Skip to content

Instantly share code, notes, and snippets.

@codyaweber

codyaweber/AuthenticationService.js

Created September 27, 2023 02:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save codyaweber/928d4ec6c82094c82e71605514fcbdad to your computer and use it in GitHub Desktop.
Save codyaweber/928d4ec6c82094c82e71605514fcbdad to your computer and use it in GitHub Desktop.
Download ZIP
Microsoft.Authentication.WebAssembly.Msal/AuthenticationService.js
Raw
AuthenticationService.js
/*! For license information please see AuthenticationService.js.LICENSE.txt */
(()=>{
"use strict";
var e = {
4: (e,t,r)=>{
r.r(t),
r.d(t, {
AccountEntity: ()=>re,
ApiId: ()=>Se,
AuthError: ()=>J,
AuthErrorMessage: ()=>V,
AuthenticationHeaderParser: ()=>br,
AuthenticationScheme: ()=>F,
AzureCloudInstance: ()=>ze,
BrowserAuthError: ()=>ke,
BrowserAuthErrorMessage: ()=>Re,
BrowserCacheLocation: ()=>_e,
BrowserConfigurationAuthError: ()=>De,
BrowserConfigurationAuthErrorMessage: ()=>Le,
BrowserUtils: ()=>Ot,
ClientAuthError: ()=>X,
ClientAuthErrorMessage: ()=>Q,
ClientConfigurationError: ()=>ie,
ClientConfigurationErrorMessage: ()=>oe,
DEFAULT_IFRAME_TIMEOUT_MS: ()=>Vt,
EventMessageUtils: ()=>Ir,
EventType: ()=>Tt,
InteractionRequiredAuthError: ()=>lt,
InteractionRequiredAuthErrorMessage: ()=>ut,
InteractionStatus: ()=>Ae,
InteractionType: ()=>Ie,
LogLevel: ()=>qe,
Logger: ()=>je,
NavigationClient: ()=>Wt,
OIDC_DEFAULT_SCOPES: ()=>w,
PerformanceEvents: ()=>ht,
ProtocolMode: ()=>Et,
PublicClientApplication: ()=>wr,
ServerError: ()=>tt,
SignedHttpRequest: ()=>Ar,
StringUtils: ()=>$,
UrlString: ()=>Ke,
WrapperSKU: ()=>Oe,
internals: ()=>n,
stubbedPublicClientApplication: ()=>Sr,
version: ()=>kt
});
var n = {};
r.r(n),
r.d(n, {
BrowserCacheManager: ()=>Ge,
BrowserConstants: ()=>Ne,
EventHandler: ()=>$t,
NativeMessageHandler: ()=>Gt,
PopupClient: ()=>jt,
RedirectClient: ()=>zt,
RedirectHandler: ()=>Ht,
SilentCacheClient: ()=>Kt,
SilentIframeClient: ()=>Qt,
SilentRefreshClient: ()=>Xt,
StandardInteractionClient: ()=>Ut,
TemporaryCacheKeys: ()=>Te
});
var o = function(e, t) {
return o = Object.setPrototypeOf || {
__proto__: []
}instanceof Array && function(e, t) {
e.__proto__ = t
}
|| function(e, t) {
for (var r in t)
Object.prototype.hasOwnProperty.call(t, r) && (e[r] = t[r])
}
,
o(e, t)
};
function i(e, t) {
function r() {
this.constructor = e
}
o(e, t),
e.prototype = null === t ? Object.create(t) : (r.prototype = t.prototype,
new r)
}
var a = function() {
return a = Object.assign || function(e) {
for (var t, r = 1, n = arguments.length; r < n; r++)
for (var o in t = arguments[r])
Object.prototype.hasOwnProperty.call(t, o) && (e[o] = t[o]);
return e
}
,
a.apply(this, arguments)
};
function s(e, t, r, n) {
return new (r || (r = Promise))((function(o, i) {
function a(e) {
try {
c(n.next(e))
} catch (e) {
i(e)
}
}
function s(e) {
try {
c(n.throw(e))
} catch (e) {
i(e)
}
}
function c(e) {
var t;
e.done ? o(e.value) : (t = e.value,
t instanceof r ? t : new r((function(e) {
e(t)
}
))).then(a, s)
}
c((n = n.apply(e, t || [])).next())
}
))
}
function c(e, t) {
var r, n, o, i, a = {
label: 0,
sent: function() {
if (1 & o[0])
throw o[1];
return o[1]
},
trys: [],
ops: []
};
return i = {
next: s(0),
throw: s(1),
return: s(2)
},
"function" == typeof Symbol && (i[Symbol.iterator] = function() {
return this
}
),
i;
function s(i) {
return function(s) {
return function(i) {
if (r)
throw new TypeError("Generator is already executing.");
for (; a; )
try {
if (r = 1,
n && (o = 2 & i[0] ? n.return : i[0] ? n.throw || ((o = n.return) && o.call(n),
0) : n.next) && !(o = o.call(n, i[1])).done)
return o;
switch (n = 0,
o && (i = [2 & i[0], o.value]),
i[0]) {
case 0:
case 1:
o = i;
break;
case 4:
return a.label++,
{
value: i[1],
done: !1
};
case 5:
a.label++,
n = i[1],
i = [0];
continue;
case 7:
i = a.ops.pop(),
a.trys.pop();
continue;
default:
if (!((o = (o = a.trys).length > 0 && o[o.length - 1]) || 6 !== i[0] && 2 !== i[0])) {
a = 0;
continue
}
if (3 === i[0] && (!o || i[1] > o[0] && i[1] < o[3])) {
a.label = i[1];
break
}
if (6 === i[0] && a.label < o[1]) {
a.label = o[1],
o = i;
break
}
if (o && a.label < o[2]) {
a.label = o[2],
a.ops.push(i);
break
}
o[2] && a.ops.pop(),
a.trys.pop();
continue
}
i = t.call(e, a)
} catch (e) {
i = [6, e],
n = 0
} finally {
r = o = 0
}
if (5 & i[0])
throw i[1];
return {
value: i[0] ? i[1] : void 0,
done: !0
}
}([i, s])
}
}
}
function u(e, t) {
var r = "function" == typeof Symbol && e[Symbol.iterator];
if (!r)
return e;
var n, o, i = r.call(e), a = [];
try {
for (; (void 0 === t || t-- > 0) && !(n = i.next()).done; )
a.push(n.value)
} catch (e) {
o = {
error: e
}
} finally {
try {
n && !n.done && (r = i.return) && r.call(i)
} finally {
if (o)
throw o.error
}
}
return a
}
function l() {
for (var e = [], t = 0; t < arguments.length; t++)
e = e.concat(u(arguments[t]));
return e
}
var d = function(e, t) {
return d = Object.setPrototypeOf || {
__proto__: []
}instanceof Array && function(e, t) {
e.__proto__ = t
}
|| function(e, t) {
for (var r in t)
Object.prototype.hasOwnProperty.call(t, r) && (e[r] = t[r])
}
,
d(e, t)
};
function h(e, t) {
function r() {
this.constructor = e
}
d(e, t),
e.prototype = null === t ? Object.create(t) : (r.prototype = t.prototype,
new r)
}
var p = function() {
return p = Object.assign || function(e) {
for (var t, r = 1, n = arguments.length; r < n; r++)
for (var o in t = arguments[r])
Object.prototype.hasOwnProperty.call(t, o) && (e[o] = t[o]);
return e
}
,
p.apply(this, arguments)
};
function g(e, t, r, n) {
return new (r || (r = Promise))((function(o, i) {
function a(e) {
try {
c(n.next(e))
} catch (e) {
i(e)
}
}
function s(e) {
try {
c(n.throw(e))
} catch (e) {
i(e)
}
}
function c(e) {
var t;
e.done ? o(e.value) : (t = e.value,
t instanceof r ? t : new r((function(e) {
e(t)
}
))).then(a, s)
}
c((n = n.apply(e, t || [])).next())
}
))
}
function f(e, t) {
var r, n, o, i, a = {
label: 0,
sent: function() {
if (1 & o[0])
throw o[1];
return o[1]
},
trys: [],
ops: []
};
return i = {
next: s(0),
throw: s(1),
return: s(2)
},
"function" == typeof Symbol && (i[Symbol.iterator] = function() {
return this
}
),
i;
function s(i) {
return function(s) {
return function(i) {
if (r)
throw new TypeError("Generator is already executing.");
for (; a; )
try {
if (r = 1,
n && (o = 2 & i[0] ? n.return : i[0] ? n.throw || ((o = n.return) && o.call(n),
0) : n.next) && !(o = o.call(n, i[1])).done)
return o;
switch (n = 0,
o && (i = [2 & i[0], o.value]),
i[0]) {
case 0:
case 1:
o = i;
break;
case 4:
return a.label++,
{
value: i[1],
done: !1
};
case 5:
a.label++,
n = i[1],
i = [0];
continue;
case 7:
i = a.ops.pop(),
a.trys.pop();
continue;
default:
if (!((o = (o = a.trys).length > 0 && o[o.length - 1]) || 6 !== i[0] && 2 !== i[0])) {
a = 0;
continue
}
if (3 === i[0] && (!o || i[1] > o[0] && i[1] < o[3])) {
a.label = i[1];
break
}
if (6 === i[0] && a.label < o[1]) {
a.label = o[1],
o = i;
break
}
if (o && a.label < o[2]) {
a.label = o[2],
a.ops.push(i);
break
}
o[2] && a.ops.pop(),
a.trys.pop();
continue
}
i = t.call(e, a)
} catch (e) {
i = [6, e],
n = 0
} finally {
r = o = 0
}
if (5 & i[0])
throw i[1];
return {
value: i[0] ? i[1] : void 0,
done: !0
}
}([i, s])
}
}
}
function m() {
for (var e = 0, t = 0, r = arguments.length; t < r; t++)
e += arguments[t].length;
var n = Array(e)
, o = 0;
for (t = 0; t < r; t++)
for (var i = arguments[t], a = 0, s = i.length; a < s; a++,
o++)
n[o] = i[a];
return n
}
var v, y, E, _, C, T = {
LIBRARY_NAME: "MSAL.JS",
SKU: "msal.js.common",
CACHE_PREFIX: "msal",
DEFAULT_AUTHORITY: "https://login.microsoftonline.com/common/",
DEFAULT_AUTHORITY_HOST: "login.microsoftonline.com",
DEFAULT_COMMON_TENANT: "common",
ADFS: "adfs",
AAD_INSTANCE_DISCOVERY_ENDPT: "https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=",
RESOURCE_DELIM: "|",
NO_ACCOUNT: "NO_ACCOUNT",
CLAIMS: "claims",
CONSUMER_UTID: "9188040d-6c67-4c5b-b112-36a304b66dad",
OPENID_SCOPE: "openid",
PROFILE_SCOPE: "profile",
OFFLINE_ACCESS_SCOPE: "offline_access",
EMAIL_SCOPE: "email",
CODE_RESPONSE_TYPE: "code",
CODE_GRANT_TYPE: "authorization_code",
RT_GRANT_TYPE: "refresh_token",
FRAGMENT_RESPONSE_MODE: "fragment",
S256_CODE_CHALLENGE_METHOD: "S256",
URL_FORM_CONTENT_TYPE: "application/x-www-form-urlencoded;charset=utf-8",
AUTHORIZATION_PENDING: "authorization_pending",
NOT_DEFINED: "not_defined",
EMPTY_STRING: "",
FORWARD_SLASH: "/",
IMDS_ENDPOINT: "http://169.254.169.254/metadata/instance/compute/location",
IMDS_VERSION: "2020-06-01",
IMDS_TIMEOUT: 2e3,
AZURE_REGION_AUTO_DISCOVER_FLAG: "TryAutoDetect",
REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: "login.microsoft.com",
KNOWN_PUBLIC_CLOUDS: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"],
TOKEN_RESPONSE_TYPE: "token",
ID_TOKEN_RESPONSE_TYPE: "id_token",
SHR_NONCE_VALIDITY: 240
}, w = [T.OPENID_SCOPE, T.PROFILE_SCOPE, T.OFFLINE_ACCESS_SCOPE], S = m(w, [T.EMAIL_SCOPE]);
!function(e) {
e.CONTENT_TYPE = "Content-Type",
e.RETRY_AFTER = "Retry-After",
e.CCS_HEADER = "X-AnchorMailbox",
e.WWWAuthenticate = "WWW-Authenticate",
e.AuthenticationInfo = "Authentication-Info"
}(v || (v = {})),
function(e) {
e.ID_TOKEN = "idtoken",
e.CLIENT_INFO = "client.info",
e.ADAL_ID_TOKEN = "adal.idtoken",
e.ERROR = "error",
e.ERROR_DESC = "error.description",
e.ACTIVE_ACCOUNT = "active-account",
e.ACTIVE_ACCOUNT_FILTERS = "active-account-filters"
}(y || (y = {})),
function(e) {
e.COMMON = "common",
e.ORGANIZATIONS = "organizations",
e.CONSUMERS = "consumers"
}(E || (E = {})),
function(e) {
e.CLIENT_ID = "client_id",
e.REDIRECT_URI = "redirect_uri",
e.RESPONSE_TYPE = "response_type",
e.RESPONSE_MODE = "response_mode",
e.GRANT_TYPE = "grant_type",
e.CLAIMS = "claims",
e.SCOPE = "scope",
e.ERROR = "error",
e.ERROR_DESCRIPTION = "error_description",
e.ACCESS_TOKEN = "access_token",
e.ID_TOKEN = "id_token",
e.REFRESH_TOKEN = "refresh_token",
e.EXPIRES_IN = "expires_in",
e.STATE = "state",
e.NONCE = "nonce",
e.PROMPT = "prompt",
e.SESSION_STATE = "session_state",
e.CLIENT_INFO = "client_info",
e.CODE = "code",
e.CODE_CHALLENGE = "code_challenge",
e.CODE_CHALLENGE_METHOD = "code_challenge_method",
e.CODE_VERIFIER = "code_verifier",
e.CLIENT_REQUEST_ID = "client-request-id",
e.X_CLIENT_SKU = "x-client-SKU",
e.X_CLIENT_VER = "x-client-VER",
e.X_CLIENT_OS = "x-client-OS",
e.X_CLIENT_CPU = "x-client-CPU",
e.X_CLIENT_CURR_TELEM = "x-client-current-telemetry",
e.X_CLIENT_LAST_TELEM = "x-client-last-telemetry",
e.X_MS_LIB_CAPABILITY = "x-ms-lib-capability",
e.X_APP_NAME = "x-app-name",
e.X_APP_VER = "x-app-ver",
e.POST_LOGOUT_URI = "post_logout_redirect_uri",
e.ID_TOKEN_HINT = "id_token_hint",
e.DEVICE_CODE = "device_code",
e.CLIENT_SECRET = "client_secret",
e.CLIENT_ASSERTION = "client_assertion",
e.CLIENT_ASSERTION_TYPE = "client_assertion_type",
e.TOKEN_TYPE = "token_type",
e.REQ_CNF = "req_cnf",
e.OBO_ASSERTION = "assertion",
e.REQUESTED_TOKEN_USE = "requested_token_use",
e.ON_BEHALF_OF = "on_behalf_of",
e.FOCI = "foci",
e.CCS_HEADER = "X-AnchorMailbox",
e.RETURN_SPA_CODE = "return_spa_code",
e.NATIVE_BROKER = "nativebroker",
e.LOGOUT_HINT = "logout_hint"
}(_ || (_ = {})),
function(e) {
e.ACCESS_TOKEN = "access_token",
e.XMS_CC = "xms_cc"
}(C || (C = {}));
var I, A = {
LOGIN: "login",
SELECT_ACCOUNT: "select_account",
CONSENT: "consent",
NONE: "none",
CREATE: "create"
};
!function(e) {
e.ACCOUNT = "account",
e.SID = "sid",
e.LOGIN_HINT = "login_hint",
e.ID_TOKEN = "id_token",
e.DOMAIN_HINT = "domain_hint",
e.ORGANIZATIONS = "organizations",
e.CONSUMERS = "consumers",
e.ACCOUNT_ID = "accountIdentifier",
e.HOMEACCOUNT_ID = "homeAccountIdentifier"
}(I || (I = {}));
var b, R, k, N, P, O, M, U = {
PLAIN: "plain",
S256: "S256"
};
!function(e) {
e.QUERY = "query",
e.FRAGMENT = "fragment",
e.FORM_POST = "form_post"
}(b || (b = {})),
function(e) {
e.IMPLICIT_GRANT = "implicit",
e.AUTHORIZATION_CODE_GRANT = "authorization_code",
e.CLIENT_CREDENTIALS_GRANT = "client_credentials",
e.RESOURCE_OWNER_PASSWORD_GRANT = "password",
e.REFRESH_TOKEN_GRANT = "refresh_token",
e.DEVICE_CODE_GRANT = "device_code",
e.JWT_BEARER = "urn:ietf:params:oauth:grant-type:jwt-bearer"
}(R || (R = {})),
function(e) {
e.MSSTS_ACCOUNT_TYPE = "MSSTS",
e.ADFS_ACCOUNT_TYPE = "ADFS",
e.MSAV1_ACCOUNT_TYPE = "MSA",
e.GENERIC_ACCOUNT_TYPE = "Generic"
}(k || (k = {})),
function(e) {
e.CACHE_KEY_SEPARATOR = "-",
e.CLIENT_INFO_SEPARATOR = "."
}(N || (N = {})),
function(e) {
e.ID_TOKEN = "IdToken",
e.ACCESS_TOKEN = "AccessToken",
e.ACCESS_TOKEN_WITH_AUTH_SCHEME = "AccessToken_With_AuthScheme",
e.REFRESH_TOKEN = "RefreshToken"
}(P || (P = {})),
function(e) {
e.ACCOUNT = "Account",
e.CREDENTIAL = "Credential",
e.ID_TOKEN = "IdToken",
e.ACCESS_TOKEN = "AccessToken",
e.REFRESH_TOKEN = "RefreshToken",
e.APP_METADATA = "AppMetadata",
e.TEMPORARY = "TempCache",
e.TELEMETRY = "Telemetry",
e.UNDEFINED = "Undefined",
e.THROTTLING = "Throttling"
}(O || (O = {})),
function(e) {
e[e.ADFS = 1001] = "ADFS",
e[e.MSA = 1002] = "MSA",
e[e.MSSTS = 1003] = "MSSTS",
e[e.GENERIC = 1004] = "GENERIC",
e[e.ACCESS_TOKEN = 2001] = "ACCESS_TOKEN",
e[e.REFRESH_TOKEN = 2002] = "REFRESH_TOKEN",
e[e.ID_TOKEN = 2003] = "ID_TOKEN",
e[e.APP_METADATA = 3001] = "APP_METADATA",
e[e.UNDEFINED = 9999] = "UNDEFINED"
}(M || (M = {}));
var q, H = "appmetadata", L = "1", D = "authority-metadata";
!function(e) {
e.CONFIG = "config",
e.CACHE = "cache",
e.NETWORK = "network",
e.HARDCODED_VALUES = "hardcoded_values"
}(q || (q = {}));
var F, x = {
SCHEMA_VERSION: 5,
MAX_CUR_HEADER_BYTES: 80,
MAX_LAST_HEADER_BYTES: 330,
MAX_CACHED_ERRORS: 50,
CACHE_KEY: "server-telemetry",
CATEGORY_SEPARATOR: "|",
VALUE_SEPARATOR: ",",
OVERFLOW_TRUE: "1",
OVERFLOW_FALSE: "0",
UNKNOWN_ERROR: "unknown_error"
};
!function(e) {
e.BEARER = "Bearer",
e.POP = "pop",
e.SSH = "ssh-cert"
}(F || (F = {}));
var K, B, G, z, j, Y;
!function(e) {
e.username = "username",
e.password = "password"
}(K || (K = {})),
function(e) {
e[e.httpSuccess = 200] = "httpSuccess",
e[e.httpBadRequest = 400] = "httpBadRequest"
}(B || (B = {})),
function(e) {
e.FAILED_AUTO_DETECTION = "1",
e.INTERNAL_CACHE = "2",
e.ENVIRONMENT_VARIABLE = "3",
e.IMDS = "4"
}(G || (G = {})),
function(e) {
e.CONFIGURED_MATCHES_DETECTED = "1",
e.CONFIGURED_NO_AUTO_DETECTION = "2",
e.CONFIGURED_NOT_DETECTED = "3",
e.AUTO_DETECTION_REQUESTED_SUCCESSFUL = "4",
e.AUTO_DETECTION_REQUESTED_FAILED = "5"
}(z || (z = {})),
function(e) {
e.NO_CACHE_HIT = "0",
e.FORCE_REFRESH = "1",
e.NO_CACHED_ACCESS_TOKEN = "2",
e.CACHED_ACCESS_TOKEN_EXPIRED = "3",
e.REFRESH_CACHED_ACCESS_TOKEN = "4"
}(j || (j = {})),
function(e) {
e.Jwt = "JWT",
e.Jwk = "JWK"
}(Y || (Y = {}));
var W, V = {
unexpectedError: {
code: "unexpected_error",
desc: "Unexpected error in authentication."
},
postRequestFailed: {
code: "post_request_failed",
desc: "Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details."
}
}, J = function(e) {
function t(r, n, o) {
var i = this
, a = n ? r + ": " + n : r;
return i = e.call(this, a) || this,
Object.setPrototypeOf(i, t.prototype),
i.errorCode = r || T.EMPTY_STRING,
i.errorMessage = n || T.EMPTY_STRING,
i.subError = o || T.EMPTY_STRING,
i.name = "AuthError",
i
}
return h(t, e),
t.prototype.setCorrelationId = function(e) {
this.correlationId = e
}
,
t.createUnexpectedError = function(e) {
return new t(V.unexpectedError.code,V.unexpectedError.desc + ": " + e)
}
,
t.createPostRequestFailed = function(e) {
return new t(V.postRequestFailed.code,V.postRequestFailed.desc + ": " + e)
}
,
t
}(Error), Q = {
clientInfoDecodingError: {
code: "client_info_decoding_error",
desc: "The client info could not be parsed/decoded correctly. Please review the trace to determine the root cause."
},
clientInfoEmptyError: {
code: "client_info_empty_error",
desc: "The client info was empty. Please review the trace to determine the root cause."
},
tokenParsingError: {
code: "token_parsing_error",
desc: "Token cannot be parsed. Please review stack trace to determine root cause."
},
nullOrEmptyToken: {
code: "null_or_empty_token",
desc: "The token is null or empty. Please review the trace to determine the root cause."
},
endpointResolutionError: {
code: "endpoints_resolution_error",
desc: "Error: could not resolve endpoints. Please check network and try again."
},
networkError: {
code: "network_error",
desc: "Network request failed. Please check network trace to determine root cause."
},
unableToGetOpenidConfigError: {
code: "openid_config_error",
desc: "Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints."
},
hashNotDeserialized: {
code: "hash_not_deserialized",
desc: "The hash parameters could not be deserialized. Please review the trace to determine the root cause."
},
blankGuidGenerated: {
code: "blank_guid_generated",
desc: "The guid generated was blank. Please review the trace to determine the root cause."
},
invalidStateError: {
code: "invalid_state",
desc: "State was not the expected format. Please check the logs to determine whether the request was sent using ProtocolUtils.setRequestState()."
},
stateMismatchError: {
code: "state_mismatch",
desc: "State mismatch error. Please check your network. Continued requests may cause cache overflow."
},
stateNotFoundError: {
code: "state_not_found",
desc: "State not found"
},
nonceMismatchError: {
code: "nonce_mismatch",
desc: "Nonce mismatch error. This may be caused by a race condition in concurrent requests."
},
nonceNotFoundError: {
code: "nonce_not_found",
desc: "nonce not found"
},
noTokensFoundError: {
code: "no_tokens_found",
desc: "No tokens were found for the given scopes, and no authorization code was passed to acquireToken. You must retrieve an authorization code before making a call to acquireToken()."
},
multipleMatchingTokens: {
code: "multiple_matching_tokens",
desc: "The cache contains multiple tokens satisfying the requirements. Call AcquireToken again providing more requirements such as authority or account."
},
multipleMatchingAccounts: {
code: "multiple_matching_accounts",
desc: "The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account"
},
multipleMatchingAppMetadata: {
code: "multiple_matching_appMetadata",
desc: "The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata"
},
tokenRequestCannotBeMade: {
code: "request_cannot_be_made",
desc: "Token request cannot be made without authorization code or refresh token."
},
appendEmptyScopeError: {
code: "cannot_append_empty_scope",
desc: "Cannot append null or empty scope to ScopeSet. Please check the stack trace for more info."
},
removeEmptyScopeError: {
code: "cannot_remove_empty_scope",
desc: "Cannot remove null or empty scope from ScopeSet. Please check the stack trace for more info."
},
appendScopeSetError: {
code: "cannot_append_scopeset",
desc: "Cannot append ScopeSet due to error."
},
emptyInputScopeSetError: {
code: "empty_input_scopeset",
desc: "Empty input ScopeSet cannot be processed."
},
DeviceCodePollingCancelled: {
code: "device_code_polling_cancelled",
desc: "Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true."
},
DeviceCodeExpired: {
code: "device_code_expired",
desc: "Device code is expired."
},
DeviceCodeUnknownError: {
code: "device_code_unknown_error",
desc: "Device code stopped polling for unknown reasons."
},
NoAccountInSilentRequest: {
code: "no_account_in_silent_request",
desc: "Please pass an account object, silent flow is not supported without account information"
},
invalidCacheRecord: {
code: "invalid_cache_record",
desc: "Cache record object was null or undefined."
},
invalidCacheEnvironment: {
code: "invalid_cache_environment",
desc: "Invalid environment when attempting to create cache entry"
},
noAccountFound: {
code: "no_account_found",
desc: "No account found in cache for given key."
},
CachePluginError: {
code: "no cache plugin set on CacheManager",
desc: "ICachePlugin needs to be set before using readFromStorage or writeFromStorage"
},
noCryptoObj: {
code: "no_crypto_object",
desc: "No crypto object detected. This is required for the following operation: "
},
invalidCacheType: {
code: "invalid_cache_type",
desc: "Invalid cache type"
},
unexpectedAccountType: {
code: "unexpected_account_type",
desc: "Unexpected account type."
},
unexpectedCredentialType: {
code: "unexpected_credential_type",
desc: "Unexpected credential type."
},
invalidAssertion: {
code: "invalid_assertion",
desc: "Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515"
},
invalidClientCredential: {
code: "invalid_client_credential",
desc: "Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential"
},
tokenRefreshRequired: {
code: "token_refresh_required",
desc: "Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired."
},
userTimeoutReached: {
code: "user_timeout_reached",
desc: "User defined timeout for device code polling reached"
},
tokenClaimsRequired: {
code: "token_claims_cnf_required_for_signedjwt",
desc: "Cannot generate a POP jwt if the token_claims are not populated"
},
noAuthorizationCodeFromServer: {
code: "authorization_code_missing_from_server_response",
desc: "Server response does not contain an authorization code to proceed"
},
noAzureRegionDetected: {
code: "no_azure_region_detected",
desc: "No azure region was detected and no fallback was made available"
},
accessTokenEntityNullError: {
code: "access_token_entity_null",
desc: "Access token entity is null, please check logs and cache to ensure a valid access token is present."
},
bindingKeyNotRemovedError: {
code: "binding_key_not_removed",
desc: "Could not remove the credential's binding key from storage."
},
logoutNotSupported: {
code: "end_session_endpoint_not_supported",
desc: "Provided authority does not support logout."
},
keyIdMissing: {
code: "key_id_missing",
desc: "A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key."
}
}, X = function(e) {
function t(r, n) {
var o = e.call(this, r, n) || this;
return o.name = "ClientAuthError",
Object.setPrototypeOf(o, t.prototype),
o
}
return h(t, e),
t.createClientInfoDecodingError = function(e) {
return new t(Q.clientInfoDecodingError.code,Q.clientInfoDecodingError.desc + " Failed with error: " + e)
}
,
t.createClientInfoEmptyError = function() {
return new t(Q.clientInfoEmptyError.code,"" + Q.clientInfoEmptyError.desc)
}
,
t.createTokenParsingError = function(e) {
return new t(Q.tokenParsingError.code,Q.tokenParsingError.desc + " Failed with error: " + e)
}
,
t.createTokenNullOrEmptyError = function(e) {
return new t(Q.nullOrEmptyToken.code,Q.nullOrEmptyToken.desc + " Raw Token Value: " + e)
}
,
t.createEndpointDiscoveryIncompleteError = function(e) {
return new t(Q.endpointResolutionError.code,Q.endpointResolutionError.desc + " Detail: " + e)
}
,
t.createNetworkError = function(e, r) {
return new t(Q.networkError.code,Q.networkError.desc + " | Fetch client threw: " + r + " | Attempted to reach: " + e.split("?")[0])
}
,
t.createUnableToGetOpenidConfigError = function(e) {
return new t(Q.unableToGetOpenidConfigError.code,Q.unableToGetOpenidConfigError.desc + " Attempted to retrieve endpoints from: " + e)
}
,
t.createHashNotDeserializedError = function(e) {
return new t(Q.hashNotDeserialized.code,Q.hashNotDeserialized.desc + " Given Object: " + e)
}
,
t.createInvalidStateError = function(e, r) {
return new t(Q.invalidStateError.code,Q.invalidStateError.desc + " Invalid State: " + e + ", Root Err: " + r)
}
,
t.createStateMismatchError = function() {
return new t(Q.stateMismatchError.code,Q.stateMismatchError.desc)
}
,
t.createStateNotFoundError = function(e) {
return new t(Q.stateNotFoundError.code,Q.stateNotFoundError.desc + ": " + e)
}
,
t.createNonceMismatchError = function() {
return new t(Q.nonceMismatchError.code,Q.nonceMismatchError.desc)
}
,
t.createNonceNotFoundError = function(e) {
return new t(Q.nonceNotFoundError.code,Q.nonceNotFoundError.desc + ": " + e)
}
,
t.createMultipleMatchingTokensInCacheError = function() {
return new t(Q.multipleMatchingTokens.code,Q.multipleMatchingTokens.desc + ".")
}
,
t.createMultipleMatchingAccountsInCacheError = function() {
return new t(Q.multipleMatchingAccounts.code,Q.multipleMatchingAccounts.desc)
}
,
t.createMultipleMatchingAppMetadataInCacheError = function() {
return new t(Q.multipleMatchingAppMetadata.code,Q.multipleMatchingAppMetadata.desc)
}
,
t.createTokenRequestCannotBeMadeError = function() {
return new t(Q.tokenRequestCannotBeMade.code,Q.tokenRequestCannotBeMade.desc)
}
,
t.createAppendEmptyScopeToSetError = function(e) {
return new t(Q.appendEmptyScopeError.code,Q.appendEmptyScopeError.desc + " Given Scope: " + e)
}
,
t.createRemoveEmptyScopeFromSetError = function(e) {
return new t(Q.removeEmptyScopeError.code,Q.removeEmptyScopeError.desc + " Given Scope: " + e)
}
,
t.createAppendScopeSetError = function(e) {
return new t(Q.appendScopeSetError.code,Q.appendScopeSetError.desc + " Detail Error: " + e)
}
,
t.createEmptyInputScopeSetError = function() {
return new t(Q.emptyInputScopeSetError.code,"" + Q.emptyInputScopeSetError.desc)
}
,
t.createDeviceCodeCancelledError = function() {
return new t(Q.DeviceCodePollingCancelled.code,"" + Q.DeviceCodePollingCancelled.desc)
}
,
t.createDeviceCodeExpiredError = function() {
return new t(Q.DeviceCodeExpired.code,"" + Q.DeviceCodeExpired.desc)
}
,
t.createDeviceCodeUnknownError = function() {
return new t(Q.DeviceCodeUnknownError.code,"" + Q.DeviceCodeUnknownError.desc)
}
,
t.createNoAccountInSilentRequestError = function() {
return new t(Q.NoAccountInSilentRequest.code,"" + Q.NoAccountInSilentRequest.desc)
}
,
t.createNullOrUndefinedCacheRecord = function() {
return new t(Q.invalidCacheRecord.code,Q.invalidCacheRecord.desc)
}
,
t.createInvalidCacheEnvironmentError = function() {
return new t(Q.invalidCacheEnvironment.code,Q.invalidCacheEnvironment.desc)
}
,
t.createNoAccountFoundError = function() {
return new t(Q.noAccountFound.code,Q.noAccountFound.desc)
}
,
t.createCachePluginError = function() {
return new t(Q.CachePluginError.code,"" + Q.CachePluginError.desc)
}
,
t.createNoCryptoObjectError = function(e) {
return new t(Q.noCryptoObj.code,"" + Q.noCryptoObj.desc + e)
}
,
t.createInvalidCacheTypeError = function() {
return new t(Q.invalidCacheType.code,"" + Q.invalidCacheType.desc)
}
,
t.createUnexpectedAccountTypeError = function() {
return new t(Q.unexpectedAccountType.code,"" + Q.unexpectedAccountType.desc)
}
,
t.createUnexpectedCredentialTypeError = function() {
return new t(Q.unexpectedCredentialType.code,"" + Q.unexpectedCredentialType.desc)
}
,
t.createInvalidAssertionError = function() {
return new t(Q.invalidAssertion.code,"" + Q.invalidAssertion.desc)
}
,
t.createInvalidCredentialError = function() {
return new t(Q.invalidClientCredential.code,"" + Q.invalidClientCredential.desc)
}
,
t.createRefreshRequiredError = function() {
return new t(Q.tokenRefreshRequired.code,Q.tokenRefreshRequired.desc)
}
,
t.createUserTimeoutReachedError = function() {
return new t(Q.userTimeoutReached.code,Q.userTimeoutReached.desc)
}
,
t.createTokenClaimsRequiredError = function() {
return new t(Q.tokenClaimsRequired.code,Q.tokenClaimsRequired.desc)
}
,
t.createNoAuthCodeInServerResponseError = function() {
return new t(Q.noAuthorizationCodeFromServer.code,Q.noAuthorizationCodeFromServer.desc)
}
,
t.createBindingKeyNotRemovedError = function() {
return new t(Q.bindingKeyNotRemovedError.code,Q.bindingKeyNotRemovedError.desc)
}
,
t.createLogoutNotSupportedError = function() {
return new t(Q.logoutNotSupported.code,Q.logoutNotSupported.desc)
}
,
t.createKeyIdMissingError = function() {
return new t(Q.keyIdMissing.code,Q.keyIdMissing.desc)
}
,
t
}(J), $ = function() {
function e() {}
return e.decodeAuthToken = function(t) {
if (e.isEmpty(t))
throw X.createTokenNullOrEmptyError(t);
var r = /^([^\.\s]*)\.([^\.\s]+)\.([^\.\s]*)$/.exec(t);
if (!r || r.length < 4)
throw X.createTokenParsingError("Given token is malformed: " + JSON.stringify(t));
return {
header: r[1],
JWSPayload: r[2],
JWSSig: r[3]
}
}
,
e.isEmpty = function(e) {
return void 0 === e || !e || 0 === e.length
}
,
e.isEmptyObj = function(t) {
if (t && !e.isEmpty(t))
try {
var r = JSON.parse(t);
return 0 === Object.keys(r).length
} catch (e) {}
return !0
}
,
e.startsWith = function(e, t) {
return 0 === e.indexOf(t)
}
,
e.endsWith = function(e, t) {
return e.length >= t.length && e.lastIndexOf(t) === e.length - t.length
}
,
e.queryStringToObject = function(e) {
var t = {}
, r = e.split("&")
, n = function(e) {
return decodeURIComponent(e.replace(/\+/g, " "))
};
return r.forEach((function(e) {
if (e.trim()) {
var r = e.split(/=(.+)/g, 2)
, o = r[0]
, i = r[1];
o && i && (t[n(o)] = n(i))
}
}
)),
t
}
,
e.trimArrayEntries = function(e) {
return e.map((function(e) {
return e.trim()
}
))
}
,
e.removeEmptyStringsFromArray = function(t) {
return t.filter((function(t) {
return !e.isEmpty(t)
}
))
}
,
e.jsonParseHelper = function(e) {
try {
return JSON.parse(e)
} catch (e) {
return null
}
}
,
e.matchPattern = function(e, t) {
return new RegExp(e.replace(/\\/g, "\\\\").replace(/\*/g, "[^ ]*").replace(/\?/g, "\\?")).test(t)
}
,
e
}();
function Z(e, t) {
if ($.isEmpty(e))
throw X.createClientInfoEmptyError();
try {
var r = t.base64Decode(e);
return JSON.parse(r)
} catch (e) {
throw X.createClientInfoDecodingError(e.message)
}
}
function ee(e) {
if ($.isEmpty(e))
throw X.createClientInfoDecodingError("Home account ID was empty.");
var t = e.split(N.CLIENT_INFO_SEPARATOR, 2);
return {
uid: t[0],
utid: t.length < 2 ? T.EMPTY_STRING : t[1]
}
}
!function(e) {
e[e.Default = 0] = "Default",
e[e.Adfs = 1] = "Adfs"
}(W || (W = {}));
var te, re = function() {
function e() {}
return e.prototype.generateAccountId = function() {
return [this.homeAccountId, this.environment].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.prototype.generateAccountKey = function() {
return e.generateAccountCacheKey({
homeAccountId: this.homeAccountId,
environment: this.environment,
tenantId: this.realm,
username: this.username,
localAccountId: this.localAccountId
})
}
,
e.prototype.generateType = function() {
switch (this.authorityType) {
case k.ADFS_ACCOUNT_TYPE:
return M.ADFS;
case k.MSAV1_ACCOUNT_TYPE:
return M.MSA;
case k.MSSTS_ACCOUNT_TYPE:
return M.MSSTS;
case k.GENERIC_ACCOUNT_TYPE:
return M.GENERIC;
default:
throw X.createUnexpectedAccountTypeError()
}
}
,
e.prototype.getAccountInfo = function() {
return {
homeAccountId: this.homeAccountId,
environment: this.environment,
tenantId: this.realm,
username: this.username,
localAccountId: this.localAccountId,
name: this.name,
idTokenClaims: this.idTokenClaims,
nativeAccountId: this.nativeAccountId
}
}
,
e.generateAccountCacheKey = function(e) {
return [e.homeAccountId, e.environment || T.EMPTY_STRING, e.tenantId || T.EMPTY_STRING].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.createAccount = function(t, r, n, o, i, a, s, c) {
var u, l, d, h, p, g, f = new e;
f.authorityType = k.MSSTS_ACCOUNT_TYPE,
f.clientInfo = t,
f.homeAccountId = r,
f.nativeAccountId = c;
var m = s || o && o.getPreferredCache();
if (!m)
throw X.createInvalidCacheEnvironmentError();
return f.environment = m,
f.realm = (null === (u = null == n ? void 0 : n.claims) || void 0 === u ? void 0 : u.tid) || T.EMPTY_STRING,
n && (f.idTokenClaims = n.claims,
f.localAccountId = (null === (l = null == n ? void 0 : n.claims) || void 0 === l ? void 0 : l.oid) || (null === (d = null == n ? void 0 : n.claims) || void 0 === d ? void 0 : d.sub) || T.EMPTY_STRING,
f.username = (null === (h = null == n ? void 0 : n.claims) || void 0 === h ? void 0 : h.preferred_username) || ((null === (p = null == n ? void 0 : n.claims) || void 0 === p ? void 0 : p.emails) ? n.claims.emails[0] : T.EMPTY_STRING),
f.name = null === (g = null == n ? void 0 : n.claims) || void 0 === g ? void 0 : g.name),
f.cloudGraphHostName = i,
f.msGraphHost = a,
f
}
,
e.createGenericAccount = function(t, r, n, o, i, a) {
var s, c, u, l, d = new e;
d.authorityType = n && n.authorityType === W.Adfs ? k.ADFS_ACCOUNT_TYPE : k.GENERIC_ACCOUNT_TYPE,
d.homeAccountId = t,
d.realm = T.EMPTY_STRING;
var h = a || n && n.getPreferredCache();
if (!h)
throw X.createInvalidCacheEnvironmentError();
return r && (d.localAccountId = (null === (s = null == r ? void 0 : r.claims) || void 0 === s ? void 0 : s.oid) || (null === (c = null == r ? void 0 : r.claims) || void 0 === c ? void 0 : c.sub) || T.EMPTY_STRING,
d.username = (null === (u = null == r ? void 0 : r.claims) || void 0 === u ? void 0 : u.upn) || T.EMPTY_STRING,
d.name = (null === (l = null == r ? void 0 : r.claims) || void 0 === l ? void 0 : l.name) || T.EMPTY_STRING,
d.idTokenClaims = null == r ? void 0 : r.claims),
d.environment = h,
d.cloudGraphHostName = o,
d.msGraphHost = i,
d
}
,
e.generateHomeAccountId = function(e, t, r, n, o) {
var i, a = (null === (i = null == o ? void 0 : o.claims) || void 0 === i ? void 0 : i.sub) ? o.claims.sub : T.EMPTY_STRING;
if (t === W.Adfs)
return a;
if (e)
try {
var s = Z(e, n);
if (!$.isEmpty(s.uid) && !$.isEmpty(s.utid))
return "" + s.uid + N.CLIENT_INFO_SEPARATOR + s.utid
} catch (e) {}
return r.verbose("No client info in response"),
a
}
,
e.isAccountEntity = function(e) {
return !!e && e.hasOwnProperty("homeAccountId") && e.hasOwnProperty("environment") && e.hasOwnProperty("realm") && e.hasOwnProperty("localAccountId") && e.hasOwnProperty("username") && e.hasOwnProperty("authorityType")
}
,
e.accountInfoIsEqual = function(e, t, r) {
if (!e || !t)
return !1;
var n = !0;
if (r) {
var o = e.idTokenClaims || {}
, i = t.idTokenClaims || {};
n = o.iat === i.iat && o.nonce === i.nonce
}
return e.homeAccountId === t.homeAccountId && e.localAccountId === t.localAccountId && e.username === t.username && e.tenantId === t.tenantId && e.environment === t.environment && e.nativeAccountId === t.nativeAccountId && n
}
,
e
}(), ne = function() {
function e() {}
return e.prototype.generateAccountId = function() {
return e.generateAccountIdForCacheKey(this.homeAccountId, this.environment)
}
,
e.prototype.generateCredentialId = function() {
return e.generateCredentialIdForCacheKey(this.credentialType, this.clientId, this.realm, this.familyId)
}
,
e.prototype.generateTarget = function() {
return e.generateTargetForCacheKey(this.target)
}
,
e.prototype.generateCredentialKey = function() {
return e.generateCredentialCacheKey(this.homeAccountId, this.environment, this.credentialType, this.clientId, this.realm, this.target, this.familyId, this.tokenType, this.requestedClaimsHash)
}
,
e.prototype.generateType = function() {
switch (this.credentialType) {
case P.ID_TOKEN:
return M.ID_TOKEN;
case P.ACCESS_TOKEN:
case P.ACCESS_TOKEN_WITH_AUTH_SCHEME:
return M.ACCESS_TOKEN;
case P.REFRESH_TOKEN:
return M.REFRESH_TOKEN;
default:
throw X.createUnexpectedCredentialTypeError()
}
}
,
e.getCredentialType = function(e) {
return -1 !== e.indexOf(P.ACCESS_TOKEN.toLowerCase()) ? -1 !== e.indexOf(P.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase()) ? P.ACCESS_TOKEN_WITH_AUTH_SCHEME : P.ACCESS_TOKEN : -1 !== e.indexOf(P.ID_TOKEN.toLowerCase()) ? P.ID_TOKEN : -1 !== e.indexOf(P.REFRESH_TOKEN.toLowerCase()) ? P.REFRESH_TOKEN : T.NOT_DEFINED
}
,
e.generateCredentialCacheKey = function(e, t, r, n, o, i, a, s, c) {
return [this.generateAccountIdForCacheKey(e, t), this.generateCredentialIdForCacheKey(r, n, o, a), this.generateTargetForCacheKey(i), this.generateClaimsHashForCacheKey(c), this.generateSchemeForCacheKey(s)].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.generateAccountIdForCacheKey = function(e, t) {
return [e, t].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.generateCredentialIdForCacheKey = function(e, t, r, n) {
return [e, e === P.REFRESH_TOKEN && n || t, r || T.EMPTY_STRING].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.generateTargetForCacheKey = function(e) {
return (e || T.EMPTY_STRING).toLowerCase()
}
,
e.generateClaimsHashForCacheKey = function(e) {
return (e || T.EMPTY_STRING).toLowerCase()
}
,
e.generateSchemeForCacheKey = function(e) {
return e && e.toLowerCase() !== F.BEARER.toLowerCase() ? e.toLowerCase() : T.EMPTY_STRING
}
,
e
}(), oe = {
redirectUriNotSet: {
code: "redirect_uri_empty",
desc: "A redirect URI is required for all calls, and none has been set."
},
postLogoutUriNotSet: {
code: "post_logout_uri_empty",
desc: "A post logout redirect has not been set."
},
claimsRequestParsingError: {
code: "claims_request_parsing_error",
desc: "Could not parse the given claims request object."
},
authorityUriInsecure: {
code: "authority_uri_insecure",
desc: "Authority URIs must use https. Please see here for valid authority configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options"
},
urlParseError: {
code: "url_parse_error",
desc: "URL could not be parsed into appropriate segments."
},
urlEmptyError: {
code: "empty_url_error",
desc: "URL was empty or null."
},
emptyScopesError: {
code: "empty_input_scopes_error",
desc: "Scopes cannot be passed as null, undefined or empty array because they are required to obtain an access token."
},
nonArrayScopesError: {
code: "nonarray_input_scopes_error",
desc: "Scopes cannot be passed as non-array."
},
clientIdSingleScopeError: {
code: "clientid_input_scopes_error",
desc: "Client ID can only be provided as a single scope."
},
invalidPrompt: {
code: "invalid_prompt_value",
desc: "Supported prompt values are 'login', 'select_account', 'consent', 'create' and 'none'. Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest"
},
invalidClaimsRequest: {
code: "invalid_claims",
desc: "Given claims parameter must be a stringified JSON object."
},
tokenRequestEmptyError: {
code: "token_request_empty",
desc: "Token request was empty and not found in cache."
},
logoutRequestEmptyError: {
code: "logout_request_empty",
desc: "The logout request was null or undefined."
},
invalidCodeChallengeMethod: {
code: "invalid_code_challenge_method",
desc: 'code_challenge_method passed is invalid. Valid values are "plain" and "S256".'
},
invalidCodeChallengeParams: {
code: "pkce_params_missing",
desc: "Both params: code_challenge and code_challenge_method are to be passed if to be sent in the request"
},
invalidCloudDiscoveryMetadata: {
code: "invalid_cloud_discovery_metadata",
desc: "Invalid cloudDiscoveryMetadata provided. Must be a stringified JSON object containing tenant_discovery_endpoint and metadata fields"
},
invalidAuthorityMetadata: {
code: "invalid_authority_metadata",
desc: "Invalid authorityMetadata provided. Must by a stringified JSON object containing authorization_endpoint, token_endpoint, issuer fields."
},
untrustedAuthority: {
code: "untrusted_authority",
desc: "The provided authority is not a trusted authority. Please include this authority in the knownAuthorities config parameter."
},
invalidAzureCloudInstance: {
code: "invalid_azure_cloud_instance",
desc: "Invalid AzureCloudInstance provided. Please refer MSAL JS docs: aks.ms/msaljs/azure_cloud_instance for valid values"
},
missingSshJwk: {
code: "missing_ssh_jwk",
desc: "Missing sshJwk in SSH certificate request. A stringified JSON Web Key is required when using the SSH authentication scheme."
},
missingSshKid: {
code: "missing_ssh_kid",
desc: "Missing sshKid in SSH certificate request. A string that uniquely identifies the public SSH key is required when using the SSH authentication scheme."
},
missingNonceAuthenticationHeader: {
code: "missing_nonce_authentication_header",
desc: "Unable to find an authentication header containing server nonce. Either the Authentication-Info or WWW-Authenticate headers must be present in order to obtain a server nonce."
},
invalidAuthenticationHeader: {
code: "invalid_authentication_header",
desc: "Invalid authentication header provided"
}
}, ie = function(e) {
function t(r, n) {
var o = e.call(this, r, n) || this;
return o.name = "ClientConfigurationError",
Object.setPrototypeOf(o, t.prototype),
o
}
return h(t, e),
t.createRedirectUriEmptyError = function() {
return new t(oe.redirectUriNotSet.code,oe.redirectUriNotSet.desc)
}
,
t.createPostLogoutRedirectUriEmptyError = function() {
return new t(oe.postLogoutUriNotSet.code,oe.postLogoutUriNotSet.desc)
}
,
t.createClaimsRequestParsingError = function(e) {
return new t(oe.claimsRequestParsingError.code,oe.claimsRequestParsingError.desc + " Given value: " + e)
}
,
t.createInsecureAuthorityUriError = function(e) {
return new t(oe.authorityUriInsecure.code,oe.authorityUriInsecure.desc + " Given URI: " + e)
}
,
t.createUrlParseError = function(e) {
return new t(oe.urlParseError.code,oe.urlParseError.desc + " Given Error: " + e)
}
,
t.createUrlEmptyError = function() {
return new t(oe.urlEmptyError.code,oe.urlEmptyError.desc)
}
,
t.createEmptyScopesArrayError = function() {
return new t(oe.emptyScopesError.code,"" + oe.emptyScopesError.desc)
}
,
t.createClientIdSingleScopeError = function(e) {
return new t(oe.clientIdSingleScopeError.code,oe.clientIdSingleScopeError.desc + " Given Scopes: " + e)
}
,
t.createInvalidPromptError = function(e) {
return new t(oe.invalidPrompt.code,oe.invalidPrompt.desc + " Given value: " + e)
}
,
t.createInvalidClaimsRequestError = function() {
return new t(oe.invalidClaimsRequest.code,oe.invalidClaimsRequest.desc)
}
,
t.createEmptyLogoutRequestError = function() {
return new t(oe.logoutRequestEmptyError.code,oe.logoutRequestEmptyError.desc)
}
,
t.createEmptyTokenRequestError = function() {
return new t(oe.tokenRequestEmptyError.code,oe.tokenRequestEmptyError.desc)
}
,
t.createInvalidCodeChallengeMethodError = function() {
return new t(oe.invalidCodeChallengeMethod.code,oe.invalidCodeChallengeMethod.desc)
}
,
t.createInvalidCodeChallengeParamsError = function() {
return new t(oe.invalidCodeChallengeParams.code,oe.invalidCodeChallengeParams.desc)
}
,
t.createInvalidCloudDiscoveryMetadataError = function() {
return new t(oe.invalidCloudDiscoveryMetadata.code,oe.invalidCloudDiscoveryMetadata.desc)
}
,
t.createInvalidAuthorityMetadataError = function() {
return new t(oe.invalidAuthorityMetadata.code,oe.invalidAuthorityMetadata.desc)
}
,
t.createUntrustedAuthorityError = function() {
return new t(oe.untrustedAuthority.code,oe.untrustedAuthority.desc)
}
,
t.createInvalidAzureCloudInstanceError = function() {
return new t(oe.invalidAzureCloudInstance.code,oe.invalidAzureCloudInstance.desc)
}
,
t.createMissingSshJwkError = function() {
return new t(oe.missingSshJwk.code,oe.missingSshJwk.desc)
}
,
t.createMissingSshKidError = function() {
return new t(oe.missingSshKid.code,oe.missingSshKid.desc)
}
,
t.createMissingNonceAuthenticationHeadersError = function() {
return new t(oe.missingNonceAuthenticationHeader.code,oe.missingNonceAuthenticationHeader.desc)
}
,
t.createInvalidAuthenticationHeaderError = function(e, r) {
return new t(oe.invalidAuthenticationHeader.code,oe.invalidAuthenticationHeader.desc + ". Invalid header: " + e + ". Details: " + r)
}
,
t
}(X), ae = function() {
function e(e) {
var t = this
, r = e ? $.trimArrayEntries(m(e)) : []
, n = r ? $.removeEmptyStringsFromArray(r) : [];
this.validateInputScopes(n),
this.scopes = new Set,
n.forEach((function(e) {
return t.scopes.add(e)
}
))
}
return e.fromString = function(t) {
return new e((t || T.EMPTY_STRING).split(" "))
}
,
e.prototype.validateInputScopes = function(e) {
if (!e || e.length < 1)
throw ie.createEmptyScopesArrayError()
}
,
e.prototype.containsScope = function(t) {
var r = new e(this.printScopesLowerCase().split(" "));
return !$.isEmpty(t) && r.scopes.has(t.toLowerCase())
}
,
e.prototype.containsScopeSet = function(e) {
var t = this;
return !(!e || e.scopes.size <= 0) && this.scopes.size >= e.scopes.size && e.asArray().every((function(e) {
return t.containsScope(e)
}
))
}
,
e.prototype.containsOnlyOIDCScopes = function() {
var e = this
, t = 0;
return S.forEach((function(r) {
e.containsScope(r) && (t += 1)
}
)),
this.scopes.size === t
}
,
e.prototype.appendScope = function(e) {
$.isEmpty(e) || this.scopes.add(e.trim())
}
,
e.prototype.appendScopes = function(e) {
var t = this;
try {
e.forEach((function(e) {
return t.appendScope(e)
}
))
} catch (e) {
throw X.createAppendScopeSetError(e)
}
}
,
e.prototype.removeScope = function(e) {
if ($.isEmpty(e))
throw X.createRemoveEmptyScopeFromSetError(e);
this.scopes.delete(e.trim())
}
,
e.prototype.removeOIDCScopes = function() {
var e = this;
S.forEach((function(t) {
e.scopes.delete(t)
}
))
}
,
e.prototype.unionScopeSets = function(e) {
if (!e)
throw X.createEmptyInputScopeSetError();
var t = new Set;
return e.scopes.forEach((function(e) {
return t.add(e.toLowerCase())
}
)),
this.scopes.forEach((function(e) {
return t.add(e.toLowerCase())
}
)),
t
}
,
e.prototype.intersectingScopeSets = function(e) {
if (!e)
throw X.createEmptyInputScopeSetError();
e.containsOnlyOIDCScopes() || e.removeOIDCScopes();
var t = this.unionScopeSets(e)
, r = e.getScopeCount()
, n = this.getScopeCount();
return t.size < n + r
}
,
e.prototype.getScopeCount = function() {
return this.scopes.size
}
,
e.prototype.asArray = function() {
var e = [];
return this.scopes.forEach((function(t) {
return e.push(t)
}
)),
e
}
,
e.prototype.printScopes = function() {
return this.scopes ? this.asArray().join(" ") : T.EMPTY_STRING
}
,
e.prototype.printScopesLowerCase = function() {
return this.printScopes().toLowerCase()
}
,
e
}(), se = function() {
function e(t, r) {
if ($.isEmpty(t))
throw X.createTokenNullOrEmptyError(t);
this.rawToken = t,
this.claims = e.extractTokenClaims(t, r)
}
return e.extractTokenClaims = function(e, t) {
var r = $.decodeAuthToken(e);
try {
var n = r.JWSPayload
, o = t.base64Decode(n);
return JSON.parse(o)
} catch (e) {
throw X.createTokenParsingError(e)
}
}
,
e
}(), ce = function() {
function e(e, t) {
this.clientId = e,
this.cryptoImpl = t
}
return e.prototype.getAllAccounts = function() {
var t = this
, r = this.getAccountsFilteredBy()
, n = Object.keys(r).map((function(e) {
return r[e]
}
));
return n.length < 1 ? [] : n.map((function(r) {
var n = e.toObject(new re, r).getAccountInfo()
, o = t.readIdTokenFromCache(t.clientId, n);
return o && !n.idTokenClaims && (n.idToken = o.secret,
n.idTokenClaims = new se(o.secret,t.cryptoImpl).claims),
n
}
))
}
,
e.prototype.saveCacheRecord = function(e) {
return g(this, void 0, void 0, (function() {
return f(this, (function(t) {
switch (t.label) {
case 0:
if (!e)
throw X.createNullOrUndefinedCacheRecord();
return e.account && this.setAccount(e.account),
e.idToken && this.setIdTokenCredential(e.idToken),
e.accessToken ? [4, this.saveAccessToken(e.accessToken)] : [3, 2];
case 1:
t.sent(),
t.label = 2;
case 2:
return e.refreshToken && this.setRefreshTokenCredential(e.refreshToken),
e.appMetadata && this.setAppMetadata(e.appMetadata),
[2]
}
}
))
}
))
}
,
e.prototype.saveAccessToken = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n, o, i = this;
return f(this, (function(a) {
switch (a.label) {
case 0:
return t = this.getCredentialsFilteredBy({
clientId: e.clientId,
credentialType: e.credentialType,
environment: e.environment,
homeAccountId: e.homeAccountId,
realm: e.realm,
tokenType: e.tokenType,
requestedClaimsHash: e.requestedClaimsHash
}),
r = ae.fromString(e.target),
(n = Object.keys(t.accessTokens).map((function(e) {
return t.accessTokens[e]
}
))) ? (o = [],
n.forEach((function(e) {
ae.fromString(e.target).intersectingScopeSets(r) && o.push(i.removeCredential(e))
}
)),
[4, Promise.all(o)]) : [3, 2];
case 1:
a.sent(),
a.label = 2;
case 2:
return this.setAccessTokenCredential(e),
[2]
}
}
))
}
))
}
,
e.prototype.getAccountsFilteredBy = function(e) {
return this.getAccountsFilteredByInternal(e ? e.homeAccountId : T.EMPTY_STRING, e ? e.environment : T.EMPTY_STRING, e ? e.realm : T.EMPTY_STRING, e ? e.nativeAccountId : T.EMPTY_STRING)
}
,
e.prototype.getAccountsFilteredByInternal = function(e, t, r, n) {
var o = this
, i = this.getKeys()
, a = {};
return i.forEach((function(i) {
var s = o.getAccount(i);
s && (e && !o.matchHomeAccountId(s, e) || t && !o.matchEnvironment(s, t) || r && !o.matchRealm(s, r) || n && !o.matchNativeAccountId(s, n) || (a[i] = s))
}
)),
a
}
,
e.prototype.getCredentialsFilteredBy = function(e) {
return this.getCredentialsFilteredByInternal(e.homeAccountId, e.environment, e.credentialType, e.clientId, e.familyId, e.realm, e.target, e.userAssertionHash, e.tokenType, e.keyId, e.requestedClaimsHash)
}
,
e.prototype.getCredentialsFilteredByInternal = function(e, t, r, n, o, i, a, s, c, u, l) {
var d = this
, h = this.getKeys()
, p = {
idTokens: {},
accessTokens: {},
refreshTokens: {}
};
return h.forEach((function(h) {
var g = ne.getCredentialType(h);
if (g !== T.NOT_DEFINED) {
var f = d.getSpecificCredential(h, g);
if (f && (!s || d.matchUserAssertionHash(f, s)) && (!e || d.matchHomeAccountId(f, e)) && (!t || d.matchEnvironment(f, t)) && (!i || d.matchRealm(f, i)) && (!r || d.matchCredentialType(f, r)) && (!n || d.matchClientId(f, n)) && (!o || d.matchFamilyId(f, o)) && (!a || d.matchTarget(f, a)) && (!l && !f.requestedClaimsHash || f.requestedClaimsHash === l)) {
if (r === P.ACCESS_TOKEN_WITH_AUTH_SCHEME) {
if (c && !d.matchTokenType(f, c))
return;
if (c === F.SSH && u && !d.matchKeyId(f, u))
return
}
var m = d.updateCredentialCacheKey(h, f);
switch (g) {
case P.ID_TOKEN:
p.idTokens[m] = f;
break;
case P.ACCESS_TOKEN:
case P.ACCESS_TOKEN_WITH_AUTH_SCHEME:
p.accessTokens[m] = f;
break;
case P.REFRESH_TOKEN:
p.refreshTokens[m] = f
}
}
}
}
)),
p
}
,
e.prototype.getAppMetadataFilteredBy = function(e) {
return this.getAppMetadataFilteredByInternal(e.environment, e.clientId)
}
,
e.prototype.getAppMetadataFilteredByInternal = function(e, t) {
var r = this
, n = this.getKeys()
, o = {};
return n.forEach((function(n) {
if (r.isAppMetadata(n)) {
var i = r.getAppMetadata(n);
i && (e && !r.matchEnvironment(i, e) || t && !r.matchClientId(i, t) || (o[n] = i))
}
}
)),
o
}
,
e.prototype.getAuthorityMetadataByAlias = function(e) {
var t = this
, r = this.getAuthorityMetadataKeys()
, n = null;
return r.forEach((function(r) {
if (t.isAuthorityMetadata(r) && -1 !== r.indexOf(t.clientId)) {
var o = t.getAuthorityMetadata(r);
o && -1 !== o.aliases.indexOf(e) && (n = o)
}
}
)),
n
}
,
e.prototype.removeAllAccounts = function() {
return g(this, void 0, void 0, (function() {
var e, t, r = this;
return f(this, (function(n) {
switch (n.label) {
case 0:
return e = this.getKeys(),
t = [],
e.forEach((function(e) {
r.getAccount(e) && t.push(r.removeAccount(e))
}
)),
[4, Promise.all(t)];
case 1:
return n.sent(),
[2, !0]
}
}
))
}
))
}
,
e.prototype.removeAccount = function(e) {
return g(this, void 0, void 0, (function() {
var t;
return f(this, (function(r) {
switch (r.label) {
case 0:
if (!(t = this.getAccount(e)))
throw X.createNoAccountFoundError();
return [4, this.removeAccountContext(t)];
case 1:
return [2, r.sent() && this.removeItem(e, O.ACCOUNT)]
}
}
))
}
))
}
,
e.prototype.removeAccountContext = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n, o = this;
return f(this, (function(i) {
switch (i.label) {
case 0:
return t = this.getKeys(),
r = e.generateAccountId(),
n = [],
t.forEach((function(e) {
var t = ne.getCredentialType(e);
if (t !== T.NOT_DEFINED) {
var i = o.getSpecificCredential(e, t);
i && r === i.generateAccountId() && n.push(o.removeCredential(i))
}
}
)),
[4, Promise.all(n)];
case 1:
return i.sent(),
[2, !0]
}
}
))
}
))
}
,
e.prototype.removeCredential = function(e) {
return g(this, void 0, void 0, (function() {
var t, r;
return f(this, (function(n) {
switch (n.label) {
case 0:
if (t = e.generateCredentialKey(),
e.credentialType.toLowerCase() !== P.ACCESS_TOKEN_WITH_AUTH_SCHEME.toLowerCase())
return [3, 4];
if (e.tokenType !== F.POP)
return [3, 4];
if (!(r = e.keyId))
return [3, 4];
n.label = 1;
case 1:
return n.trys.push([1, 3, , 4]),
[4, this.cryptoImpl.removeTokenBindingKey(r)];
case 2:
return n.sent(),
[3, 4];
case 3:
throw n.sent(),
X.createBindingKeyNotRemovedError();
case 4:
return [2, this.removeItem(t, O.CREDENTIAL)]
}
}
))
}
))
}
,
e.prototype.removeAppMetadata = function() {
var e = this;
return this.getKeys().forEach((function(t) {
e.isAppMetadata(t) && e.removeItem(t, O.APP_METADATA)
}
)),
!0
}
,
e.prototype.readCacheRecord = function(e, t, r, n) {
var o = this.readAccountFromCache(e)
, i = this.readIdTokenFromCache(t, e)
, a = this.readAccessTokenFromCache(t, e, r)
, s = this.readRefreshTokenFromCache(t, e, !1)
, c = this.readAppMetadataFromCache(n, t);
return o && i && (o.idTokenClaims = new se(i.secret,this.cryptoImpl).claims),
{
account: o,
idToken: i,
accessToken: a,
refreshToken: s,
appMetadata: c
}
}
,
e.prototype.readAccountFromCache = function(e) {
var t = re.generateAccountCacheKey(e);
return this.getAccount(t)
}
,
e.prototype.readAccountFromCacheWithNativeAccountId = function(e) {
var t = {
nativeAccountId: e
}
, r = this.getAccountsFilteredBy(t)
, n = Object.keys(r).map((function(e) {
return r[e]
}
));
if (n.length < 1)
return null;
if (n.length > 1)
throw X.createMultipleMatchingAccountsInCacheError();
return r[0]
}
,
e.prototype.readIdTokenFromCache = function(e, t) {
var r = {
homeAccountId: t.homeAccountId,
environment: t.environment,
credentialType: P.ID_TOKEN,
clientId: e,
realm: t.tenantId
}
, n = this.getCredentialsFilteredBy(r)
, o = Object.keys(n.idTokens).map((function(e) {
return n.idTokens[e]
}
))
, i = o.length;
if (i < 1)
return null;
if (i > 1)
throw X.createMultipleMatchingTokensInCacheError();
return o[0]
}
,
e.prototype.readAccessTokenFromCache = function(e, t, r) {
var n = new ae(r.scopes || [])
, o = r.authenticationScheme || F.BEARER
, i = o && o.toLowerCase() !== F.BEARER.toLowerCase() ? P.ACCESS_TOKEN_WITH_AUTH_SCHEME : P.ACCESS_TOKEN
, a = {
homeAccountId: t.homeAccountId,
environment: t.environment,
credentialType: i,
clientId: e,
realm: t.tenantId,
target: n.printScopesLowerCase(),
tokenType: o,
keyId: r.sshKid,
requestedClaimsHash: r.requestedClaimsHash
}
, s = this.getCredentialsFilteredBy(a)
, c = Object.keys(s.accessTokens).map((function(e) {
return s.accessTokens[e]
}
))
, u = c.length;
if (u < 1)
return null;
if (u > 1)
throw X.createMultipleMatchingTokensInCacheError();
return c[0]
}
,
e.prototype.readRefreshTokenFromCache = function(e, t, r) {
var n = r ? L : void 0
, o = {
homeAccountId: t.homeAccountId,
environment: t.environment,
credentialType: P.REFRESH_TOKEN,
clientId: e,
familyId: n
}
, i = this.getCredentialsFilteredBy(o)
, a = Object.keys(i.refreshTokens).map((function(e) {
return i.refreshTokens[e]
}
));
return a.length < 1 ? null : a[0]
}
,
e.prototype.readAppMetadataFromCache = function(e, t) {
var r = {
environment: e,
clientId: t
}
, n = this.getAppMetadataFilteredBy(r)
, o = Object.keys(n).map((function(e) {
return n[e]
}
))
, i = o.length;
if (i < 1)
return null;
if (i > 1)
throw X.createMultipleMatchingAppMetadataInCacheError();
return o[0]
}
,
e.prototype.isAppMetadataFOCI = function(e, t) {
var r = this.readAppMetadataFromCache(e, t);
return !(!r || r.familyId !== L)
}
,
e.prototype.matchHomeAccountId = function(e, t) {
return !(!e.homeAccountId || t !== e.homeAccountId)
}
,
e.prototype.matchUserAssertionHash = function(e, t) {
return !(!e.userAssertionHash || t !== e.userAssertionHash)
}
,
e.prototype.matchEnvironment = function(e, t) {
var r = this.getAuthorityMetadataByAlias(t);
return !!(r && r.aliases.indexOf(e.environment) > -1)
}
,
e.prototype.matchCredentialType = function(e, t) {
return e.credentialType && t.toLowerCase() === e.credentialType.toLowerCase()
}
,
e.prototype.matchClientId = function(e, t) {
return !(!e.clientId || t !== e.clientId)
}
,
e.prototype.matchFamilyId = function(e, t) {
return !(!e.familyId || t !== e.familyId)
}
,
e.prototype.matchRealm = function(e, t) {
return !(!e.realm || t !== e.realm)
}
,
e.prototype.matchNativeAccountId = function(e, t) {
return !(!e.nativeAccountId || t !== e.nativeAccountId)
}
,
e.prototype.matchTarget = function(e, t) {
if (e.credentialType !== P.ACCESS_TOKEN && e.credentialType !== P.ACCESS_TOKEN_WITH_AUTH_SCHEME || !e.target)
return !1;
var r = ae.fromString(e.target)
, n = ae.fromString(t);
return n.containsOnlyOIDCScopes() ? n.removeScope(T.OFFLINE_ACCESS_SCOPE) : n.removeOIDCScopes(),
r.containsScopeSet(n)
}
,
e.prototype.matchTokenType = function(e, t) {
return !(!e.tokenType || e.tokenType !== t)
}
,
e.prototype.matchKeyId = function(e, t) {
return !(!e.keyId || e.keyId !== t)
}
,
e.prototype.isAppMetadata = function(e) {
return -1 !== e.indexOf(H)
}
,
e.prototype.isAuthorityMetadata = function(e) {
return -1 !== e.indexOf(D)
}
,
e.prototype.generateAuthorityMetadataCacheKey = function(e) {
return "authority-metadata-" + this.clientId + "-" + e
}
,
e.prototype.getSpecificCredential = function(e, t) {
switch (t) {
case P.ID_TOKEN:
return this.getIdTokenCredential(e);
case P.ACCESS_TOKEN:
case P.ACCESS_TOKEN_WITH_AUTH_SCHEME:
return this.getAccessTokenCredential(e);
case P.REFRESH_TOKEN:
return this.getRefreshTokenCredential(e);
default:
return null
}
}
,
e.toObject = function(e, t) {
for (var r in t)
e[r] = t[r];
return e
}
,
e
}(), ue = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return h(t, e),
t.prototype.setAccount = function() {
throw J.createUnexpectedError("Storage interface - setAccount() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getAccount = function() {
throw J.createUnexpectedError("Storage interface - getAccount() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setIdTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - setIdTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getIdTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - getIdTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setAccessTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - setAccessTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getAccessTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - getAccessTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setRefreshTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - setRefreshTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getRefreshTokenCredential = function() {
throw J.createUnexpectedError("Storage interface - getRefreshTokenCredential() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setAppMetadata = function() {
throw J.createUnexpectedError("Storage interface - setAppMetadata() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getAppMetadata = function() {
throw J.createUnexpectedError("Storage interface - getAppMetadata() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setServerTelemetry = function() {
throw J.createUnexpectedError("Storage interface - setServerTelemetry() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getServerTelemetry = function() {
throw J.createUnexpectedError("Storage interface - getServerTelemetry() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setAuthorityMetadata = function() {
throw J.createUnexpectedError("Storage interface - setAuthorityMetadata() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getAuthorityMetadata = function() {
throw J.createUnexpectedError("Storage interface - getAuthorityMetadata() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getAuthorityMetadataKeys = function() {
throw J.createUnexpectedError("Storage interface - getAuthorityMetadataKeys() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.setThrottlingCache = function() {
throw J.createUnexpectedError("Storage interface - setThrottlingCache() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getThrottlingCache = function() {
throw J.createUnexpectedError("Storage interface - getThrottlingCache() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.removeItem = function() {
throw J.createUnexpectedError("Storage interface - removeItem() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.containsKey = function() {
throw J.createUnexpectedError("Storage interface - containsKey() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.getKeys = function() {
throw J.createUnexpectedError("Storage interface - getKeys() has not been implemented for the cacheStorage interface.")
}
,
t.prototype.clear = function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Storage interface - clear() has not been implemented for the cacheStorage interface.")
}
))
}
))
}
,
t.prototype.updateCredentialCacheKey = function() {
throw J.createUnexpectedError("Storage interface - updateCredentialCacheKey() has not been implemented for the cacheStorage interface.")
}
,
t
}(ce), le = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return h(t, e),
t.createIdTokenEntity = function(e, r, n, o, i) {
var a = new t;
return a.credentialType = P.ID_TOKEN,
a.homeAccountId = e,
a.environment = r,
a.clientId = o,
a.secret = n,
a.realm = i,
a
}
,
t.isIdTokenEntity = function(e) {
return !!e && e.hasOwnProperty("homeAccountId") && e.hasOwnProperty("environment") && e.hasOwnProperty("credentialType") && e.hasOwnProperty("realm") && e.hasOwnProperty("clientId") && e.hasOwnProperty("secret") && e.credentialType === P.ID_TOKEN
}
,
t
}(ne), de = function() {
function e() {}
return e.nowSeconds = function() {
return Math.round((new Date).getTime() / 1e3)
}
,
e.isTokenExpired = function(t, r) {
var n = Number(t) || 0;
return e.nowSeconds() + r > n
}
,
e.wasClockTurnedBack = function(t) {
return Number(t) > e.nowSeconds()
}
,
e.delay = function(e, t) {
return new Promise((function(r) {
return setTimeout((function() {
return r(t)
}
), e)
}
))
}
,
e
}(), he = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return h(t, e),
t.createAccessTokenEntity = function(e, r, n, o, i, a, s, c, u, l, d, h, p, g, f) {
var m, v, y = new t;
y.homeAccountId = e,
y.credentialType = P.ACCESS_TOKEN,
y.secret = n;
var E = de.nowSeconds();
if (y.cachedAt = E.toString(),
y.expiresOn = s.toString(),
y.extendedExpiresOn = c.toString(),
l && (y.refreshOn = l.toString()),
y.environment = r,
y.clientId = o,
y.realm = i,
y.target = a,
y.userAssertionHash = h,
y.tokenType = $.isEmpty(d) ? F.BEARER : d,
g && (y.requestedClaims = g,
y.requestedClaimsHash = f),
(null === (m = y.tokenType) || void 0 === m ? void 0 : m.toLowerCase()) !== F.BEARER.toLowerCase())
switch (y.credentialType = P.ACCESS_TOKEN_WITH_AUTH_SCHEME,
y.tokenType) {
case F.POP:
var _ = se.extractTokenClaims(n, u);
if (!(null === (v = null == _ ? void 0 : _.cnf) || void 0 === v ? void 0 : v.kid))
throw X.createTokenClaimsRequiredError();
y.keyId = _.cnf.kid;
break;
case F.SSH:
y.keyId = p
}
return y
}
,
t.isAccessTokenEntity = function(e) {
return !!e && e.hasOwnProperty("homeAccountId") && e.hasOwnProperty("environment") && e.hasOwnProperty("credentialType") && e.hasOwnProperty("realm") && e.hasOwnProperty("clientId") && e.hasOwnProperty("secret") && e.hasOwnProperty("target") && (e.credentialType === P.ACCESS_TOKEN || e.credentialType === P.ACCESS_TOKEN_WITH_AUTH_SCHEME)
}
,
t
}(ne), pe = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return h(t, e),
t.createRefreshTokenEntity = function(e, r, n, o, i, a) {
var s = new t;
return s.clientId = o,
s.credentialType = P.REFRESH_TOKEN,
s.environment = r,
s.homeAccountId = e,
s.secret = n,
s.userAssertionHash = a,
i && (s.familyId = i),
s
}
,
t.isRefreshTokenEntity = function(e) {
return !!e && e.hasOwnProperty("homeAccountId") && e.hasOwnProperty("environment") && e.hasOwnProperty("credentialType") && e.hasOwnProperty("clientId") && e.hasOwnProperty("secret") && e.credentialType === P.REFRESH_TOKEN
}
,
t
}(ne), ge = function() {
function e() {}
return e.prototype.generateAppMetadataKey = function() {
return e.generateAppMetadataCacheKey(this.environment, this.clientId)
}
,
e.generateAppMetadataCacheKey = function(e, t) {
return [H, e, t].join(N.CACHE_KEY_SEPARATOR).toLowerCase()
}
,
e.createAppMetadataEntity = function(t, r, n) {
var o = new e;
return o.clientId = t,
o.environment = r,
n && (o.familyId = n),
o
}
,
e.isAppMetadataEntity = function(e, t) {
return !!t && 0 === e.indexOf(H) && t.hasOwnProperty("clientId") && t.hasOwnProperty("environment")
}
,
e
}(), fe = function() {
function e() {
this.failedRequests = [],
this.errors = [],
this.cacheHits = 0
}
return e.isServerTelemetryEntity = function(e, t) {
var r = 0 === e.indexOf(x.CACHE_KEY)
, n = !0;
return t && (n = t.hasOwnProperty("failedRequests") && t.hasOwnProperty("errors") && t.hasOwnProperty("cacheHits")),
r && n
}
,
e
}(), me = function() {
function e() {
this.expiresAt = de.nowSeconds() + 86400
}
return e.prototype.updateCloudDiscoveryMetadata = function(e, t) {
this.aliases = e.aliases,
this.preferred_cache = e.preferred_cache,
this.preferred_network = e.preferred_network,
this.aliasesFromNetwork = t
}
,
e.prototype.updateEndpointMetadata = function(e, t) {
this.authorization_endpoint = e.authorization_endpoint,
this.token_endpoint = e.token_endpoint,
this.end_session_endpoint = e.end_session_endpoint,
this.issuer = e.issuer,
this.endpointsFromNetwork = t,
this.jwks_uri = e.jwks_uri
}
,
e.prototype.updateCanonicalAuthority = function(e) {
this.canonical_authority = e
}
,
e.prototype.resetExpiresAt = function() {
this.expiresAt = de.nowSeconds() + 86400
}
,
e.prototype.isExpired = function() {
return this.expiresAt <= de.nowSeconds()
}
,
e.isAuthorityMetadataEntity = function(e, t) {
return !!t && 0 === e.indexOf(D) && t.hasOwnProperty("aliases") && t.hasOwnProperty("preferred_cache") && t.hasOwnProperty("preferred_network") && t.hasOwnProperty("canonical_authority") && t.hasOwnProperty("authorization_endpoint") && t.hasOwnProperty("token_endpoint") && t.hasOwnProperty("issuer") && t.hasOwnProperty("aliasesFromNetwork") && t.hasOwnProperty("endpointsFromNetwork") && t.hasOwnProperty("expiresAt") && t.hasOwnProperty("jwks_uri")
}
,
e
}(), ve = function() {
function e() {}
return e.isThrottlingEntity = function(e, t) {
var r = !1;
e && (r = 0 === e.indexOf("throttling"));
var n = !0;
return t && (n = t.hasOwnProperty("throttleTime")),
r && n
}
,
e
}(), ye = function() {
function e() {}
return e.setRequestState = function(t, r, n) {
var o = e.generateLibraryState(t, n);
return $.isEmpty(r) ? o : "" + o + T.RESOURCE_DELIM + r
}
,
e.generateLibraryState = function(e, t) {
if (!e)
throw X.createNoCryptoObjectError("generateLibraryState");
var r = {
id: e.createNewGuid()
};
t && (r.meta = t);
var n = JSON.stringify(r);
return e.base64Encode(n)
}
,
e.parseRequestState = function(e, t) {
if (!e)
throw X.createNoCryptoObjectError("parseRequestState");
if ($.isEmpty(t))
throw X.createInvalidStateError(t, "Null, undefined or empty state");
try {
var r = t.split(T.RESOURCE_DELIM)
, n = r[0]
, o = r.length > 1 ? r.slice(1).join(T.RESOURCE_DELIM) : T.EMPTY_STRING
, i = e.base64Decode(n)
, a = JSON.parse(i);
return {
userRequestState: $.isEmpty(o) ? T.EMPTY_STRING : o,
libraryState: a
}
} catch (e) {
throw X.createInvalidStateError(t, e)
}
}
,
e
}();
!function(e) {
e.HOME_ACCOUNT_ID = "home_account_id",
e.UPN = "UPN"
}(te || (te = {}));
var Ee, _e, Ce, Te, we, Se, Ie, Ae, be = {
createNewGuid: function() {
throw J.createUnexpectedError("Crypto interface - createNewGuid() has not been implemented")
},
base64Decode: function() {
throw J.createUnexpectedError("Crypto interface - base64Decode() has not been implemented")
},
base64Encode: function() {
throw J.createUnexpectedError("Crypto interface - base64Encode() has not been implemented")
},
generatePkceCodes: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - generatePkceCodes() has not been implemented")
}
))
}
))
},
getPublicKeyThumbprint: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - getPublicKeyThumbprint() has not been implemented")
}
))
}
))
},
removeTokenBindingKey: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - removeTokenBindingKey() has not been implemented")
}
))
}
))
},
clearKeystore: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - clearKeystore() has not been implemented")
}
))
}
))
},
signJwt: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - signJwt() has not been implemented")
}
))
}
))
},
hashString: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Crypto interface - hashString() has not been implemented")
}
))
}
))
}
}, Re = {
pkceNotGenerated: {
code: "pkce_not_created",
desc: "The PKCE code challenge and verifier could not be generated."
},
cryptoDoesNotExist: {
code: "crypto_nonexistent",
desc: "The crypto object or function is not available."
},
httpMethodNotImplementedError: {
code: "http_method_not_implemented",
desc: "The HTTP method given has not been implemented in this library."
},
emptyNavigateUriError: {
code: "empty_navigate_uri",
desc: "Navigation URI is empty. Please check stack trace for more info."
},
hashEmptyError: {
code: "hash_empty_error",
desc: "Hash value cannot be processed because it is empty. Please verify that your redirectUri is not clearing the hash. For more visit: aka.ms/msaljs/browser-errors."
},
hashDoesNotContainStateError: {
code: "no_state_in_hash",
desc: "Hash does not contain state. Please verify that the request originated from msal."
},
hashDoesNotContainKnownPropertiesError: {
code: "hash_does_not_contain_known_properties",
desc: "Hash does not contain known properites. Please verify that your redirectUri is not changing the hash. For more visit: aka.ms/msaljs/browser-errors."
},
unableToParseStateError: {
code: "unable_to_parse_state",
desc: "Unable to parse state. Please verify that the request originated from msal."
},
stateInteractionTypeMismatchError: {
code: "state_interaction_type_mismatch",
desc: "Hash contains state but the interaction type does not match the caller."
},
interactionInProgress: {
code: "interaction_in_progress",
desc: "Interaction is currently in progress. Please ensure that this interaction has been completed before calling an interactive API. For more visit: aka.ms/msaljs/browser-errors."
},
popupWindowError: {
code: "popup_window_error",
desc: "Error opening popup window. This can happen if you are using IE or if popups are blocked in the browser."
},
emptyWindowError: {
code: "empty_window_error",
desc: "window.open returned null or undefined window object."
},
userCancelledError: {
code: "user_cancelled",
desc: "User cancelled the flow."
},
monitorPopupTimeoutError: {
code: "monitor_window_timeout",
desc: "Token acquisition in popup failed due to timeout. For more visit: aka.ms/msaljs/browser-errors."
},
monitorIframeTimeoutError: {
code: "monitor_window_timeout",
desc: "Token acquisition in iframe failed due to timeout. For more visit: aka.ms/msaljs/browser-errors."
},
redirectInIframeError: {
code: "redirect_in_iframe",
desc: "Redirects are not supported for iframed or brokered applications. Please ensure you are using MSAL.js in a top frame of the window if using the redirect APIs, or use the popup APIs."
},
blockTokenRequestsInHiddenIframeError: {
code: "block_iframe_reload",
desc: "Request was blocked inside an iframe because MSAL detected an authentication response. For more visit: aka.ms/msaljs/browser-errors"
},
blockAcquireTokenInPopupsError: {
code: "block_nested_popups",
desc: "Request was blocked inside a popup because MSAL detected it was running in a popup."
},
iframeClosedPrematurelyError: {
code: "iframe_closed_prematurely",
desc: "The iframe being monitored was closed prematurely."
},
silentLogoutUnsupportedError: {
code: "silent_logout_unsupported",
desc: "Silent logout not supported. Please call logoutRedirect or logoutPopup instead."
},
noAccountError: {
code: "no_account_error",
desc: "No account object provided to acquireTokenSilent and no active account has been set. Please call setActiveAccount or provide an account on the request."
},
silentPromptValueError: {
code: "silent_prompt_value_error",
desc: "The value given for the prompt value is not valid for silent requests - must be set to 'none'."
},
noTokenRequestCacheError: {
code: "no_token_request_cache_error",
desc: "No token request found in cache."
},
unableToParseTokenRequestCacheError: {
code: "unable_to_parse_token_request_cache_error",
desc: "The cached token request could not be parsed."
},
noCachedAuthorityError: {
code: "no_cached_authority_error",
desc: "No cached authority found."
},
authRequestNotSet: {
code: "auth_request_not_set_error",
desc: "Auth Request not set. Please ensure initiateAuthRequest was called from the InteractionHandler"
},
invalidCacheType: {
code: "invalid_cache_type",
desc: "Invalid cache type"
},
notInBrowserEnvironment: {
code: "non_browser_environment",
desc: "Login and token requests are not supported in non-browser environments."
},
databaseNotOpen: {
code: "database_not_open",
desc: "Database is not open!"
},
noNetworkConnectivity: {
code: "no_network_connectivity",
desc: "No network connectivity. Check your internet connection."
},
postRequestFailed: {
code: "post_request_failed",
desc: "Network request failed: If the browser threw a CORS error, check that the redirectUri is registered in the Azure App Portal as type 'SPA'"
},
getRequestFailed: {
code: "get_request_failed",
desc: "Network request failed. Please check the network trace to determine root cause."
},
failedToParseNetworkResponse: {
code: "failed_to_parse_response",
desc: "Failed to parse network response. Check network trace."
},
unableToLoadTokenError: {
code: "unable_to_load_token",
desc: "Error loading token to cache."
},
signingKeyNotFoundInStorage: {
code: "crypto_key_not_found",
desc: "Cryptographic Key or Keypair not found in browser storage."
},
authCodeRequired: {
code: "auth_code_required",
desc: "An authorization code must be provided (as the `code` property on the request) to this flow."
},
authCodeOrNativeAccountRequired: {
code: "auth_code_or_nativeAccountId_required",
desc: "An authorization code or nativeAccountId must be provided to this flow."
},
databaseUnavailable: {
code: "database_unavailable",
desc: "IndexedDB, which is required for persistent cryptographic key storage, is unavailable. This may be caused by browser privacy features which block persistent storage in third-party contexts."
},
unableToAcquireTokenFromNativePlatform: {
code: "unable_to_acquire_token_from_native_platform",
desc: "Unable to acquire token from native platform. For a list of possible reasons visit aka.ms/msaljs/browser-errors."
},
nativeHandshakeTimeout: {
code: "native_handshake_timeout",
desc: "Timed out while attempting to establish connection to browser extension"
},
nativeExtensionNotInstalled: {
code: "native_extension_not_installed",
desc: "Native extension is not installed. If you think this is a mistake call the initialize function."
},
nativeConnectionNotEstablished: {
code: "native_connection_not_established",
desc: "Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). For more please visit aka.ms/msaljs/browser-errors."
},
nativeBrokerCalledBeforeInitialize: {
code: "native_broker_called_before_initialize",
desc: "You must call and await the initialize function before attempting to call any other MSAL API when native brokering is enabled. For more please visit aka.ms/msaljs/browser-errors."
},
nativePromptNotSupported: {
code: "native_prompt_not_supported",
desc: "The provided prompt is not supported by the native platform. This request should be routed to the web based flow."
}
}, ke = function(e) {
function t(r, n) {
var o = e.call(this, r, n) || this;
return Object.setPrototypeOf(o, t.prototype),
o.name = "BrowserAuthError",
o
}
return i(t, e),
t.createPkceNotGeneratedError = function(e) {
return new t(Re.pkceNotGenerated.code,Re.pkceNotGenerated.desc + " Detail:" + e)
}
,
t.createCryptoNotAvailableError = function(e) {
return new t(Re.cryptoDoesNotExist.code,Re.cryptoDoesNotExist.desc + " Detail:" + e)
}
,
t.createHttpMethodNotImplementedError = function(e) {
return new t(Re.httpMethodNotImplementedError.code,Re.httpMethodNotImplementedError.desc + " Given Method: " + e)
}
,
t.createEmptyNavigationUriError = function() {
return new t(Re.emptyNavigateUriError.code,Re.emptyNavigateUriError.desc)
}
,
t.createEmptyHashError = function(e) {
return new t(Re.hashEmptyError.code,Re.hashEmptyError.desc + " Given Url: " + e)
}
,
t.createHashDoesNotContainStateError = function() {
return new t(Re.hashDoesNotContainStateError.code,Re.hashDoesNotContainStateError.desc)
}
,
t.createHashDoesNotContainKnownPropertiesError = function() {
return new t(Re.hashDoesNotContainKnownPropertiesError.code,Re.hashDoesNotContainKnownPropertiesError.desc)
}
,
t.createUnableToParseStateError = function() {
return new t(Re.unableToParseStateError.code,Re.unableToParseStateError.desc)
}
,
t.createStateInteractionTypeMismatchError = function() {
return new t(Re.stateInteractionTypeMismatchError.code,Re.stateInteractionTypeMismatchError.desc)
}
,
t.createInteractionInProgressError = function() {
return new t(Re.interactionInProgress.code,Re.interactionInProgress.desc)
}
,
t.createPopupWindowError = function(e) {
var r = Re.popupWindowError.desc;
return r = $.isEmpty(e) ? r : r + " Details: " + e,
new t(Re.popupWindowError.code,r)
}
,
t.createEmptyWindowCreatedError = function() {
return new t(Re.emptyWindowError.code,Re.emptyWindowError.desc)
}
,
t.createUserCancelledError = function() {
return new t(Re.userCancelledError.code,Re.userCancelledError.desc)
}
,
t.createMonitorPopupTimeoutError = function() {
return new t(Re.monitorPopupTimeoutError.code,Re.monitorPopupTimeoutError.desc)
}
,
t.createMonitorIframeTimeoutError = function() {
return new t(Re.monitorIframeTimeoutError.code,Re.monitorIframeTimeoutError.desc)
}
,
t.createRedirectInIframeError = function(e) {
return new t(Re.redirectInIframeError.code,Re.redirectInIframeError.desc + " (window.parent !== window) => " + e)
}
,
t.createBlockReloadInHiddenIframeError = function() {
return new t(Re.blockTokenRequestsInHiddenIframeError.code,Re.blockTokenRequestsInHiddenIframeError.desc)
}
,
t.createBlockAcquireTokenInPopupsError = function() {
return new t(Re.blockAcquireTokenInPopupsError.code,Re.blockAcquireTokenInPopupsError.desc)
}
,
t.createIframeClosedPrematurelyError = function() {
return new t(Re.iframeClosedPrematurelyError.code,Re.iframeClosedPrematurelyError.desc)
}
,
t.createSilentLogoutUnsupportedError = function() {
return new t(Re.silentLogoutUnsupportedError.code,Re.silentLogoutUnsupportedError.desc)
}
,
t.createNoAccountError = function() {
return new t(Re.noAccountError.code,Re.noAccountError.desc)
}
,
t.createSilentPromptValueError = function(e) {
return new t(Re.silentPromptValueError.code,Re.silentPromptValueError.desc + " Given value: " + e)
}
,
t.createUnableToParseTokenRequestCacheError = function() {
return new t(Re.unableToParseTokenRequestCacheError.code,Re.unableToParseTokenRequestCacheError.desc)
}
,
t.createNoTokenRequestCacheError = function() {
return new t(Re.noTokenRequestCacheError.code,Re.noTokenRequestCacheError.desc)
}
,
t.createAuthRequestNotSetError = function() {
return new t(Re.authRequestNotSet.code,Re.authRequestNotSet.desc)
}
,
t.createNoCachedAuthorityError = function() {
return new t(Re.noCachedAuthorityError.code,Re.noCachedAuthorityError.desc)
}
,
t.createInvalidCacheTypeError = function() {
return new t(Re.invalidCacheType.code,"" + Re.invalidCacheType.desc)
}
,
t.createNonBrowserEnvironmentError = function() {
return new t(Re.notInBrowserEnvironment.code,Re.notInBrowserEnvironment.desc)
}
,
t.createDatabaseNotOpenError = function() {
return new t(Re.databaseNotOpen.code,Re.databaseNotOpen.desc)
}
,
t.createNoNetworkConnectivityError = function() {
return new t(Re.noNetworkConnectivity.code,Re.noNetworkConnectivity.desc)
}
,
t.createPostRequestFailedError = function(e, r) {
return new t(Re.postRequestFailed.code,Re.postRequestFailed.desc + " | Network client threw: " + e + " | Attempted to reach: " + r.split("?")[0])
}
,
t.createGetRequestFailedError = function(e, r) {
return new t(Re.getRequestFailed.code,Re.getRequestFailed.desc + " | Network client threw: " + e + " | Attempted to reach: " + r.split("?")[0])
}
,
t.createFailedToParseNetworkResponseError = function(e) {
return new t(Re.failedToParseNetworkResponse.code,Re.failedToParseNetworkResponse.desc + " | Attempted to reach: " + e.split("?")[0])
}
,
t.createUnableToLoadTokenError = function(e) {
return new t(Re.unableToLoadTokenError.code,Re.unableToLoadTokenError.desc + " | " + e)
}
,
t.createSigningKeyNotFoundInStorageError = function(e) {
return new t(Re.signingKeyNotFoundInStorage.code,Re.signingKeyNotFoundInStorage.desc + " | No match found for KeyId: " + e)
}
,
t.createAuthCodeRequiredError = function() {
return new t(Re.authCodeRequired.code,Re.authCodeRequired.desc)
}
,
t.createAuthCodeOrNativeAccountIdRequiredError = function() {
return new t(Re.authCodeOrNativeAccountRequired.code,Re.authCodeOrNativeAccountRequired.desc)
}
,
t.createDatabaseUnavailableError = function() {
return new t(Re.databaseUnavailable.code,Re.databaseUnavailable.desc)
}
,
t.createUnableToAcquireTokenFromNativePlatformError = function() {
return new t(Re.unableToAcquireTokenFromNativePlatform.code,Re.unableToAcquireTokenFromNativePlatform.desc)
}
,
t.createNativeHandshakeTimeoutError = function() {
return new t(Re.nativeHandshakeTimeout.code,Re.nativeHandshakeTimeout.desc)
}
,
t.createNativeExtensionNotInstalledError = function() {
return new t(Re.nativeExtensionNotInstalled.code,Re.nativeExtensionNotInstalled.desc)
}
,
t.createNativeConnectionNotEstablishedError = function() {
return new t(Re.nativeConnectionNotEstablished.code,Re.nativeConnectionNotEstablished.desc)
}
,
t.createNativeBrokerCalledBeforeInitialize = function() {
return new t(Re.nativeBrokerCalledBeforeInitialize.code,Re.nativeBrokerCalledBeforeInitialize.desc)
}
,
t.createNativePromptParameterNotSupportedError = function() {
return new t(Re.nativePromptNotSupported.code,Re.nativePromptNotSupported.desc)
}
,
t
}(J), Ne = {
INTERACTION_IN_PROGRESS_VALUE: "interaction_in_progress",
INVALID_GRANT_ERROR: "invalid_grant",
POPUP_WIDTH: 483,
POPUP_HEIGHT: 600,
POPUP_NAME_PREFIX: "msal",
POLL_INTERVAL_MS: 50,
MSAL_SKU: "msal.js.browser"
}, Pe = "53ee284d-920a-4b59-9d30-a60315b26836";
!function(e) {
e.HandshakeRequest = "Handshake",
e.HandshakeResponse = "HandshakeResponse",
e.GetToken = "GetToken",
e.Response = "Response"
}(Ee || (Ee = {})),
function(e) {
e.LocalStorage = "localStorage",
e.SessionStorage = "sessionStorage",
e.MemoryStorage = "memoryStorage"
}(_e || (_e = {})),
function(e) {
e.GET = "GET",
e.POST = "POST"
}(Ce || (Ce = {})),
function(e) {
e.AUTHORITY = "authority",
e.ACQUIRE_TOKEN_ACCOUNT = "acquireToken.account",
e.SESSION_STATE = "session.state",
e.REQUEST_STATE = "request.state",
e.NONCE_IDTOKEN = "nonce.id_token",
e.ORIGIN_URI = "request.origin",
e.RENEW_STATUS = "token.renew.status",
e.URL_HASH = "urlHash",
e.REQUEST_PARAMS = "request.params",
e.SCOPES = "scopes",
e.INTERACTION_STATUS_KEY = "interaction.status",
e.CCS_CREDENTIAL = "ccs.credential",
e.CORRELATION_ID = "request.correlationId",
e.NATIVE_REQUEST = "request.native"
}(Te || (Te = {})),
function(e) {
e.WRAPPER_SKU = "wrapper.sku",
e.WRAPPER_VER = "wrapper.version"
}(we || (we = {})),
function(e) {
e[e.acquireTokenRedirect = 861] = "acquireTokenRedirect",
e[e.acquireTokenPopup = 862] = "acquireTokenPopup",
e[e.ssoSilent = 863] = "ssoSilent",
e[e.acquireTokenSilent_authCode = 864] = "acquireTokenSilent_authCode",
e[e.handleRedirectPromise = 865] = "handleRedirectPromise",
e[e.acquireTokenByCode = 866] = "acquireTokenByCode",
e[e.acquireTokenSilent_silentFlow = 61] = "acquireTokenSilent_silentFlow",
e[e.logout = 961] = "logout",
e[e.logoutPopup = 962] = "logoutPopup"
}(Se || (Se = {})),
function(e) {
e.Redirect = "redirect",
e.Popup = "popup",
e.Silent = "silent",
e.None = "none"
}(Ie || (Ie = {})),
function(e) {
e.Startup = "startup",
e.Login = "login",
e.Logout = "logout",
e.AcquireToken = "acquireToken",
e.SsoSilent = "ssoSilent",
e.HandleRedirect = "handleRedirect",
e.None = "none"
}(Ae || (Ae = {}));
var Oe, Me = {
scopes: w
}, Ue = "jwk";
!function(e) {
e.React = "@azure/msal-react",
e.Angular = "@azure/msal-angular"
}(Oe || (Oe = {}));
var qe, He = "msal.db", Le = {
redirectUriNotSet: {
code: "redirect_uri_empty",
desc: "A redirect URI is required for all calls, and none has been set."
},
postLogoutUriNotSet: {
code: "post_logout_uri_empty",
desc: "A post logout redirect has not been set."
},
storageNotSupportedError: {
code: "storage_not_supported",
desc: "Given storage configuration option was not supported."
},
noRedirectCallbacksSet: {
code: "no_redirect_callbacks",
desc: "No redirect callbacks have been set. Please call setRedirectCallbacks() with the appropriate function arguments before continuing. More information is available here: https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/MSAL-basics."
},
invalidCallbackObject: {
code: "invalid_callback_object",
desc: "The object passed for the callback was invalid. More information is available here: https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/MSAL-basics."
},
stubPcaInstanceCalled: {
code: "stubbed_public_client_application_called",
desc: "Stub instance of Public Client Application was called. If using msal-react, please ensure context is not used without a provider. For more visit: aka.ms/msaljs/browser-errors"
},
inMemRedirectUnavailable: {
code: "in_mem_redirect_unavailable",
desc: "Redirect cannot be supported. In-memory storage was selected and storeAuthStateInCookie=false, which would cause the library to be unable to handle the incoming hash. If you would like to use the redirect API, please use session/localStorage or set storeAuthStateInCookie=true."
}
}, De = function(e) {
function t(r, n) {
var o = e.call(this, r, n) || this;
return o.name = "BrowserConfigurationAuthError",
Object.setPrototypeOf(o, t.prototype),
o
}
return i(t, e),
t.createRedirectUriEmptyError = function() {
return new t(Le.redirectUriNotSet.code,Le.redirectUriNotSet.desc)
}
,
t.createPostLogoutRedirectUriEmptyError = function() {
return new t(Le.postLogoutUriNotSet.code,Le.postLogoutUriNotSet.desc)
}
,
t.createStorageNotSupportedError = function(e) {
return new t(Le.storageNotSupportedError.code,Le.storageNotSupportedError.desc + " Given Location: " + e)
}
,
t.createRedirectCallbacksNotSetError = function() {
return new t(Le.noRedirectCallbacksSet.code,Le.noRedirectCallbacksSet.desc)
}
,
t.createStubPcaInstanceCalledError = function() {
return new t(Le.stubPcaInstanceCalled.code,Le.stubPcaInstanceCalled.desc)
}
,
t.createInMemoryRedirectUnavailableError = function() {
return new t(Le.inMemRedirectUnavailable.code,Le.inMemRedirectUnavailable.desc)
}
,
t
}(J), Fe = function() {
function e(e) {
this.validateWindowStorage(e),
this.windowStorage = window[e]
}
return e.prototype.validateWindowStorage = function(e) {
if (e !== _e.LocalStorage && e !== _e.SessionStorage)
throw De.createStorageNotSupportedError(e);
if (!window[e])
throw De.createStorageNotSupportedError(e)
}
,
e.prototype.getItem = function(e) {
return this.windowStorage.getItem(e)
}
,
e.prototype.setItem = function(e, t) {
this.windowStorage.setItem(e, t)
}
,
e.prototype.removeItem = function(e) {
this.windowStorage.removeItem(e)
}
,
e.prototype.getKeys = function() {
return Object.keys(this.windowStorage)
}
,
e.prototype.containsKey = function(e) {
return this.windowStorage.hasOwnProperty(e)
}
,
e
}(), xe = function() {
function e() {
this.cache = new Map
}
return e.prototype.getItem = function(e) {
return this.cache.get(e) || null
}
,
e.prototype.setItem = function(e, t) {
this.cache.set(e, t)
}
,
e.prototype.removeItem = function(e) {
this.cache.delete(e)
}
,
e.prototype.getKeys = function() {
var e = [];
return this.cache.forEach((function(t, r) {
e.push(r)
}
)),
e
}
,
e.prototype.containsKey = function(e) {
return this.cache.has(e)
}
,
e.prototype.clear = function() {
this.cache.clear()
}
,
e
}(), Ke = function() {
function e(t) {
if (this._urlString = t,
$.isEmpty(this._urlString))
throw ie.createUrlEmptyError();
$.isEmpty(this.getHash()) && (this._urlString = e.canonicalizeUri(t))
}
return Object.defineProperty(e.prototype, "urlString", {
get: function() {
return this._urlString
},
enumerable: !1,
configurable: !0
}),
e.canonicalizeUri = function(e) {
if (e) {
var t = e.toLowerCase();
return $.endsWith(t, "?") ? t = t.slice(0, -1) : $.endsWith(t, "?/") && (t = t.slice(0, -2)),
$.endsWith(t, "/") || (t += "/"),
t
}
return e
}
,
e.prototype.validateAsUri = function() {
var e;
try {
e = this.getUrlComponents()
} catch (e) {
throw ie.createUrlParseError(e)
}
if (!e.HostNameAndPort || !e.PathSegments)
throw ie.createUrlParseError("Given url string: " + this.urlString);
if (!e.Protocol || "https:" !== e.Protocol.toLowerCase())
throw ie.createInsecureAuthorityUriError(this.urlString)
}
,
e.appendQueryString = function(e, t) {
return $.isEmpty(t) ? e : e.indexOf("?") < 0 ? e + "?" + t : e + "&" + t
}
,
e.removeHashFromUrl = function(t) {
return e.canonicalizeUri(t.split("#")[0])
}
,
e.prototype.replaceTenantPath = function(t) {
var r = this.getUrlComponents()
, n = r.PathSegments;
return !t || 0 === n.length || n[0] !== E.COMMON && n[0] !== E.ORGANIZATIONS || (n[0] = t),
e.constructAuthorityUriFromObject(r)
}
,
e.prototype.getHash = function() {
return e.parseHash(this.urlString)
}
,
e.prototype.getUrlComponents = function() {
var e = RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?")
, t = this.urlString.match(e);
if (!t)
throw ie.createUrlParseError("Given url string: " + this.urlString);
var r = {
Protocol: t[1],
HostNameAndPort: t[4],
AbsolutePath: t[5],
QueryString: t[7]
}
, n = r.AbsolutePath.split("/");
return n = n.filter((function(e) {
return e && e.length > 0
}
)),
r.PathSegments = n,
!$.isEmpty(r.QueryString) && r.QueryString.endsWith("/") && (r.QueryString = r.QueryString.substring(0, r.QueryString.length - 1)),
r
}
,
e.getDomainFromUrl = function(e) {
var t = RegExp("^([^:/?#]+://)?([^/?#]*)")
, r = e.match(t);
if (!r)
throw ie.createUrlParseError("Given url string: " + e);
return r[2]
}
,
e.getAbsoluteUrl = function(t, r) {
if (t[0] === T.FORWARD_SLASH) {
var n = new e(r).getUrlComponents();
return n.Protocol + "//" + n.HostNameAndPort + t
}
return t
}
,
e.parseHash = function(e) {
var t = e.indexOf("#")
, r = e.indexOf("#/");
return r > -1 ? e.substring(r + 2) : t > -1 ? e.substring(t + 1) : T.EMPTY_STRING
}
,
e.parseQueryString = function(e) {
var t = e.indexOf("?")
, r = e.indexOf("/?");
return r > -1 ? e.substring(r + 2) : t > -1 ? e.substring(t + 1) : T.EMPTY_STRING
}
,
e.constructAuthorityUriFromObject = function(t) {
return new e(t.Protocol + "//" + t.HostNameAndPort + "/" + t.PathSegments.join("/"))
}
,
e.getDeserializedHash = function(t) {
if ($.isEmpty(t))
return {};
var r = e.parseHash(t)
, n = $.queryStringToObject($.isEmpty(r) ? t : r);
if (!n)
throw X.createHashNotDeserializedError(JSON.stringify(n));
return n
}
,
e.getDeserializedQueryString = function(t) {
if ($.isEmpty(t))
return {};
var r = e.parseQueryString(t)
, n = $.queryStringToObject($.isEmpty(r) ? t : r);
if (!n)
throw X.createHashNotDeserializedError(JSON.stringify(n));
return n
}
,
e.hashContainsKnownProperties = function(t) {
if ($.isEmpty(t) || t.indexOf("=") < 0)
return !1;
var r = e.getDeserializedHash(t);
return !!(r.code || r.error_description || r.error || r.state)
}
,
e
}(), Be = function() {
function e() {}
return e.extractBrowserRequestState = function(e, t) {
if ($.isEmpty(t))
return null;
try {
return ye.parseRequestState(e, t).libraryState.meta
} catch (e) {
throw X.createInvalidStateError(t, e)
}
}
,
e.parseServerResponseFromHash = function(e) {
if (!e)
return {};
var t = new Ke(e);
return Ke.getDeserializedHash(t.getHash())
}
,
e
}(), Ge = function(e) {
function t(t, r, n, o) {
var i = e.call(this, t, n) || this;
return i.COOKIE_LIFE_MULTIPLIER = 864e5,
i.cacheConfig = r,
i.logger = o,
i.internalStorage = new xe,
i.browserStorage = i.setupBrowserStorage(i.cacheConfig.cacheLocation),
i.temporaryCacheStorage = i.setupTemporaryCacheStorage(i.cacheConfig.cacheLocation),
i.migrateCacheEntries(),
i
}
return i(t, e),
t.prototype.setupBrowserStorage = function(e) {
switch (e) {
case _e.LocalStorage:
case _e.SessionStorage:
try {
return new Fe(e)
} catch (e) {
this.logger.verbose(e);
break
}
}
return this.cacheConfig.cacheLocation = _e.MemoryStorage,
new xe
}
,
t.prototype.setupTemporaryCacheStorage = function(e) {
switch (e) {
case _e.LocalStorage:
case _e.SessionStorage:
try {
return new Fe(_e.SessionStorage)
} catch (e) {
return this.logger.verbose(e),
this.internalStorage
}
case _e.MemoryStorage:
default:
return this.internalStorage
}
}
,
t.prototype.migrateCacheEntries = function() {
var e = this
, t = T.CACHE_PREFIX + "." + y.ID_TOKEN
, r = T.CACHE_PREFIX + "." + y.CLIENT_INFO
, n = T.CACHE_PREFIX + "." + y.ERROR
, o = T.CACHE_PREFIX + "." + y.ERROR_DESC
, i = [this.browserStorage.getItem(t), this.browserStorage.getItem(r), this.browserStorage.getItem(n), this.browserStorage.getItem(o)];
[y.ID_TOKEN, y.CLIENT_INFO, y.ERROR, y.ERROR_DESC].forEach((function(t, r) {
return e.migrateCacheEntry(t, i[r])
}
))
}
,
t.prototype.migrateCacheEntry = function(e, t) {
t && this.setTemporaryCache(e, t, !0)
}
,
t.prototype.validateAndParseJson = function(e) {
try {
var t = JSON.parse(e);
return t && "object" == typeof t ? t : null
} catch (e) {
return null
}
}
,
t.prototype.getItem = function(e) {
return this.browserStorage.getItem(e)
}
,
t.prototype.setItem = function(e, t) {
this.browserStorage.setItem(e, t)
}
,
t.prototype.getAccount = function(e) {
var t = this.getItem(e);
if (!t)
return null;
var r = this.validateAndParseJson(t);
return r && re.isAccountEntity(r) ? ce.toObject(new re, r) : null
}
,
t.prototype.setAccount = function(e) {
this.logger.trace("BrowserCacheManager.setAccount called");
var t = e.generateAccountKey();
this.setItem(t, JSON.stringify(e))
}
,
t.prototype.getIdTokenCredential = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && le.isIdTokenEntity(r) ? (this.logger.trace("BrowserCacheManager.getIdTokenCredential: cache hit"),
ce.toObject(new le, r)) : (this.logger.trace("BrowserCacheManager.getIdTokenCredential: called, no cache hit"),
null)
}
,
t.prototype.setIdTokenCredential = function(e) {
this.logger.trace("BrowserCacheManager.setIdTokenCredential called");
var t = e.generateCredentialKey();
this.setItem(t, JSON.stringify(e))
}
,
t.prototype.getAccessTokenCredential = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && he.isAccessTokenEntity(r) ? (this.logger.trace("BrowserCacheManager.getAccessTokenCredential: cache hit"),
ce.toObject(new he, r)) : (this.logger.trace("BrowserCacheManager.getAccessTokenCredential: called, no cache hit"),
null)
}
,
t.prototype.setAccessTokenCredential = function(e) {
this.logger.trace("BrowserCacheManager.setAccessTokenCredential called");
var t = e.generateCredentialKey();
this.setItem(t, JSON.stringify(e))
}
,
t.prototype.getRefreshTokenCredential = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && pe.isRefreshTokenEntity(r) ? (this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: cache hit"),
ce.toObject(new pe, r)) : (this.logger.trace("BrowserCacheManager.getRefreshTokenCredential: called, no cache hit"),
null)
}
,
t.prototype.setRefreshTokenCredential = function(e) {
this.logger.trace("BrowserCacheManager.setRefreshTokenCredential called");
var t = e.generateCredentialKey();
this.setItem(t, JSON.stringify(e))
}
,
t.prototype.getAppMetadata = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && ge.isAppMetadataEntity(e, r) ? (this.logger.trace("BrowserCacheManager.getAppMetadata: cache hit"),
ce.toObject(new ge, r)) : (this.logger.trace("BrowserCacheManager.getAppMetadata: called, no cache hit"),
null)
}
,
t.prototype.setAppMetadata = function(e) {
this.logger.trace("BrowserCacheManager.setAppMetadata called");
var t = e.generateAppMetadataKey();
this.setItem(t, JSON.stringify(e))
}
,
t.prototype.getServerTelemetry = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && fe.isServerTelemetryEntity(e, r) ? (this.logger.trace("BrowserCacheManager.getServerTelemetry: cache hit"),
ce.toObject(new fe, r)) : (this.logger.trace("BrowserCacheManager.getServerTelemetry: called, no cache hit"),
null)
}
,
t.prototype.setServerTelemetry = function(e, t) {
this.logger.trace("BrowserCacheManager.setServerTelemetry called"),
this.setItem(e, JSON.stringify(t))
}
,
t.prototype.getAuthorityMetadata = function(e) {
var t = this.internalStorage.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getAuthorityMetadata: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && me.isAuthorityMetadataEntity(e, r) ? (this.logger.trace("BrowserCacheManager.getAuthorityMetadata: cache hit"),
ce.toObject(new me, r)) : null
}
,
t.prototype.getAuthorityMetadataKeys = function() {
var e = this;
return this.internalStorage.getKeys().filter((function(t) {
return e.isAuthorityMetadata(t)
}
))
}
,
t.prototype.setWrapperMetadata = function(e, t) {
this.internalStorage.setItem(we.WRAPPER_SKU, e),
this.internalStorage.setItem(we.WRAPPER_VER, t)
}
,
t.prototype.getWrapperMetadata = function() {
return [this.internalStorage.getItem(we.WRAPPER_SKU) || T.EMPTY_STRING, this.internalStorage.getItem(we.WRAPPER_VER) || T.EMPTY_STRING]
}
,
t.prototype.setAuthorityMetadata = function(e, t) {
this.logger.trace("BrowserCacheManager.setAuthorityMetadata called"),
this.internalStorage.setItem(e, JSON.stringify(t))
}
,
t.prototype.getActiveAccount = function() {
var e = this.generateCacheKey(y.ACTIVE_ACCOUNT_FILTERS)
, t = this.getItem(e);
if (!t) {
this.logger.trace("No active account filters cache schema found, looking for legacy schema");
var r = this.generateCacheKey(y.ACTIVE_ACCOUNT)
, n = this.getItem(r);
if (!n)
return this.logger.trace("No active account found"),
null;
var o = this.getAccountInfoByFilter({
localAccountId: n
})[0] || null;
return o ? (this.logger.trace("Legacy active account cache schema found"),
this.logger.trace("Adding active account filters cache schema"),
this.setActiveAccount(o),
o) : null
}
var i = this.validateAndParseJson(t);
return i ? (this.logger.trace("Active account filters schema found"),
this.getAccountInfoByFilter({
homeAccountId: i.homeAccountId,
localAccountId: i.localAccountId
})[0] || null) : (this.logger.trace("No active account found"),
null)
}
,
t.prototype.setActiveAccount = function(e) {
var t = this.generateCacheKey(y.ACTIVE_ACCOUNT_FILTERS)
, r = this.generateCacheKey(y.ACTIVE_ACCOUNT);
if (e) {
this.logger.verbose("setActiveAccount: Active account set");
var n = {
homeAccountId: e.homeAccountId,
localAccountId: e.localAccountId
};
this.browserStorage.setItem(t, JSON.stringify(n)),
this.browserStorage.setItem(r, e.localAccountId)
} else
this.logger.verbose("setActiveAccount: No account passed, active account not set"),
this.browserStorage.removeItem(t),
this.browserStorage.removeItem(r)
}
,
t.prototype.getAccountInfoByFilter = function(e) {
return this.getAllAccounts().filter((function(t) {
return !(e.username && e.username.toLowerCase() !== t.username.toLowerCase() || e.homeAccountId && e.homeAccountId !== t.homeAccountId || e.localAccountId && e.localAccountId !== t.localAccountId || e.tenantId && e.tenantId !== t.tenantId || e.environment && e.environment !== t.environment)
}
))
}
,
t.prototype.getAccountInfoByHints = function(e, t) {
var r = this.getAllAccounts().filter((function(r) {
if (t) {
var n = r.idTokenClaims && r.idTokenClaims.sid;
return t === n
}
return !!e && e === r.username
}
));
if (1 === r.length)
return r[0];
if (r.length > 1)
throw X.createMultipleMatchingAccountsInCacheError();
return null
}
,
t.prototype.getThrottlingCache = function(e) {
var t = this.getItem(e);
if (!t)
return this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),
null;
var r = this.validateAndParseJson(t);
return r && ve.isThrottlingEntity(e, r) ? (this.logger.trace("BrowserCacheManager.getThrottlingCache: cache hit"),
ce.toObject(new ve, r)) : (this.logger.trace("BrowserCacheManager.getThrottlingCache: called, no cache hit"),
null)
}
,
t.prototype.setThrottlingCache = function(e, t) {
this.logger.trace("BrowserCacheManager.setThrottlingCache called"),
this.setItem(e, JSON.stringify(t))
}
,
t.prototype.getTemporaryCache = function(e, t) {
var r = t ? this.generateCacheKey(e) : e;
if (this.cacheConfig.storeAuthStateInCookie) {
var n = this.getItemCookie(r);
if (n)
return this.logger.trace("BrowserCacheManager.getTemporaryCache: storeAuthStateInCookies set to true, retrieving from cookies"),
n
}
var o = this.temporaryCacheStorage.getItem(r);
if (!o) {
if (this.cacheConfig.cacheLocation === _e.LocalStorage) {
var i = this.browserStorage.getItem(r);
if (i)
return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item found in local storage"),
i
}
return this.logger.trace("BrowserCacheManager.getTemporaryCache: No cache item found in local storage"),
null
}
return this.logger.trace("BrowserCacheManager.getTemporaryCache: Temporary cache item returned"),
o
}
,
t.prototype.setTemporaryCache = function(e, t, r) {
var n = r ? this.generateCacheKey(e) : e;
this.temporaryCacheStorage.setItem(n, t),
this.cacheConfig.storeAuthStateInCookie && (this.logger.trace("BrowserCacheManager.setTemporaryCache: storeAuthStateInCookie set to true, setting item cookie"),
this.setItemCookie(n, t))
}
,
t.prototype.removeItem = function(e) {
return this.browserStorage.removeItem(e),
this.temporaryCacheStorage.removeItem(e),
this.cacheConfig.storeAuthStateInCookie && (this.logger.trace("BrowserCacheManager.removeItem: storeAuthStateInCookie is true, clearing item cookie"),
this.clearItemCookie(e)),
!0
}
,
t.prototype.containsKey = function(e) {
return this.browserStorage.containsKey(e) || this.temporaryCacheStorage.containsKey(e)
}
,
t.prototype.getKeys = function() {
return l(this.browserStorage.getKeys(), this.temporaryCacheStorage.getKeys())
}
,
t.prototype.clear = function() {
return s(this, void 0, void 0, (function() {
var e = this;
return c(this, (function(t) {
switch (t.label) {
case 0:
return [4, this.removeAllAccounts()];
case 1:
return t.sent(),
this.removeAppMetadata(),
this.getKeys().forEach((function(t) {
!e.browserStorage.containsKey(t) && !e.temporaryCacheStorage.containsKey(t) || -1 === t.indexOf(T.CACHE_PREFIX) && -1 === t.indexOf(e.clientId) || e.removeItem(t)
}
)),
this.internalStorage.clear(),
[2]
}
}
))
}
))
}
,
t.prototype.setItemCookie = function(e, t, r) {
var n = encodeURIComponent(e) + "=" + encodeURIComponent(t) + ";path=/;SameSite=Lax;";
r && (n += "expires=" + this.getCookieExpirationTime(r) + ";"),
this.cacheConfig.secureCookies && (n += "Secure;"),
document.cookie = n
}
,
t.prototype.getItemCookie = function(e) {
for (var t = encodeURIComponent(e) + "=", r = document.cookie.split(";"), n = 0; n < r.length; n++) {
for (var o = r[n]; " " === o.charAt(0); )
o = o.substring(1);
if (0 === o.indexOf(t))
return decodeURIComponent(o.substring(t.length, o.length))
}
return T.EMPTY_STRING
}
,
t.prototype.clearMsalCookies = function() {
var e = this
, t = T.CACHE_PREFIX + "." + this.clientId;
document.cookie.split(";").forEach((function(r) {
for (; " " === r.charAt(0); )
r = r.substring(1);
if (0 === r.indexOf(t)) {
var n = r.split("=")[0];
e.clearItemCookie(n)
}
}
))
}
,
t.prototype.clearItemCookie = function(e) {
this.setItemCookie(e, T.EMPTY_STRING, -1)
}
,
t.prototype.getCookieExpirationTime = function(e) {
var t = new Date;
return new Date(t.getTime() + e * this.COOKIE_LIFE_MULTIPLIER).toUTCString()
}
,
t.prototype.getCache = function() {
return this.browserStorage
}
,
t.prototype.setCache = function() {}
,
t.prototype.generateCacheKey = function(e) {
return this.validateAndParseJson(e) ? JSON.stringify(e) : $.startsWith(e, T.CACHE_PREFIX) || $.startsWith(e, y.ADAL_ID_TOKEN) ? e : T.CACHE_PREFIX + "." + this.clientId + "." + e
}
,
t.prototype.generateAuthorityKey = function(e) {
var t = ye.parseRequestState(this.cryptoImpl, e).libraryState.id;
return this.generateCacheKey(Te.AUTHORITY + "." + t)
}
,
t.prototype.generateNonceKey = function(e) {
var t = ye.parseRequestState(this.cryptoImpl, e).libraryState.id;
return this.generateCacheKey(Te.NONCE_IDTOKEN + "." + t)
}
,
t.prototype.generateStateKey = function(e) {
var t = ye.parseRequestState(this.cryptoImpl, e).libraryState.id;
return this.generateCacheKey(Te.REQUEST_STATE + "." + t)
}
,
t.prototype.getCachedAuthority = function(e) {
var t = this.generateStateKey(e)
, r = this.getTemporaryCache(t);
if (!r)
return null;
var n = this.generateAuthorityKey(r);
return this.getTemporaryCache(n)
}
,
t.prototype.updateCacheEntries = function(e, t, r, n, o) {
this.logger.trace("BrowserCacheManager.updateCacheEntries called");
var i = this.generateStateKey(e);
this.setTemporaryCache(i, e, !1);
var a = this.generateNonceKey(e);
this.setTemporaryCache(a, t, !1);
var s = this.generateAuthorityKey(e);
if (this.setTemporaryCache(s, r, !1),
o) {
var c = {
credential: o.homeAccountId,
type: te.HOME_ACCOUNT_ID
};
this.setTemporaryCache(Te.CCS_CREDENTIAL, JSON.stringify(c), !0)
} else
$.isEmpty(n) || (c = {
credential: n,
type: te.UPN
},
this.setTemporaryCache(Te.CCS_CREDENTIAL, JSON.stringify(c), !0))
}
,
t.prototype.resetRequestCache = function(e) {
var t = this;
this.logger.trace("BrowserCacheManager.resetRequestCache called"),
$.isEmpty(e) || this.getKeys().forEach((function(r) {
-1 !== r.indexOf(e) && t.removeItem(r)
}
)),
e && (this.removeItem(this.generateStateKey(e)),
this.removeItem(this.generateNonceKey(e)),
this.removeItem(this.generateAuthorityKey(e))),
this.removeItem(this.generateCacheKey(Te.REQUEST_PARAMS)),
this.removeItem(this.generateCacheKey(Te.ORIGIN_URI)),
this.removeItem(this.generateCacheKey(Te.URL_HASH)),
this.removeItem(this.generateCacheKey(Te.CORRELATION_ID)),
this.removeItem(this.generateCacheKey(Te.CCS_CREDENTIAL)),
this.removeItem(this.generateCacheKey(Te.NATIVE_REQUEST)),
this.setInteractionInProgress(!1)
}
,
t.prototype.cleanRequestByState = function(e) {
if (this.logger.trace("BrowserCacheManager.cleanRequestByState called"),
e) {
var t = this.generateStateKey(e)
, r = this.temporaryCacheStorage.getItem(t);
this.logger.infoPii("BrowserCacheManager.cleanRequestByState: Removing temporary cache items for state: " + r),
this.resetRequestCache(r || T.EMPTY_STRING)
}
this.clearMsalCookies()
}
,
t.prototype.cleanRequestByInteractionType = function(e) {
var t = this;
this.logger.trace("BrowserCacheManager.cleanRequestByInteractionType called"),
this.getKeys().forEach((function(r) {
if (-1 !== r.indexOf(Te.REQUEST_STATE)) {
var n = t.temporaryCacheStorage.getItem(r);
if (n) {
var o = Be.extractBrowserRequestState(t.cryptoImpl, n);
o && o.interactionType === e && (t.logger.infoPii("BrowserCacheManager.cleanRequestByInteractionType: Removing temporary cache items for state: " + n),
t.resetRequestCache(n))
}
}
}
)),
this.clearMsalCookies(),
this.setInteractionInProgress(!1)
}
,
t.prototype.cacheCodeRequest = function(e, t) {
this.logger.trace("BrowserCacheManager.cacheCodeRequest called");
var r = t.base64Encode(JSON.stringify(e));
this.setTemporaryCache(Te.REQUEST_PARAMS, r, !0)
}
,
t.prototype.getCachedRequest = function(e, t) {
this.logger.trace("BrowserCacheManager.getCachedRequest called");
var r = this.getTemporaryCache(Te.REQUEST_PARAMS, !0);
if (!r)
throw ke.createNoTokenRequestCacheError();
var n = this.validateAndParseJson(t.base64Decode(r));
if (!n)
throw ke.createUnableToParseTokenRequestCacheError();
if (this.removeItem(this.generateCacheKey(Te.REQUEST_PARAMS)),
$.isEmpty(n.authority)) {
var o = this.generateAuthorityKey(e)
, i = this.getTemporaryCache(o);
if (!i)
throw ke.createNoCachedAuthorityError();
n.authority = i
}
return n
}
,
t.prototype.getCachedNativeRequest = function() {
this.logger.trace("BrowserCacheManager.getCachedNativeRequest called");
var e = this.getTemporaryCache(Te.NATIVE_REQUEST, !0);
return e ? this.validateAndParseJson(e) || (this.logger.error("BrowserCacheManager.getCachedNativeRequest: Unable to parse native request"),
null) : (this.logger.trace("BrowserCacheManager.getCachedNativeRequest: No cached native request found"),
null)
}
,
t.prototype.isInteractionInProgress = function(e) {
var t = this.getInteractionInProgress();
return e ? t === this.clientId : !!t
}
,
t.prototype.getInteractionInProgress = function() {
var e = T.CACHE_PREFIX + "." + Te.INTERACTION_STATUS_KEY;
return this.getTemporaryCache(e, !1)
}
,
t.prototype.setInteractionInProgress = function(e) {
var t = T.CACHE_PREFIX + "." + Te.INTERACTION_STATUS_KEY;
if (e) {
if (this.getInteractionInProgress())
throw ke.createInteractionInProgressError();
this.setTemporaryCache(t, this.clientId, !1)
} else
e || this.getInteractionInProgress() !== this.clientId || this.removeItem(t)
}
,
t.prototype.getLegacyLoginHint = function() {
var e = this.getTemporaryCache(y.ADAL_ID_TOKEN);
e && (this.browserStorage.removeItem(y.ADAL_ID_TOKEN),
this.logger.verbose("Cached ADAL id token retrieved."));
var t = this.getTemporaryCache(y.ID_TOKEN, !0);
t && (this.removeItem(this.generateCacheKey(y.ID_TOKEN)),
this.logger.verbose("Cached MSAL.js v1 id token retrieved"));
var r = t || e;
if (r) {
var n = new se(r,this.cryptoImpl);
if (n.claims && n.claims.preferred_username)
return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 preferred_username as loginHint"),
n.claims.preferred_username;
if (n.claims && n.claims.upn)
return this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, setting ADAL/MSAL v1 upn as loginHint"),
n.claims.upn;
this.logger.verbose("No SSO params used and ADAL/MSAL v1 token retrieved, however, no account hint claim found. Enable preferred_username or upn id token claim to get SSO.")
}
return null
}
,
t.prototype.updateCredentialCacheKey = function(e, t) {
var r = t.generateCredentialKey();
if (e !== r) {
var n = this.getItem(e);
if (n)
return this.removeItem(e),
this.setItem(r, n),
this.logger.verbose("Updated an outdated " + t.credentialType + " cache key"),
r;
this.logger.error("Attempted to update an outdated " + t.credentialType + " cache key but no item matching the outdated key was found in storage")
}
return e
}
,
t
}(ce);
!function(e) {
e[e.Error = 0] = "Error",
e[e.Warning = 1] = "Warning",
e[e.Info = 2] = "Info",
e[e.Verbose = 3] = "Verbose",
e[e.Trace = 4] = "Trace"
}(qe || (qe = {}));
var ze, je = function() {
function e(e, t, r) {
this.level = qe.Info,
this.localCallback = e.loggerCallback || function() {}
,
this.piiLoggingEnabled = e.piiLoggingEnabled || !1,
this.level = "number" == typeof e.logLevel ? e.logLevel : qe.Info,
this.correlationId = e.correlationId || T.EMPTY_STRING,
this.packageName = t || T.EMPTY_STRING,
this.packageVersion = r || T.EMPTY_STRING
}
return e.prototype.clone = function(t, r, n) {
return new e({
loggerCallback: this.localCallback,
piiLoggingEnabled: this.piiLoggingEnabled,
logLevel: this.level,
correlationId: n || this.correlationId
},t,r)
}
,
e.prototype.logMessage = function(e, t) {
if (!(t.logLevel > this.level || !this.piiLoggingEnabled && t.containsPii)) {
var r = (new Date).toUTCString()
, n = ($.isEmpty(t.correlationId) ? $.isEmpty(this.correlationId) ? "[" + r + "]" : "[" + r + "] : [" + this.correlationId + "]" : "[" + r + "] : [" + t.correlationId + "]") + " : " + this.packageName + "@" + this.packageVersion + " : " + qe[t.logLevel] + " - " + e;
this.executeCallback(t.logLevel, n, t.containsPii || !1)
}
}
,
e.prototype.executeCallback = function(e, t, r) {
this.localCallback && this.localCallback(e, t, r)
}
,
e.prototype.error = function(e, t) {
this.logMessage(e, {
logLevel: qe.Error,
containsPii: !1,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.errorPii = function(e, t) {
this.logMessage(e, {
logLevel: qe.Error,
containsPii: !0,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.warning = function(e, t) {
this.logMessage(e, {
logLevel: qe.Warning,
containsPii: !1,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.warningPii = function(e, t) {
this.logMessage(e, {
logLevel: qe.Warning,
containsPii: !0,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.info = function(e, t) {
this.logMessage(e, {
logLevel: qe.Info,
containsPii: !1,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.infoPii = function(e, t) {
this.logMessage(e, {
logLevel: qe.Info,
containsPii: !0,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.verbose = function(e, t) {
this.logMessage(e, {
logLevel: qe.Verbose,
containsPii: !1,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.verbosePii = function(e, t) {
this.logMessage(e, {
logLevel: qe.Verbose,
containsPii: !0,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.trace = function(e, t) {
this.logMessage(e, {
logLevel: qe.Trace,
containsPii: !1,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.tracePii = function(e, t) {
this.logMessage(e, {
logLevel: qe.Trace,
containsPii: !0,
correlationId: t || T.EMPTY_STRING
})
}
,
e.prototype.isPiiLoggingEnabled = function() {
return this.piiLoggingEnabled || !1
}
,
e
}(), Ye = "7.4.1";
!function(e) {
e[e.None = 0] = "None",
e.AzurePublic = "https://login.microsoftonline.com",
e.AzurePpe = "https://login.windows-ppe.net",
e.AzureChina = "https://login.chinacloudapi.cn",
e.AzureGermany = "https://login.microsoftonline.de",
e.AzureUsGovernment = "https://login.microsoftonline.us"
}(ze || (ze = {}));
var We, Ve = {
tokenRenewalOffsetSeconds: 300,
preventCorsPreflight: !1,
proxyUrl: T.EMPTY_STRING
}, Je = {
loggerCallback: function() {},
piiLoggingEnabled: !1,
logLevel: qe.Info,
correlationId: T.EMPTY_STRING
}, Qe = {
sendGetRequestAsync: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Network interface - sendGetRequestAsync() has not been implemented")
}
))
}
))
},
sendPostRequestAsync: function() {
return g(this, void 0, void 0, (function() {
return f(this, (function(e) {
throw J.createUnexpectedError("Network interface - sendPostRequestAsync() has not been implemented")
}
))
}
))
}
}, Xe = {
sku: T.SKU,
version: Ye,
cpu: T.EMPTY_STRING,
os: T.EMPTY_STRING
}, $e = {
clientSecret: T.EMPTY_STRING,
clientAssertion: void 0
}, Ze = {
azureCloudInstance: ze.None,
tenant: "" + T.DEFAULT_COMMON_TENANT
}, et = {
application: {
appName: "",
appVersion: ""
}
}, tt = function(e) {
function t(r, n, o) {
var i = e.call(this, r, n, o) || this;
return i.name = "ServerError",
Object.setPrototypeOf(i, t.prototype),
i
}
return h(t, e),
t
}(J), rt = function() {
function e() {}
return e.generateThrottlingStorageKey = function(e) {
return "throttling." + JSON.stringify(e)
}
,
e.preProcess = function(t, r) {
var n, o = e.generateThrottlingStorageKey(r), i = t.getThrottlingCache(o);
if (i) {
if (i.throttleTime < Date.now())
return void t.removeItem(o, O.THROTTLING);
throw new tt((null === (n = i.errorCodes) || void 0 === n ? void 0 : n.join(" ")) || T.EMPTY_STRING,i.errorMessage,i.subError)
}
}
,
e.postProcess = function(t, r, n) {
if (e.checkResponseStatus(n) || e.checkResponseForRetryAfter(n)) {
var o = {
throttleTime: e.calculateThrottleTime(parseInt(n.headers[v.RETRY_AFTER])),
error: n.body.error,
errorCodes: n.body.error_codes,
errorMessage: n.body.error_description,
subError: n.body.suberror
};
t.setThrottlingCache(e.generateThrottlingStorageKey(r), o)
}
}
,
e.checkResponseStatus = function(e) {
return 429 === e.status || e.status >= 500 && e.status < 600
}
,
e.checkResponseForRetryAfter = function(e) {
return !!e.headers && e.headers.hasOwnProperty(v.RETRY_AFTER) && (e.status < 200 || e.status >= 300)
}
,
e.calculateThrottleTime = function(e) {
var t = e <= 0 ? 0 : e
, r = Date.now() / 1e3;
return Math.floor(1e3 * Math.min(r + (t || 60), r + 3600))
}
,
e.removeThrottle = function(e, t, r, n) {
var o = {
clientId: t,
authority: r.authority,
scopes: r.scopes,
homeAccountIdentifier: n,
claims: r.claims,
authenticationScheme: r.authenticationScheme,
resourceRequestMethod: r.resourceRequestMethod,
resourceRequestUri: r.resourceRequestUri,
shrClaims: r.shrClaims,
sshKid: r.sshKid
}
, i = this.generateThrottlingStorageKey(o);
return e.removeItem(i, O.THROTTLING)
}
,
e
}(), nt = function() {
function e(e, t) {
this.networkClient = e,
this.cacheManager = t
}
return e.prototype.sendPostRequest = function(e, t, r) {
return g(this, void 0, void 0, (function() {
var n, o;
return f(this, (function(i) {
switch (i.label) {
case 0:
rt.preProcess(this.cacheManager, e),
i.label = 1;
case 1:
return i.trys.push([1, 3, , 4]),
[4, this.networkClient.sendPostRequestAsync(t, r)];
case 2:
return n = i.sent(),
[3, 4];
case 3:
throw (o = i.sent())instanceof J ? o : X.createNetworkError(t, o);
case 4:
return rt.postProcess(this.cacheManager, e, n),
[2, n]
}
}
))
}
))
}
,
e
}(), ot = function() {
function e(e, t) {
var r, n, o, i, a, s, c, u, l, d, h, g, f, m, v;
this.config = (o = (r = e).authOptions,
i = r.systemOptions,
a = r.loggerOptions,
s = r.storageInterface,
c = r.networkInterface,
u = r.cryptoInterface,
l = r.clientCredentials,
d = r.libraryInfo,
h = r.telemetry,
g = r.serverTelemetryManager,
f = r.persistencePlugin,
m = r.serializableCache,
v = p(p({}, Je), a),
{
authOptions: (n = o,
p({
clientCapabilities: [],
azureCloudOptions: Ze,
skipAuthorityMetadataCache: !1
}, n)),
systemOptions: p(p({}, Ve), i),
loggerOptions: v,
storageInterface: s || new ue(o.clientId,be),
networkInterface: c || Qe,
cryptoInterface: u || be,
clientCredentials: l || $e,
libraryInfo: p(p({}, Xe), d),
telemetry: p(p({}, et), h),
serverTelemetryManager: g || null,
persistencePlugin: f || null,
serializableCache: m || null
}),
this.logger = new je(this.config.loggerOptions,"@azure/msal-common",Ye),
this.cryptoUtils = this.config.cryptoInterface,
this.cacheManager = this.config.storageInterface,
this.networkClient = this.config.networkInterface,
this.networkManager = new nt(this.networkClient,this.cacheManager),
this.serverTelemetryManager = this.config.serverTelemetryManager,
this.authority = this.config.authOptions.authority,
this.performanceClient = t
}
return e.prototype.createTokenRequestHeaders = function(e) {
var t = {};
if (t[v.CONTENT_TYPE] = T.URL_FORM_CONTENT_TYPE,
!this.config.systemOptions.preventCorsPreflight && e)
switch (e.type) {
case te.HOME_ACCOUNT_ID:
try {
var r = ee(e.credential);
t[v.CCS_HEADER] = "Oid:" + r.uid + "@" + r.utid
} catch (e) {
this.logger.verbose("Could not parse home account ID for CCS Header: " + e)
}
break;
case te.UPN:
t[v.CCS_HEADER] = "UPN: " + e.credential
}
return t
}
,
e.prototype.executePostToTokenEndpoint = function(e, t, r, n) {
return g(this, void 0, void 0, (function() {
var o;
return f(this, (function(i) {
switch (i.label) {
case 0:
return [4, this.networkManager.sendPostRequest(n, e, {
body: t,
headers: r,
proxyUrl: this.config.systemOptions.proxyUrl
})];
case 1:
return o = i.sent(),
this.config.serverTelemetryManager && o.status < 500 && 429 !== o.status && this.config.serverTelemetryManager.clearTelemetryCache(),
[2, o]
}
}
))
}
))
}
,
e.prototype.updateAuthority = function(e) {
if (!e.discoveryComplete())
throw X.createEndpointDiscoveryIncompleteError("Updated authority has not completed endpoint discovery.");
this.authority = e
}
,
e
}(), it = function() {
function e() {}
return e.validateRedirectUri = function(e) {
if ($.isEmpty(e))
throw ie.createRedirectUriEmptyError()
}
,
e.validatePrompt = function(e) {
var t = [];
for (var r in A)
t.push(A[r]);
if (t.indexOf(e) < 0)
throw ie.createInvalidPromptError(e)
}
,
e.validateClaims = function(e) {
try {
JSON.parse(e)
} catch (e) {
throw ie.createInvalidClaimsRequestError()
}
}
,
e.validateCodeChallengeParams = function(e, t) {
if ($.isEmpty(e) || $.isEmpty(t))
throw ie.createInvalidCodeChallengeParamsError();
this.validateCodeChallengeMethod(t)
}
,
e.validateCodeChallengeMethod = function(e) {
if ([U.PLAIN, U.S256].indexOf(e) < 0)
throw ie.createInvalidCodeChallengeMethodError()
}
,
e.sanitizeEQParams = function(e, t) {
return e ? (t.forEach((function(t, r) {
e[r] && delete e[r]
}
)),
e) : {}
}
,
e
}(), at = function() {
function e() {
this.parameters = new Map
}
return e.prototype.addResponseTypeCode = function() {
this.parameters.set(_.RESPONSE_TYPE, encodeURIComponent(T.CODE_RESPONSE_TYPE))
}
,
e.prototype.addResponseTypeForTokenAndIdToken = function() {
this.parameters.set(_.RESPONSE_TYPE, encodeURIComponent(T.TOKEN_RESPONSE_TYPE + " " + T.ID_TOKEN_RESPONSE_TYPE))
}
,
e.prototype.addResponseMode = function(e) {
this.parameters.set(_.RESPONSE_MODE, encodeURIComponent(e || b.QUERY))
}
,
e.prototype.addNativeBroker = function() {
this.parameters.set(_.NATIVE_BROKER, encodeURIComponent("1"))
}
,
e.prototype.addScopes = function(e, t) {
void 0 === t && (t = !0);
var r = t ? m(e || [], w) : e || []
, n = new ae(r);
this.parameters.set(_.SCOPE, encodeURIComponent(n.printScopes()))
}
,
e.prototype.addClientId = function(e) {
this.parameters.set(_.CLIENT_ID, encodeURIComponent(e))
}
,
e.prototype.addRedirectUri = function(e) {
it.validateRedirectUri(e),
this.parameters.set(_.REDIRECT_URI, encodeURIComponent(e))
}
,
e.prototype.addPostLogoutRedirectUri = function(e) {
it.validateRedirectUri(e),
this.parameters.set(_.POST_LOGOUT_URI, encodeURIComponent(e))
}
,
e.prototype.addIdTokenHint = function(e) {
this.parameters.set(_.ID_TOKEN_HINT, encodeURIComponent(e))
}
,
e.prototype.addDomainHint = function(e) {
this.parameters.set(I.DOMAIN_HINT, encodeURIComponent(e))
}
,
e.prototype.addLoginHint = function(e) {
this.parameters.set(I.LOGIN_HINT, encodeURIComponent(e))
}
,
e.prototype.addCcsUpn = function(e) {
this.parameters.set(v.CCS_HEADER, encodeURIComponent("UPN:" + e))
}
,
e.prototype.addCcsOid = function(e) {
this.parameters.set(v.CCS_HEADER, encodeURIComponent("Oid:" + e.uid + "@" + e.utid))
}
,
e.prototype.addSid = function(e) {
this.parameters.set(I.SID, encodeURIComponent(e))
}
,
e.prototype.addClaims = function(e, t) {
var r = this.addClientCapabilitiesToClaims(e, t);
it.validateClaims(r),
this.parameters.set(_.CLAIMS, encodeURIComponent(r))
}
,
e.prototype.addCorrelationId = function(e) {
this.parameters.set(_.CLIENT_REQUEST_ID, encodeURIComponent(e))
}
,
e.prototype.addLibraryInfo = function(e) {
this.parameters.set(_.X_CLIENT_SKU, e.sku),
this.parameters.set(_.X_CLIENT_VER, e.version),
e.os && this.parameters.set(_.X_CLIENT_OS, e.os),
e.cpu && this.parameters.set(_.X_CLIENT_CPU, e.cpu)
}
,
e.prototype.addApplicationTelemetry = function(e) {
(null == e ? void 0 : e.appName) && this.parameters.set(_.X_APP_NAME, e.appName),
(null == e ? void 0 : e.appVersion) && this.parameters.set(_.X_APP_VER, e.appVersion)
}
,
e.prototype.addPrompt = function(e) {
it.validatePrompt(e),
this.parameters.set("" + _.PROMPT, encodeURIComponent(e))
}
,
e.prototype.addState = function(e) {
$.isEmpty(e) || this.parameters.set(_.STATE, encodeURIComponent(e))
}
,
e.prototype.addNonce = function(e) {
this.parameters.set(_.NONCE, encodeURIComponent(e))
}
,
e.prototype.addCodeChallengeParams = function(e, t) {
if (it.validateCodeChallengeParams(e, t),
!e || !t)
throw ie.createInvalidCodeChallengeParamsError();
this.parameters.set(_.CODE_CHALLENGE, encodeURIComponent(e)),
this.parameters.set(_.CODE_CHALLENGE_METHOD, encodeURIComponent(t))
}
,
e.prototype.addAuthorizationCode = function(e) {
this.parameters.set(_.CODE, encodeURIComponent(e))
}
,
e.prototype.addDeviceCode = function(e) {
this.parameters.set(_.DEVICE_CODE, encodeURIComponent(e))
}
,
e.prototype.addRefreshToken = function(e) {
this.parameters.set(_.REFRESH_TOKEN, encodeURIComponent(e))
}
,
e.prototype.addCodeVerifier = function(e) {
this.parameters.set(_.CODE_VERIFIER, encodeURIComponent(e))
}
,
e.prototype.addClientSecret = function(e) {
this.parameters.set(_.CLIENT_SECRET, encodeURIComponent(e))
}
,
e.prototype.addClientAssertion = function(e) {
$.isEmpty(e) || this.parameters.set(_.CLIENT_ASSERTION, encodeURIComponent(e))
}
,
e.prototype.addClientAssertionType = function(e) {
$.isEmpty(e) || this.parameters.set(_.CLIENT_ASSERTION_TYPE, encodeURIComponent(e))
}
,
e.prototype.addOboAssertion = function(e) {
this.parameters.set(_.OBO_ASSERTION, encodeURIComponent(e))
}
,
e.prototype.addRequestTokenUse = function(e) {
this.parameters.set(_.REQUESTED_TOKEN_USE, encodeURIComponent(e))
}
,
e.prototype.addGrantType = function(e) {
this.parameters.set(_.GRANT_TYPE, encodeURIComponent(e))
}
,
e.prototype.addClientInfo = function() {
this.parameters.set("client_info", "1")
}
,
e.prototype.addExtraQueryParameters = function(e) {
var t = this;
it.sanitizeEQParams(e, this.parameters),
Object.keys(e).forEach((function(r) {
t.parameters.set(r, e[r])
}
))
}
,
e.prototype.addClientCapabilitiesToClaims = function(e, t) {
var r;
if (e)
try {
r = JSON.parse(e)
} catch (e) {
throw ie.createInvalidClaimsRequestError()
}
else
r = {};
return t && t.length > 0 && (r.hasOwnProperty(C.ACCESS_TOKEN) || (r[C.ACCESS_TOKEN] = {}),
r[C.ACCESS_TOKEN][C.XMS_CC] = {
values: t
}),
JSON.stringify(r)
}
,
e.prototype.addUsername = function(e) {
this.parameters.set(K.username, encodeURIComponent(e))
}
,
e.prototype.addPassword = function(e) {
this.parameters.set(K.password, encodeURIComponent(e))
}
,
e.prototype.addPopToken = function(e) {
$.isEmpty(e) || (this.parameters.set(_.TOKEN_TYPE, F.POP),
this.parameters.set(_.REQ_CNF, encodeURIComponent(e)))
}
,
e.prototype.addSshJwk = function(e) {
$.isEmpty(e) || (this.parameters.set(_.TOKEN_TYPE, F.SSH),
this.parameters.set(_.REQ_CNF, encodeURIComponent(e)))
}
,
e.prototype.addServerTelemetry = function(e) {
this.parameters.set(_.X_CLIENT_CURR_TELEM, e.generateCurrentRequestHeaderValue()),
this.parameters.set(_.X_CLIENT_LAST_TELEM, e.generateLastRequestHeaderValue())
}
,
e.prototype.addThrottling = function() {
this.parameters.set(_.X_MS_LIB_CAPABILITY, "retry-after, h429")
}
,
e.prototype.addLogoutHint = function(e) {
this.parameters.set(_.LOGOUT_HINT, encodeURIComponent(e))
}
,
e.prototype.createQueryString = function() {
var e = new Array;
return this.parameters.forEach((function(t, r) {
e.push(r + "=" + t)
}
)),
e.join("&")
}
,
e
}(), st = ["interaction_required", "consent_required", "login_required"], ct = ["message_only", "additional_action", "basic_action", "user_password_expired", "consent_required"], ut = {
noTokensFoundError: {
code: "no_tokens_found",
desc: "No refresh token found in the cache. Please sign-in."
},
native_account_unavailable: {
code: "native_account_unavailable",
desc: "The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API."
}
}, lt = function(e) {
function t(r, n, o) {
var i = e.call(this, r, n, o) || this;
return i.name = "InteractionRequiredAuthError",
Object.setPrototypeOf(i, t.prototype),
i
}
return h(t, e),
t.isInteractionRequiredError = function(e, t, r) {
var n = !!e && st.indexOf(e) > -1
, o = !!r && ct.indexOf(r) > -1
, i = !!t && st.some((function(e) {
return t.indexOf(e) > -1
}
));
return n || i || o
}
,
t.createNoTokensFoundError = function() {
return new t(ut.noTokensFoundError.code,ut.noTokensFoundError.desc)
}
,
t.createNativeAccountUnavailableError = function() {
return new t(ut.native_account_unavailable.code,ut.native_account_unavailable.desc)
}
,
t
}(J), dt = function(e, t, r, n, o) {
this.account = e || null,
this.idToken = t || null,
this.accessToken = r || null,
this.refreshToken = n || null,
this.appMetadata = o || null
};
!function(e) {
e.SW = "sw",
e.UHW = "uhw"
}(We || (We = {}));
var ht, pt, gt = function() {
function e(e) {
this.cryptoUtils = e
}
return e.prototype.generateCnf = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n;
return f(this, (function(o) {
switch (o.label) {
case 0:
return [4, this.generateKid(e)];
case 1:
return t = o.sent(),
r = this.cryptoUtils.base64Encode(JSON.stringify(t)),
n = {
kid: t.kid,
reqCnfString: r
},
[4, this.cryptoUtils.hashString(r)];
case 2:
return [2, (n.reqCnfHash = o.sent(),
n)]
}
}
))
}
))
}
,
e.prototype.generateKid = function(e) {
return g(this, void 0, void 0, (function() {
return f(this, (function(t) {
switch (t.label) {
case 0:
return [4, this.cryptoUtils.getPublicKeyThumbprint(e)];
case 1:
return [2, {
kid: t.sent(),
xms_ksl: We.SW
}]
}
}
))
}
))
}
,
e.prototype.signPopToken = function(e, t, r) {
return g(this, void 0, void 0, (function() {
return f(this, (function(n) {
return [2, this.signPayload(e, t, r)]
}
))
}
))
}
,
e.prototype.signPayload = function(e, t, r, n) {
return g(this, void 0, void 0, (function() {
var o, i, a, s, c, u;
return f(this, (function(l) {
switch (l.label) {
case 0:
return o = r.resourceRequestMethod,
i = r.resourceRequestUri,
a = r.shrClaims,
s = r.shrNonce,
c = i ? new Ke(i) : void 0,
u = null == c ? void 0 : c.getUrlComponents(),
[4, this.cryptoUtils.signJwt(p({
at: e,
ts: de.nowSeconds(),
m: null == o ? void 0 : o.toUpperCase(),
u: null == u ? void 0 : u.HostNameAndPort,
nonce: s || this.cryptoUtils.createNewGuid(),
p: null == u ? void 0 : u.AbsolutePath,
q: (null == u ? void 0 : u.QueryString) ? [[], u.QueryString] : void 0,
client_claims: a || void 0
}, n), t, r.correlationId)];
case 1:
return [2, l.sent()]
}
}
))
}
))
}
,
e
}(), ft = function() {
function e(e, t) {
this.cache = e,
this.hasChanged = t
}
return Object.defineProperty(e.prototype, "cacheHasChanged", {
get: function() {
return this.hasChanged
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "tokenCache", {
get: function() {
return this.cache
},
enumerable: !1,
configurable: !0
}),
e
}(), mt = function() {
function e(e, t, r, n, o, i) {
this.clientId = e,
this.cacheStorage = t,
this.cryptoObj = r,
this.logger = n,
this.serializableCache = o,
this.persistencePlugin = i
}
return e.prototype.validateServerAuthorizationCodeResponse = function(e, t, r) {
if (!e.state || !t)
throw e.state ? X.createStateNotFoundError("Cached State") : X.createStateNotFoundError("Server State");
if (decodeURIComponent(e.state) !== decodeURIComponent(t))
throw X.createStateMismatchError();
if (e.error || e.error_description || e.suberror) {
if (lt.isInteractionRequiredError(e.error, e.error_description, e.suberror))
throw new lt(e.error || T.EMPTY_STRING,e.error_description,e.suberror);
throw new tt(e.error || T.EMPTY_STRING,e.error_description,e.suberror)
}
e.client_info && Z(e.client_info, r)
}
,
e.prototype.validateTokenResponse = function(e) {
if (e.error || e.error_description || e.suberror) {
if (lt.isInteractionRequiredError(e.error, e.error_description, e.suberror))
throw new lt(e.error,e.error_description,e.suberror);
var t = e.error_codes + " - [" + e.timestamp + "]: " + e.error_description + " - Correlation ID: " + e.correlation_id + " - Trace ID: " + e.trace_id;
throw new tt(e.error,t,e.suberror)
}
}
,
e.prototype.handleServerTokenResponse = function(t, r, n, o, i, a, s, c) {
return g(this, void 0, void 0, (function() {
var u, l, d, h, p;
return f(this, (function(g) {
switch (g.label) {
case 0:
if (t.id_token && (u = new se(t.id_token || T.EMPTY_STRING,this.cryptoObj),
i && !$.isEmpty(i.nonce) && u.claims.nonce !== i.nonce))
throw X.createNonceMismatchError();
this.homeAccountIdentifier = re.generateHomeAccountId(t.client_info || T.EMPTY_STRING, r.authorityType, this.logger, this.cryptoObj, u),
i && i.state && (l = ye.parseRequestState(this.cryptoObj, i.state)),
t.key_id = t.key_id || o.sshKid || void 0,
d = this.generateCacheRecord(t, r, n, o, u, a, i),
g.label = 1;
case 1:
return g.trys.push([1, , 5, 8]),
this.persistencePlugin && this.serializableCache ? (this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),
h = new ft(this.serializableCache,!0),
[4, this.persistencePlugin.beforeCacheAccess(h)]) : [3, 3];
case 2:
g.sent(),
g.label = 3;
case 3:
return !s || c || !d.account || (p = d.account.generateAccountKey(),
this.cacheStorage.getAccount(p)) ? [4, this.cacheStorage.saveCacheRecord(d)] : (this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),
[2, e.generateAuthenticationResult(this.cryptoObj, r, d, !1, o, u, l, void 0)]);
case 4:
return g.sent(),
[3, 8];
case 5:
return this.persistencePlugin && this.serializableCache && h ? (this.logger.verbose("Persistence enabled, calling afterCacheAccess"),
[4, this.persistencePlugin.afterCacheAccess(h)]) : [3, 7];
case 6:
g.sent(),
g.label = 7;
case 7:
return [7];
case 8:
return [2, e.generateAuthenticationResult(this.cryptoObj, r, d, !1, o, u, l, t.spa_code)]
}
}
))
}
))
}
,
e.prototype.generateCacheRecord = function(e, t, r, n, o, i, a) {
var s, c, u = t.getPreferredCache();
if ($.isEmpty(u))
throw X.createInvalidCacheEnvironmentError();
!$.isEmpty(e.id_token) && o && (s = le.createIdTokenEntity(this.homeAccountIdentifier, u, e.id_token || T.EMPTY_STRING, this.clientId, o.claims.tid || T.EMPTY_STRING),
c = this.generateAccountEntity(e, o, t, a));
var l = null;
if (!$.isEmpty(e.access_token)) {
var d = e.scope ? ae.fromString(e.scope) : new ae(n.scopes || [])
, h = ("string" == typeof e.expires_in ? parseInt(e.expires_in, 10) : e.expires_in) || 0
, p = ("string" == typeof e.ext_expires_in ? parseInt(e.ext_expires_in, 10) : e.ext_expires_in) || 0
, g = ("string" == typeof e.refresh_in ? parseInt(e.refresh_in, 10) : e.refresh_in) || void 0
, f = r + h
, m = f + p
, v = g && g > 0 ? r + g : void 0;
l = he.createAccessTokenEntity(this.homeAccountIdentifier, u, e.access_token || T.EMPTY_STRING, this.clientId, o ? o.claims.tid || T.EMPTY_STRING : t.tenant, d.printScopes(), f, m, this.cryptoObj, v, e.token_type, i, e.key_id, n.claims, n.requestedClaimsHash)
}
var y = null;
$.isEmpty(e.refresh_token) || (y = pe.createRefreshTokenEntity(this.homeAccountIdentifier, u, e.refresh_token || T.EMPTY_STRING, this.clientId, e.foci, i));
var E = null;
return $.isEmpty(e.foci) || (E = ge.createAppMetadataEntity(this.clientId, u, e.foci)),
new dt(c,s,l,y,E)
}
,
e.prototype.generateAccountEntity = function(e, t, r, n) {
var o = r.authorityType
, i = n ? n.cloud_graph_host_name : T.EMPTY_STRING
, a = n ? n.msgraph_host : T.EMPTY_STRING;
if (o === W.Adfs)
return this.logger.verbose("Authority type is ADFS, creating ADFS account"),
re.createGenericAccount(this.homeAccountIdentifier, t, r, i, a);
if ($.isEmpty(e.client_info) && "AAD" === r.protocolMode)
throw X.createClientInfoEmptyError();
return e.client_info ? re.createAccount(e.client_info, this.homeAccountIdentifier, t, r, i, a) : re.createGenericAccount(this.homeAccountIdentifier, t, r, i, a)
}
,
e.generateAuthenticationResult = function(e, t, r, n, o, i, a, s) {
var c, u, l;
return g(this, void 0, void 0, (function() {
var d, h, p, g, m, v, y, E, _, C, w;
return f(this, (function(f) {
switch (f.label) {
case 0:
if (d = T.EMPTY_STRING,
h = [],
p = null,
m = T.EMPTY_STRING,
!r.accessToken)
return [3, 4];
if (r.accessToken.tokenType !== F.POP)
return [3, 2];
if (v = new gt(e),
y = r.accessToken,
E = y.secret,
!(_ = y.keyId))
throw X.createKeyIdMissingError();
return [4, v.signPopToken(E, _, o)];
case 1:
return d = f.sent(),
[3, 3];
case 2:
d = r.accessToken.secret,
f.label = 3;
case 3:
h = ae.fromString(r.accessToken.target).asArray(),
p = new Date(1e3 * Number(r.accessToken.expiresOn)),
g = new Date(1e3 * Number(r.accessToken.extendedExpiresOn)),
f.label = 4;
case 4:
return r.appMetadata && (m = r.appMetadata.familyId === L ? L : T.EMPTY_STRING),
C = (null == i ? void 0 : i.claims.oid) || (null == i ? void 0 : i.claims.sub) || T.EMPTY_STRING,
w = (null == i ? void 0 : i.claims.tid) || T.EMPTY_STRING,
[2, {
authority: t.canonicalAuthority,
uniqueId: C,
tenantId: w,
scopes: h,
account: r.account ? r.account.getAccountInfo() : null,
idToken: i ? i.rawToken : T.EMPTY_STRING,
idTokenClaims: i ? i.claims : {},
accessToken: d,
fromCache: n,
expiresOn: p,
correlationId: o.correlationId,
extExpiresOn: g,
familyId: m,
tokenType: (null === (c = r.accessToken) || void 0 === c ? void 0 : c.tokenType) || T.EMPTY_STRING,
state: a ? a.userRequestState : T.EMPTY_STRING,
cloudGraphHostName: (null === (u = r.account) || void 0 === u ? void 0 : u.cloudGraphHostName) || T.EMPTY_STRING,
msGraphHost: (null === (l = r.account) || void 0 === l ? void 0 : l.msGraphHost) || T.EMPTY_STRING,
code: s,
fromNativeBroker: !1
}]
}
}
))
}
))
}
,
e
}(), vt = function(e) {
function t(t) {
var r = e.call(this, t) || this;
return r.includeRedirectUri = !0,
r
}
return h(t, e),
t.prototype.getAuthCodeUrl = function(e) {
return g(this, void 0, void 0, (function() {
var t;
return f(this, (function(r) {
switch (r.label) {
case 0:
return [4, this.createAuthCodeUrlQueryString(e)];
case 1:
return t = r.sent(),
[2, Ke.appendQueryString(this.authority.authorizationEndpoint, t)]
}
}
))
}
))
}
,
t.prototype.acquireToken = function(e, t) {
return g(this, void 0, void 0, (function() {
var r, n, o;
return f(this, (function(i) {
switch (i.label) {
case 0:
if (this.logger.info("in acquireToken call"),
!e || $.isEmpty(e.code))
throw X.createTokenRequestCannotBeMadeError();
return r = de.nowSeconds(),
[4, this.executeTokenRequest(this.authority, e)];
case 1:
return n = i.sent(),
(o = new mt(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin)).validateTokenResponse(n.body),
[4, o.handleServerTokenResponse(n.body, this.authority, r, e, t)];
case 2:
return [2, i.sent()]
}
}
))
}
))
}
,
t.prototype.handleFragmentResponse = function(e, t) {
var r = new mt(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,null,null)
, n = new Ke(e)
, o = Ke.getDeserializedHash(n.getHash());
if (r.validateServerAuthorizationCodeResponse(o, t, this.cryptoUtils),
!o.code)
throw X.createNoAuthCodeInServerResponseError();
return p(p({}, o), {
code: o.code
})
}
,
t.prototype.getLogoutUri = function(e) {
if (!e)
throw ie.createEmptyLogoutRequestError();
var t = this.createLogoutUrlQueryString(e);
return Ke.appendQueryString(this.authority.endSessionEndpoint, t)
}
,
t.prototype.executeTokenRequest = function(e, t) {
return g(this, void 0, void 0, (function() {
var r, n, o, i, a, s, c;
return f(this, (function(u) {
switch (u.label) {
case 0:
return r = {
clientId: this.config.authOptions.clientId,
authority: e.canonicalAuthority,
scopes: t.scopes,
claims: t.claims,
authenticationScheme: t.authenticationScheme,
resourceRequestMethod: t.resourceRequestMethod,
resourceRequestUri: t.resourceRequestUri,
shrClaims: t.shrClaims,
sshKid: t.sshKid
},
[4, this.createTokenRequestBody(t)];
case 1:
if (n = u.sent(),
o = this.createTokenQueryParameters(t),
i = void 0,
t.clientInfo)
try {
a = Z(t.clientInfo, this.cryptoUtils),
i = {
credential: "" + a.uid + N.CLIENT_INFO_SEPARATOR + a.utid,
type: te.HOME_ACCOUNT_ID
}
} catch (e) {
this.logger.verbose("Could not parse client info for CCS Header: " + e)
}
return s = this.createTokenRequestHeaders(i || t.ccsCredential),
c = $.isEmpty(o) ? e.tokenEndpoint : e.tokenEndpoint + "?" + o,
[2, this.executePostToTokenEndpoint(c, n, s, r)]
}
}
))
}
))
}
,
t.prototype.createTokenQueryParameters = function(e) {
var t = new at;
return e.tokenQueryParameters && t.addExtraQueryParameters(e.tokenQueryParameters),
t.createQueryString()
}
,
t.prototype.createTokenRequestBody = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n, o, i, a, s;
return f(this, (function(c) {
switch (c.label) {
case 0:
return (t = new at).addClientId(this.config.authOptions.clientId),
this.includeRedirectUri ? t.addRedirectUri(e.redirectUri) : it.validateRedirectUri(e.redirectUri),
t.addScopes(e.scopes),
t.addAuthorizationCode(e.code),
t.addLibraryInfo(this.config.libraryInfo),
t.addApplicationTelemetry(this.config.telemetry.application),
t.addThrottling(),
this.serverTelemetryManager && t.addServerTelemetry(this.serverTelemetryManager),
e.codeVerifier && t.addCodeVerifier(e.codeVerifier),
this.config.clientCredentials.clientSecret && t.addClientSecret(this.config.clientCredentials.clientSecret),
this.config.clientCredentials.clientAssertion && (r = this.config.clientCredentials.clientAssertion,
t.addClientAssertion(r.assertion),
t.addClientAssertionType(r.assertionType)),
t.addGrantType(R.AUTHORIZATION_CODE_GRANT),
t.addClientInfo(),
e.authenticationScheme !== F.POP ? [3, 2] : [4, new gt(this.cryptoUtils).generateCnf(e)];
case 1:
return n = c.sent(),
t.addPopToken(n.reqCnfString),
[3, 3];
case 2:
if (e.authenticationScheme === F.SSH) {
if (!e.sshJwk)
throw ie.createMissingSshJwkError();
t.addSshJwk(e.sshJwk)
}
c.label = 3;
case 3:
if (o = e.correlationId || this.config.cryptoInterface.createNewGuid(),
t.addCorrelationId(o),
(!$.isEmptyObj(e.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) && t.addClaims(e.claims, this.config.authOptions.clientCapabilities),
i = void 0,
e.clientInfo)
try {
a = Z(e.clientInfo, this.cryptoUtils),
i = {
credential: "" + a.uid + N.CLIENT_INFO_SEPARATOR + a.utid,
type: te.HOME_ACCOUNT_ID
}
} catch (e) {
this.logger.verbose("Could not parse client info for CCS Header: " + e)
}
else
i = e.ccsCredential;
if (this.config.systemOptions.preventCorsPreflight && i)
switch (i.type) {
case te.HOME_ACCOUNT_ID:
try {
a = ee(i.credential),
t.addCcsOid(a)
} catch (e) {
this.logger.verbose("Could not parse home account ID for CCS Header: " + e)
}
break;
case te.UPN:
t.addCcsUpn(i.credential)
}
return e.tokenBodyParameters && t.addExtraQueryParameters(e.tokenBodyParameters),
!e.enableSpaAuthorizationCode || e.tokenBodyParameters && e.tokenBodyParameters[_.RETURN_SPA_CODE] || t.addExtraQueryParameters(((s = {})[_.RETURN_SPA_CODE] = "1",
s)),
[2, t.createQueryString()]
}
}
))
}
))
}
,
t.prototype.createAuthCodeUrlQueryString = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n, o, i, a, s;
return f(this, (function(c) {
switch (c.label) {
case 0:
if ((t = new at).addClientId(this.config.authOptions.clientId),
r = m(e.scopes || [], e.extraScopesToConsent || []),
t.addScopes(r),
t.addRedirectUri(e.redirectUri),
n = e.correlationId || this.config.cryptoInterface.createNewGuid(),
t.addCorrelationId(n),
t.addResponseMode(e.responseMode),
t.addResponseTypeCode(),
t.addLibraryInfo(this.config.libraryInfo),
t.addApplicationTelemetry(this.config.telemetry.application),
t.addClientInfo(),
e.codeChallenge && e.codeChallengeMethod && t.addCodeChallengeParams(e.codeChallenge, e.codeChallengeMethod),
e.prompt && t.addPrompt(e.prompt),
e.domainHint && t.addDomainHint(e.domainHint),
e.prompt !== A.SELECT_ACCOUNT)
if (e.sid && e.prompt === A.NONE)
this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),
t.addSid(e.sid);
else if (e.account) {
if (o = this.extractAccountSid(e.account),
i = this.extractLoginHint(e.account)) {
this.logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),
t.addLoginHint(i);
try {
a = ee(e.account.homeAccountId),
t.addCcsOid(a)
} catch (e) {
this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")
}
} else if (o && e.prompt === A.NONE) {
this.logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),
t.addSid(o);
try {
a = ee(e.account.homeAccountId),
t.addCcsOid(a)
} catch (e) {
this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")
}
} else if (e.loginHint)
this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),
t.addLoginHint(e.loginHint),
t.addCcsUpn(e.loginHint);
else if (e.account.username) {
this.logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),
t.addLoginHint(e.account.username);
try {
a = ee(e.account.homeAccountId),
t.addCcsOid(a)
} catch (e) {
this.logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")
}
}
} else
e.loginHint && (this.logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),
t.addLoginHint(e.loginHint),
t.addCcsUpn(e.loginHint));
else
this.logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");
return e.nonce && t.addNonce(e.nonce),
e.state && t.addState(e.state),
(!$.isEmpty(e.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) && t.addClaims(e.claims, this.config.authOptions.clientCapabilities),
e.extraQueryParameters && t.addExtraQueryParameters(e.extraQueryParameters),
e.nativeBroker ? (t.addNativeBroker(),
e.authenticationScheme !== F.POP ? [3, 2] : [4, new gt(this.cryptoUtils).generateCnf(e)]) : [3, 2];
case 1:
s = c.sent(),
t.addPopToken(s.reqCnfHash),
c.label = 2;
case 2:
return [2, t.createQueryString()]
}
}
))
}
))
}
,
t.prototype.createLogoutUrlQueryString = function(e) {
var t = new at;
return e.postLogoutRedirectUri && t.addPostLogoutRedirectUri(e.postLogoutRedirectUri),
e.correlationId && t.addCorrelationId(e.correlationId),
e.idTokenHint && t.addIdTokenHint(e.idTokenHint),
e.state && t.addState(e.state),
e.logoutHint && t.addLogoutHint(e.logoutHint),
e.extraQueryParameters && t.addExtraQueryParameters(e.extraQueryParameters),
t.createQueryString()
}
,
t.prototype.extractAccountSid = function(e) {
var t;
return (null === (t = e.idTokenClaims) || void 0 === t ? void 0 : t.sid) || null
}
,
t.prototype.extractLoginHint = function(e) {
var t;
return (null === (t = e.idTokenClaims) || void 0 === t ? void 0 : t.login_hint) || null
}
,
t
}(ot);
function yt(e) {
return e.hasOwnProperty("authorization_endpoint") && e.hasOwnProperty("token_endpoint") && e.hasOwnProperty("issuer") && e.hasOwnProperty("jwks_uri")
}
!function(e) {
e.AcquireTokenByCode = "acquireTokenByCode",
e.AcquireTokenByRefreshToken = "acquireTokenByRefreshToken",
e.AcquireTokenSilent = "acquireTokenSilent",
e.AcquireTokenSilentAsync = "acquireTokenSilentAsync",
e.AcquireTokenPopup = "acquireTokenPopup",
e.CryptoOptsGetPublicKeyThumbprint = "cryptoOptsGetPublicKeyThumbprint",
e.CryptoOptsSignJwt = "cryptoOptsSignJwt",
e.SilentCacheClientAcquireToken = "silentCacheClientAcquireToken",
e.SilentIframeClientAcquireToken = "silentIframeClientAcquireToken",
e.SilentRefreshClientAcquireToken = "silentRefreshClientAcquireToken",
e.SsoSilent = "ssoSilent",
e.StandardInteractionClientGetDiscoveredAuthority = "standardInteractionClientGetDiscoveredAuthority",
e.FetchAccountIdWithNativeBroker = "fetchAccountIdWithNativeBroker",
e.NativeInteractionClientAcquireToken = "nativeInteractionClientAcquireToken",
e.RefreshTokenClientExecuteTokenRequest = "refreshTokenClientExecuteTokenRequest",
e.BaseClientCreateTokenRequestHeaders = "baseClientCreateTokenRequestHeaders",
e.BrokerHandhshake = "brokerHandshake",
e.AcquireTokenByRefreshTokenInBroker = "acquireTokenByRefreshTokenInBroker",
e.AcquireTokenByBroker = "acquireTokenByBroker"
}(ht || (ht = {})),
function(e) {
e[e.NotStarted = 0] = "NotStarted",
e[e.InProgress = 1] = "InProgress",
e[e.Completed = 2] = "Completed"
}(pt || (pt = {}));
var Et, _t = {
"https://login.microsoftonline.com/common/": {
token_endpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.com/common/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.com/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.com/common/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.com",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pas.windows.net"
},
"https://login.chinacloudapi.cn/common/": {
token_endpoint: "https://login.chinacloudapi.cn/common/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.chinacloudapi.cn/common/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.partner.microsoftonline.cn/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://microsoftgraph.chinacloudapi.cn/oidc/userinfo",
authorization_endpoint: "https://login.chinacloudapi.cn/common/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.chinacloudapi.cn/common/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.chinacloudapi.cn/common/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.chinacloudapi.cn/common/kerberos",
tenant_region_scope: null,
cloud_instance_name: "partner.microsoftonline.cn",
cloud_graph_host_name: "graph.chinacloudapi.cn",
msgraph_host: "microsoftgraph.chinacloudapi.cn",
rbac_url: "https://pas.chinacloudapi.cn"
},
"https://login.microsoftonline.us/common/": {
token_endpoint: "https://login.microsoftonline.us/common/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.us/common/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.us/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.us/common/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.us/common/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.us/common/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.us/common/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.us",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pasff.usgovcloudapi.net"
},
"https://login.microsoftonline.com/consumers/": {
token_endpoint: "https://login.microsoftonline.com/consumers/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.com/consumers/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.com/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.com/consumers/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.com/consumers/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.com",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pas.windows.net"
},
"https://login.chinacloudapi.cn/consumers/": {
token_endpoint: "https://login.chinacloudapi.cn/consumers/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.chinacloudapi.cn/consumers/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.partner.microsoftonline.cn/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://microsoftgraph.chinacloudapi.cn/oidc/userinfo",
authorization_endpoint: "https://login.chinacloudapi.cn/consumers/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.chinacloudapi.cn/consumers/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.chinacloudapi.cn/consumers/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.chinacloudapi.cn/consumers/kerberos",
tenant_region_scope: null,
cloud_instance_name: "partner.microsoftonline.cn",
cloud_graph_host_name: "graph.chinacloudapi.cn",
msgraph_host: "microsoftgraph.chinacloudapi.cn",
rbac_url: "https://pas.chinacloudapi.cn"
},
"https://login.microsoftonline.us/consumers/": {
token_endpoint: "https://login.microsoftonline.us/consumers/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.us/consumers/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.us/9188040d-6c67-4c5b-b112-36a304b66dad/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.us/consumers/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.us/consumers/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.us/consumers/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.us/consumers/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.us",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pasff.usgovcloudapi.net"
},
"https://login.microsoftonline.com/organizations/": {
token_endpoint: "https://login.microsoftonline.com/organizations/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.com/organizations/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.com/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.com/organizations/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.com/organizations/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.com/organizations/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.com",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pas.windows.net"
},
"https://login.chinacloudapi.cn/organizations/": {
token_endpoint: "https://login.chinacloudapi.cn/organizations/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.chinacloudapi.cn/organizations/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.partner.microsoftonline.cn/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://microsoftgraph.chinacloudapi.cn/oidc/userinfo",
authorization_endpoint: "https://login.chinacloudapi.cn/organizations/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.chinacloudapi.cn/organizations/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.chinacloudapi.cn/organizations/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.chinacloudapi.cn/organizations/kerberos",
tenant_region_scope: null,
cloud_instance_name: "partner.microsoftonline.cn",
cloud_graph_host_name: "graph.chinacloudapi.cn",
msgraph_host: "microsoftgraph.chinacloudapi.cn",
rbac_url: "https://pas.chinacloudapi.cn"
},
"https://login.microsoftonline.us/organizations/": {
token_endpoint: "https://login.microsoftonline.us/organizations/oauth2/v2.0/token",
token_endpoint_auth_methods_supported: ["client_secret_post", "private_key_jwt", "client_secret_basic"],
jwks_uri: "https://login.microsoftonline.us/organizations/discovery/v2.0/keys",
response_modes_supported: ["query", "fragment", "form_post"],
subject_types_supported: ["pairwise"],
id_token_signing_alg_values_supported: ["RS256"],
response_types_supported: ["code", "id_token", "code id_token", "id_token token"],
scopes_supported: ["openid", "profile", "email", "offline_access"],
issuer: "https://login.microsoftonline.us/{tenantid}/v2.0",
request_uri_parameter_supported: !1,
userinfo_endpoint: "https://graph.microsoft.com/oidc/userinfo",
authorization_endpoint: "https://login.microsoftonline.us/organizations/oauth2/v2.0/authorize",
device_authorization_endpoint: "https://login.microsoftonline.us/organizations/oauth2/v2.0/devicecode",
http_logout_supported: !0,
frontchannel_logout_supported: !0,
end_session_endpoint: "https://login.microsoftonline.us/organizations/oauth2/v2.0/logout",
claims_supported: ["sub", "iss", "cloud_instance_name", "cloud_instance_host_name", "cloud_graph_host_name", "msgraph_host", "aud", "exp", "iat", "auth_time", "acr", "nonce", "preferred_username", "name", "tid", "ver", "at_hash", "c_hash", "email"],
kerberos_endpoint: "https://login.microsoftonline.us/organizations/kerberos",
tenant_region_scope: null,
cloud_instance_name: "microsoftonline.us",
cloud_graph_host_name: "graph.windows.net",
msgraph_host: "graph.microsoft.com",
rbac_url: "https://pasff.usgovcloudapi.net"
}
}, Ct = {
"https://login.microsoftonline.com/common/": {
tenant_discovery_endpoint: "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.chinacloudapi.cn/common/": {
tenant_discovery_endpoint: "https://login.chinacloudapi.cn/common/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.microsoftonline.us/common/": {
tenant_discovery_endpoint: "https://login.microsoftonline.us/common/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.microsoftonline.com/consumers/": {
tenant_discovery_endpoint: "https://login.microsoftonline.com/consumers/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.chinacloudapi.cn/consumers/": {
tenant_discovery_endpoint: "https://login.chinacloudapi.cn/consumers/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.microsoftonline.us/consumers/": {
tenant_discovery_endpoint: "https://login.microsoftonline.us/consumers/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.microsoftonline.com/organizations/": {
tenant_discovery_endpoint: "https://login.microsoftonline.com/organizations/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.chinacloudapi.cn/organizations/": {
tenant_discovery_endpoint: "https://login.chinacloudapi.cn/organizations/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
},
"https://login.microsoftonline.us/organizations/": {
tenant_discovery_endpoint: "https://login.microsoftonline.us/organizations/v2.0/.well-known/openid-configuration",
"api-version": "1.1",
metadata: [{
preferred_network: "login.microsoftonline.com",
preferred_cache: "login.windows.net",
aliases: ["login.microsoftonline.com", "login.windows.net", "login.microsoft.com", "sts.windows.net"]
}, {
preferred_network: "login.partner.microsoftonline.cn",
preferred_cache: "login.partner.microsoftonline.cn",
aliases: ["login.partner.microsoftonline.cn", "login.chinacloudapi.cn"]
}, {
preferred_network: "login.microsoftonline.de",
preferred_cache: "login.microsoftonline.de",
aliases: ["login.microsoftonline.de"]
}, {
preferred_network: "login.microsoftonline.us",
preferred_cache: "login.microsoftonline.us",
aliases: ["login.microsoftonline.us", "login.usgovcloudapi.net"]
}, {
preferred_network: "login-us.microsoftonline.com",
preferred_cache: "login-us.microsoftonline.com",
aliases: ["login-us.microsoftonline.com"]
}]
}
};
!function(e) {
e.AAD = "AAD",
e.OIDC = "OIDC"
}(Et || (Et = {}));
var Tt, wt, St = function() {
function e(e) {
this.networkInterface = e
}
return e.prototype.detectRegion = function(t, r, n) {
return g(this, void 0, void 0, (function() {
var o, i, a, s, c;
return f(this, (function(u) {
switch (u.label) {
case 0:
if (o = t)
return [3, 8];
i = e.IMDS_OPTIONS,
n && (i.proxyUrl = n),
u.label = 1;
case 1:
return u.trys.push([1, 6, , 7]),
[4, this.getRegionFromIMDS(T.IMDS_VERSION, i)];
case 2:
return (a = u.sent()).status === B.httpSuccess && (o = a.body,
r.region_source = G.IMDS),
a.status !== B.httpBadRequest ? [3, 5] : [4, this.getCurrentVersion(i)];
case 3:
return (s = u.sent()) ? [4, this.getRegionFromIMDS(s, i)] : (r.region_source = G.FAILED_AUTO_DETECTION,
[2, null]);
case 4:
(c = u.sent()).status === B.httpSuccess && (o = c.body,
r.region_source = G.IMDS),
u.label = 5;
case 5:
return [3, 7];
case 6:
return u.sent(),
r.region_source = G.FAILED_AUTO_DETECTION,
[2, null];
case 7:
return [3, 9];
case 8:
r.region_source = G.ENVIRONMENT_VARIABLE,
u.label = 9;
case 9:
return o || (r.region_source = G.FAILED_AUTO_DETECTION),
[2, o || null]
}
}
))
}
))
}
,
e.prototype.getRegionFromIMDS = function(e, t) {
return g(this, void 0, void 0, (function() {
return f(this, (function(r) {
return [2, this.networkInterface.sendGetRequestAsync(T.IMDS_ENDPOINT + "?api-version=" + e + "&format=text", t, T.IMDS_TIMEOUT)]
}
))
}
))
}
,
e.prototype.getCurrentVersion = function(e) {
return g(this, void 0, void 0, (function() {
var t;
return f(this, (function(r) {
switch (r.label) {
case 0:
return r.trys.push([0, 2, , 3]),
[4, this.networkInterface.sendGetRequestAsync(T.IMDS_ENDPOINT + "?format=json", e)];
case 1:
return (t = r.sent()).status === B.httpBadRequest && t.body && t.body["newest-versions"] && t.body["newest-versions"].length > 0 ? [2, t.body["newest-versions"][0]] : [2, null];
case 2:
return r.sent(),
[2, null];
case 3:
return [2]
}
}
))
}
))
}
,
e.IMDS_OPTIONS = {
headers: {
Metadata: "true"
}
},
e
}(), It = function() {
function e(e, t, r, n, o) {
this.canonicalAuthority = e,
this._canonicalAuthority.validateAsUri(),
this.networkInterface = t,
this.cacheManager = r,
this.authorityOptions = n,
this.regionDiscovery = new St(t),
this.regionDiscoveryMetadata = {
region_used: void 0,
region_source: void 0,
region_outcome: void 0
},
this.proxyUrl = o || T.EMPTY_STRING
}
return Object.defineProperty(e.prototype, "authorityType", {
get: function() {
var e = this.canonicalAuthorityUrlComponents.PathSegments;
return e.length && e[0].toLowerCase() === T.ADFS ? W.Adfs : W.Default
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "protocolMode", {
get: function() {
return this.authorityOptions.protocolMode
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "options", {
get: function() {
return this.authorityOptions
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "canonicalAuthority", {
get: function() {
return this._canonicalAuthority.urlString
},
set: function(e) {
this._canonicalAuthority = new Ke(e),
this._canonicalAuthority.validateAsUri(),
this._canonicalAuthorityUrlComponents = null
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "canonicalAuthorityUrlComponents", {
get: function() {
return this._canonicalAuthorityUrlComponents || (this._canonicalAuthorityUrlComponents = this._canonicalAuthority.getUrlComponents()),
this._canonicalAuthorityUrlComponents
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "hostnameAndPort", {
get: function() {
return this.canonicalAuthorityUrlComponents.HostNameAndPort.toLowerCase()
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "tenant", {
get: function() {
return this.canonicalAuthorityUrlComponents.PathSegments[0]
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "authorizationEndpoint", {
get: function() {
if (this.discoveryComplete()) {
var e = this.replacePath(this.metadata.authorization_endpoint);
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "tokenEndpoint", {
get: function() {
if (this.discoveryComplete()) {
var e = this.replacePath(this.metadata.token_endpoint);
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "deviceCodeEndpoint", {
get: function() {
if (this.discoveryComplete()) {
var e = this.replacePath(this.metadata.token_endpoint.replace("/token", "/devicecode"));
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "endSessionEndpoint", {
get: function() {
if (this.discoveryComplete()) {
if (!this.metadata.end_session_endpoint)
throw X.createLogoutNotSupportedError();
var e = this.replacePath(this.metadata.end_session_endpoint);
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "selfSignedJwtAudience", {
get: function() {
if (this.discoveryComplete()) {
var e = this.replacePath(this.metadata.issuer);
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
Object.defineProperty(e.prototype, "jwksUri", {
get: function() {
if (this.discoveryComplete()) {
var e = this.replacePath(this.metadata.jwks_uri);
return this.replaceTenant(e)
}
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
},
enumerable: !1,
configurable: !0
}),
e.prototype.replaceTenant = function(e) {
return e.replace(/{tenant}|{tenantid}/g, this.tenant)
}
,
e.prototype.replacePath = function(e) {
var t = e
, r = new Ke(this.metadata.canonical_authority).getUrlComponents().PathSegments;
return this.canonicalAuthorityUrlComponents.PathSegments.forEach((function(e, n) {
var o = r[n];
e !== o && (t = t.replace("/" + o + "/", "/" + e + "/"))
}
)),
t
}
,
Object.defineProperty(e.prototype, "defaultOpenIdConfigurationEndpoint", {
get: function() {
return this.authorityType === W.Adfs || this.protocolMode === Et.OIDC ? this.canonicalAuthority + ".well-known/openid-configuration" : this.canonicalAuthority + "v2.0/.well-known/openid-configuration"
},
enumerable: !1,
configurable: !0
}),
e.prototype.discoveryComplete = function() {
return !!this.metadata
}
,
e.prototype.resolveEndpointsAsync = function() {
return g(this, void 0, void 0, (function() {
var e, t, r, n;
return f(this, (function(o) {
switch (o.label) {
case 0:
return (e = this.cacheManager.getAuthorityMetadataByAlias(this.hostnameAndPort)) || (e = new me).updateCanonicalAuthority(this.canonicalAuthority),
[4, this.updateCloudDiscoveryMetadata(e)];
case 1:
return t = o.sent(),
this.canonicalAuthority = this.canonicalAuthority.replace(this.hostnameAndPort, e.preferred_network),
[4, this.updateEndpointMetadata(e)];
case 2:
return r = o.sent(),
t !== q.CACHE && r !== q.CACHE && (e.resetExpiresAt(),
e.updateCanonicalAuthority(this.canonicalAuthority)),
n = this.cacheManager.generateAuthorityMetadataCacheKey(e.preferred_cache),
this.cacheManager.setAuthorityMetadata(n, e),
this.metadata = e,
[2]
}
}
))
}
))
}
,
e.prototype.updateEndpointMetadata = function(e) {
var t, r;
return g(this, void 0, void 0, (function() {
var n, o;
return f(this, (function(i) {
switch (i.label) {
case 0:
return (n = this.getEndpointMetadataFromConfig()) ? (e.updateEndpointMetadata(n, !1),
[2, q.CONFIG]) : this.isAuthoritySameType(e) && e.endpointsFromNetwork && !e.isExpired() ? [2, q.CACHE] : (o = this.getEndpointMetadataFromHardcodedValues(),
[4, this.getEndpointMetadataFromNetwork()]);
case 1:
return (n = i.sent()) ? (null === (t = this.authorityOptions.azureRegionConfiguration) || void 0 === t ? void 0 : t.azureRegion) ? [4, this.updateMetadataWithRegionalInformation(n)] : [3, 3] : [3, 4];
case 2:
n = i.sent(),
i.label = 3;
case 3:
return e.updateEndpointMetadata(n, !0),
[2, q.NETWORK];
case 4:
return !o || this.authorityOptions.skipAuthorityMetadataCache ? [3, 7] : (null === (r = this.authorityOptions.azureRegionConfiguration) || void 0 === r ? void 0 : r.azureRegion) ? [4, this.updateMetadataWithRegionalInformation(o)] : [3, 6];
case 5:
o = i.sent(),
i.label = 6;
case 6:
return e.updateEndpointMetadata(o, !1),
[2, q.HARDCODED_VALUES];
case 7:
throw X.createUnableToGetOpenidConfigError(this.defaultOpenIdConfigurationEndpoint)
}
}
))
}
))
}
,
e.prototype.isAuthoritySameType = function(e) {
return new Ke(e.canonical_authority).getUrlComponents().PathSegments.length === this.canonicalAuthorityUrlComponents.PathSegments.length
}
,
e.prototype.getEndpointMetadataFromConfig = function() {
if (this.authorityOptions.authorityMetadata)
try {
return JSON.parse(this.authorityOptions.authorityMetadata)
} catch (e) {
throw ie.createInvalidAuthorityMetadataError()
}
return null
}
,
e.prototype.getEndpointMetadataFromNetwork = function() {
return g(this, void 0, void 0, (function() {
var e, t;
return f(this, (function(r) {
switch (r.label) {
case 0:
e = {},
this.proxyUrl && (e.proxyUrl = this.proxyUrl),
r.label = 1;
case 1:
return r.trys.push([1, 3, , 4]),
[4, this.networkInterface.sendGetRequestAsync(this.defaultOpenIdConfigurationEndpoint, e)];
case 2:
return [2, yt((t = r.sent()).body) ? t.body : null];
case 3:
return r.sent(),
[2, null];
case 4:
return [2]
}
}
))
}
))
}
,
e.prototype.getEndpointMetadataFromHardcodedValues = function() {
return this.canonicalAuthority in _t ? _t[this.canonicalAuthority] : null
}
,
e.prototype.updateMetadataWithRegionalInformation = function(t) {
var r, n, o, i, a;
return g(this, void 0, void 0, (function() {
var s, c;
return f(this, (function(u) {
switch (u.label) {
case 0:
return [4, this.regionDiscovery.detectRegion(null === (r = this.authorityOptions.azureRegionConfiguration) || void 0 === r ? void 0 : r.environmentRegion, this.regionDiscoveryMetadata, this.proxyUrl)];
case 1:
return s = u.sent(),
c = (null === (n = this.authorityOptions.azureRegionConfiguration) || void 0 === n ? void 0 : n.azureRegion) === T.AZURE_REGION_AUTO_DISCOVER_FLAG ? s : null === (o = this.authorityOptions.azureRegionConfiguration) || void 0 === o ? void 0 : o.azureRegion,
(null === (i = this.authorityOptions.azureRegionConfiguration) || void 0 === i ? void 0 : i.azureRegion) === T.AZURE_REGION_AUTO_DISCOVER_FLAG ? this.regionDiscoveryMetadata.region_outcome = s ? z.AUTO_DETECTION_REQUESTED_SUCCESSFUL : z.AUTO_DETECTION_REQUESTED_FAILED : this.regionDiscoveryMetadata.region_outcome = s ? (null === (a = this.authorityOptions.azureRegionConfiguration) || void 0 === a ? void 0 : a.azureRegion) === s ? z.CONFIGURED_MATCHES_DETECTED : z.CONFIGURED_NOT_DETECTED : z.CONFIGURED_NO_AUTO_DETECTION,
c ? (this.regionDiscoveryMetadata.region_used = c,
[2, e.replaceWithRegionalInformation(t, c)]) : [2, t]
}
}
))
}
))
}
,
e.prototype.updateCloudDiscoveryMetadata = function(e) {
return g(this, void 0, void 0, (function() {
var t, r;
return f(this, (function(n) {
switch (n.label) {
case 0:
return (t = this.getCloudDiscoveryMetadataFromConfig()) ? (e.updateCloudDiscoveryMetadata(t, !1),
[2, q.CONFIG]) : this.isAuthoritySameType(e) && e.aliasesFromNetwork && !e.isExpired() ? [2, q.CACHE] : (r = this.getCloudDiscoveryMetadataFromHarcodedValues(),
[4, this.getCloudDiscoveryMetadataFromNetwork()]);
case 1:
if (t = n.sent())
return e.updateCloudDiscoveryMetadata(t, !0),
[2, q.NETWORK];
if (r && !this.options.skipAuthorityMetadataCache)
return e.updateCloudDiscoveryMetadata(r, !1),
[2, q.HARDCODED_VALUES];
throw ie.createUntrustedAuthorityError()
}
}
))
}
))
}
,
e.prototype.getCloudDiscoveryMetadataFromConfig = function() {
if (this.authorityOptions.cloudDiscoveryMetadata)
try {
var t = JSON.parse(this.authorityOptions.cloudDiscoveryMetadata)
, r = e.getCloudDiscoveryMetadataFromNetworkResponse(t.metadata, this.hostnameAndPort);
if (r)
return r
} catch (e) {
throw ie.createInvalidCloudDiscoveryMetadataError()
}
return this.isInKnownAuthorities() ? e.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort) : null
}
,
e.prototype.getCloudDiscoveryMetadataFromNetwork = function() {
return g(this, void 0, void 0, (function() {
var t, r, n, o, i;
return f(this, (function(a) {
switch (a.label) {
case 0:
t = "" + T.AAD_INSTANCE_DISCOVERY_ENDPT + this.canonicalAuthority + "oauth2/v2.0/authorize",
r = {},
this.proxyUrl && (r.proxyUrl = this.proxyUrl),
n = null,
a.label = 1;
case 1:
return a.trys.push([1, 3, , 4]),
[4, this.networkInterface.sendGetRequestAsync(t, r)];
case 2:
return o = a.sent(),
i = function(e) {
return e.hasOwnProperty("tenant_discovery_endpoint") && e.hasOwnProperty("metadata")
}(o.body) ? o.body.metadata : [],
0 === i.length ? [2, null] : (n = e.getCloudDiscoveryMetadataFromNetworkResponse(i, this.hostnameAndPort),
[3, 4]);
case 3:
return a.sent(),
[2, null];
case 4:
return n || (n = e.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort)),
[2, n]
}
}
))
}
))
}
,
e.prototype.getCloudDiscoveryMetadataFromHarcodedValues = function() {
return this.canonicalAuthority in Ct ? Ct[this.canonicalAuthority] : null
}
,
e.prototype.isInKnownAuthorities = function() {
var e = this;
return this.authorityOptions.knownAuthorities.filter((function(t) {
return Ke.getDomainFromUrl(t).toLowerCase() === e.hostnameAndPort
}
)).length > 0
}
,
e.generateAuthority = function(e, t) {
var r;
if (t && t.azureCloudInstance !== ze.None) {
var n = t.tenant ? t.tenant : T.DEFAULT_COMMON_TENANT;
r = t.azureCloudInstance + "/" + n + "/"
}
return r || e
}
,
e.createCloudDiscoveryMetadataFromHost = function(e) {
return {
preferred_network: e,
preferred_cache: e,
aliases: [e]
}
}
,
e.getCloudDiscoveryMetadataFromNetworkResponse = function(e, t) {
for (var r = 0; r < e.length; r++) {
var n = e[r];
if (n.aliases.indexOf(t) > -1)
return n
}
return null
}
,
e.prototype.getPreferredCache = function() {
if (this.discoveryComplete())
return this.metadata.preferred_cache;
throw X.createEndpointDiscoveryIncompleteError("Discovery incomplete.")
}
,
e.prototype.isAlias = function(e) {
return this.metadata.aliases.indexOf(e) > -1
}
,
e.isPublicCloudAuthority = function(e) {
return T.KNOWN_PUBLIC_CLOUDS.indexOf(e) >= 0
}
,
e.buildRegionalAuthorityString = function(e, t, r) {
var n = new Ke(e);
n.validateAsUri();
var o = n.getUrlComponents()
, i = t + "." + o.HostNameAndPort;
this.isPublicCloudAuthority(o.HostNameAndPort) && (i = t + "." + T.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX);
var a = Ke.constructAuthorityUriFromObject(p(p({}, n.getUrlComponents()), {
HostNameAndPort: i
})).urlString;
return r ? a + "?" + r : a
}
,
e.replaceWithRegionalInformation = function(t, r) {
return t.authorization_endpoint = e.buildRegionalAuthorityString(t.authorization_endpoint, r),
t.token_endpoint = e.buildRegionalAuthorityString(t.token_endpoint, r, "allowestsrnonmsi=true"),
t.end_session_endpoint && (t.end_session_endpoint = e.buildRegionalAuthorityString(t.end_session_endpoint, r)),
t
}
,
e
}(), At = function() {
function e() {}
return e.createDiscoveredInstance = function(t, r, n, o, i) {
return g(this, void 0, void 0, (function() {
var a, s;
return f(this, (function(c) {
switch (c.label) {
case 0:
a = e.createInstance(t, r, n, o, i),
c.label = 1;
case 1:
return c.trys.push([1, 3, , 4]),
[4, a.resolveEndpointsAsync()];
case 2:
return c.sent(),
[2, a];
case 3:
throw s = c.sent(),
X.createEndpointDiscoveryIncompleteError(s);
case 4:
return [2]
}
}
))
}
))
}
,
e.createInstance = function(e, t, r, n, o) {
if ($.isEmpty(e))
throw ie.createUrlEmptyError();
return new It(e,t,r,n,o)
}
,
e
}(), bt = function() {
function e(e, t) {
this.cacheOutcome = j.NO_CACHE_HIT,
this.cacheManager = t,
this.apiId = e.apiId,
this.correlationId = e.correlationId,
this.wrapperSKU = e.wrapperSKU || T.EMPTY_STRING,
this.wrapperVer = e.wrapperVer || T.EMPTY_STRING,
this.telemetryCacheKey = x.CACHE_KEY + N.CACHE_KEY_SEPARATOR + e.clientId
}
return e.prototype.generateCurrentRequestHeaderValue = function() {
var e = "" + this.apiId + x.VALUE_SEPARATOR + this.cacheOutcome
, t = [this.wrapperSKU, this.wrapperVer].join(x.VALUE_SEPARATOR)
, r = [e, this.getRegionDiscoveryFields()].join(x.VALUE_SEPARATOR);
return [x.SCHEMA_VERSION, r, t].join(x.CATEGORY_SEPARATOR)
}
,
e.prototype.generateLastRequestHeaderValue = function() {
var t = this.getLastRequests()
, r = e.maxErrorsToSend(t)
, n = t.failedRequests.slice(0, 2 * r).join(x.VALUE_SEPARATOR)
, o = t.errors.slice(0, r).join(x.VALUE_SEPARATOR)
, i = t.errors.length
, a = [i, r < i ? x.OVERFLOW_TRUE : x.OVERFLOW_FALSE].join(x.VALUE_SEPARATOR);
return [x.SCHEMA_VERSION, t.cacheHits, n, o, a].join(x.CATEGORY_SEPARATOR)
}
,
e.prototype.cacheFailedRequest = function(e) {
var t = this.getLastRequests();
t.errors.length >= x.MAX_CACHED_ERRORS && (t.failedRequests.shift(),
t.failedRequests.shift(),
t.errors.shift()),
t.failedRequests.push(this.apiId, this.correlationId),
$.isEmpty(e.subError) ? $.isEmpty(e.errorCode) ? e && e.toString() ? t.errors.push(e.toString()) : t.errors.push(x.UNKNOWN_ERROR) : t.errors.push(e.errorCode) : t.errors.push(e.subError),
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, t)
}
,
e.prototype.incrementCacheHits = function() {
var e = this.getLastRequests();
return e.cacheHits += 1,
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, e),
e.cacheHits
}
,
e.prototype.getLastRequests = function() {
var e = new fe;
return this.cacheManager.getServerTelemetry(this.telemetryCacheKey) || e
}
,
e.prototype.clearTelemetryCache = function() {
var t = this.getLastRequests()
, r = e.maxErrorsToSend(t);
if (r === t.errors.length)
this.cacheManager.removeItem(this.telemetryCacheKey);
else {
var n = new fe;
n.failedRequests = t.failedRequests.slice(2 * r),
n.errors = t.errors.slice(r),
this.cacheManager.setServerTelemetry(this.telemetryCacheKey, n)
}
}
,
e.maxErrorsToSend = function(e) {
var t, r = 0, n = 0, o = e.errors.length;
for (t = 0; t < o; t++) {
var i = e.failedRequests[2 * t] || T.EMPTY_STRING
, a = e.failedRequests[2 * t + 1] || T.EMPTY_STRING
, s = e.errors[t] || T.EMPTY_STRING;
if (!((n += i.toString().length + a.toString().length + s.length + 3) < x.MAX_LAST_HEADER_BYTES))
break;
r += 1
}
return r
}
,
e.prototype.getRegionDiscoveryFields = function() {
var e = [];
return e.push(this.regionUsed || T.EMPTY_STRING),
e.push(this.regionSource || T.EMPTY_STRING),
e.push(this.regionOutcome || T.EMPTY_STRING),
e.join(",")
}
,
e.prototype.updateRegionDiscoveryMetadata = function(e) {
this.regionUsed = e.region_used,
this.regionSource = e.region_source,
this.regionOutcome = e.region_outcome
}
,
e.prototype.setCacheOutcome = function(e) {
this.cacheOutcome = e
}
,
e
}(), Rt = "@azure/msal-browser", kt = "2.28.3", Nt = function() {
function e() {}
return e.prototype.sendGetRequestAsync = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o;
return c(this, (function(i) {
switch (i.label) {
case 0:
return i.trys.push([0, 2, , 3]),
[4, fetch(e, {
method: Ce.GET,
headers: this.getFetchHeaders(t)
})];
case 1:
return r = i.sent(),
[3, 3];
case 2:
throw n = i.sent(),
window.navigator.onLine ? ke.createGetRequestFailedError(n, e) : ke.createNoNetworkConnectivityError();
case 3:
return i.trys.push([3, 5, , 6]),
o = {
headers: this.getHeaderDict(r.headers)
},
[4, r.json()];
case 4:
return [2, (o.body = i.sent(),
o.status = r.status,
o)];
case 5:
throw i.sent(),
ke.createFailedToParseNetworkResponseError(e);
case 6:
return [2]
}
}
))
}
))
}
,
e.prototype.sendPostRequestAsync = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o, i;
return c(this, (function(a) {
switch (a.label) {
case 0:
r = t && t.body || T.EMPTY_STRING,
a.label = 1;
case 1:
return a.trys.push([1, 3, , 4]),
[4, fetch(e, {
method: Ce.POST,
headers: this.getFetchHeaders(t),
body: r
})];
case 2:
return n = a.sent(),
[3, 4];
case 3:
throw o = a.sent(),
window.navigator.onLine ? ke.createPostRequestFailedError(o, e) : ke.createNoNetworkConnectivityError();
case 4:
return a.trys.push([4, 6, , 7]),
i = {
headers: this.getHeaderDict(n.headers)
},
[4, n.json()];
case 5:
return [2, (i.body = a.sent(),
i.status = n.status,
i)];
case 6:
throw a.sent(),
ke.createFailedToParseNetworkResponseError(e);
case 7:
return [2]
}
}
))
}
))
}
,
e.prototype.getFetchHeaders = function(e) {
var t = new Headers;
if (!e || !e.headers)
return t;
var r = e.headers;
return Object.keys(r).forEach((function(e) {
t.append(e, r[e])
}
)),
t
}
,
e.prototype.getHeaderDict = function(e) {
var t = {};
return e.forEach((function(e, r) {
t[r] = e
}
)),
t
}
,
e
}(), Pt = function() {
function e() {}
return e.prototype.sendGetRequestAsync = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, this.sendRequestAsync(e, Ce.GET, t)]
}
))
}
))
}
,
e.prototype.sendPostRequestAsync = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, this.sendRequestAsync(e, Ce.POST, t)]
}
))
}
))
}
,
e.prototype.sendRequestAsync = function(e, t, r) {
var n = this;
return new Promise((function(o, i) {
var a = new XMLHttpRequest;
if (a.open(t, e, !0),
n.setXhrHeaders(a, r),
a.onload = function() {
(a.status < 200 || a.status >= 300) && (t === Ce.POST ? i(ke.createPostRequestFailedError("Failed with status " + a.status, e)) : i(ke.createGetRequestFailedError("Failed with status " + a.status, e)));
try {
var r = JSON.parse(a.responseText)
, s = {
headers: n.getHeaderDict(a),
body: r,
status: a.status
};
o(s)
} catch (t) {
i(ke.createFailedToParseNetworkResponseError(e))
}
}
,
a.onerror = function() {
window.navigator.onLine ? t === Ce.POST ? i(ke.createPostRequestFailedError("Failed with status " + a.status, e)) : i(ke.createGetRequestFailedError("Failed with status " + a.status, e)) : i(ke.createNoNetworkConnectivityError())
}
,
t === Ce.POST && r && r.body)
a.send(r.body);
else {
if (t !== Ce.GET)
throw ke.createHttpMethodNotImplementedError(t);
a.send()
}
}
))
}
,
e.prototype.setXhrHeaders = function(e, t) {
if (t && t.headers) {
var r = t.headers;
Object.keys(r).forEach((function(t) {
e.setRequestHeader(t, r[t])
}
))
}
}
,
e.prototype.getHeaderDict = function(e) {
var t = e.getAllResponseHeaders().trim().split(/[\r\n]+/)
, r = {};
return t.forEach((function(e) {
var t = e.split(": ")
, n = t.shift()
, o = t.join(": ");
n && o && (r[n] = o)
}
)),
r
}
,
e
}(), Ot = function() {
function e() {}
return e.clearHash = function(e) {
e.location.hash = T.EMPTY_STRING,
"function" == typeof e.history.replaceState && e.history.replaceState(null, T.EMPTY_STRING, "" + e.location.origin + e.location.pathname + e.location.search)
}
,
e.replaceHash = function(e) {
var t = e.split("#");
t.shift(),
window.location.hash = t.length > 0 ? t.join("#") : T.EMPTY_STRING
}
,
e.isInIframe = function() {
return window.parent !== window
}
,
e.isInPopup = function() {
return "undefined" != typeof window && !!window.opener && window.opener !== window && "string" == typeof window.name && 0 === window.name.indexOf(Ne.POPUP_NAME_PREFIX + ".")
}
,
e.getCurrentUri = function() {
return window.location.href.split("?")[0].split("#")[0]
}
,
e.getHomepage = function() {
var e = new Ke(window.location.href).getUrlComponents();
return e.Protocol + "//" + e.HostNameAndPort + "/"
}
,
e.getBrowserNetworkClient = function() {
return window.fetch && window.Headers ? new Nt : new Pt
}
,
e.blockReloadInHiddenIframes = function() {
if (Ke.hashContainsKnownProperties(window.location.hash) && e.isInIframe())
throw ke.createBlockReloadInHiddenIframeError()
}
,
e.blockRedirectInIframe = function(t, r) {
var n = e.isInIframe();
if (t === Ie.Redirect && n && !r)
throw ke.createRedirectInIframeError(n)
}
,
e.blockAcquireTokenInPopups = function() {
if (e.isInPopup())
throw ke.createBlockAcquireTokenInPopupsError()
}
,
e.blockNonBrowserEnvironment = function(e) {
if (!e)
throw ke.createNonBrowserEnvironmentError()
}
,
e.blockNativeBrokerCalledBeforeInitialized = function(e, t) {
if (e && !t)
throw ke.createNativeBrokerCalledBeforeInitialize()
}
,
e.detectIEOrEdge = function() {
var e = window.navigator.userAgent
, t = e.indexOf("MSIE ")
, r = e.indexOf("Trident/")
, n = e.indexOf("Edge/");
return t > 0 || r > 0 || n > 0
}
,
e
}(), Mt = function() {
function e(e, t, r, n, o, i, a, s, c) {
this.config = e,
this.browserStorage = t,
this.browserCrypto = r,
this.networkClient = this.config.system.networkClient,
this.eventHandler = o,
this.navigationClient = i,
this.nativeMessageHandler = s,
this.correlationId = c || this.browserCrypto.createNewGuid(),
this.logger = n.clone(Ne.MSAL_SKU, kt, this.correlationId),
this.performanceClient = a
}
return e.prototype.clearCacheOnLogout = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
switch (t.label) {
case 0:
if (!e)
return [3, 5];
re.accountInfoIsEqual(e, this.browserStorage.getActiveAccount(), !1) && (this.logger.verbose("Setting active account to null"),
this.browserStorage.setActiveAccount(null)),
t.label = 1;
case 1:
return t.trys.push([1, 3, , 4]),
[4, this.browserStorage.removeAccount(re.generateAccountCacheKey(e))];
case 2:
return t.sent(),
this.logger.verbose("Cleared cache items belonging to the account provided in the logout request."),
[3, 4];
case 3:
return t.sent(),
this.logger.error("Account provided in logout request was not found. Local cache unchanged."),
[3, 4];
case 4:
return [3, 9];
case 5:
return t.trys.push([5, 8, , 9]),
this.logger.verbose("No account provided in logout request, clearing all cache items.", this.correlationId),
[4, this.browserStorage.clear()];
case 6:
return t.sent(),
[4, this.browserCrypto.clearKeystore()];
case 7:
return t.sent(),
[3, 9];
case 8:
return t.sent(),
this.logger.error("Attempted to clear all MSAL cache items and failed. Local cache unchanged."),
[3, 9];
case 9:
return [2]
}
}
))
}
))
}
,
e.prototype.initializeBaseRequest = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o;
return c(this, (function(i) {
switch (i.label) {
case 0:
if (this.logger.verbose("Initializing BaseAuthRequest"),
t = e.authority || this.config.auth.authority,
r = l(e && e.scopes || []),
(n = a(a({}, e), {
correlationId: this.correlationId,
authority: t,
scopes: r
})).authenticationScheme) {
if (n.authenticationScheme === F.SSH) {
if (!e.sshJwk)
throw ie.createMissingSshJwkError();
if (!e.sshKid)
throw ie.createMissingSshKidError()
}
this.logger.verbose('Authentication Scheme set to "' + n.authenticationScheme + '" as configured in Auth request')
} else
n.authenticationScheme = F.BEARER,
this.logger.verbose('Authentication Scheme wasn\'t explicitly set in request, defaulting to "Bearer" request');
return !e.claims || $.isEmpty(e.claims) ? [3, 2] : (o = n,
[4, this.browserCrypto.hashString(e.claims)]);
case 1:
o.requestedClaimsHash = i.sent(),
i.label = 2;
case 2:
return [2, n]
}
}
))
}
))
}
,
e.prototype.getRedirectUri = function(e) {
this.logger.verbose("getRedirectUri called");
var t = e || this.config.auth.redirectUri || Ot.getCurrentUri();
return Ke.getAbsoluteUrl(t, Ot.getCurrentUri())
}
,
e.prototype.initializeServerTelemetryManager = function(e, t) {
this.logger.verbose("initializeServerTelemetryManager called");
var r = {
clientId: this.config.auth.clientId,
correlationId: this.correlationId,
apiId: e,
forceRefresh: t || !1,
wrapperSKU: this.browserStorage.getWrapperMetadata()[0],
wrapperVer: this.browserStorage.getWrapperMetadata()[1]
};
return new bt(r,this.browserStorage)
}
,
e.prototype.getDiscoveredAuthority = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
switch (r.label) {
case 0:
return this.logger.verbose("getDiscoveredAuthority called"),
t = {
protocolMode: this.config.auth.protocolMode,
knownAuthorities: this.config.auth.knownAuthorities,
cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
authorityMetadata: this.config.auth.authorityMetadata
},
e ? (this.logger.verbose("Creating discovered authority with request authority"),
[4, At.createDiscoveredInstance(e, this.config.system.networkClient, this.browserStorage, t)]) : [3, 2];
case 1:
case 3:
return [2, r.sent()];
case 2:
return this.logger.verbose("Creating discovered authority with configured authority"),
[4, At.createDiscoveredInstance(this.config.auth.authority, this.config.system.networkClient, this.browserStorage, t)]
}
}
))
}
))
}
,
e
}(), Ut = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return i(t, e),
t.prototype.initializeAuthorizationCodeRequest = function(e) {
return s(this, void 0, void 0, (function() {
var t, r;
return c(this, (function(n) {
switch (n.label) {
case 0:
return this.logger.verbose("initializeAuthorizationRequest called", e.correlationId),
[4, this.browserCrypto.generatePkceCodes()];
case 1:
return t = n.sent(),
r = a(a({}, e), {
redirectUri: e.redirectUri,
code: T.EMPTY_STRING,
codeVerifier: t.verifier
}),
e.codeChallenge = t.challenge,
e.codeChallengeMethod = T.S256_CODE_CHALLENGE_METHOD,
[2, r]
}
}
))
}
))
}
,
t.prototype.initializeLogoutRequest = function(e) {
this.logger.verbose("initializeLogoutRequest called", null == e ? void 0 : e.correlationId);
var t = a({
correlationId: this.correlationId || this.browserCrypto.createNewGuid()
}, e);
if (e)
if (e.logoutHint)
this.logger.verbose("logoutHint has already been set in logoutRequest");
else if (e.account) {
var r = this.getLogoutHintFromIdTokenClaims(e.account);
r && (this.logger.verbose("Setting logoutHint to login_hint ID Token Claim value for the account provided"),
t.logoutHint = r)
} else
this.logger.verbose("logoutHint was not set and account was not passed into logout request, logoutHint will not be set");
else
this.logger.verbose("logoutHint will not be set since no logout request was configured");
return e && null === e.postLogoutRedirectUri ? this.logger.verbose("postLogoutRedirectUri passed as null, not setting post logout redirect uri", t.correlationId) : e && e.postLogoutRedirectUri ? (this.logger.verbose("Setting postLogoutRedirectUri to uri set on logout request", t.correlationId),
t.postLogoutRedirectUri = Ke.getAbsoluteUrl(e.postLogoutRedirectUri, Ot.getCurrentUri())) : null === this.config.auth.postLogoutRedirectUri ? this.logger.verbose("postLogoutRedirectUri configured as null and no uri set on request, not passing post logout redirect", t.correlationId) : this.config.auth.postLogoutRedirectUri ? (this.logger.verbose("Setting postLogoutRedirectUri to configured uri", t.correlationId),
t.postLogoutRedirectUri = Ke.getAbsoluteUrl(this.config.auth.postLogoutRedirectUri, Ot.getCurrentUri())) : (this.logger.verbose("Setting postLogoutRedirectUri to current page", t.correlationId),
t.postLogoutRedirectUri = Ke.getAbsoluteUrl(Ot.getCurrentUri(), Ot.getCurrentUri())),
t
}
,
t.prototype.getLogoutHintFromIdTokenClaims = function(e) {
var t = e.idTokenClaims;
if (t) {
if (t.login_hint)
return t.login_hint;
this.logger.verbose("The ID Token Claims tied to the provided account do not contain a login_hint claim, logoutHint will not be added to logout request")
} else
this.logger.verbose("The provided account does not contain ID Token Claims, logoutHint will not be added to logout request");
return null
}
,
t.prototype.createAuthCodeClient = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n;
return c(this, (function(o) {
switch (o.label) {
case 0:
return [4, this.getClientConfiguration(e, t, r)];
case 1:
return n = o.sent(),
[2, new vt(n)]
}
}
))
}
))
}
,
t.prototype.getClientConfiguration = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n;
return c(this, (function(o) {
switch (o.label) {
case 0:
return this.logger.verbose("getClientConfiguration called", this.correlationId),
[4, this.getDiscoveredAuthority(t, r)];
case 1:
return n = o.sent(),
[2, {
authOptions: {
clientId: this.config.auth.clientId,
authority: n,
clientCapabilities: this.config.auth.clientCapabilities
},
systemOptions: {
tokenRenewalOffsetSeconds: this.config.system.tokenRenewalOffsetSeconds,
preventCorsPreflight: !0
},
loggerOptions: {
loggerCallback: this.config.system.loggerOptions.loggerCallback,
piiLoggingEnabled: this.config.system.loggerOptions.piiLoggingEnabled,
logLevel: this.config.system.loggerOptions.logLevel,
correlationId: this.correlationId
},
cryptoInterface: this.browserCrypto,
networkInterface: this.networkClient,
storageInterface: this.browserStorage,
serverTelemetryManager: e,
libraryInfo: {
sku: Ne.MSAL_SKU,
version: kt,
cpu: T.EMPTY_STRING,
os: T.EMPTY_STRING
},
telemetry: this.config.telemetry
}]
}
}
))
}
))
}
,
t.prototype.validateAndExtractStateFromHash = function(e, t, r) {
if (this.logger.verbose("validateAndExtractStateFromHash called", r),
!e.state)
throw ke.createHashDoesNotContainStateError();
var n = Be.extractBrowserRequestState(this.browserCrypto, e.state);
if (!n)
throw ke.createUnableToParseStateError();
if (n.interactionType !== t)
throw ke.createStateInteractionTypeMismatchError();
return this.logger.verbose("Returning state from hash", r),
e.state
}
,
t.prototype.getDiscoveredAuthority = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o, i;
return c(this, (function(a) {
switch (a.label) {
case 0:
return this.logger.verbose("getDiscoveredAuthority called", this.correlationId),
r = this.performanceClient.startMeasurement(ht.StandardInteractionClientGetDiscoveredAuthority, this.correlationId),
n = {
protocolMode: this.config.auth.protocolMode,
knownAuthorities: this.config.auth.knownAuthorities,
cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
authorityMetadata: this.config.auth.authorityMetadata,
skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache
},
o = e || this.config.auth.authority,
i = It.generateAuthority(o, t || this.config.auth.azureCloudOptions),
this.logger.verbose("Creating discovered authority with configured authority", this.correlationId),
[4, At.createDiscoveredInstance(i, this.config.system.networkClient, this.browserStorage, n).then((function(e) {
return r.endMeasurement({
success: !0
}),
e
}
)).catch((function(e) {
throw r.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
e
}
))];
case 1:
return [2, a.sent()]
}
}
))
}
))
}
,
t.prototype.initializeAuthorizationRequest = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o, i, s, u, l;
return c(this, (function(c) {
switch (c.label) {
case 0:
return this.logger.verbose("initializeAuthorizationRequest called", this.correlationId),
r = this.getRedirectUri(e.redirectUri),
n = {
interactionType: t
},
o = ye.setRequestState(this.browserCrypto, e && e.state || T.EMPTY_STRING, n),
s = [{}],
[4, this.initializeBaseRequest(e)];
case 1:
return i = a.apply(void 0, [a.apply(void 0, s.concat([c.sent()])), {
redirectUri: r,
state: o,
nonce: e.nonce || this.browserCrypto.createNewGuid(),
responseMode: b.FRAGMENT
}]),
(u = e.account || this.browserStorage.getActiveAccount()) && (this.logger.verbose("Setting validated request account", this.correlationId),
this.logger.verbosePii("Setting validated request account: " + u.homeAccountId, this.correlationId),
i.account = u),
$.isEmpty(i.loginHint) && !u && (l = this.browserStorage.getLegacyLoginHint()) && (i.loginHint = l),
[2, i]
}
}
))
}
))
}
,
t
}(Mt), qt = function() {
function e(e, t, r, n) {
this.authModule = e,
this.browserStorage = t,
this.authCodeRequest = r,
this.logger = n
}
return e.prototype.handleCodeResponseFromHash = function(e, t, r, n) {
return s(this, void 0, void 0, (function() {
var o, i, a;
return c(this, (function(s) {
if (this.logger.verbose("InteractionHandler.handleCodeResponse called"),
$.isEmpty(e))
throw ke.createEmptyHashError(e);
if (o = this.browserStorage.generateStateKey(t),
!(i = this.browserStorage.getTemporaryCache(o)))
throw X.createStateNotFoundError("Cached State");
try {
a = this.authModule.handleFragmentResponse(e, i)
} catch (e) {
throw e instanceof tt && e.subError === Re.userCancelledError.code ? ke.createUserCancelledError() : e
}
return [2, this.handleCodeResponseFromServer(a, t, r, n)]
}
))
}
))
}
,
e.prototype.handleCodeResponseFromServer = function(e, t, r, n, o) {
return void 0 === o && (o = !0),
s(this, void 0, void 0, (function() {
var i, a, s, u, l, d;
return c(this, (function(c) {
switch (c.label) {
case 0:
if (this.logger.trace("InteractionHandler.handleCodeResponseFromServer called"),
i = this.browserStorage.generateStateKey(t),
!(a = this.browserStorage.getTemporaryCache(i)))
throw X.createStateNotFoundError("Cached State");
return s = this.browserStorage.generateNonceKey(a),
u = this.browserStorage.getTemporaryCache(s),
this.authCodeRequest.code = e.code,
e.cloud_instance_host_name ? [4, this.updateTokenEndpointAuthority(e.cloud_instance_host_name, r, n)] : [3, 2];
case 1:
c.sent(),
c.label = 2;
case 2:
return o && (e.nonce = u || void 0),
e.state = a,
e.client_info ? this.authCodeRequest.clientInfo = e.client_info : (l = this.checkCcsCredentials()) && (this.authCodeRequest.ccsCredential = l),
[4, this.authModule.acquireToken(this.authCodeRequest, e)];
case 3:
return d = c.sent(),
this.browserStorage.cleanRequestByState(t),
[2, d]
}
}
))
}
))
}
,
e.prototype.updateTokenEndpointAuthority = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n, o;
return c(this, (function(i) {
switch (i.label) {
case 0:
return n = "https://" + e + "/" + t.tenant + "/",
[4, At.createDiscoveredInstance(n, r, this.browserStorage, t.options)];
case 1:
return o = i.sent(),
this.authModule.updateAuthority(o),
[2]
}
}
))
}
))
}
,
e.prototype.checkCcsCredentials = function() {
var e = this.browserStorage.getTemporaryCache(Te.CCS_CREDENTIAL, !0);
if (e)
try {
return JSON.parse(e)
} catch (t) {
this.authModule.logger.error("Cache credential could not be parsed"),
this.authModule.logger.errorPii("Cache credential could not be parsed: " + e)
}
return null
}
,
e
}(), Ht = function(e) {
function t(t, r, n, o, i) {
var a = e.call(this, t, r, n, o) || this;
return a.browserCrypto = i,
a
}
return i(t, e),
t.prototype.initiateAuthRequest = function(e, t) {
return s(this, void 0, void 0, (function() {
var r;
return c(this, (function(n) {
switch (n.label) {
case 0:
return this.logger.verbose("RedirectHandler.initiateAuthRequest called"),
$.isEmpty(e) ? [3, 7] : (t.redirectStartPage && (this.logger.verbose("RedirectHandler.initiateAuthRequest: redirectStartPage set, caching start page"),
this.browserStorage.setTemporaryCache(Te.ORIGIN_URI, t.redirectStartPage, !0)),
this.browserStorage.setTemporaryCache(Te.CORRELATION_ID, this.authCodeRequest.correlationId, !0),
this.browserStorage.cacheCodeRequest(this.authCodeRequest, this.browserCrypto),
this.logger.infoPii("RedirectHandler.initiateAuthRequest: Navigate to: " + e),
r = {
apiId: Se.acquireTokenRedirect,
timeout: t.redirectTimeout,
noHistory: !1
},
"function" != typeof t.onRedirectNavigate ? [3, 4] : (this.logger.verbose("RedirectHandler.initiateAuthRequest: Invoking onRedirectNavigate callback"),
!1 === t.onRedirectNavigate(e) ? [3, 2] : (this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate did not return false, navigating"),
[4, t.navigationClient.navigateExternal(e, r)])));
case 1:
case 5:
return n.sent(),
[2];
case 2:
return this.logger.verbose("RedirectHandler.initiateAuthRequest: onRedirectNavigate returned false, stopping navigation"),
[2];
case 3:
return [3, 6];
case 4:
return this.logger.verbose("RedirectHandler.initiateAuthRequest: Navigating window to navigate url"),
[4, t.navigationClient.navigateExternal(e, r)];
case 6:
return [3, 8];
case 7:
throw this.logger.info("RedirectHandler.initiateAuthRequest: Navigate url is empty"),
ke.createEmptyNavigationUriError();
case 8:
return [2]
}
}
))
}
))
}
,
t.prototype.handleCodeResponseFromHash = function(e, t, r, n) {
return s(this, void 0, void 0, (function() {
var o, i, a, s, u, l, d;
return c(this, (function(c) {
switch (c.label) {
case 0:
if (this.logger.verbose("RedirectHandler.handleCodeResponse called"),
$.isEmpty(e))
throw ke.createEmptyHashError(e);
if (this.browserStorage.setInteractionInProgress(!1),
o = this.browserStorage.generateStateKey(t),
!(i = this.browserStorage.getTemporaryCache(o)))
throw X.createStateNotFoundError("Cached State");
try {
a = this.authModule.handleFragmentResponse(e, i)
} catch (e) {
throw e instanceof tt && e.subError === Re.userCancelledError.code ? ke.createUserCancelledError() : e
}
return s = this.browserStorage.generateNonceKey(i),
u = this.browserStorage.getTemporaryCache(s),
this.authCodeRequest.code = a.code,
a.cloud_instance_host_name ? [4, this.updateTokenEndpointAuthority(a.cloud_instance_host_name, r, n)] : [3, 2];
case 1:
c.sent(),
c.label = 2;
case 2:
return a.nonce = u || void 0,
a.state = i,
a.client_info ? this.authCodeRequest.clientInfo = a.client_info : (l = this.checkCcsCredentials()) && (this.authCodeRequest.ccsCredential = l),
[4, this.authModule.acquireToken(this.authCodeRequest, a)];
case 3:
return d = c.sent(),
this.browserStorage.cleanRequestByState(t),
[2, d]
}
}
))
}
))
}
,
t
}(qt);
!function(e) {
e.INITIALIZE_START = "msal:initializeStart",
e.INITIALIZE_END = "msal:initializeEnd",
e.ACCOUNT_ADDED = "msal:accountAdded",
e.ACCOUNT_REMOVED = "msal:accountRemoved",
e.LOGIN_START = "msal:loginStart",
e.LOGIN_SUCCESS = "msal:loginSuccess",
e.LOGIN_FAILURE = "msal:loginFailure",
e.ACQUIRE_TOKEN_START = "msal:acquireTokenStart",
e.ACQUIRE_TOKEN_SUCCESS = "msal:acquireTokenSuccess",
e.ACQUIRE_TOKEN_FAILURE = "msal:acquireTokenFailure",
e.ACQUIRE_TOKEN_NETWORK_START = "msal:acquireTokenFromNetworkStart",
e.SSO_SILENT_START = "msal:ssoSilentStart",
e.SSO_SILENT_SUCCESS = "msal:ssoSilentSuccess",
e.SSO_SILENT_FAILURE = "msal:ssoSilentFailure",
e.ACQUIRE_TOKEN_BY_CODE_START = "msal:acquireTokenByCodeStart",
e.ACQUIRE_TOKEN_BY_CODE_SUCCESS = "msal:acquireTokenByCodeSuccess",
e.ACQUIRE_TOKEN_BY_CODE_FAILURE = "msal:acquireTokenByCodeFailure",
e.HANDLE_REDIRECT_START = "msal:handleRedirectStart",
e.HANDLE_REDIRECT_END = "msal:handleRedirectEnd",
e.POPUP_OPENED = "msal:popupOpened",
e.LOGOUT_START = "msal:logoutStart",
e.LOGOUT_SUCCESS = "msal:logoutSuccess",
e.LOGOUT_FAILURE = "msal:logoutFailure",
e.LOGOUT_END = "msal:logoutEnd"
}(Tt || (Tt = {})),
function(e) {
e.USER_INTERACTION_REQUIRED = "USER_INTERACTION_REQUIRED",
e.USER_CANCEL = "USER_CANCEL",
e.NO_NETWORK = "NO_NETWORK",
e.TRANSIENT_ERROR = "TRANSIENT_ERROR",
e.PERSISTENT_ERROR = "PERSISTENT_ERROR",
e.DISABLED = "DISABLED",
e.ACCOUNT_UNAVAILABLE = "ACCOUNT_UNAVAILABLE"
}(wt || (wt = {}));
var Lt, Dt = function(e) {
function t(r, n, o) {
var i = e.call(this, r, n) || this;
return Object.setPrototypeOf(i, t.prototype),
i.name = "NativeAuthError",
i.ext = o,
i
}
return i(t, e),
t.prototype.isFatal = function() {
return !(!this.ext || !this.ext.status || this.ext.status !== wt.PERSISTENT_ERROR && this.ext.status !== wt.DISABLED) || "ContentError" === this.errorCode
}
,
t.createError = function(e, r, n) {
if (n && n.status)
switch (n.status) {
case wt.ACCOUNT_UNAVAILABLE:
return lt.createNativeAccountUnavailableError();
case wt.USER_INTERACTION_REQUIRED:
return new lt(e,r);
case wt.USER_CANCEL:
return ke.createUserCancelledError();
case wt.NO_NETWORK:
return ke.createNoNetworkConnectivityError()
}
return new t(e,r,n)
}
,
t.createUserSwitchError = function() {
return new t("user_switch","User attempted to switch accounts in the native broker, which is not allowed. All new accounts must sign-in through the standard web flow first, please try again.")
}
,
t.createTokensNotFoundInCacheError = function() {
return new t("tokens_not_found_in_internal_memory_cache","Tokens not cached in MSAL JS internal memory, please make the WAM request")
}
,
t
}(J), Ft = function(e) {
function t(t, r) {
return e.call(this, t, r) || this
}
return h(t, e),
t.prototype.acquireToken = function(e) {
return g(this, void 0, void 0, (function() {
var t, r, n;
return f(this, (function(o) {
switch (o.label) {
case 0:
return t = de.nowSeconds(),
[4, this.executeTokenRequest(e, this.authority)];
case 1:
return r = o.sent(),
(n = new mt(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin)).validateTokenResponse(r.body),
[2, n.handleServerTokenResponse(r.body, this.authority, t, e, void 0, void 0, !0, e.forceCache)]
}
}
))
}
))
}
,
t.prototype.acquireTokenByRefreshToken = function(e) {
return g(this, void 0, void 0, (function() {
var t, r;
return f(this, (function(n) {
if (!e)
throw ie.createEmptyTokenRequestError();
if (!e.account)
throw X.createNoAccountInSilentRequestError();
if (this.cacheManager.isAppMetadataFOCI(e.account.environment, this.config.authOptions.clientId))
try {
return [2, this.acquireTokenWithCachedRefreshToken(e, !0)]
} catch (n) {
if (t = n instanceof lt && n.errorCode === ut.noTokensFoundError.code,
r = n instanceof tt && "invalid_grant" === n.errorCode && "client_mismatch" === n.subError,
t || r)
return [2, this.acquireTokenWithCachedRefreshToken(e, !1)];
throw n
}
return [2, this.acquireTokenWithCachedRefreshToken(e, !1)]
}
))
}
))
}
,
t.prototype.acquireTokenWithCachedRefreshToken = function(e, t) {
return g(this, void 0, void 0, (function() {
var r, n;
return f(this, (function(o) {
if (!(r = this.cacheManager.readRefreshTokenFromCache(this.config.authOptions.clientId, e.account, t)))
throw lt.createNoTokensFoundError();
return n = p(p({}, e), {
refreshToken: r.secret,
authenticationScheme: e.authenticationScheme || F.BEARER,
ccsCredential: {
credential: e.account.homeAccountId,
type: te.HOME_ACCOUNT_ID
}
}),
[2, this.acquireToken(n)]
}
))
}
))
}
,
t.prototype.executeTokenRequest = function(e, t) {
var r;
return g(this, void 0, void 0, (function() {
var n, o, i, a, s, c;
return f(this, (function(u) {
switch (u.label) {
case 0:
return n = null === (r = this.performanceClient) || void 0 === r ? void 0 : r.startMeasurement(ht.RefreshTokenClientExecuteTokenRequest, e.correlationId),
[4, this.createTokenRequestBody(e)];
case 1:
return o = u.sent(),
i = this.createTokenQueryParameters(e),
a = this.createTokenRequestHeaders(e.ccsCredential),
s = {
clientId: this.config.authOptions.clientId,
authority: t.canonicalAuthority,
scopes: e.scopes,
claims: e.claims,
authenticationScheme: e.authenticationScheme,
resourceRequestMethod: e.resourceRequestMethod,
resourceRequestUri: e.resourceRequestUri,
shrClaims: e.shrClaims,
sshKid: e.sshKid
},
c = Ke.appendQueryString(t.tokenEndpoint, i),
[2, this.executePostToTokenEndpoint(c, o, a, s).then((function(e) {
return null == n || n.endMeasurement({
success: !0
}),
e
}
)).catch((function(e) {
throw null == n || n.endMeasurement({
success: !1
}),
e
}
))]
}
}
))
}
))
}
,
t.prototype.createTokenQueryParameters = function(e) {
var t = new at;
return e.tokenQueryParameters && t.addExtraQueryParameters(e.tokenQueryParameters),
t.createQueryString()
}
,
t.prototype.createTokenRequestBody = function(e) {
var t;
return g(this, void 0, void 0, (function() {
var r, n, o, i, a, s;
return f(this, (function(c) {
switch (c.label) {
case 0:
return r = e.correlationId,
n = null === (t = this.performanceClient) || void 0 === t ? void 0 : t.startMeasurement(ht.BaseClientCreateTokenRequestHeaders, r),
(o = new at).addClientId(this.config.authOptions.clientId),
o.addScopes(e.scopes),
o.addGrantType(R.REFRESH_TOKEN_GRANT),
o.addClientInfo(),
o.addLibraryInfo(this.config.libraryInfo),
o.addApplicationTelemetry(this.config.telemetry.application),
o.addThrottling(),
this.serverTelemetryManager && o.addServerTelemetry(this.serverTelemetryManager),
o.addCorrelationId(r),
o.addRefreshToken(e.refreshToken),
this.config.clientCredentials.clientSecret && o.addClientSecret(this.config.clientCredentials.clientSecret),
this.config.clientCredentials.clientAssertion && (i = this.config.clientCredentials.clientAssertion,
o.addClientAssertion(i.assertion),
o.addClientAssertionType(i.assertionType)),
e.authenticationScheme !== F.POP ? [3, 2] : [4, new gt(this.cryptoUtils).generateCnf(e)];
case 1:
return a = c.sent(),
o.addPopToken(a.reqCnfString),
[3, 3];
case 2:
if (e.authenticationScheme === F.SSH) {
if (!e.sshJwk)
throw null == n || n.endMeasurement({
success: !1
}),
ie.createMissingSshJwkError();
o.addSshJwk(e.sshJwk)
}
c.label = 3;
case 3:
if ((!$.isEmptyObj(e.claims) || this.config.authOptions.clientCapabilities && this.config.authOptions.clientCapabilities.length > 0) && o.addClaims(e.claims, this.config.authOptions.clientCapabilities),
this.config.systemOptions.preventCorsPreflight && e.ccsCredential)
switch (e.ccsCredential.type) {
case te.HOME_ACCOUNT_ID:
try {
s = ee(e.ccsCredential.credential),
o.addCcsOid(s)
} catch (e) {
this.logger.verbose("Could not parse home account ID for CCS Header: " + e)
}
break;
case te.UPN:
o.addCcsUpn(e.ccsCredential.credential)
}
return null == n || n.endMeasurement({
success: !0
}),
[2, o.createQueryString()]
}
}
))
}
))
}
,
t
}(ot), xt = function(e) {
function t(t, r) {
return e.call(this, t, r) || this
}
return h(t, e),
t.prototype.acquireToken = function(e) {
return g(this, void 0, void 0, (function() {
var t;
return f(this, (function(r) {
switch (r.label) {
case 0:
return r.trys.push([0, 2, , 3]),
[4, this.acquireCachedToken(e)];
case 1:
return [2, r.sent()];
case 2:
if ((t = r.sent())instanceof X && t.errorCode === Q.tokenRefreshRequired.code)
return [2, new Ft(this.config,this.performanceClient).acquireTokenByRefreshToken(e)];
throw t;
case 3:
return [2]
}
}
))
}
))
}
,
t.prototype.acquireCachedToken = function(e) {
var t, r, n, o;
return g(this, void 0, void 0, (function() {
var i, a;
return f(this, (function(s) {
switch (s.label) {
case 0:
if (!e)
throw ie.createEmptyTokenRequestError();
if (e.forceRefresh)
throw null === (t = this.serverTelemetryManager) || void 0 === t || t.setCacheOutcome(j.FORCE_REFRESH),
this.logger.info("SilentFlowClient:acquireCachedToken - Skipping cache because forceRefresh is true."),
X.createRefreshRequiredError();
if (!e.account)
throw X.createNoAccountInSilentRequestError();
if (i = e.authority || this.authority.getPreferredCache(),
!(a = this.cacheManager.readCacheRecord(e.account, this.config.authOptions.clientId, e, i)).accessToken)
throw null === (r = this.serverTelemetryManager) || void 0 === r || r.setCacheOutcome(j.NO_CACHED_ACCESS_TOKEN),
this.logger.info("SilentFlowClient:acquireCachedToken - No access token found in cache for the given properties."),
X.createRefreshRequiredError();
if (de.wasClockTurnedBack(a.accessToken.cachedAt) || de.isTokenExpired(a.accessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds))
throw null === (n = this.serverTelemetryManager) || void 0 === n || n.setCacheOutcome(j.CACHED_ACCESS_TOKEN_EXPIRED),
this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token is expired or will expire within " + this.config.systemOptions.tokenRenewalOffsetSeconds + " seconds."),
X.createRefreshRequiredError();
if (a.accessToken.refreshOn && de.isTokenExpired(a.accessToken.refreshOn, 0))
throw null === (o = this.serverTelemetryManager) || void 0 === o || o.setCacheOutcome(j.REFRESH_CACHED_ACCESS_TOKEN),
this.logger.info("SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'."),
X.createRefreshRequiredError();
return this.config.serverTelemetryManager && this.config.serverTelemetryManager.incrementCacheHits(),
[4, this.generateResultFromCacheRecord(a, e)];
case 1:
return [2, s.sent()]
}
}
))
}
))
}
,
t.prototype.generateResultFromCacheRecord = function(e, t) {
return g(this, void 0, void 0, (function() {
var r;
return f(this, (function(n) {
switch (n.label) {
case 0:
return e.idToken && (r = new se(e.idToken.secret,this.config.cryptoInterface)),
[4, mt.generateAuthenticationResult(this.cryptoUtils, this.authority, e, !0, t, r)];
case 1:
return [2, n.sent()]
}
}
))
}
))
}
,
t
}(ot), Kt = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i;
return c(this, (function(a) {
switch (a.label) {
case 0:
return t = this.performanceClient.startMeasurement(ht.SilentCacheClientAcquireToken, e.correlationId),
r = this.initializeServerTelemetryManager(Se.acquireTokenSilent_silentFlow),
[4, this.createSilentFlowClient(r, e.authority, e.azureCloudOptions)];
case 1:
n = a.sent(),
this.logger.verbose("Silent auth client created"),
a.label = 2;
case 2:
return a.trys.push([2, 4, , 5]),
[4, n.acquireCachedToken(e)];
case 3:
return o = a.sent(),
t.endMeasurement({
success: !0,
fromCache: !0
}),
[2, o];
case 4:
throw (i = a.sent())instanceof ke && i.errorCode === Re.signingKeyNotFoundInStorage.code && this.logger.verbose("Signing keypair for bound access token not found. Refreshing bound access token and generating a new crypto keypair."),
t.endMeasurement({
errorCode: i instanceof J && i.errorCode || void 0,
subErrorCode: i instanceof J && i.subError || void 0,
success: !1
}),
i;
case 5:
return [2]
}
}
))
}
))
}
,
t.prototype.logout = function() {
return Promise.reject(ke.createSilentLogoutUnsupportedError())
}
,
t.prototype.createSilentFlowClient = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n;
return c(this, (function(o) {
switch (o.label) {
case 0:
return [4, this.getClientConfiguration(e, t, r)];
case 1:
return n = o.sent(),
[2, new xt(n,this.performanceClient)]
}
}
))
}
))
}
,
t.prototype.initializeSilentRequest = function(e, t) {
return s(this, void 0, void 0, (function() {
var r;
return c(this, (function(n) {
switch (n.label) {
case 0:
return r = [a({}, e)],
[4, this.initializeBaseRequest(e)];
case 1:
return [2, a.apply(void 0, [a.apply(void 0, r.concat([n.sent()])), {
account: t,
forceRefresh: e.forceRefresh || !1
}])]
}
}
))
}
))
}
,
t
}(Ut), Bt = function(e) {
function t(t, r, n, o, i, a, s, c, u, l, d, h) {
var p = e.call(this, t, r, n, o, i, a, c, u, h) || this;
return p.apiId = s,
p.accountId = l,
p.nativeMessageHandler = u,
p.nativeStorageManager = d,
p.silentCacheClient = new Kt(t,p.nativeStorageManager,n,o,i,a,c,u,h),
p
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a, s;
return c(this, (function(c) {
switch (c.label) {
case 0:
return this.logger.trace("NativeInteractionClient - acquireToken called."),
t = this.performanceClient.startMeasurement(ht.NativeInteractionClientAcquireToken, e.correlationId),
r = de.nowSeconds(),
[4, this.initializeNativeRequest(e)];
case 1:
n = c.sent(),
c.label = 2;
case 2:
return c.trys.push([2, 4, , 5]),
[4, this.acquireTokensFromCache(this.accountId, n)];
case 3:
return o = c.sent(),
t.endMeasurement({
success: !0,
isNativeBroker: !0,
fromCache: !0
}),
[2, o];
case 4:
return c.sent(),
this.logger.info("MSAL internal Cache does not contain tokens, proceed to make a native call"),
[3, 5];
case 5:
return i = {
method: Ee.GetToken,
request: n
},
[4, this.nativeMessageHandler.sendMessage(i)];
case 6:
return a = c.sent(),
s = this.validateNativeResponse(a),
[2, this.handleNativeResponse(s, n, r).then((function(e) {
return t.endMeasurement({
success: !0,
isNativeBroker: !0
}),
e
}
)).catch((function(e) {
throw t.endMeasurement({
success: !1,
errorCode: e.errorCode,
subErrorCode: e.subError,
isNativeBroker: !0
}),
e
}
))]
}
}
))
}
))
}
,
t.prototype.createSilentCacheRequest = function(e, t) {
return {
authority: e.authority,
correlationId: this.correlationId,
scopes: ae.fromString(e.scope).asArray(),
account: t,
forceRefresh: !1
}
}
,
t.prototype.acquireTokensFromCache = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o;
return c(this, (function(i) {
switch (i.label) {
case 0:
if (!(r = this.browserStorage.readAccountFromCacheWithNativeAccountId(e)))
throw X.createNoAccountFoundError();
n = r.getAccountInfo(),
i.label = 1;
case 1:
return i.trys.push([1, 3, , 4]),
o = this.createSilentCacheRequest(t, n),
[4, this.silentCacheClient.acquireToken(o)];
case 2:
return [2, i.sent()];
case 3:
throw i.sent();
case 4:
return [2]
}
}
))
}
))
}
,
t.prototype.acquireTokenRedirect = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a;
return c(this, (function(s) {
switch (s.label) {
case 0:
return this.logger.trace("NativeInteractionClient - acquireTokenRedirect called."),
[4, this.initializeNativeRequest(e)];
case 1:
t = s.sent(),
r = {
method: Ee.GetToken,
request: t
},
s.label = 2;
case 2:
return s.trys.push([2, 4, , 5]),
[4, this.nativeMessageHandler.sendMessage(r)];
case 3:
return n = s.sent(),
this.validateNativeResponse(n),
[3, 5];
case 4:
if ((o = s.sent())instanceof Dt && o.isFatal())
throw o;
return [3, 5];
case 5:
return this.browserStorage.setTemporaryCache(Te.NATIVE_REQUEST, JSON.stringify(t), !0),
i = {
apiId: Se.acquireTokenRedirect,
timeout: this.config.system.redirectNavigationTimeout,
noHistory: !1
},
a = this.config.auth.navigateToLoginRequestUrl ? window.location.href : this.getRedirectUri(e.redirectUri),
[4, this.navigationClient.navigateExternal(a, i)];
case 6:
return s.sent(),
[2]
}
}
))
}
))
}
,
t.prototype.handleRedirectPromise = function() {
return s(this, void 0, void 0, (function() {
var e, t, r, n, o, i;
return c(this, (function(a) {
switch (a.label) {
case 0:
if (this.logger.trace("NativeInteractionClient - handleRedirectPromise called."),
!this.browserStorage.isInteractionInProgress(!0))
return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),
[2, null];
if (!(e = this.browserStorage.getCachedNativeRequest()))
return this.logger.verbose("NativeInteractionClient - handleRedirectPromise called but there is no cached request, returning null."),
[2, null];
this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Te.NATIVE_REQUEST)),
t = {
method: Ee.GetToken,
request: e
},
r = de.nowSeconds(),
a.label = 1;
case 1:
return a.trys.push([1, 3, , 4]),
this.logger.verbose("NativeInteractionClient - handleRedirectPromise sending message to native broker."),
[4, this.nativeMessageHandler.sendMessage(t)];
case 2:
return n = a.sent(),
this.validateNativeResponse(n),
o = this.handleNativeResponse(n, e, r),
this.browserStorage.setInteractionInProgress(!1),
[2, o];
case 3:
throw i = a.sent(),
this.browserStorage.setInteractionInProgress(!1),
i;
case 4:
return [2]
}
}
))
}
))
}
,
t.prototype.logout = function() {
return this.logger.trace("NativeInteractionClient - logout called."),
Promise.reject("Logout not implemented yet")
}
,
t.prototype.handleNativeResponse = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n, o, i, a, s, u, l, d, h, p, g, f, m, v, y, E, _, C, w, S = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
if (this.logger.trace("NativeInteractionClient - handleNativeResponse called."),
e.account.id !== t.accountId)
throw Dt.createUserSwitchError();
return n = new se(e.id_token || T.EMPTY_STRING,this.browserCrypto),
[4, this.getDiscoveredAuthority(t.authority)];
case 1:
return o = c.sent(),
i = o.getPreferredCache(),
a = re.generateHomeAccountId(e.client_info || T.EMPTY_STRING, W.Default, this.logger, this.browserCrypto, n),
s = re.createAccount(e.client_info, a, n, void 0, void 0, void 0, i, e.account.id),
this.browserStorage.setAccount(s),
u = e.scope ? ae.fromString(e.scope) : ae.fromString(t.scope),
l = e.account.properties || {},
d = l.UID || n.claims.oid || n.claims.sub || T.EMPTY_STRING,
h = l.TenantId || n.claims.tid || T.EMPTY_STRING,
g = F.BEARER,
t.tokenType === F.POP ? [3, 2] : [3, 4];
case 2:
if (g = F.POP,
e.shr)
return this.logger.trace("handleNativeServerResponse: SHR is enabled in native layer"),
p = e.shr,
[3, 5];
if (f = new gt(this.browserCrypto),
m = {
resourceRequestMethod: t.resourceRequestMethod,
resourceRequestUri: t.resourceRequestUri,
shrClaims: t.shrClaims,
shrNonce: t.shrNonce
},
!t.keyId)
throw X.createKeyIdMissingError();
return [4, f.signPopToken(e.access_token, t.keyId, m)];
case 3:
return p = c.sent(),
[3, 5];
case 4:
p = e.access_token,
c.label = 5;
case 5:
return v = this.getMATSFromResponse(e),
y = {
authority: o.canonicalAuthority,
uniqueId: d,
tenantId: h,
scopes: u.asArray(),
account: s.getAccountInfo(),
idToken: e.id_token,
idTokenClaims: n.claims,
accessToken: p,
fromCache: !!v && this.isResponseFromCache(v),
expiresOn: new Date(1e3 * Number(r + e.expires_in)),
tokenType: g,
correlationId: this.correlationId,
state: e.state,
fromNativeBroker: !0
},
E = le.createIdTokenEntity(a, t.authority, e.id_token || T.EMPTY_STRING, t.clientId, n.claims.tid || T.EMPTY_STRING),
this.nativeStorageManager.setIdTokenCredential(E),
_ = g === F.POP ? T.SHR_NONCE_VALIDITY : ("string" == typeof e.expires_in ? parseInt(e.expires_in, 10) : e.expires_in) || 0,
C = r + _,
w = he.createAccessTokenEntity(a, t.authority, p, t.clientId, h, u.printScopes(), C, 0, this.browserCrypto),
this.nativeStorageManager.setAccessTokenCredential(w),
this.browserStorage.removeAccountContext(s).catch((function(e) {
S.logger.error("Error occurred while removing account context from browser storage. " + e)
}
)),
[2, y]
}
}
))
}
))
}
,
t.prototype.validateNativeResponse = function(e) {
if (e.hasOwnProperty("access_token") && e.hasOwnProperty("id_token") && e.hasOwnProperty("client_info") && e.hasOwnProperty("account") && e.hasOwnProperty("scope") && e.hasOwnProperty("expires_in"))
return e;
throw Dt.createUnexpectedError("Response missing expected properties.")
}
,
t.prototype.getMATSFromResponse = function(e) {
if (e.properties.MATS)
try {
return JSON.parse(e.properties.MATS)
} catch (e) {
this.logger.error("NativeInteractionClient - Error parsing MATS telemetry, returning null instead")
}
return null
}
,
t.prototype.isResponseFromCache = function(e) {
return void 0 === e.is_cached ? (this.logger.verbose("NativeInteractionClient - MATS telemetry does not contain field indicating if response was served from cache. Returning false."),
!1) : !!e.is_cached
}
,
t.prototype.initializeNativeRequest = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s, u, l, d, h = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
return this.logger.trace("NativeInteractionClient - initializeNativeRequest called"),
t = e.authority || this.config.auth.authority,
(r = new Ke(t)).validateAsUri(),
n = e.scopes,
o = function(e, t) {
var r = {};
for (var n in e)
Object.prototype.hasOwnProperty.call(e, n) && t.indexOf(n) < 0 && (r[n] = e[n]);
if (null != e && "function" == typeof Object.getOwnPropertySymbols) {
var o = 0;
for (n = Object.getOwnPropertySymbols(e); o < n.length; o++)
t.indexOf(n[o]) < 0 && Object.prototype.propertyIsEnumerable.call(e, n[o]) && (r[n[o]] = e[n[o]])
}
return r
}(e, ["scopes"]),
(i = new ae(n || [])).appendScopes(w),
s = function() {
switch (h.apiId) {
case Se.ssoSilent:
case Se.acquireTokenSilent_silentFlow:
return h.logger.trace("initializeNativeRequest: silent request sets prompt to none"),
A.NONE
}
if (e.prompt)
switch (e.prompt) {
case A.NONE:
case A.CONSENT:
case A.LOGIN:
return h.logger.trace("initializeNativeRequest: prompt is compatible with native flow"),
e.prompt;
default:
throw h.logger.trace("initializeNativeRequest: prompt = " + e.prompt + " is not compatible with native flow"),
ke.createNativePromptParameterNotSupportedError()
}
else
h.logger.trace("initializeNativeRequest: prompt was not provided")
}
,
u = a(a({}, o), {
accountId: this.accountId,
clientId: this.config.auth.clientId,
authority: r.urlString,
scope: i.printScopes(),
redirectUri: this.getRedirectUri(e.redirectUri),
prompt: s(),
correlationId: this.correlationId,
tokenType: e.authenticationScheme,
windowTitleSubstring: document.title,
extraParameters: a(a(a({}, e.extraQueryParameters), e.tokenQueryParameters), {
telemetry: "MATS"
}),
extendedExpiryToken: !1
}),
e.authenticationScheme !== F.POP ? [3, 2] : (l = {
resourceRequestUri: e.resourceRequestUri,
resourceRequestMethod: e.resourceRequestMethod,
shrClaims: e.shrClaims,
shrNonce: e.shrNonce
},
[4, new gt(this.browserCrypto).generateCnf(l)]);
case 1:
d = c.sent(),
u.reqCnf = d.reqCnfHash,
u.keyId = d.kid,
c.label = 2;
case 2:
return [2, u]
}
}
))
}
))
}
,
t
}(Mt), Gt = function() {
function e(e, t, r) {
this.logger = e,
this.handshakeTimeoutMs = t,
this.extensionId = r,
this.resolvers = new Map,
this.handshakeResolvers = new Map,
this.responseId = 0,
this.messageChannel = new MessageChannel,
this.windowListener = this.onWindowMessage.bind(this)
}
return e.prototype.sendMessage = function(e) {
return s(this, void 0, void 0, (function() {
var t, r = this;
return c(this, (function(n) {
return this.logger.trace("NativeMessageHandler - sendMessage called."),
t = {
channel: Pe,
extensionId: this.extensionId,
responseId: this.responseId++,
body: e
},
this.logger.trace("NativeMessageHandler - Sending request to browser extension"),
this.logger.tracePii("NativeMessageHandler - Sending request to browser extension: " + JSON.stringify(t)),
this.messageChannel.port1.postMessage(t),
[2, new Promise((function(e, n) {
r.resolvers.set(t.responseId, {
resolve: e,
reject: n
})
}
))]
}
))
}
))
}
,
e.createProvider = function(t, r) {
return s(this, void 0, void 0, (function() {
var n, o;
return c(this, (function(i) {
switch (i.label) {
case 0:
t.trace("NativeMessageHandler - createProvider called."),
i.label = 1;
case 1:
return i.trys.push([1, 3, , 5]),
[4, (n = new e(t,r,"ppnbnpeolgkicgegkbkbjmhlideopiji")).sendHandshakeRequest()];
case 2:
return i.sent(),
[2, n];
case 3:
return i.sent(),
[4, (o = new e(t,r)).sendHandshakeRequest()];
case 4:
return i.sent(),
[2, o];
case 5:
return [2]
}
}
))
}
))
}
,
e.prototype.sendHandshakeRequest = function() {
return s(this, void 0, void 0, (function() {
var e, t = this;
return c(this, (function(r) {
return this.logger.trace("NativeMessageHandler - sendHandshakeRequest called."),
window.addEventListener("message", this.windowListener, !1),
e = {
channel: Pe,
extensionId: this.extensionId,
responseId: this.responseId++,
body: {
method: Ee.HandshakeRequest
}
},
this.messageChannel.port1.onmessage = function(e) {
t.onChannelMessage(e)
}
,
window.postMessage(e, window.origin, [this.messageChannel.port2]),
[2, new Promise((function(r, n) {
t.handshakeResolvers.set(e.responseId, {
resolve: r,
reject: n
}),
t.timeoutId = window.setTimeout((function() {
window.removeEventListener("message", t.windowListener, !1),
t.messageChannel.port1.close(),
t.messageChannel.port2.close(),
n(ke.createNativeHandshakeTimeoutError()),
t.handshakeResolvers.delete(e.responseId)
}
), t.handshakeTimeoutMs)
}
))]
}
))
}
))
}
,
e.prototype.onWindowMessage = function(e) {
if (this.logger.trace("NativeMessageHandler - onWindowMessage called"),
e.source === window) {
var t = e.data;
if (t.channel && t.channel === Pe && (!t.extensionId || t.extensionId === this.extensionId) && t.body.method === Ee.HandshakeRequest) {
this.logger.verbose(t.extensionId ? "Extension with id: " + t.extensionId + " not installed" : "No extension installed"),
clearTimeout(this.timeoutId),
this.messageChannel.port1.close(),
this.messageChannel.port2.close(),
window.removeEventListener("message", this.windowListener, !1);
var r = this.handshakeResolvers.get(t.responseId);
r && r.reject(ke.createNativeExtensionNotInstalledError())
}
}
}
,
e.prototype.onChannelMessage = function(e) {
this.logger.trace("NativeMessageHandler - onChannelMessage called.");
var t = e.data
, r = this.resolvers.get(t.responseId)
, n = this.handshakeResolvers.get(t.responseId);
try {
var o = t.body.method;
if (o === Ee.Response) {
if (!r)
return;
var i = t.body.response;
if (this.logger.trace("NativeMessageHandler - Received response from browser extension"),
this.logger.tracePii("NativeMessageHandler - Received response from browser extension: " + JSON.stringify(i)),
"Success" !== i.status)
r.reject(Dt.createError(i.code, i.description, i.ext));
else {
if (!i.result)
throw J.createUnexpectedError("Event does not contain result.");
i.result.code && i.result.description ? r.reject(Dt.createError(i.result.code, i.result.description, i.result.ext)) : r.resolve(i.result)
}
this.resolvers.delete(t.responseId)
} else if (o === Ee.HandshakeResponse) {
if (!n)
return;
clearTimeout(this.timeoutId),
window.removeEventListener("message", this.windowListener, !1),
this.extensionId = t.extensionId,
this.logger.verbose("NativeMessageHandler - Received HandshakeResponse from extension: " + this.extensionId),
n.resolve(),
this.handshakeResolvers.delete(t.responseId)
}
} catch (t) {
this.logger.error("Error parsing response from WAM Extension"),
this.logger.errorPii("Error parsing response from WAM Extension: " + t.toString()),
this.logger.errorPii("Unable to parse " + e),
r ? r.reject(t) : n && n.reject(t)
}
}
,
e.isNativeAvailable = function(e, t, r, n) {
if (t.trace("isNativeAvailable called"),
!e.system.allowNativeBroker)
return t.trace("isNativeAvailable: allowNativeBroker is not enabled, returning false"),
!1;
if (!r)
return t.trace("isNativeAvailable: WAM extension provider is not initialized, returning false"),
!1;
if (n)
switch (n) {
case F.BEARER:
case F.POP:
return t.trace("isNativeAvailable: authenticationScheme is supported, returning true"),
!0;
default:
return t.trace("isNativeAvailable: authenticationScheme is not supported, returning false"),
!1
}
return !0
}
,
e
}(), zt = function(e) {
function t(t, r, n, o, i, a, s, c, u, l) {
var d = e.call(this, t, r, n, o, i, a, s, u, l) || this;
return d.nativeStorage = c,
d
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s, u, l, d, h = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
return [4, this.initializeAuthorizationRequest(e, Ie.Redirect)];
case 1:
t = c.sent(),
this.browserStorage.updateCacheEntries(t.state, t.nonce, t.authority, t.loginHint || T.EMPTY_STRING, t.account || null),
r = this.initializeServerTelemetryManager(Se.acquireTokenRedirect),
n = function(e) {
e.persisted && (h.logger.verbose("Page was restored from back/forward cache. Clearing temporary cache."),
h.browserStorage.cleanRequestByState(t.state))
}
,
c.label = 2;
case 2:
return c.trys.push([2, 7, , 8]),
[4, this.initializeAuthorizationCodeRequest(t)];
case 3:
return o = c.sent(),
[4, this.createAuthCodeClient(r, t.authority, t.azureCloudOptions)];
case 4:
return i = c.sent(),
this.logger.verbose("Auth code client created"),
s = new Ht(i,this.browserStorage,o,this.logger,this.browserCrypto),
[4, i.getAuthCodeUrl(a(a({}, t), {
nativeBroker: Gt.isNativeAvailable(this.config, this.logger, this.nativeMessageHandler, e.authenticationScheme)
}))];
case 5:
return u = c.sent(),
l = this.getRedirectStartPage(e.redirectStartPage),
this.logger.verbosePii("Redirect start page: " + l),
window.addEventListener("pageshow", n),
[4, s.initiateAuthRequest(u, {
navigationClient: this.navigationClient,
redirectTimeout: this.config.system.redirectNavigationTimeout,
redirectStartPage: l,
onRedirectNavigate: e.onRedirectNavigate
})];
case 6:
return [2, c.sent()];
case 7:
throw (d = c.sent())instanceof J && d.setCorrelationId(this.correlationId),
window.removeEventListener("pageshow", n),
r.cacheFailedRequest(d),
this.browserStorage.cleanRequestByState(t.state),
d;
case 8:
return [2]
}
}
))
}
))
}
,
t.prototype.handleRedirectPromise = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a, s, u, l, d, h, p;
return c(this, (function(c) {
switch (c.label) {
case 0:
t = this.initializeServerTelemetryManager(Se.handleRedirectPromise),
c.label = 1;
case 1:
if (c.trys.push([1, 10, , 11]),
!this.browserStorage.isInteractionInProgress(!0))
return this.logger.info("handleRedirectPromise called but there is no interaction in progress, returning null."),
[2, null];
if (!(r = this.getRedirectResponseHash(e || window.location.hash)))
return this.logger.info("handleRedirectPromise did not detect a response hash as a result of a redirect. Cleaning temporary cache."),
this.browserStorage.cleanRequestByInteractionType(Ie.Redirect),
[2, null];
n = void 0;
try {
o = Ke.getDeserializedHash(r),
n = this.validateAndExtractStateFromHash(o, Ie.Redirect),
this.logger.verbose("State extracted from hash")
} catch (e) {
return this.logger.info("handleRedirectPromise was unable to extract state due to: " + e),
this.browserStorage.cleanRequestByInteractionType(Ie.Redirect),
[2, null]
}
return i = this.browserStorage.getTemporaryCache(Te.ORIGIN_URI, !0) || T.EMPTY_STRING,
a = Ke.removeHashFromUrl(i),
s = Ke.removeHashFromUrl(window.location.href),
a === s && this.config.auth.navigateToLoginRequestUrl ? (this.logger.verbose("Current page is loginRequestUrl, handling hash"),
[4, this.handleHash(r, n, t)]) : [3, 3];
case 2:
return u = c.sent(),
i.indexOf("#") > -1 && Ot.replaceHash(i),
[2, u];
case 3:
return this.config.auth.navigateToLoginRequestUrl ? [3, 4] : (this.logger.verbose("NavigateToLoginRequestUrl set to false, handling hash"),
[2, this.handleHash(r, n, t)]);
case 4:
return Ot.isInIframe() && !this.config.system.allowRedirectInIframe ? [3, 9] : (this.browserStorage.setTemporaryCache(Te.URL_HASH, r, !0),
l = {
apiId: Se.handleRedirectPromise,
timeout: this.config.system.redirectNavigationTimeout,
noHistory: !0
},
d = !0,
i && "null" !== i ? [3, 6] : (h = Ot.getHomepage(),
this.browserStorage.setTemporaryCache(Te.ORIGIN_URI, h, !0),
this.logger.warning("Unable to get valid login request url from cache, redirecting to home page"),
[4, this.navigationClient.navigateInternal(h, l)]));
case 5:
return d = c.sent(),
[3, 8];
case 6:
return this.logger.verbose("Navigating to loginRequestUrl: " + i),
[4, this.navigationClient.navigateInternal(i, l)];
case 7:
d = c.sent(),
c.label = 8;
case 8:
if (!d)
return [2, this.handleHash(r, n, t)];
c.label = 9;
case 9:
return [2, null];
case 10:
throw (p = c.sent())instanceof J && p.setCorrelationId(this.correlationId),
t.cacheFailedRequest(p),
this.browserStorage.cleanRequestByInteractionType(Ie.Redirect),
p;
case 11:
return [2]
}
}
))
}
))
}
,
t.prototype.getRedirectResponseHash = function(e) {
if (this.logger.verbose("getRedirectResponseHash called"),
Ke.hashContainsKnownProperties(e))
return Ot.clearHash(window),
this.logger.verbose("Hash contains known properties, returning response hash"),
e;
var t = this.browserStorage.getTemporaryCache(Te.URL_HASH, !0);
return this.browserStorage.removeItem(this.browserStorage.generateCacheKey(Te.URL_HASH)),
this.logger.verbose("Hash does not contain known properties, returning cached hash"),
t
}
,
t.prototype.handleHash = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n, o, i, s, u, l, d = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
if (n = this.browserStorage.getCachedRequest(t, this.browserCrypto),
this.logger.verbose("handleHash called, retrieved cached request"),
(o = Ke.getDeserializedHash(e)).accountId) {
if (this.logger.verbose("Account id found in hash, calling WAM for token"),
!this.nativeMessageHandler)
throw ke.createNativeConnectionNotEstablishedError();
return i = new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,o.accountId,this.browserStorage,n.correlationId),
s = ye.parseRequestState(this.browserCrypto, t).userRequestState,
[2, i.acquireToken(a(a({}, n), {
state: s,
prompt: void 0
})).finally((function() {
d.browserStorage.cleanRequestByState(t)
}
))]
}
if (!(u = this.browserStorage.getCachedAuthority(t)))
throw ke.createNoCachedAuthorityError();
return [4, this.createAuthCodeClient(r, u)];
case 1:
return l = c.sent(),
this.logger.verbose("Auth code client created"),
rt.removeThrottle(this.browserStorage, this.config.auth.clientId, n),
[4, new Ht(l,this.browserStorage,n,this.logger,this.browserCrypto).handleCodeResponseFromHash(e, t, l.authority, this.networkClient)];
case 2:
return [2, c.sent()]
}
}
))
}
))
}
,
t.prototype.logout = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a;
return c(this, (function(s) {
switch (s.label) {
case 0:
this.logger.verbose("logoutRedirect called"),
t = this.initializeLogoutRequest(e),
r = this.initializeServerTelemetryManager(Se.logout),
s.label = 1;
case 1:
return s.trys.push([1, 10, , 11]),
this.eventHandler.emitEvent(Tt.LOGOUT_START, Ie.Redirect, e),
[4, this.clearCacheOnLogout(t.account)];
case 2:
return s.sent(),
n = {
apiId: Se.logout,
timeout: this.config.system.redirectNavigationTimeout,
noHistory: !1
},
[4, this.createAuthCodeClient(r, e && e.authority)];
case 3:
return o = s.sent(),
this.logger.verbose("Auth code client created"),
i = o.getLogoutUri(t),
this.eventHandler.emitEvent(Tt.LOGOUT_SUCCESS, Ie.Redirect, t),
e && "function" == typeof e.onRedirectNavigate ? !1 === e.onRedirectNavigate(i) ? [3, 5] : (this.logger.verbose("Logout onRedirectNavigate did not return false, navigating"),
this.browserStorage.getInteractionInProgress() || this.browserStorage.setInteractionInProgress(!0),
[4, this.navigationClient.navigateExternal(i, n)]) : [3, 7];
case 4:
return s.sent(),
[2];
case 5:
this.browserStorage.setInteractionInProgress(!1),
this.logger.verbose("Logout onRedirectNavigate returned false, stopping navigation"),
s.label = 6;
case 6:
return [3, 9];
case 7:
return this.browserStorage.getInteractionInProgress() || this.browserStorage.setInteractionInProgress(!0),
[4, this.navigationClient.navigateExternal(i, n)];
case 8:
return s.sent(),
[2];
case 9:
return [3, 11];
case 10:
throw (a = s.sent())instanceof J && a.setCorrelationId(this.correlationId),
r.cacheFailedRequest(a),
this.eventHandler.emitEvent(Tt.LOGOUT_FAILURE, Ie.Redirect, null, a),
this.eventHandler.emitEvent(Tt.LOGOUT_END, Ie.Redirect),
a;
case 11:
return this.eventHandler.emitEvent(Tt.LOGOUT_END, Ie.Redirect),
[2]
}
}
))
}
))
}
,
t.prototype.getRedirectStartPage = function(e) {
var t = e || window.location.href;
return Ke.getAbsoluteUrl(t, Ot.getCurrentUri())
}
,
t
}(Ut), jt = function(e) {
function t(t, r, n, o, i, a, s, c, u, l) {
var d = e.call(this, t, r, n, o, i, a, s, u, l) || this;
return d.unloadWindow = d.unloadWindow.bind(d),
d.nativeStorage = c,
d
}
return i(t, e),
t.prototype.acquireToken = function(e) {
try {
var t = this.generatePopupName(e.scopes || w, e.authority || this.config.auth.authority)
, r = e.popupWindowAttributes || {};
if (this.config.system.asyncPopups)
return this.logger.verbose("asyncPopups set to true, acquiring token"),
this.acquireTokenPopupAsync(e, t, r);
this.logger.verbose("asyncPopup set to false, opening popup before acquiring token");
var n = this.openSizedPopup("about:blank", t, r);
return this.acquireTokenPopupAsync(e, t, r, n)
} catch (e) {
return Promise.reject(e)
}
}
,
t.prototype.logout = function(e) {
try {
this.logger.verbose("logoutPopup called");
var t = this.initializeLogoutRequest(e)
, r = this.generateLogoutPopupName(t)
, n = e && e.authority
, o = e && e.mainWindowRedirectUri
, i = (null == e ? void 0 : e.popupWindowAttributes) || {};
if (this.config.system.asyncPopups)
return this.logger.verbose("asyncPopups set to true"),
this.logoutPopupAsync(t, r, i, n, void 0, o);
this.logger.verbose("asyncPopup set to false, opening popup");
var a = this.openSizedPopup("about:blank", r, i);
return this.logoutPopupAsync(t, r, i, n, a, o)
} catch (e) {
return Promise.reject(e)
}
}
,
t.prototype.acquireTokenPopupAsync = function(e, t, r, n) {
return s(this, void 0, void 0, (function() {
var o, i, s, u, l, d, h, p, g, f, m, v, y, E, _, C, w = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
return this.logger.verbose("acquireTokenPopupAsync called"),
o = this.initializeServerTelemetryManager(Se.acquireTokenPopup),
[4, this.initializeAuthorizationRequest(e, Ie.Popup)];
case 1:
i = c.sent(),
this.browserStorage.updateCacheEntries(i.state, i.nonce, i.authority, i.loginHint || T.EMPTY_STRING, i.account || null),
c.label = 2;
case 2:
return c.trys.push([2, 8, , 9]),
[4, this.initializeAuthorizationCodeRequest(i)];
case 3:
return s = c.sent(),
[4, this.createAuthCodeClient(o, i.authority, i.azureCloudOptions)];
case 4:
return u = c.sent(),
this.logger.verbose("Auth code client created"),
l = Gt.isNativeAvailable(this.config, this.logger, this.nativeMessageHandler, e.authenticationScheme),
d = void 0,
l && (d = this.performanceClient.startMeasurement(ht.FetchAccountIdWithNativeBroker, e.correlationId)),
[4, u.getAuthCodeUrl(a(a({}, i), {
nativeBroker: l
}))];
case 5:
return h = c.sent(),
p = new qt(u,this.browserStorage,s,this.logger),
g = {
popup: n,
popupName: t,
popupWindowAttributes: r
},
f = this.initiateAuthRequest(h, g),
this.eventHandler.emitEvent(Tt.POPUP_OPENED, Ie.Popup, {
popupWindow: f
}, null),
[4, this.monitorPopupForHash(f)];
case 6:
if (m = c.sent(),
v = Ke.getDeserializedHash(m),
y = this.validateAndExtractStateFromHash(v, Ie.Popup, i.correlationId),
rt.removeThrottle(this.browserStorage, this.config.auth.clientId, s),
v.accountId) {
if (this.logger.verbose("Account id found in hash, calling WAM for token"),
d && d.endMeasurement({
success: !0,
isNativeBroker: !0
}),
!this.nativeMessageHandler)
throw ke.createNativeConnectionNotEstablishedError();
return E = new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.acquireTokenPopup,this.performanceClient,this.nativeMessageHandler,v.accountId,this.nativeStorage,i.correlationId),
_ = ye.parseRequestState(this.browserCrypto, y).userRequestState,
[2, E.acquireToken(a(a({}, i), {
state: _,
prompt: void 0
})).finally((function() {
w.browserStorage.cleanRequestByState(y)
}
))]
}
return [4, p.handleCodeResponseFromHash(m, y, u.authority, this.networkClient)];
case 7:
return [2, c.sent()];
case 8:
throw C = c.sent(),
n && n.close(),
C instanceof J && C.setCorrelationId(this.correlationId),
o.cacheFailedRequest(C),
this.browserStorage.cleanRequestByState(i.state),
C;
case 9:
return [2]
}
}
))
}
))
}
,
t.prototype.logoutPopupAsync = function(e, t, r, n, o, i) {
return s(this, void 0, void 0, (function() {
var a, s, u, l, d, h, p;
return c(this, (function(c) {
switch (c.label) {
case 0:
this.logger.verbose("logoutPopupAsync called"),
this.eventHandler.emitEvent(Tt.LOGOUT_START, Ie.Popup, e),
a = this.initializeServerTelemetryManager(Se.logoutPopup),
c.label = 1;
case 1:
return c.trys.push([1, 5, , 6]),
[4, this.clearCacheOnLogout(e.account)];
case 2:
return c.sent(),
[4, this.createAuthCodeClient(a, n)];
case 3:
return s = c.sent(),
this.logger.verbose("Auth code client created"),
u = s.getLogoutUri(e),
this.eventHandler.emitEvent(Tt.LOGOUT_SUCCESS, Ie.Popup, e),
l = this.openPopup(u, {
popupName: t,
popupWindowAttributes: r,
popup: o
}),
this.eventHandler.emitEvent(Tt.POPUP_OPENED, Ie.Popup, {
popupWindow: l
}, null),
[4, this.waitForLogoutPopup(l)];
case 4:
return c.sent(),
i ? (d = {
apiId: Se.logoutPopup,
timeout: this.config.system.redirectNavigationTimeout,
noHistory: !1
},
h = Ke.getAbsoluteUrl(i, Ot.getCurrentUri()),
this.logger.verbose("Redirecting main window to url specified in the request"),
this.logger.verbosePii("Redirecting main window to: " + h),
this.navigationClient.navigateInternal(h, d)) : this.logger.verbose("No main window navigation requested"),
[3, 6];
case 5:
throw p = c.sent(),
o && o.close(),
p instanceof J && p.setCorrelationId(this.correlationId),
this.browserStorage.setInteractionInProgress(!1),
this.eventHandler.emitEvent(Tt.LOGOUT_FAILURE, Ie.Popup, null, p),
this.eventHandler.emitEvent(Tt.LOGOUT_END, Ie.Popup),
a.cacheFailedRequest(p),
p;
case 6:
return this.eventHandler.emitEvent(Tt.LOGOUT_END, Ie.Popup),
[2]
}
}
))
}
))
}
,
t.prototype.initiateAuthRequest = function(e, t) {
if ($.isEmpty(e))
throw this.logger.error("Navigate url is empty"),
ke.createEmptyNavigationUriError();
return this.logger.infoPii("Navigate to: " + e),
this.openPopup(e, t)
}
,
t.prototype.monitorPopupForHash = function(e) {
var t = this;
return new Promise((function(r, n) {
var o = t.config.system.windowHashTimeout / Ne.POLL_INTERVAL_MS
, i = 0;
t.logger.verbose("PopupHandler.monitorPopupForHash - polling started");
var a = setInterval((function() {
if (e.closed)
return t.logger.error("PopupHandler.monitorPopupForHash - window closed"),
t.cleanPopup(),
clearInterval(a),
void n(ke.createUserCancelledError());
var s = T.EMPTY_STRING
, c = T.EMPTY_STRING;
try {
s = e.location.href,
c = e.location.hash
} catch (e) {}
$.isEmpty(s) || "about:blank" === s || (t.logger.verbose("PopupHandler.monitorPopupForHash - popup window is on same origin as caller"),
i++,
c ? (t.logger.verbose("PopupHandler.monitorPopupForHash - found hash in url"),
clearInterval(a),
t.cleanPopup(e),
Ke.hashContainsKnownProperties(c) ? (t.logger.verbose("PopupHandler.monitorPopupForHash - hash contains known properties, returning."),
r(c)) : (t.logger.error("PopupHandler.monitorPopupForHash - found hash in url but it does not contain known properties. Check that your router is not changing the hash prematurely."),
t.logger.errorPii("PopupHandler.monitorPopupForHash - hash found: " + c),
n(ke.createHashDoesNotContainKnownPropertiesError()))) : i > o && (t.logger.error("PopupHandler.monitorPopupForHash - unable to find hash in url, timing out"),
clearInterval(a),
n(ke.createMonitorPopupTimeoutError())))
}
), Ne.POLL_INTERVAL_MS)
}
))
}
,
t.prototype.waitForLogoutPopup = function(e) {
var t = this;
return new Promise((function(r) {
t.logger.verbose("PopupHandler.waitForLogoutPopup - polling started");
var n = setInterval((function() {
e.closed && (t.logger.error("PopupHandler.waitForLogoutPopup - window closed"),
t.cleanPopup(),
clearInterval(n),
r());
var o = T.EMPTY_STRING;
try {
o = e.location.href
} catch (e) {}
$.isEmpty(o) || "about:blank" === o || (t.logger.verbose("PopupHandler.waitForLogoutPopup - popup window is on same origin as caller, closing."),
clearInterval(n),
t.cleanPopup(e),
r())
}
), Ne.POLL_INTERVAL_MS)
}
))
}
,
t.prototype.openPopup = function(e, t) {
try {
var r = void 0;
if (t.popup ? (r = t.popup,
this.logger.verbosePii("Navigating popup window to: " + e),
r.location.assign(e)) : void 0 === t.popup && (this.logger.verbosePii("Opening popup window to: " + e),
r = this.openSizedPopup(e, t.popupName, t.popupWindowAttributes)),
!r)
throw ke.createEmptyWindowCreatedError();
return r.focus && r.focus(),
this.currentWindow = r,
window.addEventListener("beforeunload", this.unloadWindow),
r
} catch (e) {
throw this.logger.error("error opening popup " + e.message),
this.browserStorage.setInteractionInProgress(!1),
ke.createPopupWindowError(e.toString())
}
}
,
t.prototype.openSizedPopup = function(e, t, r) {
var n, o, i, a, s = window.screenLeft ? window.screenLeft : window.screenX, c = window.screenTop ? window.screenTop : window.screenY, u = window.innerWidth || document.documentElement.clientWidth || document.body.clientWidth, l = window.innerHeight || document.documentElement.clientHeight || document.body.clientHeight, d = null === (n = r.popupSize) || void 0 === n ? void 0 : n.width, h = null === (o = r.popupSize) || void 0 === o ? void 0 : o.height, p = null === (i = r.popupPosition) || void 0 === i ? void 0 : i.top, g = null === (a = r.popupPosition) || void 0 === a ? void 0 : a.left;
return (!d || d < 0 || d > u) && (this.logger.verbose("Default popup window width used. Window width not configured or invalid."),
d = Ne.POPUP_WIDTH),
(!h || h < 0 || h > l) && (this.logger.verbose("Default popup window height used. Window height not configured or invalid."),
h = Ne.POPUP_HEIGHT),
(!p || p < 0 || p > l) && (this.logger.verbose("Default popup window top position used. Window top not configured or invalid."),
p = Math.max(0, l / 2 - Ne.POPUP_HEIGHT / 2 + c)),
(!g || g < 0 || g > u) && (this.logger.verbose("Default popup window left position used. Window left not configured or invalid."),
g = Math.max(0, u / 2 - Ne.POPUP_WIDTH / 2 + s)),
window.open(e, t, "width=" + d + ", height=" + h + ", top=" + p + ", left=" + g + ", scrollbars=yes")
}
,
t.prototype.unloadWindow = function(e) {
this.browserStorage.cleanRequestByInteractionType(Ie.Popup),
this.currentWindow && this.currentWindow.close(),
e.preventDefault()
}
,
t.prototype.cleanPopup = function(e) {
e && e.close(),
window.removeEventListener("beforeunload", this.unloadWindow),
this.browserStorage.setInteractionInProgress(!1)
}
,
t.prototype.generatePopupName = function(e, t) {
return Ne.POPUP_NAME_PREFIX + "." + this.config.auth.clientId + "." + e.join("-") + "." + t + "." + this.correlationId
}
,
t.prototype.generateLogoutPopupName = function(e) {
var t = e.account && e.account.homeAccountId;
return Ne.POPUP_NAME_PREFIX + "." + this.config.auth.clientId + "." + t + "." + this.correlationId
}
,
t
}(Ut), Yt = {
sendGetRequestAsync: function() {
return Promise.reject(J.createUnexpectedError("Network interface - sendGetRequestAsync() has not been implemented for the Network interface."))
},
sendPostRequestAsync: function() {
return Promise.reject(J.createUnexpectedError("Network interface - sendPostRequestAsync() has not been implemented for the Network interface."))
}
}, Wt = function() {
function e() {}
return e.prototype.navigateInternal = function(t, r) {
return e.defaultNavigateWindow(t, r)
}
,
e.prototype.navigateExternal = function(t, r) {
return e.defaultNavigateWindow(t, r)
}
,
e.defaultNavigateWindow = function(e, t) {
return t.noHistory ? window.location.replace(e) : window.location.assign(e),
new Promise((function(e) {
setTimeout((function() {
e(!0)
}
), t.timeout)
}
))
}
,
e
}(), Vt = 6e3, Jt = function(e) {
function t(t, r, n, o, i) {
var a = e.call(this, t, r, n, o) || this;
return a.navigateFrameWait = i,
a
}
return i(t, e),
t.prototype.initiateAuthRequest = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
switch (r.label) {
case 0:
if ($.isEmpty(e))
throw this.logger.info("Navigate url is empty"),
ke.createEmptyNavigationUriError();
return this.navigateFrameWait ? [4, this.loadFrame(e)] : [3, 2];
case 1:
return t = r.sent(),
[3, 3];
case 2:
t = this.loadFrameSync(e),
r.label = 3;
case 3:
return [2, t]
}
}
))
}
))
}
,
t.prototype.monitorIframeForHash = function(e, t) {
var r = this;
return new Promise((function(n, o) {
t < Vt && r.logger.warning("system.loadFrameTimeout or system.iframeHashTimeout set to lower (" + t + "ms) than the default (" + Vt + "ms). This may result in timeouts.");
var i = window.performance.now() + t
, a = setInterval((function() {
if (window.performance.now() > i)
return r.removeHiddenIframe(e),
clearInterval(a),
void o(ke.createMonitorIframeTimeoutError());
var t = T.EMPTY_STRING
, s = e.contentWindow;
try {
t = s ? s.location.href : T.EMPTY_STRING
} catch (e) {}
if (!$.isEmpty(t)) {
var c = s ? s.location.hash : T.EMPTY_STRING;
return Ke.hashContainsKnownProperties(c) ? (r.removeHiddenIframe(e),
clearInterval(a),
void n(c)) : void 0
}
}
), Ne.POLL_INTERVAL_MS)
}
))
}
,
t.prototype.loadFrame = function(e) {
var t = this;
return new Promise((function(r, n) {
var o = t.createHiddenIframe();
setTimeout((function() {
o ? (o.src = e,
r(o)) : n("Unable to load iframe")
}
), t.navigateFrameWait)
}
))
}
,
t.prototype.loadFrameSync = function(e) {
var t = this.createHiddenIframe();
return t.src = e,
t
}
,
t.prototype.createHiddenIframe = function() {
var e = document.createElement("iframe");
return e.style.visibility = "hidden",
e.style.position = "absolute",
e.style.width = e.style.height = "0",
e.style.border = "0",
e.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms"),
document.getElementsByTagName("body")[0].appendChild(e),
e
}
,
t.prototype.removeHiddenIframe = function(e) {
document.body === e.parentNode && document.body.removeChild(e)
}
,
t
}(qt), Qt = function(e) {
function t(t, r, n, o, i, a, s, c, u, l, d) {
var h = e.call(this, t, r, n, o, i, a, c, l, d) || this;
return h.apiId = s,
h.nativeStorage = u,
h
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i;
return c(this, (function(s) {
switch (s.label) {
case 0:
if (this.logger.verbose("acquireTokenByIframe called"),
t = this.performanceClient.startMeasurement(ht.SilentIframeClientAcquireToken, e.correlationId),
$.isEmpty(e.loginHint) && $.isEmpty(e.sid) && (!e.account || $.isEmpty(e.account.username)) && this.logger.warning("No user hint provided. The authorization server may need more information to complete this request."),
e.prompt && e.prompt !== A.NONE)
throw t.endMeasurement({
success: !1
}),
ke.createSilentPromptValueError(e.prompt);
return [4, this.initializeAuthorizationRequest(a(a({}, e), {
prompt: A.NONE
}), Ie.Silent)];
case 1:
r = s.sent(),
this.browserStorage.updateCacheEntries(r.state, r.nonce, r.authority, r.loginHint || T.EMPTY_STRING, r.account || null),
n = this.initializeServerTelemetryManager(this.apiId),
s.label = 2;
case 2:
return s.trys.push([2, 5, , 6]),
[4, this.createAuthCodeClient(n, r.authority, r.azureCloudOptions)];
case 3:
return o = s.sent(),
this.logger.verbose("Auth code client created"),
[4, this.silentTokenHelper(o, r).then((function(e) {
return t.endMeasurement({
success: !0,
fromCache: !1
}),
e
}
))];
case 4:
return [2, s.sent()];
case 5:
throw (i = s.sent())instanceof J && i.setCorrelationId(this.correlationId),
n.cacheFailedRequest(i),
this.browserStorage.cleanRequestByState(r.state),
t.endMeasurement({
errorCode: i instanceof J && i.errorCode || void 0,
subErrorCode: i instanceof J && i.subError || void 0,
success: !1
}),
i;
case 6:
return [2]
}
}
))
}
))
}
,
t.prototype.logout = function() {
return Promise.reject(ke.createSilentLogoutUnsupportedError())
}
,
t.prototype.silentTokenHelper = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o, i, s, u, l, d, h, p = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
return [4, this.initializeAuthorizationCodeRequest(t)];
case 1:
return r = c.sent(),
[4, e.getAuthCodeUrl(a(a({}, t), {
nativeBroker: Gt.isNativeAvailable(this.config, this.logger, this.nativeMessageHandler, t.authenticationScheme)
}))];
case 2:
return n = c.sent(),
[4, (o = new Jt(e,this.browserStorage,r,this.logger,this.config.system.navigateFrameWait)).initiateAuthRequest(n)];
case 3:
return i = c.sent(),
[4, o.monitorIframeForHash(i, this.config.system.iframeHashTimeout)];
case 4:
if (s = c.sent(),
u = Ke.getDeserializedHash(s),
l = this.validateAndExtractStateFromHash(u, Ie.Silent, r.correlationId),
u.accountId) {
if (this.logger.verbose("Account id found in hash, calling WAM for token"),
!this.nativeMessageHandler)
throw ke.createNativeConnectionNotEstablishedError();
return d = new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.apiId,this.performanceClient,this.nativeMessageHandler,u.accountId,this.browserStorage,this.correlationId),
h = ye.parseRequestState(this.browserCrypto, l).userRequestState,
[2, d.acquireToken(a(a({}, t), {
state: h,
prompt: A.NONE
})).finally((function() {
p.browserStorage.cleanRequestByState(l)
}
))]
}
return [2, o.handleCodeResponseFromHash(s, l, e.authority, this.networkClient)]
}
}
))
}
))
}
,
t
}(Ut), Xt = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s = this;
return c(this, (function(c) {
switch (c.label) {
case 0:
return r = [a({}, e)],
[4, this.initializeBaseRequest(e)];
case 1:
return t = a.apply(void 0, r.concat([c.sent()])),
n = this.performanceClient.startMeasurement(ht.SilentRefreshClientAcquireToken, t.correlationId),
o = this.initializeServerTelemetryManager(Se.acquireTokenSilent_silentFlow),
[4, this.createRefreshTokenClient(o, t.authority, t.azureCloudOptions)];
case 2:
return i = c.sent(),
this.logger.verbose("Refresh token client created"),
[2, i.acquireTokenByRefreshToken(t).then((function(e) {
return n.endMeasurement({
success: !0,
fromCache: e.fromCache
}),
e
}
)).catch((function(e) {
throw e instanceof J && e.setCorrelationId(s.correlationId),
o.cacheFailedRequest(e),
n.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
e
}
))]
}
}
))
}
))
}
,
t.prototype.logout = function() {
return Promise.reject(ke.createSilentLogoutUnsupportedError())
}
,
t.prototype.createRefreshTokenClient = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n;
return c(this, (function(o) {
switch (o.label) {
case 0:
return [4, this.getClientConfiguration(e, t, r)];
case 1:
return n = o.sent(),
[2, new Ft(n,this.performanceClient)]
}
}
))
}
))
}
,
t
}(Ut), $t = function() {
function e(e, t) {
this.eventCallbacks = new Map,
this.logger = e,
this.browserCrypto = t,
this.listeningToStorageEvents = !1,
this.handleAccountCacheChange = this.handleAccountCacheChange.bind(this)
}
return e.prototype.addEventCallback = function(e) {
if ("undefined" != typeof window) {
var t = this.browserCrypto.createNewGuid();
return this.eventCallbacks.set(t, e),
this.logger.verbose("Event callback registered with id: " + t),
t
}
return null
}
,
e.prototype.removeEventCallback = function(e) {
this.eventCallbacks.delete(e),
this.logger.verbose("Event callback " + e + " removed.")
}
,
e.prototype.enableAccountStorageEvents = function() {
"undefined" != typeof window && (this.listeningToStorageEvents ? this.logger.verbose("Account storage listener already registered.") : (this.logger.verbose("Adding account storage listener."),
this.listeningToStorageEvents = !0,
window.addEventListener("storage", this.handleAccountCacheChange)))
}
,
e.prototype.disableAccountStorageEvents = function() {
"undefined" != typeof window && (this.listeningToStorageEvents ? (this.logger.verbose("Removing account storage listener."),
window.removeEventListener("storage", this.handleAccountCacheChange),
this.listeningToStorageEvents = !1) : this.logger.verbose("No account storage listener registered."))
}
,
e.prototype.emitEvent = function(e, t, r, n) {
var o = this;
if ("undefined" != typeof window) {
var i = {
eventType: e,
interactionType: t || null,
payload: r || null,
error: n || null,
timestamp: Date.now()
};
this.logger.info("Emitting event: " + e),
this.eventCallbacks.forEach((function(t, r) {
o.logger.verbose("Emitting event to callback " + r + ": " + e),
t.apply(null, [i])
}
))
}
}
,
e.prototype.handleAccountCacheChange = function(e) {
try {
var t = e.newValue || e.oldValue;
if (!t)
return;
var r = JSON.parse(t);
if ("object" != typeof r || !re.isAccountEntity(r))
return;
var n = ce.toObject(new re, r).getAccountInfo();
!e.oldValue && e.newValue ? (this.logger.info("Account was added to cache in a different window"),
this.emitEvent(Tt.ACCOUNT_ADDED, void 0, n)) : !e.newValue && e.oldValue && (this.logger.info("Account was removed from cache in a different window"),
this.emitEvent(Tt.ACCOUNT_REMOVED, void 0, n))
} catch (e) {
return
}
}
,
e
}(), Zt = function(e) {
function t(r, n) {
var o = e.call(this, r, n) || this;
return o.name = "JoseHeaderError",
Object.setPrototypeOf(o, t.prototype),
o
}
return h(t, e),
t.createMissingKidError = function() {
return new t("missing_kid_error","The JOSE Header for the requested JWT, JWS or JWK object requires a keyId to be configured as the 'kid' header claim. No 'kid' value was provided.")
}
,
t.createMissingAlgError = function() {
return new t("missing_alg_error","The JOSE Header for the requested JWT, JWS or JWK object requires an algorithm to be specified as the 'alg' header claim. No 'alg' value was provided.")
}
,
t
}(J), er = function() {
function e(e) {
this.typ = e.typ,
this.alg = e.alg,
this.kid = e.kid
}
return e.getShrHeaderString = function(t) {
if (!t.kid)
throw Zt.createMissingKidError();
if (!t.alg)
throw Zt.createMissingAlgError();
var r = new e({
typ: t.typ || Y.Jwt,
kid: t.kid,
alg: t.alg
});
return JSON.stringify(r)
}
,
e
}(), tr = function() {
function e() {}
return e.decimalToHex = function(e) {
for (var t = e.toString(16); t.length < 2; )
t = "0" + t;
return t
}
,
e
}(), rr = function() {
function e(e) {
this.cryptoObj = e
}
return e.prototype.generateGuid = function() {
try {
var e = new Uint8Array(16);
return this.cryptoObj.getRandomValues(e),
e[6] |= 64,
e[6] &= 79,
e[8] |= 128,
e[8] &= 191,
tr.decimalToHex(e[0]) + tr.decimalToHex(e[1]) + tr.decimalToHex(e[2]) + tr.decimalToHex(e[3]) + "-" + tr.decimalToHex(e[4]) + tr.decimalToHex(e[5]) + "-" + tr.decimalToHex(e[6]) + tr.decimalToHex(e[7]) + "-" + tr.decimalToHex(e[8]) + tr.decimalToHex(e[9]) + "-" + tr.decimalToHex(e[10]) + tr.decimalToHex(e[11]) + tr.decimalToHex(e[12]) + tr.decimalToHex(e[13]) + tr.decimalToHex(e[14]) + tr.decimalToHex(e[15])
} catch (e) {
for (var t = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx", r = "0123456789abcdef", n = 0, o = T.EMPTY_STRING, i = 0; i < 36; i++)
"-" !== t[i] && "4" !== t[i] && (n = 16 * Math.random() | 0),
"x" === t[i] ? o += r[n] : "y" === t[i] ? (n &= 3,
o += r[n |= 8]) : o += t[i];
return o
}
}
,
e.prototype.isGuid = function(e) {
return /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i.test(e)
}
,
e
}(), nr = function() {
function e() {}
return e.stringToUtf8Arr = function(e) {
for (var t, r = 0, n = e.length, o = 0; o < n; o++)
r += (t = e.charCodeAt(o)) < 128 ? 1 : t < 2048 ? 2 : t < 65536 ? 3 : t < 2097152 ? 4 : t < 67108864 ? 5 : 6;
for (var i = new Uint8Array(r), a = 0, s = 0; a < r; s++)
(t = e.charCodeAt(s)) < 128 ? i[a++] = t : t < 2048 ? (i[a++] = 192 + (t >>> 6),
i[a++] = 128 + (63 & t)) : t < 65536 ? (i[a++] = 224 + (t >>> 12),
i[a++] = 128 + (t >>> 6 & 63),
i[a++] = 128 + (63 & t)) : t < 2097152 ? (i[a++] = 240 + (t >>> 18),
i[a++] = 128 + (t >>> 12 & 63),
i[a++] = 128 + (t >>> 6 & 63),
i[a++] = 128 + (63 & t)) : t < 67108864 ? (i[a++] = 248 + (t >>> 24),
i[a++] = 128 + (t >>> 18 & 63),
i[a++] = 128 + (t >>> 12 & 63),
i[a++] = 128 + (t >>> 6 & 63),
i[a++] = 128 + (63 & t)) : (i[a++] = 252 + (t >>> 30),
i[a++] = 128 + (t >>> 24 & 63),
i[a++] = 128 + (t >>> 18 & 63),
i[a++] = 128 + (t >>> 12 & 63),
i[a++] = 128 + (t >>> 6 & 63),
i[a++] = 128 + (63 & t));
return i
}
,
e.stringToArrayBuffer = function(e) {
for (var t = new ArrayBuffer(e.length), r = new Uint8Array(t), n = 0; n < e.length; n++)
r[n] = e.charCodeAt(n);
return t
}
,
e.utf8ArrToString = function(e) {
for (var t = T.EMPTY_STRING, r = void 0, n = e.length, o = 0; o < n; o++)
r = e[o],
t += String.fromCharCode(r > 251 && r < 254 && o + 5 < n ? 1073741824 * (r - 252) + (e[++o] - 128 << 24) + (e[++o] - 128 << 18) + (e[++o] - 128 << 12) + (e[++o] - 128 << 6) + e[++o] - 128 : r > 247 && r < 252 && o + 4 < n ? (r - 248 << 24) + (e[++o] - 128 << 18) + (e[++o] - 128 << 12) + (e[++o] - 128 << 6) + e[++o] - 128 : r > 239 && r < 248 && o + 3 < n ? (r - 240 << 18) + (e[++o] - 128 << 12) + (e[++o] - 128 << 6) + e[++o] - 128 : r > 223 && r < 240 && o + 2 < n ? (r - 224 << 12) + (e[++o] - 128 << 6) + e[++o] - 128 : r > 191 && r < 224 && o + 1 < n ? (r - 192 << 6) + e[++o] - 128 : r);
return t
}
,
e
}(), or = function() {
function e() {}
return e.prototype.urlEncode = function(e) {
return encodeURIComponent(this.encode(e).replace(/=/g, T.EMPTY_STRING).replace(/\+/g, "-").replace(/\//g, "_"))
}
,
e.prototype.urlEncodeArr = function(e) {
return this.base64EncArr(e).replace(/=/g, T.EMPTY_STRING).replace(/\+/g, "-").replace(/\//g, "_")
}
,
e.prototype.encode = function(e) {
var t = nr.stringToUtf8Arr(e);
return this.base64EncArr(t)
}
,
e.prototype.base64EncArr = function(e) {
for (var t = (3 - e.length % 3) % 3, r = T.EMPTY_STRING, n = void 0, o = e.length, i = 0, a = 0; a < o; a++)
n = a % 3,
i |= e[a] << (16 >>> n & 24),
2 !== n && e.length - a != 1 || (r += String.fromCharCode(this.uint6ToB64(i >>> 18 & 63), this.uint6ToB64(i >>> 12 & 63), this.uint6ToB64(i >>> 6 & 63), this.uint6ToB64(63 & i)),
i = 0);
return 0 === t ? r : r.substring(0, r.length - t) + (1 === t ? "=" : "==")
}
,
e.prototype.uint6ToB64 = function(e) {
return e < 26 ? e + 65 : e < 52 ? e + 71 : e < 62 ? e - 4 : 62 === e ? 43 : 63 === e ? 47 : 65
}
,
e
}(), ir = function() {
function e() {}
return e.prototype.decode = function(e) {
var t = e.replace(/-/g, "+").replace(/_/g, "/");
switch (t.length % 4) {
case 0:
break;
case 2:
t += "==";
break;
case 3:
t += "=";
break;
default:
throw new Error("Invalid base64 string")
}
var r = this.base64DecToArr(t);
return nr.utf8ArrToString(r)
}
,
e.prototype.base64DecToArr = function(e, t) {
for (var r = e.replace(/[^A-Za-z0-9\+\/]/g, T.EMPTY_STRING), n = r.length, o = t ? Math.ceil((3 * n + 1 >>> 2) / t) * t : 3 * n + 1 >>> 2, i = new Uint8Array(o), a = void 0, s = void 0, c = 0, u = 0, l = 0; l < n; l++)
if (s = 3 & l,
c |= this.b64ToUint6(r.charCodeAt(l)) << 18 - 6 * s,
3 === s || n - l == 1) {
for (a = 0; a < 3 && u < o; a++,
u++)
i[u] = c >>> (16 >>> a & 24) & 255;
c = 0
}
return i
}
,
e.prototype.b64ToUint6 = function(e) {
return e > 64 && e < 91 ? e - 65 : e > 96 && e < 123 ? e - 71 : e > 47 && e < 58 ? e + 4 : 43 === e ? 62 : 47 === e ? 63 : 0
}
,
e
}(), ar = function() {
function e(e) {
this.base64Encode = new or,
this.cryptoObj = e
}
return e.prototype.generateCodes = function() {
return s(this, void 0, void 0, (function() {
var e, t;
return c(this, (function(r) {
switch (r.label) {
case 0:
return e = this.generateCodeVerifier(),
[4, this.generateCodeChallengeFromVerifier(e)];
case 1:
return t = r.sent(),
[2, {
verifier: e,
challenge: t
}]
}
}
))
}
))
}
,
e.prototype.generateCodeVerifier = function() {
try {
var e = new Uint8Array(32);
return this.cryptoObj.getRandomValues(e),
this.base64Encode.urlEncodeArr(e)
} catch (e) {
throw ke.createPkceNotGeneratedError(e)
}
}
,
e.prototype.generateCodeChallengeFromVerifier = function(e) {
return s(this, void 0, void 0, (function() {
var t, r;
return c(this, (function(n) {
switch (n.label) {
case 0:
return n.trys.push([0, 2, , 3]),
[4, this.cryptoObj.sha256Digest(e)];
case 1:
return t = n.sent(),
[2, this.base64Encode.urlEncodeArr(new Uint8Array(t))];
case 2:
throw r = n.sent(),
ke.createPkceNotGeneratedError(r);
case 3:
return [2]
}
}
))
}
))
}
,
e
}(), sr = "SHA-256", cr = new Uint8Array([1, 0, 1]), ur = function() {
function e(e) {
if (this.logger = e,
!this.hasCryptoAPI())
throw ke.createCryptoNotAvailableError("Browser crypto or msCrypto object not available.");
this._keygenAlgorithmOptions = {
name: "RSASSA-PKCS1-v1_5",
hash: sr,
modulusLength: 2048,
publicExponent: cr
}
}
return e.prototype.sha256Digest = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
return t = nr.stringToUtf8Arr(e),
[2, this.hasIECrypto() ? this.getMSCryptoDigest(sr, t) : this.getSubtleCryptoDigest(sr, t)]
}
))
}
))
}
,
e.prototype.getRandomValues = function(e) {
var t = window.msCrypto || window.crypto;
if (!t.getRandomValues)
throw ke.createCryptoNotAvailableError("getRandomValues does not exist.");
t.getRandomValues(e)
}
,
e.prototype.generateKeyPair = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, this.hasIECrypto() ? this.msCryptoGenerateKey(e, t) : window.crypto.subtle.generateKey(this._keygenAlgorithmOptions, e, t)]
}
))
}
))
}
,
e.prototype.exportJwk = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
return [2, this.hasIECrypto() ? this.msCryptoExportJwk(e) : window.crypto.subtle.exportKey(Ue, e)]
}
))
}
))
}
,
e.prototype.importJwk = function(t, r, n) {
return s(this, void 0, void 0, (function() {
var o, i;
return c(this, (function(a) {
return o = e.getJwkString(t),
i = nr.stringToArrayBuffer(o),
[2, this.hasIECrypto() ? this.msCryptoImportKey(i, r, n) : window.crypto.subtle.importKey(Ue, t, this._keygenAlgorithmOptions, r, n)]
}
))
}
))
}
,
e.prototype.sign = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, this.hasIECrypto() ? this.msCryptoSign(e, t) : window.crypto.subtle.sign(this._keygenAlgorithmOptions, e, t)]
}
))
}
))
}
,
e.prototype.hasCryptoAPI = function() {
return this.hasIECrypto() || this.hasBrowserCrypto()
}
,
e.prototype.hasIECrypto = function() {
return "msCrypto"in window
}
,
e.prototype.hasBrowserCrypto = function() {
return "crypto"in window
}
,
e.prototype.getSubtleCryptoDigest = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, window.crypto.subtle.digest(e, t)]
}
))
}
))
}
,
e.prototype.getMSCryptoDigest = function(e, t) {
return s(this, void 0, void 0, (function() {
return c(this, (function(r) {
return [2, new Promise((function(r, n) {
var o = window.msCrypto.subtle.digest(e, t.buffer);
o.addEventListener("complete", (function(e) {
r(e.target.result)
}
)),
o.addEventListener("error", (function(e) {
n(e)
}
))
}
))]
}
))
}
))
}
,
e.prototype.msCryptoGenerateKey = function(e, t) {
return s(this, void 0, void 0, (function() {
var r = this;
return c(this, (function(n) {
return [2, new Promise((function(n, o) {
var i = window.msCrypto.subtle.generateKey(r._keygenAlgorithmOptions, e, t);
i.addEventListener("complete", (function(e) {
n(e.target.result)
}
)),
i.addEventListener("error", (function(e) {
o(e)
}
))
}
))]
}
))
}
))
}
,
e.prototype.msCryptoExportJwk = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
return [2, new Promise((function(t, r) {
var n = window.msCrypto.subtle.exportKey(Ue, e);
n.addEventListener("complete", (function(e) {
var n = e.target.result
, o = nr.utf8ArrToString(new Uint8Array(n)).replace(/\r/g, T.EMPTY_STRING).replace(/\n/g, T.EMPTY_STRING).replace(/\t/g, T.EMPTY_STRING).split(" ").join(T.EMPTY_STRING).replace("\0", T.EMPTY_STRING);
try {
t(JSON.parse(o))
} catch (e) {
r(e)
}
}
)),
n.addEventListener("error", (function(e) {
r(e)
}
))
}
))]
}
))
}
))
}
,
e.prototype.msCryptoImportKey = function(e, t, r) {
return s(this, void 0, void 0, (function() {
var n = this;
return c(this, (function(o) {
return [2, new Promise((function(o, i) {
var a = window.msCrypto.subtle.importKey(Ue, e, n._keygenAlgorithmOptions, t, r);
a.addEventListener("complete", (function(e) {
o(e.target.result)
}
)),
a.addEventListener("error", (function(e) {
i(e)
}
))
}
))]
}
))
}
))
}
,
e.prototype.msCryptoSign = function(e, t) {
return s(this, void 0, void 0, (function() {
var r = this;
return c(this, (function(n) {
return [2, new Promise((function(n, o) {
var i = window.msCrypto.subtle.sign(r._keygenAlgorithmOptions, e, t);
i.addEventListener("complete", (function(e) {
n(e.target.result)
}
)),
i.addEventListener("error", (function(e) {
o(e)
}
))
}
))]
}
))
}
))
}
,
e.getJwkString = function(e) {
return JSON.stringify(e, Object.keys(e).sort())
}
,
e
}(), lr = function() {
function e() {
this.dbName = He,
this.version = 1,
this.tableName = "msal.db.keys",
this.dbOpen = !1
}
return e.prototype.open = function() {
return s(this, void 0, void 0, (function() {
var e = this;
return c(this, (function(t) {
return [2, new Promise((function(t, r) {
var n = window.indexedDB.open(e.dbName, e.version);
n.addEventListener("upgradeneeded", (function(t) {
t.target.result.createObjectStore(e.tableName)
}
)),
n.addEventListener("success", (function(r) {
var n = r;
e.db = n.target.result,
e.dbOpen = !0,
t()
}
)),
n.addEventListener("error", (function() {
return r(ke.createDatabaseUnavailableError())
}
))
}
))]
}
))
}
))
}
,
e.prototype.closeConnection = function() {
var e = this.db;
e && this.dbOpen && (e.close(),
this.dbOpen = !1)
}
,
e.prototype.validateDbIsOpen = function() {
return s(this, void 0, void 0, (function() {
return c(this, (function(e) {
switch (e.label) {
case 0:
return this.dbOpen ? [3, 2] : [4, this.open()];
case 1:
return [2, e.sent()];
case 2:
return [2]
}
}
))
}
))
}
,
e.prototype.getItem = function(e) {
return s(this, void 0, void 0, (function() {
var t = this;
return c(this, (function(r) {
switch (r.label) {
case 0:
return [4, this.validateDbIsOpen()];
case 1:
return r.sent(),
[2, new Promise((function(r, n) {
if (!t.db)
return n(ke.createDatabaseNotOpenError());
var o = t.db.transaction([t.tableName], "readonly").objectStore(t.tableName).get(e);
o.addEventListener("success", (function(e) {
var n = e;
t.closeConnection(),
r(n.target.result)
}
)),
o.addEventListener("error", (function(e) {
t.closeConnection(),
n(e)
}
))
}
))]
}
}
))
}
))
}
,
e.prototype.setItem = function(e, t) {
return s(this, void 0, void 0, (function() {
var r = this;
return c(this, (function(n) {
switch (n.label) {
case 0:
return [4, this.validateDbIsOpen()];
case 1:
return n.sent(),
[2, new Promise((function(n, o) {
if (!r.db)
return o(ke.createDatabaseNotOpenError());
var i = r.db.transaction([r.tableName], "readwrite").objectStore(r.tableName).put(t, e);
i.addEventListener("success", (function() {
r.closeConnection(),
n()
}
)),
i.addEventListener("error", (function(e) {
r.closeConnection(),
o(e)
}
))
}
))]
}
}
))
}
))
}
,
e.prototype.removeItem = function(e) {
return s(this, void 0, void 0, (function() {
var t = this;
return c(this, (function(r) {
switch (r.label) {
case 0:
return [4, this.validateDbIsOpen()];
case 1:
return r.sent(),
[2, new Promise((function(r, n) {
if (!t.db)
return n(ke.createDatabaseNotOpenError());
var o = t.db.transaction([t.tableName], "readwrite").objectStore(t.tableName).delete(e);
o.addEventListener("success", (function() {
t.closeConnection(),
r()
}
)),
o.addEventListener("error", (function(e) {
t.closeConnection(),
n(e)
}
))
}
))]
}
}
))
}
))
}
,
e.prototype.getKeys = function() {
return s(this, void 0, void 0, (function() {
var e = this;
return c(this, (function(t) {
switch (t.label) {
case 0:
return [4, this.validateDbIsOpen()];
case 1:
return t.sent(),
[2, new Promise((function(t, r) {
if (!e.db)
return r(ke.createDatabaseNotOpenError());
var n = e.db.transaction([e.tableName], "readonly").objectStore(e.tableName).getAllKeys();
n.addEventListener("success", (function(r) {
var n = r;
e.closeConnection(),
t(n.target.result)
}
)),
n.addEventListener("error", (function(t) {
e.closeConnection(),
r(t)
}
))
}
))]
}
}
))
}
))
}
,
e.prototype.containsKey = function(e) {
return s(this, void 0, void 0, (function() {
var t = this;
return c(this, (function(r) {
switch (r.label) {
case 0:
return [4, this.validateDbIsOpen()];
case 1:
return r.sent(),
[2, new Promise((function(r, n) {
if (!t.db)
return n(ke.createDatabaseNotOpenError());
var o = t.db.transaction([t.tableName], "readonly").objectStore(t.tableName).count(e);
o.addEventListener("success", (function(e) {
var n = e;
t.closeConnection(),
r(1 === n.target.result)
}
)),
o.addEventListener("error", (function(e) {
t.closeConnection(),
n(e)
}
))
}
))]
}
}
))
}
))
}
,
e.prototype.deleteDatabase = function() {
return s(this, void 0, void 0, (function() {
return c(this, (function(e) {
return this.db && this.dbOpen && this.closeConnection(),
[2, new Promise((function(e, t) {
var r = window.indexedDB.deleteDatabase(He);
r.addEventListener("success", (function() {
return e(!0)
}
)),
r.addEventListener("blocked", (function() {
return e(!0)
}
)),
r.addEventListener("error", (function() {
return t(!1)
}
))
}
))]
}
))
}
))
}
,
e
}(), dr = function() {
function e(e, t) {
this.inMemoryCache = new xe,
this.indexedDBCache = new lr,
this.logger = e,
this.storeName = t
}
return e.prototype.handleDatabaseAccessError = function(e) {
if (!(e instanceof ke && e.errorCode === Re.databaseUnavailable.code))
throw e;
this.logger.error("Could not access persistent storage. This may be caused by browser privacy features which block persistent storage in third-party contexts.")
}
,
e.prototype.getItem = function(e) {
return s(this, void 0, void 0, (function() {
var t, r;
return c(this, (function(n) {
switch (n.label) {
case 0:
if (t = this.inMemoryCache.getItem(e))
return [3, 4];
n.label = 1;
case 1:
return n.trys.push([1, 3, , 4]),
this.logger.verbose("Queried item not found in in-memory cache, now querying persistent storage."),
[4, this.indexedDBCache.getItem(e)];
case 2:
return [2, n.sent()];
case 3:
return r = n.sent(),
this.handleDatabaseAccessError(r),
[3, 4];
case 4:
return [2, t]
}
}
))
}
))
}
,
e.prototype.setItem = function(e, t) {
return s(this, void 0, void 0, (function() {
var r;
return c(this, (function(n) {
switch (n.label) {
case 0:
this.inMemoryCache.setItem(e, t),
n.label = 1;
case 1:
return n.trys.push([1, 3, , 4]),
[4, this.indexedDBCache.setItem(e, t)];
case 2:
return n.sent(),
[3, 4];
case 3:
return r = n.sent(),
this.handleDatabaseAccessError(r),
[3, 4];
case 4:
return [2]
}
}
))
}
))
}
,
e.prototype.removeItem = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
switch (r.label) {
case 0:
this.inMemoryCache.removeItem(e),
r.label = 1;
case 1:
return r.trys.push([1, 3, , 4]),
[4, this.indexedDBCache.removeItem(e)];
case 2:
return r.sent(),
[3, 4];
case 3:
return t = r.sent(),
this.handleDatabaseAccessError(t),
[3, 4];
case 4:
return [2]
}
}
))
}
))
}
,
e.prototype.getKeys = function() {
return s(this, void 0, void 0, (function() {
var e, t;
return c(this, (function(r) {
switch (r.label) {
case 0:
if (0 !== (e = this.inMemoryCache.getKeys()).length)
return [3, 4];
r.label = 1;
case 1:
return r.trys.push([1, 3, , 4]),
this.logger.verbose("In-memory cache is empty, now querying persistent storage."),
[4, this.indexedDBCache.getKeys()];
case 2:
return [2, r.sent()];
case 3:
return t = r.sent(),
this.handleDatabaseAccessError(t),
[3, 4];
case 4:
return [2, e]
}
}
))
}
))
}
,
e.prototype.containsKey = function(e) {
return s(this, void 0, void 0, (function() {
var t, r;
return c(this, (function(n) {
switch (n.label) {
case 0:
if (t = this.inMemoryCache.containsKey(e))
return [3, 4];
n.label = 1;
case 1:
return n.trys.push([1, 3, , 4]),
this.logger.verbose("Key not found in in-memory cache, now querying persistent storage."),
[4, this.indexedDBCache.containsKey(e)];
case 2:
return [2, n.sent()];
case 3:
return r = n.sent(),
this.handleDatabaseAccessError(r),
[3, 4];
case 4:
return [2, t]
}
}
))
}
))
}
,
e.prototype.clearInMemory = function() {
this.logger.verbose("Deleting in-memory keystore " + this.storeName),
this.inMemoryCache.clear(),
this.logger.verbose("In-memory keystore " + this.storeName + " deleted")
}
,
e.prototype.clearPersistent = function() {
return s(this, void 0, void 0, (function() {
var e, t;
return c(this, (function(r) {
switch (r.label) {
case 0:
return r.trys.push([0, 2, , 3]),
this.logger.verbose("Deleting persistent keystore"),
[4, this.indexedDBCache.deleteDatabase()];
case 1:
return (e = r.sent()) && this.logger.verbose("Persistent keystore deleted"),
[2, e];
case 2:
return t = r.sent(),
this.handleDatabaseAccessError(t),
[2, !1];
case 3:
return [2]
}
}
))
}
))
}
,
e
}();
!function(e) {
e.asymmetricKeys = "asymmetricKeys",
e.symmetricKeys = "symmetricKeys"
}(Lt || (Lt = {}));
var hr = function() {
function e(e) {
this.logger = e,
this.asymmetricKeys = new dr(this.logger,Lt.asymmetricKeys),
this.symmetricKeys = new dr(this.logger,Lt.symmetricKeys)
}
return e.prototype.clear = function() {
return s(this, void 0, void 0, (function() {
var e;
return c(this, (function(t) {
switch (t.label) {
case 0:
this.asymmetricKeys.clearInMemory(),
this.symmetricKeys.clearInMemory(),
t.label = 1;
case 1:
return t.trys.push([1, 3, , 4]),
[4, this.asymmetricKeys.clearPersistent()];
case 2:
return t.sent(),
[2, !0];
case 3:
return (e = t.sent())instanceof Error ? this.logger.error("Clearing keystore failed with error: " + e.message) : this.logger.error("Clearing keystore failed with unknown error"),
[2, !1];
case 4:
return [2]
}
}
))
}
))
}
,
e
}()
, pr = function() {
function e(e, t) {
this.logger = e,
this.browserCrypto = new ur(this.logger),
this.b64Encode = new or,
this.b64Decode = new ir,
this.guidGenerator = new rr(this.browserCrypto),
this.pkceGenerator = new ar(this.browserCrypto),
this.cache = new hr(this.logger),
this.performanceClient = t
}
return e.prototype.createNewGuid = function() {
return this.guidGenerator.generateGuid()
}
,
e.prototype.base64Encode = function(e) {
return this.b64Encode.encode(e)
}
,
e.prototype.base64Decode = function(e) {
return this.b64Decode.decode(e)
}
,
e.prototype.generatePkceCodes = function() {
return s(this, void 0, void 0, (function() {
return c(this, (function(e) {
return [2, this.pkceGenerator.generateCodes()]
}
))
}
))
}
,
e.prototype.getPublicKeyThumbprint = function(t) {
var r;
return s(this, void 0, void 0, (function() {
var n, o, i, a, s, u, l, d;
return c(this, (function(c) {
switch (c.label) {
case 0:
return n = null === (r = this.performanceClient) || void 0 === r ? void 0 : r.startMeasurement(ht.CryptoOptsGetPublicKeyThumbprint, t.correlationId),
[4, this.browserCrypto.generateKeyPair(e.EXTRACTABLE, e.POP_KEY_USAGES)];
case 1:
return o = c.sent(),
[4, this.browserCrypto.exportJwk(o.publicKey)];
case 2:
return i = c.sent(),
a = {
e: i.e,
kty: i.kty,
n: i.n
},
s = ur.getJwkString(a),
[4, this.hashString(s)];
case 3:
return u = c.sent(),
[4, this.browserCrypto.exportJwk(o.privateKey)];
case 4:
return l = c.sent(),
[4, this.browserCrypto.importJwk(l, !1, ["sign"])];
case 5:
return d = c.sent(),
[4, this.cache.asymmetricKeys.setItem(u, {
privateKey: d,
publicKey: o.publicKey,
requestMethod: t.resourceRequestMethod,
requestUri: t.resourceRequestUri
})];
case 6:
return c.sent(),
n && n.endMeasurement({
success: !0
}),
[2, u]
}
}
))
}
))
}
,
e.prototype.removeTokenBindingKey = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
switch (t.label) {
case 0:
return [4, this.cache.asymmetricKeys.removeItem(e)];
case 1:
return t.sent(),
[4, this.cache.asymmetricKeys.containsKey(e)];
case 2:
return [2, !t.sent()]
}
}
))
}
))
}
,
e.prototype.clearKeystore = function() {
return s(this, void 0, void 0, (function() {
return c(this, (function(e) {
switch (e.label) {
case 0:
return [4, this.cache.clear()];
case 1:
return [2, e.sent()]
}
}
))
}
))
}
,
e.prototype.signJwt = function(e, t, r) {
var n;
return s(this, void 0, void 0, (function() {
var o, i, a, s, u, l, d, h, p, g, f, m, v;
return c(this, (function(c) {
switch (c.label) {
case 0:
return o = null === (n = this.performanceClient) || void 0 === n ? void 0 : n.startMeasurement(ht.CryptoOptsSignJwt, r),
[4, this.cache.asymmetricKeys.getItem(t)];
case 1:
if (!(i = c.sent()))
throw ke.createSigningKeyNotFoundInStorageError(t);
return [4, this.browserCrypto.exportJwk(i.publicKey)];
case 2:
return a = c.sent(),
s = ur.getJwkString(a),
u = this.b64Encode.urlEncode(JSON.stringify({
kid: t
})),
l = er.getShrHeaderString({
kid: u,
alg: a.alg
}),
d = this.b64Encode.urlEncode(l),
e.cnf = {
jwk: JSON.parse(s)
},
h = this.b64Encode.urlEncode(JSON.stringify(e)),
p = d + "." + h,
g = nr.stringToArrayBuffer(p),
[4, this.browserCrypto.sign(i.privateKey, g)];
case 3:
return f = c.sent(),
m = this.b64Encode.urlEncodeArr(new Uint8Array(f)),
v = p + "." + m,
o && o.endMeasurement({
success: !0
}),
[2, v]
}
}
))
}
))
}
,
e.prototype.hashString = function(e) {
return s(this, void 0, void 0, (function() {
var t, r;
return c(this, (function(n) {
switch (n.label) {
case 0:
return [4, this.browserCrypto.sha256Digest(e)];
case 1:
return t = n.sent(),
r = new Uint8Array(t),
[2, this.b64Encode.urlEncodeArr(r)]
}
}
))
}
))
}
,
e.POP_KEY_USAGES = ["sign", "verify"],
e.EXTRACTABLE = !0,
e
}()
, gr = function() {
function e(e, t, r, n, o, i) {
this.authority = t,
this.libraryName = n,
this.libraryVersion = o,
this.applicationTelemetry = i,
this.clientId = e,
this.logger = r,
this.callbacks = new Map,
this.eventsByCorrelationId = new Map,
this.measurementsById = new Map
}
return e.prototype.startMeasurement = function(e, t) {
var r, n, o = this, i = t || this.generateId();
t || this.logger.info("PerformanceClient: No correlation id provided for " + e + ", generating", i),
this.logger.trace("PerformanceClient: Performance measurement started for " + e, i);
var a = this.startPerformanceMeasuremeant(e, i);
a.startMeasurement();
var s = {
eventId: this.generateId(),
status: pt.InProgress,
authority: this.authority,
libraryName: this.libraryName,
libraryVersion: this.libraryVersion,
appName: null === (r = this.applicationTelemetry) || void 0 === r ? void 0 : r.appName,
appVersion: null === (n = this.applicationTelemetry) || void 0 === n ? void 0 : n.appVersion,
clientId: this.clientId,
name: e,
startTimeMs: Date.now(),
correlationId: i
};
return this.cacheEventByCorrelationId(s),
this.cacheMeasurement(s, a),
{
endMeasurement: function(e) {
var t = o.endMeasurement(p(p({}, s), e));
return t && o.cacheEventByCorrelationId(t),
t
},
flushMeasurement: function() {
return o.flushMeasurements(s.name, s.correlationId)
},
discardMeasurement: function() {
return o.discardMeasurements(s.correlationId)
},
measurement: a,
event: s
}
}
,
e.prototype.endMeasurement = function(e) {
var t = this.measurementsById.get(e.eventId);
if (t) {
this.measurementsById.delete(e.eventId),
t.endMeasurement();
var r = t.flushMeasurement();
if (null !== r)
return this.logger.trace("PerformanceClient: Performance measurement ended for " + e.name + ": " + r + " ms", e.correlationId),
p(p({
durationMs: Math.round(r)
}, e), {
status: pt.Completed
});
this.logger.trace("PerformanceClient: Performance measurement not taken", e.correlationId)
} else
this.logger.trace("PerformanceClient: Measurement not found for " + e.eventId, e.correlationId);
return null
}
,
e.prototype.cacheEventByCorrelationId = function(e) {
var t = this.eventsByCorrelationId.get(e.correlationId);
t ? (this.logger.trace("PerformanceClient: Performance measurement for " + e.name + " added/updated", e.correlationId),
t.set(e.eventId, e)) : (this.logger.trace("PerformanceClient: Performance measurement for " + e.name + " started", e.correlationId),
this.eventsByCorrelationId.set(e.correlationId, (new Map).set(e.eventId, e)))
}
,
e.prototype.cacheMeasurement = function(e, t) {
this.measurementsById.set(e.eventId, t)
}
,
e.prototype.flushMeasurements = function(e, t) {
var r = this;
this.logger.trace("PerformanceClient: Performance measurements flushed for " + e, t);
var n = this.eventsByCorrelationId.get(t);
if (n) {
this.discardMeasurements(t);
var o = [];
n.forEach((function(n) {
if (n.name !== e && n.status !== pt.Completed) {
r.logger.trace("PerformanceClient: Incomplete submeasurement " + n.name + " found for " + e, t);
var i = r.endMeasurement(n);
i && o.push(i)
}
o.push(n)
}
));
var i = o.sort((function(e, t) {
return e.startTimeMs - t.startTimeMs
}
))
, a = i.filter((function(t) {
return t.name === e && t.status === pt.Completed
}
));
if (a.length > 0) {
a.length > 1 && this.logger.verbose("PerformanceClient: Multiple distinct top-level performance events found, using the first", t);
var s = a[0];
this.logger.verbose("PerformanceClient: Measurement found for " + e, t);
var c = i.reduce((function(n, o) {
if (o.name !== e) {
r.logger.trace("PerformanceClient: Complete submeasurement found for " + o.name, t);
var i = o.name + "DurationMs";
n[i] ? r.logger.verbose("PerformanceClient: Submeasurement for " + e + " already exists for " + o.name + ", ignoring", t) : n[i] = o.durationMs,
o.accessTokenSize && (n.accessTokenSize = o.accessTokenSize),
o.idTokenSize && (n.idTokenSize = o.idTokenSize)
}
return n
}
), s);
this.emitEvents([c], c.correlationId)
} else
this.logger.verbose("PerformanceClient: No completed top-level measurements found for " + e, t)
} else
this.logger.verbose("PerformanceClient: No measurements found", t)
}
,
e.prototype.discardMeasurements = function(e) {
this.logger.trace("PerformanceClient: Performance measurements discarded", e),
this.eventsByCorrelationId.delete(e)
}
,
e.prototype.addPerformanceCallback = function(e) {
var t = this.generateId();
return this.callbacks.set(t, e),
this.logger.verbose("PerformanceClient: Performance callback registered with id: " + t),
t
}
,
e.prototype.removePerformanceCallback = function(e) {
var t = this.callbacks.delete(e);
return t ? this.logger.verbose("PerformanceClient: Performance callback " + e + " removed.") : this.logger.verbose("PerformanceClient: Performance callback " + e + " not removed."),
t
}
,
e.prototype.emitEvents = function(e, t) {
var r = this;
this.logger.verbose("PerformanceClient: Emitting performance events", t),
this.callbacks.forEach((function(n, o) {
r.logger.trace("PerformanceClient: Emitting event to callback " + o, t),
n.apply(null, [e])
}
))
}
,
e
}()
, fr = function() {
function e() {}
return e.prototype.startMeasurement = function() {}
,
e.prototype.endMeasurement = function() {}
,
e.prototype.flushMeasurement = function() {
return null
}
,
e
}()
, mr = function(e) {
function t() {
return null !== e && e.apply(this, arguments) || this
}
return h(t, e),
t.prototype.generateId = function() {
return "callback-id"
}
,
t.prototype.startPerformanceMeasuremeant = function() {
return new fr
}
,
t
}(gr)
, vr = function() {
function e(e, t, r, n) {
this.isBrowserEnvironment = "undefined" != typeof window,
this.config = e,
this.storage = t,
this.logger = r,
this.cryptoObj = n
}
return e.prototype.loadExternalTokens = function(e, t, r) {
if (this.logger.info("TokenCache - loadExternalTokens called"),
!t.id_token)
throw ke.createUnableToLoadTokenError("Please ensure server response includes id token.");
if (e.account)
this.loadIdToken(t.id_token, e.account.homeAccountId, e.account.environment, e.account.tenantId, r),
this.loadAccessToken(e, t, e.account.homeAccountId, e.account.environment, e.account.tenantId, r);
else {
if (!e.authority)
throw ke.createUnableToLoadTokenError("Please provide a request with an account or a request with authority.");
var n = It.generateAuthority(e.authority, e.azureCloudOptions)
, o = {
protocolMode: this.config.auth.protocolMode,
knownAuthorities: this.config.auth.knownAuthorities,
cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata,
authorityMetadata: this.config.auth.authorityMetadata,
skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache
}
, i = new It(n,this.config.system.networkClient,this.storage,o);
if (r.clientInfo)
this.logger.trace("TokenCache - homeAccountId from options"),
this.loadIdToken(t.id_token, r.clientInfo, i.hostnameAndPort, i.tenant, r),
this.loadAccessToken(e, t, r.clientInfo, i.hostnameAndPort, i.tenant, r);
else {
if (!t.client_info)
throw ke.createUnableToLoadTokenError("Please provide clientInfo in the response or options.");
this.logger.trace("TokenCache - homeAccountId from response"),
this.loadIdToken(t.id_token, t.client_info, i.hostnameAndPort, i.tenant, r),
this.loadAccessToken(e, t, t.client_info, i.hostnameAndPort, i.tenant, r)
}
}
}
,
e.prototype.loadIdToken = function(e, t, r, n, o) {
var i = le.createIdTokenEntity(t, r, e, this.config.auth.clientId, n)
, a = new se(e,this.cryptoObj)
, s = o.clientInfo ? re.createAccount(o.clientInfo, t, a, void 0, void 0, void 0, r) : re.createGenericAccount(t, a, void 0, void 0, void 0, r);
if (!this.isBrowserEnvironment)
throw ke.createUnableToLoadTokenError("loadExternalTokens is designed to work in browser environments only.");
this.logger.verbose("TokenCache - loading id token"),
this.storage.setAccount(s),
this.storage.setIdTokenCredential(i)
}
,
e.prototype.loadAccessToken = function(e, t, r, n, o, i) {
if (t.access_token) {
if (!t.expires_in)
throw ke.createUnableToLoadTokenError("Please ensure server response includes expires_in value.");
if (!i.extendedExpiresOn)
throw ke.createUnableToLoadTokenError("Please provide an extendedExpiresOn value in the options.");
var a = new ae(e.scopes).printScopes()
, s = i.expiresOn || t.expires_in + (new Date).getTime() / 1e3
, c = i.extendedExpiresOn
, u = he.createAccessTokenEntity(r, n, t.access_token, this.config.auth.clientId, o, a, s, c, this.cryptoObj);
if (!this.isBrowserEnvironment)
throw ke.createUnableToLoadTokenError("loadExternalTokens is designed to work in browser environments only.");
this.logger.verbose("TokenCache - loading access token"),
this.storage.setAccessTokenCredential(u)
} else
this.logger.verbose("TokenCache - No access token provided for caching")
}
,
e
}()
, yr = function(e) {
function t(t) {
var r = e.call(this, t) || this;
return r.includeRedirectUri = !1,
r
}
return i(t, e),
t
}(vt)
, Er = function(e) {
function t(t, r, n, o, i, a, s, c, u, l) {
var d = e.call(this, t, r, n, o, i, a, c, u, l) || this;
return d.apiId = s,
d
}
return i(t, e),
t.prototype.acquireToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s;
return c(this, (function(c) {
switch (c.label) {
case 0:
if (this.logger.trace("SilentAuthCodeClient.acquireToken called"),
!e.code)
throw ke.createAuthCodeRequiredError();
return [4, this.initializeAuthorizationRequest(e, Ie.Silent)];
case 1:
t = c.sent(),
this.browserStorage.updateCacheEntries(t.state, t.nonce, t.authority, t.loginHint || T.EMPTY_STRING, t.account || null),
r = this.initializeServerTelemetryManager(this.apiId),
c.label = 2;
case 2:
return c.trys.push([2, 4, , 5]),
n = a(a({}, t), {
code: e.code
}),
[4, this.getClientConfiguration(r, t.authority)];
case 3:
return o = c.sent(),
i = new yr(o),
this.logger.verbose("Auth code client created"),
[2, new Jt(i,this.browserStorage,n,this.logger,this.config.system.navigateFrameWait).handleCodeResponseFromServer({
code: e.code,
msgraph_host: e.msGraphHost,
cloud_graph_host_name: e.cloudGraphHostName,
cloud_instance_host_name: e.cloudInstanceHostName
}, t.state, i.authority, this.networkClient, !1)];
case 4:
throw (s = c.sent())instanceof J && s.setCorrelationId(this.correlationId),
r.cacheFailedRequest(s),
this.browserStorage.cleanRequestByState(t.state),
s;
case 5:
return [2]
}
}
))
}
))
}
,
t.prototype.logout = function() {
return Promise.reject(ke.createSilentLogoutUnsupportedError())
}
,
t
}(Ut)
, _r = function() {
function e(e, t) {
this.correlationId = t,
this.measureName = "msal.measure." + e + "." + this.correlationId,
this.startMark = "msal.start." + e + "." + this.correlationId,
this.endMark = "msal.end." + e + "." + this.correlationId
}
return e.supportsBrowserPerformance = function() {
return "undefined" != typeof window && void 0 !== window.performance && "function" == typeof window.performance.mark && "function" == typeof window.performance.measure && "function" == typeof window.performance.clearMarks && "function" == typeof window.performance.clearMeasures && "function" == typeof window.performance.getEntriesByName
}
,
e.prototype.startMeasurement = function() {
if (e.supportsBrowserPerformance())
try {
window.performance.mark(this.startMark)
} catch (e) {}
}
,
e.prototype.endMeasurement = function() {
if (e.supportsBrowserPerformance())
try {
window.performance.mark(this.endMark),
window.performance.measure(this.measureName, this.startMark, this.endMark)
} catch (e) {}
}
,
e.prototype.flushMeasurement = function() {
if (e.supportsBrowserPerformance())
try {
var t = window.performance.getEntriesByName(this.measureName, "measure");
if (t.length > 0) {
var r = t[0].duration;
return window.performance.clearMeasures(this.measureName),
window.performance.clearMarks(this.startMark),
window.performance.clearMarks(this.endMark),
r
}
} catch (e) {}
return null
}
,
e
}()
, Cr = function(e) {
function t(t, r, n, o, i, a) {
var s = e.call(this, t, r, n, o, i, a) || this;
return s.browserCrypto = new ur(s.logger),
s.guidGenerator = new rr(s.browserCrypto),
s
}
return i(t, e),
t.prototype.startPerformanceMeasuremeant = function(e, t) {
return new _r(e,t)
}
,
t.prototype.generateId = function() {
return this.guidGenerator.generateGuid()
}
,
t.prototype.getPageVisibility = function() {
var e;
return (null === (e = document.visibilityState) || void 0 === e ? void 0 : e.toString()) || null
}
,
t.prototype.startMeasurement = function(t, r) {
var n = this
, o = this.getPageVisibility()
, i = e.prototype.startMeasurement.call(this, t, r);
return a(a({}, i), {
endMeasurement: function(e) {
return i.endMeasurement(a({
startPageVisibility: o,
endPageVisibility: n.getPageVisibility()
}, e))
}
})
}
,
t
}(gr)
, Tr = function() {
function e(e) {
var t, r, n;
this.isBrowserEnvironment = "undefined" != typeof window,
this.config = function(e, t) {
var r = e.auth
, n = e.cache
, o = e.system
, i = e.telemetry
, s = {
clientId: T.EMPTY_STRING,
authority: "" + T.DEFAULT_AUTHORITY,
knownAuthorities: [],
cloudDiscoveryMetadata: T.EMPTY_STRING,
authorityMetadata: T.EMPTY_STRING,
redirectUri: T.EMPTY_STRING,
postLogoutRedirectUri: T.EMPTY_STRING,
navigateToLoginRequestUrl: !0,
clientCapabilities: [],
protocolMode: Et.AAD,
azureCloudOptions: {
azureCloudInstance: ze.None,
tenant: T.EMPTY_STRING
},
skipAuthorityMetadataCache: !1
}
, c = {
cacheLocation: _e.SessionStorage,
storeAuthStateInCookie: !1,
secureCookies: !1
}
, u = {
loggerCallback: function() {},
logLevel: qe.Info,
piiLoggingEnabled: !1
}
, l = a(a({}, Ve), {
loggerOptions: u,
networkClient: t ? Ot.getBrowserNetworkClient() : Yt,
navigationClient: new Wt,
loadFrameTimeout: 0,
windowHashTimeout: (null == o ? void 0 : o.loadFrameTimeout) || 6e4,
iframeHashTimeout: (null == o ? void 0 : o.loadFrameTimeout) || Vt,
navigateFrameWait: t && Ot.detectIEOrEdge() ? 500 : 0,
redirectNavigationTimeout: 3e4,
asyncPopups: !1,
allowRedirectInIframe: !1,
allowNativeBroker: !1,
nativeBrokerHandshakeTimeout: (null == o ? void 0 : o.nativeBrokerHandshakeTimeout) || 2e3
})
, d = {
application: {
appName: T.EMPTY_STRING,
appVersion: T.EMPTY_STRING
}
};
return {
auth: a(a({}, s), r),
cache: a(a({}, c), n),
system: a(a({}, l), o),
telemetry: a(a({}, d), i)
}
}(e, this.isBrowserEnvironment),
this.initialized = !1,
this.logger = new je(this.config.system.loggerOptions,Rt,kt),
this.networkClient = this.config.system.networkClient,
this.navigationClient = this.config.system.navigationClient,
this.redirectResponse = new Map,
this.hybridAuthCodeResponses = new Map,
this.performanceClient = this.isBrowserEnvironment ? new Cr(this.config.auth.clientId,this.config.auth.authority,this.logger,Rt,kt,this.config.telemetry.application) : new mr(this.config.auth.clientId,this.config.auth.authority,this.logger,Rt,kt,this.config.telemetry.application),
this.browserCrypto = this.isBrowserEnvironment ? new pr(this.logger,this.performanceClient) : be,
this.eventHandler = new $t(this.logger,this.browserCrypto),
this.browserStorage = this.isBrowserEnvironment ? new Ge(this.config.auth.clientId,this.config.cache,this.browserCrypto,this.logger) : (t = this.config.auth.clientId,
r = this.logger,
n = {
cacheLocation: _e.MemoryStorage,
storeAuthStateInCookie: !1,
secureCookies: !1
},
new Ge(t,n,be,r));
var o = {
cacheLocation: _e.MemoryStorage,
storeAuthStateInCookie: !1,
secureCookies: !1
};
this.nativeInternalStorage = new Ge(this.config.auth.clientId,o,this.browserCrypto,this.logger),
this.tokenCache = new vr(this.config,this.browserStorage,this.logger,this.browserCrypto)
}
return e.prototype.initialize = function() {
return s(this, void 0, void 0, (function() {
var e, t;
return c(this, (function(r) {
switch (r.label) {
case 0:
if (this.logger.trace("initialize called"),
this.initialized)
return this.logger.info("initialize has already been called, exiting early."),
[2];
if (this.eventHandler.emitEvent(Tt.INITIALIZE_START),
!this.config.system.allowNativeBroker)
return [3, 4];
r.label = 1;
case 1:
return r.trys.push([1, 3, , 4]),
e = this,
[4, Gt.createProvider(this.logger, this.config.system.nativeBrokerHandshakeTimeout)];
case 2:
return e.nativeExtensionProvider = r.sent(),
[3, 4];
case 3:
return t = r.sent(),
this.logger.verbose(t),
[3, 4];
case 4:
return this.initialized = !0,
this.eventHandler.emitEvent(Tt.INITIALIZE_END),
[2]
}
}
))
}
))
}
,
e.prototype.handleRedirectPromise = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a, s, u, l = this;
return c(this, (function(c) {
return this.logger.verbose("handleRedirectPromise called"),
Ot.blockNativeBrokerCalledBeforeInitialized(this.config.system.allowNativeBroker, this.initialized),
t = this.getAllAccounts(),
this.isBrowserEnvironment ? (r = e || T.EMPTY_STRING,
void 0 === (n = this.redirectResponse.get(r)) ? (this.eventHandler.emitEvent(Tt.HANDLE_REDIRECT_START, Ie.Redirect),
this.logger.verbose("handleRedirectPromise has been called for the first time, storing the promise"),
o = this.browserStorage.getCachedNativeRequest(),
i = void 0,
o && Gt.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider) && this.nativeExtensionProvider && !e ? (this.logger.trace("handleRedirectPromise - acquiring token from native platform"),
a = new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.handleRedirectPromise,this.performanceClient,this.nativeExtensionProvider,o.accountId,this.nativeInternalStorage,o.correlationId),
i = a.handleRedirectPromise()) : (this.logger.trace("handleRedirectPromise - acquiring token from web flow"),
s = this.browserStorage.getTemporaryCache(Te.CORRELATION_ID, !0) || T.EMPTY_STRING,
u = this.createRedirectClient(s),
i = u.handleRedirectPromise(e)),
n = i.then((function(e) {
return e && (t.length < l.getAllAccounts().length ? (l.eventHandler.emitEvent(Tt.LOGIN_SUCCESS, Ie.Redirect, e),
l.logger.verbose("handleRedirectResponse returned result, login success")) : (l.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_SUCCESS, Ie.Redirect, e),
l.logger.verbose("handleRedirectResponse returned result, acquire token success"))),
l.eventHandler.emitEvent(Tt.HANDLE_REDIRECT_END, Ie.Redirect),
e
}
)).catch((function(e) {
throw t.length > 0 ? l.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_FAILURE, Ie.Redirect, null, e) : l.eventHandler.emitEvent(Tt.LOGIN_FAILURE, Ie.Redirect, null, e),
l.eventHandler.emitEvent(Tt.HANDLE_REDIRECT_END, Ie.Redirect),
e
}
)),
this.redirectResponse.set(r, n)) : this.logger.verbose("handleRedirectPromise has been called previously, returning the result from the first call"),
[2, n]) : (this.logger.verbose("handleRedirectPromise returns null, not browser environment"),
[2, null])
}
))
}
))
}
,
e.prototype.acquireTokenRedirect = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, a = this;
return c(this, (function(s) {
return t = this.getRequestCorrelationId(e),
this.logger.verbose("acquireTokenRedirect called", t),
this.preflightBrowserEnvironmentCheck(Ie.Redirect),
(r = this.getAllAccounts().length > 0) ? this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_START, Ie.Redirect, e) : this.eventHandler.emitEvent(Tt.LOGIN_START, Ie.Redirect, e),
this.nativeExtensionProvider && this.canUseNative(e) ? (o = new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.acquireTokenRedirect,this.performanceClient,this.nativeExtensionProvider,this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId),
n = o.acquireTokenRedirect(e).catch((function(t) {
if (t instanceof Dt && t.isFatal())
return a.nativeExtensionProvider = void 0,
a.createRedirectClient(e.correlationId).acquireToken(e);
if (t instanceof lt)
return a.logger.verbose("acquireTokenRedirect - Resolving interaction required error thrown by native broker by falling back to web flow"),
a.createRedirectClient(e.correlationId).acquireToken(e);
throw a.browserStorage.setInteractionInProgress(!1),
t
}
))) : (i = this.createRedirectClient(e.correlationId),
n = i.acquireToken(e)),
[2, n.catch((function(e) {
throw r ? a.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_FAILURE, Ie.Redirect, null, e) : a.eventHandler.emitEvent(Tt.LOGIN_FAILURE, Ie.Redirect, null, e),
e
}
))]
}
))
}
))
}
,
e.prototype.acquireTokenPopup = function(e) {
var t = this
, r = this.getRequestCorrelationId(e)
, n = this.performanceClient.startMeasurement(ht.AcquireTokenPopup, r);
try {
this.logger.verbose("acquireTokenPopup called", r),
this.preflightBrowserEnvironmentCheck(Ie.Popup)
} catch (e) {
return Promise.reject(e)
}
var o = this.getAllAccounts();
return o.length > 0 ? this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_START, Ie.Popup, e) : this.eventHandler.emitEvent(Tt.LOGIN_START, Ie.Popup, e),
(this.canUseNative(e) ? this.acquireTokenNative(e, Se.acquireTokenPopup).then((function(e) {
return t.browserStorage.setInteractionInProgress(!1),
n.endMeasurement({
success: !0,
isNativeBroker: !0,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length
}),
n.flushMeasurement(),
e
}
)).catch((function(r) {
if (r instanceof Dt && r.isFatal())
return t.nativeExtensionProvider = void 0,
t.createPopupClient(e.correlationId).acquireToken(e);
if (r instanceof lt)
return t.logger.verbose("acquireTokenPopup - Resolving interaction required error thrown by native broker by falling back to web flow"),
t.createPopupClient(e.correlationId).acquireToken(e);
throw t.browserStorage.setInteractionInProgress(!1),
r
}
)) : this.createPopupClient(e.correlationId).acquireToken(e)).then((function(e) {
return o.length < t.getAllAccounts().length ? t.eventHandler.emitEvent(Tt.LOGIN_SUCCESS, Ie.Popup, e) : t.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_SUCCESS, Ie.Popup, e),
n.endMeasurement({
success: !0,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length
}),
n.flushMeasurement(),
e
}
)).catch((function(e) {
return o.length > 0 ? t.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_FAILURE, Ie.Popup, null, e) : t.eventHandler.emitEvent(Tt.LOGIN_FAILURE, Ie.Popup, null, e),
n.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
n.flushMeasurement(),
Promise.reject(e)
}
))
}
,
e.prototype.ssoSilent = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s = this;
return c(this, (function(c) {
return t = this.getRequestCorrelationId(e),
r = a(a({}, e), {
prompt: A.NONE,
correlationId: t
}),
this.preflightBrowserEnvironmentCheck(Ie.Silent),
n = this.performanceClient.startMeasurement(ht.SsoSilent, t),
this.logger.verbose("ssoSilent called", t),
this.eventHandler.emitEvent(Tt.SSO_SILENT_START, Ie.Silent, r),
this.canUseNative(r) ? o = this.acquireTokenNative(r, Se.ssoSilent).catch((function(e) {
if (e instanceof Dt && e.isFatal())
return s.nativeExtensionProvider = void 0,
s.createSilentIframeClient(r.correlationId).acquireToken(r);
throw e
}
)) : (i = this.createSilentIframeClient(r.correlationId),
o = i.acquireToken(r)),
[2, o.then((function(e) {
return s.eventHandler.emitEvent(Tt.SSO_SILENT_SUCCESS, Ie.Silent, e),
n.endMeasurement({
success: !0,
isNativeBroker: e.fromNativeBroker,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length
}),
n.flushMeasurement(),
e
}
)).catch((function(e) {
throw s.eventHandler.emitEvent(Tt.SSO_SILENT_FAILURE, Ie.Silent, null, e),
n.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
n.flushMeasurement(),
e
}
))]
}
))
}
))
}
,
e.prototype.acquireTokenByCode = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i = this;
return c(this, (function(s) {
t = this.getRequestCorrelationId(e),
this.preflightBrowserEnvironmentCheck(Ie.Silent),
this.logger.trace("acquireTokenByCode called", t),
this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_BY_CODE_START, Ie.Silent, e),
r = this.performanceClient.startMeasurement(ht.AcquireTokenByCode, e.correlationId);
try {
if (e.code)
return n = e.code,
(o = this.hybridAuthCodeResponses.get(n)) ? (this.logger.verbose("Existing acquireTokenByCode request found", e.correlationId),
r.endMeasurement({
success: !0
}),
r.discardMeasurement()) : (this.logger.verbose("Initiating new acquireTokenByCode request", t),
o = this.acquireTokenByCodeAsync(a(a({}, e), {
correlationId: t
})).then((function(e) {
return i.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_BY_CODE_SUCCESS, Ie.Silent, e),
i.hybridAuthCodeResponses.delete(n),
r.endMeasurement({
success: !0,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length,
isNativeBroker: e.fromNativeBroker
}),
r.flushMeasurement(),
e
}
)).catch((function(e) {
throw i.hybridAuthCodeResponses.delete(n),
i.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_BY_CODE_FAILURE, Ie.Silent, null, e),
r.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
r.flushMeasurement(),
e
}
)),
this.hybridAuthCodeResponses.set(n, o)),
[2, o];
if (e.nativeAccountId) {
if (this.canUseNative(e, e.nativeAccountId))
return [2, this.acquireTokenNative(e, Se.acquireTokenByCode, e.nativeAccountId).catch((function(e) {
throw e instanceof Dt && e.isFatal() && (i.nativeExtensionProvider = void 0),
e
}
))];
throw ke.createUnableToAcquireTokenFromNativePlatformError()
}
throw ke.createAuthCodeOrNativeAccountIdRequiredError()
} catch (e) {
throw this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_BY_CODE_FAILURE, Ie.Silent, null, e),
r.endMeasurement({
errorCode: e instanceof J && e.errorCode || void 0,
subErrorCode: e instanceof J && e.subError || void 0,
success: !1
}),
e
}
return [2]
}
))
}
))
}
,
e.prototype.acquireTokenByCodeAsync = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
switch (t.label) {
case 0:
return this.logger.trace("acquireTokenByCodeAsync called", e.correlationId),
[4, this.createSilentAuthCodeClient(e.correlationId).acquireToken(e)];
case 1:
return [2, t.sent()]
}
}
))
}
))
}
,
e.prototype.acquireTokenByRefreshToken = function(e) {
return s(this, void 0, void 0, (function() {
var t, r = this;
return c(this, (function(n) {
return Ot.blockReloadInHiddenIframes(),
t = this.performanceClient.startMeasurement(ht.AcquireTokenByRefreshToken, e.correlationId),
this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_NETWORK_START, Ie.Silent, e),
[2, this.createSilentRefreshClient(e.correlationId).acquireToken(e).then((function(e) {
return t.endMeasurement({
success: !0,
fromCache: e.fromCache,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length
}),
e
}
)).catch((function(n) {
var o = n instanceof tt
, i = n instanceof lt
, a = n.errorCode === Ne.INVALID_GRANT_ERROR;
if (o && a && !i)
return r.logger.verbose("Refresh token expired or invalid, attempting acquire token by iframe", e.correlationId),
r.createSilentIframeClient(e.correlationId).acquireToken(e).then((function(e) {
return t.endMeasurement({
success: !0,
fromCache: e.fromCache,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length
}),
e
}
)).catch((function(e) {
throw t.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
e
}
));
throw t.endMeasurement({
success: !1
}),
n
}
))]
}
))
}
))
}
,
e.prototype.logout = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
return t = this.getRequestCorrelationId(e),
this.logger.warning("logout API is deprecated and will be removed in msal-browser v3.0.0. Use logoutRedirect instead.", t),
[2, this.logoutRedirect(a({
correlationId: t
}, e))]
}
))
}
))
}
,
e.prototype.logoutRedirect = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
return t = this.getRequestCorrelationId(e),
this.preflightBrowserEnvironmentCheck(Ie.Redirect),
[2, this.createRedirectClient(t).logout(e)]
}
))
}
))
}
,
e.prototype.logoutPopup = function(e) {
try {
var t = this.getRequestCorrelationId(e);
return this.preflightBrowserEnvironmentCheck(Ie.Popup),
this.createPopupClient(t).logout(e)
} catch (e) {
return Promise.reject(e)
}
}
,
e.prototype.getAllAccounts = function() {
return this.logger.verbose("getAllAccounts called"),
this.isBrowserEnvironment ? this.browserStorage.getAllAccounts() : []
}
,
e.prototype.getAccountByUsername = function(e) {
var t = this.getAllAccounts();
return !$.isEmpty(e) && t && t.length ? (this.logger.verbose("Account matching username found, returning"),
this.logger.verbosePii("Returning signed-in accounts matching username: " + e),
t.filter((function(t) {
return t.username.toLowerCase() === e.toLowerCase()
}
))[0] || null) : (this.logger.verbose("getAccountByUsername: No matching account found, returning null"),
null)
}
,
e.prototype.getAccountByHomeId = function(e) {
var t = this.getAllAccounts();
return !$.isEmpty(e) && t && t.length ? (this.logger.verbose("Account matching homeAccountId found, returning"),
this.logger.verbosePii("Returning signed-in accounts matching homeAccountId: " + e),
t.filter((function(t) {
return t.homeAccountId === e
}
))[0] || null) : (this.logger.verbose("getAccountByHomeId: No matching account found, returning null"),
null)
}
,
e.prototype.getAccountByLocalId = function(e) {
var t = this.getAllAccounts();
return !$.isEmpty(e) && t && t.length ? (this.logger.verbose("Account matching localAccountId found, returning"),
this.logger.verbosePii("Returning signed-in accounts matching localAccountId: " + e),
t.filter((function(t) {
return t.localAccountId === e
}
))[0] || null) : (this.logger.verbose("getAccountByLocalId: No matching account found, returning null"),
null)
}
,
e.prototype.setActiveAccount = function(e) {
this.browserStorage.setActiveAccount(e)
}
,
e.prototype.getActiveAccount = function() {
return this.browserStorage.getActiveAccount()
}
,
e.prototype.preflightBrowserEnvironmentCheck = function(e, t) {
if (void 0 === t && (t = !0),
this.logger.verbose("preflightBrowserEnvironmentCheck started"),
Ot.blockNonBrowserEnvironment(this.isBrowserEnvironment),
Ot.blockRedirectInIframe(e, this.config.system.allowRedirectInIframe),
Ot.blockReloadInHiddenIframes(),
Ot.blockAcquireTokenInPopups(),
Ot.blockNativeBrokerCalledBeforeInitialized(this.config.system.allowNativeBroker, this.initialized),
e === Ie.Redirect && this.config.cache.cacheLocation === _e.MemoryStorage && !this.config.cache.storeAuthStateInCookie)
throw De.createInMemoryRedirectUnavailableError();
e !== Ie.Redirect && e !== Ie.Popup || this.preflightInteractiveRequest(t)
}
,
e.prototype.preflightInteractiveRequest = function(e) {
this.logger.verbose("preflightInteractiveRequest called, validating app environment"),
Ot.blockReloadInHiddenIframes(),
e && this.browserStorage.setInteractionInProgress(!0)
}
,
e.prototype.acquireTokenNative = function(e, t, r) {
return s(this, void 0, void 0, (function() {
return c(this, (function(n) {
if (this.logger.trace("acquireTokenNative called"),
!this.nativeExtensionProvider)
throw ke.createNativeConnectionNotEstablishedError();
return [2, new Bt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,t,this.performanceClient,this.nativeExtensionProvider,r || this.getNativeAccountId(e),this.nativeInternalStorage,e.correlationId).acquireToken(e)]
}
))
}
))
}
,
e.prototype.canUseNative = function(e, t) {
if (this.logger.trace("canUseNative called"),
!Gt.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider, e.authenticationScheme))
return this.logger.trace("canUseNative: isNativeAvailable returned false, returning false"),
!1;
if (e.prompt)
switch (e.prompt) {
case A.NONE:
case A.CONSENT:
case A.LOGIN:
this.logger.trace("canUseNative: prompt is compatible with native flow");
break;
default:
return this.logger.trace("canUseNative: prompt = " + e.prompt + " is not compatible with native flow, returning false"),
!1
}
return !(!t && !this.getNativeAccountId(e) && (this.logger.trace("canUseNative: nativeAccountId is not available, returning false"),
1))
}
,
e.prototype.getNativeAccountId = function(e) {
var t = e.account || this.browserStorage.getAccountInfoByHints(e.loginHint, e.sid) || this.getActiveAccount();
return t && t.nativeAccountId || ""
}
,
e.prototype.createPopupClient = function(e) {
return new jt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)
}
,
e.prototype.createRedirectClient = function(e) {
return new zt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)
}
,
e.prototype.createSilentIframeClient = function(e) {
return new Qt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.ssoSilent,this.performanceClient,this.nativeInternalStorage,this.nativeExtensionProvider,e)
}
,
e.prototype.createSilentCacheClient = function(e) {
return new Kt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)
}
,
e.prototype.createSilentRefreshClient = function(e) {
return new Xt(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,this.performanceClient,this.nativeExtensionProvider,e)
}
,
e.prototype.createSilentAuthCodeClient = function(e) {
return new Er(this.config,this.browserStorage,this.browserCrypto,this.logger,this.eventHandler,this.navigationClient,Se.acquireTokenByCode,this.performanceClient,this.nativeExtensionProvider,e)
}
,
e.prototype.addEventCallback = function(e) {
return this.eventHandler.addEventCallback(e)
}
,
e.prototype.removeEventCallback = function(e) {
this.eventHandler.removeEventCallback(e)
}
,
e.prototype.addPerformanceCallback = function(e) {
return this.performanceClient.addPerformanceCallback(e)
}
,
e.prototype.removePerformanceCallback = function(e) {
return this.performanceClient.removePerformanceCallback(e)
}
,
e.prototype.enableAccountStorageEvents = function() {
this.eventHandler.enableAccountStorageEvents()
}
,
e.prototype.disableAccountStorageEvents = function() {
this.eventHandler.disableAccountStorageEvents()
}
,
e.prototype.getTokenCache = function() {
return this.tokenCache
}
,
e.prototype.getLogger = function() {
return this.logger
}
,
e.prototype.setLogger = function(e) {
this.logger = e
}
,
e.prototype.initializeWrapperLibrary = function(e, t) {
this.browserStorage.setWrapperMetadata(e, t)
}
,
e.prototype.setNavigationClient = function(e) {
this.navigationClient = e
}
,
e.prototype.getConfiguration = function() {
return this.config
}
,
e.prototype.getRequestCorrelationId = function(e) {
return (null == e ? void 0 : e.correlationId) ? e.correlationId : this.isBrowserEnvironment ? this.browserCrypto.createNewGuid() : T.EMPTY_STRING
}
,
e
}()
, wr = function(e) {
function t(t) {
var r = e.call(this, t) || this;
return r.activeSilentTokenRequests = new Map,
r
}
return i(t, e),
t.prototype.loginRedirect = function(e) {
return s(this, void 0, void 0, (function() {
var t;
return c(this, (function(r) {
return t = this.getRequestCorrelationId(e),
this.logger.verbose("loginRedirect called", t),
[2, this.acquireTokenRedirect(a({
correlationId: t
}, e || Me))]
}
))
}
))
}
,
t.prototype.loginPopup = function(e) {
var t = this.getRequestCorrelationId(e);
return this.logger.verbose("loginPopup called", t),
this.acquireTokenPopup(a({
correlationId: t
}, e || Me))
}
,
t.prototype.acquireTokenSilent = function(e) {
return s(this, void 0, void 0, (function() {
var t, r, n, o, i, s, u, l = this;
return c(this, (function(c) {
if (t = this.getRequestCorrelationId(e),
r = this.performanceClient.startMeasurement(ht.AcquireTokenSilent, t),
this.preflightBrowserEnvironmentCheck(Ie.Silent),
this.logger.verbose("acquireTokenSilent called", t),
!(n = e.account || this.getActiveAccount()))
throw ke.createNoAccountError();
return o = {
clientId: this.config.auth.clientId,
authority: e.authority || T.EMPTY_STRING,
scopes: e.scopes,
homeAccountIdentifier: n.homeAccountId,
claims: e.claims,
authenticationScheme: e.authenticationScheme,
resourceRequestMethod: e.resourceRequestMethod,
resourceRequestUri: e.resourceRequestUri,
shrClaims: e.shrClaims,
sshKid: e.sshKid
},
i = JSON.stringify(o),
void 0 === (s = this.activeSilentTokenRequests.get(i)) ? (this.logger.verbose("acquireTokenSilent called for the first time, storing active request", t),
u = this.acquireTokenSilentAsync(a(a({}, e), {
correlationId: t
}), n).then((function(e) {
return l.activeSilentTokenRequests.delete(i),
r.endMeasurement({
success: !0,
fromCache: e.fromCache,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length,
isNativeBroker: e.fromNativeBroker
}),
r.flushMeasurement(),
e
}
)).catch((function(e) {
throw l.activeSilentTokenRequests.delete(i),
r.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
r.flushMeasurement(),
e
}
)),
this.activeSilentTokenRequests.set(i, u),
[2, u]) : (this.logger.verbose("acquireTokenSilent has been called previously, returning the result from the first call", t),
r.endMeasurement({
success: !0
}),
r.discardMeasurement(),
[2, s])
}
))
}
))
}
,
t.prototype.acquireTokenSilentAsync = function(e, t) {
return s(this, void 0, void 0, (function() {
var r, n, o, i, u, l = this;
return c(this, (function(d) {
switch (d.label) {
case 0:
return this.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_START, Ie.Silent, e),
r = this.performanceClient.startMeasurement(ht.AcquireTokenSilentAsync, e.correlationId),
Gt.isNativeAvailable(this.config, this.logger, this.nativeExtensionProvider, e.authenticationScheme) && t.nativeAccountId ? (this.logger.verbose("acquireTokenSilent - attempting to acquire token from native platform"),
o = a(a({}, e), {
account: t
}),
n = this.acquireTokenNative(o, Se.acquireTokenSilent_silentFlow).catch((function(t) {
return s(l, void 0, void 0, (function() {
return c(this, (function(r) {
if (t instanceof Dt && t.isFatal())
return this.logger.verbose("acquireTokenSilent - native platform unavailable, falling back to web flow"),
this.nativeExtensionProvider = void 0,
[2, this.createSilentIframeClient(e.correlationId).acquireToken(e)];
throw t
}
))
}
))
}
)),
[3, 3]) : [3, 1];
case 1:
return this.logger.verbose("acquireTokenSilent - attempting to acquire token from web flow"),
[4, (i = this.createSilentCacheClient(e.correlationId)).initializeSilentRequest(e, t)];
case 2:
u = d.sent(),
n = i.acquireToken(u).catch((function() {
return s(l, void 0, void 0, (function() {
return c(this, (function(e) {
return [2, this.acquireTokenByRefreshToken(u)]
}
))
}
))
}
)),
d.label = 3;
case 3:
return [2, n.then((function(e) {
return l.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_SUCCESS, Ie.Silent, e),
r.endMeasurement({
success: !0,
fromCache: e.fromCache,
accessTokenSize: e.accessToken.length,
idTokenSize: e.idToken.length,
isNativeBroker: e.fromNativeBroker
}),
e
}
)).catch((function(e) {
throw l.eventHandler.emitEvent(Tt.ACQUIRE_TOKEN_FAILURE, Ie.Silent, null, e),
r.endMeasurement({
errorCode: e.errorCode,
subErrorCode: e.subError,
success: !1
}),
e
}
))]
}
}
))
}
))
}
,
t
}(Tr)
, Sr = {
initialize: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
acquireTokenPopup: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
acquireTokenRedirect: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
acquireTokenSilent: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
acquireTokenByCode: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
getAllAccounts: function() {
return []
},
getAccountByHomeId: function() {
return null
},
getAccountByUsername: function() {
return null
},
getAccountByLocalId: function() {
return null
},
handleRedirectPromise: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
loginPopup: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
loginRedirect: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
logout: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
logoutRedirect: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
logoutPopup: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
ssoSilent: function() {
return Promise.reject(De.createStubPcaInstanceCalledError())
},
addEventCallback: function() {
return null
},
removeEventCallback: function() {},
addPerformanceCallback: function() {
return ""
},
removePerformanceCallback: function() {
return !1
},
enableAccountStorageEvents: function() {},
disableAccountStorageEvents: function() {},
getTokenCache: function() {
throw De.createStubPcaInstanceCalledError()
},
getLogger: function() {
throw De.createStubPcaInstanceCalledError()
},
setLogger: function() {},
setActiveAccount: function() {},
getActiveAccount: function() {
return null
},
initializeWrapperLibrary: function() {},
setNavigationClient: function() {},
getConfiguration: function() {
throw De.createStubPcaInstanceCalledError()
}
}
, Ir = function() {
function e() {}
return e.getInteractionStatusFromEvent = function(e, t) {
switch (e.eventType) {
case Tt.LOGIN_START:
return Ae.Login;
case Tt.SSO_SILENT_START:
return Ae.SsoSilent;
case Tt.ACQUIRE_TOKEN_START:
if (e.interactionType === Ie.Redirect || e.interactionType === Ie.Popup)
return Ae.AcquireToken;
break;
case Tt.HANDLE_REDIRECT_START:
return Ae.HandleRedirect;
case Tt.LOGOUT_START:
return Ae.Logout;
case Tt.SSO_SILENT_SUCCESS:
case Tt.SSO_SILENT_FAILURE:
if (t && t !== Ae.SsoSilent)
break;
return Ae.None;
case Tt.LOGOUT_END:
if (t && t !== Ae.Logout)
break;
return Ae.None;
case Tt.HANDLE_REDIRECT_END:
if (t && t !== Ae.HandleRedirect)
break;
return Ae.None;
case Tt.LOGIN_SUCCESS:
case Tt.LOGIN_FAILURE:
case Tt.ACQUIRE_TOKEN_SUCCESS:
case Tt.ACQUIRE_TOKEN_FAILURE:
if (e.interactionType === Ie.Redirect || e.interactionType === Ie.Popup) {
if (t && t !== Ae.Login && t !== Ae.AcquireToken)
break;
return Ae.None
}
}
return null
}
,
e
}()
, Ar = function() {
function e(e, t) {
var r = t && t.loggerOptions || {};
this.logger = new je(r,Rt,kt),
this.cryptoOps = new pr(this.logger),
this.popTokenGenerator = new gt(this.cryptoOps),
this.shrParameters = e
}
return e.prototype.generatePublicKeyThumbprint = function() {
return s(this, void 0, void 0, (function() {
return c(this, (function(e) {
switch (e.label) {
case 0:
return [4, this.popTokenGenerator.generateKid(this.shrParameters)];
case 1:
return [2, e.sent().kid]
}
}
))
}
))
}
,
e.prototype.signRequest = function(e, t, r) {
return s(this, void 0, void 0, (function() {
return c(this, (function(n) {
return [2, this.popTokenGenerator.signPayload(e, t, this.shrParameters, r)]
}
))
}
))
}
,
e.prototype.removeKeys = function(e) {
return s(this, void 0, void 0, (function() {
return c(this, (function(t) {
switch (t.label) {
case 0:
return [4, this.cryptoOps.removeTokenBindingKey(e)];
case 1:
return [2, t.sent()]
}
}
))
}
))
}
,
e
}()
, br = function() {
function e(e) {
this.headers = e
}
return e.prototype.getShrNonce = function() {
var e = this.headers[v.AuthenticationInfo];
if (e) {
var t = this.parseChallenges(e);
if (t.nextnonce)
return t.nextnonce;
throw ie.createInvalidAuthenticationHeaderError(v.AuthenticationInfo, "nextnonce challenge is missing.")
}
var r = this.headers[v.WWWAuthenticate];
if (r) {
var n = this.parseChallenges(r);
if (n.nonce)
return n.nonce;
throw ie.createInvalidAuthenticationHeaderError(v.WWWAuthenticate, "nonce challenge is missing.")
}
throw ie.createMissingNonceAuthenticationHeadersError()
}
,
e.prototype.parseChallenges = function(e) {
var t = e.indexOf(" ")
, r = e.substr(t + 1).split(",")
, n = {};
return r.forEach((function(e) {
var t = e.split("=")
, r = t[0]
, o = t[1];
n[r] = unescape(o.replace(/['"]+/g, T.EMPTY_STRING))
}
)),
n
}
,
e
}()
}
,
981: function(e, t, r) {
var n = this && this.__createBinding || (Object.create ? function(e, t, r, n) {
void 0 === n && (n = r);
var o = Object.getOwnPropertyDescriptor(t, r);
o && !("get"in o ? !t.__esModule : o.writable || o.configurable) || (o = {
enumerable: !0,
get: function() {
return t[r]
}
}),
Object.defineProperty(e, n, o)
}
: function(e, t, r, n) {
void 0 === n && (n = r),
e[n] = t[r]
}
)
, o = this && this.__setModuleDefault || (Object.create ? function(e, t) {
Object.defineProperty(e, "default", {
enumerable: !0,
value: t
})
}
: function(e, t) {
e.default = t
}
)
, i = this && this.__importStar || function(e) {
if (e && e.__esModule)
return e;
var t = {};
if (null != e)
for (var r in e)
"default" !== r && Object.prototype.hasOwnProperty.call(e, r) && n(t, e, r);
return o(t, e),
t
}
;
Object.defineProperty(t, "__esModule", {
value: !0
}),
t.AuthenticationService = t.Logger = t.LogLevel = void 0;
const a = i(r(4));
var s, c, u;
!function(e) {
e.Success = "success",
e.RequiresRedirect = "requiresRedirect"
}(s || (s = {})),
function(e) {
e.Redirect = "redirect",
e.Success = "success",
e.Failure = "failure",
e.OperationCompleted = "operationCompleted"
}(c || (c = {})),
function(e) {
e[e.Trace = 0] = "Trace",
e[e.Debug = 1] = "Debug"
}(u = t.LogLevel || (t.LogLevel = {}));
class l {
constructor(e) {
this.debug = e.debugEnabled,
this.trace = e.traceEnabled
}
log(e, t) {
if (e == u.Trace && this.trace || e == u.Debug && this.debug) {
const r = e == u.Trace ? "trce" : "dbug";
console.debug(`${r}: Microsoft.AspNetCore.Components.WebAssembly.Authentication.RemoteAuthenticationService[0]\n ${t}`)
}
}
}
t.Logger = l;
class d {
constructor(e, t) {
var r, n;
this._settings = e,
this._logger = t,
0 == (null === (n = null === (r = this._settings.auth) || void 0 === r ? void 0 : r.knownAuthorities) || void 0 === n ? void 0 : n.length) && (this._settings.auth.knownAuthorities = [new URL(this._settings.auth.authority).hostname]),
this._settings.system = this._settings.system || {},
this._settings.system.navigationClient = {
navigateInternal: async(e,r)=>(t.log(u.Trace, `Navigating to ${e}`),
location.replace(e),
!1),
navigateExternal: async(e,r)=>(t.log(u.Trace, `Navigating to ${e}`),
location.replace(e),
!1)
},
this._settings.system.loggerOptions = {
logLevel: t.trace ? a.LogLevel.Trace : t.debug ? a.LogLevel.Verbose : a.LogLevel.Warning,
loggerCallback: (e,r,n)=>{
n || (e !== a.LogLevel.Trace ? t.log(u.Debug, r) : t.log(u.Trace, r))
}
},
this._msalApplication = new a.PublicClientApplication(this._settings)
}
getAccount() {
if (this._account)
return this._account;
const e = this._msalApplication.getAllAccounts();
return e && e.length ? e[0] : null
}
async getUser() {
const e = this.getAccount();
if (e)
return e.idTokenClaims
}
async getAccessToken(e) {
try {
this.trace("getAccessToken", e);
const t = await this.getTokenCore(null == e ? void 0 : e.scopes);
return {
status: s.Success,
token: t
}
} catch (e) {
return {
status: s.RequiresRedirect
}
}
}
async getTokenCore(e) {
var t;
const r = this.getAccount();
if (!r)
throw new Error("Failed to retrieve token, no account found.");
const n = {
redirectUri: null === (t = this._settings.auth) || void 0 === t ? void 0 : t.redirectUri,
account: r,
scopes: e || this._settings.defaultAccessTokenScopes
};
this.debug(`Provisioning a token silently for scopes '${n.scopes}'`),
this.trace("_msalApplication.acquireTokenSilent", n);
const o = await this._msalApplication.acquireTokenSilent(n);
if (this.trace("_msalApplication.acquireTokenSilent-response", o),
0 === o.scopes.length || "" === o.accessToken)
throw new Error("Scopes not granted.");
const i = {
value: o.accessToken,
grantedScopes: o.scopes,
expires: o.expiresOn
};
return this.trace("getAccessToken-result", i),
i
}
async signIn(e) {
this.trace("signIn", e);
try {
this.purgeState();
const {state: t, interactiveRequest: r} = e;
if (r && "GetToken" === r.interaction) {
this.debug("Acquiring additional token.");
const n = {
scopes: r.scopes || [],
state: this.saveState(e.state),
...r.additionalRequestParameters
};
return this.trace("getInteractiveToken-Request", n),
await this._msalApplication.acquireTokenRedirect(n),
this.success(t)
}
{
const n = {
redirectUri: this._settings.auth.redirectUri,
state: this.saveState(e.state),
...null == r ? void 0 : r.additionalRequestParameters
};
n.scopes = n.scopes || this._settings.defaultAccessTokenScopes || [];
const o = await this.signInCore(n);
return this.trace("signIn-Response", o),
o ? this.isMsalError(o) ? this.error(o.errorMessage) : this.success(t) : this.redirect()
}
} catch (e) {
return this.error(e.message)
}
}
async signInCore(e) {
return this.trace("signIn-Request", e),
"redirect" === this._settings.loginMode.toLowerCase() ? this.signInWithRedirect(e) : this.signInWithPopup(e)
}
async signInWithRedirect(e) {
try {
return this.debug("Starting sign-in redirect."),
await this._msalApplication.loginRedirect(e)
} catch (e) {
return this.debug(`Sign-in redirect failed: '${e.message}'.`),
e
}
}
async signInWithPopup(e) {
try {
return this.debug("Starting sign-in pop-up"),
await this._msalApplication.loginPopup(e)
} catch (t) {
if (!this.isMsalError(t) || t.errorCode === a.BrowserAuthErrorMessage.userCancelledError.code)
return this.debug(`Sign-in pop-up failed: '${t.message}'.`),
t;
this.debug("User canceled sign-in pop-up"),
this.signInWithRedirect(e)
}
}
async completeSignIn() {
try {
this.debug("Completing sign-in redirect.");
var e
try {
e = await this._redirectCallback;
} catch(e) {
console.error(e);
}
return this.trace("completeSignIn-result", e),
e ? (this.trace("completeSignIn-success", e),
e) : (this.debug("No authentication result."),
this.operationCompleted())
} catch (e) {
return this.debug(`completeSignIn-error:'${e.message}'`),
this.error(e.message)
}
}
async signOut(e) {
this.trace("signOut", e);
try {
this.purgeState();
const {state: t, interactiveRequest: r} = e
, n = {
postLogoutRedirectUri: this._settings.auth.postLogoutRedirectUri,
state: this.saveState(t),
...null == r ? void 0 : r.additionalRequestParameters
};
return this.trace("signOut-Request", n),
await this._msalApplication.logoutRedirect(n),
this.redirect()
} catch (e) {
return this.error(e.message)
}
}
async completeSignOut(e) {
this.trace("completeSignOut-request", e);
try {
this.debug("Completing sign-out redirect.");
var t = await this._redirectCallback;
return this.trace("completeSignOut-result", t),
t ? (this.trace("completeSignOut-success", t),
t) : (this.debug("No authentication result."),
this.operationCompleted())
} catch (e) {
return this.debug(`completeSignOut-error:'${e.message}'`),
this.error(e.message)
}
}
saveState(e) {
const t = window.crypto.randomUUID();
return sessionStorage.setItem(`${h._infrastructureKey}.AuthorizeService.${t}`, JSON.stringify(e)),
t
}
retrieveState(e, t=null, r=!1) {
let n;
if (e) {
const t = new URL(e);
n = t.searchParams && t.searchParams.getAll("state")
}
const o = t || n;
if (!o)
return;
const i = `${h._infrastructureKey}.AuthorizeService.${o}`
, a = sessionStorage.getItem(i);
return a ? (sessionStorage.removeItem(i),
JSON.parse(a)) : void 0
}
purgeState() {
for (let e = 0; e < sessionStorage.length; e++) {
const t = sessionStorage.key(e);
(null == t ? void 0 : t.startsWith(h._infrastructureKey)) && sessionStorage.removeItem(t)
}
}
initializeMsalHandler() {
this._redirectCallback = this.completeAuthentication()
}
async completeAuthentication() {
try {
const e = await this._msalApplication.handleRedirectPromise();
return this.handleResult(e)
} catch (e) {
return this.isMsalError(e) ? this.error(e.errorMessage) : this.error(e.message)
}
}
handleResult(e) {
const t = this.retrieveState(location.href, void 0);
return e ? (this._account = e.account,
this.success(this.retrieveState(null, e.state))) : t ? this.success(t) : this.operationCompleted()
}
isMsalError(e) {
return null == e ? void 0 : e.errorCode
}
error(e) {
return {
status: c.Failure,
errorMessage: e
}
}
success(e) {
return {
status: c.Success,
state: e
}
}
redirect() {
return {
status: c.Redirect
}
}
operationCompleted() {
return {
status: c.OperationCompleted
}
}
debug(e) {
var t;
null === (t = this._logger) || void 0 === t || t.log(u.Debug, e)
}
trace(e, t) {
var r;
null === (r = this._logger) || void 0 === r || r.log(u.Trace, `${e}: ${JSON.stringify(t)}`)
}
}
class h {
static async init(e, t) {
return h._initialized || (h.instance = new d(e,new l(t)),
h.instance.initializeMsalHandler(),
h._initialized = !0),
Promise.resolve()
}
static getUser() {
return h.instance.getUser()
}
static getAccessToken(e) {
return h.instance.getAccessToken(e)
}
static signIn(e) {
return h.instance.signIn(e)
}
static completeSignIn(e) {
return h.instance.completeSignIn()
}
static signOut(e) {
return h.instance.signOut(e)
}
static completeSignOut(e) {
return h.instance.completeSignOut(e)
}
}
t.AuthenticationService = h,
h._infrastructureKey = "Microsoft.Authentication.WebAssembly.Msal",
window.AuthenticationService = h
}
}
, t = {};
function r(n) {
var o = t[n];
if (void 0 !== o)
return o.exports;
var i = t[n] = {
exports: {}
};
return e[n].call(i.exports, i, i.exports, r),
i.exports
}
r.d = (e,t)=>{
for (var n in t)
r.o(t, n) && !r.o(e, n) && Object.defineProperty(e, n, {
enumerable: !0,
get: t[n]
})
}
,
r.o = (e,t)=>Object.prototype.hasOwnProperty.call(e, t),
r.r = e=>{
"undefined" != typeof Symbol && Symbol.toStringTag && Object.defineProperty(e, Symbol.toStringTag, {
value: "Module"
}),
Object.defineProperty(e, "__esModule", {
value: !0
})
}
,
r(981)
}
)();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment