removing account context from browser storage. ${t}`)})}cacheNativeTokens(e,t,n,i,s,c,d){const f=Ic(n,t.authority,e.id_token||"",t.clientId,i.tid||""),g=t.tokenType===Re.POP?P.SHR_NONCE_VALIDITY:(typeof e.expires_in=="string"?parseInt(e.expires_in,10):e.expires_in)||0,p=d+g,w=this.generateScopes(e,t),C=bc(n,t.authority,s,t.clientId,i.tid||c,w.printScopes(),p,0,tr,void 0,t.tokenType,void 0,t.keyId),S={idToken:f,accessToken:C};this.nativeStorageManager.saveCacheRecord(S,t.storeInCache)}addTelemetryFromNativeResponse(e){const t=this.getMATSFromResponse(e);return t?(this.performanceClient.addFields({extensionId:this.nativeMessageHandler.getExtensionId(),extensionVersion:this.nativeMessageHandler.getExtensionVersion(),matsBrokerVersion:t.broker_version,matsAccountJoinOnStart:t.account_join_on_start,matsAccountJoinOnEnd:t.account_join_on_end,matsDeviceJoin:t.device_join,matsPromptBehavior:t.prompt_behavior,matsApiErrorCode:t.api_error_code,matsUiVisible:t.ui_visible,matsSilentCode:t.silent_code,matsSilentBiSubCode:t.silent_bi_sub_code,matsSilentMessage:t.silent_message,matsSilentStatus:t.silent_status,matsHttpStatus:t.http_status,matsHttpEventCount:t.http_event_count},this.correlationId),t):null}validateNativeResponse(e){if(e.hasOwnProperty("access_token")&&e.hasOwnProperty("id_token")&&e.hasOwnProperty("client_info")&&e.hasOwnProperty("account")&&e.hasOwnProperty("scope")&&e.hasOwnProperty("expires_in"))return e;throw sy(Ld,"Response missing expected properties.")}getMATSFromResponse(e){if(e.properties.MATS)try{return JSON.parse(e.properties.MATS)}catch{this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")}return null}isResponseFromCache(e){return typeof e.is_cached>"u"?(this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),!1):!!e.is_cached}async initializeNativeRequest(e){this.logger.trace("NativeInteractionClient - initializeNativeRequest called");const t=e.authority||this.config.auth.authority;e.account&&await this.getDiscoveredAuthority({requestAuthority:t,requestAzureCloudOptions:e.azureCloudOptions,account:e.account});const n=new ye(t);n.validateAsUri();const{scopes:i,...s}=e,c=new Ye(i||[]);c.appendScopes(pi);const d=()=>{switch(this.apiId){case xe.ssoSilent:case xe.acquireTokenSilent_silentFlow:return this.logger.trace("initializeNativeRequest: silent request sets prompt to none"),lt.NONE}if(!e.prompt){this.logger.trace("initializeNativeRequest: prompt was not provided");return}switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:return this.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),e.prompt;default:throw this.logger.trace(`initializeNativeRequest: prompt = ${e.prompt} is not compatible with native flow`),j(bC)}},f={...s,accountId:this.accountId,clientId:this.config.auth.clientId,authority:n.urlString,scope:c.printScopes(),redirectUri:this.getRedirectUri(e.redirectUri),prompt:d(),correlationId:this.correlationId,tokenType:e.authenticationScheme,windowTitleSubstring:document.title,extraParameters:{...e.extraQueryParameters,...e.tokenQueryParameters},extendedExpiryToken:!1,keyId:e.popKid};if(f.signPopToken&&e.popKid)throw j(RC);if(this.handleExtraBrokerParams(f),f.extraParameters=f.extraParameters||{},f.extraParameters.telemetry=ai.MATS_TELEMETRY,e.authenticationScheme===Re.POP){const g={resourceRequestUri:e.resourceRequestUri,resourceRequestMethod:e.resourceRequestMethod,shrClaims:e.shrClaims,shrNonce:e.shrNonce},p=new gi(this.browserCrypto);let w;if(f.keyId)w=this.browserCrypto.base64UrlEncode(JSON.stringify({kid:f.keyId})),f.signPopToken=!1;else{const C=await B(p.generateCnf.bind(p),k.PopTokenGenerateCnf,this.logger,this.performanceClient,e.correlationId)(g,this.logger);w=C.reqCnfString,f.keyId=C.kid,f.signPopToken=!0}f.reqCnf=w}return this.addRequestSKUs(f),f}handleExtraBrokerParams(e){var s;const t=e.extraParameters&&e.extraParameters.hasOwnProperty(eh)&&e.extraParameters.hasOwnProperty(dd)&&e.extraParameters.hasOwnProperty(mo);if(!e.embeddedClientId&&!t)return;let n="";const i=e.redirectUri;e.embeddedClientId?(e.redirectUri=this.config.auth.redirectUri,n=e.embeddedClientId):e.extraParameters&&(e.redirectUri=e.extraParameters[dd],n=e.extraParameters[mo]),e.extraParameters={child_client_id:n,child_redirect_uri:i},(s=this.performanceClient)==null||s.addFields({embeddedClientId:n,embeddedRedirectUri:i},e.correlationId)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Qn{constructor(e,t,n,i){this.logger=e,this.handshakeTimeoutMs=t,this.extensionId=i,this.resolvers=new Map,this.handshakeResolvers=new Map,this.messageChannel=new MessageChannel,this.windowListener=this.onWindowMessage.bind(this),this.performanceClient=n,this.handshakeEvent=n.startMeasurement(k.NativeMessageHandlerHandshake)}async sendMessage(e){this.logger.trace("NativeMessageHandler - sendMessage called.");const t={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:e};return this.logger.trace("NativeMessageHandler - Sending request to browser extension"),this.logger.tracePii(`NativeMessageHandler - Sending request to browser extension: ${JSON.stringify(t)}`),this.messageChannel.port1.postMessage(t),new Promise((n,i)=>{this.resolvers.set(t.responseId,{resolve:n,reject:i})})}static async createProvider(e,t,n){e.trace("NativeMessageHandler - createProvider called.");try{const i=new Qn(e,t,n,ai.PREFERRED_EXTENSION_ID);return await i.sendHandshakeRequest(),i}catch{const s=new Qn(e,t,n);return await s.sendHandshakeRequest(),s}}async sendHandshakeRequest(){this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),window.addEventListener("message",this.windowListener,!1);const e={channel:ai.CHANNEL_ID,extensionId:this.extensionId,responseId:Er(),body:{method:ho.HandshakeRequest}};return this.handshakeEvent.add({extensionId:this.extensionId,extensionHandshakeTimeoutMs:this.handshakeTimeoutMs}),this.messageChannel.port1.onmessage=t=>{this.onChannelMessage(t)},window.postMessage(e,window.origin,[this.messageChannel.port2]),new Promise((t,n)=>{this.handshakeResolvers.set(e.responseId,{resolve:t,reject:n}),this.timeoutId=window.setTimeout(()=>{window.removeEventListener("message",this.windowListener,!1),this.messageChannel.port1.close(),this.messageChannel.port2.close(),this.handshakeEvent.end({extensionHandshakeTimedOut:!0,success:!1}),n(j(SC)),this.handshakeResolvers.delete(e.responseId)},this.handshakeTimeoutMs)})}onWindowMessage(e){if(this.logger.trace("NativeMessageHandler - onWindowMessage called"),e.source!==window)return;const t=e.data;if(!(!t.channel||t.channel!==ai.CHANNEL_ID)&&!(t.extensionId&&t.extensionId!==this.extensionId)&&t.body.method===ho.HandshakeRequest){const n=this.handshakeResolvers.get(t.responseId);if(!n){this.logger.trace(`NativeMessageHandler.onWindowMessage - resolver can't be found for request ${t.responseId}`);return}this.logger.verbose(t.extensionId?`Extension with id: ${t.extensionId} not installed`:"No extension installed"),clearTimeout(this.timeoutId),this.messageChannel.port1.close(),this.messageChannel.port2.close(),window.removeEventListener("message",this.windowListener,!1),this.handshakeEvent.end({success:!1,extensionInstalled:!1}),n.reject(j(AC))}}onChannelMessage(e){this.logger.trace("NativeMessageHandler - onChannelMessage called.");const t=e.data,n=this.resolvers.get(t.responseId),i=this.handshakeResolvers.get(t.responseId);try{const s=t.body.method;if(s===ho.Response){if(!n)return;const c=t.body.response;if(this.logger.trace("NativeMessageHandler - Received response from browser extension"),this.logger.tracePii(`NativeMessageHandler - Received response from browser extension: ${JSON.stringify(c)}`),c.status!=="Success")n.reject(_d(c.code,c.description,c.ext));else if(c.result)c.result.code&&c.result.description?n.reject(_d(c.result.code,c.result.description,c.result.ext)):n.resolve(c.result);else throw sy(Ld,"Event does not contain result.");this.resolvers.delete(t.responseId)}else if(s===ho.HandshakeResponse){if(!i){this.logger.trace(`NativeMessageHandler.onChannelMessage - resolver can't be found for request ${t.responseId}`);return}clearTimeout(this.timeoutId),window.removeEventListener("message",this.windowListener,!1),this.extensionId=t.extensionId,this.extensionVersion=t.body.version,this.logger.verbose(`NativeMessageHandler - Received HandshakeResponse from extension: ${this.extensionId}`),this.handshakeEvent.end({extensionInstalled:!0,success:!0}),i.resolve(),this.handshakeResolvers.delete(t.responseId)}}catch(s){this.logger.error("Error parsing response from WAM Extension"),this.logger.errorPii(`Error parsing response from WAM Extension: ${s}`),this.logger.errorPii(`Unable to parse ${e}`),n?n.reject(s):i&&i.reject(s)}}getExtensionId(){return this.extensionId}getExtensionVersion(){return this.extensionVersion}static isNativeAvailable(e,t,n,i){if(t.trace("isNativeAvailable called"),!e.system.allowNativeBroker)return t.trace("isNativeAvailable: allowNativeBroker is not enabled, returning false"),!1;if(!n)return t.trace("isNativeAvailable: WAM extension provider is not initialized, returning false"),!1;if(i)switch(i){case Re.BEARER:case Re.POP:return t.trace("isNativeAvailable: authenticationScheme is supported, returning true"),!0;default:return t.trace("isNativeAvailable: authenticationScheme is not supported, returning false"),!1}return!0}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class Ch{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async handleCodeResponse(e,t){this.performanceClient.addQueueMeasurement(k.HandleCodeResponse,t.correlationId);let n;try{n=this.authModule.handleFragmentResponse(e,t.state)}catch(i){throw i instanceof qr&&i.subError===vo?j(vo):i}return B(this.handleCodeResponseFromServer.bind(this),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,t.correlationId)(n,t)}async handleCodeResponseFromServer(e,t,n=!0){if(this.performanceClient.addQueueMeasurement(k.HandleCodeResponseFromServer,t.correlationId),this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),this.authCodeRequest.code=e.code,e.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,t.correlationId)(e.cloud_instance_host_name,t.correlationId),n&&(e.nonce=t.nonce||void 0),e.state=t.state,e.client_info)this.authCodeRequest.clientInfo=e.client_info;else{const s=this.createCcsCredentials(t);s&&(this.authCodeRequest.ccsCredential=s)}return await B(this.authModule.acquireToken.bind(this.authModule),k.AuthClientAcquireToken,this.logger,this.performanceClient,t.correlationId)(this.authCodeRequest,e)}createCcsCredentials(e){return e.account?{credential:e.account.homeAccountId,type:on.HOME_ACCOUNT_ID}:e.loginHint?{credential:e.loginHint,type:on.UPN}:null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function zC(r,e,t){const n=cc(r);if(!n)throw Ky(r)?(t.error(`A ${e} is present in the iframe but it does not contain known properties. It's likely that the ${e} has been replaced by code running on the redirectUri page.`),t.errorPii(`The ${e} detected is: ${r}`),j(oC)):(t.error(`The request has returned to the redirectUri but a ${e} is not present. It's likely that the ${e} has been removed or the page has been redirected by code running on the redirectUri page.`),j(rC));return n}function OM(r,e,t){if(!r.state)throw j(sh);const n=HC(e,r.state);if(!n)throw j(iC);if(n.interactionType!==t)throw j(aC)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class NM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.unloadWindow=this.unloadWindow.bind(this),this.nativeStorage=f}acquireToken(e){try{const n={popupName:this.generatePopupName(e.scopes||pi,e.authority||this.config.auth.authority),popupWindowAttributes:e.popupWindowAttributes||{},popupWindowParent:e.popupWindowParent??window};return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true, acquiring token"),this.acquireTokenPopupAsync(e,n)):(this.logger.verbose("asyncPopup set to false, opening popup before acquiring token"),n.popup=this.openSizedPopup("about:blank",n),this.acquireTokenPopupAsync(e,n))}catch(t){return Promise.reject(t)}}logout(e){try{this.logger.verbose("logoutPopup called");const t=this.initializeLogoutRequest(e),n={popupName:this.generateLogoutPopupName(t),popupWindowAttributes:(e==null?void 0:e.popupWindowAttributes)||{},popupWindowParent:(e==null?void 0:e.popupWindowParent)??window},i=e&&e.authority,s=e&&e.mainWindowRedirectUri;return this.config.system.asyncPopups?(this.logger.verbose("asyncPopups set to true"),this.logoutPopupAsync(t,n,i,s)):(this.logger.verbose("asyncPopup set to false, opening popup"),n.popup=this.openSizedPopup("about:blank",n),this.logoutPopupAsync(t,n,i,s))}catch(t){return Promise.reject(t)}}async acquireTokenPopupAsync(e,t){var s;this.logger.verbose("acquireTokenPopupAsync called");const n=this.initializeServerTelemetryManager(xe.acquireTokenPopup),i=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Popup);FC(i.authority);try{const c=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(i),d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:i.authority,requestAzureCloudOptions:i.azureCloudOptions,requestExtraQueryParameters:i.extraQueryParameters,account:i.account}),f=Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme);let g;f&&(g=this.performanceClient.startMeasurement(k.FetchAccountIdWithNativeBroker,e.correlationId));const p=await d.getAuthCodeUrl({...i,nativeBroker:f}),w=new Ch(d,this.browserStorage,c,this.logger,this.performanceClient),C=this.initiateAuthRequest(p,t);this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null);const S=await this.monitorPopupForHash(C,t.popupWindowParent),T=_o(zC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(S,this.config.auth.OIDCOptions.serverResponseType,this.logger);if(Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,c),T.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),g&&g.end({success:!0,isNativeBroker:!0}),!this.nativeMessageHandler)throw j(wa);const N=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,T.accountId,this.nativeStorage,i.correlationId),{userRequestState:K}=Bn.parseRequestState(this.browserCrypto,i.state);return await N.acquireToken({...i,state:K,prompt:void 0})}return await w.handleCodeResponse(T,i)}catch(c){throw(s=t.popup)==null||s.close(),c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),c}}async logoutPopupAsync(e,t,n,i){var c,d,f,g;this.logger.verbose("logoutPopupAsync called"),this.eventHandler.emitEvent(ne.LOGOUT_START,X.Popup,e);const s=this.initializeServerTelemetryManager(xe.logoutPopup);try{await this.clearCacheOnLogout(e.account);const p=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:s,requestAuthority:n,account:e.account||void 0});try{p.authority.endSessionEndpoint}catch{if((c=e.account)!=null&&c.homeAccountId&&e.postLogoutRedirectUri&&p.authority.protocolMode===_r.OIDC){if(this.browserStorage.removeAccount((d=e.account)==null?void 0:d.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());await this.navigationClient.navigateInternal(T,S)}(f=t.popup)==null||f.close();return}}const w=p.getLogoutUri(e);this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Popup,e);const C=this.openPopup(w,t);if(this.eventHandler.emitEvent(ne.POPUP_OPENED,X.Popup,{popupWindow:C},null),await this.monitorPopupForHash(C,t.popupWindowParent).catch(()=>{}),i){const S={apiId:xe.logoutPopup,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},T=ye.getAbsoluteUrl(i,yr());this.logger.verbose("Redirecting main window to url specified in the request"),this.logger.verbosePii(`Redirecting main window to: ${T}`),await this.navigationClient.navigateInternal(T,S)}else this.logger.verbose("No main window navigation requested")}catch(p){throw(g=t.popup)==null||g.close(),p instanceof Fe&&(p.setCorrelationId(this.correlationId),s.cacheFailedRequest(p)),this.browserStorage.setInteractionInProgress(!1),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Popup,null,p),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup),p}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Popup)}initiateAuthRequest(e,t){if(e)return this.logger.infoPii(`Navigate to: ${e}`),this.openPopup(e,t);throw this.logger.error("Navigate url is empty"),j(Pc)}monitorPopupForHash(e,t){return new Promise((n,i)=>{this.logger.verbose("PopupHandler.monitorPopupForHash - polling started");const s=setInterval(()=>{if(e.closed){this.logger.error("PopupHandler.monitorPopupForHash - window closed"),clearInterval(s),i(j(vo));return}let c="";try{c=e.location.href}catch{}if(!c||c==="about:blank")return;clearInterval(s);let d="";const f=this.config.auth.OIDCOptions.serverResponseType;e&&(f===Ca.QUERY?d=e.location.search:d=e.location.hash),this.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),n(d)},this.config.system.pollIntervalMilliseconds)}).finally(()=>{this.cleanPopup(e,t)})}openPopup(e,t){try{let n;if(t.popup?(n=t.popup,this.logger.verbosePii(`Navigating popup window to: ${e}`),n.location.assign(e)):typeof t.popup>"u"&&(this.logger.verbosePii(`Opening popup window to: ${e}`),n=this.openSizedPopup(e,t)),!n)throw j(lC);return n.focus&&n.focus(),this.currentWindow=n,t.popupWindowParent.addEventListener("beforeunload",this.unloadWindow),n}catch(n){throw this.logger.error("error opening popup "+n.message),this.browserStorage.setInteractionInProgress(!1),j(cC)}}openSizedPopup(e,{popupName:t,popupWindowAttributes:n,popupWindowParent:i}){var S,T,b,N;const s=i.screenLeft?i.screenLeft:i.screenX,c=i.screenTop?i.screenTop:i.screenY,d=i.innerWidth||document.documentElement.clientWidth||document.body.clientWidth,f=i.innerHeight||document.documentElement.clientHeight||document.body.clientHeight;let g=(S=n.popupSize)==null?void 0:S.width,p=(T=n.popupSize)==null?void 0:T.height,w=(b=n.popupPosition)==null?void 0:b.top,C=(N=n.popupPosition)==null?void 0:N.left;return(!g||g<0||g>d)&&(this.logger.verbose("Default popup window width used. Window width not configured or invalid."),g=en.POPUP_WIDTH),(!p||p<0||p>f)&&(this.logger.verbose("Default popup window height used. Window height not configured or invalid."),p=en.POPUP_HEIGHT),(!w||w<0||w>f)&&(this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),w=Math.max(0,f/2-en.POPUP_HEIGHT/2+c)),(!C||C<0||C>d)&&(this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),C=Math.max(0,d/2-en.POPUP_WIDTH/2+s)),i.open(e,t,`width=${g}, height=${p}, top=${w}, left=${C}, scrollbars=yes`)}unloadWindow(e){this.browserStorage.cleanRequestByInteractionType(X.Popup),this.currentWindow&&this.currentWindow.close(),e.preventDefault()}cleanPopup(e,t){e.close(),t.removeEventListener("beforeunload",this.unloadWindow),this.browserStorage.setInteractionInProgress(!1)}generatePopupName(e,t){return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${e.join("-")}.${t}.${this.correlationId}`}generateLogoutPopupName(e){const t=e.account&&e.account.homeAccountId;return`${en.POPUP_NAME_PREFIX}.${this.config.auth.clientId}.${t}.${this.correlationId}`}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class up{constructor(e,t,n,i,s){this.authModule=e,this.browserStorage=t,this.authCodeRequest=n,this.logger=i,this.performanceClient=s}async initiateAuthRequest(e,t){if(this.logger.verbose("RedirectHandler.initiateAuthRequest called"),e){t.redirectStartPage&&(this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page"),this.browserStorage.setTemporaryCache(be.ORIGIN_URI,t.redirectStartPage,!0)),this.browserStorage.setTemporaryCache(be.CORRELATION_ID,this.authCodeRequest.correlationId,!0),this.browserStorage.cacheCodeRequest(this.authCodeRequest),this.logger.infoPii(`RedirectHandler.initiateAuthRequest: Navigate to: ${e}`);const n={apiId:xe.acquireTokenRedirect,timeout:t.redirectTimeout,noHistory:!1};if(typeof t.onRedirectNavigate=="function")if(this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),t.onRedirectNavigate(e)!==!1){this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),await t.navigationClient.navigateExternal(e,n);return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation");return}else{this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),await t.navigationClient.navigateExternal(e,n);return}}else throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),j(Pc)}async handleCodeResponse(e,t){this.logger.verbose("RedirectHandler.handleCodeResponse called"),this.browserStorage.setInteractionInProgress(!1);const n=this.browserStorage.generateStateKey(t),i=this.browserStorage.getTemporaryCache(n);if(!i)throw U(oc,"Cached State");let s;try{s=this.authModule.handleFragmentResponse(e,i)}catch(g){throw g instanceof qr&&g.subError===vo?j(vo):g}const c=this.browserStorage.generateNonceKey(i),d=this.browserStorage.getTemporaryCache(c);if(this.authCodeRequest.code=s.code,s.cloud_instance_host_name&&await B(this.authModule.updateAuthority.bind(this.authModule),k.UpdateTokenEndpointAuthority,this.logger,this.performanceClient,this.authCodeRequest.correlationId)(s.cloud_instance_host_name,this.authCodeRequest.correlationId),s.nonce=d||void 0,s.state=i,s.client_info)this.authCodeRequest.clientInfo=s.client_info;else{const g=this.checkCcsCredentials();g&&(this.authCodeRequest.ccsCredential=g)}const f=await this.authModule.acquireToken(this.authCodeRequest,s);return this.browserStorage.cleanRequestByState(t),f}checkCcsCredentials(){const e=this.browserStorage.getTemporaryCache(be.CCS_CREDENTIAL,!0);if(e)try{return JSON.parse(e)}catch{this.authModule.logger.error("Cache credential could not be parsed"),this.authModule.logger.errorPii(`Cache credential could not be parsed: ${e}`)}return null}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function PM(){if(typeof window>"u"||typeof window.performance>"u"||typeof window.performance.getEntriesByType!="function")return;const r=window.performance.getEntriesByType("navigation"),e=r.length?r[0]:void 0;return e==null?void 0:e.type}class MM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,d,g,p),this.nativeStorage=f}async acquireToken(e){const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,this.correlationId)(e,X.Redirect);this.browserStorage.updateCacheEntries(t.state,t.nonce,t.authority,t.loginHint||"",t.account||null);const n=this.initializeServerTelemetryManager(xe.acquireTokenRedirect),i=s=>{s.persisted&&(this.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),this.browserStorage.cleanRequestByState(t.state),this.eventHandler.emitEvent(ne.RESTORE_FROM_BFCACHE,X.Redirect))};try{const s=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,this.correlationId)(t),c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),d=new up(c,this.browserStorage,s,this.logger,this.performanceClient),f=await c.getAuthCodeUrl({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,e.authenticationScheme)}),g=this.getRedirectStartPage(e.redirectStartPage);return this.logger.verbosePii(`Redirect start page: ${g}`),window.addEventListener("pageshow",i),await d.initiateAuthRequest(f,{navigationClient:this.navigationClient,redirectTimeout:this.config.system.redirectNavigationTimeout,redirectStartPage:g,onRedirectNavigate:e.onRedirectNavigate||this.config.auth.onRedirectNavigate})}catch(s){throw s instanceof Fe&&(s.setCorrelationId(this.correlationId),n.cacheFailedRequest(s)),window.removeEventListener("pageshow",i),this.browserStorage.cleanRequestByState(t.state),s}}async handleRedirectPromise(e="",t){const n=this.initializeServerTelemetryManager(xe.handleRedirectPromise);try{if(!this.browserStorage.isInteractionInProgress(!0))return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),null;const[i,s]=this.getRedirectResponse(e||"");if(!i)return this.logger.info("handleRedirectPromise did not detect a response as a result of a redirect. Cleaning temporary cache."),this.browserStorage.cleanRequestByInteractionType(X.Redirect),PM()!=="back_forward"?t.event.errorCode="no_server_response":this.logger.verbose("Back navigation event detected. Muting no_server_response error"),null;const c=this.browserStorage.getTemporaryCache(be.ORIGIN_URI,!0)||P.EMPTY_STRING,d=ye.removeHashFromUrl(c),f=ye.removeHashFromUrl(window.location.href);if(d===f&&this.config.auth.navigateToLoginRequestUrl)return this.logger.verbose("Current page is loginRequestUrl, handling response"),c.indexOf("#")>-1&&H0(c),await this.handleResponse(i,n);if(this.config.auth.navigateToLoginRequestUrl){if(!mh()||this.config.system.allowRedirectInIframe){this.browserStorage.setTemporaryCache(be.URL_HASH,s,!0);const g={apiId:xe.handleRedirectPromise,timeout:this.config.system.redirectNavigationTimeout,noHistory:!0};let p=!0;if(!c||c==="null"){const w=$0();this.browserStorage.setTemporaryCache(be.ORIGIN_URI,w,!0),this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),p=await this.navigationClient.navigateInternal(w,g)}else this.logger.verbose(`Navigating to loginRequestUrl: ${c}`),p=await this.navigationClient.navigateInternal(c,g);if(!p)return await this.handleResponse(i,n)}}else return this.logger.verbose("NavigateToLoginRequestUrl set to false, handling response"),await this.handleResponse(i,n);return null}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),this.browserStorage.cleanRequestByInteractionType(X.Redirect),i}}getRedirectResponse(e){this.logger.verbose("getRedirectResponseHash called");let t=e;t||(this.config.auth.OIDCOptions.serverResponseType===Ca.QUERY?t=window.location.search:t=window.location.hash);let n=cc(t);if(n){try{OM(n,this.browserCrypto,X.Redirect)}catch(s){return s instanceof Fe&&this.logger.error(`Interaction type validation failed due to ${s.errorCode}: ${s.errorMessage}`),[null,""]}return F0(window),this.logger.verbose("Hash contains known properties, returning response hash"),[n,t]}const i=this.browserStorage.getTemporaryCache(be.URL_HASH,!0);return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(be.URL_HASH)),i&&(n=cc(i),n)?(this.logger.verbose("Hash does not contain known properties, returning cached hash"),[n,i]):[null,""]}async handleResponse(e,t){const n=e.state;if(!n)throw j(sh);const i=this.browserStorage.getCachedRequest(n);if(this.logger.verbose("handleResponse called, retrieved cached request"),e.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(wa);const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,e.accountId,this.nativeStorage,i.correlationId),{userRequestState:g}=Bn.parseRequestState(this.browserCrypto,n);return f.acquireToken({...i,state:g,prompt:void 0}).finally(()=>{this.browserStorage.cleanRequestByState(n)})}const s=this.browserStorage.getCachedAuthority(n);if(!s)throw j(ch);const c=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:t,requestAuthority:s});return Yn.removeThrottle(this.browserStorage,this.config.auth.clientId,i),new up(c,this.browserStorage,i,this.logger,this.performanceClient).handleCodeResponse(e,n)}async logout(e){var i,s;this.logger.verbose("logoutRedirect called");const t=this.initializeLogoutRequest(e),n=this.initializeServerTelemetryManager(xe.logout);try{this.eventHandler.emitEvent(ne.LOGOUT_START,X.Redirect,e),await this.clearCacheOnLogout(t.account);const c={apiId:xe.logout,timeout:this.config.system.redirectNavigationTimeout,noHistory:!1},d=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:n,requestAuthority:e&&e.authority,requestExtraQueryParameters:e==null?void 0:e.extraQueryParameters,account:e&&e.account||void 0});if(d.authority.protocolMode===_r.OIDC)try{d.authority.endSessionEndpoint}catch{if((i=t.account)!=null&&i.homeAccountId){this.browserStorage.removeAccount((s=t.account)==null?void 0:s.homeAccountId),this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t);return}}const f=d.getLogoutUri(t);if(this.eventHandler.emitEvent(ne.LOGOUT_SUCCESS,X.Redirect,t),e&&typeof e.onRedirectNavigate=="function")if(e.onRedirectNavigate(f)!==!1){this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}else this.browserStorage.setInteractionInProgress(!1),this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation");else{this.browserStorage.getInteractionInProgress()||this.browserStorage.setInteractionInProgress(!0),await this.navigationClient.navigateExternal(f,c);return}}catch(c){throw c instanceof Fe&&(c.setCorrelationId(this.correlationId),n.cacheFailedRequest(c)),this.eventHandler.emitEvent(ne.LOGOUT_FAILURE,X.Redirect,null,c),this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect),c}this.eventHandler.emitEvent(ne.LOGOUT_END,X.Redirect)}getRedirectStartPage(e){const t=e||window.location.href;return ye.getAbsoluteUrl(t,yr())}}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function DM(r,e,t,n,i){if(e.addQueueMeasurement(k.SilentHandlerInitiateAuthRequest,n),!r)throw t.info("Navigate url is empty"),j(Pc);return i?B(LM,k.SilentHandlerLoadFrame,t,e,n)(r,i,e,n):_o(UM,k.SilentHandlerLoadFrameSync,t,e,n)(r)}async function xM(r,e,t,n,i,s,c){return n.addQueueMeasurement(k.SilentHandlerMonitorIframeForHash,s),new Promise((d,f)=>{e<yd&&i.warning(`system.loadFrameTimeout or system.iframeHashTimeout set to lower (${e}ms) than the default (${yd}ms). This may result in timeouts.`);const g=window.setTimeout(()=>{window.clearInterval(p),f(j(uC))},e),p=window.setInterval(()=>{let w="";const C=r.contentWindow;try{w=C?C.location.href:""}catch{}if(!w||w==="about:blank")return;let S="";C&&(c===Ca.QUERY?S=C.location.search:S=C.location.hash),window.clearTimeout(g),window.clearInterval(p),d(S)},t)}).finally(()=>{_o(BM,k.RemoveHiddenIframe,i,n,s)(r)})}function LM(r,e,t,n){return t.addQueueMeasurement(k.SilentHandlerLoadFrame,n),new Promise((i,s)=>{const c=WC();window.setTimeout(()=>{if(!c){s("Unable to load iframe");return}c.src=r,i(c)},e)})}function UM(r){const e=WC();return e.src=r,e}function WC(){const r=document.createElement("iframe");return r.className="msalSilentIframe",r.style.visibility="hidden",r.style.position="absolute",r.style.width=r.style.height="0",r.style.border="0",r.setAttribute("sandbox","allow-scripts allow-same-origin allow-forms"),document.body.appendChild(r),r}function BM(r){document.body===r.parentNode&&document.body.removeChild(r)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class FM extends vi{constructor(e,t,n,i,s,c,d,f,g,p,w){super(e,t,n,i,s,c,f,p,w),this.apiId=d,this.nativeStorage=g}async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentIframeClientAcquireToken,e.correlationId),!e.loginHint&&!e.sid&&(!e.account||!e.account.username)&&this.logger.warning("No user hint provided. The authorization server may need more information to complete this request.");const t={...e};t.prompt?t.prompt!==lt.NONE&&t.prompt!==lt.NO_SESSION&&(this.logger.warning(`SilentIframeClient. Replacing invalid prompt ${t.prompt} with ${lt.NONE}`),t.prompt=lt.NONE):t.prompt=lt.NONE;const n=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);FC(n.authority);const i=this.initializeServerTelemetryManager(this.apiId);let s;try{return s=await B(this.createAuthCodeClient.bind(this),k.StandardInteractionClientCreateAuthCodeClient,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:i,requestAuthority:n.authority,requestAzureCloudOptions:n.azureCloudOptions,requestExtraQueryParameters:n.extraQueryParameters,account:n.account}),await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,e.correlationId)(s,n)}catch(c){if(c instanceof Fe&&(c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c)),!s||!(c instanceof Fe)||c.errorCode!==en.INVALID_GRANT_ERROR)throw c;this.performanceClient.addFields({retryError:c.errorCode},this.correlationId);const d=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(t,X.Silent);return await B(this.silentTokenHelper.bind(this),k.SilentIframeClientTokenHelper,this.logger,this.performanceClient,this.correlationId)(s,d)}}logout(){return Promise.reject(j(Mc))}async silentTokenHelper(e,t){const n=t.correlationId;this.performanceClient.addQueueMeasurement(k.SilentIframeClientTokenHelper,n);const i=await B(this.initializeAuthorizationCodeRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationCodeRequest,this.logger,this.performanceClient,n)(t),s=await B(e.getAuthCodeUrl.bind(e),k.GetAuthCodeUrl,this.logger,this.performanceClient,n)({...t,nativeBroker:Qn.isNativeAvailable(this.config,this.logger,this.nativeMessageHandler,t.authenticationScheme)}),c=new Ch(e,this.browserStorage,i,this.logger,this.performanceClient),d=await B(DM,k.SilentHandlerInitiateAuthRequest,this.logger,this.performanceClient,n)(s,this.performanceClient,this.logger,n,this.config.system.navigateFrameWait),f=this.config.auth.OIDCOptions.serverResponseType,g=await B(xM,k.SilentHandlerMonitorIframeForHash,this.logger,this.performanceClient,n)(d,this.config.system.iframeHashTimeout,this.config.system.pollIntervalMilliseconds,this.performanceClient,this.logger,n,f),p=_o(zC,k.DeserializeResponse,this.logger,this.performanceClient,this.correlationId)(g,f,this.logger);if(p.accountId){if(this.logger.verbose("Account id found in hash, calling WAM for token"),!this.nativeMessageHandler)throw j(wa);const w=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.apiId,this.performanceClient,this.nativeMessageHandler,p.accountId,this.browserStorage,n),{userRequestState:C}=Bn.parseRequestState(this.browserCrypto,t.state);return B(w.acquireToken.bind(w),k.NativeInteractionClientAcquireToken,this.logger,this.performanceClient,n)({...t,state:C,prompt:t.prompt||lt.NONE})}return B(c.handleCodeResponse.bind(c),k.HandleCodeResponse,this.logger,this.performanceClient,n)(p,t)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class HM extends vi{async acquireToken(e){this.performanceClient.addQueueMeasurement(k.SilentRefreshClientAcquireToken,e.correlationId);const t=await B(yh,k.InitializeBaseRequest,this.logger,this.performanceClient,e.correlationId)(e,this.config,this.performanceClient,this.logger),n={...e,...t};e.redirectUri&&(n.redirectUri=this.getRedirectUri(e.redirectUri));const i=this.initializeServerTelemetryManager(xe.acquireTokenSilent_silentFlow),s=await this.createRefreshTokenClient({serverTelemetryManager:i,authorityUrl:n.authority,azureCloudOptions:n.azureCloudOptions,account:n.account});return B(s.acquireTokenByRefreshToken.bind(s),k.RefreshTokenClientAcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(n).catch(c=>{throw c.setCorrelationId(this.correlationId),i.cacheFailedRequest(c),c})}logout(){return Promise.reject(j(Mc))}async createRefreshTokenClient(e){const t=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,this.correlationId)({serverTelemetryManager:e.serverTelemetryManager,requestAuthority:e.authorityUrl,requestAzureCloudOptions:e.azureCloudOptions,requestExtraQueryParameters:e.extraQueryParameters,account:e.account});return new fd(t,this.performanceClient)}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class VM{constructor(e,t,n,i){this.isBrowserEnvironment=typeof window<"u",this.config=e,this.storage=t,this.logger=n,this.cryptoObj=i}loadExternalTokens(e,t,n){if(!this.isBrowserEnvironment)throw j(Dc);const i=t.id_token?wo(t.id_token,tr):void 0,s={protocolMode:this.config.auth.protocolMode,knownAuthorities:this.config.auth.knownAuthorities,cloudDiscoveryMetadata:this.config.auth.cloudDiscoveryMetadata,authorityMetadata:this.config.auth.authorityMetadata,skipAuthorityMetadataCache:this.config.auth.skipAuthorityMetadataCache},c=e.authority?new Tt(Tt.generateAuthority(e.authority,e.azureCloudOptions),this.config.system.networkClient,this.storage,s,this.logger,e.correlationId||Er()):void 0,d=this.loadAccount(e,n.clientInfo||t.client_info||"",i,c),f=this.loadIdToken(t,d.homeAccountId,d.environment,d.realm),g=this.loadAccessToken(e,t,d.homeAccountId,d.environment,d.realm,n),p=this.loadRefreshToken(t,d.homeAccountId,d.environment);return this.generateAuthenticationResult(e,{account:d,idToken:f,accessToken:g,refreshToken:p},i,c)}loadAccount(e,t,n,i){if(this.logger.verbose("TokenCache - loading account"),e.account){const f=it.createFromAccountInfo(e.account);return this.storage.setAccount(f),f}else if(!i||!t&&!n)throw this.logger.error("TokenCache - if an account is not provided on the request, authority and either clientInfo or idToken must be provided instead."),j(CC);const s=it.generateHomeAccountId(t,i.authorityType,this.logger,this.cryptoObj,n),c=n==null?void 0:n.tid,d=rh(this.storage,i,s,tr,n,t,i.hostnameAndPort,c,void 0,void 0,this.logger);return this.storage.setAccount(d),d}loadIdToken(e,t,n,i){if(!e.id_token)return this.logger.verbose("TokenCache - no id token found in response"),null;this.logger.verbose("TokenCache - loading id token");const s=Ic(t,n,e.id_token,this.config.auth.clientId,i);return this.storage.setIdTokenCredential(s),s}loadAccessToken(e,t,n,i,s,c){if(t.access_token)if(t.expires_in){if(!t.scope&&(!e.scopes||!e.scopes.length))return this.logger.error("TokenCache - scopes not specified in the request or response. Cannot add token to the cache."),null}else return this.logger.error("TokenCache - no expiration set on the access token. Cannot add it to the cache."),null;else return this.logger.verbose("TokenCache - no access token found in response"),null;this.logger.verbose("TokenCache - loading access token");const d=t.scope?Ye.fromString(t.scope):new Ye(e.scopes),f=c.expiresOn||t.expires_in+new Date().getTime()/1e3,g=c.extendedExpiresOn||(t.ext_expires_in||t.expires_in)+new Date().getTime()/1e3,p=bc(n,i,t.access_token,this.config.auth.clientId,s,d.printScopes(),f,g,tr);return this.storage.setAccessTokenCredential(p),p}loadRefreshToken(e,t,n){if(!e.refresh_token)return this.logger.verbose("TokenCache - no refresh token found in response"),null;this.logger.verbose("TokenCache - loading refresh token");const i=by(t,n,e.refresh_token,this.config.auth.clientId,e.foci,void 0,e.refresh_token_expires_in);return this.storage.setRefreshTokenCredential(i),i}generateAuthenticationResult(e,t,n,i){var p,w,C;let s="",c=[],d=null,f;t!=null&&t.accessToken&&(s=t.accessToken.secret,c=Ye.fromString(t.accessToken.target).asArray(),d=new Date(Number(t.accessToken.expiresOn)*1e3),f=new Date(Number(t.accessToken.extendedExpiresOn)*1e3));const g=t.account;return{authority:i?i.canonicalAuthority:"",uniqueId:t.account.localAccountId,tenantId:t.account.realm,scopes:c,account:g.getAccountInfo(),idToken:((p=t.idToken)==null?void 0:p.secret)||"",idTokenClaims:n||{},accessToken:s,fromCache:!0,expiresOn:d,correlationId:e.correlationId||"",requestId:"",extExpiresOn:f,familyId:((w=t.refreshToken)==null?void 0:w.familyId)||"",tokenType:((C=t==null?void 0:t.accessToken)==null?void 0:C.tokenType)||"",state:e.state||"",cloudGraphHostName:g.cloudGraphHostName||"",msGraphHost:g.msGraphHost||"",fromNativeBroker:!1}}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class $M extends Zy{constructor(e){super(e),this.includeRedirectUri=!1}}/*! @azure/msal-browser v3.28.1 2025-01-14 */class KM extends vi{constructor(e,t,n,i,s,c,d,f,g,p){super(e,t,n,i,s,c,f,g,p),this.apiId=d}async acquireToken(e){if(!e.code)throw j(wC);const t=await B(this.initializeAuthorizationRequest.bind(this),k.StandardInteractionClientInitializeAuthorizationRequest,this.logger,this.performanceClient,e.correlationId)(e,X.Silent),n=this.initializeServerTelemetryManager(this.apiId);try{const i={...t,code:e.code},s=await B(this.getClientConfiguration.bind(this),k.StandardInteractionClientGetClientConfiguration,this.logger,this.performanceClient,e.correlationId)({serverTelemetryManager:n,requestAuthority:t.authority,requestAzureCloudOptions:t.azureCloudOptions,requestExtraQueryParameters:t.extraQueryParameters,account:t.account}),c=new $M(s);this.logger.verbose("Auth code client created");const d=new Ch(c,this.browserStorage,i,this.logger,this.performanceClient);return await B(d.handleCodeResponseFromServer.bind(d),k.HandleCodeResponseFromServer,this.logger,this.performanceClient,e.correlationId)({code:e.code,msgraph_host:e.msGraphHost,cloud_graph_host_name:e.cloudGraphHostName,cloud_instance_host_name:e.cloudInstanceHostName},t,!1)}catch(i){throw i instanceof Fe&&(i.setCorrelationId(this.correlationId),n.cacheFailedRequest(i)),i}}logout(){return Promise.reject(j(Mc))}}/*! @azure/msal-browser v3.28.1 2025-01-14 */function qn(r){const e=r==null?void 0:r.idTokenClaims;if(e!=null&&e.tfp||e!=null&&e.acr)return"B2C";if(e!=null&&e.tid){if((e==null?void 0:e.tid)==="9188040d-6c67-4c5b-b112-36a304b66dad")return"MSA"}else return;return"AAD"}function ks(r,e){try{ph(r)}catch(t){throw e.end({success:!1},t),t}}class Uc{constructor(e){this.operatingContext=e,this.isBrowserEnvironment=this.operatingContext.isBrowserEnvironment(),this.config=e.getConfig(),this.initialized=!1,this.logger=this.operatingContext.getLogger(),this.networkClient=this.config.system.networkClient,this.navigationClient=this.config.system.navigationClient,this.redirectResponse=new Map,this.hybridAuthCodeResponses=new Map,this.performanceClient=this.config.telemetry.client,this.browserCrypto=this.isBrowserEnvironment?new mi(this.logger,this.performanceClient):ic,this.eventHandler=new mM(this.logger),this.browserStorage=this.isBrowserEnvironment?new wd(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger,r0(this.config.auth),this.performanceClient):sM(this.config.auth.clientId,this.logger);const t={cacheLocation:Ft.MemoryStorage,temporaryCacheLocation:Ft.MemoryStorage,storeAuthStateInCookie:!1,secureCookies:!1,cacheMigrationEnabled:!1,claimsBasedCachingEnabled:!1};this.nativeInternalStorage=new wd(this.config.auth.clientId,t,this.browserCrypto,this.logger,void 0,this.performanceClient),this.tokenCache=new VM(this.config,this.browserStorage,this.logger,this.browserCrypto),this.activeSilentTokenRequests=new Map,this.trackPageVisibility=this.trackPageVisibility.bind(this),this.trackPageVisibilityWithMeasurement=this.trackPageVisibilityWithMeasurement.bind(this),this.listeningToStorageEvents=!1,this.handleAccountCacheChange=this.handleAccountCacheChange.bind(this)}static async createController(e,t){const n=new Uc(e);return await n.initialize(t),n}trackPageVisibility(e){e&&(this.logger.info("Perf: Visibility change detected"),this.performanceClient.incrementFields({visibilityChangeCount:1},e))}async initialize(e){if(this.logger.trace("initialize called"),this.initialized){this.logger.info("initialize has already been called, exiting early.");return}if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, exiting early."),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END);return}const t=(e==null?void 0:e.correlationId)||this.getRequestCorrelationId(),n=this.config.system.allowNativeBroker,i=this.performanceClient.startMeasurement(k.InitializeClientApplication,t);if(this.eventHandler.emitEvent(ne.INITIALIZE_START),n)try{this.nativeExtensionProvider=await Qn.createProvider(this.logger,this.config.system.nativeBrokerHandshakeTimeout,this.performanceClient)}catch(s){this.logger.verbose(s)}this.config.cache.claimsBasedCachingEnabled||(this.logger.verbose("Claims-based caching is disabled. Clearing the previous cache with claims"),await B(this.browserStorage.clearTokensAndKeysWithClaims.bind(this.browserStorage),k.ClearTokensAndKeysWithClaims,this.logger,this.performanceClient,t)(this.performanceClient,t)),this.initialized=!0,this.eventHandler.emitEvent(ne.INITIALIZE_END),i.end({allowNativeBroker:n,success:!0})}async handleRedirectPromise(e){if(this.logger.verbose("handleRedirectPromise called"),BC(this.initialized),this.isBrowserEnvironment){const t=e||"";let n=this.redirectResponse.get(t);return typeof n>"u"?(n=this.handleRedirectPromiseInternal(e),this.redirectResponse.set(t,n),this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise")):this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),n}return this.logger.verbose("handleRedirectPromise returns null, not browser environment"),null}async handleRedirectPromiseInternal(e){const t=this.getAllAccounts(),n=this.browserStorage.getCachedNativeRequest(),i=n&&Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider)&&this.nativeExtensionProvider&&!e,s=i?n==null?void 0:n.correlationId:this.browserStorage.getTemporaryCache(be.CORRELATION_ID,!0)||"",c=this.performanceClient.startMeasurement(k.AcquireTokenRedirect,s);this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_START,X.Redirect);let d;if(i&&this.nativeExtensionProvider){this.logger.trace("handleRedirectPromise - acquiring token from native platform");const f=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,n.accountId,this.nativeInternalStorage,n.correlationId);d=B(f.handleRedirectPromise.bind(f),k.HandleNativeRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(this.performanceClient,c.event.correlationId)}else{this.logger.trace("handleRedirectPromise - acquiring token from web flow");const f=this.createRedirectClient(s);d=B(f.handleRedirectPromise.bind(f),k.HandleRedirectPromiseMeasurement,this.logger,this.performanceClient,c.event.correlationId)(e,c)}return d.then(f=>(f?(t.length<this.getAllAccounts().length?(this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, login success")):(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Redirect,f),this.logger.verbose("handleRedirectResponse returned result, acquire token success")),c.end({success:!0,accountType:qn(f.account)})):c.event.errorCode?c.end({success:!1}):c.discard(),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),f)).catch(f=>{const g=f;throw t.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,g):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,g),this.eventHandler.emitEvent(ne.HANDLE_REDIRECT_END,X.Redirect),c.end({success:!1},g),f})}async acquireTokenRedirect(e){const t=this.getRequestCorrelationId(e);this.logger.verbose("acquireTokenRedirect called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenPreRedirect,t);n.add({accountType:qn(e.account),scenarioId:e.scenarioId});const i=e.onRedirectNavigate;if(i)e.onRedirectNavigate=c=>{const d=typeof i=="function"?i(c):void 0;return d!==!1?n.end({success:!0}):n.discard(),d};else{const c=this.config.auth.onRedirectNavigate;this.config.auth.onRedirectNavigate=d=>{const f=typeof c=="function"?c(d):void 0;return f!==!1?n.end({success:!0}):n.discard(),f}}const s=this.getAllAccounts().length>0;try{ap(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Redirect,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Redirect,e);let c;return this.nativeExtensionProvider&&this.canUseNative(e)?c=new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,t).acquireTokenRedirect(e,n).catch(f=>{if(f instanceof Jn&&Zo(f))return this.nativeExtensionProvider=void 0,this.createRedirectClient(t).acquireToken(e);if(f instanceof Fn)return this.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createRedirectClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),f}):c=this.createRedirectClient(t).acquireToken(e),await c}catch(c){throw n.end({success:!1},c),s?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Redirect,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Redirect,null,c),c}}acquireTokenPopup(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenPopup,t);n.add({scenarioId:e.scenarioId,accountType:qn(e.account)});try{this.logger.verbose("acquireTokenPopup called",t),ks(this.initialized,n),this.browserStorage.setInteractionInProgress(!0)}catch(c){return Promise.reject(c)}const i=this.getAllAccounts();i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Popup,e):this.eventHandler.emitEvent(ne.LOGIN_START,X.Popup,e);let s;return this.canUseNative(e)?s=this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenPopup).then(c=>(this.browserStorage.setInteractionInProgress(!1),n.end({success:!0,isNativeBroker:!0,accountType:qn(c.account)}),c)).catch(c=>{if(c instanceof Jn&&Zo(c))return this.nativeExtensionProvider=void 0,this.createPopupClient(t).acquireToken(e);if(c instanceof Fn)return this.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),this.createPopupClient(t).acquireToken(e);throw this.browserStorage.setInteractionInProgress(!1),c}):s=this.createPopupClient(t).acquireToken(e),s.then(c=>(i.length<this.getAllAccounts().length?this.eventHandler.emitEvent(ne.LOGIN_SUCCESS,X.Popup,c):this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Popup,c),n.end({success:!0,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>(i.length>0?this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Popup,null,c):this.eventHandler.emitEvent(ne.LOGIN_FAILURE,X.Popup,null,c),n.end({success:!1},c),Promise.reject(c)))}trackPageVisibilityWithMeasurement(){const e=this.ssoSilentMeasurement||this.acquireTokenByCodeAsyncMeasurement;e&&(this.logger.info("Perf: Visibility change detected in ",e.event.name),e.increment({visibilityChangeCount:1}))}async ssoSilent(e){var s,c;const t=this.getRequestCorrelationId(e),n={...e,prompt:e.prompt,correlationId:t};this.ssoSilentMeasurement=this.performanceClient.startMeasurement(k.SsoSilent,t),(s=this.ssoSilentMeasurement)==null||s.add({scenarioId:e.scenarioId,accountType:qn(e.account)}),ks(this.initialized,this.ssoSilentMeasurement),(c=this.ssoSilentMeasurement)==null||c.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),this.logger.verbose("ssoSilent called",t),this.eventHandler.emitEvent(ne.SSO_SILENT_START,X.Silent,n);let i;return this.canUseNative(n)?i=this.acquireTokenNative(n,xe.ssoSilent).catch(d=>{if(d instanceof Jn&&Zo(d))return this.nativeExtensionProvider=void 0,this.createSilentIframeClient(n.correlationId).acquireToken(n);throw d}):i=this.createSilentIframeClient(n.correlationId).acquireToken(n),i.then(d=>{var f;return this.eventHandler.emitEvent(ne.SSO_SILENT_SUCCESS,X.Silent,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!0,isNativeBroker:d.fromNativeBroker,accessTokenSize:d.accessToken.length,idTokenSize:d.idToken.length,accountType:qn(d.account)}),d}).catch(d=>{var f;throw this.eventHandler.emitEvent(ne.SSO_SILENT_FAILURE,X.Silent,null,d),(f=this.ssoSilentMeasurement)==null||f.end({success:!1},d),d}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenByCode(e){const t=this.getRequestCorrelationId(e);this.logger.trace("acquireTokenByCode called",t);const n=this.performanceClient.startMeasurement(k.AcquireTokenByCode,t);ks(this.initialized,n),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_START,X.Silent,e),n.add({scenarioId:e.scenarioId});try{if(e.code&&e.nativeAccountId)throw j(TC);if(e.code){const i=e.code;let s=this.hybridAuthCodeResponses.get(i);return s?(this.logger.verbose("Existing acquireTokenByCode request found",t),n.discard()):(this.logger.verbose("Initiating new acquireTokenByCode request",t),s=this.acquireTokenByCodeAsync({...e,correlationId:t}).then(c=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_SUCCESS,X.Silent,c),this.hybridAuthCodeResponses.delete(i),n.end({success:!0,isNativeBroker:c.fromNativeBroker,accessTokenSize:c.accessToken.length,idTokenSize:c.idToken.length,accountType:qn(c.account)}),c)).catch(c=>{throw this.hybridAuthCodeResponses.delete(i),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,c),n.end({success:!1},c),c}),this.hybridAuthCodeResponses.set(i,s)),await s}else if(e.nativeAccountId)if(this.canUseNative(e,e.nativeAccountId)){const i=await this.acquireTokenNative({...e,correlationId:t},xe.acquireTokenByCode,e.nativeAccountId).catch(s=>{throw s instanceof Jn&&Zo(s)&&(this.nativeExtensionProvider=void 0),s});return n.end({accountType:qn(i.account),success:!0}),i}else throw j(EC);else throw j(_C)}catch(i){throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_BY_CODE_FAILURE,X.Silent,null,i),n.end({success:!1},i),i}}async acquireTokenByCodeAsync(e){var i;return this.logger.trace("acquireTokenByCodeAsync called",e.correlationId),this.acquireTokenByCodeAsyncMeasurement=this.performanceClient.startMeasurement(k.AcquireTokenByCodeAsync,e.correlationId),(i=this.acquireTokenByCodeAsyncMeasurement)==null||i.increment({visibilityChangeCount:0}),document.addEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement),await this.createSilentAuthCodeClient(e.correlationId).acquireToken(e).then(s=>{var c;return(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!0,fromCache:s.fromCache,isNativeBroker:s.fromNativeBroker}),s}).catch(s=>{var c;throw(c=this.acquireTokenByCodeAsyncMeasurement)==null||c.end({success:!1},s),s}).finally(()=>{document.removeEventListener("visibilitychange",this.trackPageVisibilityWithMeasurement)})}async acquireTokenFromCache(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenFromCache,e.correlationId),t){case Qt.Default:case Qt.AccessToken:case Qt.AccessTokenAndRefreshToken:const n=this.createSilentCacheClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentCacheClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenByRefreshToken(e,t){switch(this.performanceClient.addQueueMeasurement(k.AcquireTokenByRefreshToken,e.correlationId),t){case Qt.Default:case Qt.AccessTokenAndRefreshToken:case Qt.RefreshToken:case Qt.RefreshTokenAndNetwork:const n=this.createSilentRefreshClient(e.correlationId);return B(n.acquireToken.bind(n),k.SilentRefreshClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e);default:throw U(vr)}}async acquireTokenBySilentIframe(e){this.performanceClient.addQueueMeasurement(k.AcquireTokenBySilentIframe,e.correlationId);const t=this.createSilentIframeClient(e.correlationId);return B(t.acquireToken.bind(t),k.SilentIframeClientAcquireToken,this.logger,this.performanceClient,e.correlationId)(e)}async logout(e){const t=this.getRequestCorrelationId(e);return this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.",t),this.logoutRedirect({correlationId:t,...e})}async logoutRedirect(e){const t=this.getRequestCorrelationId(e);return ap(this.initialized,this.config),this.browserStorage.setInteractionInProgress(!0),this.createRedirectClient(t).logout(e)}logoutPopup(e){try{const t=this.getRequestCorrelationId(e);return ph(this.initialized),this.browserStorage.setInteractionInProgress(!0),this.createPopupClient(t).logout(e)}catch(t){return Promise.reject(t)}}async clearCache(e){if(!this.isBrowserEnvironment){this.logger.info("in non-browser environment, returning early.");return}const t=this.getRequestCorrelationId(e);return this.createSilentCacheClient(t).logout(e)}getAllAccounts(e){return cM(this.logger,this.browserStorage,this.isBrowserEnvironment,e)}getAccount(e){return lM(e,this.logger,this.browserStorage)}getAccountByUsername(e){return uM(e,this.logger,this.browserStorage)}getAccountByHomeId(e){return dM(e,this.logger,this.browserStorage)}getAccountByLocalId(e){return hM(e,this.logger,this.browserStorage)}setActiveAccount(e){fM(e,this.browserStorage)}getActiveAccount(){return gM(this.browserStorage)}async hydrateCache(e,t){this.logger.verbose("hydrateCache called");const n=it.createFromAccountInfo(e.account,e.cloudGraphHostName,e.msGraphHost);return this.browserStorage.setAccount(n),e.fromNativeBroker?(this.logger.verbose("Response was from native broker, storing in-memory"),this.nativeInternalStorage.hydrateCache(e,t)):this.browserStorage.hydrateCache(e,t)}async acquireTokenNative(e,t,n){if(this.logger.trace("acquireTokenNative called"),!this.nativeExtensionProvider)throw j(wa);return new li(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,n||this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e)}canUseNative(e,t){if(this.logger.trace("canUseNative called"),!Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme))return this.logger.trace("canUseNative: isNativeAvailable returned false, returning false"),!1;if(e.prompt)switch(e.prompt){case lt.NONE:case lt.CONSENT:case lt.LOGIN:this.logger.trace("canUseNative: prompt is compatible with native flow");break;default:return this.logger.trace(`canUseNative: prompt = ${e.prompt} is not compatible with native flow, returning false`),!1}return!t&&!this.getNativeAccountId(e)?(this.logger.trace("canUseNative: nativeAccountId is not available, returning false"),!1):!0}getNativeAccountId(e){const t=e.account||this.getAccount({loginHint:e.loginHint,sid:e.sid})||this.getActiveAccount();return t&&t.nativeAccountId||""}createPopupClient(e){return new NM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createRedirectClient(e){return new MM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentIframeClient(e){return new FM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)}createSilentCacheClient(e){return new KC(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentRefreshClient(e){return new HM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)}createSilentAuthCodeClient(e){return new KM(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,xe.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)}addEventCallback(e,t){return this.eventHandler.addEventCallback(e,t)}removeEventCallback(e){this.eventHandler.removeEventCallback(e)}addPerformanceCallback(e){return UC(),this.performanceClient.addPerformanceCallback(e)}removePerformanceCallback(e){return this.performanceClient.removePerformanceCallback(e)}enableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?this.logger.verbose("Account storage listener already registered."):(this.logger.verbose("Adding account storage listener."),this.listeningToStorageEvents=!0,window.addEventListener("storage",this.handleAccountCacheChange)))}disableAccountStorageEvents(){typeof window>"u"||(this.listeningToStorageEvents?(this.logger.verbose("Removing account storage listener."),window.removeEventListener("storage",this.handleAccountCacheChange),this.listeningToStorageEvents=!1):this.logger.verbose("No account storage listener registered."))}handleAccountCacheChange(e){var t;try{(t=e.key)!=null&&t.includes(st.ACTIVE_ACCOUNT_FILTERS)&&this.eventHandler.emitEvent(ne.ACTIVE_ACCOUNT_CHANGED);const n=e.newValue||e.oldValue;if(!n)return;const i=JSON.parse(n);if(typeof i!="object"||!it.isAccountEntity(i))return;const c=fi.toObject(new it,i).getAccountInfo();!e.oldValue&&e.newValue?(this.logger.info("Account was added to cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_ADDED,void 0,c)):!e.newValue&&e.oldValue&&(this.logger.info("Account was removed from cache in a different window"),this.eventHandler.emitEvent(ne.ACCOUNT_REMOVED,void 0,c))}catch{return}}getTokenCache(){return this.tokenCache}getLogger(){return this.logger}setLogger(e){this.logger=e}initializeWrapperLibrary(e,t){this.browserStorage.setWrapperMetadata(e,t)}setNavigationClient(e){this.navigationClient=e}getConfiguration(){return this.config}getPerformanceClient(){return this.performanceClient}isBrowserEnv(){return this.isBrowserEnvironment}getRequestCorrelationId(e){return e!=null&&e.correlationId?e.correlationId:this.isBrowserEnvironment?Er():P.EMPTY_STRING}async loginRedirect(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginRedirect called",t),this.acquireTokenRedirect({correlationId:t,...e||rp})}loginPopup(e){const t=this.getRequestCorrelationId(e);return this.logger.verbose("loginPopup called",t),this.acquireTokenPopup({correlationId:t,...e||rp})}async acquireTokenSilent(e){const t=this.getRequestCorrelationId(e),n=this.performanceClient.startMeasurement(k.AcquireTokenSilent,t);n.add({cacheLookupPolicy:e.cacheLookupPolicy,scenarioId:e.scenarioId}),ks(this.initialized,n),this.logger.verbose("acquireTokenSilent called",t);const i=e.account||this.getActiveAccount();if(!i)throw j(gC);n.add({accountType:qn(i)});const s={clientId:this.config.auth.clientId,authority:e.authority||P.EMPTY_STRING,scopes:e.scopes,homeAccountIdentifier:i.homeAccountId,claims:e.claims,authenticationScheme:e.authenticationScheme,resourceRequestMethod:e.resourceRequestMethod,resourceRequestUri:e.resourceRequestUri,shrClaims:e.shrClaims,sshKid:e.sshKid,shrOptions:e.shrOptions},c=JSON.stringify(s),d=this.activeSilentTokenRequests.get(c);if(typeof d>"u"){this.logger.verbose("acquireTokenSilent called for the first time, storing active request",t);const f=B(this.acquireTokenSilentAsync.bind(this),k.AcquireTokenSilentAsync,this.logger,this.performanceClient,t)({...e,correlationId:t},i).then(g=>(this.activeSilentTokenRequests.delete(c),n.end({success:!0,fromCache:g.fromCache,isNativeBroker:g.fromNativeBroker,cacheLookupPolicy:e.cacheLookupPolicy,accessTokenSize:g.accessToken.length,idTokenSize:g.idToken.length}),g)).catch(g=>{throw this.activeSilentTokenRequests.delete(c),n.end({success:!1},g),g});return this.activeSilentTokenRequests.set(c,f),{...await f,state:e.state}}else return this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call",t),n.discard(),{...await d,state:e.state}}async acquireTokenSilentAsync(e,t){const n=()=>this.trackPageVisibility(e.correlationId);this.performanceClient.addQueueMeasurement(k.AcquireTokenSilentAsync,e.correlationId),this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_START,X.Silent,e),e.correlationId&&this.performanceClient.incrementFields({visibilityChangeCount:0},e.correlationId),document.addEventListener("visibilitychange",n);const i=await B(wM,k.InitializeSilentRequest,this.logger,this.performanceClient,e.correlationId)(e,t,this.config,this.performanceClient,this.logger),s=e.cacheLookupPolicy||Qt.Default;return this.acquireTokenSilentNoIframe(i,s).catch(async d=>{if(zM(d,s))if(this.activeIframeRequest)if(s!==Qt.Skip){const[g,p]=this.activeIframeRequest;this.logger.verbose(`Iframe request is already in progress, awaiting resolution for request with correlationId: ${p}`,i.correlationId);const w=this.performanceClient.startMeasurement(k.AwaitConcurrentIframe,i.correlationId);w.add({awaitIframeCorrelationId:p});const C=await g;if(w.end({success:C}),C)return this.logger.verbose(`Parallel iframe request with correlationId: ${p} succeeded. Retrying cache and/or RT redemption`,i.correlationId),this.acquireTokenSilentNoIframe(i,s);throw this.logger.info(`Iframe request with correlationId: ${p} failed. Interaction is required.`),d}else return this.logger.warning("Another iframe request is currently in progress and CacheLookupPolicy is set to Skip. This may result in degraded performance and/or reliability for both calls. Please consider changing the CacheLookupPolicy to take advantage of request queuing and token cache.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i);else{let g;return this.activeIframeRequest=[new Promise(p=>{g=p}),i.correlationId],this.logger.verbose("Refresh token expired/invalid or CacheLookupPolicy is set to Skip, attempting acquire token by iframe.",i.correlationId),B(this.acquireTokenBySilentIframe.bind(this),k.AcquireTokenBySilentIframe,this.logger,this.performanceClient,i.correlationId)(i).then(p=>(g(!0),p)).catch(p=>{throw g(!1),p}).finally(()=>{this.activeIframeRequest=void 0})}else throw d}).then(d=>(this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_SUCCESS,X.Silent,d),e.correlationId&&this.performanceClient.addFields({fromCache:d.fromCache,isNativeBroker:d.fromNativeBroker},e.correlationId),d)).catch(d=>{throw this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_FAILURE,X.Silent,null,d),d}).finally(()=>{document.removeEventListener("visibilitychange",n)})}async acquireTokenSilentNoIframe(e,t){return Qn.isNativeAvailable(this.config,this.logger,this.nativeExtensionProvider,e.authenticationScheme)&&e.account.nativeAccountId?(this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),this.acquireTokenNative(e,xe.acquireTokenSilent_silentFlow).catch(async n=>{throw n instanceof Jn&&Zo(n)?(this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),this.nativeExtensionProvider=void 0,U(vr)):n})):(this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),B(this.acquireTokenFromCache.bind(this),k.AcquireTokenFromCache,this.logger,this.performanceClient,e.correlationId)(e,t).catch(n=>{if(t===Qt.AccessToken)throw n;return this.eventHandler.emitEvent(ne.ACQUIRE_TOKEN_NETWORK_START,X.Silent,e),B(this.acquireTokenByRefreshToken.bind(this),k.AcquireTokenByRefreshToken,this.logger,this.performanceClient,e.correlationId)(e,t)}))}}function zM(r,e){const t=!(r instanceof Fn&&r.subError!==Nc),n=r.errorCode===en.INVALID_GRANT_ERROR||r.errorCode===vr,i=t&&n||r.errorCode===uc||r.errorCode===nh,s=b0.includes(e);return i&&s}/*! @azure/msal-browser v3.28.1 2025-01-14 */async function WM(r,e){const t=new yo(r);return await t.initialize(),Uc.createController(t,e)}/*! @azure/msal-browser v3.28.1 2025-01-14 */class wh{static async createPublicClientApplication(e){const t=await WM(e);return new wh(e,t)}constructor(e,t){this.controller=t||new Uc(new yo(e))}async initialize(e){return this.controller.initialize(e)}async acquireTokenPopup(e){return this.controller.acquireTokenPopup(e)}acquireTokenRedirect(e){return this.controller.acquireTokenRedirect(e)}acquireTokenSilent(e){return this.controller.acquireTokenSilent(e)}acquireTokenByCode(e){return this.controller.acquireTokenByCode(e)}addEventCallback(e,t){return this.controller.addEventCallback(e,t)}removeEventCallback(e){return this.controller.removeEventCallback(e)}addPerformanceCallback(e){return this.controller.addPerformanceCallback(e)}removePerformanceCallback(e){return this.controller.removePerformanceCallback(e)}enableAccountStorageEvents(){this.controller.enableAccountStorageEvents()}disableAccountStorageEvents(){this.controller.disableAccountStorageEvents()}getAccount(e){return this.controller.getAccount(e)}getAccountByHomeId(e){return this.controller.getAccountByHomeId(e)}getAccountByLocalId(e){return this.controller.getAccountByLocalId(e)}getAccountByUsername(e){return this.controller.getAccountByUsername(e)}getAllAccounts(e){return this.controller.getAllAccounts(e)}handleRedirectPromise(e){return this.controller.handleRedirectPromise(e)}loginPopup(e){return this.controller.loginPopup(e)}loginRedirect(e){return this.controller.loginRedirect(e)}logout(e){return this.controller.logout(e)}logoutRedirect(e){return this.controller.logoutRedirect(e)}logoutPopup(e){return this.controller.logoutPopup(e)}ssoSilent(e){return this.controller.ssoSilent(e)}getTokenCache(){return this.controller.getTokenCache()}getLogger(){return this.controller.getLogger()}setLogger(e){this.controller.setLogger(e)}setActiveAccount(e){this.controller.setActiveAccount(e)}getActiveAccount(){return this.controller.getActiveAccount()}initializeWrapperLibrary(e,t){return this.controller.initializeWrapperLibrary(e,t)}setNavigationClient(e){this.controller.setNavigationClient(e)}getConfiguration(){return this.controller.getConfiguration()}async hydrateCache(e,t){return this.controller.hydrateCache(e,t)}clearCache(e){return this.controller.clearCache(e)}}const xu=process.env.JPLAN_WEBAPP__APP_PROXY_TENANT_NAME??"",qM=process.env.JPLAN_WEBAPP__APP_PROXY_CLIENT_ID??"",GM=process.env.JPLAN_WEBAPP__APP_PROXY_USER_FLOW??"",jM=process.env.JPLAN_WEBAPP__URL_BASE??"",YM={auth:{clientId:qM,authority:`https://${xu}.b2clogin.com/${xu}.onmicrosoft.com/${GM}`,knownAuthorities:[`${xu}.b2clogin.com`],redirectUri:`${jM}/_/dashboard/`},cache:{cacheLocation:"localStorage",storeAuthStateInCookie:!1},system:{loggerOptions:{loggerCallback:(r,e)=>{r===Me.Error&&console.error(e)},logLevel:Me.Warning}}},io=new wh(YM),dp=u.ref(null);function qC(){async function r(e){var t;if(e)try{const n=e.idTokenClaims;if(!(n!=null&&n.aud))throw new Error("User audience (aud) is missing in ID token claims");const i=localStorage.getItem(`msal.token.keys.${n.aud}`);if(!i)throw new Error(`Token keys para ${n.aud} não encontrados no localStorage`);const s=JSON.parse(i),c=(t=s==null?void 0:s.idToken)==null?void 0:t[0];if(!c)throw new Error("idToken não encontrado nos token keys");const d=localStorage.getItem(c);if(!d)throw new Error(`Dados do token para ID ${c} não encontrados no localStorage`);const f=JSON.parse(d),g=f==null?void 0:f.secret;if(!g)throw new Error("Secret não encontrado nos dados do token");sessionStorage.setItem("isAuthenticated","true"),dp.value=g}catch(n){console.error("Erro ao obter token de acesso:",n)}}return{jToken:dp,setJToken:r}}const JM=()=>process.env.JPLAN_WEBAPP__URL_AUTH||"http://localhost:5174",xr=u.ref(null);function GC(){const{setJToken:r}=qC(),e=u.computed(()=>!!xr.value),t=u.computed(()=>xr.value);async function n(){e.value||await i()}const i=async()=>new Promise((d,f)=>{try{localStorage.clear();const g=window.open(JM());if(!g){console.error("Falha ao abrir a janela de autenticação"),f("Falha ao abrir a janela de autenticação");return}const p=setInterval(()=>{Object.keys(localStorage).some(C=>C.startsWith("msal.account.keys"))&&(clearInterval(p),s(),g.close(),d())},500)}catch(g){console.error("Erro no handleRedirect:",g),f(g)}}),s=async()=>{try{await io.initialize();const d=io.getActiveAccount();if(d)xr.value=d;else{const f=await io.handleRedirectPromise();f?(io.setActiveAccount(f.account),xr.value=io.getActiveAccount()):console.error("Falha na autenticação")}}catch(d){console.error("Erro no processo de autenticação:",d)}xr.value&&await r(xr.value)};async function c(){try{const d=await io.acquireTokenSilent({scopes:["https://graph.microsoft.com/.default","openid","profile"]});io.setActiveAccount(d.account),await r(xr.value)}catch(d){console.error("Falha ao renovar token, forçando novo login.",d),await n()}}return u.watch(xr,async(d,f)=>{var p,w,C;if(((p=d==null?void 0:d.idTokenClaims)==null?void 0:p.exp)===((w=f==null?void 0:f.idTokenClaims)==null?void 0:w.exp))return;const g=(C=d==null?void 0:d.idTokenClaims)==null?void 0:C.exp;if(g){const S=Math.floor(Date.now()/1e3),b=(g-S-120)*1e3;b>0&&setTimeout(async()=>{await c()},b)}},{immediate:!0}),{isAuthenticated:e,account:t,handleRedirect:n}}function jC(r,e){return function(){return r.apply(e,arguments)}}const{toString:QM}=Object.prototype,{getPrototypeOf:_h}=Object,Bc=(r=>e=>{const t=QM.call(e);return r[t]||(r[t]=t.slice(8,-1).toLowerCase())})(Object.create(null)),Vn=r=>(r=r.toLowerCase(),e=>Bc(e)===r),Fc=r=>e=>typeof e===r,{isArray:yi}=Array,fa=Fc("undefined");function XM(r){return r!==null&&!fa(r)&&r.constructor!==null&&!fa(r.constructor)&&an(r.constructor.isBuffer)&&r.constructor.isBuffer(r)}const YC=Vn("ArrayBuffer");function ZM(r){let e;return typeof ArrayBuffer<"u"&&ArrayBuffer.isView?e=ArrayBuffer.isView(r):e=r&&r.buffer&&YC(r.buffer),e}const e1=Fc("string"),an=Fc("function"),JC=Fc("number"),Hc=r=>r!==null&&typeof r=="object",t1=r=>r===!0||r===!1,zs=r=>{if(Bc(r)!=="object")return!1;const e=_h(r);return(e===null||e===Object.prototype||Object.getPrototypeOf(e)===null)&&!(Symbol.toStringTag in r)&&!(Symbol.iterator in r)},n1=Vn("Date"),r1=Vn("File"),o1=Vn("Blob"),i1=Vn("FileList"),a1=r=>Hc(r)&&an(r.pipe),s1=r=>{let e;return r&&(typeof FormData=="function"&&r instanceof FormData||an(r.append)&&((e=Bc(r))==="formdata"||e==="object"&&an(r.toString)&&r.toString()==="[object FormData]"))},c1=Vn("URLSearchParams"),[l1,u1,d1,h1]=["ReadableStream","Request","Response","Headers"].map(Vn),f1=r=>r.trim?r.trim():r.replace(/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,"");function Ta(r,e,{allOwnKeys:t=!1}={}){if(r===null||typeof r>"u")return;let n,i;if(typeof r!="object"&&(r=[r]),yi(r))for(n=0,i=r.length;n<i;n++)e.call(null,r[n],n,r);else{const s=t?Object.getOwnPropertyNames(r):Object.keys(r),c=s.length;let d;for(n=0;n<c;n++)d=s[n],e.call(null,r[d],d,r)}}function QC(r,e){e=e.toLowerCase();const t=Object.keys(r);let n=t.length,i;for(;n-- >0;)if(i=t[n],e===i.toLowerCase())return i;return null}const fo=typeof globalThis<"u"?globalThis:typeof self<"u"?self:typeof window<"u"?window:global,XC=r=>!fa(r)&&r!==fo;function Td(){const{caseless:r}=XC(this)&&this||{},e={},t=(n,i)=>{const s=r&&QC(e,i)||i;zs(e[s])&&zs(n)?e[s]=Td(e[s],n):zs(n)?e[s]=Td({},n):yi(n)?e[s]=n.slice():e[s]=n};for(let n=0,i=arguments.length;n<i;n++)arguments[n]&&Ta(arguments[n],t);return e}const g1=(r,e,t,{allOwnKeys:n}={})=>(Ta(e,(i,s)=>{t&&an(i)?r[s]=jC(i,t):r[s]=i},{allOwnKeys:n}),r),m1=r=>(r.charCodeAt(0)===65279&&(r=r.slice(1)),r),p1=(r,e,t,n)=>{r.prototype=Object.create(e.prototype,n),r.prototype.constructor=r,Object.defineProperty(r,"super",{value:e.prototype}),t&&Object.assign(r.prototype,t)},v1=(r,e,t,n)=>{let i,s,c;const d={};if(e=e||{},r==null)return e;do{for(i=Object.getOwnPropertyNames(r),s=i.length;s-- >0;)c=i[s],(!n||n(c,r,e))&&!d[c]&&(e[c]=r[c],d[c]=!0);r=t!==!1&&_h(r)}while(r&&(!t||t(r,e))&&r!==Object.prototype);return e},y1=(r,e,t)=>{r=String(r),(t===void 0||t>r.length)&&(t=r.length),t-=e.length;const n=r.indexOf(e,t);return n!==-1&&n===t},C1=r=>{if(!r)return null;if(yi(r))return r;let e=r.length;if(!JC(e))return null;const t=new Array(e);for(;e-- >0;)t[e]=r[e];return t},w1=(r=>e=>r&&e instanceof r)(typeof Uint8Array<"u"&&_h(Uint8Array)),_1=(r,e)=>{const n=(r&&r[Symbol.iterator]).call(r);let i;for(;(i=n.next())&&!i.done;){const s=i.value;e.call(r,s[0],s[1])}},T1=(r,e)=>{let t;const n=[];for(;(t=r.exec(e))!==null;)n.push(t);return n},E1=Vn("HTMLFormElement"),S1=r=>r.toLowerCase().replace(/[-_\s]([a-z\d])(\w*)/g,function(t,n,i){return n.toUpperCase()+i}),hp=(({hasOwnProperty:r})=>(e,t)=>r.call(e,t))(Object.prototype),A1=Vn("RegExp"),ZC=(r,e)=>{const t=Object.getOwnPropertyDescriptors(r),n={};Ta(t,(i,s)=>{let c;(c=e(i,s,r))!==!1&&(n[s]=c||i)}),Object.defineProperties(r,n)},I1=r=>{ZC(r,(e,t)=>{if(an(r)&&["arguments","caller","callee"].indexOf(t)!==-1)return!1;const n=r[t];if(an(n)){if(e.enumerable=!1,"writable"in e){e.writable=!1;return}e.set||(e.set=()=>{throw Error("Can not rewrite read-only method '"+t+"'")})}})},b1=(r,e)=>{const t={},n=i=>{i.forEach(s=>{t[s]=!0})};return yi(r)?n(r):n(String(r).split(e)),t},k1=()=>{},R1=(r,e)=>r!=null&&Number.isFinite(r=+r)?r:e,Lu="abcdefghijklmnopqrstuvwxyz",fp="0123456789",ew={DIGIT:fp,ALPHA:Lu,ALPHA_DIGIT:Lu+Lu.toUpperCase()+fp},O1=(r=16,e=ew.ALPHA_DIGIT)=>{let t="";const{length:n}=e;for(;r--;)t+=e[Math.random()*n|0];return t};function N1(r){return!!(r&&an(r.append)&&r[Symbol.toStringTag]==="FormData"&&r[Symbol.iterator])}const P1=r=>{const e=new Array(10),t=(n,i)=>{if(Hc(n)){if(e.indexOf(n)>=0)return;if(!("toJSON"in n)){e[i]=n;const s=yi(n)?[]:{};return Ta(n,(c,d)=>{const f=t(c,i+1);!fa(f)&&(s[d]=f)}),e[i]=void 0,s}}return n};return t(r,0)},M1=Vn("AsyncFunction"),D1=r=>r&&(Hc(r)||an(r))&&an(r.then)&&an(r.catch),tw=((r,e)=>r?setImmediate:e?((t,n)=>(fo.addEventListener("message",({source:i,data:s})=>{i===fo&&s===t&&n.length&&n.shift()()},!1),i=>{n.push(i),fo.postMessage(t,"*")}))(`axios@${Math.random()}`,[]):t=>setTimeout(t))(typeof setImmediate=="function",an(fo.postMessage)),x1=typeof queueMicrotask<"u"?queueMicrotask.bind(fo):typeof process<"u"&&process.nextTick||tw,O={isArray:yi,isArrayBuffer:YC,isBuffer:XM,isFormData:s1,isArrayBufferView:ZM,isString:e1,isNumber:JC,isBoolean:t1,isObject:Hc,isPlainObject:zs,isReadableStream:l1,isRequest:u1,isResponse:d1,isHeaders:h1,isUndefined:fa,isDate:n1,isFile:r1,isBlob:o1,isRegExp:A1,isFunction:an,isStream:a1,isURLSearchParams:c1,isTypedArray:w1,isFileList:i1,forEach:Ta,merge:Td,extend:g1,trim:f1,stripBOM:m1,inherits:p1,toFlatObject:v1,kindOf:Bc,kindOfTest:Vn,endsWith:y1,toArray:C1,forEachEntry:_1,matchAll:T1,isHTMLForm:E1,hasOwnProperty:hp,hasOwnProp:hp,reduceDescriptors:ZC,freezeMethods:I1,toObjectSet:b1,toCamelCase:S1,noop:k1,toFiniteNumber:R1,findKey:QC,global:fo,isContextDefined:XC,ALPHABET:ew,generateString:O1,isSpecCompliantForm:N1,toJSONObject:P1,isAsyncFn:M1,isThenable:D1,setImmediate:tw,asap:x1};function ue(r,e,t,n,i){Error.call(this),Error.captureStackTrace?Error.captureStackTrace(this,this.constructor):this.stack=new Error().stack,this.message=r,this.name="AxiosError",e&&(this.code=e),t&&(this.config=t),n&&(this.request=n),i&&(this.response=i,this.status=i.status?i.status:null)}O.inherits(ue,Error,{toJSON:function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:O.toJSONObject(this.config),code:this.code,status:this.status}}});const nw=ue.prototype,rw={};["ERR_BAD_OPTION_VALUE","ERR_BAD_OPTION","ECONNABORTED","ETIMEDOUT","ERR_NETWORK","ERR_FR_TOO_MANY_REDIRECTS","ERR_DEPRECATED","ERR_BAD_RESPONSE","ERR_BAD_REQUEST","ERR_CANCELED","ERR_NOT_SUPPORT","ERR_INVALID_URL"].forEach(r=>{rw[r]={value:r}});Object.defineProperties(ue,rw);Object.defineProperty(nw,"isAxiosError",{value:!0});ue.from=(r,e,t,n,i,s)=>{const c=Object.create(nw);return O.toFlatObject(r,c,function(f){return f!==Error.prototype},d=>d!=="isAxiosError"),ue.call(c,r.message,e,t,n,i),c.cause=r,c.name=r.name,s&&Object.assign(c,s),c};const L1=null;function Ed(r){return O.isPlainObject(r)||O.isArray(r)}function ow(r){return O.endsWith(r,"[]")?r.slice(0,-2):r}function gp(r,e,t){return r?r.concat(e).map(function(i,s){return i=ow(i),!t&&s?"["+i+"]":i}).join(t?".":""):e}function U1(r){return O.isArray(r)&&!r.some(Ed)}const B1=O.toFlatObject(O,{},null,function(e){return/^is[A-Z]/.test(e)});function Vc(r,e,t){if(!O.isObject(r))throw new TypeError("target must be an object");e=e||new FormData,t=O.toFlatObject(t,{metaTokens:!0,dots:!1,indexes:!1},!1,function(b,N){return!O.isUndefined(N[b])});const n=t.metaTokens,i=t.visitor||p,s=t.dots,c=t.indexes,f=(t.Blob||typeof Blob<"u"&&Blob)&&O.isSpecCompliantForm(e);if(!O.isFunction(i))throw new TypeError("visitor must be a function");function g(T){if(T===null)return"";if(O.isDate(T))return T.toISOString();if(!f&&O.isBlob(T))throw new ue("Blob is not supported. Use a Buffer instead.");return O.isArrayBuffer(T)||O.isTypedArray(T)?f&&typeof Blob=="function"?new Blob([T]):Buffer.from(T):T}function p(T,b,N){let K=T;if(T&&!N&&typeof T=="object"){if(O.endsWith(b,"{}"))b=n?b:b.slice(0,-2),T=JSON.stringify(T);else if(O.isArray(T)&&U1(T)||(O.isFileList(T)||O.endsWith(b,"[]"))&&(K=O.toArray(T)))return b=ow(b),K.forEach(function(V,z){!(O.isUndefined(V)||V===null)&&e.append(c===!0?gp([b],z,s):c===null?b:b+"[]",g(V))}),!1}return Ed(T)?!0:(e.append(gp(N,b,s),g(T)),!1)}const w=[],C=Object.assign(B1,{defaultVisitor:p,convertValue:g,isVisitable:Ed});function S(T,b){if(!O.isUndefined(T)){if(w.indexOf(T)!==-1)throw Error("Circular reference detected in "+b.join("."));w.push(T),O.forEach(T,function(K,H){(!(O.isUndefined(K)||K===null)&&i.call(e,K,O.isString(H)?H.trim():H,b,C))===!0&&S(K,b?b.concat(H):[H])}),w.pop()}}if(!O.isObject(r))throw new TypeError("data must be an object");return S(r),e}function mp(r){const e={"!":"%21","'":"%27","(":"%28",")":"%29","~":"%7E","%20":"+","%00":"\0"};return encodeURIComponent(r).replace(/[!'()~]|%20|%00/g,function(n){return e[n]})}function Th(r,e){this._pairs=[],r&&Vc(r,this,e)}const iw=Th.prototype;iw.append=function(e,t){this._pairs.push([e,t])};iw.toString=function(e){const t=e?function(n){return e.call(this,n,mp)}:mp;return this._pairs.map(function(i){return t(i[0])+"="+t(i[1])},"").join("&")};function F1(r){return encodeURIComponent(r).replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,"+").replace(/%5B/gi,"[").replace(/%5D/gi,"]")}function aw(r,e,t){if(!e)return r;const n=t&&t.encode||F1;O.isFunction(t)&&(t={serialize:t});const i=t&&t.serialize;let s;if(i?s=i(e,t):s=O.isURLSearchParams(e)?e.toString():new Th(e,t).toString(n),s){const c=r.indexOf("#");c!==-1&&(r=r.slice(0,c)),r+=(r.indexOf("?")===-1?"?":"&")+s}return r}class pp{constructor(){this.handlers=[]}use(e,t,n){return this.handlers.push({fulfilled:e,rejected:t,synchronous:n?n.synchronous:!1,runWhen:n?n.runWhen:null}),this.handlers.length-1}eject(e){this.handlers[e]&&(this.handlers[e]=null)}clear(){this.handlers&&(this.handlers=[])}forEach(e){O.forEach(this.handlers,function(n){n!==null&&e(n)})}}const sw={silentJSONParsing:!0,forcedJSONParsing:!0,clarifyTimeoutError:!1},H1=typeof URLSearchParams<"u"?URLSearchParams:Th,V1=typeof FormData<"u"?FormData:null,$1=typeof Blob<"u"?Blob:null,K1={isBrowser:!0,classes:{URLSearchParams:H1,FormData:V1,Blob:$1},protocols:["http","https","file","blob","url","data"]},Eh=typeof window<"u"&&typeof document<"u",Sd=typeof navigator=="object"&&navigator||void 0,z1=Eh&&(!Sd||["ReactNative","NativeScript","NS"].indexOf(Sd.product)<0),W1=typeof WorkerGlobalScope<"u"&&self instanceof WorkerGlobalScope&&typeof self.importScripts=="function",q1=Eh&&window.location.href||"http://localhost",G1=Object.freeze(Object.defineProperty({__proto__:null,hasBrowserEnv:Eh,hasStandardBrowserEnv:z1,hasStandardBrowserWebWorkerEnv:W1,navigator:Sd,origin:q1},Symbol.toStringTag,{value:"Module"})),At={...G1,...K1};function j1(r,e){return Vc(r,new At.classes.URLSearchParams,Object.assign({visitor:function(t,n,i,s){return At.isNode&&O.isBuffer(t)?(this.append(n,t.toString("base64")),!1):s.defaultVisitor.apply(this,arguments)}},e))}function Y1(r){return O.matchAll(/\w+|\[(\w*)]/g,r).map(e=>e[0]==="[]"?"":e[1]||e[0])}function J1(r){const e={},t=Object.keys(r);let n;const i=t.length;let s;for(n=0;n<i;n++)s=t[n],e[s]=r[s];return e}function cw(r){function e(t,n,i,s){let c=t[s++];if(c==="__proto__")return!0;const d=Number.isFinite(+c),f=s>=t.length;return c=!c&&O.isArray(i)?i.length:c,f?(O.hasOwnProp(i,c)?i[c]=[i[c],n]:i[c]=n,!d):((!i[c]||!O.isObject(i[c]))&&(i[c]=[]),e(t,n,i[c],s)&&O.isArray(i[c])&&(i[c]=J1(i[c])),!d)}if(O.isFormData(r)&&O.isFunction(r.entries)){const t={};return O.forEachEntry(r,(n,i)=>{e(Y1(n),i,t,0)}),t}return null}function Q1(r,e,t){if(O.isString(r))try{return(e||JSON.parse)(r),O.trim(r)}catch(n){if(n.name!=="SyntaxError")throw n}return(t||JSON.stringify)(r)}const Ea={transitional:sw,adapter:["xhr","http","fetch"],transformRequest:[function(e,t){const n=t.getContentType()||"",i=n.indexOf("application/json")>-1,s=O.isObject(e);if(s&&O.isHTMLForm(e)&&(e=new FormData(e)),O.isFormData(e))return i?JSON.stringify(cw(e)):e;if(O.isArrayBuffer(e)||O.isBuffer(e)||O.isStream(e)||O.isFile(e)||O.isBlob(e)||O.isReadableStream(e))return e;if(O.isArrayBufferView(e))return e.buffer;if(O.isURLSearchParams(e))return t.setContentType("application/x-www-form-urlencoded;charset=utf-8",!1),e.toString();let d;if(s){if(n.indexOf("application/x-www-form-urlencoded")>-1)return j1(e,this.formSerializer).toString();if((d=O.isFileList(e))||n.indexOf("multipart/form-data")>-1){const f=this.env&&this.env.FormData;return Vc(d?{"files[]":e}:e,f&&new f,this.formSerializer)}}return s||i?(t.setContentType("application/json",!1),Q1(e)):e}],transformResponse:[function(e){const t=this.transitional||Ea.transitional,n=t&&t.forcedJSONParsing,i=this.responseType==="json";if(O.isResponse(e)||O.isReadableStream(e))return e;if(e&&O.isString(e)&&(n&&!this.responseType||i)){const c=!(t&&t.silentJSONParsing)&&i;try{return JSON.parse(e)}catch(d){if(c)throw d.name==="SyntaxError"?ue.from(d,ue.ERR_BAD_RESPONSE,this,null,this.response):d}}return e}],timeout:0,xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN",maxContentLength:-1,maxBodyLength:-1,env:{FormData:At.classes.FormData,Blob:At.classes.Blob},validateStatus:function(e){return e>=200&&e<300},headers:{common:{Accept:"application/json, text/plain, */*","Content-Type":void 0}}};O.forEach(["delete","get","head","post","put","patch"],r=>{Ea.headers[r]={}});const X1=O.toObjectSet(["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-since","if-unmodified-since","last-modified","location","max-forwards","proxy-authorization","referer","retry-after","user-agent"]),Z1=r=>{const e={};let t,n,i;return r&&r.split(`
 `).forEach(function(c){i=c.indexOf(":"),t=c.substring(0,i).trim().toLowerCase(),n=c.substring(i+1).trim(),!(!t||e[t]&&X1[t])&&(t==="set-cookie"?e[t]?e[t].push(n):e[t]=[n]:e[t]=e[t]?e[t]+", "+n:n)}),e},vp=Symbol("internals");function qi(r){return r&&String(r).trim().toLowerCase()}function Ws(r){return r===!1||r==null?r:O.isArray(r)?r.map(Ws):String(r)}function eD(r){const e=Object.create(null),t=/([^\s,;=]+)\s*(?:=\s*([^,;]+))?/g;let n;for(;n=t.exec(r);)e[n[1]]=n[2];return e}const tD=r=>/^[-_a-zA-Z0-9^`|~,!#$%&'*+.]+$/.test(r.trim());function Uu(r,e,t,n,i){if(O.isFunction(n))return n.call(this,e,t);if(i&&(e=t),!!O.isString(e)){if(O.isString(n))return e.indexOf(n)!==-1;if(O.isRegExp(n))return n.test(e)}}function nD(r){return r.trim().toLowerCase().replace(/([a-z\d])(\w*)/g,(e,t,n)=>t.toUpperCase()+n)}function rD(r,e){const t=O.toCamelCase(" "+e);["get","set","has"].forEach(n=>{Object.defineProperty(r,n+t,{value:function(i,s,c){return this[n].call(this,e,i,s,c)},configurable:!0})})}class Ht{constructor(e){e&&this.set(e)}set(e,t,n){const i=this;function s(d,f,g){const p=qi(f);if(!p)throw new Error("header name must be a non-empty string");const w=O.findKey(i,p);(!w||i[w]===void 0||g===!0||g===void 0&&i[w]!==!1)&&(i[w||f]=Ws(d))}const c=(d,f)=>O.forEach(d,(g,p)=>s(g,p,f));if(O.isPlainObject(e)||e instanceof this.constructor)c(e,t);else if(O.isString(e)&&(e=e.trim())&&!tD(e))c(Z1(e),t);else if(O.isHeaders(e))for(const[d,f]of e.entries())s(f,d,n);else e!=null&&s(t,e,n);return this}get(e,t){if(e=qi(e),e){const n=O.findKey(this,e);if(n){const i=this[n];if(!t)return i;if(t===!0)return eD(i);if(O.isFunction(t))return t.call(this,i,n);if(O.isRegExp(t))return t.exec(i);throw new TypeError("parser must be boolean|regexp|function")}}}has(e,t){if(e=qi(e),e){const n=O.findKey(this,e);return!!(n&&this[n]!==void 0&&(!t||Uu(this,this[n],n,t)))}return!1}delete(e,t){const n=this;let i=!1;function s(c){if(c=qi(c),c){const d=O.findKey(n,c);d&&(!t||Uu(n,n[d],d,t))&&(delete n[d],i=!0)}}return O.isArray(e)?e.forEach(s):s(e),i}clear(e){const t=Object.keys(this);let n=t.length,i=!1;for(;n--;){const s=t[n];(!e||Uu(this,this[s],s,e,!0))&&(delete this[s],i=!0)}return i}normalize(e){const t=this,n={};return O.forEach(this,(i,s)=>{const c=O.findKey(n,s);if(c){t[c]=Ws(i),delete t[s];return}const d=e?nD(s):String(s).trim();d!==s&&delete t[s],t[d]=Ws(i),n[d]=!0}),this}concat(...e){return this.constructor.concat(this,...e)}toJSON(e){const t=Object.create(null);return O.forEach(this,(n,i)=>{n!=null&&n!==!1&&(t[i]=e&&O.isArray(n)?n.join(", "):n)}),t}[Symbol.iterator](){return Object.entries(this.toJSON())[Symbol.iterator]()}toString(){return Object.entries(this.toJSON()).map(([e,t])=>e+": "+t).join(`
 `)}get[Symbol.toStringTag](){return"AxiosHeaders"}static from(e){return e instanceof this?e:new this(e)}static concat(e,...t){const n=new this(e);return t.forEach(i=>n.set(i)),n}static accessor(e){const n=(this[vp]=this[vp]={accessors:{}}).accessors,i=this.prototype;function s(c){const d=qi(c);n[d]||(rD(i,c),n[d]=!0)}return O.isArray(e)?e.forEach(s):s(e),this}}Ht.accessor(["Content-Type","Content-Length","Accept","Accept-Encoding","User-Agent","Authorization"]);O.reduceDescriptors(Ht.prototype,({value:r},e)=>{let t=e[0].toUpperCase()+e.slice(1);return{get:()=>r,set(n){this[t]=n}}});O.freezeMethods(Ht);function Bu(r,e){const t=this||Ea,n=e||t,i=Ht.from(n.headers);let s=n.data;return O.forEach(r,function(d){s=d.call(t,s,i.normalize(),e?e.status:void 0)}),i.normalize(),s}function lw(r){return!!(r&&r.__CANCEL__)}function Ci(r,e,t){ue.call(this,r??"canceled",ue.ERR_CANCELED,e,t),this.name="CanceledError"}O.inherits(Ci,ue,{__CANCEL__:!0});function uw(r,e,t){const n=t.config.validateStatus;!t.status||!n||n(t.status)?r(t):e(new ue("Request failed with status code "+t.status,[ue.ERR_BAD_REQUEST,ue.ERR_BAD_RESPONSE][Math.floor(t.status/100)-4],t.config,t.request,t))}function oD(r){const e=/^([-+\w]{1,25})(:?\/\/|:)/.exec(r);return e&&e[1]||""}function iD(r,e){r=r||10;const t=new Array(r),n=new Array(r);let i=0,s=0,c;return e=e!==void 0?e:1e3,function(f){const g=Date.now(),p=n[s];c||(c=g),t[i]=f,n[i]=g;let w=s,C=0;for(;w!==i;)C+=t[w++],w=w%r;if(i=(i+1)%r,i===s&&(s=(s+1)%r),g-c<e)return;const S=p&&g-p;return S?Math.round(C*1e3/S):void 0}}function aD(r,e){let t=0,n=1e3/e,i,s;const c=(g,p=Date.now())=>{t=p,i=null,s&&(clearTimeout(s),s=null),r.apply(null,g)};return[(...g)=>{const p=Date.now(),w=p-t;w>=n?c(g,p):(i=g,s||(s=setTimeout(()=>{s=null,c(i)},n-w)))},()=>i&&c(i)]}const gc=(r,e,t=3)=>{let n=0;const i=iD(50,250);return aD(s=>{const c=s.loaded,d=s.lengthComputable?s.total:void 0,f=c-n,g=i(f),p=c<=d;n=c;const w={loaded:c,total:d,progress:d?c/d:void 0,bytes:f,rate:g||void 0,estimated:g&&d&&p?(d-c)/g:void 0,event:s,lengthComputable:d!=null,[e?"download":"upload"]:!0};r(w)},t)},yp=(r,e)=>{const t=r!=null;return[n=>e[0]({lengthComputable:t,total:r,loaded:n}),e[1]]},Cp=r=>(...e)=>O.asap(()=>r(...e)),sD=At.hasStandardBrowserEnv?((r,e)=>t=>(t=new URL(t,At.origin),r.protocol===t.protocol&&r.host===t.host&&(e||r.port===t.port)))(new URL(At.origin),At.navigator&&/(msie|trident)/i.test(At.navigator.userAgent)):()=>!0,cD=At.hasStandardBrowserEnv?{write(r,e,t,n,i,s){const c=[r+"="+encodeURIComponent(e)];O.isNumber(t)&&c.push("expires="+new Date(t).toGMTString()),O.isString(n)&&c.push("path="+n),O.isString(i)&&c.push("domain="+i),s===!0&&c.push("secure"),document.cookie=c.join("; ")},read(r){const e=document.cookie.match(new RegExp("(^|;\\s*)("+r+")=([^;]*)"));return e?decodeURIComponent(e[3]):null},remove(r){this.write(r,"",Date.now()-864e5)}}:{write(){},read(){return null},remove(){}};function lD(r){return/^([a-z][a-z\d+\-.]*:)?\/\//i.test(r)}function uD(r,e){return e?r.replace(/\/?\/$/,"")+"/"+e.replace(/^\/+/,""):r}function dw(r,e){return r&&!lD(e)?uD(r,e):e}const wp=r=>r instanceof Ht?{...r}:r;function Co(r,e){e=e||{};const t={};function n(g,p,w,C){return O.isPlainObject(g)&&O.isPlainObject(p)?O.merge.call({caseless:C},g,p):O.isPlainObject(p)?O.merge({},p):O.isArray(p)?p.slice():p}function i(g,p,w,C){if(O.isUndefined(p)){if(!O.isUndefined(g))return n(void 0,g,w,C)}else return n(g,p,w,C)}function s(g,p){if(!O.isUndefined(p))return n(void 0,p)}function c(g,p){if(O.isUndefined(p)){if(!O.isUndefined(g))return n(void 0,g)}else return n(void 0,p)}function d(g,p,w){if(w in e)return n(g,p);if(w in r)return n(void 0,g)}const f={url:s,method:s,data:s,baseURL:c,transformRequest:c,transformResponse:c,paramsSerializer:c,timeout:c,timeoutMessage:c,withCredentials:c,withXSRFToken:c,adapter:c,responseType:c,xsrfCookieName:c,xsrfHeaderName:c,onUploadProgress:c,onDownloadProgress:c,decompress:c,maxContentLength:c,maxBodyLength:c,beforeRedirect:c,transport:c,httpAgent:c,httpsAgent:c,cancelToken:c,socketPath:c,responseEncoding:c,validateStatus:d,headers:(g,p,w)=>i(wp(g),wp(p),w,!0)};return O.forEach(Object.keys(Object.assign({},r,e)),function(p){const w=f[p]||i,C=w(r[p],e[p],p);O.isUndefined(C)&&w!==d||(t[p]=C)}),t}const hw=r=>{const e=Co({},r);let{data:t,withXSRFToken:n,xsrfHeaderName:i,xsrfCookieName:s,headers:c,auth:d}=e;e.headers=c=Ht.from(c),e.url=aw(dw(e.baseURL,e.url),r.params,r.paramsSerializer),d&&c.set("Authorization","Basic "+btoa((d.username||"")+":"+(d.password?unescape(encodeURIComponent(d.password)):"")));let f;if(O.isFormData(t)){if(At.hasStandardBrowserEnv||At.hasStandardBrowserWebWorkerEnv)c.setContentType(void 0);else if((f=c.getContentType())!==!1){const[g,...p]=f?f.split(";").map(w=>w.trim()).filter(Boolean):[];c.setContentType([g||"multipart/form-data",...p].join("; "))}}if(At.hasStandardBrowserEnv&&(n&&O.isFunction(n)&&(n=n(e)),n||n!==!1&&sD(e.url))){const g=i&&s&&cD.read(s);g&&c.set(i,g)}return e},dD=typeof XMLHttpRequest<"u",hD=dD&&function(r){return new Promise(function(t,n){const i=hw(r);let s=i.data;const c=Ht.from(i.headers).normalize();let{responseType:d,onUploadProgress:f,onDownloadProgress:g}=i,p,w,C,S,T;function b(){S&&S(),T&&T(),i.cancelToken&&i.cancelToken.unsubscribe(p),i.signal&&i.signal.removeEventListener("abort",p)}let N=new XMLHttpRequest;N.open(i.method.toUpperCase(),i.url,!0),N.timeout=i.timeout;function K(){if(!N)return;const V=Ht.from("getAllResponseHeaders"in N&&N.getAllResponseHeaders()),Q={data:!d||d==="text"||d==="json"?N.responseText:N.response,status:N.status,statusText:N.statusText,headers:V,config:r,request:N};uw(function(W){t(W),b()},function(W){n(W),b()},Q),N=null}"onloadend"in N?N.onloadend=K:N.onreadystatechange=function(){!N||N.readyState!==4||N.status===0&&!(N.responseURL&&N.responseURL.indexOf("file:")===0)||setTimeout(K)},N.onabort=function(){N&&(n(new ue("Request aborted",ue.ECONNABORTED,r,N)),N=null)},N.onerror=function(){n(new ue("Network Error",ue.ERR_NETWORK,r,N)),N=null},N.ontimeout=function(){let z=i.timeout?"timeout of "+i.timeout+"ms exceeded":"timeout exceeded";const Q=i.transitional||sw;i.timeoutErrorMessage&&(z=i.timeoutErrorMessage),n(new ue(z,Q.clarifyTimeoutError?ue.ETIMEDOUT:ue.ECONNABORTED,r,N)),N=null},s===void 0&&c.setContentType(null),"setRequestHeader"in N&&O.forEach(c.toJSON(),function(z,Q){N.setRequestHeader(Q,z)}),O.isUndefined(i.withCredentials)||(N.withCredentials=!!i.withCredentials),d&&d!=="json"&&(N.responseType=i.responseType),g&&([C,T]=gc(g,!0),N.addEventListener("progress",C)),f&&N.upload&&([w,S]=gc(f),N.upload.addEventListener("progress",w),N.upload.addEventListener("loadend",S)),(i.cancelToken||i.signal)&&(p=V=>{N&&(n(!V||V.type?new Ci(null,r,N):V),N.abort(),N=null)},i.cancelToken&&i.cancelToken.subscribe(p),i.signal&&(i.signal.aborted?p():i.signal.addEventListener("abort",p)));const H=oD(i.url);if(H&&At.protocols.indexOf(H)===-1){n(new ue("Unsupported protocol "+H+":",ue.ERR_BAD_REQUEST,r));return}N.send(s||null)})},fD=(r,e)=>{const{length:t}=r=r?r.filter(Boolean):[];if(e||t){let n=new AbortController,i;const s=function(g){if(!i){i=!0,d();const p=g instanceof Error?g:this.reason;n.abort(p instanceof ue?p:new Ci(p instanceof Error?p.message:p))}};let c=e&&setTimeout(()=>{c=null,s(new ue(`timeout ${e} of ms exceeded`,ue.ETIMEDOUT))},e);const d=()=>{r&&(c&&clearTimeout(c),c=null,r.forEach(g=>{g.unsubscribe?g.unsubscribe(s):g.removeEventListener("abort",s)}),r=null)};r.forEach(g=>g.addEventListener("abort",s));const{signal:f}=n;return f.unsubscribe=()=>O.asap(d),f}},gD=function*(r,e){let t=r.byteLength;if(t<e){yield r;return}let n=0,i;for(;n<t;)i=n+e,yield r.slice(n,i),n=i},mD=async function*(r,e){for await(const t of pD(r))yield*gD(t,e)},pD=async function*(r){if(r[Symbol.asyncIterator]){yield*r;return}const e=r.getReader();try{for(;;){const{done:t,value:n}=await e.read();if(t)break;yield n}}finally{await e.cancel()}},_p=(r,e,t,n)=>{const i=mD(r,e);let s=0,c,d=f=>{c||(c=!0,n&&n(f))};return new ReadableStream({async pull(f){try{const{done:g,value:p}=await i.next();if(g){d(),f.close();return}let w=p.byteLength;if(t){let C=s+=w;t(C)}f.enqueue(new Uint8Array(p))}catch(g){throw d(g),g}},cancel(f){return d(f),i.return()}},{highWaterMark:2})},$c=typeof fetch=="function"&&typeof Request=="function"&&typeof Response=="function",fw=$c&&typeof ReadableStream=="function",vD=$c&&(typeof TextEncoder=="function"?(r=>e=>r.encode(e))(new TextEncoder):async r=>new Uint8Array(await new Response(r).arrayBuffer())),gw=(r,...e)=>{try{return!!r(...e)}catch{return!1}},yD=fw&&gw(()=>{let r=!1;const e=new Request(At.origin,{body:new ReadableStream,method:"POST",get duplex(){return r=!0,"half"}}).headers.has("Content-Type");return r&&!e}),Tp=64*1024,Ad=fw&&gw(()=>O.isReadableStream(new Response("").body)),mc={stream:Ad&&(r=>r.body)};$c&&(r=>{["text","arrayBuffer","blob","formData","stream"].forEach(e=>{!mc[e]&&(mc[e]=O.isFunction(r[e])?t=>t[e]():(t,n)=>{throw new ue(`Response type '${e}' is not supported`,ue.ERR_NOT_SUPPORT,n)})})})(new Response);const CD=async r=>{if(r==null)return 0;if(O.isBlob(r))return r.size;if(O.isSpecCompliantForm(r))return(await new Request(At.origin,{method:"POST",body:r}).arrayBuffer()).byteLength;if(O.isArrayBufferView(r)||O.isArrayBuffer(r))return r.byteLength;if(O.isURLSearchParams(r)&&(r=r+""),O.isString(r))return(await vD(r)).byteLength},wD=async(r,e)=>{const t=O.toFiniteNumber(r.getContentLength());return t??CD(e)},_D=$c&&(async r=>{let{url:e,method:t,data:n,signal:i,cancelToken:s,timeout:c,onDownloadProgress:d,onUploadProgress:f,responseType:g,headers:p,withCredentials:w="same-origin",fetchOptions:C}=hw(r);g=g?(g+"").toLowerCase():"text";let S=fD([i,s&&s.toAbortSignal()],c),T;const b=S&&S.unsubscribe&&(()=>{S.unsubscribe()});let N;try{if(f&&yD&&t!=="get"&&t!=="head"&&(N=await wD(p,n))!==0){let Q=new Request(e,{method:"POST",body:n,duplex:"half"}),we;if(O.isFormData(n)&&(we=Q.headers.get("content-type"))&&p.setContentType(we),Q.body){const[W,et]=yp(N,gc(Cp(f)));n=_p(Q.body,Tp,W,et)}}O.isString(w)||(w=w?"include":"omit");const K="credentials"in Request.prototype;T=new Request(e,{...C,signal:S,method:t.toUpperCase(),headers:p.normalize().toJSON(),body:n,duplex:"half",credentials:K?w:void 0});let H=await fetch(T);const V=Ad&&(g==="stream"||g==="response");if(Ad&&(d||V&&b)){const Q={};["status","statusText","headers"].forEach(_e=>{Q[_e]=H[_e]});const we=O.toFiniteNumber(H.headers.get("content-length")),[W,et]=d&&yp(we,gc(Cp(d),!0))||[];H=new Response(_p(H.body,Tp,W,()=>{et&&et(),b&&b()}),Q)}g=g||"text";let z=await mc[O.findKey(mc,g)||"text"](H,r);return!V&&b&&b(),await new Promise((Q,we)=>{uw(Q,we,{data:z,headers:Ht.from(H.headers),status:H.status,statusText:H.statusText,config:r,request:T})})}catch(K){throw b&&b(),K&&K.name==="TypeError"&&/fetch/i.test(K.message)?Object.assign(new ue("Network Error",ue.ERR_NETWORK,r,T),{cause:K.cause||K}):ue.from(K,K&&K.code,r,T)}}),Id={http:L1,xhr:hD,fetch:_D};O.forEach(Id,(r,e)=>{if(r){try{Object.defineProperty(r,"name",{value:e})}catch{}Object.defineProperty(r,"adapterName",{value:e})}});const Ep=r=>`- ${r}`,TD=r=>O.isFunction(r)||r===null||r===!1,mw={getAdapter:r=>{r=O.isArray(r)?r:[r];const{length:e}=r;let t,n;const i={};for(let s=0;s<e;s++){t=r[s];let c;if(n=t,!TD(t)&&(n=Id[(c=String(t)).toLowerCase()],n===void 0))throw new ue(`Unknown adapter '${c}'`);if(n)break;i[c||"#"+s]=n}if(!n){const s=Object.entries(i).map(([d,f])=>`adapter ${d} `+(f===!1?"is not supported by the environment":"is not available in the build"));let c=e?s.length>1?`since :
 `+s.map(Ep).join(`

package/dist/jplan-pack.es.js CHANGED Viewed

@@ -14822,7 +14822,7 @@ function _C() {
     setJToken: r
   };
 }
-const nD = "https://app-files.jplan.com.br/pub/msal-auth/index.html", jr = se(null);
+const nD = () => process.env.JPLAN_WEBAPP__URL_AUTH || "http://localhost:5174", jr = se(null);
 function CC() {
   const { setJToken: r } = _C(), e = Qt(() => !!jr.value), t = Qt(() => jr.value);
   async function n() {
@@ -14831,7 +14831,7 @@ function CC() {
   const o = async () => new Promise((u, h) => {
     try {
       localStorage.clear();
-      const f = window.open(nD);
+      const f = window.open(nD());
       if (!f) {
         console.error("Falha ao abrir a janela de autenticação"), h("Falha ao abrir a janela de autenticação");
         return;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "jplan-pack",
-  "version": "0.5.75",
+  "version": "0.5.77",
   "main": "./dist/jplan-pack.cjs.js",
   "module": "./dist/jplan-pack.es.js",
   "types": "dist/types/index.d.ts",
@@ -60,6 +60,7 @@
     "@storybook/vue3-vite": "^8.6.0",
     "@types/jest": "^29.5.14",
     "@types/lodash": "^4.17.15",
+    "@types/node": "^22.13.10",
     "autoprefixer": "^10.4.21",
     "jest": "^29.7.0",
     "rimraf": "^5.0.1",