@azure/msal-common - npm Package Compare versions

Comparing version 1.0.0-beta.2 to 1.0.0-beta.3

changelog.md

@@ -0,1 +1,12 @@
+# 1.0.0-beta.3
+- Initialization of B2cTrustedHostList (#1646)
+- Unified Cache support (#1444, #1471, #1519, #1520, #1522, #1609, #1622, #1624, #1655, #1680, #1762)
+- `Request` update in msal-common (#1682, #1771)
+- SilentFlow support (#1711)
+- Utilize `Scopeset` across all libraries (#1770)
+- AccountInfo interface (#1789)
+- `state` support in msal-common (#1790)
+- Removal of SPA Client (#1793)
+- EndSessionRequest (#1802)
+
 # 1.0.0-beta.2
@@ -14,3 +25,3 @@ - Fixed an issue where types were not being exported from the correct location (#1613)
 - Fixed issue with caching for multiple resources (#1553)
-- Adding support for node classes 
+- Adding support for node classes
     - Refresh token client (#1496)
@@ -17,0 +28,0 @@ - Device code client (#1550, #1434)

dist/src/authority/Authority.d.ts

@@ -38,2 +38,3 @@ import { AuthorityType } from "./AuthorityType";
     get tokenEndpoint(): string;
+    get deviceCodeEndpoint(): string;
     /**
@@ -40,0 +41,0 @@ * OAuth logout endpoint for requests

dist/src/authority/AuthorityFactory.d.ts

@@ -5,10 +5,29 @@ import { Authority } from "./Authority";
     /**
-     * Parse the url and determine the type of authority
+     * Create an authority object of the correct type based on the url
+     * Performs basic authority validation - checks to see if the authority is of a valid type (i.e. aad, b2c, adfs)
+     *
+     * Also performs endpoint discovery.
+     *
+     * @param defaultAuthority
+     * @param networkClient
+     * @param authorityUri
+     * @param adfsDisabled
      */
-    private static detectAuthorityFromUrl;
+    static createDiscoveredInstance(authorityUri: string, networkClient: INetworkModule): Promise<Authority>;
     /**
      * Create an authority object of the correct type based on the url
-     * Performs basic authority validation - checks to see if the authority is of a valid type (eg aad, b2c)
+     * Performs basic authority validation - checks to see if the authority is of a valid type (i.e. aad, b2c, adfs)
+     *
+     * Does not perform endpoint discovery.
+     *
+     * @param authorityUrl
+     * @param networkInterface
      */
     static createInstance(authorityUrl: string, networkInterface: INetworkModule): Authority;
+    /**
+     * Parse the url and determine the type of authority.
+     * @param authorityString
+     * @param networkInterface
+     */
+    private static detectAuthorityFromUrl;
 }

dist/src/client/AuthorizationCodeClient.d.ts

 import { BaseClient } from "./BaseClient";
-import { AuthorizationCodeUrlRequest } from "../request/AuthorizationCodeUrlRequest";
+import { AuthorizationUrlRequest } from "../request/AuthorizationUrlRequest";
 import { AuthorizationCodeRequest } from "../request/AuthorizationCodeRequest";
 import { ClientConfiguration } from "../config/ClientConfiguration";
+import { AuthenticationResult } from "../response/AuthenticationResult";
+import { EndSessionRequest } from "../request/EndSessionRequest";
 /**
@@ -20,9 +22,22 @@ * Oauth2.0 Authorization Code client
      */
-    getAuthCodeUrl(request: AuthorizationCodeUrlRequest): Promise<string>;
+    getAuthCodeUrl(request: AuthorizationUrlRequest): Promise<string>;
     /**
-     * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the authorization_code_grant
+     * API to acquire a token in exchange of 'authorization_code` acquired by the user in the first leg of the
+     * authorization_code_grant
      * @param request
      */
-    acquireToken(request: AuthorizationCodeRequest): Promise<string>;
+    acquireToken(request: AuthorizationCodeRequest, cachedNonce?: string, cachedState?: string): Promise<AuthenticationResult>;
     /**
+     * Handles the hash fragment response from public client code request. Returns a code response used by
+     * the client to exchange for a token in acquireToken.
+     * @param hashFragment
+     */
+    handleFragmentResponse(hashFragment: string, cachedState: string): string;
+    /**
+     * Use to log out the current user, and redirect the user to the postLogoutRedirectUri.
+     * Default behaviour is to redirect the user to `window.location.href`.
+     * @param authorityUri
+     */
+    getLogoutUri(logoutRequest: EndSessionRequest): string;
+    /**
      * Executes POST request to token endpoint
@@ -29,0 +44,0 @@ * @param authority

dist/src/client/BaseClient.d.ts

 import { ClientConfiguration } from "../config/ClientConfiguration";
-import { ICacheStorage } from "../cache/ICacheStorage";
-import { CacheHelpers } from "../cache/CacheHelpers";
 import { INetworkModule } from "../network/INetworkModule";
 import { ICrypto } from "../crypto/ICrypto";
-import { Account } from "../account/Account";
 import { Authority } from "../authority/Authority";
@@ -11,2 +8,3 @@ import { Logger } from "../logger/Logger";
 import { ServerAuthorizationTokenResponse } from "../server/ServerAuthorizationTokenResponse";
+import { CacheManager } from "../cache/CacheManager";
 /**
@@ -19,14 +17,7 @@ * Base application class which will construct requests to send to and handle responses from the Microsoft STS using the authorization code flow.
     protected cryptoUtils: ICrypto;
-    protected cacheStorage: ICacheStorage;
+    protected cacheManager: CacheManager;
     protected networkClient: INetworkModule;
-    protected cacheManager: CacheHelpers;
-    protected account: Account;
-    protected defaultAuthorityInstance: Authority;
+    protected authority: Authority;
     protected constructor(configuration: ClientConfiguration);
     /**
-     * Create authority instance if not set already, resolve well-known-endpoint
-     * @param authorityString
-     */
-    protected createAuthority(authorityString: string): Promise<Authority>;
-    /**
      * Creates default headers for requests to token endpoint
@@ -33,0 +24,0 @@ */

dist/src/client/DeviceCodeClient.d.ts

@@ -8,3 +8,2 @@ import { BaseClient } from "./BaseClient";
 export declare class DeviceCodeClient extends BaseClient {
-    private authority;
     constructor(configuration: ClientConfiguration);
@@ -23,13 +22,9 @@ /**
     /**
-     * Executes GET request to device code endpoint
-     * @param deviceCodeUrl
+     * Executes POST request to device code endpoint
+     * @param deviceCodeEndpoint
+     * @param queryString
      * @param headers
      */
-    private executeGetRequestToDeviceCodeEndpoint;
+    private executePostRequestToDeviceCodeEndpoint;
     /**
-     * Create device code endpoint url
-     * @param request
-     */
-    private createDeviceCodeUrl;
-    /**
      * Create device code endpoint query parameters and returns string
@@ -36,0 +31,0 @@ */

dist/src/client/RefreshTokenClient.d.ts

 import { ClientConfiguration } from "../config/ClientConfiguration";
 import { BaseClient } from "./BaseClient";
 import { RefreshTokenRequest } from "../request/RefreshTokenRequest";
+import { AuthenticationResult } from "../response/AuthenticationResult";
 /**
@@ -9,5 +10,5 @@ * OAuth2.0 refresh token client
     constructor(configuration: ClientConfiguration);
-    acquireToken(request: RefreshTokenRequest): Promise<string>;
+    acquireToken(request: RefreshTokenRequest): Promise<AuthenticationResult>;
     private executeTokenRequest;
     private createTokenRequestBody;
 }

dist/src/config/ClientConfiguration.d.ts

@@ -1,5 +0,6 @@
-import { ICacheStorage } from "../cache/ICacheStorage";
 import { INetworkModule } from "../network/INetworkModule";
 import { ICrypto } from "../crypto/ICrypto";
 import { ILoggerCallback, LogLevel } from "../logger/Logger";
+import { Authority } from "../authority/Authority";
+import { CacheManager } from "../cache/CacheManager";
 /**
@@ -15,6 +16,6 @@ * Use the configuration object to configure MSAL Modules and initialize the base interfaces for MSAL.
 export declare type ClientConfiguration = {
-    authOptions?: AuthOptions;
+    authOptions: AuthOptions;
     systemOptions?: SystemOptions;
     loggerOptions?: LoggerOptions;
-    storageInterface?: ICacheStorage;
+    storageInterface?: CacheManager;
     networkInterface?: INetworkModule;
@@ -32,6 +33,4 @@ cryptoInterface?: ICrypto;
     clientId: string;
-    authority?: string;
+    authority?: Authority;
     knownAuthorities?: Array<string>;
-    redirectUri?: string | (() => string);
-    postLogoutRedirectUri?: string | (() => string);
 };
@@ -38,0 +37,0 @@ /**

dist/src/error/ClientAuthError.d.ts

@@ -24,6 +24,2 @@ import { AuthError } from "./AuthError";
     };
-    tokenRequestCacheError: {
-        code: string;
-        desc: string;
-    };
     endpointResolutionError: {
@@ -45,2 +41,6 @@ code: string;
     };
+    invalidStateError: {
+        code: string;
+        desc: string;
+    };
     stateMismatchError: {
@@ -78,2 +78,6 @@ code: string;
     };
+    multipleMatchingAccounts: {
+        code: string;
+        desc: string;
+    };
     tokenRequestCannotBeMade: {
@@ -107,2 +111,22 @@ code: string;
     };
+    NoAccountInSilentRequest: {
+        code: string;
+        desc: string;
+    };
+    invalidCacheRecord: {
+        code: string;
+        desc: string;
+    };
+    noAccountFound: {
+        code: string;
+        desc: string;
+    };
+    CachePluginError: {
+        code: string;
+        desc: string;
+    };
+    noCryptoObj: {
+        code: string;
+        desc: string;
+    };
 };
@@ -135,7 +159,2 @@ /**
     /**
-     * Creates an error thrown when the token request could not be retrieved from the cache
-     * @param errDetail
-     */
-    static createTokenRequestCacheError(errDetail: string): ClientAuthError;
-    /**
      * Creates an error thrown when the endpoint discovery doesn't complete correctly.
@@ -155,2 +174,7 @@ */
     /**
+     * Creates an error thrown when the state cannot be parsed.
+     * @param invalidState
+     */
+    static createInvalidStateError(invalidState: string, errorString?: string): ClientAuthError;
+    /**
      * Creates an error thrown when two states do not match.
@@ -175,3 +199,3 @@ */
      */
-    static createNoTokensFoundError(scopes: string): ClientAuthError;
+    static createNoTokensFoundError(): ClientAuthError;
     /**
@@ -191,2 +215,7 @@ * Creates an error in cache parsing.
     /**
+     * Throws error when multiple tokens are in cache for the given scope.
+     * @param scope
+     */
+    static createMultipleMatchingAccountsInCacheError(): ClientAuthError;
+    /**
      * Throws error when no auth code or refresh token is given to ServerTokenRequestParameters.
@@ -223,2 +252,23 @@ */
     static createDeviceCodeExpiredError(): ClientAuthError;
+    /**
+     * Throws error when silent requests are made without an account object
+     */
+    static createNoAccountInSilentRequestError(): ClientAuthError;
+    /**
+     * Throws error when cache record is null or undefined.
+     */
+    static createNullOrUndefinedCacheRecord(): ClientAuthError;
+    /**
+     * Throws error when account is not found in cache.
+     */
+    static createNoAccountFoundError(): ClientAuthError;
+    /**
+     * Throws error if ICachePlugin not set on CacheManager.
+     */
+    static createCachePluginError(): ClientAuthError;
+    /**
+     * Throws error if crypto object not found.
+     * @param operationName
+     */
+    static createNoCryptoObjectError(operationName: string): ClientAuthError;
 }

dist/src/error/ClientConfigurationError.d.ts

@@ -50,2 +50,6 @@ import { ClientAuthError } from "./ClientAuthError";
     };
+    logoutRequestEmptyError: {
+        code: string;
+        desc: string;
+    };
     invalidCodeChallengeMethod: {
@@ -123,2 +127,6 @@ code: string;
      */
+    static createEmptyLogoutRequestError(): ClientConfigurationError;
+    /**
+     * Throws error when token request is empty and nothing cached in storage.
+     */
     static createEmptyTokenRequestError(): ClientConfigurationError;
@@ -125,0 +133,0 @@ /**

dist/src/index.d.ts

@@ -1,12 +0,22 @@
-export { SPAClient } from "./client/SPAClient";
 export { AuthorizationCodeClient } from "./client/AuthorizationCodeClient";
 export { DeviceCodeClient } from "./client/DeviceCodeClient";
 export { RefreshTokenClient } from "./client/RefreshTokenClient";
+export { SilentFlowClient } from "./client/SilentFlowClient";
 export { AuthOptions, SystemOptions, LoggerOptions, TelemetryOptions, DEFAULT_SYSTEM_OPTIONS } from "./config/ClientConfiguration";
 export { ClientConfiguration } from "./config/ClientConfiguration";
-export { Account } from "./account/Account";
+export { AccountInfo } from "./account/AccountInfo";
+export { IdToken } from "./account/IdToken";
 export { IdTokenClaims } from "./account/IdTokenClaims";
 export { Authority } from "./authority/Authority";
+export { B2cAuthority } from "./authority/B2cAuthority";
 export { AuthorityFactory } from "./authority/AuthorityFactory";
-export { ICacheStorage } from "./cache/ICacheStorage";
+export { AuthorityType } from "./authority/AuthorityType";
+export { CacheManager } from "./cache/CacheManager";
+export { AccountCache, AccessTokenCache, IdTokenCache, RefreshTokenCache, AppMetadataCache } from "./cache/utils/CacheTypes";
+export { CredentialEntity } from "./cache/entities/CredentialEntity";
+export { AppMetadataEntity } from "./cache/entities/AppMetadataEntity";
+export { AccountEntity } from "./cache/entities/AccountEntity";
+export { IdTokenEntity } from "./cache/entities/IdTokenEntity";
+export { AccessTokenEntity } from "./cache/entities/AccessTokenEntity";
+export { RefreshTokenEntity } from "./cache/entities/RefreshTokenEntity";
 export { INetworkModule, NetworkRequestOptions } from "./network/INetworkModule";
@@ -17,13 +27,10 @@ export { NetworkResponse } from "./network/NetworkManager";
 export { ICrypto, PkceCodes } from "./crypto/ICrypto";
-export { AuthenticationParameters } from "./request/AuthenticationParameters";
-export { AuthorizationCodeUrlRequest } from "./request/AuthorizationCodeUrlRequest";
+export { BaseAuthRequest } from "./request/BaseAuthRequest";
+export { AuthorizationUrlRequest } from "./request/AuthorizationUrlRequest";
 export { AuthorizationCodeRequest } from "./request/AuthorizationCodeRequest";
 export { RefreshTokenRequest } from "./request/RefreshTokenRequest";
+export { SilentFlowRequest } from "./request/SilentFlowRequest";
+export { DeviceCodeRequest } from "./request/DeviceCodeRequest";
+export { EndSessionRequest } from "./request/EndSessionRequest";
 export { AuthenticationResult } from "./response/AuthenticationResult";
-export { TokenExchangeParameters } from "./request/TokenExchangeParameters";
-export { TokenRenewParameters } from "./request/TokenRenewParameters";
-export { AuthResponse, buildResponseStateOnly } from "./response/AuthResponse";
-export { TokenResponse } from "./response/TokenResponse";
-export { CodeResponse } from "./response/CodeResponse";
-export { DeviceCodeRequest } from "./request/DeviceCodeRequest";
 export { ILoggerCallback, LogLevel, Logger } from "./logger/Logger";
@@ -35,3 +42,6 @@ export { InteractionRequiredAuthError } from "./error/InteractionRequiredAuthError";
 export { ClientConfigurationError, ClientConfigurationErrorMessage } from "./error/ClientConfigurationError";
-export { Constants, PromptValue, TemporaryCacheKeys, PersistentCacheKeys } from "./utils/Constants";
+export { Constants, PromptValue, PersistentCacheKeys, ResponseMode, CacheSchemaType, CredentialType } from "./utils/Constants";
 export { StringUtils } from "./utils/StringUtils";
+export { StringDict } from "./utils/MsalTypes";
+export { ProtocolUtils } from "./utils/ProtocolUtils";
+export { TimeUtils } from "./utils/TimeUtils";

dist/src/request/AuthorizationCodeRequest.d.ts

@@ -0,1 +1,2 @@
+import { BaseAuthRequest } from "./BaseAuthRequest";
 /**
@@ -7,3 +8,7 @@ * @type AuthorizationCodeRequest: Request object passed by user to acquire a token from the server exchanging a valid authorization code
  *
+ *
  * authority:               URL of the authority, the security token service (STS) from which MSAL will acquire tokens.
+ *                          If authority is set on client application object, this will override that value. Overriding
+ *                          the value will cause for authority validation to happen each time. If the same authority
+ *                          will be used for all request, set on the application object instead of the requests.
  *
@@ -22,9 +27,7 @@ * redirectUri:             The redirect URI of your app, where the authority will redirect to after the user inputs credentials
  */
-export declare type AuthorizationCodeRequest = {
-    scopes: Array<string>;
+export declare type AuthorizationCodeRequest = BaseAuthRequest & {
     redirectUri: string;
     code: string;
-    authority?: string;
     codeVerifier?: string;
     correlationId?: string;
 };

dist/src/request/DeviceCodeRequest.d.ts

 import { DeviceCodeResponse } from "../response/DeviceCodeResponse";
+import { BaseAuthRequest } from "./BaseAuthRequest";
 /**
  * Parameters for Oauth2 device code flow.
  */
-export declare type DeviceCodeRequest = {
+export declare type DeviceCodeRequest = BaseAuthRequest & {
     /**
@@ -12,6 +13,2 @@ * Callback containing device code response. Message should be shown to end user. End user can then navigate to the verification_uri,
     /**
-     * Scopes to which the application is requesting access to.
-     */
-    scopes: Array<string>;
-    /**
      * Boolean to cancel polling of device code endpoint.
@@ -22,8 +19,3 @@ *
      */
-    cancel?: false;
-    /**
-     * URI of the authority from which MSAL will acquire the tokens from. If this value is not set, MSAL defaults
-     * to the authority used when configuring the PublicClientApplication.
-     */
-    authority?: string;
+    cancel?: boolean;
 };

dist/src/request/RefreshTokenRequest.d.ts

@@ -0,1 +1,2 @@
+import { BaseAuthRequest } from "./BaseAuthRequest";
 /**
@@ -7,7 +8,7 @@ * @type RefreshTokenRequest
  * refreshToken:            A refresh token returned from a previous request to the Identity provider.
+ * redirectUri:             The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
  */
-export declare class RefreshTokenRequest {
-    scopes: Array<string>;
+export declare type RefreshTokenRequest = BaseAuthRequest & {
     refreshToken: string;
-    authority?: string;
-}
+    redirectUri?: string;
+};

dist/src/request/RequestValidator.d.ts

@@ -0,1 +1,2 @@
+import { StringDict } from "../utils/MsalTypes";
 /**
@@ -26,2 +27,7 @@ * Validates server consumable params from the "request" objects
     static validateCodeChallengeMethod(codeChallengeMethod: string): void;
+    /**
+     * Removes unnecessary or duplicate query parameters from extraQueryParameters
+     * @param request
+     */
+    static sanitizeEQParams(eQParams: StringDict, queryParams: Map<string, string>): StringDict;
 }

dist/src/request/ScopeSet.d.ts

@@ -6,7 +6,4 @@ /**
 export declare class ScopeSet {
-    private clientId;
     private scopes;
-    private originalScopes;
-    private scopesRequired;
-    constructor(inputScopes: Array<string>, clientId: string, scopesRequired: boolean);
+    constructor(inputScopes: Array<string>);
     /**
@@ -18,8 +15,4 @@ * Factory method to create ScopeSet from space-delimited string
     */
-    static fromString(inputScopeString: string, appClientId: string, scopesRequired: boolean): ScopeSet;
+    static fromString(inputScopeString: string): ScopeSet;
     /**
-     * Replace client id with the default scopes used for token acquisition.
-     */
-    private replaceDefaultScopes;
-    /**
      * Used to validate the scopes input parameter requested  by the developer.
@@ -70,6 +63,2 @@ * @param {Array<string>} inputScopes - Developer requested permissions. Not all scopes are guaranteed to be included in the access token returned.
     /**
-     * Returns true if the set of original scopes only contained client-id
-     */
-    isLoginScopeSet(): boolean;
-    /**
      * Returns the scopes as an array of string values
@@ -79,6 +68,2 @@ */
     /**
-     * Returns the original scopes as an array (no extra scopes to consent)
-     */
-    getOriginalScopesAsArray(): Array<string>;
-    /**
      * Prints scopes into a space-delimited string
@@ -85,0 +70,0 @@ */

dist/src/response/AuthenticationResult.d.ts

@@ -0,9 +1,19 @@
+import { StringDict } from "../utils/MsalTypes";
+import { AccountInfo } from "../account/AccountInfo";
 /**
  * Result returned from the authority's token endpoint.
  */
-export declare type AuthenticationResult = {
+export declare class AuthenticationResult {
+    uniqueId: string;
+    tenantId: string;
+    scopes: Array<string>;
+    account: AccountInfo;
+    idToken: string;
+    idTokenClaims: StringDict;
     accessToken: string;
-    refreshToken: string;
-    idToken: string;
-    expiresOn: string;
-};
+    fromCache: boolean;
+    expiresOn: Date;
+    extExpiresOn?: Date;
+    state?: string;
+    familyId?: string;
+}

dist/src/response/ResponseHandler.d.ts

@@ -1,10 +0,12 @@
-import { IdToken } from "../account/IdToken";
-import { CacheHelpers } from "../cache/CacheHelpers";
 import { ServerAuthorizationTokenResponse } from "../server/ServerAuthorizationTokenResponse";
 import { ICrypto } from "../crypto/ICrypto";
-import { ICacheStorage } from "../cache/ICacheStorage";
-import { TokenResponse } from "./TokenResponse";
 import { ServerAuthorizationCodeResponse } from "../server/ServerAuthorizationCodeResponse";
-import { CodeResponse } from "./CodeResponse";
 import { Logger } from "../logger/Logger";
+import { IdToken } from "../account/IdToken";
+import { AuthenticationResult } from "./AuthenticationResult";
+import { AccountEntity } from "../cache/entities/AccountEntity";
+import { Authority } from "../authority/Authority";
+import { CacheRecord } from "../cache/entities/CacheRecord";
+import { CacheManager } from "../cache/CacheManager";
+import { LibraryStateObject } from "../utils/ProtocolUtils";
 /**
@@ -16,22 +18,8 @@ * Class that handles response parsing.
     private cacheStorage;
-    private cacheManager;
     private cryptoObj;
     private logger;
-    constructor(clientId: string, cacheStorage: ICacheStorage, cacheManager: CacheHelpers, cryptoObj: ICrypto, logger: Logger);
+    private clientInfo;
+    private homeAccountIdentifier;
+    constructor(clientId: string, cacheStorage: CacheManager, cryptoObj: ICrypto, logger: Logger);
     /**
-     * Returns a new response with the data from original response filled with the relevant IdToken data.
-     * - raw id token
-     * - id token claims
-     * - unique id (oid or sub claim of token)
-     * - tenant id (tid claim of token)
-     * @param originalResponse
-     * @param idTokenObj
-     */
-    static setResponseIdToken(originalResponse: TokenResponse, idTokenObj: IdToken): TokenResponse;
-    /**
-     * Validates and handles a response from the server, and returns a constructed object with the authorization code and state.
-     * @param serverParams
-     */
-    handleServerCodeResponse(serverParams: ServerAuthorizationCodeResponse): CodeResponse;
-    /**
      * Function which validates server authorization code response.
@@ -42,3 +30,3 @@ * @param serverResponseHash
      */
-    private validateServerAuthorizationCodeResponse;
+    validateServerAuthorizationCodeResponse(serverResponseHash: ServerAuthorizationCodeResponse, cachedState: string, cryptoObj: ICrypto): void;
     /**
@@ -48,25 +36,23 @@ * Function which validates server authorization token response.
      */
-    validateServerAuthorizationTokenResponse(serverResponse: ServerAuthorizationTokenResponse): void;
+    validateTokenResponse(serverResponse: ServerAuthorizationTokenResponse): void;
     /**
-     * Helper function which saves or updates the token in the cache and constructs the final token response to send back to the user.
-     * @param originalTokenResponse
+     * Returns a constructed token response based on given string. Also manages the cache updates and cleanups.
+     * @param serverTokenResponse
      * @param authority
-     * @param resource
-     * @param serverTokenResponse
-     * @param clientInfo
      */
-    private saveToken;
+    generateAuthenticationResult(serverTokenResponse: ServerAuthorizationTokenResponse, authority: Authority, cachedNonce?: string, cachedState?: string): AuthenticationResult;
     /**
-     * Gets account cached with given key. Returns null if parsing could not be completed.
-     * @param accountKey
+     * Generate Account
+     * @param serverTokenResponse
+     * @param idToken
+     * @param authority
      */
-    private getCachedAccount;
+    generateAccountEntity(serverTokenResponse: ServerAuthorizationTokenResponse, idToken: IdToken, authority: Authority): AccountEntity;
     /**
-     * Returns a constructed token response based on given string. Also manages the cache updates and cleanups.
+     * Generates CacheRecord
      * @param serverTokenResponse
-     * @param authorityString
-     * @param resource
-     * @param state
+     * @param idTokenObj
+     * @param authority
      */
-    createTokenResponse(serverTokenResponse: ServerAuthorizationTokenResponse, authorityString: string, resource: string, state?: string): TokenResponse;
+    generateCacheRecord(serverTokenResponse: ServerAuthorizationTokenResponse, idTokenObj: IdToken, authority: Authority, libraryState?: LibraryStateObject): CacheRecord;
 }

dist/src/server/RequestParameterBuilder.d.ts

@@ -0,2 +1,5 @@
+import { ResponseMode } from "../utils/Constants";
 import { ScopeSet } from "../request/ScopeSet";
+import { StringDict } from "../utils/MsalTypes";
+import { LibraryInfo } from "../config/ClientConfiguration";
 export declare class RequestParameterBuilder {
@@ -13,3 +16,3 @@ private parameters;
      */
-    addResponseMode(responseMode?: string): void;
+    addResponseMode(responseMode?: ResponseMode): void;
     /**
@@ -51,2 +54,7 @@ * add scopes
     /**
+     * add library info query params
+     * @param libraryInfo
+     */
+    addLibraryInfo(libraryInfo: LibraryInfo): void;
+    /**
      * add prompt
@@ -103,2 +111,12 @@ * @param prompt
     /**
+     * add client info
+     *
+     */
+    addClientInfo(): void;
+    /**
+     * add extraQueryParams
+     * @param eQparams
+     */
+    addExtraQueryParameters(eQparams: StringDict): void;
+    /**
      * Utility to create a URL from the params map
@@ -105,0 +123,0 @@ */

dist/src/server/ServerAuthorizationTokenResponse.d.ts

@@ -27,2 +27,4 @@ /**
     id_token?: string;
+    client_info?: string;
+    foci?: string;
     error?: string;
@@ -29,0 +31,0 @@ error_description?: string;

dist/src/utils/Constants.d.ts

@@ -8,3 +8,2 @@ export declare const Constants: {
     AAD_INSTANCE_DISCOVERY_ENDPT: string;
-    DEVICE_CODE_ENDPOINT_PATH: string;
     RESOURCE_DELIM: string;
@@ -21,6 +20,6 @@ NO_ACCOUNT: string;
     FRAGMENT_RESPONSE_MODE: string;
-    QUERY_RESPONSE_MODE: string;
     S256_CODE_CHALLENGE_METHOD: string;
     URL_FORM_CONTENT_TYPE: string;
     AUTHORIZATION_PENDING: string;
+    NOT_DEFINED: string;
 };
@@ -34,17 +33,2 @@ /**
 /**
- * Temporary cache keys for MSAL, deleted after any request.
- */
-export declare enum TemporaryCacheKeys {
-    AUTHORITY = "authority",
-    ACQUIRE_TOKEN_ACCOUNT = "acquireToken.account",
-    SESSION_STATE = "session.state",
-    REQUEST_STATE = "request.state",
-    NONCE_IDTOKEN = "nonce.idtoken",
-    ORIGIN_URI = "request.origin",
-    RENEW_STATUS = "token.renew.status",
-    URL_HASH = "urlHash",
-    REQUEST_PARAMS = "request.params",
-    SCOPES = "scopes"
-}
-/**
  * Persistent cache keys MSAL which stay while user is logged in.
@@ -64,2 +48,7 @@ */
 /**
+ * TODO: placeholder for discovery endpoint call. dynamically generate preferredCache and cacheAliases per cloud
+ */
+export declare const EnvironmentAliases: string[];
+export declare const PreferredCacheEnvironment: string;
+/**
  * String constants related to AAD Authority
@@ -77,3 +66,2 @@ */
     CLIENT_ID = "client_id",
-    RESOURCE = "resource",
     REDIRECT_URI = "redirect_uri",
@@ -162,3 +150,5 @@ RESPONSE_TYPE = "response_type",
 /**
- *
+ * The method used to encode the code verifier for the code challenge parameter. can be one
+ * of plain or s256. if excluded, code challenge is assumed to be plaintext. for more
+ * information, see the pkce rcf: https://tools.ietf.org/html/rfc7636
  */
@@ -185,1 +175,52 @@ export declare const CodeChallengeMethodValuesArray: string[];
 }
+/**
+ * Account types in Cache
+ */
+export declare enum CacheAccountType {
+    MSSTS_ACCOUNT_TYPE = "MSSTS",
+    ADFS_ACCOUNT_TYPE = "ADFS",
+    MSAV1_ACCOUNT_TYPE = "MSA",
+    GENERIC_ACCOUNT_TYPE = "Generic"
+}
+/**
+ * Separators used in cache
+ */
+export declare enum Separators {
+    CACHE_KEY_SEPARATOR = "-",
+    CLIENT_INFO_SEPARATOR = "."
+}
+/**
+ * Credentail Type stored in the cache
+ */
+export declare enum CredentialType {
+    ID_TOKEN = "IdToken",
+    ACCESS_TOKEN = "AccessToken",
+    REFRESH_TOKEN = "RefreshToken"
+}
+/**
+ * Credentail Type stored in the cache
+ */
+export declare enum CacheSchemaType {
+    ACCOUNT = "Account",
+    CREDENTIAL = "Credential",
+    APP_META_DATA = "AppMetadata",
+    TEMPORARY = "TempCache"
+}
+/**
+ * Combine all cache types
+ */
+export declare enum CacheType {
+    ADFS = 1001,
+    MSA = 1002,
+    MSSTS = 1003,
+    GENERIC = 1004,
+    ACCESS_TOKEN = 2001,
+    REFRESH_TOKEN = 2002,
+    ID_TOKEN = 2003,
+    APP_META_DATA = 3001
+}
+/**
+ * More Cache related constants
+ */
+export declare const APP_META_DATA = "appmetadata";
+export declare const ClientInfo = "client_info";

dist/src/utils/ProtocolUtils.d.ts

@@ -0,2 +1,20 @@
+import { ICrypto } from "../crypto/ICrypto";
 /**
+ * Type which defines the object that is stringified, encoded and sent in the state value.
+ * Contains the following:
+ * - id - unique identifier for this request
+ * - ts - timestamp for the time the request was made. Used to ensure that token expiration is not calculated incorrectly.
+ */
+export declare type LibraryStateObject = {
+    id: string;
+    ts: number;
+};
+/**
+ * Type which defines the stringified and encoded object sent to the service in the authorize request.
+ */
+export declare type RequestStateObject = {
+    userRequestState: string;
+    libraryState: LibraryStateObject;
+};
+/**
  * Class which provides helpers for OAuth 2.0 protocol specific values
@@ -10,10 +28,15 @@ */
      */
-    static setRequestState(userState: string, randomGuid: string): string;
+    static setRequestState(userState: string, cryptoObj: ICrypto): string;
     /**
-     *
-     * Extracts user state value from the state sent with the authentication request.
-     * @returns {string} scope.
-     * @ignore
+     * Generates the state value used by the library.
+     * @param randomGuid
+     * @param cryptoObj
      */
-    static getUserRequestState(serverResponseState: string): string;
+    static generateLibraryState(cryptoObj: ICrypto): string;
+    /**
+     * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
+     * @param state
+     * @param cryptoObj
+     */
+    static parseRequestState(state: string, cryptoObj: ICrypto): RequestStateObject;
 }

package.json

@@ -13,3 +13,3 @@ {
     },
-    "version": "1.0.0-beta.2",
+    "version": "1.0.0-beta.3",
     "description": "Microsoft Authentication Library for js",
@@ -16,0 +16,0 @@ "keywords": [

README.md

@@ -5,3 +5,3 @@ # (Preview) Microsoft Authentication Library for JavaScript (MSAL.js) Common Package
 | <a href="https://docs.microsoft.com/azure/active-directory/develop/guidedsetups/active-directory-javascriptspa" target="_blank">Getting Started</a> | <a href="https://aka.ms/aaddevv2" target="_blank">AAD Docs</a> | <a href="https://azuread.github.io/microsoft-authentication-library-for-js/ref/msal-core/" target="_blank">Library Reference</a> |
-| --- | --- | --- | --- | --- |
+| --- | --- | --- |
 
@@ -11,8 +11,7 @@ 1. [About](#about)
 3. [Releases](#releases)
-4. [Prerequisites](#prerequisites)
+4. [Prerequisites and Usage](#prerequisites-and-usage)
 5. [Installation](#installation)
-6. [Usage](#usage)
-9. [Security Reporting](#security-reporting)
-10. [License](#license)
-11. [Code of Conduct](#we-value-and-adhere-to-the-microsoft-open-source-code-of-conduct)
+6. [Security Reporting](#security-reporting)
+7. [License](#license)
+8. [Code of Conduct](#we-value-and-adhere-to-the-microsoft-open-source-code-of-conduct)
 
@@ -19,0 +18,0 @@ ## About

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Lines of code

13443

increased by2.5%

Worsened metrics

Total package byte prevSize

1137515

decreased by-2.44%

Number of lines in readme file

56

decreased by-1.75%

No dependency changes