@azure/msal-angular
Advanced tools
Comparing version 1.0.0-beta.1 to 1.0.0-beta.2
# Changelog | ||
## 1.0.0-beta.2 | ||
Fixes two issues related to `aot` mode. | ||
* Requires `msal@1.2.2-beta.0`, which adds `setLogger` function to dynamically set the logger callback when running in `aot` mode. (#1213). | ||
* Moves `protectedResourceMap` and `unprotectedResources` to MSAL Angular-specific configuration object. `protectedResourceMap` can now be `[string, string[]][]` or a `Map`. This is also to mitigate issues with `aot` mode. (#1213). | ||
## 1.0.0-beta.1 | ||
@@ -7,4 +14,4 @@ | ||
* Requires `msal@1.2.1` and `rxjs@6` as a peer dependency. | ||
* `rxjs-compat` is longer be required. | ||
* Requires `msal@1.2.1`, `rxjs@6`, `@angular/core@>=6`, `@angular/common@>=6` as a peer dependencies. | ||
* `rxjs-compat` is no longer required. | ||
@@ -11,0 +18,0 @@ ### Known issues |
@@ -7,3 +7,5 @@ export declare type MsalAngularConfiguration = { | ||
}; | ||
unprotectedResources?: string[]; | ||
protectedResourceMap?: [string, string[]][] | Map<string, Array<string>>; | ||
}; | ||
export declare const defaultMsalAngularConfiguration: MsalAngularConfiguration; |
@@ -6,4 +6,6 @@ "use strict"; | ||
popUp: false, | ||
extraQueryParameters: {} | ||
extraQueryParameters: {}, | ||
unprotectedResources: [], | ||
protectedResourceMap: [] | ||
}; | ||
//# sourceMappingURL=msal-angular.configuration.js.map |
@@ -1,1 +0,1 @@ | ||
[{"__symbolic":"module","version":4,"metadata":{"MsalAngularConfiguration":{"__symbolic":"interface"},"defaultMsalAngularConfiguration":{"consentScopes":[],"popUp":false,"extraQueryParameters":{}}}}] | ||
[{"__symbolic":"module","version":4,"metadata":{"MsalAngularConfiguration":{"__symbolic":"interface"},"defaultMsalAngularConfiguration":{"consentScopes":[],"popUp":false,"extraQueryParameters":{},"unprotectedResources":[],"protectedResourceMap":[]}}}] |
import { InjectionToken } from "@angular/core"; | ||
import { UserAgentApplication, Configuration, AuthenticationParameters, AuthResponse, Logger } from "msal"; | ||
import { UserAgentApplication, Configuration, AuthenticationParameters, AuthResponse } from "msal"; | ||
import { Router } from "@angular/router"; | ||
@@ -24,5 +24,4 @@ import { BroadcastService } from "./broadcast.service"; | ||
handleRedirectCallback(authCallback: authResponseCallback): void; | ||
getLogger(): Logger; | ||
getScopesForEndpoint(endpoint: string): string[]; | ||
clearCacheForScope(accessToken: string): void; | ||
getScopesForEndpoint(endpoint: string): Array<string>; | ||
} |
@@ -44,2 +44,3 @@ "use strict"; | ||
var MSALError_1 = require("./MSALError"); | ||
var UrlUtils_1 = require("msal/lib-commonjs/utils/UrlUtils"); | ||
exports.MSAL_CONFIG = new core_1.InjectionToken("MSAL_CONFIG"); | ||
@@ -78,5 +79,5 @@ exports.MSAL_CONFIG_ANGULAR = new core_1.InjectionToken("MSAL_CONFIG_ANGULAR"); | ||
if (!router.config[i].canActivate) { | ||
if (_this.msalConfig.framework.unprotectedResources) { | ||
if (_this.msalAngularConfig.unprotectedResources) { | ||
if (!_this.isUnprotectedResource(router.config[i].path) && !_this.isEmpty(router.config[i].path)) { | ||
_this.msalConfig.framework.unprotectedResources.push(router.config[i].path); | ||
_this.msalAngularConfig.unprotectedResources.push(router.config[i].path); | ||
} | ||
@@ -90,10 +91,4 @@ } | ||
MsalService.prototype.isUnprotectedResource = function (url) { | ||
if (this.msalConfig && this.msalConfig.framework.unprotectedResources) { | ||
for (var i = 0; i < this.msalConfig.framework.unprotectedResources.length; i++) { | ||
if (url.indexOf(this.msalConfig.framework.unprotectedResources[i]) > -1) { | ||
return true; | ||
} | ||
} | ||
} | ||
return false; | ||
var unprotectedResources = (this.msalConfig.framework && this.msalConfig.framework.unprotectedResources) || this.msalAngularConfig.unprotectedResources; | ||
return unprotectedResources.some(function (resource) { return url.indexOf(resource) > -1; }); | ||
}; | ||
@@ -178,11 +173,43 @@ MsalService.prototype.isEmpty = function (str) { | ||
}; | ||
MsalService.prototype.getLogger = function () { | ||
return _super.prototype.getLogger.call(this); | ||
MsalService.prototype.clearCacheForScope = function (accessToken) { | ||
return _super.prototype.clearCacheForScope.call(this, accessToken); | ||
}; | ||
MsalService.prototype.getScopesForEndpoint = function (endpoint) { | ||
return _super.prototype.getScopesForEndpoint.call(this, endpoint); | ||
if (this.msalConfig.framework && this.msalConfig.framework.unprotectedResources) { | ||
this.getLogger().info("msalConfig.framework.unprotectedResources is deprecated, use msalAngularConfig.unprotectedResources"); | ||
} | ||
// if user specified list of unprotectedResources, no need to send token to these endpoints, return null. | ||
var isUnprotected = this.isUnprotectedResource(endpoint); | ||
if (isUnprotected) { | ||
return null; | ||
} | ||
if (this.msalConfig.framework && this.msalConfig.framework.protectedResourceMap) { | ||
this.getLogger().info("msalConfig.framework.protectedResourceMap is deprecated, use msalAngularConfig.protectedResourceMap"); | ||
} | ||
var protectedResourceMap = (this.msalConfig.framework && this.msalConfig.framework.protectedResourceMap) || new Map(this.msalAngularConfig.protectedResourceMap); | ||
// process all protected resources and send the matched one | ||
var keyForEndpoint = Array.from(protectedResourceMap.keys()).find(function (key) { return endpoint.indexOf(key) > -1; }); | ||
if (keyForEndpoint) { | ||
return protectedResourceMap.get(keyForEndpoint); | ||
} | ||
/* | ||
* default resource will be clientid if nothing specified | ||
* App will use idtoken for calls to itself | ||
* check if it's staring from http or https, needs to match with app host | ||
*/ | ||
if (endpoint.indexOf("http://") > -1 || endpoint.indexOf("https://") > -1) { | ||
if (UrlUtils_1.UrlUtils.getHostFromUri(endpoint) === UrlUtils_1.UrlUtils.getHostFromUri(_super.prototype.getRedirectUri.call(this))) { | ||
return new Array(this.msalConfig.auth.clientId); | ||
} | ||
} | ||
else { | ||
/* | ||
* in angular level, the url for $http interceptor call could be relative url, | ||
* if it's relative call, we'll treat it as app backend call. | ||
*/ | ||
return new Array(this.msalConfig.auth.clientId); | ||
} | ||
// if not the app's own backend or not a domain listed in the endpoints structure | ||
return null; | ||
}; | ||
MsalService.prototype.clearCacheForScope = function (accessToken) { | ||
return _super.prototype.clearCacheForScope.call(this, accessToken); | ||
}; | ||
MsalService = __decorate([ | ||
@@ -189,0 +216,0 @@ core_1.Injectable(), |
@@ -1,1 +0,1 @@ | ||
[{"__symbolic":"module","version":4,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken","line":18,"character":31},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken","line":19,"character":39},"arguments":["MSAL_CONFIG_ANGULAR"]},"ɵ0":{"__symbolic":"error","message":"Lambda not supported","line":21,"character":24},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication","line":32,"character":33},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable","line":31,"character":1}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject","line":35,"character":9},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject","line":36,"character":9},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration","line":35,"character":49},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration","line":36,"character":64},{"__symbolic":"reference","module":"@angular/router","name":"Router","line":37,"character":24},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService","line":38,"character":34}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"handleRedirectCallback":[{"__symbolic":"method"},{"__symbolic":"method"},{"__symbolic":"method"}],"getLogger":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}]}}}}] | ||
[{"__symbolic":"module","version":4,"metadata":{"MSAL_CONFIG":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken","line":19,"character":31},"arguments":["MSAL_CONFIG"]},"MSAL_CONFIG_ANGULAR":{"__symbolic":"new","expression":{"__symbolic":"reference","module":"@angular/core","name":"InjectionToken","line":20,"character":39},"arguments":["MSAL_CONFIG_ANGULAR"]},"ɵ0":{"__symbolic":"error","message":"Lambda not supported","line":22,"character":24},"MsalService":{"__symbolic":"class","extends":{"__symbolic":"reference","module":"msal","name":"UserAgentApplication","line":33,"character":33},"decorators":[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Injectable","line":32,"character":1}}],"members":{"__ctor__":[{"__symbolic":"constructor","parameterDecorators":[[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject","line":36,"character":9},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG"}]}],[{"__symbolic":"call","expression":{"__symbolic":"reference","module":"@angular/core","name":"Inject","line":37,"character":9},"arguments":[{"__symbolic":"reference","name":"MSAL_CONFIG_ANGULAR"}]}],null,null],"parameters":[{"__symbolic":"reference","module":"msal","name":"Configuration","line":36,"character":49},{"__symbolic":"reference","module":"./msal-angular.configuration","name":"MsalAngularConfiguration","line":37,"character":64},{"__symbolic":"reference","module":"@angular/router","name":"Router","line":38,"character":24},{"__symbolic":"reference","module":"./broadcast.service","name":"BroadcastService","line":39,"character":34}]}],"isUnprotectedResource":[{"__symbolic":"method"}],"isEmpty":[{"__symbolic":"method"}],"getCacheStorage":[{"__symbolic":"method"}],"loginPopup":[{"__symbolic":"method"}],"acquireTokenSilent":[{"__symbolic":"method"}],"acquireTokenPopup":[{"__symbolic":"method"}],"handleRedirectCallback":[{"__symbolic":"method"},{"__symbolic":"method"},{"__symbolic":"method"}],"clearCacheForScope":[{"__symbolic":"method"}],"getScopesForEndpoint":[{"__symbolic":"method"}]}}}}] |
@@ -13,3 +13,3 @@ { | ||
}, | ||
"version": "1.0.0-beta.1", | ||
"version": "1.0.0-beta.2", | ||
"keywords": [ | ||
@@ -33,3 +33,3 @@ "implicit", | ||
"@angular/core": ">= 6.0.0", | ||
"msal": "^1.2.1", | ||
"msal": "^1.2.2-beta.0", | ||
"rxjs": "^6.0.0" | ||
@@ -54,2 +54,3 @@ }, | ||
"core-js": "^2.4.1", | ||
"gh-pages": "^2.2.0", | ||
"grunt": "^1.0.3", | ||
@@ -77,3 +78,3 @@ "grunt-banner": "^0.6.0", | ||
"karma-webpack": "^3.0.0", | ||
"msal": "^1.2.1", | ||
"msal": "^1.2.2-beta.0", | ||
"phantomjs-polyfill": "0.0.2", | ||
@@ -98,3 +99,5 @@ "reflect-metadata": "^0.1.3", | ||
"clean": "shx rm -rf dist docs", | ||
"doc": "typedoc --out ./docs ./src/ --gitRevision dev", | ||
"doc": "npm run doc:generate && npm run doc:deploy", | ||
"doc:generate": "typedoc --mode modules --excludePrivate --excludeProtected --out ./ref ./src/ --gitRevision dev", | ||
"doc:deploy": "gh-pages -d ref -a -e ref/msal-angular", | ||
"build:modules": "ngc -p tsconfig.json", | ||
@@ -101,0 +104,0 @@ "build": "npm run clean && npm run doc && npm run build:modules", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Minified code
QualityThis package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1062233
67
2165
53
3
3