@azure/msal-common - npm Package Compare versions

Comparing version 1.0.0 to 1.1.0

changelog.md

@@ -0,1 +1,14 @@
+# 1.1.0
+## Breaking Changes
+- None
+
+## Features and Fixes
+- Decode state from URI Encoding before comparing (#2049)
+- getAllAccounts() returns empty array instead of `null` (#2059)
+- Updated the `UrlString.canonicalizeUri()` API to be static (#2078)
+- Add sid to `AuthorizationUrlRequest` and as part of request parameters sent to server (#2030)
+- Enable server telemetry headers to be formatted and sent in every request (#1917)
+- Enable platform level state information to be sent and read through the request state (#2045)
+- Add the confidential client flow (#2023)
+
 # 1.0.0
@@ -2,0 +15,0 @@ ## Breaking Changes

dist/src/client/BaseClient.d.ts

@@ -7,4 +7,5 @@ import { ClientConfiguration } from "../config/ClientConfiguration";
 import { NetworkResponse } from "../network/NetworkManager";
-import { ServerAuthorizationTokenResponse } from "../server/ServerAuthorizationTokenResponse";
+import { ServerAuthorizationTokenResponse } from "../response/ServerAuthorizationTokenResponse";
 import { CacheManager } from "../cache/CacheManager";
+import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager";
 /**
@@ -19,2 +20,3 @@ * Base application class which will construct requests to send to and handle responses from the Microsoft STS using the authorization code flow.
     protected networkClient: INetworkModule;
+    protected serverTelemetryManager: ServerTelemetryManager;
     protected authority: Authority;
@@ -21,0 +23,0 @@ protected constructor(configuration: ClientConfiguration);

dist/src/config/ClientConfiguration.d.ts

@@ -6,2 +6,3 @@ import { INetworkModule } from "../network/INetworkModule";
 import { CacheManager } from "../cache/CacheManager";
+import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager";
 /**
@@ -18,2 +19,3 @@ * Use the configuration object to configure MSAL Modules and initialize the base interfaces for MSAL.
  * - systemOptions              - Additional library options
+ * - clientCredentials          - Credentials options for confidential clients
  */
@@ -27,3 +29,5 @@ export declare type ClientConfiguration = {
     cryptoInterface?: ICrypto;
+    clientCredentials?: ClientCredentials;
     libraryInfo?: LibraryInfo;
+    serverTelemetryManager?: ServerTelemetryManager;
 };
@@ -73,2 +77,12 @@ /**
 };
+/**
+ * Credentials for confidential clients
+ */
+export declare type ClientCredentials = {
+    clientSecret?: string;
+    clientAssertion?: {
+        assertion: string;
+        assertionType: string;
+    };
+};
 export declare const DEFAULT_SYSTEM_OPTIONS: SystemOptions;
@@ -82,2 +96,2 @@ /**
  */
-export declare function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions: userSystemOptions, loggerOptions: userLoggerOption, storageInterface: storageImplementation, networkInterface: networkImplementation, cryptoInterface: cryptoImplementation, libraryInfo: libraryInfo }: ClientConfiguration): ClientConfiguration;
+export declare function buildClientConfiguration({ authOptions: userAuthOptions, systemOptions: userSystemOptions, loggerOptions: userLoggerOption, storageInterface: storageImplementation, networkInterface: networkImplementation, cryptoInterface: cryptoImplementation, clientCredentials: clientCredentials, libraryInfo: libraryInfo, serverTelemetryManager: serverTelemetryManager }: ClientConfiguration): ClientConfiguration;

dist/src/error/ClientAuthError.d.ts

@@ -144,2 +144,10 @@ import { AuthError } from "./AuthError";
     };
+    invalidAssertion: {
+        code: string;
+        desc: string;
+    };
+    invalidClientCredential: {
+        code: string;
+        desc: string;
+    };
 };
@@ -298,2 +306,10 @@ /**
     static createUnexpectedCredentialTypeError(): ClientAuthError;
+    /**
+    * Throws error if client assertion is not valid.
+    */
+    static createInvalidAssertionError(): ClientAuthError;
+    /**
+    * Throws error if client assertion is not valid.
+    */
+    static createInvalidCredentialError(): ClientAuthError;
 }

dist/src/index.d.ts

@@ -36,2 +36,3 @@ export { AuthorizationCodeClient } from "./client/AuthorizationCodeClient";
 export { AuthenticationResult } from "./response/AuthenticationResult";
+export { ServerAuthorizationCodeResponse } from "./response/ServerAuthorizationCodeResponse";
 export { ILoggerCallback, LogLevel, Logger } from "./logger/Logger";
@@ -46,3 +47,6 @@ export { InteractionRequiredAuthError } from "./error/InteractionRequiredAuthError";
 export { StringDict } from "./utils/MsalTypes";
-export { ProtocolUtils } from "./utils/ProtocolUtils";
+export { ProtocolUtils, RequestStateObject, LibraryStateObject } from "./utils/ProtocolUtils";
 export { TimeUtils } from "./utils/TimeUtils";
+export { ServerTelemetryCacheValue } from "./telemetry/server/ServerTelemetryCacheValue";
+export { ServerTelemetryManager } from "./telemetry/server/ServerTelemetryManager";
+export { ServerTelemetryRequest } from "./telemetry/server/ServerTelemetryRequest";

dist/src/request/AuthorizationUrlRequest.d.ts

@@ -22,2 +22,3 @@ import { ResponseMode } from "../utils/Constants";
  * - loginHint                  - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim.
+ * - sid                        - Session ID, unique identifier for the session. Available as an optional claim on ID tokens.
  * - domainHint                 - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant.
@@ -38,2 +39,3 @@ * - extraQueryParameters       - String to string map of custom query parameters.
     domainHint?: string;
+    sid?: string;
     extraQueryParameters?: StringDict;
@@ -40,0 +42,0 @@ claims?: string;

dist/src/response/AuthenticationResult.d.ts

@@ -18,3 +18,3 @@ import { StringDict } from "../utils/MsalTypes";
  */
-export declare class AuthenticationResult {
+export declare type AuthenticationResult = {
     uniqueId: string;
@@ -32,2 +32,2 @@ tenantId: string;
     familyId?: string;
-}
+};

dist/src/response/ResponseHandler.d.ts

@@ -1,4 +0,4 @@
-import { ServerAuthorizationTokenResponse } from "../server/ServerAuthorizationTokenResponse";
+import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
 import { ICrypto } from "../crypto/ICrypto";
-import { ServerAuthorizationCodeResponse } from "../server/ServerAuthorizationCodeResponse";
+import { ServerAuthorizationCodeResponse } from "./ServerAuthorizationCodeResponse";
 import { Logger } from "../logger/Logger";
@@ -10,2 +10,3 @@ import { IdToken } from "../account/IdToken";
 import { CacheManager } from "../cache/CacheManager";
+import { RequestStateObject } from "../utils/ProtocolUtils";
 /**
@@ -64,3 +65,3 @@ * Class that handles response parsing.
      */
-    static generateAuthenticationResult(cacheRecord: CacheRecord, idTokenObj: IdToken, fromTokenCache: boolean, stateString?: string): AuthenticationResult;
+    static generateAuthenticationResult(cacheRecord: CacheRecord, idTokenObj: IdToken, fromTokenCache: boolean, requestState?: RequestStateObject): AuthenticationResult;
 }

dist/src/url/UrlString.d.ts

@@ -0,1 +1,2 @@
+import { ServerAuthorizationCodeResponse } from "../response/ServerAuthorizationCodeResponse";
 import { IUri } from "./IUri";
@@ -13,3 +14,3 @@ /**
      */
-    private canonicalizeUri;
+    static canonicalizeUri(url: string): string;
     /**
@@ -37,6 +38,2 @@ * Throws if urlString passed is not a valid authority URI string.
     /**
-     * Returns deserialized portion of URL hash
-     */
-    getDeserializedHash<T>(): T;
-    /**
      * Parses out the components from a url string.
@@ -48,2 +45,6 @@ * @returns An object with the various components. Please cache this value insted of calling this multiple times on the same url.
     /**
+     * Returns deserialized portion of URL hash
+     */
+    static getDeserializedHash(hash: string): ServerAuthorizationCodeResponse;
+    /**
      * Check if the hash of the URL string contains known properties
@@ -50,0 +51,0 @@ */

dist/src/utils/Constants.d.ts

@@ -29,3 +29,5 @@ export declare const Constants: {
 export declare enum HeaderNames {
-    CONTENT_TYPE = "Content-Type"
+    CONTENT_TYPE = "Content-Type",
+    X_CLIENT_CURR_TELEM = "x-client-current-telemetry",
+    X_CLIENT_LAST_TELEM = "x-client-last-telemetry"
 }
@@ -82,3 +84,6 @@ /**
     POST_LOGOUT_URI = "post_logout_redirect_uri",
-    DEVICE_CODE = "device_code"
+    DEVICE_CODE = "device_code",
+    CLIENT_SECRET = "client_secret",
+    CLIENT_ASSERTION = "client_assertion",
+    CLIENT_ASSERTION_TYPE = "client_assertion_type"
 }
@@ -194,3 +199,4 @@ /**
     APP_META_DATA = "AppMetadata",
-    TEMPORARY = "TempCache"
+    TEMPORARY = "TempCache",
+    TELEMETRY = "Telemetry"
 }
@@ -215,1 +221,8 @@ /**
 export declare const ClientInfo = "client_info";
+export declare const SERVER_TELEM_CONSTANTS: {
+    SCHEMA_VERSION: number;
+    FAILURE_LIMIT: number;
+    CACHE_KEY: string;
+    CATEGORY_SEPARATOR: string;
+    VALUE_SEPARATOR: string;
+};

dist/src/utils/ProtocolUtils.d.ts

@@ -7,2 +7,3 @@ import { ICrypto } from "../crypto/ICrypto";
  * - ts - timestamp for the time the request was made. Used to ensure that token expiration is not calculated incorrectly.
+ * - platformState - string value sent from the platform.
  */
@@ -12,2 +13,3 @@ export declare type LibraryStateObject = {
     ts: number;
+    meta?: Record<string, string>;
 };
@@ -30,9 +32,9 @@ /**
      */
-    static setRequestState(userState: string, cryptoObj: ICrypto): string;
+    static setRequestState(cryptoObj: ICrypto, userState?: string, meta?: Record<string, string>): string;
     /**
-     * Generates the state value used by the library.
+     * Generates the state value used by the common library.
      * @param randomGuid
      * @param cryptoObj
      */
-    static generateLibraryState(cryptoObj: ICrypto): string;
+    static generateLibraryState(cryptoObj: ICrypto, meta?: Record<string, string>): string;
     /**
@@ -43,3 +45,3 @@ * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.
      */
-    static parseRequestState(state: string, cryptoObj: ICrypto): RequestStateObject;
+    static parseRequestState(cryptoObj: ICrypto, state: string): RequestStateObject;
 }

package.json

@@ -13,3 +13,3 @@ {
     },
-    "version": "1.0.0",
+    "version": "1.1.0",
     "description": "Microsoft Authentication Library for js",
@@ -77,2 +77,3 @@ "keywords": [
         "babel-plugin-istanbul": "^5.2.0",
+        "beachball": "^1.32.2",
         "chai": "^4.2.0",
@@ -79,0 +80,0 @@ "chai-as-promised": "^7.1.1",

README.md

@@ -32,4 +32,5 @@ # Microsoft Authentication Library for JavaScript (MSAL.js) Common Protocols Package
 | ------| ------- | ---------| --------- |
-| July 20, 2020 | @azure/msal-common v2.0.0 | [Release Notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-common-v1.0.0) | Full release version of the `@azure/msal-common` |
-| May 11, 2020 | @azure/msal-common v2.0.0-beta | Beta version of the `@azure/msal-common` package |
+| August 4, 2020 | @azure/msal-common v1.1.0 | [Release Notes](https://https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-common-v1.1.0)
+| July 20, 2020 | @azure/msal-common v1.0.0 | [Release Notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-common-v1.0.0) | Full release version of the `@azure/msal-common` |
+| May 11, 2020 | @azure/msal-common v1.0.0-beta | Beta version of the `@azure/msal-common` package |
 | January 17, 2020 | @azure/msal-common v1.0.0-alpha | No release notes yet | Alpha version of the `@azure/msal-common` package with authorization code flow for SPAs working in dev. |
@@ -36,0 +37,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1247323

increased by4.63%

Number of package files

69

increased by4.55%

Lines of code

14357

increased by3.81%

Number of lines in readme file

59

increased by1.72%

Worsened metrics

Dev dependency count

36

increased by2.86%

No dependency changes