npm - react-native-msal2 - Versions diffs - 1.0.14 → 1.0.15 - Mend

react-native-msal2 1.0.14 → 1.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/android/build.gradle +19 -17
package/android/src/main/java/com/reactnativemsal/RNMSALModule.kt +95 -6
package/dist/index.js +7 -0
package/dist/index.js.map +2 -2
package/dist/src/publicClientApplication.d.ts +2 -1
package/dist/src/types.d.ts +14 -0
package/package.json +1 -1
package/src/publicClientApplication.ts +10 -0
package/src/types.ts +16 -0

package/android/build.gradle CHANGED Viewed

@@ -2,33 +2,35 @@ apply plugin: "com.android.library"
 apply plugin: "org.jetbrains.kotlin.android"
 def safeExtGet(prop, fallback) {
-  rootProject.ext.has(prop) ? rootProject.ext.get(prop) : fallback
+    rootProject.ext.has(prop) ? rootProject.ext.get(prop) : fallback
 }
 android {
-  namespace "com.reactnativemsal"
+    namespace "com.reactnativemsal"
-  compileSdkVersion safeExtGet("compileSdkVersion", 34)
+    compileSdkVersion safeExtGet("compileSdkVersion", 34)
-  defaultConfig {
-    minSdkVersion safeExtGet("minSdkVersion", 21)
-    targetSdkVersion safeExtGet("targetSdkVersion", 34)
-  }
+    defaultConfig {
+        minSdkVersion safeExtGet("minSdkVersion", 21)
+        targetSdkVersion safeExtGet("targetSdkVersion", 34)
+    }
-  compileOptions {
-    sourceCompatibility JavaVersion.VERSION_1_8
-    targetCompatibility JavaVersion.VERSION_1_8
-  }
+    compileOptions {
+        sourceCompatibility JavaVersion.VERSION_1_8
+        targetCompatibility JavaVersion.VERSION_1_8
+    }
 }
 repositories {
-  google()
-  mavenCentral()
+    google()
+    mavenCentral()
 }
 dependencies {
-  //noinspection UseTomlInstead
-  compileOnly "com.facebook.react:react-android"
-  //noinspection UseTomlInstead
-  implementation "com.microsoft.identity.client:msal:8.2.1"
+    //noinspection UseTomlInstead
+    implementation "androidx.browser:browser:1.9.0"
+    //noinspection UseTomlInstead
+    compileOnly "com.facebook.react:react-android"
+    //noinspection UseTomlInstead
+    implementation "com.microsoft.identity.client:msal:8.2.3"
 }

package/android/src/main/java/com/reactnativemsal/RNMSALModule.kt CHANGED Viewed

@@ -1,9 +1,13 @@
 package com.reactnativemsal
+import android.content.Intent
+import android.content.pm.PackageInfo
 import android.content.pm.PackageManager
 import android.net.Uri
+import android.os.Build
 import android.util.Base64
 import android.util.Log
+import androidx.browser.customtabs.CustomTabsService
 import com.facebook.react.bridge.Arguments.createArray
 import com.facebook.react.bridge.Arguments.createMap
 import com.facebook.react.bridge.Arguments.fromArray
@@ -27,6 +31,8 @@ import com.microsoft.identity.client.Prompt
 import com.microsoft.identity.client.PublicClientApplication
 import com.microsoft.identity.client.SilentAuthenticationCallback
 import com.microsoft.identity.client.exception.MsalException
+import com.microsoft.identity.common.internal.broker.PackageHelper
+import com.microsoft.identity.common.internal.ui.browser.AndroidBrowserSelector
 import org.json.JSONArray
 import org.json.JSONException
 import org.json.JSONObject
@@ -36,7 +42,6 @@ import java.security.MessageDigest
 import java.util.AbstractMap
 import java.util.regex.Matcher
 import java.util.regex.Pattern
-import com.microsoft.identity.common.internal.ui.browser.AndroidBrowserSelector
 class RNMSALModule(reactContext: ReactApplicationContext?) :
     ReactContextBaseJavaModule(reactContext) {
@@ -127,12 +132,96 @@ class RNMSALModule(reactContext: ReactApplicationContext?) :
     @ReactMethod
     fun getSelectedBrowser(promise: Promise) {
-        publicClientApplication?.configuration?.browserSafeList?.let {
-            AndroidBrowserSelector(reactApplicationContext).selectBrowser(it, null)?.let { browser ->
-            promise.resolve("${browser.packageName} ${browser.version} ${if (browser.isCustomTabsServiceSupported) "CustomTab" else "NoCustomTab"}")
+        val safeList = publicClientApplication?.configuration?.browserSafeList
+        val browser = if (!safeList.isNullOrEmpty()) {
+            AndroidBrowserSelector(reactApplicationContext).selectBrowser(safeList, null)
+        } else null
+        //if (browser == null) {
+        val result = browser?.let {
+            "${it.packageName} ${it.version} ${it.signatureHashes} (${if (it.isCustomTabsServiceSupported) "CustomTab" else "NoCustomTab"})"
+        } ?: "Unknown"
+        promise.resolve(result)
+    }
+    @ReactMethod
+    fun getSafeCustomTabsBrowsers(promise: Promise) {
+        try {
+            val safeList = publicClientApplication?.configuration?.browserSafeList
+            if (safeList.isNullOrEmpty()) {
+                promise.resolve(createArray())
+                return
+            }
+            val pm = reactApplicationContext.packageManager
+            val customTabsIntent = Intent(CustomTabsService.ACTION_CUSTOM_TABS_CONNECTION)
+            val servicePackages = pm.queryIntentServices(customTabsIntent, 0)
+                .mapNotNull { it.serviceInfo?.packageName }
+                .distinct()
+                .sorted()
+            val safeEntriesByPackage = safeList.groupBy { it.packageName }
+            val result = createArray()
+            for (packageName in servicePackages) {
+                val safeEntries = safeEntriesByPackage[packageName].orEmpty()
+                if (safeEntries.isEmpty()) {
+                    continue
+                }
+                val packageInfo = getPackageInfoCompat(pm, packageName) ?: continue
+                val version = packageInfo.versionName
+                    ?: if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+                        packageInfo.longVersionCode.toString()
+                    } else {
+                        @Suppress("DEPRECATION")
+                        packageInfo.versionCode.toString()
+                    }
+                val installedSignatures = PackageHelper.generateSignatureHashes(packageInfo)
+                val matchingSignature = installedSignatures.firstOrNull { installed ->
+                    safeEntries.any { safeEntry ->
+                        safeEntry.signatureHashes.any { safeHash ->
+                            safeHash.equals(installed, ignoreCase = false)
+                        }
+                    }
+                } ?: continue
+                val signatures = createArray()
+                signatures.pushString(matchingSignature)
+                val item = createMap().apply {
+                    putString("browser_package_name", packageName)
+                    putString("browser_version_lower_bound", version)
+                    putArray("browser_signature_hashes", signatures)
+                }
+                result.pushMap(item)
+            }
+            promise.resolve(result)
+        } catch (e: Exception) {
+            promise.reject("GET_SAFE_CUSTOM_TABS_BROWSERS_FAILED", e)
+        }
+    }
+    private fun getPackageInfoCompat(pm: PackageManager, packageName: String): PackageInfo? {
+        return try {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
+                pm.getPackageInfo(
+                    packageName,
+                    PackageManager.PackageInfoFlags.of(PackageManager.GET_SIGNING_CERTIFICATES.toLong())
+                )
+            } else {
+                @Suppress("DEPRECATION")
+                pm.getPackageInfo(packageName, PackageManager.GET_SIGNATURES)
             }
+        } catch (_: Exception) {
+            null
         }
-        promise.resolve ("Unknown")
     }
     @Throws(JSONException::class, IllegalArgumentException::class)
@@ -517,6 +606,6 @@ class RNMSALModule(reactContext: ReactApplicationContext?) :
         private val aadAuthorityPattern: Pattern =
             Pattern.compile("https://login\\.microsoftonline\\.com/([^/]+)")
-        private val b2cAuthorityPattern: Pattern = Pattern.compile("https://([^/]+)/([^/]+)/.+")
+        private val b2cAuthorityPattern: Pattern = Pattern.compile("https://([^/]+)(/\S*)?")
     }
 }

package/dist/index.js CHANGED Viewed

@@ -48,6 +48,13 @@ var PublicClientApplication = class {
       default: async () => "N/A"
     })();
   }
+  async getSafeCustomTabsBrowsers() {
+    this.validateIsInitialized();
+    return await Platform.select({
+      android: async () => [await RNMSAL.getSafeCustomTabsBrowsers()],
+      default: async () => []
+    })();
+  }
   validateIsInitialized() {
     if (!this.isInitialized) {
       throw new Error(

package/dist/index.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../src/publicClientApplication.ts", "../src/types.ts", "../index.tsx"],
-  "sourcesContent": ["import { Platform } from 'react-native'\n\nimport type {\n  MSALConfiguration,\n  MSALInteractiveParams,\n  MSALSilentParams,\n  MSALAccount,\n  MSALSignoutParams,\n  IPublicClientApplication,\n  MSALResult,\n} from './types'\n\nimport { NativeModules } from 'react-native'\n\ntype RNMSALNativeModule = {\n  createPublicClientApplication(config: MSALConfiguration): Promise<void>\n  acquireToken(params: MSALInteractiveParams): Promise<MSALResult | undefined>\n  acquireTokenSilent(params: MSALSilentParams): Promise<MSALResult | undefined>\n  getAccounts(): Promise<MSALAccount[]>\n  getAccount(accountIdentifier: string): Promise<MSALAccount | undefined>\n  removeAccount(account: MSALAccount): Promise<boolean>\n  signout(params: MSALSignoutParams): Promise<boolean>\n  getSelectedBrowser(): Promise<string>\n}\n\nconst RNMSAL: RNMSALNativeModule = NativeModules.RNMSAL\n\n// export default RNMSAL\n\nexport class PublicClientApplication implements IPublicClientApplication {\n  private isInitialized: boolean = false\n\n  constructor(private readonly config: MSALConfiguration) {}\n\n  public async init() {\n    if (!this.isInitialized) {\n      await RNMSAL.createPublicClientApplication(this.config)\n      this.isInitialized = true\n    }\n    return this\n  }\n\n  public async acquireToken(params: MSALInteractiveParams) {\n    this.validateIsInitialized()\n    return await RNMSAL.acquireToken(params)\n  }\n\n  public async acquireTokenSilent(params: MSALSilentParams) {\n    this.validateIsInitialized()\n    return await RNMSAL.acquireTokenSilent(params)\n  }\n\n  public async getAccounts() {\n    this.validateIsInitialized()\n    return await RNMSAL.getAccounts()\n  }\n\n  public async getAccount(accountIdentifier: string) {\n    this.validateIsInitialized()\n    return await RNMSAL.getAccount(accountIdentifier)\n  }\n\n  public async removeAccount(account: MSALAccount) {\n    this.validateIsInitialized()\n    return await RNMSAL.removeAccount(account)\n  }\n\n  public async signOut(params: MSALSignoutParams) {\n    this.validateIsInitialized()\n    return await Platform.select({\n      ios: async () => await RNMSAL.signout(params),\n      default: async () => await RNMSAL.removeAccount(params.account),\n    })()\n  }\n\n  public async getSelectedBrowser() {\n    this.validateIsInitialized()\n    return await Platform.select({\n      android: async () => await RNMSAL.getSelectedBrowser(),\n      default: async () => 'N/A',\n    })()\n  }\n\n  private validateIsInitialized() {\n    if (!this.isInitialized) {\n      throw new Error(\n        'PublicClientApplication is not initialized. You must call the `init` method before any other method.',\n      )\n    }\n  }\n}\n", "export interface IPublicClientApplication {\n  /**\n   * Acquire a token interactively\n   * @param {MSALInteractiveParams} params\n   * @return Result containing an access token and account identifier\n   * used for acquiring subsequent tokens silently\n   */\n  acquireToken(params: MSALInteractiveParams): Promise<MSALResult | undefined>\n\n  /**\n   * Acquire a token silently\n   * @param {MSALSilentParams} params - Includes the account identifer retrieved from a\n   * previous interactive login\n   * @return Result containing an access token and account identifier\n   * used for acquiring subsequent tokens silently\n   */\n  acquireTokenSilent(params: MSALSilentParams): Promise<MSALResult | undefined>\n\n  /**\n   * Get all accounts for which this application has refresh tokens\n   * @return Promise containing array of MSALAccount objects for which this application\n   * has refresh tokens.\n   */\n  getAccounts(): Promise<MSALAccount[]>\n\n  /**\n   * Retrieve the account matching the identifier\n   * @return Promise containing MSALAccount object\n   */\n  getAccount(accountIdentifier: string): Promise<MSALAccount | undefined>\n\n  /**\n   * Removes all tokens from the cache for this application for the provided\n   * account.\n   * @param {MSALAccount} account\n   * @return A promise containing a boolean = true if account removal was successful\n   * otherwise rejects\n   */\n  removeAccount(account: MSALAccount): Promise<boolean>\n\n  /**\n   * Removes all tokens from the cache for this application for the provided\n   * account. Additionally, this will remove the account from the system browser.\n   * NOTE: iOS only. On Android and web this is the same as `removeAccount`.\n   * @param {MSALSignoutParams} params\n   * @return A promise which resolves if sign out is successful,\n   * otherwise rejects\n   * @platform ios\n   */\n  signOut(params: MSALSignoutParams): Promise<boolean>\n\n  /**\n   * Returns the browser that will be used for interactive authentication.\n   * NOTE: Android only. On iOS this will always return 'N/A'.\n   * @return Promise resolving to the package name and version of the browser that will be used\n   * for interactive authentication.\n   * @platform android\n   */\n  getSelectedBrowser(): Promise<string>\n}\n\nexport interface MSALConfiguration {\n  auth: {\n    /**\n     * The client ID of the application, this should come from the app developer portal.\n     */\n    clientId: string\n    /**\n     * The authority the application will use to obtain tokens.\n     */\n    authority?: string\n    /**\n     * List of known authorities that the application should trust.\n     */\n    knownAuthorities?: string[]\n    /**\n     * The redirect URI of the application.\n     *\n     * If you are providing this property, you should probably use `Platform.select`,\n     * because the redirect uris will be different for each platform.\n     */\n    redirectUri?: string\n  }\n  /**\n   * Options as described here: {@link https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-configuration}\n   * @platform android\n   */\n  androidConfigOptions?: MSALAndroidConfigOptions\n}\n\nexport interface MSALAndroidConfigOptions {\n  authorization_user_agent?: 'DEFAULT' | 'BROWSER' | 'WEBVIEW'\n  broker_redirect_uri_registered?: boolean\n  browser_safelist?: {\n    browser_package_name: string\n    browser_signature_hashes: string[]\n    browser_use_customTab: boolean\n  }[]\n  http?: {\n    connect_timeout?: number\n    read_timeout?: number\n  }\n  logging?: {\n    pii_enabled?: boolean\n    log_level?: 'ERROR' | 'WARNING' | 'INFO' | 'VERBOSE'\n    logcat_enabled?: boolean\n  }\n  multiple_clouds_supported?: boolean\n}\n\nexport interface MSALInteractiveParams {\n  /**\n   * Permissions you want included in the access token received in the result.\n   * Not all scopes are guaranteed to be included in the access token returned.\n   */\n  scopes: string[]\n  /**\n   * The authority that MSAL will use to obtain tokens. If not included, authority from\n   * MSALConfiguration will be used.\n   */\n  authority?: string\n  /**\n   * A specific prompt type for the interactive authentication flow.\n   */\n  promptType?: MSALPromptType\n  /**\n   * A loginHint (usually an email) to pass to the service at the beginning of the\n   * interactive authentication flow. The account returned is not guaranteed to match\n   * the loginHint.\n   */\n  loginHint?: string\n  /**\n   * Key-value pairs to pass to the /authorize and /token endpoints.\n   */\n  extraQueryParameters?: Record<string, string>\n  /**\n   * Permissions you want the account to consent to in the same authentication flow,\n   * but won\u2019t be included in the returned access token.\n   */\n  extraScopesToConsent?: string[]\n  /**\n   * User Interface configuration that MSAL uses when getting a token interactively or\n   * authorizing an end user.\n   */\n  webviewParameters?: MSALWebviewParams\n}\n\n/**\n * OIDC prompt parameter that specifies whether the Authorization Server prompts the\n * End-User for reauthentication and consent.\n */\nexport enum MSALPromptType {\n  /**\n   * If no user is specified the authentication webview will present a list of users\n   * currently signed in for the user to select among.\n   */\n  SELECT_ACCOUNT,\n  /**\n   * Require the user to authenticate in the webview.\n   */\n  LOGIN,\n  /**\n   * Require the user to consent to the current set of scopes for the request.\n   */\n  CONSENT,\n  /**\n   * The SSO experience will be determined by the presence of cookies in the webview and\n   * account type. User won\u2019t be prompted unless necessary. If multiple users are signed in,\n   * select account experience will be presented.\n   */\n  WHEN_REQUIRED,\n  /**\n   * Default is MSALPromptType.WHEN_REQUIRED.\n   */\n  DEFAULT = WHEN_REQUIRED,\n}\n\nexport interface MSALSilentParams {\n  /**\n   * Permissions you want included in the access token received in the result.\n   * Not all scopes are guaranteed to be included in the access token returned.\n   */\n  scopes: string[]\n  /**\n   * An account object for which tokens should be returned.\n   */\n  account: MSALAccount\n  /**\n   * The authority that MSAL will use to obtain tokens. If not included, authority from\n   * MSALConfiguration will be used.\n   */\n  authority?: string\n  /**\n   * Ignore any existing access token in the cache and force MSAL to get a new access token\n   * from the service.\n   */\n  forceRefresh?: boolean\n}\n\nexport interface MSALSignoutParams {\n  /**\n   * The account object for which to sign out of.\n   */\n  account: MSALAccount\n  /**\n   * Specifies whether signout should also open the browser and send a network request to the end_session_endpoint.\n   * false by default.\n   */\n  signoutFromBrowser?: boolean\n  /**\n   * User Interface configuration that MSAL uses when getting a token interactively or\n   * authorizing an end user.\n   */\n  webviewParameters?: MSALWebviewParams\n}\n\nexport interface MSALResult {\n  /**\n   * The Access Token requested, or empty string if no access token is returned in response\n   */\n  accessToken: string\n  /**\n   * The account object that holds account information.\n   */\n  account: MSALAccount\n  /**\n   * The time that the access token returned in the accessToken property ceases to be valid.\n   * This value is calculated based on current UTC time measured locally and the value expiresIn returned from the service\n   */\n  expiresOn: number\n  /**\n   * The raw id token if it\u2019s returned by the service or undefined if no id token is returned.\n   */\n  idToken?: string\n  /**\n   * The scope values returned from the service.\n   */\n  scopes: string[]\n  /**\n   * Identifier for the directory where account is locally represented\n   */\n  tenantId?: string\n}\n\nexport interface MSALAccount {\n  /**\n   * Unique identifier for the account.\n   */\n  identifier: string\n  /**\n   * Host part of the authority string used for authentication based on the issuer identifier.\n   */\n  environment?: string\n  /**\n   * An identifier for the AAD tenant that the account was acquired from.\n   */\n  tenantId: string\n  /**\n   * Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe.\n   */\n  username: string\n  /**\n   * ID token claims for the account. Can be used to read additional information about the account, e.g. name.\n   */\n  claims?: object\n}\n\n/**\n * Mostly, if not all, iOS webview parameters\n * See https://azuread.github.io/microsoft-authentication-library-for-objc/Classes/MSALWebviewParameters.html\n */\nexport interface MSALWebviewParams {\n  /**\n   * A Boolean value that indicates whether the ASWebAuthenticationSession should ask the\n   * browser for a private authentication session.\n   * For more info see here: https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/3237231-prefersephemeralwebbrowsersessio?language=objc\n   * @platform iOS 13+\n   */\n  ios_prefersEphemeralWebBrowserSession?: boolean\n  /**\n   * MSAL requires a web browser for interactive authentication.\n   * There are multiple web browsers available to complete authentication.\n   * MSAL will default to the web browser that provides best security and user experience for a given platform.\n   * Ios_MSALWebviewType allows changing the experience by customizing the configuration to other options for\n   * displaying web content\n   * @platform iOS\n   */\n  ios_webviewType?: Ios_MSALWebviewType\n  /**\n   * Note: Has no effect when ios_webviewType === `Ios_MSALWebviewType.DEFAULT` or\n   * ios_webviewType === `Ios_MSALWebviewType.AUTHENTICATION_SESSION`\n   * @platform iOS\n   */\n  ios_presentationStyle?: Ios_ModalPresentationStyle\n}\n\n/**\n * See https://developer.apple.com/documentation/uikit/uimodalpresentationstyle\n */\nexport enum Ios_ModalPresentationStyle {\n  fullScreen = 0,\n  pageSheet,\n  formSheet,\n  currentContext,\n  custom,\n  overFullScreen,\n  overCurrentContext,\n  popover,\n  blurOverFullScreen,\n  none = -1,\n  automatic = -2,\n}\n\n/**\n * See https://azuread.github.io/microsoft-authentication-library-for-objc/Enums/MSALWebviewType.html\n */\nexport enum Ios_MSALWebviewType {\n  DEFAULT = 0,\n  AUTHENTICATION_SESSION,\n  SAFARI_VIEW_CONTROLLER,\n  WK_WEB_VIEW,\n}\n", "import { PublicClientApplication } from './src/publicClientApplication'\nexport default PublicClientApplication\nexport * from './src/types'\n"],
-  "mappings": ";AAAA,SAAS,gBAAgB;AAYzB,SAAS,qBAAqB;AAa9B,IAAM,SAA6B,cAAc;AAI1C,IAAM,0BAAN,MAAkE;AAAA,EAGvE,YAA6B,QAA2B;AAA3B;AAAA,EAA4B;AAAA,EAFjD,gBAAyB;AAAA,EAIjC,MAAa,OAAO;AAClB,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,OAAO,8BAA8B,KAAK,MAAM;AACtD,WAAK,gBAAgB;AAAA,IACvB;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAA+B;AACvD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,aAAa,MAAM;AAAA,EACzC;AAAA,EAEA,MAAa,mBAAmB,QAA0B;AACxD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,mBAAmB,MAAM;AAAA,EAC/C;AAAA,EAEA,MAAa,cAAc;AACzB,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,YAAY;AAAA,EAClC;AAAA,EAEA,MAAa,WAAW,mBAA2B;AACjD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,WAAW,iBAAiB;AAAA,EAClD;AAAA,EAEA,MAAa,cAAc,SAAsB;AAC/C,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,cAAc,OAAO;AAAA,EAC3C;AAAA,EAEA,MAAa,QAAQ,QAA2B;AAC9C,SAAK,sBAAsB;AAC3B,WAAO,MAAM,SAAS,OAAO;AAAA,MAC3B,KAAK,YAAY,MAAM,OAAO,QAAQ,MAAM;AAAA,MAC5C,SAAS,YAAY,MAAM,OAAO,cAAc,OAAO,OAAO;AAAA,IAChE,CAAC,EAAE;AAAA,EACL;AAAA,EAEA,MAAa,qBAAqB;AAChC,SAAK,sBAAsB;AAC3B,WAAO,MAAM,SAAS,OAAO;AAAA,MAC3B,SAAS,YAAY,MAAM,OAAO,mBAAmB;AAAA,MACrD,SAAS,YAAY;AAAA,IACvB,CAAC,EAAE;AAAA,EACL;AAAA,EAEQ,wBAAwB;AAC9B,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;;;AC6DO,IAAK,iBAAL,kBAAKA,oBAAL;AAKL,EAAAA,gCAAA;AAIA,EAAAA,gCAAA;AAIA,EAAAA,gCAAA;AAMA,EAAAA,gCAAA;AAIA,EAAAA,gCAAA,aAAU,yBAAV;AAvBU,SAAAA;AAAA,GAAA;AAoJL,IAAK,6BAAL,kBAAKC,gCAAL;AACL,EAAAA,wDAAA,gBAAa,KAAb;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA,UAAO,MAAP;AACA,EAAAA,wDAAA,eAAY,MAAZ;AAXU,SAAAA;AAAA,GAAA;AAiBL,IAAK,sBAAL,kBAAKC,yBAAL;AACL,EAAAA,0CAAA,aAAU,KAAV;AACA,EAAAA,0CAAA;AACA,EAAAA,0CAAA;AACA,EAAAA,0CAAA;AAJU,SAAAA;AAAA,GAAA;;;AC3TZ,IAAO,6BAAQ;",
+  "sourcesContent": ["import { Platform } from 'react-native'\n\nimport type {\n  MSALConfiguration,\n  MSALInteractiveParams,\n  MSALSilentParams,\n  MSALAccount,\n  MSALSignoutParams,\n  IPublicClientApplication,\n  MSALResult,\n  MSALAndroidPreferredBrowser,\n} from './types'\n\nimport { NativeModules } from 'react-native'\n\ntype RNMSALNativeModule = {\n  createPublicClientApplication(config: MSALConfiguration): Promise<void>\n  acquireToken(params: MSALInteractiveParams): Promise<MSALResult | undefined>\n  acquireTokenSilent(params: MSALSilentParams): Promise<MSALResult | undefined>\n  getAccounts(): Promise<MSALAccount[]>\n  getAccount(accountIdentifier: string): Promise<MSALAccount | undefined>\n  removeAccount(account: MSALAccount): Promise<boolean>\n  signout(params: MSALSignoutParams): Promise<boolean>\n  getSelectedBrowser(): Promise<string>\n  getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser>\n}\n\nconst RNMSAL: RNMSALNativeModule = NativeModules.RNMSAL\n\n// export default RNMSAL\n\nexport class PublicClientApplication implements IPublicClientApplication {\n  private isInitialized: boolean = false\n\n  constructor(private readonly config: MSALConfiguration) {}\n\n  public async init() {\n    if (!this.isInitialized) {\n      await RNMSAL.createPublicClientApplication(this.config)\n      this.isInitialized = true\n    }\n    return this\n  }\n\n  public async acquireToken(params: MSALInteractiveParams) {\n    this.validateIsInitialized()\n    return await RNMSAL.acquireToken(params)\n  }\n\n  public async acquireTokenSilent(params: MSALSilentParams) {\n    this.validateIsInitialized()\n    return await RNMSAL.acquireTokenSilent(params)\n  }\n\n  public async getAccounts() {\n    this.validateIsInitialized()\n    return await RNMSAL.getAccounts()\n  }\n\n  public async getAccount(accountIdentifier: string) {\n    this.validateIsInitialized()\n    return await RNMSAL.getAccount(accountIdentifier)\n  }\n\n  public async removeAccount(account: MSALAccount) {\n    this.validateIsInitialized()\n    return await RNMSAL.removeAccount(account)\n  }\n\n  public async signOut(params: MSALSignoutParams) {\n    this.validateIsInitialized()\n    return await Platform.select({\n      ios: async () => await RNMSAL.signout(params),\n      default: async () => await RNMSAL.removeAccount(params.account),\n    })()\n  }\n\n  public async getSelectedBrowser() {\n    this.validateIsInitialized()\n    return await Platform.select({\n      android: async () => await RNMSAL.getSelectedBrowser(),\n      default: async () => 'N/A',\n    })()\n  }\n\n  async getSafeCustomTabsBrowsers() {\n    this.validateIsInitialized()\n    return await Platform.select({\n      android: async () => [await RNMSAL.getSafeCustomTabsBrowsers()],\n      default: async () => [],\n    })()\n  }\n\n  private validateIsInitialized() {\n    if (!this.isInitialized) {\n      throw new Error(\n        'PublicClientApplication is not initialized. You must call the `init` method before any other method.',\n      )\n    }\n  }\n}\n", "export interface IPublicClientApplication {\n  /**\n   * Acquire a token interactively\n   * @param {MSALInteractiveParams} params\n   * @return Result containing an access token and account identifier\n   * used for acquiring subsequent tokens silently\n   */\n  acquireToken(params: MSALInteractiveParams): Promise<MSALResult | undefined>\n\n  /**\n   * Acquire a token silently\n   * @param {MSALSilentParams} params - Includes the account identifer retrieved from a\n   * previous interactive login\n   * @return Result containing an access token and account identifier\n   * used for acquiring subsequent tokens silently\n   */\n  acquireTokenSilent(params: MSALSilentParams): Promise<MSALResult | undefined>\n\n  /**\n   * Get all accounts for which this application has refresh tokens\n   * @return Promise containing array of MSALAccount objects for which this application\n   * has refresh tokens.\n   */\n  getAccounts(): Promise<MSALAccount[]>\n\n  /**\n   * Retrieve the account matching the identifier\n   * @return Promise containing MSALAccount object\n   */\n  getAccount(accountIdentifier: string): Promise<MSALAccount | undefined>\n\n  /**\n   * Removes all tokens from the cache for this application for the provided\n   * account.\n   * @param {MSALAccount} account\n   * @return A promise containing a boolean = true if account removal was successful\n   * otherwise rejects\n   */\n  removeAccount(account: MSALAccount): Promise<boolean>\n\n  /**\n   * Removes all tokens from the cache for this application for the provided\n   * account. Additionally, this will remove the account from the system browser.\n   * NOTE: iOS only. On Android and web this is the same as `removeAccount`.\n   * @param {MSALSignoutParams} params\n   * @return A promise which resolves if sign out is successful,\n   * otherwise rejects\n   * @platform ios\n   */\n  signOut(params: MSALSignoutParams): Promise<boolean>\n\n  /**\n   * Returns the browser that will be used for interactive authentication.\n   * NOTE: Android only. On iOS this will always return 'N/A'.\n   * @return Promise resolving to the package name and version of the browser that will be used\n   * for interactive authentication.\n   * @platform android\n   */\n  getSelectedBrowser(): Promise<string>\n\n  /**\n   * Returns a array of installed browsers found in the configured safe list that support customTab.\n   * NOTE: Android only. On iOS this will always return N/A.\n   * @return Promise resolving to an array of installed browsers that support customTab\n   * @platform android\n   */\n  getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser[]>\n}\n\nexport interface MSALConfiguration {\n  auth: {\n    /**\n     * The client ID of the application, this should come from the app developer portal.\n     */\n    clientId: string\n    /**\n     * The authority the application will use to obtain tokens.\n     */\n    authority?: string\n    /**\n     * List of known authorities that the application should trust.\n     */\n    knownAuthorities?: string[]\n    /**\n     * The redirect URI of the application.\n     *\n     * If you are providing this property, you should probably use `Platform.select`,\n     * because the redirect uris will be different for each platform.\n     */\n    redirectUri?: string\n  }\n  /**\n   * Options as described here: {@link https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-configuration}\n   * @platform android\n   */\n  androidConfigOptions?: MSALAndroidConfigOptions\n}\n\nexport interface MSALAndroidPreferredBrowser {\n  browser_package_name: string;\n  browser_signature_hashes: string[];\n  browser_version_lower_bound?: string;\n  browser_version_upper_bound?: string;\n}\n\nexport interface MSALAndroidConfigOptions {\n  authorization_user_agent?: 'DEFAULT' | 'BROWSER' | 'WEBVIEW'\n  broker_redirect_uri_registered?: boolean\n  preferred_browser?: MSALAndroidPreferredBrowser;\n  browser_safelist?: {\n    browser_package_name: string\n    browser_signature_hashes: string[]\n    browser_use_customTab: boolean\n  }[]\n  http?: {\n    connect_timeout?: number\n    read_timeout?: number\n  }\n  logging?: {\n    pii_enabled?: boolean\n    log_level?: 'ERROR' | 'WARNING' | 'INFO' | 'VERBOSE'\n    logcat_enabled?: boolean\n  }\n  multiple_clouds_supported?: boolean\n}\n\nexport interface MSALInteractiveParams {\n  /**\n   * Permissions you want included in the access token received in the result.\n   * Not all scopes are guaranteed to be included in the access token returned.\n   */\n  scopes: string[]\n  /**\n   * The authority that MSAL will use to obtain tokens. If not included, authority from\n   * MSALConfiguration will be used.\n   */\n  authority?: string\n  /**\n   * A specific prompt type for the interactive authentication flow.\n   */\n  promptType?: MSALPromptType\n  /**\n   * A loginHint (usually an email) to pass to the service at the beginning of the\n   * interactive authentication flow. The account returned is not guaranteed to match\n   * the loginHint.\n   */\n  loginHint?: string\n  /**\n   * Key-value pairs to pass to the /authorize and /token endpoints.\n   */\n  extraQueryParameters?: Record<string, string>\n  /**\n   * Permissions you want the account to consent to in the same authentication flow,\n   * but won\u2019t be included in the returned access token.\n   */\n  extraScopesToConsent?: string[]\n  /**\n   * User Interface configuration that MSAL uses when getting a token interactively or\n   * authorizing an end user.\n   */\n  webviewParameters?: MSALWebviewParams\n}\n\n/**\n * OIDC prompt parameter that specifies whether the Authorization Server prompts the\n * End-User for reauthentication and consent.\n */\nexport enum MSALPromptType {\n  /**\n   * If no user is specified the authentication webview will present a list of users\n   * currently signed in for the user to select among.\n   */\n  SELECT_ACCOUNT,\n  /**\n   * Require the user to authenticate in the webview.\n   */\n  LOGIN,\n  /**\n   * Require the user to consent to the current set of scopes for the request.\n   */\n  CONSENT,\n  /**\n   * The SSO experience will be determined by the presence of cookies in the webview and\n   * account type. User won\u2019t be prompted unless necessary. If multiple users are signed in,\n   * select account experience will be presented.\n   */\n  WHEN_REQUIRED,\n  /**\n   * Default is MSALPromptType.WHEN_REQUIRED.\n   */\n  DEFAULT = WHEN_REQUIRED,\n}\n\nexport interface MSALSilentParams {\n  /**\n   * Permissions you want included in the access token received in the result.\n   * Not all scopes are guaranteed to be included in the access token returned.\n   */\n  scopes: string[]\n  /**\n   * An account object for which tokens should be returned.\n   */\n  account: MSALAccount\n  /**\n   * The authority that MSAL will use to obtain tokens. If not included, authority from\n   * MSALConfiguration will be used.\n   */\n  authority?: string\n  /**\n   * Ignore any existing access token in the cache and force MSAL to get a new access token\n   * from the service.\n   */\n  forceRefresh?: boolean\n}\n\nexport interface MSALSignoutParams {\n  /**\n   * The account object for which to sign out of.\n   */\n  account: MSALAccount\n  /**\n   * Specifies whether signout should also open the browser and send a network request to the end_session_endpoint.\n   * false by default.\n   */\n  signoutFromBrowser?: boolean\n  /**\n   * User Interface configuration that MSAL uses when getting a token interactively or\n   * authorizing an end user.\n   */\n  webviewParameters?: MSALWebviewParams\n}\n\nexport interface MSALResult {\n  /**\n   * The Access Token requested, or empty string if no access token is returned in response\n   */\n  accessToken: string\n  /**\n   * The account object that holds account information.\n   */\n  account: MSALAccount\n  /**\n   * The time that the access token returned in the accessToken property ceases to be valid.\n   * This value is calculated based on current UTC time measured locally and the value expiresIn returned from the service\n   */\n  expiresOn: number\n  /**\n   * The raw id token if it\u2019s returned by the service or undefined if no id token is returned.\n   */\n  idToken?: string\n  /**\n   * The scope values returned from the service.\n   */\n  scopes: string[]\n  /**\n   * Identifier for the directory where account is locally represented\n   */\n  tenantId?: string\n}\n\nexport interface MSALAccount {\n  /**\n   * Unique identifier for the account.\n   */\n  identifier: string\n  /**\n   * Host part of the authority string used for authentication based on the issuer identifier.\n   */\n  environment?: string\n  /**\n   * An identifier for the AAD tenant that the account was acquired from.\n   */\n  tenantId: string\n  /**\n   * Shorthand name by which the End-User wishes to be referred to at the RP, such as janedoe or j.doe.\n   */\n  username: string\n  /**\n   * ID token claims for the account. Can be used to read additional information about the account, e.g. name.\n   */\n  claims?: object\n}\n\n/**\n * Mostly, if not all, iOS webview parameters\n * See https://azuread.github.io/microsoft-authentication-library-for-objc/Classes/MSALWebviewParameters.html\n */\nexport interface MSALWebviewParams {\n  /**\n   * A Boolean value that indicates whether the ASWebAuthenticationSession should ask the\n   * browser for a private authentication session.\n   * For more info see here: https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/3237231-prefersephemeralwebbrowsersessio?language=objc\n   * @platform iOS 13+\n   */\n  ios_prefersEphemeralWebBrowserSession?: boolean\n  /**\n   * MSAL requires a web browser for interactive authentication.\n   * There are multiple web browsers available to complete authentication.\n   * MSAL will default to the web browser that provides best security and user experience for a given platform.\n   * Ios_MSALWebviewType allows changing the experience by customizing the configuration to other options for\n   * displaying web content\n   * @platform iOS\n   */\n  ios_webviewType?: Ios_MSALWebviewType\n  /**\n   * Note: Has no effect when ios_webviewType === `Ios_MSALWebviewType.DEFAULT` or\n   * ios_webviewType === `Ios_MSALWebviewType.AUTHENTICATION_SESSION`\n   * @platform iOS\n   */\n  ios_presentationStyle?: Ios_ModalPresentationStyle\n}\n\n/**\n * See https://developer.apple.com/documentation/uikit/uimodalpresentationstyle\n */\nexport enum Ios_ModalPresentationStyle {\n  fullScreen = 0,\n  pageSheet,\n  formSheet,\n  currentContext,\n  custom,\n  overFullScreen,\n  overCurrentContext,\n  popover,\n  blurOverFullScreen,\n  none = -1,\n  automatic = -2,\n}\n\n/**\n * See https://azuread.github.io/microsoft-authentication-library-for-objc/Enums/MSALWebviewType.html\n */\nexport enum Ios_MSALWebviewType {\n  DEFAULT = 0,\n  AUTHENTICATION_SESSION,\n  SAFARI_VIEW_CONTROLLER,\n  WK_WEB_VIEW,\n}\n", "import { PublicClientApplication } from './src/publicClientApplication'\nexport default PublicClientApplication\nexport * from './src/types'\n"],
+  "mappings": ";AAAA,SAAS,gBAAgB;AAazB,SAAS,qBAAqB;AAc9B,IAAM,SAA6B,cAAc;AAI1C,IAAM,0BAAN,MAAkE;AAAA,EAGvE,YAA6B,QAA2B;AAA3B;AAAA,EAA4B;AAAA,EAFjD,gBAAyB;AAAA,EAIjC,MAAa,OAAO;AAClB,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,OAAO,8BAA8B,KAAK,MAAM;AACtD,WAAK,gBAAgB;AAAA,IACvB;AACA,WAAO;AAAA,EACT;AAAA,EAEA,MAAa,aAAa,QAA+B;AACvD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,aAAa,MAAM;AAAA,EACzC;AAAA,EAEA,MAAa,mBAAmB,QAA0B;AACxD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,mBAAmB,MAAM;AAAA,EAC/C;AAAA,EAEA,MAAa,cAAc;AACzB,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,YAAY;AAAA,EAClC;AAAA,EAEA,MAAa,WAAW,mBAA2B;AACjD,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,WAAW,iBAAiB;AAAA,EAClD;AAAA,EAEA,MAAa,cAAc,SAAsB;AAC/C,SAAK,sBAAsB;AAC3B,WAAO,MAAM,OAAO,cAAc,OAAO;AAAA,EAC3C;AAAA,EAEA,MAAa,QAAQ,QAA2B;AAC9C,SAAK,sBAAsB;AAC3B,WAAO,MAAM,SAAS,OAAO;AAAA,MAC3B,KAAK,YAAY,MAAM,OAAO,QAAQ,MAAM;AAAA,MAC5C,SAAS,YAAY,MAAM,OAAO,cAAc,OAAO,OAAO;AAAA,IAChE,CAAC,EAAE;AAAA,EACL;AAAA,EAEA,MAAa,qBAAqB;AAChC,SAAK,sBAAsB;AAC3B,WAAO,MAAM,SAAS,OAAO;AAAA,MAC3B,SAAS,YAAY,MAAM,OAAO,mBAAmB;AAAA,MACrD,SAAS,YAAY;AAAA,IACvB,CAAC,EAAE;AAAA,EACL;AAAA,EAEA,MAAM,4BAA4B;AAChC,SAAK,sBAAsB;AAC3B,WAAO,MAAM,SAAS,OAAO;AAAA,MAC3B,SAAS,YAAY,CAAC,MAAM,OAAO,0BAA0B,CAAC;AAAA,MAC9D,SAAS,YAAY,CAAC;AAAA,IACxB,CAAC,EAAE;AAAA,EACL;AAAA,EAEQ,wBAAwB;AAC9B,QAAI,CAAC,KAAK,eAAe;AACvB,YAAM,IAAI;AAAA,QACR;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;;;ACmEO,IAAK,iBAAL,kBAAKA,oBAAL;AAKL,EAAAA,gCAAA;AAIA,EAAAA,gCAAA;AAIA,EAAAA,gCAAA;AAMA,EAAAA,gCAAA;AAIA,EAAAA,gCAAA,aAAU,yBAAV;AAvBU,SAAAA;AAAA,GAAA;AAoJL,IAAK,6BAAL,kBAAKC,gCAAL;AACL,EAAAA,wDAAA,gBAAa,KAAb;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA;AACA,EAAAA,wDAAA,UAAO,MAAP;AACA,EAAAA,wDAAA,eAAY,MAAZ;AAXU,SAAAA;AAAA,GAAA;AAiBL,IAAK,sBAAL,kBAAKC,yBAAL;AACL,EAAAA,0CAAA,aAAU,KAAV;AACA,EAAAA,0CAAA;AACA,EAAAA,0CAAA;AACA,EAAAA,0CAAA;AAJU,SAAAA;AAAA,GAAA;;;AC3UZ,IAAO,6BAAQ;",
   "names": ["MSALPromptType", "Ios_ModalPresentationStyle", "Ios_MSALWebviewType"]
 }

package/dist/src/publicClientApplication.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import type { MSALConfiguration, MSALInteractiveParams, MSALSilentParams, MSALAccount, MSALSignoutParams, IPublicClientApplication, MSALResult } from './types';
+import type { MSALConfiguration, MSALInteractiveParams, MSALSilentParams, MSALAccount, MSALSignoutParams, IPublicClientApplication, MSALResult, MSALAndroidPreferredBrowser } from './types';
 export declare class PublicClientApplication implements IPublicClientApplication {
     private readonly config;
     private isInitialized;
@@ -11,5 +11,6 @@ export declare class PublicClientApplication implements IPublicClientApplication
     removeAccount(account: MSALAccount): Promise<boolean>;
     signOut(params: MSALSignoutParams): Promise<boolean>;
     getSelectedBrowser(): Promise<string>;
+    getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser[]>;
     private validateIsInitialized;
 }

package/dist/src/types.d.ts CHANGED Viewed

@@ -51,6 +51,13 @@ export interface IPublicClientApplication {
      * @platform android
      */
     getSelectedBrowser(): Promise<string>;
+    /**
+     * Returns a array of installed browsers found in the configured safe list that support customTab.
+     * NOTE: Android only. On iOS this will always return N/A.
+     * @return Promise resolving to an array of installed browsers that support customTab
+     * @platform android
+     */
+    getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser[]>;
 }
 export interface MSALConfiguration {
     auth: {
@@ -80,9 +87,16 @@ export interface MSALConfiguration {
      */
     androidConfigOptions?: MSALAndroidConfigOptions;
 }
+export interface MSALAndroidPreferredBrowser {
+    browser_package_name: string;
+    browser_signature_hashes: string[];
+    browser_version_lower_bound?: string;
+    browser_version_upper_bound?: string;
+}
 export interface MSALAndroidConfigOptions {
     authorization_user_agent?: 'DEFAULT' | 'BROWSER' | 'WEBVIEW';
     broker_redirect_uri_registered?: boolean;
+    preferred_browser?: MSALAndroidPreferredBrowser;
     browser_safelist?: {
         browser_package_name: string;
         browser_signature_hashes: string[];

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "react-native-msal2",
-  "version": "1.0.14",
+  "version": "1.0.15",
   "license": "MIT",
   "description": "MSAL React Native wrapper for iOS and Android",
   "homepage": "https://github.com/bittu/react-native-msal2#readme",

package/src/publicClientApplication.ts CHANGED Viewed

@@ -8,6 +8,7 @@ import type {
   MSALSignoutParams,
   IPublicClientApplication,
   MSALResult,
+  MSALAndroidPreferredBrowser,
 } from './types'
 import { NativeModules } from 'react-native'
@@ -21,6 +22,7 @@ type RNMSALNativeModule = {
   removeAccount(account: MSALAccount): Promise<boolean>
   signout(params: MSALSignoutParams): Promise<boolean>
   getSelectedBrowser(): Promise<string>
+  getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser>
 }
 const RNMSAL: RNMSALNativeModule = NativeModules.RNMSAL
@@ -81,6 +83,14 @@ export class PublicClientApplication implements IPublicClientApplication {
     })()
   }
+  async getSafeCustomTabsBrowsers() {
+    this.validateIsInitialized()
+    return await Platform.select({
+      android: async () => [await RNMSAL.getSafeCustomTabsBrowsers()],
+      default: async () => [],
+    })()
+  }
   private validateIsInitialized() {
     if (!this.isInitialized) {
       throw new Error(

package/src/types.ts CHANGED Viewed

@@ -57,6 +57,14 @@ export interface IPublicClientApplication {
    * @platform android
    */
   getSelectedBrowser(): Promise<string>
+  /**
+   * Returns a array of installed browsers found in the configured safe list that support customTab.
+   * NOTE: Android only. On iOS this will always return N/A.
+   * @return Promise resolving to an array of installed browsers that support customTab
+   * @platform android
+   */
+  getSafeCustomTabsBrowsers(): Promise<MSALAndroidPreferredBrowser[]>
 }
 export interface MSALConfiguration {
@@ -88,9 +96,17 @@ export interface MSALConfiguration {
   androidConfigOptions?: MSALAndroidConfigOptions
 }
+export interface MSALAndroidPreferredBrowser {
+  browser_package_name: string;
+  browser_signature_hashes: string[];
+  browser_version_lower_bound?: string;
+  browser_version_upper_bound?: string;
+}
 export interface MSALAndroidConfigOptions {
   authorization_user_agent?: 'DEFAULT' | 'BROWSER' | 'WEBVIEW'
   broker_redirect_uri_registered?: boolean
+  preferred_browser?: MSALAndroidPreferredBrowser;
   browser_safelist?: {
     browser_package_name: string
     browser_signature_hashes: string[]