@azure/msal-browser - npm Package Compare versions

Comparing version 2.0.0-beta.4 to 2.0.0

dist/src/request/SilentRequest.d.ts

changelog.md

		@@ -0,1 +1,15 @@
		# 2.0.0
		## Breaking Changes
		* None

		## Features and Fixes
		* Fix an issue where logout was not clearing all accounts (#1919)
		* Typescript sample for browser (#1920)
		* Add SilentRequest.ts object (#1964)
		* Fix an issue where popup window position value did not have a floor (#1981)
		* Fix an issue where getAccountByUsername was case-sensitive for the given username (#1982)
		* Fix an issue where `openid` and `profile` were being added to silent requests (#1962)
		* Fix an issue where the hash was not handled if `navigateToLoginRequestUrl`=`false` (#1973)
		* Fix an error that occurs when the request object is not provided to login and the redirectStartPage is expected (#1998)

		# 2.0.0-beta.4
		@@ -2,0 +16,0 @@ ## Breaking Changes

dist/src/app/IPublicClientApplication.d.ts

		@@ -1,14 +0,16 @@
		import { AuthenticationResult, AuthorizationUrlRequest } from "@azure/msal-common";
		import { SilentFlowRequest, EndSessionRequest, AccountInfo } from "../";
		import { AuthenticationResult, AuthorizationUrlRequest, AccountInfo, EndSessionRequest } from "@azure/msal-common";
		import { RedirectRequest } from "../request/RedirectRequest";
		import { PopupRequest } from "../request/PopupRequest";
		import { SilentRequest } from "../request/SilentRequest";
		export interface IPublicClientApplication {
		acquireTokenPopup(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		acquireTokenRedirect(request: AuthorizationUrlRequest): Promise<void>;
		acquireTokenSilent(silentRequest: SilentFlowRequest): Promise<AuthenticationResult>;
		acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult>;
		acquireTokenRedirect(request: RedirectRequest): Promise<void>;
		acquireTokenSilent(silentRequest: SilentRequest): Promise<AuthenticationResult>;
		getAccountByUsername(userName: string): AccountInfo;
		getAllAccounts(): AccountInfo[];
		handleRedirectPromise(): Promise<AuthenticationResult \| null>;
		loginPopup(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		loginRedirect(request: AuthorizationUrlRequest): Promise<void>;
		loginPopup(request: PopupRequest): Promise<AuthenticationResult>;
		loginRedirect(request: RedirectRequest): Promise<void>;
		logout(logoutRequest?: EndSessionRequest): Promise<void>;
		ssoSilent(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		}

dist/src/app/PublicClientApplication.d.ts

		@@ -1,2 +0,2 @@
		import { AuthorizationUrlRequest, AuthenticationResult, SilentFlowRequest, AccountInfo, EndSessionRequest } from "@azure/msal-common";
		import { AuthorizationUrlRequest, AuthenticationResult, AccountInfo, EndSessionRequest } from "@azure/msal-common";
		import { Configuration } from "../config/Configuration";
		@@ -6,2 +6,3 @@ import { IPublicClientApplication } from "./IPublicClientApplication";
		import { PopupRequest } from "../request/PopupRequest";
		import { SilentRequest } from "../request/SilentRequest";
		/**
		@@ -45,3 +46,3 @@ * The PublicClientApplication class is the object exposed by the library to perform authentication and authorization functions in Single Page Applications
		* auth flows.
		* @returns token response or null. If the return value is null, then no auth redirect was detected.
		* @returns {Promise.<AuthenticationResult \| null>} token response or null. If the return value is null, then no auth redirect was detected.
		*/
		@@ -68,3 +69,3 @@ handleRedirectPromise(): Promise<AuthenticationResult \| null>;
		*
		* @param {@link (AuthenticationParameters:type)}
		* @param {@link (RedirectRequest:type)}
		*/
		@@ -78,5 +79,4 @@ loginRedirect(request: RedirectRequest): Promise<void>;
		* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
		* @param {@link (AuthenticationParameters:type)}
		*
		* To acquire only idToken, please pass clientId as the only scope in the Authentication Parameters
		* @param {@link (RedirectRequest:type)}
		*/
		@@ -87,3 +87,3 @@ acquireTokenRedirect(request: RedirectRequest): Promise<void>;
		*
		* @param {@link (AuthenticationParameters:type)}
		* @param {@link (PopupRequest:type)}
		*
		@@ -95,5 +95,4 @@ * @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		* Use when you want to obtain an access_token for your API via opening a popup window in the user's browser
		* @param {@link AuthenticationParameters}
		* @param {@link (PopupRequest:type)}
		*
		* To acquire only idToken, please pass clientId as the only scope in the Authentication Parameters
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		@@ -120,3 +119,2 @@ */
		*
		* To renew idToken, please pass clientId as the only scope in the Authentication Parameters.
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		@@ -131,3 +129,3 @@ */
		*
		* @param {@link AuthenticationParameters}
		* @param {@link (SilentRequest:type)}
		*
		@@ -138,3 +136,3 @@ * To renew idToken, please pass clientId as the only scope in the Authentication Parameters
		*/
		acquireTokenSilent(request: SilentFlowRequest): Promise<AuthenticationResult>;
		acquireTokenSilent(request: SilentRequest): Promise<AuthenticationResult>;
		/**
		@@ -150,3 +148,3 @@ * Helper which acquires an authorization code silently using a hidden iframe from given url
		* Default behaviour is to redirect the user to `window.location.href`.
		* @param logoutRequest
		* @param {@link (EndSessionRequest:type)}
		*/
		@@ -158,3 +156,3 @@ logout(logoutRequest?: EndSessionRequest): Promise<void>;
		* or null when no state is found
		* @returns {@link IAccount[]} - Array of account objects in cache
		* @returns {@link AccountInfo[]} - Array of account objects in cache
		*/
		@@ -166,3 +164,3 @@ getAllAccounts(): AccountInfo[];
		* or null when no state is found
		* @returns {@link IAccount} - the account object stored in MSAL
		* @returns {@link AccountInfo} - the account object stored in MSAL
		*/
		@@ -173,3 +171,2 @@ getAccountByUsername(userName: string): AccountInfo;
		* Use to get the redirect uri configured in MSAL or null.
		* Evaluates redirectUri if its a function, otherwise simply returns its value.
		* @returns {string} redirect URL
		@@ -181,3 +178,2 @@ *
		* Use to get the post logout redirect uri configured in MSAL or null.
		* Evaluates postLogoutredirectUri if its a function, otherwise simply returns its value.
		*
		@@ -184,0 +180,0 @@ * @returns {string} post logout redirect URL

dist/src/config/Configuration.d.ts

		import { SystemOptions, LoggerOptions, INetworkModule } from "@azure/msal-common";
		/**
		* Use this to configure the auth options in the Configuration object
		*
		* - clientId - Client ID of your app registered with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview in Microsoft Identity Platform
		* - authority - You can configure a specific authority, defaults to " " or "https://login.microsoftonline.com/common"
		* - knownAuthorities - An array of URIs that are known to be valid. Used in B2C scenarios.
		* - cloudDiscoveryMetadata - A string containing the cloud discovery response. Used in AAD scenarios.
		* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
		* - postLogoutRedirectUri - The redirect URI where the window navigates after a successful logout.
		* - navigateToLoginRequestUrl - Boolean indicating whether to navigate to the original request URL after the auth server navigates to the redirect URL.
		*/
		export declare type BrowserAuthOptions = {
		@@ -20,3 +31,2 @@ clientId: string;
		storeAuthStateInCookie?: boolean;
		storeInMemory?: boolean;
		};
		@@ -26,7 +36,8 @@ /**
		*
		* - logger - Used to initialize the Logger object; TODO: Expand on logger details or link to the documentation on logger
		* - tokenRenewalOffsetSeconds - Sets the window of offset needed to renew the token before expiry
		* - loggerOptions - Used to initialize the Logger object (See ClientConfiguration.ts)
		* - networkClient - Network interface implementation
		* - windowHashTimeout - sets the timeout for waiting for a response hash in a popup
		* - iframeHashTimeout - sets the timeout for waiting for a response hash in an iframe
		* - loadFrameTimeout - maximum time the library should wait for a frame to load
		* - windowHashTimeout - sets the wait time for hidden iFrame navigation
		* - tokenRenewalOffsetSeconds - sets the window of offset needed to renew the token before expiry
		* - telemetry - Telemetry options for library network requests
		*/
		@@ -46,3 +57,3 @@ export declare type BrowserSystemOptions = SystemOptions & {
		* - cache: this is where you configure cache location and whether to store cache in cookies
		* - system: this is where you can configure the network client, logger, token renewal offset, and telemetry
		* - system: this is where you can configure the network client, logger, token renewal offset
		*/
		@@ -49,0 +60,0 @@ export declare type Configuration = {

dist/src/index.d.ts

		@@ -8,2 +8,3 @@ export { PublicClientApplication } from "./app/PublicClientApplication";
		export { RedirectRequest } from "./request/RedirectRequest";
		export { AccountInfo, AuthorizationUrlRequest, SilentFlowRequest, EndSessionRequest, AuthenticationResult, InteractionRequiredAuthError, AuthError, AuthErrorMessage, INetworkModule, ILoggerCallback, Logger, LogLevel } from "@azure/msal-common";
		export { SilentRequest } from "./request/SilentRequest";
		export { AccountInfo, AuthorizationUrlRequest, EndSessionRequest, AuthenticationResult, InteractionRequiredAuthError, AuthError, AuthErrorMessage, INetworkModule, ILoggerCallback, Logger, LogLevel } from "@azure/msal-common";

dist/src/request/PopupRequest.d.ts

		import { AuthorizationUrlRequest } from "@azure/msal-common";
		/**
		* @type PopupRequest: Request object passed by user to retrieve a Code from the
		* server (first leg of authorization code grant flow)
		* server (first leg of authorization code grant flow) with a popup window.
		*
		* - scopes - Array of scopes the application is requesting access to.
		* - authority - Url of the authority which the application acquires tokens from.
		* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
		* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
		* - extraScopesToConsent - Scopes for a different resource when the user needs consent upfront.
		* - responseMode - Specifies the method that should be used to send the authentication result to your app. Can be query, form_post, or fragment. If no value is passed in, it defaults to query.
		* - codeChallenge - Used to secure authorization code grant via Proof of Key for Code Exchange (PKCE). For more information, see the PKCE RCF:https://tools.ietf.org/html/rfc7636
		* - codeChallengeMethod - The method used to encode the code verifier for the code challenge parameter. Can be "plain" or "S256". If excluded, code challenge is assumed to be plaintext. For more information, see the PKCE RCF: https://tools.ietf.org/html/rfc7636
		* - state - A value included in the request that is also returned in the token response. A randomly generated unique value is typically used for preventing cross site request forgery attacks. The state is also used to encode information about the user's state in the app before the authentication request occurred.
		* - prompt - Indicates the type of user interaction that is required.
		* login: will force the user to enter their credentials on that request, negating single-sign on
		* none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error
		* consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app
		* select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account
		* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
		* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
		* - extraQueryParameters - String to string map of custom query parameters.
		* - claims - In cases where Azure AD tenant admin has enabled conditional access policies, and the policy has not been met, exceptions will contain claims that need to be consented to.
		* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
		*/
		export declare type PopupRequest = AuthorizationUrlRequest;

dist/src/request/RedirectRequest.d.ts

		import { AuthorizationUrlRequest } from "@azure/msal-common";
		/**
		* @type RedirectRequest: Request object passed by user to retrieve a Code from the
		* server (first leg of authorization code grant flow)
		* server (first leg of authorization code grant flow) with a full page redirect.
		*
		* - scopes - Array of scopes the application is requesting access to.
		* - authority - Url of the authority which the application acquires tokens from.
		* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
		* - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
		* - extraScopesToConsent - Scopes for a different resource when the user needs consent upfront.
		* - responseMode - Specifies the method that should be used to send the authentication result to your app. Can be query, form_post, or fragment. If no value is passed in, it defaults to query.
		* - codeChallenge - Used to secure authorization code grant via Proof of Key for Code Exchange (PKCE). For more information, see the PKCE RCF:https://tools.ietf.org/html/rfc7636
		* - codeChallengeMethod - The method used to encode the code verifier for the code challenge parameter. Can be "plain" or "S256". If excluded, code challenge is assumed to be plaintext. For more information, see the PKCE RCF: https://tools.ietf.org/html/rfc7636
		* - state - A value included in the request that is also returned in the token response. A randomly generated unique value is typically used for preventing cross site request forgery attacks. The state is also used to encode information about the user's state in the app before the authentication request occurred.
		* - prompt - Indicates the type of user interaction that is required.
		* login: will force the user to enter their credentials on that request, negating single-sign on
		* none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error
		* consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app
		* select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account
		* - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
		* - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
		* - extraQueryParameters - String to string map of custom query parameters.
		* - claims - In cases where Azure AD tenant admin has enabled conditional access policies, and the policy has not been met, exceptions will contain claims that need to be consented to.
		* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
		* - redirectStartPage - The page that should be returned to after loginRedirect or acquireTokenRedirect. This should only be used if this is different from the redirectUri and will default to the page that initiates the request. When the navigateToLoginRequestUrl config option is set to false this parameter will be ignored.
		*/
		export declare type RedirectRequest = AuthorizationUrlRequest & {
		/**
		* The page that should be returned to after loginRedirect or acquireTokenRedirect. This should only be used
		* if this is different from the redirectUri and will default to the page that initiates the request.
		* When the navigateToLoginRequestUrl config option is set to false this parameter will be ignored.
		*/
		redirectStartPage?: string;
		};

package.json

		@@ -13,3 +13,3 @@ {
		},
		"version": "2.0.0-beta.4",
		"version": "2.0.0",
		"description": "Microsoft Authentication Library for js",
		@@ -38,2 +38,3 @@ "keywords": [
		"scripts": {
		"cdn": "node ./cdn-upload.js",
		"clean": "shx rm -rf dist lib",
		@@ -53,5 +54,9 @@ "clean:coverage": "rimraf ../../.nyc_output/*",
		"build": "npm run clean && npm run lint && npm run build:modules",
		"prepack": "npm run build:all"
		"prepack": "npm run build:all",
		"sri": "npm run sri:msal && npm run sri:msalmin",
		"sri:msal": "openssl dgst -sha384 -binary lib/msal-browser.js \| openssl base64 -A",
		"sri:msalmin": "openssl dgst -sha384 -binary lib/msal-browser.min.js \| openssl base64 -A"
		},
		"devDependencies": {
		"@azure/storage-blob": "^12.2.0-preview.1",
		"@babel/core": "^7.7.2",
		@@ -76,2 +81,3 @@ "@babel/plugin-proposal-class-properties": "^7.7.0",
		"chai-as-promised": "^7.1.1",
		"dotenv": "^8.2.0",
		"eslint": "^6.5.1",
		@@ -86,6 +92,6 @@ "gh-pages": "^2.2.0",
		"rollup": "^1.24.0",
		"rollup-plugin-json": "^4.0.0",
		"rollup-plugin-node-resolve": "^5.2.0",
		"rollup-plugin-typescript2": "^0.24.3",
		"rollup-plugin-uglify": "^6.0.4",
		"rollup-plugin-json": "^4.0.0",
		"shx": "^0.3.2",
		@@ -99,4 +105,4 @@ "sinon": "^7.5.0",
		"dependencies": {
		"@azure/msal-common": "1.0.0-beta.4"
		"@azure/msal-common": "1.0.0"
		}
		}

README.md

		@@ -1,2 +0,2 @@
		# (Preview) Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications
		# Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications
		[![npm version](https://img.shields.io/npm/v/@azure/msal-browser.svg?style=flat)](https://www.npmjs.com/package/@azure/msal-browser/)[![npm version](https://img.shields.io/npm/dm/@azure/msal-browser.svg)](https://nodei.co/npm/@azure/msal-browser/)[![Coverage Status](https://coveralls.io/repos/github/AzureAD/microsoft-authentication-library-for-js/badge.svg?branch=dev)](https://coveralls.io/github/AzureAD/microsoft-authentication-library-for-js?branch=dev)
		@@ -27,4 +27,2 @@

		Want to join our Private Preview and test out the lastest changes to the Azure Portal? Fill out [this form]( https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR_XA414hlD9MhfBiqanxI2JUOElQMk1LUjNBWDY4R0w3MFlPR0FIMkxMVC4u)

		The MSAL library for JavaScript enables client-side JavaScript applications to authenticate users using [Azure AD](https://docs.microsoft.com/azure/active-directory/develop/v2-overview) work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through [Azure AD B2C](https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-overview#identity-providers) service. It also enables your app to get tokens to access [Microsoft Cloud](https://www.microsoft.com/enterprise) services such as [Microsoft Graph](https://graph.microsoft.io).
		@@ -36,4 +34,2 @@

		IMPORTANT: Please be aware that this is not a production ready library. We are making changes in the [Azure portal](https://azure.microsoft.com/en-us/features/azure-portal/) to ensure we can deliver a polished end-to-end experience.

		## FAQ
		@@ -49,5 +45,6 @@
		\| ------\| ------- \| ---------\| --------- \|
		\| July 13th, 2020 (Tentative) \| @azure/msal-browser v2.0.0 \| No release notes yet \| Full version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0 \|
		\| May 11, 2020 \| @azure/msal-browser v2.0.0-beta \| No release notes yet \| Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta \|
		\| January 17, 2020 \| @azure/msal-browser v2.0.0-alpha \| No release notes yet \| Alpha version of the `@azure/msal-browser` package with authorization code flow for SPAs working in dev; relies on msal-common v1.0.0-alpha \|
		\| \| @azure/msal-browser v2.1.0 \| \| Throttling, Client and Server Telemetry, Access Token Proof-of-Possession (Tentative) \|
		\| July 20th, 2020 \| @azure/msal-browser v2.0.0 \| [Release Notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-browser-v2.0.0) \| Full version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0 \|
		\| May 11, 2020 \| @azure/msal-browser v2.0.0-beta \| No release notes \| Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta \|
		\| January 17, 2020 \| @azure/msal-browser v2.0.0-alpha \| No release notes \| Alpha version of the `@azure/msal-browser` package with authorization code flow for SPAs working in dev; relies on msal-common v1.0.0-alpha \|

		@@ -58,5 +55,4 @@ ## Prerequisites

		- Before using `@azure/msal-browser` you will need to [register a Single Page Application in Azure AD](hhttps://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.
		- Before using `@azure/msal-browser` you will need to [register a Single Page Application in Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.


		## Installation
		@@ -67,4 +63,18 @@ ### Via NPM:
		```
		### Via CDN:
		### Via CDN (with SRI Hash):

		See [here](./docs/cdn-usage.md) for more info on how to use this package from the Microsoft CDN.

		### Compiled

		```javascript
		<script src="https://alcdn.msauth.net/browser/2.0.0/js/msal-browser.js" integrity="sha384-inserthashhere" crossorigin="anonymous"></script>
		```

		### Minified

		```javascript
		<script src="https://alcdn.msauth.net/browser/2.0.0/js/msal-browser.min.js" integrity="sha384-inserthashhere" crossorigin="anonymous"></script>
		```

		## Usage
		@@ -94,3 +104,5 @@

		The [`VanillaJSTestApp2.0` folder](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples) contains sample applications for our libraries. You can run any sample by changing the `authConfig.js` file in the respective folder to match your app registration and running the `npm` command `npm start -- -s <sample-name> -p <port>`.
		The [`msal-browser-samples` folder](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples) contains sample applications for our libraries.
		- You can run any VanillaJSTestApp2.0 sample by changing the `authConfig.js` file in the respective folder to match your app registration and running the `npm` command `npm start -- -s <sample-name> -p <port>` in the VanillaJSTestApp2.0 folder.
		- You can run the TypescriptTestApp2.0 sample by changing the `AuthModule.ts` file to match your app registration and running the `npm` command `npm start` in the TypescriptTestApp2.0 folder.

		@@ -101,8 +113,10 @@ Here is a complete list of samples for the MSAL.js 2.x library:
		\| ------ \| ----------- \| ---------- \|
		\| [Basic Auth Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/default) \| A vanilla Javascript sample showing basic usage of the MSAL 2.0 library (`@azure/msal-browser` package) with the Microsoft Graph API. \| `npm start -- -s default` \|
		\| [Multiple Resources Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/multipleResources) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s multipleResources` \|
		\| [On Page Load Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/onPageLoad) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s onPageLoad` \|
		\| [ssoSilent() Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/ssoSilent) \| A vanilla JS sample showing usage of the ssoSilent API, allowing you to sign in a user silently if a context exists on the authentication server. \| `npm start -- -s ssoSilent` \|
		\| [TypeScript Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/TypescriptTestApp2.0) \| A TypeScript sample showing usage of MSAL 2.0 with the Microsoft Graph API. \| `npm start` \|
		\| [Basic Auth Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/default) \| A vanilla Javascript sample showing basic usage of the MSAL 2.0 library (`@azure/msal-browser` package) with the Microsoft Graph API. \| `npm start -- -s default` \|
		\| [Multiple Resources Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s multipleResources` \|
		\| [On Page Load Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s onPageLoad` \|
		\| [ssoSilent() Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent) \| A vanilla JS sample showing usage of the ssoSilent API, allowing you to sign in a user silently if a context exists on the authentication server. \| `npm start -- -s ssoSilent` \|
		\| [Internet Explorer 11 Sample]() \| A vanilla JS sample showing usage of `@azure/msal-browser` in an application designed to run in Internet Explorer 11. \| `npm start -- -s ie11-sample` \|

		More instructions to run the samples can be found in the [`README.md` file](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/samples/VanillaJSTestApp2.0/Readme.md) of the VanillaJSTestApp2.0 folder.
		More instructions to run the samples can be found in the [`README.md` file](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/Readme.md) of the VanillaJSTestApp2.0 folder.

		@@ -152,3 +166,3 @@ ## Build and Test

		Our goal is that the library abstracts enough of the protocol away so that you can get plug and play authentication, but it is important to know and understand the implicit flow from a security perspective. The MSAL 1.x client for single-page applications runs in the context of a web browser which cannot manage client secrets securely. It uses the implicit flow, which optimized for single page apps and has one less hop between client and server so tokens are returned directly to the browser. These aspects make it naturally less secure. These security concerns are mitigated per standard practices such as- use of short lived tokens (and so no refresh tokens are returned), the library requiring a registered redirect URI for the app, library matching the request and response with a unique nonce and state parameter. You can read more about the [disadvantages of the implicit flow here](https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-04#section-9.8.6).
		Our goal is that the library abstracts enough of the protocol away so that you can get plug and play authentication, but it is important to know and understand the implicit flow from a security perspective. The MSAL 1.x client for single-page applications runs in the context of a web browser which cannot manage client secrets securely. It uses the implicit flow, which optimized for single-page applications and has one less hop between client and server so tokens are returned directly to the browser. These aspects make it naturally less secure. These security concerns are mitigated per standard practices such as: use of short lived tokens (and so no refresh tokens are returned), the library requiring a registered redirect URI for the app, and library matching the request and response with a unique nonce and state parameter. You can read more about the [disadvantages of the implicit flow here](https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-04#section-9.8.6).

		@@ -166,3 +180,3 @@ The MSAL library will now support the Authorization Code Flow with PKCE for Browser-Based Applications without a backend web server.

		Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License (the "License");
		Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License.

		@@ -169,0 +183,0 @@ ## We Value and Adhere to the Microsoft Open Source Code of Conduct

dist/index.es.js

Sorry, the diff of this file is too big to display

dist/index.es.js.map

Sorry, the diff of this file is not supported yet

dist/index.js

Sorry, the diff of this file is too big to display

dist/index.js.map

Sorry, the diff of this file is not supported yet

@azure/msal-browser - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes