@azure/msal-browser

Package Overview

Dependencies

Maintainers

Versions

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@azure/msal-browser - npm Package Compare versions

Comparing version 2.0.0-beta.2 to 2.0.0-beta.3

changelog.md

		@@ -0,1 +1,9 @@
		# 2.0.0-beta.3
		* add `setKnownAuthorities` to constructor call for B2C Authority scenarios (#1646)
		* `@azure/msal-browser` now follows a unified cache schema similar to other MSAL libraries (#1624, #1655, #1680, #1711, #1762, #1771)
		* Updated browser library to follow common format for request, response, and client configurations (#1682, #1711, #1762, #1770, #1771, #1793)
		* Account interface updated to AccountInfo.ts (#1789)
		* Library state is now sent as a encoded JSON object (#1790)
		* Added a request object for logout APIs, made logout async (#1802)

		# 2.0.0-beta.2
		@@ -2,0 +10,0 @@ * Fixed an issue where the system config values were being overwritten with `undefined` (#1631)

dist/src/app/PublicClientApplication.d.ts

		@@ -1,2 +0,2 @@
		import { Account, AuthenticationParameters, TokenResponse, TokenRenewParameters } from "@azure/msal-common";
		import { AuthorizationUrlRequest, AuthenticationResult, SilentFlowRequest, AccountInfo, EndSessionRequest } from "@azure/msal-common";
		import { Configuration } from "../config/Configuration";
		@@ -9,8 +9,8 @@ import { AuthCallback } from "../types/AuthCallback";
		export declare class PublicClientApplication {
		private readonly browserCrypto;
		private readonly browserStorage;
		private readonly networkClient;
		private readonly tokenExchangePromise;
		private config;
		private authModule;
		private browserCrypto;
		private browserStorage;
		private networkClient;
		private tokenExchangePromise;
		private defaultAuthorityPromise;
		/**
		@@ -56,3 +56,3 @@ * @constructor
		*/
		handleRedirectPromise(): Promise<TokenResponse \| null>;
		handleRedirectPromise(): Promise<AuthenticationResult \| null>;
		/**
		@@ -73,8 +73,15 @@ * Checks if navigateToLoginRequestUrl is set, and:
		* any code that follows this function will not execute.
		*
		* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
		* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
		*
		* @param {@link (AuthenticationParameters:type)}
		*/
		loginRedirect(request: AuthenticationParameters): void;
		loginRedirect(request: AuthorizationUrlRequest): Promise<void>;
		/**
		* Use when you want to obtain an access_token for your API by redirecting the user's browser window to the authorization endpoint. This function redirects
		* the page, so any code that follows this function will not execute.
		*
		* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
		* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
		* @param {@link (AuthenticationParameters:type)}
		@@ -84,3 +91,3 @@ *
		*/
		acquireTokenRedirect(request: AuthenticationParameters): void;
		acquireTokenRedirect(request: AuthorizationUrlRequest): Promise<void>;
		/**
		@@ -91,5 +98,5 @@ * Use when initiating the login process via opening a popup window in the user's browser
		*
		* @returns {Promise.<TokenResponse>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		*/
		loginPopup(request: AuthenticationParameters): Promise<TokenResponse>;
		loginPopup(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		/**
		@@ -100,5 +107,5 @@ * Use when you want to obtain an access_token for your API via opening a popup window in the user's browser
		* To acquire only idToken, please pass clientId as the only scope in the Authentication Parameters
		* @returns {Promise.<TokenResponse>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		*/
		acquireTokenPopup(request: AuthenticationParameters): Promise<TokenResponse>;
		acquireTokenPopup(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		/**
		@@ -120,8 +127,8 @@ * Helper which acquires an authorization code with a popup from given url, and exchanges the code for a set of OAuth tokens.
		* you session on the server still exists.
		* @param {@link AuthenticationParameters}
		* @param {@link AuthorizationUrlRequest}
		*
		* To renew idToken, please pass clientId as the only scope in the Authentication Parameters.
		* @returns {Promise.<TokenResponse>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		*/
		ssoSilent(request: AuthenticationParameters): Promise<TokenResponse>;
		ssoSilent(request: AuthorizationUrlRequest): Promise<AuthenticationResult>;
		/**
		@@ -136,6 +143,6 @@ * Use this function to obtain a token before every call to the API / resource provider
		* To renew idToken, please pass clientId as the only scope in the Authentication Parameters
		* @returns {Promise.<TokenResponse>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		* @returns {Promise.<AuthenticationResult>} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
		*
		*/
		acquireTokenSilent(silentRequest: TokenRenewParameters): Promise<TokenResponse>;
		acquireTokenSilent(silentRequest: SilentFlowRequest): Promise<AuthenticationResult>;
		/**
		@@ -151,4 +158,5 @@ * Helper which acquires an authorization code silently using a hidden iframe from given url
		* Default behaviour is to redirect the user to `window.location.href`.
		* @param logoutRequest
		*/
		logout(): void;
		logout(logoutRequest?: EndSessionRequest): Promise<void>;
		/**
		@@ -170,9 +178,16 @@ *
		/**
		* Returns the signed in account
		* Returns all accounts that MSAL currently has data for.
		* (the account object is created at the time of successful login)
		* or null when no state is found
		* @returns {@link Account} - the account object stored in MSAL
		* @returns {@link IAccount[]} - Array of account objects in cache
		*/
		getAccount(): Account;
		getAllAccounts(): AccountInfo[];
		/**
		* Returns the signed in account matching username.
		* (the account object is created at the time of successful login)
		* or null when no state is found
		* @returns {@link IAccount} - the account object stored in MSAL
		*/
		getAccountByUsername(userName: string): AccountInfo;
		/**
		* Helper to check whether interaction is in progress.
		@@ -182,2 +197,17 @@ */
		/**
		* Creates an Authorization Code Client with the given authority, or the default authority.
		* @param authorityUrl
		*/
		private createAuthCodeClient;
		/**
		* Creates an Silent Flow Client with the given authority, or the default authority.
		* @param authorityUrl
		*/
		private createSilentFlowClient;
		/**
		* Creates a Client Configuration object with the given authority, or the default authority.
		* @param authorityUri
		*/
		private getClientConfiguration;
		/**
		* Helper to validate app environment before making a request.
		@@ -187,5 +217,13 @@ */
		/**
		* Helper to remove interaction status and remove tempoarary request data.
		* Helper to initialize required request parameters.
		* @param request
		*/
		private cleanRequest;
		private initializeRequest;
		/**
		* Generates a request that will contain the openid and profile scopes.
		* @param request
		*/
		private generateLoginRequest;
		private generateAuthorizationCodeRequest;
		private generateLogoutRequest;
		}

dist/src/cache/BrowserStorage.d.ts

		@@ -1,2 +0,2 @@
		import { ICacheStorage } from "@azure/msal-common";
		import { AuthorizationCodeRequest, ICrypto, CacheManager } from "@azure/msal-common";
		import { CacheOptions } from "../config/Configuration";
		@@ -8,3 +8,3 @@ /**
		*/
		export declare class BrowserStorage implements ICacheStorage {
		export declare class BrowserStorage extends CacheManager {
		private cacheConfig;
		@@ -35,8 +35,2 @@ private windowStorage;
		/**
		* Prepend msal.<client-id> to each key; Skip for any JSON object as Key (defined schemas do not need the key appended: AccessToken Keys or the upcoming schema)
		* @param key
		* @param addInstanceId
		*/
		private generateCacheKey;
		/**
		* Parses key as JSON object, JSON.parse() will throw an error.
		@@ -53,3 +47,3 @@ * @param key
		*/
		setItem(key: string, value: string): void;
		setItem(key: string, value: string \| object, type: string): void;
		/**
		@@ -60,3 +54,3 @@ * Gets cache item with given key.
		*/
		getItem(key: string): string;
		getItem(key: string, type: string): string \| object;
		/**
		@@ -67,3 +61,3 @@ * Removes the cache item with the given key.
		*/
		removeItem(key: string): void;
		removeItem(key: string): boolean;
		/**
		@@ -108,2 +102,53 @@ * Checks whether key is in cache.
		getCookieExpirationTime(cookieLifeDays: number): string;
		/**
		* Gets the cache object referenced by the browser
		*/
		getCache(): object;
		/**
		* interface compat, we cannot overwrite browser cache; Functionality is supported by individual entities in browser
		*/
		setCache(): void;
		/**
		* Prepend msal.<client-id> to each key; Skip for any JSON object as Key (defined schemas do not need the key appended: AccessToken Keys or the upcoming schema)
		* @param key
		* @param addInstanceId
		*/
		generateCacheKey(key: string): string;
		/**
		* Create authorityKey to cache authority
		* @param state
		*/
		generateAuthorityKey(state: string): string;
		/**
		* Create Nonce key to cache nonce
		* @param state
		*/
		generateNonceKey(state: string): string;
		/**
		* Sets the cacheKey for and stores the authority information in cache
		* @param state
		* @param authority
		*/
		setAuthorityCache(authority: string, state: string): void;
		/**
		* Gets the cached authority based on the cached state. Returns empty if no cached state found.
		*/
		getCachedAuthority(): string;
		/**
		* Updates account, authority, and state in cache
		* @param serverAuthenticationRequest
		* @param account
		*/
		updateCacheEntries(state: string, nonce: string, authorityInstance: string): void;
		/**
		* Reset all temporary cache items
		* @param state
		*/
		resetRequestCache(state: string): void;
		cleanRequest(): void;
		cacheCodeRequest(authCodeRequest: AuthorizationCodeRequest, browserCrypto: ICrypto): void;
		/**
		* Gets the token exchange parameters from the cache. Throws an error if nothing is found.
		*/
		getCachedRequest(state: string, browserCrypto: ICrypto): AuthorizationCodeRequest;
		}

dist/src/config/Configuration.d.ts

		@@ -1,3 +0,8 @@
		import { AuthOptions, SystemOptions, LoggerOptions, INetworkModule } from "@azure/msal-common";
		export declare type BrowserAuthOptions = AuthOptions & {
		import { SystemOptions, LoggerOptions, INetworkModule } from "@azure/msal-common";
		export declare type BrowserAuthOptions = {
		clientId: string;
		authority?: string;
		knownAuthorities?: Array<string>;
		redirectUri?: string \| (() => string);
		postLogoutRedirectUri?: string \| (() => string);
		navigateToLoginRequestUrl?: boolean;
		@@ -14,2 +19,3 @@ };
		storeAuthStateInCookie?: boolean;
		storeInMemory?: boolean;
		};
		@@ -48,9 +54,8 @@ /**
		*
		* @param TAuthOptions
		* @param TCacheOptions
		* @param TSystemOptions
		* @param TFrameworkOptions
		* @param auth
		* @param cache
		* @param system
		*
		* @returns TConfiguration object
		* @returns Configuration object
		*/
		export declare function buildConfiguration({ auth: userInputAuth, cache: userInputCache, system: userInputSystem }: Configuration): Configuration;

dist/src/error/BrowserAuthError.d.ts

		@@ -70,2 +70,6 @@ import { AuthError } from "@azure/msal-common";
		};
		tokenRequestCacheError: {
		code: string;
		desc: string;
		};
		};
		@@ -149,2 +153,7 @@ /**
		static createSilentPromptValueError(givenPrompt: string): BrowserAuthError;
		/**
		* Creates an error thrown when the token request could not be retrieved from the cache
		* @param errDetail
		*/
		static createTokenRequestCacheError(errDetail: string): BrowserAuthError;
		}

dist/src/error/BrowserConfigurationAuthError.d.ts

		@@ -6,2 +6,10 @@ import { AuthError } from "@azure/msal-common";
		export declare const BrowserConfigurationAuthErrorMessage: {
		redirectUriNotSet: {
		code: string;
		desc: string;
		};
		postLogoutUriNotSet: {
		code: string;
		desc: string;
		};
		storageNotSupportedError: {
		@@ -26,2 +34,10 @@ code: string;
		/**
		* Creates an error thrown when the redirect uri is empty (not set by caller)
		*/
		static createRedirectUriEmptyError(): BrowserConfigurationAuthError;
		/**
		* Creates an error thrown when the post-logout redirect uri is empty (not set by caller)
		*/
		static createPostLogoutRedirectUriEmptyError(): BrowserConfigurationAuthError;
		/**
		* Creates error thrown when given storage location is not supported.
		@@ -28,0 +44,0 @@ * @param givenStorageLocation

dist/src/index.d.ts

		@@ -6,2 +6,2 @@ export { PublicClientApplication } from "./app/PublicClientApplication";
		export type { AuthCallback } from "./types/AuthCallback";
		export { AuthenticationParameters, TokenExchangeParameters, AuthResponse, TokenResponse, InteractionRequiredAuthError, AuthError, AuthErrorMessage, INetworkModule, Logger, LogLevel } from "@azure/msal-common";
		export { AuthorizationUrlRequest, SilentFlowRequest, EndSessionRequest, AuthenticationResult, InteractionRequiredAuthError, AuthError, AuthErrorMessage, INetworkModule, Logger, LogLevel } from "@azure/msal-common";

dist/src/interaction_handler/InteractionHandler.d.ts

		@@ -1,2 +0,2 @@
		import { SPAClient, TokenResponse } from "@azure/msal-common";
		import { AuthorizationCodeRequest, AuthenticationResult, AuthorizationCodeClient } from "@azure/msal-common";
		import { BrowserStorage } from "../cache/BrowserStorage";
		@@ -7,5 +7,6 @@ /**
		export declare abstract class InteractionHandler {
		protected authModule: SPAClient;
		protected authModule: AuthorizationCodeClient;
		protected browserStorage: BrowserStorage;
		constructor(authCodeModule: SPAClient, storageImpl: BrowserStorage);
		protected authCodeRequest: AuthorizationCodeRequest;
		constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserStorage);
		/**
		@@ -15,3 +16,3 @@ * Function to enable user interaction.
		*/
		abstract initiateAuthRequest(requestUrl: string): Window \| Promise<HTMLIFrameElement>;
		abstract initiateAuthRequest(requestUrl: string, authCodeRequest: AuthorizationCodeRequest): Window \| Promise<HTMLIFrameElement>;
		/**
		@@ -21,3 +22,3 @@ * Function to handle response parameters from hash.
		*/
		handleCodeResponse(locationHash: string): Promise<TokenResponse>;
		handleCodeResponse(locationHash: string): Promise<AuthenticationResult>;
		}

dist/src/interaction_handler/PopupHandler.d.ts

		@@ -1,2 +0,2 @@
		import { SPAClient } from "@azure/msal-common";
		import { AuthorizationCodeRequest, AuthorizationCodeClient } from "@azure/msal-common";
		import { InteractionHandler } from "./InteractionHandler";
		@@ -10,3 +10,3 @@ import { BrowserStorage } from "../cache/BrowserStorage";
		private currentWindow;
		constructor(authCodeModule: SPAClient, storageImpl: BrowserStorage);
		constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserStorage);
		/**
		@@ -16,3 +16,3 @@ * Opens a popup window with given request Url.
		*/
		initiateAuthRequest(requestUrl: string): Window;
		initiateAuthRequest(requestUrl: string, authCodeRequest: AuthorizationCodeRequest): Window;
		/**
		@@ -19,0 +19,0 @@ * Monitors a window until it loads a url with a known hash, or hits a specified timeout.

dist/src/interaction_handler/RedirectHandler.d.ts

		@@ -1,2 +0,2 @@
		import { TokenResponse } from "@azure/msal-common";
		import { AuthorizationCodeRequest, ICrypto, AuthenticationResult } from "@azure/msal-common";
		import { InteractionHandler } from "./InteractionHandler";
		@@ -8,3 +8,3 @@ export declare class RedirectHandler extends InteractionHandler {
		*/
		initiateAuthRequest(requestUrl: string): Window;
		initiateAuthRequest(requestUrl: string, authCodeRequest: AuthorizationCodeRequest, browserCrypto?: ICrypto): Window;
		/**
		@@ -14,3 +14,3 @@ * Handle authorization code response in the window.
		*/
		handleCodeResponse(locationHash: string): Promise<TokenResponse>;
		handleCodeResponse(locationHash: string, browserCrypto?: ICrypto): Promise<AuthenticationResult>;
		}

dist/src/interaction_handler/SilentHandler.d.ts

		@@ -1,2 +0,2 @@
		import { SPAClient } from "@azure/msal-common";
		import { AuthorizationCodeRequest, AuthorizationCodeClient } from "@azure/msal-common";
		import { InteractionHandler } from "./InteractionHandler";
		@@ -6,3 +6,3 @@ import { BrowserStorage } from "../cache/BrowserStorage";
		private loadFrameTimeout;
		constructor(authCodeModule: SPAClient, storageImpl: BrowserStorage, configuredLoadFrameTimeout: number);
		constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserStorage, configuredLoadFrameTimeout: number);
		/**
		@@ -13,3 +13,3 @@ * Creates a hidden iframe to given URL using user-requested scopes as an id.
		*/
		initiateAuthRequest(requestUrl: string, userRequestScopes?: string): Promise<HTMLIFrameElement>;
		initiateAuthRequest(requestUrl: string, authCodeRequest: AuthorizationCodeRequest, userRequestScopes?: string): Promise<HTMLIFrameElement>;
		/**
		@@ -16,0 +16,0 @@ * Monitors an iframe content window until it loads a url with a known hash, or hits a specified timeout.

dist/src/types/AuthCallback.d.ts

		@@ -1,2 +0,2 @@
		import { AuthError, AuthResponse } from "@azure/msal-common";
		import { AuthError, AuthenticationResult } from "@azure/msal-common";
		/**
		@@ -8,2 +8,2 @@ * A type alias for an authResponseCallback function.
		*/
		export declare type AuthCallback = (authErr: AuthError, response?: AuthResponse) => void;
		export declare type AuthCallback = (authErr: AuthError, response?: AuthenticationResult) => void;

dist/src/utils/BrowserConstants.d.ts

		@@ -22,1 +22,16 @@ /**
		}
		/**
		* Temporary cache keys for MSAL, deleted after any request.
		*/
		export declare enum TemporaryCacheKeys {
		AUTHORITY = "authority",
		ACQUIRE_TOKEN_ACCOUNT = "acquireToken.account",
		SESSION_STATE = "session.state",
		REQUEST_STATE = "request.state",
		NONCE_IDTOKEN = "nonce.id_token",
		ORIGIN_URI = "request.origin",
		RENEW_STATUS = "token.renew.status",
		URL_HASH = "urlHash",
		REQUEST_PARAMS = "request.params",
		SCOPES = "scopes"
		}

package.json

		@@ -13,3 +13,3 @@ {
		},
		"version": "2.0.0-beta.2",
		"version": "2.0.0-beta.3",
		"description": "Microsoft Authentication Library for js",
		@@ -95,4 +95,4 @@ "keywords": [
		"dependencies": {
		"@azure/msal-common": "1.0.0-beta.2"
		"@azure/msal-common": "1.0.0-beta.3"
		}
		}

README.md

		@@ -18,3 +18,3 @@ # (Preview) Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications
		8. [Build and Test](#build-and-test)
		8. [Authorization Code vs Implicit](#oauth-2.0-and-the-implicit-flow-vs-authorization-code-flow-with-pkce)
		8. [Authorization Code vs Implicit](#implicit-flow-vs-authorization-code-flow-with-pkce)
		9. [Security Reporting](#security-reporting)
		@@ -32,3 +32,3 @@ 10. [License](#license)

		The `@azure/msal-browser` package described by the code in this folder uses the [`@azure/msal-common` package](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-common) as a dependency to enable authentication in Javascript Single-Page Applications without backend servers. This version of the library uses the OAuth 2.0 Authorization Code Flow with PKCE. To read more about this protocol, as well as the differences between implicit flow and authorization code flow, see the section [below](#oauth-2.0-and-the-implicit-flow-vs-authorization-code-flow-with-pkce). If you are looking for the version of the library that uses the implicit flow, please see the [`msal-core` library](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-core).
		The `@azure/msal-browser` package described by the code in this folder uses the [`@azure/msal-common` package](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-common) as a dependency to enable authentication in Javascript Single-Page Applications without backend servers. This version of the library uses the OAuth 2.0 Authorization Code Flow with PKCE. To read more about this protocol, as well as the differences between implicit flow and authorization code flow, see the section [below](#implicit-flow-vs-authorization-code-flow-with-pkce). If you are looking for the version of the library that uses the implicit flow, please see the [`msal-core` library](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-core).

		@@ -49,3 +49,4 @@ This is an improvement upon the current `msal-core` library which will utilize the authorization code flow in the browser. Most features available in the old library will be available in this one, but there are nuances to the authentication flow in both. The `@azure/msal-browser` package does NOT support the implicit flow.
		\| ------\| ------- \| ---------\| --------- \|
		\| \| @azure/msal-browser v2.0.0-beta \| No release notes yet \| Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta \|
		\| July 6th, 2020 (Tentative) \| @azure/msal-browser v2.0.0 \| No release notes yet \| Full version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0 \|
		\| May 11, 2020 \| @azure/msal-browser v2.0.0-beta \| No release notes yet \| Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta \|
		\| January 17, 2020 \| @azure/msal-browser v2.0.0-alpha \| No release notes yet \| Alpha version of the `@azure/msal-browser` package with authorization code flow for SPAs working in dev; relies on msal-common v1.0.0-alpha \|
		@@ -57,9 +58,5 @@

		- Before using `@azure/msal-browser` you will need to [register an application in Azure AD](https://docs.microsoft.com/azure/active-directory/develop/quickstart-register-app) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.
		- Before using `@azure/msal-browser` you will need to [register a Single Page Application in Azure AD](hhttps://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.

		- Once you have registered your application, you will need to do two things in order to ensure `@azure/msal-browser` will successfully retrieve tokens:
		1. Change your redirect URI type to enable CORS. You can do this by going to the manifest editor for your app registration in the portal, finding the `replyUrlsWithType` section and changing the type of your redirect URI to `SPA`. This may remove the affected redirect URIs from the Web platform Authentication tab - that's OK! We are working on getting UI set up for this.

		![Changing Redirect URI type](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/images/redirectURIRegistrationUpdate.png)

		## Installation
		@@ -101,2 +98,3 @@ ### Via NPM:
		\| [Basic Auth Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/default) \| A vanilla Javascript sample showing basic usage of the MSAL 2.0 library (`@azure/msal-browser` package) with the Microsoft Graph API. \| `npm start -- -s default` \|
		\| [Multiple Resources Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/multipleResources) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s multipleResources` \|
		\| [On Page Load Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/onPageLoad) \| A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. \| `npm start -- -s onPageLoad` \|
		@@ -147,3 +145,3 @@ \| [ssoSilent() Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/VanillaJSTestApp2.0/app/ssoSilent) \| A vanilla JS sample showing usage of the ssoSilent API, allowing you to sign in a user silently if a context exists on the authentication server. \| `npm start -- -s ssoSilent` \|

		## OAuth 2.0 and the Implicit Flow vs Authorization Code Flow with PKCE
		## Implicit Flow vs Authorization Code Flow with PKCE
		MSAL.js 1.x implemented the [Implicit Grant Flow](https://docs.microsoft.com/azure/active-directory/develop/v2-oauth2-implicit-grant-flow), as defined by the OAuth 2.0 protocol and [OpenID](https://docs.microsoft.com/azure/active-directory/develop/v2-protocols-oidc).
		@@ -150,0 +148,0 @@

dist/index.es.js

Sorry, the diff of this file is too big to display

dist/index.es.js.map

Sorry, the diff of this file is not supported yet

dist/index.js

Sorry, the diff of this file is too big to display

dist/index.js.map

Sorry, the diff of this file is not supported yet

@azure/msal-browser - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes