		@@ -5,2 +5,38 @@ {
		{
		"date": "Fri, 02 Oct 2020 17:42:35 GMT",
		"tag": "@azure/msal-common_v1.5.0",
		"version": "1.5.0",
		"comments": {
		"minor": [
		{
		"comment": "Implementation of Access Token Proof-of-Possession Flow (#2151, #2153, #2154, #2209, #2289)",
		"author": "prkanher@microsoft.com",
		"commit": "3cffbc99730532bbd0b35f2e3a9df17f032c0675",
		"package": "@azure/msal-common"
		}
		]
		}
		},
		{
		"date": "Wed, 30 Sep 2020 17:58:33 GMT",
		"tag": "@azure/msal-common_v1.4.0",
		"version": "1.4.0",
		"comments": {
		"none": [
		{
		"comment": "Updating dependency versions(#2342)",
		"author": "sameera.gajjarapu@microsoft.com",
		"commit": "bc3f324edd6cf83937c31f73d3aefc6dbaf5f748",
		"package": "@azure/msal-common"
		},
		{
		"comment": "Update changelog versions for msal-node and extensions (#2336)",
		"author": "hectormgdev@gmail.com",
		"commit": "323875a725e0d5049ff6742a9ca5160c2d4b7d0d",
		"package": "@azure/msal-common"
		}
		]
		}
		},
		{
		"date": "Wed, 23 Sep 2020 21:13:48 GMT",
		@@ -7,0 +43,0 @@ "tag": "@azure/msal-common_v1.4.0",

changelog.md

		# Change Log - @azure/msal-common

		This log was last generated on Wed, 23 Sep 2020 21:13:48 GMT and should not be manually modified.
		This log was last generated on Fri, 02 Oct 2020 17:42:35 GMT and should not be manually modified.

		<!-- Start content -->

		## 1.5.0

		Fri, 02 Oct 2020 17:42:35 GMT

		### Minor changes

		- Implementation of Access Token Proof-of-Possession Flow (#2151, #2153, #2154, #2209, #2289) (prkanher@microsoft.com)

		## 1.4.0
		@@ -8,0 +16,0 @@

dist/src/cache/entities/AccessTokenEntity.d.ts

		@@ -46,3 +46,3 @@ import { CredentialEntity } from "./CredentialEntity";
		*/
		static createAccessTokenEntity(homeAccountId: string, environment: string, accessToken: string, clientId: string, tenantId: string, scopes: string, expiresOn: number, extExpiresOn: number, oboAssertion?: string): AccessTokenEntity;
		static createAccessTokenEntity(homeAccountId: string, environment: string, accessToken: string, clientId: string, tenantId: string, scopes: string, expiresOn: number, extExpiresOn: number, tokenType?: string, oboAssertion?: string): AccessTokenEntity;
		/**
		@@ -49,0 +49,0 @@ * Validates an entity: checks for all expected params

dist/src/cache/entities/AccountEntity.d.ts

		import { Authority } from "../../authority/Authority";
		import { IdToken } from "../../account/IdToken";
		import { AuthToken } from "../../account/AuthToken";
		import { ICrypto } from "../../crypto/ICrypto";
		@@ -67,3 +67,3 @@ import { AccountInfo } from "../../account/AccountInfo";
		*/
		static createAccount(clientInfo: string, authority: Authority, idToken: IdToken, crypto: ICrypto, oboAssertion?: string): AccountEntity;
		static createAccount(clientInfo: string, authority: Authority, idToken: AuthToken, crypto: ICrypto, oboAssertion?: string): AccountEntity;
		/**
		@@ -74,3 +74,3 @@ * Build ADFS account type
		*/
		static createADFSAccount(authority: Authority, idToken: IdToken, oboAssertion?: string): AccountEntity;
		static createADFSAccount(authority: Authority, idToken: AuthToken, oboAssertion?: string): AccountEntity;
		/**
		@@ -77,0 +77,0 @@ * Validates an entity: checks for all expected params

dist/src/client/SilentFlowClient.d.ts

		@@ -17,3 +17,3 @@ import { BaseClient } from "./BaseClient";
		*/
		acquireCachedToken(request: SilentFlowRequest): AuthenticationResult;
		acquireCachedToken(request: SilentFlowRequest): Promise<AuthenticationResult>;
		/**
		@@ -20,0 +20,0 @@ * Helper function to build response object from the CacheRecord

dist/src/crypto/ICrypto.d.ts

		@@ -0,1 +1,2 @@
		import { SignedHttpRequest } from "./SignedHttpRequest";
		/**
		@@ -32,2 +33,13 @@ * The PkceCodes type describes the structure
		generatePkceCodes(): Promise<PkceCodes>;
		/**
		* Generates an JWK RSA S256 Thumbprint
		* @param resourceRequestMethod
		* @param resourceRequestUri
		*/
		getPublicKeyThumbprint(resourceRequestMethod: string, resourceRequestUri: string): Promise<string>;
		/**
		* Returns a signed proof-of-possession token with a given acces token that contains a cnf claim with the required kid.
		* @param accessToken
		*/
		signJwt(payload: SignedHttpRequest, kid: string): Promise<string>;
		}

dist/src/error/ClientAuthError.d.ts

		import { AuthError } from "./AuthError";
		import { IdToken } from "../account/IdToken";
		import { ScopeSet } from "../request/ScopeSet";
		@@ -16,7 +15,7 @@ /**
		};
		idTokenParsingError: {
		tokenParsingError: {
		code: string;
		desc: string;
		};
		nullOrEmptyIdToken: {
		nullOrEmptyToken: {
		code: string;
		@@ -57,6 +56,2 @@ desc: string;
		};
		invalidIdToken: {
		code: string;
		desc: string;
		};
		noTokensFoundError: {
		@@ -178,3 +173,3 @@ code: string;
		*/
		static createIdTokenParsingError(caughtExtractionError: string): ClientAuthError;
		static createTokenParsingError(caughtExtractionError: string): ClientAuthError;
		/**
		@@ -184,3 +179,3 @@ * Creates an error thrown when the id token string is null or empty.
		*/
		static createIdTokenNullOrEmptyError(invalidRawTokenString: string): ClientAuthError;
		static createTokenNullOrEmptyError(invalidRawTokenString: string): ClientAuthError;
		/**
		@@ -218,7 +213,2 @@ * Creates an error thrown when the endpoint discovery doesn't complete correctly.
		/**
		* Throws error if idToken is not correctly formed
		* @param idToken
		*/
		static createInvalidIdTokenError(idToken: IdToken): ClientAuthError;
		/**
		* Creates an error thrown when the authorization code required for a token request is null or empty.
		@@ -225,0 +215,0 @@ */

dist/src/index.d.ts

		@@ -10,4 +10,6 @@ export { AuthorizationCodeClient } from "./client/AuthorizationCodeClient";
		export { AccountInfo } from "./account/AccountInfo";
		export { IdToken } from "./account/IdToken";
		export { IdTokenClaims } from "./account/IdTokenClaims";
		export { AuthToken } from "./account/AuthToken";
		export { AuthToken as IdToken } from "./account/AuthToken";
		export { TokenClaims } from "./account/TokenClaims";
		export { TokenClaims as IdTokenClaims } from "./account/TokenClaims";
		export { Authority } from "./authority/Authority";
		@@ -34,2 +36,3 @@ export { CloudDiscoveryMetadata } from "./authority/CloudDiscoveryMetadata";
		export { ICrypto, PkceCodes } from "./crypto/ICrypto";
		export { SignedHttpRequest } from "./crypto/SignedHttpRequest";
		export { BaseAuthRequest } from "./request/BaseAuthRequest";
		@@ -52,3 +55,3 @@ export { AuthorizationUrlRequest } from "./request/AuthorizationUrlRequest";
		export { ClientConfigurationError, ClientConfigurationErrorMessage } from "./error/ClientConfigurationError";
		export { Constants, PromptValue, PersistentCacheKeys, ResponseMode, CacheSchemaType, CredentialType, CacheType } from "./utils/Constants";
		export { Constants, PromptValue, PersistentCacheKeys, ResponseMode, CacheSchemaType, CredentialType, CacheType, AuthenticationScheme } from "./utils/Constants";
		export { StringUtils } from "./utils/StringUtils";
		@@ -55,0 +58,0 @@ export { StringDict } from "./utils/MsalTypes";

dist/src/request/AuthorizationCodeRequest.d.ts

		import { BaseAuthRequest } from "./BaseAuthRequest";
		import { AuthenticationScheme } from "../utils/Constants";
		/**
		@@ -10,4 +11,7 @@ * Request object passed by user to acquire a token from the server exchanging a valid authorization code (second leg of OAuth2.0 Authorization Code flow)
		* - redirectUri - The redirect URI of your app, where the authority will redirect to after the user inputs credentials and consents. It must exactly match one of the redirect URIs you registered in the portal.
		* - authenticationScheme - The type of token retrieved. Defaults to "Bearer". Can also be type "pop".
		* - code - The authorization_code that the user acquired in the first leg of the flow.
		* - codeVerifier - The same code_verifier that was used to obtain the authorization_code. Required if PKCE was used in the authorization code grant request.For more information, see the PKCE RFC: https://tools.ietf.org/html/rfc7636
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		@@ -18,2 +22,3 @@ export declare type AuthorizationCodeRequest = BaseAuthRequest & {
		codeVerifier?: string;
		authenticationScheme?: AuthenticationScheme;
		};

dist/src/request/AuthorizationUrlRequest.d.ts

		@@ -1,2 +0,2 @@
		import { ResponseMode } from "../utils/Constants";
		import { ResponseMode, AuthenticationScheme } from "../utils/Constants";
		import { StringDict } from "../utils/MsalTypes";
		@@ -8,2 +8,3 @@ import { BaseAuthRequest } from "./BaseAuthRequest";
		*
		* - authenticationScheme - The type of token retrieved. Defaults to "Bearer". Can also be type "pop".
		* - scopes - Array of scopes the application is requesting access to.
		@@ -30,4 +31,7 @@ * - claims - A stringified claims request which will be added to all /authorize and /token calls
		* - nonce - A value included in the request that is returned in the id token. A randomly generated unique value is typically used to mitigate replay attacks.
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		export declare type AuthorizationUrlRequest = BaseAuthRequest & {
		authenticationScheme?: AuthenticationScheme;
		redirectUri?: string;
		@@ -34,0 +38,0 @@ extraScopesToConsent?: Array<string>;

dist/src/request/BaseAuthRequest.d.ts

		@@ -7,2 +7,4 @@ /**
		* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		@@ -14,2 +16,4 @@ export declare type BaseAuthRequest = {
		correlationId?: string;
		resourceRequestMethod?: string;
		resourceRequestUri?: string;
		};

dist/src/request/DeviceCodeRequest.d.ts

		@@ -10,2 +10,4 @@ import { DeviceCodeResponse } from "../response/DeviceCodeResponse";
		* - cancel - Boolean to cancel polling of device code endpoint. While the user authenticates on a separate device, MSAL polls the the token endpoint of security token service for the interval specified in the device code response (usually 15 minutes). To stop polling and cancel the request, set cancel=true.
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		@@ -12,0 +14,0 @@ export declare type DeviceCodeRequest = BaseAuthRequest & {

dist/src/request/RefreshTokenRequest.d.ts

		import { BaseAuthRequest } from "./BaseAuthRequest";
		import { AuthenticationScheme } from "../utils/Constants";
		/**
		@@ -9,5 +10,8 @@ * RefreshTokenRequest
		* - refreshToken - A refresh token returned from a previous request to the Identity provider.
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		export declare type RefreshTokenRequest = BaseAuthRequest & {
		refreshToken: string;
		authenticationScheme?: AuthenticationScheme;
		};

dist/src/request/RequestParameterBuilder.d.ts

		@@ -146,2 +146,7 @@ import { ResponseMode } from "../utils/Constants";
		/**
		* add pop_jwk to query params
		* @param cnfString
		*/
		addPopToken(cnfString: string): void;
		/**
		* Utility to create a URL from the params map
		@@ -148,0 +153,0 @@ */

dist/src/request/SilentFlowRequest.d.ts

		@@ -11,2 +11,4 @@ import { AccountInfo } from "../account/AccountInfo";
		* - forceRefresh - Forces silent requests to make network calls if true.
		* - resourceRequestMethod - HTTP Request type used to request data from the resource (i.e. "GET", "POST", etc.). Used for proof-of-possession flows.
		* - resourceRequestUri - URI that token will be used for. Used for proof-of-possession flows.
		*/
		@@ -13,0 +15,0 @@ export declare type SilentFlowRequest = BaseAuthRequest & {

dist/src/response/AuthenticationResult.d.ts

		@@ -27,2 +27,3 @@ import { AccountInfo } from "../account/AccountInfo";
		expiresOn: Date;
		tokenType: string;
		extExpiresOn?: Date;
		@@ -29,0 +30,0 @@ state?: string;

dist/src/response/ResponseHandler.d.ts

		@@ -5,3 +5,3 @@ import { ServerAuthorizationTokenResponse } from "./ServerAuthorizationTokenResponse";
		import { Logger } from "../logger/Logger";
		import { IdToken } from "../account/IdToken";
		import { AuthToken } from "../account/AuthToken";
		import { AuthenticationResult } from "./AuthenticationResult";
		@@ -40,3 +40,3 @@ import { Authority } from "../authority/Authority";
		*/
		handleServerTokenResponse(serverTokenResponse: ServerAuthorizationTokenResponse, authority: Authority, cachedNonce?: string, cachedState?: string, requestScopes?: string[], oboAssertion?: string): AuthenticationResult;
		handleServerTokenResponse(serverTokenResponse: ServerAuthorizationTokenResponse, authority: Authority, resourceRequestMethod?: string, resourceRequestUri?: string, cachedNonce?: string, cachedState?: string, requestScopes?: string[], oboAssertion?: string): Promise<AuthenticationResult>;
		/**
		@@ -66,3 +66,3 @@ * Generates CacheRecord
		*/
		static generateAuthenticationResult(cacheRecord: CacheRecord, idTokenObj: IdToken, fromTokenCache: boolean, requestState?: RequestStateObject): AuthenticationResult;
		static generateAuthenticationResult(cryptoObj: ICrypto, cacheRecord: CacheRecord, idTokenObj: AuthToken, fromTokenCache: boolean, requestState?: RequestStateObject, resourceRequestMethod?: string, resourceRequestUri?: string): Promise<AuthenticationResult>;
		}

dist/src/url/IUri.d.ts

		@@ -11,2 +11,3 @@ /**
		PathSegments: string[];
		QueryString: string;
		}

dist/src/utils/Constants.d.ts

		@@ -90,2 +90,4 @@ export declare const Constants: {
		CLIENT_ASSERTION_TYPE = "client_assertion_type",
		TOKEN_TYPE = "token_type",
		REQ_CNF = "req_cnf",
		OBO_ASSERTION = "assertion",
		@@ -97,18 +99,4 @@ REQUESTED_TOKEN_USE = "requested_token_use",
		/**
		* IdToken claim string constants
		* Claims request keys
		*/
		export declare enum IdTokenClaimName {
		ISSUER = "iss",
		OBJID = "oid",
		SUBJECT = "sub",
		TENANTID = "tid",
		VERSION = "ver",
		PREF_USERNAME = "preferred_username",
		NAME = "name",
		NONCE = "nonce",
		EXPIRATION = "exp",
		HOME_OBJID = "home_oid",
		SESSIONID = "sid",
		CLOUD_INSTANCE_HOSTNAME = "cloud_instance_host_name"
		}
		export declare enum ClaimsRequestKeys {
		@@ -247,2 +235,9 @@ ACCESS_TOKEN = "access_token",
		/**
		* Type of the authentication request
		*/
		export declare enum AuthenticationScheme {
		POP = "pop",
		BEARER = "Bearer"
		}
		/**
		* Constants related to throttling
		@@ -249,0 +244,0 @@ */

dist/src/utils/StringUtils.d.ts

		@@ -1,2 +0,2 @@
		import { DecodedJwt } from "../account/DecodedJwt";
		import { DecodedAuthToken } from "../account/DecodedAuthToken";
		/**
		@@ -9,5 +9,5 @@ * @hidden
		*
		* @param jwtToken
		* @param authToken
		*/
		static decodeJwt(jwtToken: string): DecodedJwt;
		static decodeAuthToken(authToken: string): DecodedAuthToken;
		/**
		@@ -14,0 +14,0 @@ * Check if a string is empty.

package.json

		@@ -13,3 +13,3 @@ {
		},
		"version": "1.4.0",
		"version": "1.5.0",
		"description": "Microsoft Authentication Library for js",
		@@ -16,0 +16,0 @@ "keywords": [

README.md

@@ -0,0 +0,0 @@ # Microsoft Authentication Library for JavaScript (MSAL.js) Common Protocols Package

dist/src/account/DecodedJwt.d.ts

dist/src/account/IdToken.d.ts

dist/src/account/IdTokenClaims.d.ts

dist/index.es.js

Sorry, the diff of this file is too big to display

dist/index.js

Sorry, the diff of this file is too big to display

@azure/msal-common - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics