@azure/msal-browser - npm Package Compare versions

dist/cache/IAsyncStorage.d.ts

dist/cache/IAsyncStorage.d.ts.map

dist/request/RequestHelpers.d.ts

dist/request/RequestHelpers.d.ts.map

dist/request/RequestHelpers.mjs

dist/request/RequestHelpers.mjs.map

src/cache/IAsyncStorage.ts

src/request/RequestHelpers.ts

5

dist/cache/AsyncMemoryStorage.d.ts

		import { Logger } from "@azure/msal-common";
		import { IAsyncStorage } from "./IAsyncMemoryStorage";
		import { IAsyncStorage } from "./IAsyncStorage";
		/**
		@@ -11,4 +11,3 @@ * This class allows MSAL to store artifacts asynchronously using the DatabaseStorage IndexedDB wrapper,
		private logger;
		private storeName;
		constructor(logger: Logger, storeName: string);
		constructor(logger: Logger);
		private handleDatabaseAccessError;
		@@ -15,0 +14,0 @@ /**

35

dist/cache/BrowserCacheManager.d.ts

		@@ -42,9 +42,2 @@ import { CommonAuthorizationCodeRequest, ICrypto, AccountEntity, IdTokenEntity, AccessTokenEntity, RefreshTokenEntity, AppMetadataEntity, CacheManager, ServerTelemetryEntity, ThrottlingEntity, Logger, AuthorityMetadataEntity, AccountInfo, ValidCredentialType, TokenKeys, CredentialType, IPerformanceClient, StaticAuthorityOptions } from "@azure/msal-common";
		/**
		* Utility function to help with migration.
		* @param newKey
		* @param value
		* @param storeAuthStateInCookie
		*/
		protected migrateCacheEntry(newKey: string, value: string \| null): void;
		/**
		* Searches all cache entries for MSAL accounts and creates the account key map
		@@ -255,3 +248,2 @@ * This is used to migrate users from older versions of MSAL which did not create the map.
		* Removes the cache item with the given key.
		* Will also clear the cookie item if storeAuthStateInCookie is set to true.
		* @param key
		@@ -261,6 +253,7 @@ */
		/**
		* Checks whether key is in cache.
		* Removes the temporary cache item with the given key.
		* Will also clear the cookie item if storeAuthStateInCookie is set to true.
		* @param key
		*/
		containsKey(key: string): boolean;
		removeTemporaryItem(key: string): void;
		/**
		@@ -285,2 +278,3 @@ * Gets all keys in window.
		* @param expires
		* @deprecated
		*/
		@@ -291,2 +285,3 @@ setItemCookie(cookieName: string, cookieValue: string, expires?: number): void;
		* @param cookieName
		* @deprecated
		*/
		@@ -296,2 +291,3 @@ getItemCookie(cookieName: string): string;
		* Clear all msal-related cookies currently set in the browser. Should only be used to clear temporary cache items.
		* @deprecated
		*/
		@@ -302,2 +298,3 @@ clearMsalCookies(): void;
		* @param cookieName
		* @deprecated
		*/
		@@ -308,13 +305,6 @@ clearItemCookie(cookieName: string): void;
		* @param cookieLifeDays
		* @deprecated
		*/
		getCookieExpirationTime(cookieLifeDays: number): string;
		/**
		* Gets the cache object referenced by the browser
		*/
		getCache(): object;
		/**
		* interface compat, we cannot overwrite browser cache; Functionality is supported by individual entities in browser
		*/
		setCache(): void;
		/**
		* Prepend msal.<client-id> to each key; Skip for any JSON object as Key (defined schemas do not need the key appended: AccessToken Keys or the upcoming schema)
		@@ -388,11 +378,2 @@ * @param key
		/**
		* Returns application id as redirect context during AcquireTokenRedirect flow.
		*/
		getRedirectRequestContext(): string \| null;
		/**
		* Sets application id as the redirect context during AcquireTokenRedirect flow.
		* @param value
		*/
		setRedirectRequestContext(value: string): void;
		/**
		* Builds credential entities from AuthenticationResult object and saves the resulting credentials to the cache
		@@ -399,0 +380,0 @@ * @param result

2

dist/cache/DatabaseStorage.d.ts

		@@ -1,2 +0,2 @@
		import { IAsyncStorage } from "./IAsyncMemoryStorage";
		import { IAsyncStorage } from "./IAsyncStorage";
		/**
		@@ -3,0 +3,0 @@ * Storage wrapper for IndexedDB storage in browsers: https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API

4

dist/controllers/IController.d.ts

		@@ -7,3 +7,3 @@ import { AccountInfo, Logger, PerformanceCallbackFunction, IPerformanceClient, AccountFilter } from "@azure/msal-common";
		import { EndSessionRequest } from "../request/EndSessionRequest";
		import { ApiId, InteractionType, WrapperSKU } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU } from "../utils/BrowserConstants";
		import { INavigationClient } from "../navigation/INavigationClient";
		@@ -60,5 +60,3 @@ import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest";
		getEventHandler(): EventHandler;
		/** @internal */
		preflightBrowserEnvironmentCheck(interactionType: InteractionType, isAppEmbedded?: boolean): void;
		}
		//# sourceMappingURL=IController.d.ts.map

5

dist/controllers/NestedAppAuthController.d.ts

		@@ -12,3 +12,3 @@ import { CommonAuthorizationUrlRequest, CommonSilentFlowRequest, PerformanceCallbackFunction, AccountInfo, Logger, ICrypto, IPerformanceClient, AccountFilter } from "@azure/msal-common";
		import { SsoSilentRequest } from "../request/SsoSilentRequest";
		import { ApiId, WrapperSKU, InteractionType } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU } from "../utils/BrowserConstants";
		import { IController } from "./IController";
		@@ -37,2 +37,3 @@ import { TeamsAppOperatingContext } from "../operatingcontext/TeamsAppOperatingContext";
		initialize(): Promise<void>;
		private ensureValidRequest;
		private acquireTokenInteractive;
		@@ -93,4 +94,2 @@ private acquireTokenSilentInternal;
		getRedirectResponse(): Map<string, Promise<AuthenticationResult \| null>>;
		preflightBrowserEnvironmentCheck(interactionType: InteractionType, // eslint-disable-line @typescript-eslint/no-unused-vars
		setInteractionInProgress?: boolean \| undefined): void;
		clearCache(logoutRequest?: ClearCacheRequest): Promise<void>;
		@@ -97,0 +96,0 @@ hydrateCache(result: AuthenticationResult, request: SilentRequest \| SsoSilentRequest \| RedirectRequest \| PopupRequest): Promise<void>;

28

dist/controllers/StandardController.d.ts

		import { AccountInfo, INetworkModule, Logger, CommonSilentFlowRequest, ICrypto, PerformanceCallbackFunction, IPerformanceClient, BaseAuthRequest, AccountFilter } from "@azure/msal-common";
		import { BrowserCacheManager } from "../cache/BrowserCacheManager";
		import { BrowserConfiguration } from "../config/Configuration";
		import { InteractionType, ApiId, WrapperSKU, CacheLookupPolicy } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU, CacheLookupPolicy } from "../utils/BrowserConstants";
		import { RedirectRequest } from "../request/RedirectRequest";
		@@ -46,3 +46,2 @@ import { PopupRequest } from "../request/PopupRequest";
		private activeSilentTokenRequests;
		private atsAsyncMeasurement?;
		private ssoSilentMeasurement?;
		@@ -145,3 +144,3 @@ private acquireTokenByCodeAsyncMeasurement?;
		*/
		protected acquireTokenFromCache(silentCacheClient: SilentCacheClient, commonRequest: CommonSilentFlowRequest, cacheLookupPolicy: CacheLookupPolicy): Promise<AuthenticationResult>;
		protected acquireTokenFromCache(commonRequest: CommonSilentFlowRequest, cacheLookupPolicy: CacheLookupPolicy): Promise<AuthenticationResult>;
		/**
		@@ -236,17 +235,2 @@ * Attempt to acquire an access token via a refresh token
		/**
		* Helper to validate app environment before making an auth request
		*
		* @protected
		* @param {InteractionType} interactionType What kind of interaction is being used
		* @param {boolean} [isAppEmbedded=false] Whether to set interaction in progress temp cache flag
		*/
		preflightBrowserEnvironmentCheck(interactionType: InteractionType, isAppEmbedded?: boolean): void;
		/**
		* Preflight check for interactive requests
		*
		* @protected
		* @param {boolean} setInteractionInProgress Whether to set interaction in progress temp cache flag
		*/
		protected preflightInteractiveRequest(setInteractionInProgress: boolean): void;
		/**
		* Acquire a token from native device (e.g. WAM)
		@@ -359,6 +343,2 @@ * @param request
		/**
		* Returns the browser storage
		*/
		getBrowserStorage(): BrowserCacheManager;
		/**
		* Returns the browser env indicator
		@@ -410,4 +390,6 @@ */
		*/
		protected acquireTokenSilentAsync(request: SilentRequest, account: AccountInfo): Promise<AuthenticationResult>;
		protected acquireTokenSilentAsync(request: SilentRequest & {
		correlationId: string;
		}, account: AccountInfo): Promise<AuthenticationResult>;
		}
		//# sourceMappingURL=StandardController.d.ts.map

3

dist/controllers/UnknownOperatingContextController.d.ts

		@@ -14,3 +14,3 @@ import { CommonAuthorizationUrlRequest, CommonSilentFlowRequest, PerformanceCallbackFunction, AccountInfo, Logger, ICrypto, IPerformanceClient, AccountFilter } from "@azure/msal-common";
		import { AuthenticationResult } from "../response/AuthenticationResult";
		import { ApiId, WrapperSKU, InteractionType } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU } from "../utils/BrowserConstants";
		import { IController } from "./IController";
		@@ -85,3 +85,2 @@ import { UnknownOperatingContext } from "../operatingcontext/UnknownOperatingContext";
		getRedirectResponse(): Map<string, Promise<AuthenticationResult \| null>>;
		preflightBrowserEnvironmentCheck(interactionType: InteractionType, isAppEmbedded?: boolean \| undefined): void;
		clearCache(logoutRequest?: ClearCacheRequest): Promise<void>;
		@@ -88,0 +87,0 @@ hydrateCache(result: AuthenticationResult, request: SilentRequest \| SsoSilentRequest \| RedirectRequest \| PopupRequest): Promise<void>;

5

dist/crypto/BrowserCrypto.d.ts

		@@ -48,2 +48,7 @@ import { IPerformanceClient, Logger } from "@azure/msal-common";
		export declare function sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>;
		/**
		* Returns the SHA-256 hash of an input string
		* @param plainText
		*/
		export declare function hashString(plainText: string): Promise<string>;
		//# sourceMappingURL=BrowserCrypto.d.ts.map

2

dist/index.d.ts

		@@ -38,4 +38,4 @@ /**
		export { BrowserPerformanceMeasurement } from "./telemetry/BrowserPerformanceMeasurement";
		export { AuthenticationScheme, AccountInfo, AccountEntity, IdTokenClaims, AuthError, AuthErrorCodes, AuthErrorMessage, ClientAuthError, ClientAuthErrorCodes, ClientAuthErrorMessage, ClientConfigurationError, ClientConfigurationErrorCodes, ClientConfigurationErrorMessage, InteractionRequiredAuthError, InteractionRequiredAuthErrorCodes, InteractionRequiredAuthErrorMessage, ServerError, INetworkModule, NetworkResponse, NetworkRequestOptions, ILoggerCallback, Logger, LogLevel, ProtocolMode, ServerResponseType, PromptValue, ExternalTokenResponse, StringUtils, UrlString, JsonWebTokenTypes, AzureCloudInstance, AzureCloudOptions, AuthenticationHeaderParser, OIDC_DEFAULT_SCOPES, PerformanceCallbackFunction, PerformanceEvent, PerformanceEvents, InProgressPerformanceEvent, TenantProfile, } from "@azure/msal-common";
		export { AuthenticationScheme, AccountInfo, AccountEntity, IdTokenClaims, AuthError, AuthErrorCodes, AuthErrorMessage, ClientAuthError, ClientAuthErrorCodes, ClientAuthErrorMessage, ClientConfigurationError, ClientConfigurationErrorCodes, ClientConfigurationErrorMessage, InteractionRequiredAuthError, InteractionRequiredAuthErrorCodes, InteractionRequiredAuthErrorMessage, ServerError, INetworkModule, NetworkResponse, NetworkRequestOptions, ILoggerCallback, Logger, LogLevel, ProtocolMode, ServerResponseType, PromptValue, ExternalTokenResponse, StringUtils, UrlString, JsonWebTokenTypes, AzureCloudInstance, AzureCloudOptions, AuthenticationHeaderParser, OIDC_DEFAULT_SCOPES, PerformanceCallbackFunction, PerformanceEvent, PerformanceEvents, InProgressPerformanceEvent, TenantProfile, IPerformanceClient, StubPerformanceClient, } from "@azure/msal-common";
		export { version } from "./packageMetadata";
		//# sourceMappingURL=index.d.ts.map

7

dist/interaction_client/BaseInteractionClient.d.ts

		@@ -1,2 +0,2 @@
		import { ICrypto, INetworkModule, Logger, AccountInfo, BaseAuthRequest, ServerTelemetryManager, Authority, IPerformanceClient, AzureCloudOptions } from "@azure/msal-common";
		import { ICrypto, INetworkModule, Logger, AccountInfo, ServerTelemetryManager, Authority, IPerformanceClient, AzureCloudOptions } from "@azure/msal-common";
		import { BrowserConfiguration } from "../config/Configuration";
		@@ -29,7 +29,2 @@ import { BrowserCacheManager } from "../cache/BrowserCacheManager";
		/**
		* Initializer function for all request APIs
		* @param request
		*/
		protected initializeBaseRequest(request: Partial<BaseAuthRequest>): Promise<BaseAuthRequest>;
		/**
		*
		@@ -36,0 +31,0 @@ * Use to get the redirect uri configured in MSAL or null.

10

dist/interaction_client/SilentCacheClient.d.ts

		import { StandardInteractionClient } from "./StandardInteractionClient";
		import { CommonSilentFlowRequest, SilentFlowClient, ServerTelemetryManager, AccountInfo, AzureCloudOptions } from "@azure/msal-common";
		import { SilentRequest } from "../request/SilentRequest";
		import { CommonSilentFlowRequest } from "@azure/msal-common";
		import { AuthenticationResult } from "../response/AuthenticationResult";
		@@ -17,10 +16,3 @@ import { ClearCacheRequest } from "../request/ClearCacheRequest";
		logout(logoutRequest?: ClearCacheRequest): Promise<void>;
		/**
		* Creates an Silent Flow Client with the given authority, or the default authority.
		* @param serverTelemetryManager
		* @param authorityUrl
		*/
		protected createSilentFlowClient(serverTelemetryManager: ServerTelemetryManager, authorityUrl?: string, azureCloudOptions?: AzureCloudOptions, account?: AccountInfo): Promise<SilentFlowClient>;
		initializeSilentRequest(request: SilentRequest, account: AccountInfo): Promise<CommonSilentFlowRequest>;
		}
		//# sourceMappingURL=SilentCacheClient.d.ts.map

4

dist/naa/mapping/NestedAppAuthAdapter.d.ts

		@@ -8,2 +8,4 @@ import { TokenRequest } from "../TokenRequest";
		import { AuthResult } from "../AuthResult";
		import { SsoSilentRequest } from "../../request/SsoSilentRequest";
		import { SilentRequest } from "../../request/SilentRequest";
		export declare class NestedAppAuthAdapter {
		@@ -15,3 +17,3 @@ protected crypto: ICrypto;
		constructor(clientId: string, clientCapabilities: string[], crypto: ICrypto, logger: Logger);
		toNaaTokenRequest(request: PopupRequest \| RedirectRequest): TokenRequest;
		toNaaTokenRequest(request: PopupRequest \| RedirectRequest \| SilentRequest \| SsoSilentRequest): TokenRequest;
		fromNaaTokenResponse(request: TokenRequest, response: AuthResult, reqTimestamp: number): AuthenticationResult;
		@@ -18,0 +20,0 @@ fromNaaAccountInfo(fromAccount: NaaAccountInfo, idTokenClaims?: TokenClaims): MsalAccountInfo;

2

dist/packageMetadata.d.ts

		export declare const name = "@azure/msal-browser";
		export declare const version = "3.10.0";
		export declare const version = "3.11.0";
		//# sourceMappingURL=packageMetadata.d.ts.map

2

dist/telemetry/BrowserPerformanceClient.d.ts

		import { InProgressPerformanceEvent, IPerformanceClient, PerformanceClient, PerformanceEvents } from "@azure/msal-common";
		import { Configuration } from "../config/Configuration";
		export declare class BrowserPerformanceClient extends PerformanceClient implements IPerformanceClient {
		constructor(configuration: Configuration, intFields?: Set<string>);
		constructor(configuration: Configuration, intFields?: Set<string>, abbreviations?: Map<string, string>);
		generateId(): string;
		@@ -6,0 +6,0 @@ private getPageVisibility;

17

dist/utils/BrowserUtils.d.ts

		@@ -1,2 +0,2 @@
		import { InteractionType } from "./BrowserConstants";
		import { BrowserConfiguration } from "../config/Configuration";
		/**
		@@ -36,3 +36,3 @@ * Clears hash from window url.
		*/
		export declare function blockRedirectInIframe(interactionType: InteractionType, allowRedirectInIframe: boolean): void;
		export declare function blockRedirectInIframe(allowRedirectInIframe: boolean): void;
		/**
		@@ -46,3 +46,3 @@ * Block redirectUri loaded in popup from calling AcquireToken APIs
		*/
		export declare function blockNonBrowserEnvironment(isBrowserEnvironment: boolean): void;
		export declare function blockNonBrowserEnvironment(): void;
		/**
		@@ -54,2 +54,13 @@ * Throws error if initialize hasn't been called
		/**
		* Helper to validate app environment before making an auth request
		* @param initialized
		*/
		export declare function preflightCheck(initialized: boolean): void;
		/**
		* Helper to validate app enviornment before making redirect request
		* @param initialized
		* @param config
		*/
		export declare function redirectPreflightCheck(initialized: boolean, config: BrowserConfiguration): void;
		/**
		* Adds a preconnect link element to the header which begins DNS resolution and SSL connection in anticipation of the /token request
		@@ -56,0 +67,0 @@ * @param loginDomain Authority domain, including https protocol e.g. https://login.microsoftonline.com

4

package.json

		@@ -13,3 +13,3 @@ {
		},
		"version": "3.10.0",
		"version": "3.11.0",
		"description": "Microsoft Authentication Library for js",
		@@ -105,4 +105,4 @@ "keywords": [
		"dependencies": {
		"@azure/msal-common": "14.7.1"
		"@azure/msal-common": "14.8.0"
		}
		}

10

src/cache/AsyncMemoryStorage.ts

		@@ -12,3 +12,3 @@ /*
		import { DatabaseStorage } from "./DatabaseStorage";
		import { IAsyncStorage } from "./IAsyncMemoryStorage";
		import { IAsyncStorage } from "./IAsyncStorage";
		import { MemoryStorage } from "./MemoryStorage";
		@@ -24,9 +24,7 @@
		private logger: Logger;
		private storeName: string;

		constructor(logger: Logger, storeName: string) {
		constructor(logger: Logger) {
		this.inMemoryCache = new MemoryStorage<T>();
		this.indexedDBCache = new DatabaseStorage<T>();
		this.logger = logger;
		this.storeName = storeName;
		}
		@@ -137,5 +135,5 @@
		// InMemory cache is a Map instance, clear is straightforward
		this.logger.verbose(`Deleting in-memory keystore ${this.storeName}`);
		this.logger.verbose(`Deleting in-memory keystore`);
		this.inMemoryCache.clear();
		this.logger.verbose(`In-memory keystore ${this.storeName} deleted`);
		this.logger.verbose(`In-memory keystore deleted`);
		}
		@@ -142,0 +140,0 @@

18

src/cache/DatabaseStorage.ts

		@@ -11,3 +11,3 @@ /*
		import { DB_NAME, DB_TABLE_NAME, DB_VERSION } from "../utils/BrowserConstants";
		import { IAsyncStorage } from "./IAsyncMemoryStorage";
		import { IAsyncStorage } from "./IAsyncStorage";

		@@ -283,7 +283,17 @@ interface IDBOpenDBRequestEvent extends Event {
		const deleteDbRequest = window.indexedDB.deleteDatabase(DB_NAME);
		deleteDbRequest.addEventListener("success", () => resolve(true));
		deleteDbRequest.addEventListener("blocked", () => resolve(true));
		deleteDbRequest.addEventListener("error", () => reject(false));
		const id = setTimeout(() => reject(false), 200); // Reject if events aren't raised within 200ms
		deleteDbRequest.addEventListener("success", () => {
		clearTimeout(id);
		return resolve(true);
		});
		deleteDbRequest.addEventListener("blocked", () => {
		clearTimeout(id);
		return resolve(true);
		});
		deleteDbRequest.addEventListener("error", () => {
		clearTimeout(id);
		return reject(false);
		});
		});
		}
		}

8

src/controllers/IController.ts

		@@ -18,3 +18,3 @@ /*
		import { EndSessionRequest } from "../request/EndSessionRequest";
		import { ApiId, InteractionType, WrapperSKU } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU } from "../utils/BrowserConstants";
		import { INavigationClient } from "../navigation/INavigationClient";
		@@ -123,8 +123,2 @@ import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest";
		getEventHandler(): EventHandler;

		/** @internal */
		preflightBrowserEnvironmentCheck(
		interactionType: InteractionType,
		isAppEmbedded?: boolean
		): void;
		}

61

src/controllers/NestedAppAuthController.ts

		@@ -119,9 +119,27 @@ /*

		private ensureValidRequest<
		T extends
		\| SsoSilentRequest
		\| SilentRequest
		\| PopupRequest
		\| RedirectRequest
		>(request: T): T {
		if (request?.correlationId) {
		return request;
		}
		return {
		...request,
		correlationId: this.browserCrypto.createNewGuid(),
		};
		}

		private async acquireTokenInteractive(
		request: PopupRequest \| RedirectRequest
		): Promise<AuthenticationResult> {
		const validRequest = this.ensureValidRequest(request);

		this.eventHandler.emitEvent(
		EventType.ACQUIRE_TOKEN_START,
		InteractionType.Popup,
		request
		validRequest
		);
		@@ -131,3 +149,3 @@
		PerformanceEvents.AcquireTokenPopup,
		request.correlationId
		validRequest.correlationId
		);
		@@ -139,3 +157,3 @@
		const naaRequest =
		this.nestedAppAuthAdapter.toNaaTokenRequest(request);
		this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
		const reqTimestamp = TimeUtils.nowSeconds();
		@@ -179,7 +197,8 @@ const response = await this.bridgeProxy.getTokenInteractive(

		atPopupMeasurement.end({
		errorCode: error.errorCode,
		subErrorCode: error.subError,
		success: false,
		});
		atPopupMeasurement.end(
		{
		success: false,
		},
		e
		);

		@@ -193,6 +212,7 @@ throw error;
		): Promise<AuthenticationResult> {
		const validRequest = this.ensureValidRequest(request);
		this.eventHandler.emitEvent(
		EventType.ACQUIRE_TOKEN_START,
		InteractionType.Silent,
		request
		validRequest
		);
		@@ -202,3 +222,3 @@
		PerformanceEvents.SsoSilent,
		request.correlationId
		validRequest.correlationId
		);
		@@ -216,3 +236,3 @@
		const naaRequest =
		this.nestedAppAuthAdapter.toNaaTokenRequest(request);
		this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
		const reqTimestamp = TimeUtils.nowSeconds();
		@@ -251,7 +271,8 @@ const response = await this.bridgeProxy.getTokenSilent(naaRequest);
		);
		ssoSilentMeasurement?.end({
		errorCode: error.errorCode,
		subErrorCode: error.subError,
		success: false,
		});
		ssoSilentMeasurement?.end(
		{
		success: false,
		},
		e
		);
		throw error;
		@@ -403,3 +424,3 @@ }
		): Promise<AuthenticationResult \| null> {
		throw NestedAppAuthError.createUnsupportedError();
		return Promise.resolve(null);
		}
		@@ -514,8 +535,2 @@ loginPopup(
		}
		preflightBrowserEnvironmentCheck(
		interactionType: InteractionType, // eslint-disable-line @typescript-eslint/no-unused-vars
		setInteractionInProgress?: boolean \| undefined // eslint-disable-line @typescript-eslint/no-unused-vars
		): void {
		throw NestedAppAuthError.createUnsupportedError();
		}

		@@ -522,0 +537,0 @@ // eslint-disable-next-line @typescript-eslint/no-unused-vars

65

src/controllers/UnknownOperatingContextController.ts

		@@ -32,3 +32,3 @@ /*
		import { AuthenticationResult } from "../response/AuthenticationResult";
		import { ApiId, WrapperSKU, InteractionType } from "../utils/BrowserConstants";
		import { ApiId, WrapperSKU } from "../utils/BrowserConstants";
		import { IController } from "./IController";
		@@ -153,3 +153,3 @@ import { UnknownOperatingContext } from "../operatingcontext/UnknownOperatingContext";
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -160,3 +160,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return Promise.resolve();
		@@ -169,3 +169,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -178,3 +178,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -203,3 +203,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -214,3 +214,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -227,3 +227,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return "";
		@@ -234,3 +234,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return true;
		@@ -240,7 +240,7 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		disableAccountStorageEvents(): void {
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		@@ -260,3 +260,3 @@
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -267,3 +267,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<void>;
		@@ -274,3 +274,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<void>;
		@@ -283,3 +283,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<void>;
		@@ -292,3 +292,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<void>;
		@@ -310,3 +310,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Promise<AuthenticationResult>;
		@@ -316,3 +316,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as ITokenCache;
		@@ -326,3 +326,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		@@ -332,7 +332,7 @@ // eslint-disable-next-line @typescript-eslint/no-unused-vars
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		getActiveAccount(): AccountInfo \| null {
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return null;
		@@ -347,3 +347,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		@@ -355,3 +355,3 @@ getConfiguration(): BrowserConfiguration {
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return true;
		@@ -361,3 +361,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as ICrypto;
		@@ -367,3 +367,3 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as IPerformanceClient;
		@@ -373,14 +373,5 @@ }
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		return {} as Map<string, Promise<AuthenticationResult \| null>>;
		}
		preflightBrowserEnvironmentCheck(
		// eslint-disable-next-line @typescript-eslint/no-unused-vars
		interactionType: InteractionType,
		// eslint-disable-next-line @typescript-eslint/no-unused-vars
		isAppEmbedded?: boolean \| undefined
		): void {
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		}

		@@ -390,3 +381,3 @@ // eslint-disable-next-line @typescript-eslint/no-unused-vars
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		@@ -406,4 +397,4 @@
		blockAPICallsBeforeInitialize(this.initialized);
		blockNonBrowserEnvironment(this.isBrowserEnvironment);
		blockNonBrowserEnvironment();
		}
		}

11

src/crypto/BrowserCrypto.ts

		@@ -16,2 +16,3 @@ /*
		import { KEY_FORMAT_JWK } from "../utils/BrowserConstants";
		import { urlEncodeArr } from "../encode/Base64Encode";

		@@ -206,1 +207,11 @@ /**
		}

		/**
		* Returns the SHA-256 hash of an input string
		* @param plainText
		*/
		export async function hashString(plainText: string): Promise<string> {
		const hashBuffer: ArrayBuffer = await sha256Digest(plainText);
		const hashBytes = new Uint8Array(hashBuffer);
		return urlEncodeArr(hashBytes);
		}

44

src/crypto/CryptoOps.ts

		@@ -23,3 +23,3 @@ /*
		} from "../error/BrowserAuthError";
		import { CryptoKeyStore } from "../cache/CryptoKeyStore";
		import { AsyncMemoryStorage } from "../cache/AsyncMemoryStorage";

		@@ -48,3 +48,3 @@ export type CachedKeyPair = {
		private static EXTRACTABLE: boolean = true;
		private cache: CryptoKeyStore;
		private cache: AsyncMemoryStorage<CachedKeyPair>;

		@@ -55,3 +55,3 @@ constructor(logger: Logger, performanceClient?: IPerformanceClient) {
		BrowserCrypto.validateCryptoAvailable(logger);
		this.cache = new CryptoKeyStore(this.logger);
		this.cache = new AsyncMemoryStorage<CachedKeyPair>(this.logger);
		this.performanceClient = performanceClient;
		@@ -127,3 +127,3 @@ }
		// Store Keypair data in keystore
		await this.cache.asymmetricKeys.setItem(publicJwkHash, {
		await this.cache.setItem(publicJwkHash, {
		privateKey: unextractablePrivateKey,
		@@ -149,4 +149,4 @@ publicKey: keyPair.publicKey,
		async removeTokenBindingKey(kid: string): Promise<boolean> {
		await this.cache.asymmetricKeys.removeItem(kid);
		const keyFound = await this.cache.asymmetricKeys.containsKey(kid);
		await this.cache.removeItem(kid);
		const keyFound = await this.cache.containsKey(kid);
		return !keyFound;
		@@ -159,3 +159,25 @@ }
		async clearKeystore(): Promise<boolean> {
		return this.cache.clear();
		// Delete in-memory keystores
		this.cache.clearInMemory();

		/**
		* There is only one database, so calling clearPersistent on asymmetric keystore takes care of
		* every persistent keystore
		*/
		try {
		await this.cache.clearPersistent();
		return true;
		} catch (e) {
		if (e instanceof Error) {
		this.logger.error(
		`Clearing keystore failed with error: ${e.message}`
		);
		} else {
		this.logger.error(
		"Clearing keystore failed with unknown error"
		);
		}

		return false;
		}
		}
		@@ -178,3 +200,3 @@
		);
		const cachedKeyPair = await this.cache.asymmetricKeys.getItem(kid);
		const cachedKeyPair = await this.cache.getItem(kid);

		@@ -237,7 +259,3 @@ if (!cachedKeyPair) {
		async hashString(plainText: string): Promise<string> {
		const hashBuffer: ArrayBuffer = await BrowserCrypto.sha256Digest(
		plainText
		);
		const hashBytes = new Uint8Array(hashBuffer);
		return urlEncodeArr(hashBytes);
		return BrowserCrypto.hashString(plainText);
		}
		@@ -244,0 +262,0 @@ }

2

src/index.ts

		@@ -150,4 +150,6 @@ /*
		TenantProfile,
		IPerformanceClient,
		StubPerformanceClient,
		} from "@azure/msal-common";

		export { version } from "./packageMetadata";

66

src/interaction_client/BaseInteractionClient.ts

		@@ -12,4 +12,2 @@ /*
		AccountEntity,
		BaseAuthRequest,
		AuthenticationScheme,
		UrlString,
		@@ -25,3 +23,2 @@ ServerTelemetryManager,
		PerformanceEvents,
		StringUtils,
		AzureCloudOptions,
		@@ -139,65 +136,2 @@ invokeAsync,
		/**
		* Initializer function for all request APIs
		* @param request
		*/
		protected async initializeBaseRequest(
		request: Partial<BaseAuthRequest>
		): Promise<BaseAuthRequest> {
		this.performanceClient.addQueueMeasurement(
		PerformanceEvents.InitializeBaseRequest,
		this.correlationId
		);
		const authority = request.authority \|\| this.config.auth.authority;

		const scopes = [...((request && request.scopes) \|\| [])];

		const validatedRequest: BaseAuthRequest = {
		...request,
		correlationId: this.correlationId,
		authority,
		scopes,
		};

		// Set authenticationScheme to BEARER if not explicitly set in the request
		if (!validatedRequest.authenticationScheme) {
		validatedRequest.authenticationScheme = AuthenticationScheme.BEARER;
		this.logger.verbose(
		'Authentication Scheme wasn\'t explicitly set in request, defaulting to "Bearer" request'
		);
		} else {
		if (
		validatedRequest.authenticationScheme ===
		AuthenticationScheme.SSH
		) {
		if (!request.sshJwk) {
		throw createClientConfigurationError(
		ClientConfigurationErrorCodes.missingSshJwk
		);
		}
		if (!request.sshKid) {
		throw createClientConfigurationError(
		ClientConfigurationErrorCodes.missingSshKid
		);
		}
		}
		this.logger.verbose(
		`Authentication Scheme set to "${validatedRequest.authenticationScheme}" as configured in Auth request`
		);
		}

		// Set requested claims hash if claims-based caching is enabled and claims were requested
		if (
		this.config.cache.claimsBasedCachingEnabled &&
		request.claims &&
		// Checks for empty stringified object "{}" which doesn't qualify as requested claims
		!StringUtils.isEmptyObj(request.claims)
		) {
		validatedRequest.requestedClaimsHash =
		await this.browserCrypto.hashString(request.claims);
		}

		return validatedRequest;
		}

		/**
		*
		@@ -204,0 +138,0 @@ * Use to get the redirect uri configured in MSAL or null.

62

src/interaction_client/SilentCacheClient.ts

		@@ -10,9 +10,5 @@ /*
		SilentFlowClient,
		ServerTelemetryManager,
		AccountInfo,
		AzureCloudOptions,
		PerformanceEvents,
		invokeAsync,
		} from "@azure/msal-common";
		import { SilentRequest } from "../request/SilentRequest";
		import { ApiId } from "../utils/BrowserConstants";
		@@ -43,3 +39,9 @@ import {

		const silentAuthClient = await this.createSilentFlowClient(
		const clientConfig = await invokeAsync(
		this.getClientConfiguration.bind(this),
		PerformanceEvents.StandardInteractionClientGetClientConfiguration,
		this.logger,
		this.performanceClient,
		this.correlationId
		)(
		serverTelemetryManager,
		@@ -50,2 +52,6 @@ silentRequest.authority,
		);
		const silentAuthClient = new SilentFlowClient(
		clientConfig,
		this.performanceClient
		);
		this.logger.verbose("Silent auth client created");
		@@ -92,48 +98,2 @@
		}

		/**
		* Creates an Silent Flow Client with the given authority, or the default authority.
		* @param serverTelemetryManager
		* @param authorityUrl
		*/
		protected async createSilentFlowClient(
		serverTelemetryManager: ServerTelemetryManager,
		authorityUrl?: string,
		azureCloudOptions?: AzureCloudOptions,
		account?: AccountInfo
		): Promise<SilentFlowClient> {
		// Create auth module.
		const clientConfig = await invokeAsync(
		this.getClientConfiguration.bind(this),
		PerformanceEvents.StandardInteractionClientGetClientConfiguration,
		this.logger,
		this.performanceClient,
		this.correlationId
		)(serverTelemetryManager, authorityUrl, azureCloudOptions, account);
		return new SilentFlowClient(clientConfig, this.performanceClient);
		}

		async initializeSilentRequest(
		request: SilentRequest,
		account: AccountInfo
		): Promise<CommonSilentFlowRequest> {
		this.performanceClient.addQueueMeasurement(
		PerformanceEvents.InitializeSilentRequest,
		this.correlationId
		);

		const baseRequest = await invokeAsync(
		this.initializeBaseRequest.bind(this),
		PerformanceEvents.InitializeBaseRequest,
		this.logger,
		this.performanceClient,
		this.correlationId
		)(request);
		return {
		...request,
		...baseRequest,
		account: account,
		forceRefresh: request.forceRefresh \|\| false,
		};
		}
		}

5

src/interaction_client/SilentRefreshClient.ts

		@@ -23,2 +23,3 @@ /*
		import { AuthenticationResult } from "../response/AuthenticationResult";
		import { initializeBaseRequest } from "../request/RequestHelpers";

		@@ -39,3 +40,3 @@ export class SilentRefreshClient extends StandardInteractionClient {
		const baseRequest = await invokeAsync(
		this.initializeBaseRequest.bind(this),
		initializeBaseRequest,
		PerformanceEvents.InitializeBaseRequest,
		@@ -45,3 +46,3 @@ this.logger,
		request.correlationId
		)(request);
		)(request, this.config, this.performanceClient, this.logger);
		const silentRequest: CommonSilentFlowRequest = {
		@@ -48,0 +49,0 @@ ...request,

10

src/interaction_client/StandardInteractionClient.ts

		@@ -35,2 +35,3 @@ /*
		import { createNewGuid } from "../crypto/BrowserCrypto";
		import { initializeBaseRequest } from "../request/RequestHelpers";

		@@ -319,3 +320,3 @@ /**
		const baseRequest: BaseAuthRequest = await invokeAsync(
		this.initializeBaseRequest.bind(this),
		initializeBaseRequest,
		PerformanceEvents.InitializeBaseRequest,
		@@ -325,3 +326,8 @@ this.logger,
		this.correlationId
		)(request);
		)(
		{ ...request, correlationId: this.correlationId },
		this.config,
		this.performanceClient,
		this.logger
		);

		@@ -328,0 +334,0 @@ const validatedRequest: AuthorizationUrlRequest = {

12

src/naa/mapping/NestedAppAuthAdapter.ts

		@@ -26,2 +26,3 @@ /*
		createClientAuthError,
		OIDC_DEFAULT_SCOPES,
		} from "@azure/msal-common";
		@@ -33,2 +34,4 @@ import { isBridgeError } from "../BridgeError";
		import { AuthResult } from "../AuthResult";
		import { SsoSilentRequest } from "../../request/SsoSilentRequest";
		import { SilentRequest } from "../../request/SilentRequest";

		@@ -54,3 +57,7 @@ export class NestedAppAuthAdapter {
		public toNaaTokenRequest(
		request: PopupRequest \| RedirectRequest
		request:
		\| PopupRequest
		\| RedirectRequest
		\| SilentRequest
		\| SsoSilentRequest
		): TokenRequest {
		@@ -71,2 +78,3 @@ let extraParams: Map<string, string>;
		);
		const scopes = request.scopes \|\| OIDC_DEFAULT_SCOPES;
		const tokenRequest: TokenRequest = {
		@@ -76,3 +84,3 @@ platformBrokerId: request.account?.homeAccountId,
		authority: request.authority,
		scope: request.scopes.join(" "),
		scope: scopes.join(" "),
		correlationId:
		@@ -79,0 +87,0 @@ request.correlationId !== undefined

2

src/packageMetadata.ts

		/* eslint-disable header/header */
		export const name = "@azure/msal-browser";
		export const version = "3.10.0";
		export const version = "3.11.0";

27

src/telemetry/BrowserPerformanceClient.ts

		@@ -72,3 +72,7 @@ /*
		{
		constructor(configuration: Configuration, intFields?: Set<string>) {
		constructor(
		configuration: Configuration,
		intFields?: Set<string>,
		abbreviations?: Map<string, string>
		) {
		super(
		@@ -88,3 +92,4 @@ configuration.auth.clientId,
		},
		intFields
		intFields,
		abbreviations
		);
		@@ -164,10 +169,14 @@ }
		end: (
		event?: Partial<PerformanceEvent>
		event?: Partial<PerformanceEvent>,
		error?: unknown
		): PerformanceEvent \| null => {
		const res = inProgressEvent.end({
		...event,
		startPageVisibility,
		endPageVisibility: this.getPageVisibility(),
		durationMs: getPerfDurationMs(startTime),
		});
		const res = inProgressEvent.end(
		{
		...event,
		startPageVisibility,
		endPageVisibility: this.getPageVisibility(),
		durationMs: getPerfDurationMs(startTime),
		},
		error
		);
		void browserMeasurement?.then((measurement) =>
		@@ -174,0 +183,0 @@ measurement.endMeasurement()

65

src/utils/BrowserUtils.ts

		@@ -11,4 +11,9 @@ /*
		} from "../error/BrowserAuthError";
		import { InteractionType, BrowserConstants } from "./BrowserConstants";
		import { BrowserConstants, BrowserCacheLocation } from "./BrowserConstants";
		import * as BrowserCrypto from "../crypto/BrowserCrypto";
		import {
		BrowserConfigurationAuthErrorCodes,
		createBrowserConfigurationAuthError,
		} from "../error/BrowserConfigurationAuthError";
		import { BrowserConfiguration } from "../config/Configuration";

		@@ -97,12 +102,4 @@ /**
		*/
		export function blockRedirectInIframe(
		interactionType: InteractionType,
		allowRedirectInIframe: boolean
		): void {
		const isIframedApp = isInIframe();
		if (
		interactionType === InteractionType.Redirect &&
		isIframedApp &&
		!allowRedirectInIframe
		) {
		export function blockRedirectInIframe(allowRedirectInIframe: boolean): void {
		if (isInIframe() && !allowRedirectInIframe) {
		// If we are not in top frame, we shouldn't redirect. This is also handled by the service.
		@@ -127,6 +124,4 @@ throw createBrowserAuthError(BrowserAuthErrorCodes.redirectInIframe);
		*/
		export function blockNonBrowserEnvironment(
		isBrowserEnvironment: boolean
		): void {
		if (!isBrowserEnvironment) {
		export function blockNonBrowserEnvironment(): void {
		if (typeof window === "undefined") {
		throw createBrowserAuthError(
		@@ -151,2 +146,42 @@ BrowserAuthErrorCodes.nonBrowserEnvironment
		/**
		* Helper to validate app environment before making an auth request
		* @param initialized
		*/
		export function preflightCheck(initialized: boolean): void {
		// Block request if not in browser environment
		blockNonBrowserEnvironment();

		// Block auth requests inside a hidden iframe
		blockReloadInHiddenIframes();

		// Block redirectUri opened in a popup from calling MSAL APIs
		blockAcquireTokenInPopups();

		// Block token acquisition before initialize has been called
		blockAPICallsBeforeInitialize(initialized);
		}

		/**
		* Helper to validate app enviornment before making redirect request
		* @param initialized
		* @param config
		*/
		export function redirectPreflightCheck(
		initialized: boolean,
		config: BrowserConfiguration
		): void {
		preflightCheck(initialized);
		blockRedirectInIframe(config.system.allowRedirectInIframe);
		// Block redirects if memory storage is enabled but storeAuthStateInCookie is not
		if (
		config.cache.cacheLocation === BrowserCacheLocation.MemoryStorage &&
		!config.cache.storeAuthStateInCookie
		) {
		throw createBrowserConfigurationAuthError(
		BrowserConfigurationAuthErrorCodes.inMemRedirectUnavailable
		);
		}
		}

		/**
		* Adds a preconnect link element to the header which begins DNS resolution and SSL connection in anticipation of the /token request
		@@ -153,0 +188,0 @@ * @param loginDomain Authority domain, including https protocol e.g. https://login.microsoftonline.com

dist/cache/CryptoKeyStore.d.ts

dist/cache/CryptoKeyStore.d.ts.map

dist/cache/CryptoKeyStore.mjs

dist/cache/CryptoKeyStore.mjs.map

dist/cache/IAsyncMemoryStorage.d.ts

dist/cache/IAsyncMemoryStorage.d.ts.map

src/cache/CryptoKeyStore.ts

src/cache/IAsyncMemoryStorage.ts

dist/app/IPublicClientApplication.mjs