@azure/msal-angular - npm Package Compare versions

Comparing version 1.0.0-alpha.0 to 1.0.0-alpha.1

changelog.md

 # Changelog
 
+## 1.0.0-alpha.1
+
+* Requires `msal@1.2.0-beta.1`, which includes fixes for bugs with redirect methods.
+* `handleRedirectCallback` will now emit events after returning from the redirect.
+
 ## 1.0.0-alpha.0
@@ -7,3 +12,3 @@
 
-* `msal@1.2.0` package is now a peer dependency, and must be installed alongside `@azure/msal-angular`.
+* `msal@1.2.0` package is now a peer dependency, and must be installed alongside `@azure/msal-angular`: `npm install msal@1.2.0 @azure/msal-angular@alpha`
 * `MsalModule.forRoot` now takes two arguement.
@@ -14,2 +19,5 @@ * The first argument is the configuration object, which is the [same `Configuration` object](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-core/src/Configuration.ts) you would pass to `msal`.
 * The `acquireToken` and `login` methods now take a single `AuthenticationParameters` object as parameters.
+* `getUser()` is now `getAccount()`.
+* Broadcast events now emit objects, instead of just strings.
+* Applications using `Redirect` methods must implement the `handleRedirectCallback` method (and have it run on every page load), which will capture the result of redirect operations. See the [Angular sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev-angular-1.0-msal-1/samples/MSALAngularDemoApp/src/app/app.component.ts#L63) for an example of how to implement.
 
@@ -16,0 +24,0 @@ ## 0.1.4

dist/msal.service.d.ts

@@ -10,2 +10,3 @@ import { InjectionToken } from "@angular/core";
 import { MsalAngularConfiguration } from "./msal-angular.configuration";
+import { authResponseCallback, errorReceivedCallback, tokenReceivedCallback } from "msal/lib-commonjs/UserAgentApplication";
 export declare const MSAL_CONFIG: InjectionToken<string>;
@@ -25,2 +26,4 @@ export declare const MSAL_CONFIG_ANGULAR: InjectionToken<string>;
     acquireTokenPopup(request: AuthenticationParameters): Promise<AuthResponse>;
+    handleRedirectCallback(tokenReceivedCallback: tokenReceivedCallback, errorReceivedCallback: errorReceivedCallback): void;
+    handleRedirectCallback(authCallback: authResponseCallback): void;
     getLogger(): Logger;
@@ -27,0 +30,0 @@ getScopesForEndpoint(endpoint: string): string[];

dist/msal.service.js

@@ -107,3 +107,3 @@ "use strict";
             .catch(function (error) {
-            _this.broadcastService.broadcast('msal:acquireTokenFailure', error.errorMessage);
+            _this.broadcastService.broadcast('msal:acquireTokenFailure', error);
             _this.getLogger().error('Error when acquiring token for scopes: ' + request.scopes + " " + error);
@@ -126,2 +126,35 @@ throw error;
     };
+    MsalService.prototype.handleRedirectCallback = function (authOrTokenCallback, errorReceivedCallback) {
+        var _this = this;
+        _super.prototype.handleRedirectCallback.call(this, function (authError, authResponse) {
+            if (authResponse) {
+                if (authResponse.tokenType === "id_token") {
+                    _this.broadcastService.broadcast("msal:loginSuccess", authResponse);
+                }
+                else {
+                    _this.broadcastService.broadcast("msal:acquireTokenSuccess", authResponse);
+                }
+                if (errorReceivedCallback) {
+                    authOrTokenCallback(authResponse);
+                }
+                else {
+                    authOrTokenCallback(null, authResponse);
+                }
+            }
+            else if (authError) {
+                if (authResponse.tokenType === "id_token") {
+                    _this.broadcastService.broadcast("msal:loginFailure", authError);
+                }
+                else {
+                    _this.broadcastService.broadcast("msal:acquireTokenFailure", authError);
+                }
+                if (errorReceivedCallback) {
+                    errorReceivedCallback(authError, authResponse.accountState);
+                }
+                else {
+                    authOrTokenCallback(authError);
+                }
+            }
+        });
+    };
     MsalService.prototype.getLogger = function () {
@@ -128,0 +161,0 @@ return _super.prototype.getLogger.call(this);

dist/msal.service.metadata.json

@@ -1,1 +0,1 @@
-[{"__symbolic":"module","version":3,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG_ANGULAR"]},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication"},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable"}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration"},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration"},{"__symbolic":"reference","module":"@angular/router","name":"Router"},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService"}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"getLogger":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}]}}}},{"__symbolic":"module","version":1,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG_ANGULAR"]},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication"},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable"}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration"},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration"},{"__symbolic":"reference","module":"@angular/router","name":"Router"},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService"}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"getLogger":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}]}}}}]
+[{"__symbolic":"module","version":3,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG_ANGULAR"]},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication"},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable"}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration"},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration"},{"__symbolic":"reference","module":"@angular/router","name":"Router"},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService"}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"handleRedirectCallback":[{"__symbolic":"method"},{"__symbolic":"method"},{"__symbolic":"method"}],"getLogger":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}]}}}},{"__symbolic":"module","version":1,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken"},"arguments":["MSAL_CONFIG_ANGULAR"]},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication"},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable"}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject"},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration"},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration"},{"__symbolic":"reference","module":"@angular/router","name":"Router"},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService"}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"handleRedirectCallback":[{"__symbolic":"method"},{"__symbolic":"method"},{"__symbolic":"method"}],"getLogger":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}]}}}}]

package.json

@@ -13,3 +13,3 @@ {
   },
-  "version": "1.0.0-alpha.0",
+  "version": "1.0.0-alpha.1",
   "keywords": [
@@ -33,3 +33,3 @@ "implicit",
     "@angular/core": "^4.3.0",
-    "msal": "^1.2.0",
+    "msal": "^1.2.1-beta.1",
     "rxjs": "^5.0.1"
@@ -76,3 +76,3 @@ },
     "karma-webpack": "^3.0.0",
-    "msal": "^1.2.0",
+    "msal": "^1.2.1-beta.1",
     "phantomjs-polyfill": "0.0.2",
@@ -100,3 +100,4 @@ "reflect-metadata": "^0.1.3",
     "build": "npm run clean && npm run doc && npm run build:modules",
-    "test": "typings install && npm run test:verify-build && karma start karma.conf.js",
+    "test": "npm run test:verify-build && npm run test:unit",
+    "test:unit": "karma start karma.conf.js",
     "test:verify-build": "npm run build:modules",
@@ -103,0 +104,0 @@ "ngcompile": "npm run build",

README.md

@@ -0,10 +1,9 @@
+# Microsoft Authentication Library for Angular Preview
 
-Microsoft Authentication Library for Angular Preview
-=========================================================
+The MSAL library preview for Angular is a wrapper of the core MSAL.js library which enables Angular(4.3 to 5) applications to authenticate enterprise users using Microsoft Azure Active Directory (AAD), Microsoft account users (MSA), users using social identity providers like Facebook, Google, LinkedIn etc. and get access to [Microsoft Cloud](https://www.microsoft.com/enterprise) OR [Microsoft Graph](https://graph.microsoft.io).
 
-The MSAL library preview for Angular is a wrapper of the core MSAL.js library which enables Angular(4.3 to 5) applications to authenticate enterprise users using Microsoft Azure Active Directory (AAD), Microsoft account users (MSA), users using social identity providers like Facebook, Google, LinkedIn etc. and get access to [Microsoft Cloud](https://www.microsoft.com/enterprise) OR  [Microsoft Graph](https://graph.microsoft.io).
-
 [![Build Status](https://travis-ci.org/AzureAD/microsoft-authentication-library-for-js.png?branch=dev)](https://travis-ci.org/AzureAD/microsoft-authentication-library-for-js)
 
 ## Important Note about the MSAL Angular Preview
+
 Please note that during the preview we may make changes to the API, internal cache format, and other mechanisms of this library, which you will be required to take along with bug fixes or feature improvements. This may impact your application. For instance, a change to the cache format may impact your users, such as requiring them to sign in again. An API change may require you to update your code. When we provide the General Availability release we will require you to update to the General Availability version within six months, as applications written using a preview version of library may no longer work.
@@ -15,5 +14,6 @@
 ## Installation
+
 The msal-angular package is available on NPM:
 
-`npm install @azure/msal-angular --save`
+`npm install msal @azure/msal-angular --save`
 
@@ -24,3 +24,3 @@ ## Usage
 
-Before using MSAL.js, [register an application in Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app) to get your clientID.
+Before using MSAL.js, [register an application in Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app) to get your clientId.
 
@@ -30,15 +30,20 @@ > NOTE: To use MSAL Angular with Angular 6, please install the `rxjs-compat` NPM module for now. In future, we plan to add support for Angular 6 in the library and you can track this [issue](https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/421) for more information.
 #### 1. Include and initialize the MSAL module in your app module.
-Import MsalModule into app.module.ts. To initialize MSAL module you are required to pass the clientID of your application which you can get from the application registration.
 
+Import MsalModule into app.module.ts. To initialize MSAL module you are required to pass the clientId of your application which you can get from the application registration.
+
 ```js
 @NgModule({
-  imports: [ MsalModule.forRoot({
-                    clientID: "Your client ID"
-                })]
-         })
-
-  export class AppModule { }
+    imports: [
+        MsalModule.forRoot({
+            auth: {
+                clientId: "Your client ID"
+            }
+        })
+    ]
+})
+export class AppModule {}
 ```
 
 #### 2. Secure the routes in your application
+
 You can add authentication to secure specific routes in your application by just adding `canActivate : [MsalGuard]` to your route definition. It can be added at the parent or child routes.
@@ -58,6 +63,8 @@
 #### 3. Get tokens for Web API calls
+
 MSAL Angular allows you to add an Http interceptor (`MsalInterceptor`) in your app.module.ts as follows. MsalInterceptor will obtain tokens and add them to all your Http requests in API calls except the API endpoints listed as `unprotectedResources`.
 
 ```js
-providers: [ ProductService, {
+providers: [
+    ProductService, {
         provide: HTTP_INTERCEPTORS,
@@ -67,4 +74,4 @@ useClass: MsalInterceptor,
     }
-   ],
- ```
+],
+```
 
@@ -80,8 +87,8 @@ Using MsalInterceptor is optional and you can write your own interceptor if you choose to. Alternatively, you can also explicitly acquire tokens using the acquireToken APIs.
 ```js
-this.broadcastService.subscribe("msal:loginFailure", (payload) => {
-// do something here
+this.broadcastService.subscribe("msal:loginFailure", payload => {
+    // do something here
 });
 
-this.broadcastService.subscribe("msal:loginSuccess", (payload) => {
-// do something here
+this.broadcastService.subscribe("msal:loginSuccess", payload => {
+    // do something here
 });
@@ -93,8 +100,8 @@ ```
 ```js
-this.broadcastService.subscribe("msal:acquireTokenSuccess", (payload) => {
-     // do something here
+this.broadcastService.subscribe("msal:acquireTokenSuccess", payload => {
+    // do something here
 });
 
-this.broadcastService.subscribe("msal:acquireTokenFailure", (payload) => {
-      // do something here
+this.broadcastService.subscribe("msal:acquireTokenFailure", payload => {
+    // do something here
 });
@@ -119,17 +126,18 @@ ```
 
+## MSAL Angular public API
 
-## MSAL Angular public API
 #### Login and AcquireToken APIs
 
 The wrapper exposes APIs for login, logout, acquiring access token and more.
-1. loginRedirect()
-2. loginPopup()
-3. logOut()
-4. acquireTokenSilent() - This will try to acquire the token silently. If the scope is not already consented then user will get a callback at msal:acquireTokenFailure event. User can call either acquireTokenPopup() or acquireTokenRedirect() there to acquire the token interactively.
-5. acquireTokenPopup()
-6. acquireTokenRedirect()
-7. getUser()
 
+1. `loginRedirect()`
+2. `loginPopup()`
+3. `logOut()`
+4. `acquireTokenSilent()` - This will try to acquire the token silently. If the scope is not already consented then user will get a callback at `msal:acquireTokenFailure` event. User can call either `acquireTokenPopup()` or `acquireTokenRedirect(`) there to acquire the token interactively.
+5. `acquireTokenPopup()`
+6. `acquireTokenRedirect()`
+7. `getAccount()`
+
 > Note: Since MSAL Angular wrapper is inheriting from UserAgentApplication of msal-core, all the public APIs of msal-core are still accessible from msal-angular. But it is recommended not to use
-any of the msal-core APIs like acquireTokenSilent(), acquireTokenPopup(), acquireTokenRedirect() etc from Angular application and use only the APIs which are exposed directly from the msal-angular wrapper itself.
+> any of the msal-core APIs like acquireTokenSilent(), acquireTokenPopup(), acquireTokenRedirect() etc from Angular application and use only the APIs which are exposed directly from the msal-angular wrapper itself.
 
@@ -142,72 +150,82 @@ #### Config options for MSAL initialization
 @NgModule({
-  imports: [ MsalModule.forRoot({
-                  clientID: "Your client ID",
-                  authority: "https://login.microsoftonline.com/contoso.onmicrosoft.com/",
-                  redirectUri: "http://localhost:4200/",
-                  validateAuthority : true,
-                  cacheLocation : "localStorage",
-                  storeAuthStateInCookie: false, // dynamically set to true when IE11
-                  postLogoutRedirectUri: "http://localhost:4200/",
-                  navigateToLoginRequestUrl : true,
-                  popUp: true,
-                  consentScopes: ["user.read", "api://a88bb933-319c-41b5-9f04-eff36d985612/access_as_user"],
-                  unprotectedResources: ["https://angularjs.org/"],
-                  protectedResourceMap : protectedResourceMap,
-                  logger :loggerCallback,
-                  correlationId: '1234',
-                  level: LogLevel.Verbose,
-                  piiLoggingEnabled: true,
-                })]
-           })
-
-  export class AppModule { }
+    imports: [
+        MsalModule.forRoot({
+            auth: {
+                clientId: 'clientid',
+                authority: "https://login.microsoftonline.com/common/",
+                validateAuthority: true,
+                redirectUri: "http://localhost:4200/",
+                postLogoutRedirectUri: "http://localhost:4200/",
+                navigateToLoginRequestUrl: true,
+            },
+            cache: {
+                cacheLocation : "localStorage",
+                storeAuthStateInCookie: true, // set to true for IE 11
+            },
+            framework: {
+                unprotectedResources: ["https://www.microsoft.com/en-us/"],
+                protectedResourceMap: new Map(protectedResourceMap)
+            },
+            system: {
+                logger: new Logger(loggerCallback, options)
+            }
+        }, {
+            popUp: !isIE,
+            consentScopes: [ "user.read", "openid", "profile", "api://a88bb933-319c-41b5-9f04-eff36d985612/access_as_user"],
+            extraQueryParameters: {}
+        })
+    ]
+})
+export class AppModule {}
 ```
 
-* **redirectUri** : The redirect URI of your app, where authentication responses can be sent and received by your app. It must exactly match one of the redirect URIs you registered in the portal, except that it must be URL encoded.
-Defaults to `window.location.href`.
+-   **redirectUri** : The redirect URI of your app, where authentication responses can be sent and received by your app. It must exactly match one of the redirect URIs you registered in the portal, except that it must be URL encoded.
+    Defaults to `window.location.href`.
 
-* **authority** : A URL indicating a directory that MSAL can use to obtain tokens.
-   * - In Azure AD, it is of the form https://<instance>/<tenant>, where <instance> is the directory host (e.g. https://login.microsoftonline.com) and <tenant> is a identifier within the directory itself (e.g. a domain associated to the tenant, such as contoso.onmicrosoft.com, or the GUID representing the TenantID property of the directory)
-   * - In Azure B2C, it is of the form https://<instance>/tfp/<tenantId>/<policyName>/
-   * - Default value is: "https://login.microsoftonline.com/common"
+-   **authority** : A URL indicating a directory that MSAL can use to obtain tokens.
 
-* **validateAuthority** : Validate the issuer of tokens. Default is true.
+    -   -   In Azure AD, it is of the form https://<instance>/<tenant>, where <instance> is the directory host (e.g. https://login.microsoftonline.com) and <tenant> is a identifier within the directory itself (e.g. a domain associated to the tenant, such as contoso.onmicrosoft.com, or the GUID representing the TenantID property of the directory)
+    -   -   In Azure B2C, it is of the form https://<instance>/tfp/<tenantId>/<policyName>/
+    -   -   Default value is: "https://login.microsoftonline.com/common"
 
-* **cacheLocation** : Sets browser storage to either `localStorage` or `sessionStorage`. Defaults to `sessionStorage`.
+-   **validateAuthority** : Validate the issuer of tokens. Default is true.
 
-* **storeAuthStateInCookie** : Stores auth state in a browser cookie instead of local storage. Needs to be set to true when a user is on IE11, which may clear local storage contents when redirecting between websites in different zones. Defaults is `false`.
+-   **cacheLocation** : Sets browser storage to either `localStorage` or `sessionStorage`. Defaults to `sessionStorage`.
 
-* **postLogoutRedirectUri** : Redirects the user to postLogoutRedirectUri after logout. Defaults is 'redirectUri'.
+-   **storeAuthStateInCookie** : Stores auth state in a browser cookie instead of local storage. Needs to be set to true when a user is on IE11, which may clear local storage contents when redirecting between websites in different zones. Defaults is `false`.
 
-* **loadFrameTimeout** : The number of milliseconds of inactivity before a token renewal response from AAD should be considered timed out. Default is 6 seconds.
+-   **postLogoutRedirectUri** : Redirects the user to postLogoutRedirectUri after logout. Defaults is 'redirectUri'.
 
-* **navigateToLoginRequestUrl** :Ability to turn off default navigation to start page after login. Default is true. This is used only for redirect flows.
+-   **loadFrameTimeout** : The number of milliseconds of inactivity before a token renewal response from AAD should be considered timed out. Default is 6 seconds.
 
-* **popup** : Show login popup or redirect. Default:Redirect
+-   **navigateToLoginRequestUrl** :Ability to turn off default navigation to start page after login. Default is true. This is used only for redirect flows.
 
-* **consentScopes** : Allows the client to express the desired scopes that should be consented. Scopes can be from multiple resources/endpoints. Passing scope here will
-only consent it and no access token will be acquired till the time client actually calls the API. This is optional if you are using MSAL for only login(Authentication).
+-   **popup** : Show login popup or redirect. Default:Redirect
 
-* **unprotectedResources** : Array of  URI's. Msal will not attach a token to outgoing requests that have these uri. Defaults to 'null'.
+-   **consentScopes** : Allows the client to express the desired scopes that should be consented. Scopes can be from multiple resources/endpoints. Passing scope here will
+    only consent it and no access token will be acquired till the time client actually calls the API. This is optional if you are using MSAL for only login(Authentication).
 
-* **protectedResourceMap** : Mapping of resources to scopes  {"https://graph.microsoft.com/v1.0/me", ["user.read", "mail.send"]}. Used internally by the MSAL for automatically attaching tokens in webApi calls.
-                             This is required only for CORS calls.
+-   **unprotectedResources** : Array of URI's. Msal will not attach a token to outgoing requests that have these uri. Defaults to 'null'.
 
+-   **protectedResourceMap** : Mapping of resources to scopes {"https://graph.microsoft.com/v1.0/me", ["user.read", "mail.send"]}. Used internally by the MSAL for automatically attaching tokens in webApi calls.
+    This is required only for CORS calls.
+
 export const protectedResourceMap:[string, string[]][]=[ ['https://buildtodoservice.azurewebsites.net/api/todolist',['api://a88bb933-319c-41b5-9f04-eff36d985612/access_as_user']] , ['https://graph.microsoft.com/v1.0/me', ['user.read']] ];
 
-* **level** : Configurable log level. Default value is Info.
+-   **level** : Configurable log level. Default value is Info. Passed in options object as the second argument to `Logger`.
 
-* **logger** : Callback instance that can be provided by the developer to consume and publish logs in a custom manner. Callback method must follow this signature.
-loggerCallback(logLevel, message, piiEnabled) { }
+-   **logger** : Callback instance that can be provided by the developer to consume and publish logs in a custom manner. Callback method must follow this signature.
+    `loggerCallback(logLevel, message, piiEnabled) { }`
 
-* **piiLoggingEnabled** : PII stands for Personal Identifiable Information. By default, MSAL does not capture or log any PII. By turning on PII, the app takes responsibility for safely handling highly-sensitive data and complying with any regulatory requirements.
- This flag is to enable/disable logging of PII data. PII logs are never written to default outputs like Console, Logcat or NSLog. Default is set to false.
+-   **piiLoggingEnabled** : PII stands for Personal Identifiable Information. By default, MSAL does not capture or log any PII. By turning on PII, the app takes responsibility for safely handling highly-sensitive data and complying with any regulatory requirements. Passed in options object as the second argument to `Logger`.
+    This flag is to enable/disable logging of PII data. PII logs are never written to default outputs like Console, Logcat or NSLog. Default is set to false.
 
-* **correlationId** : Unique identifier used to map the request with the response. Defaults to RFC4122 version 4 guid (128 bits).
+-   **correlationId** : Unique identifier used to map the request with the response. Defaults to RFC4122 version 4 guid (128 bits). Passed in options object as the second argument to `Logger`.
 
-
 ## Advanced Topics
 
 #### Logging
+
 The logger definition has the following properties. Please see the config section for more details on their use:
+
 1. correlationId
@@ -225,10 +243,15 @@ 2. level
 @NgModule({
-  imports: [ MsalModule.forRoot({
-                  clientID: Your client ID,
-                  logger :loggerCallback,
-                  correlationId: '1234',
-                  level: LogLevel.Verbose,
-                  piiLoggingEnabled: true,
-                })]
-           })
+    imports: [ MsalModule.forRoot({
+        auth: {
+            clientId: 'Your client ID',
+        },
+        system: {
+            logger: new Logger(loggerCallback, {
+                correlationId: '1234',
+                level: LogLevel.Verbose,
+                piiLoggingEnabled: true,
+            }
+        }
+    })]
+})
 ```
@@ -243,17 +266,28 @@
 #### Security
+
 Tokens are accessible from Javascript since MSAL is using HTML5 storage. Default storage option is sessionStorage, which keeps the tokens per session. You should ask user to login again for important operations on your app.
-You should protect your site for XSS. Please check the article here: [https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet](https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet)
+You should protect your site for XSS. Please check the article here: [https://www.owasp.org/index.php/XSS\_(Cross_Site_Scripting)\_Prevention_Cheat_Sheet](<https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet>)
 
 #### CORS API usage
+
 MSAL will get access tokens using a hidden Iframe for given CORS API endpoints in the config. To make CORS API call, you need to specify your CORS API endpoints as a map in the config.
 
 ```js
-export const protectedResourceMap:[string, string[]][]=[ ['https://buildtodoservice.azurewebsites.net/api/todolist',['api://a88bb933-319c-41b5-9f04-eff36d985612/access_as_user']] , ['https://graph.microsoft.com/v1.0/me', ['user.read']] ];
+export const protectedResourceMap:[string, string[]][]= [
+    ['https://buildtodoservice.azurewebsites.net/api/todolist', [ 'api://a88bb933-319c-41b5-9f04-eff36d985612/access_as_user' ]],
+    ['https://graph.microsoft.com/v1.0/me', ['user.read']]
+];
 
 @NgModule({
-  imports: [ MsalModule.forRoot({
-                  clientID: Your client ID,
-                  protectedResourceMap : protectedResourceMap
-                })]
-           })
+    imports: [
+        MsalModule.forRoot({
+            auth: {
+                clientId: 'Your client ID',
+            },
+            framework: {
+                protectedResourceMap : protectedResourceMap
+            }
+        })
+    ]
+})
 ```
@@ -267,6 +301,6 @@
 
-- For CORS API calls, the Iframe needs to access the cookies for the same domain that you did the initial sign in on. IE does not allow to access cookies in Iframe for localhost. Your URL needs to be fully qualified domain i.e http://yoursite.azurewebsites.com. Chrome does not have this restriction.
-- If you put your site in the trusted site list, cookies are not accessible for Iframe requests. You need to remove protected mode for Internet zone or add the authority URL for the login to the trusted sites as well.
-- IE may clear local storage when navigating between websites in different zones (e.g. your app and the login authority), which results in a broken experience when returning from the login page. To fix, set `storeAuthStateInCookie` to `true`.
-- There are known issues with popups in IE. We recommend using redirect flows by setting `popUp` to `false`.
+-   For CORS API calls, the Iframe needs to access the cookies for the same domain that you did the initial sign in on. IE does not allow to access cookies in Iframe for localhost. Your URL needs to be fully qualified domain i.e http://yoursite.azurewebsites.com. Chrome does not have this restriction.
+-   If you put your site in the trusted site list, cookies are not accessible for Iframe requests. You need to remove protected mode for Internet zone or add the authority URL for the login to the trusted sites as well.
+-   IE may clear local storage when navigating between websites in different zones (e.g. your app and the login authority), which results in a broken experience when returning from the login page. To fix, set `storeAuthStateInCookie` to `true`.
+-   There are known issues with popups in IE. We recommend using redirect flows by setting `popUp` to `false`.
 
@@ -276,10 +310,15 @@ It is recommended that these properties are set dynamically based on the user's browser.
 ```js
-const isIE = window.navigator.userAgent.indexOf("MSIE ") > -1 || window.navigator.userAgent.indexOf("Trident/") > -1;
+const isIE =
+    window.navigator.userAgent.indexOf("MSIE ") > -1 ||
+    window.navigator.userAgent.indexOf("Trident/") > -1;
 
 MsalModule.forRoot({
     // ...
-    popUp: !isIE,
-    storeAuthStateInCookie: ieIE
+    cache: {
+        storeAuthStateInCookie: ieIE
+    }
+    framework: {
+        popUp: !isIE
+    }
 });
-
 ```
@@ -293,10 +332,10 @@
 
-- [FAQs](https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/FAQs) for access to our frequently asked questions
+-   [FAQs](https://github.com/AzureAD/microsoft-authentication-library-for-js/wiki/FAQs) for access to our frequently asked questions
 
-- [Stack Overflow](http://stackoverflow.com/questions/tagged/msal) using tag "msal".
-We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.
+-   [Stack Overflow](http://stackoverflow.com/questions/tagged/msal) using tag "msal".
+    We highly recommend you ask your questions on Stack Overflow first and browse existing issues to see if someone has asked your question before.
 
-- [GitHub Issues](../../issues) for reporting a bug or feature requests
+-   [GitHub Issues](../../issues) for reporting a bug or feature requests
 
-- [User Voice page](https://feedback.azure.com/forums/169401-azure-active-directory) to provide recommendations and/or feedback
+-   [User Voice page](https://feedback.azure.com/forums/169401-azure-active-directory) to provide recommendations and/or feedback
 
@@ -313,13 +352,13 @@ ## Contribute
 
-	npm install
+    npm install
 
 Then use the following command to build the library and run all the unit tests:
 
-	npm run ngcompile
+    npm run ngcompile
 
-	npm run test
+    npm run test
 
 ## Security Library
 
-This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use [semantic versioning](http://semver.org) so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x.*y*.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.
+This library controls how users sign-in and access services. We recommend you always take the latest version of our library in your app when possible. We use [semantic versioning](http://semver.org) so you can control the risk associated with updating your app. As an example, always downloading the latest minor version number (e.g. x._y_.x) ensures you get the latest security and feature enhanements but our API surface remains the same. You can always see the latest version and release notes under the Releases tab of GitHub.
 
@@ -332,3 +371,3 @@ ## Security Reporting
 
-Copyright (c) Microsoft Corporation.  All rights reserved. Licensed under the MIT License (the "License");
+Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");
 
@@ -335,0 +374,0 @@ ## We Value and Adhere to the Microsoft Open Source Code of Conduct

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

87432

increased by4.86%

Lines of code

890

increased by4.22%

Number of lines in readme file

361

increased by12.11%

No dependency changes