RochesterX/PasswordManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial

Browse Source
This commit is contained in:
RochesterX
2025-11-12 10:13:24 -05:00
parent d5b0f97adb
commit 6e820464d5
9761 changed files with 706938 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
node_modules/@azure/msal-browser/src/controllers/ControllerFactory.ts generated vendored Normal file
View File

@@ -0,0 +1,42 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import { NestedAppOperatingContext } from "../operatingcontext/NestedAppOperatingContext.js";
import { StandardOperatingContext } from "../operatingcontext/StandardOperatingContext.js";
import { IController } from "./IController.js";
import { Configuration } from "../config/Configuration.js";
import { StandardController } from "./StandardController.js";
import { NestedAppAuthController } from "./NestedAppAuthController.js";
import { InitializeApplicationRequest } from "../request/InitializeApplicationRequest.js";
export async function createV3Controller(
config: Configuration,
request?: InitializeApplicationRequest
): Promise<IController> {
const standard = new StandardOperatingContext(config);
await standard.initialize();
return StandardController.createController(standard, request);
}
export async function createController(
config: Configuration
): Promise<IController | null> {
const standard = new StandardOperatingContext(config);
const nestedApp = new NestedAppOperatingContext(config);
const operatingContexts = [standard.initialize(), nestedApp.initialize()];
await Promise.all(operatingContexts);
if (nestedApp.isAvailable() && config.auth.supportsNestedAppAuth) {
return NestedAppAuthController.createController(nestedApp);
} else if (standard.isAvailable()) {
return StandardController.createController(standard);
} else {
// Since neither of the actual operating contexts are available keep the UnknownOperatingContextController
return null;
}
}

127
node_modules/@azure/msal-browser/src/controllers/IController.ts generated vendored Normal file
View File

@@ -0,0 +1,127 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import {
AccountInfo,
Logger,
PerformanceCallbackFunction,
IPerformanceClient,
AccountFilter,
} from "@azure/msal-common/browser";
import { RedirectRequest } from "../request/RedirectRequest.js";
import { PopupRequest } from "../request/PopupRequest.js";
import { SilentRequest } from "../request/SilentRequest.js";
import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
import { EndSessionRequest } from "../request/EndSessionRequest.js";
import { ApiId, WrapperSKU } from "../utils/BrowserConstants.js";
import { INavigationClient } from "../navigation/INavigationClient.js";
import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest.js";
import { ITokenCache } from "../cache/ITokenCache.js";
import { AuthorizationCodeRequest } from "../request/AuthorizationCodeRequest.js";
import { BrowserConfiguration } from "../config/Configuration.js";
import { AuthenticationResult } from "../response/AuthenticationResult.js";
import { EventCallbackFunction } from "../event/EventMessage.js";
import { ClearCacheRequest } from "../request/ClearCacheRequest.js";
import { InitializeApplicationRequest } from "../request/InitializeApplicationRequest.js";
import { EventType } from "../event/EventType.js";
export interface IController {
// TODO: Make request mandatory in the next major version?
initialize(
request?: InitializeApplicationRequest,
isBroker?: boolean
): Promise<void>;
acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult>;
acquireTokenRedirect(request: RedirectRequest): Promise<void>;
acquireTokenSilent(
silentRequest: SilentRequest
): Promise<AuthenticationResult>;
acquireTokenByCode(
request: AuthorizationCodeRequest
): Promise<AuthenticationResult>;
acquireTokenNative(
request: PopupRequest | SilentRequest | SsoSilentRequest,
apiId: ApiId,
accountId?: string
): Promise<AuthenticationResult>;
addEventCallback(
callback: EventCallbackFunction,
eventTypes?: Array<EventType>
): string | null;
removeEventCallback(callbackId: string): void;
addPerformanceCallback(callback: PerformanceCallbackFunction): string;
removePerformanceCallback(callbackId: string): boolean;
enableAccountStorageEvents(): void;
disableAccountStorageEvents(): void;
getAccount(accountFilter: AccountFilter): AccountInfo | null;
getAccountByHomeId(homeAccountId: string): AccountInfo | null;
getAccountByLocalId(localId: string): AccountInfo | null;
getAccountByUsername(userName: string): AccountInfo | null;
getAllAccounts(accountFilter?: AccountFilter): AccountInfo[];
handleRedirectPromise(hash?: string): Promise<AuthenticationResult | null>;
loginPopup(request?: PopupRequest): Promise<AuthenticationResult>;
loginRedirect(request?: RedirectRequest): Promise<void>;
logout(logoutRequest?: EndSessionRequest): Promise<void>;
logoutRedirect(logoutRequest?: EndSessionRequest): Promise<void>;
logoutPopup(logoutRequest?: EndSessionPopupRequest): Promise<void>;
clearCache(logoutRequest?: ClearCacheRequest): Promise<void>;
ssoSilent(request: SsoSilentRequest): Promise<AuthenticationResult>;
getTokenCache(): ITokenCache;
getLogger(): Logger;
setLogger(logger: Logger): void;
setActiveAccount(account: AccountInfo | null): void;
getActiveAccount(): AccountInfo | null;
initializeWrapperLibrary(sku: WrapperSKU, version: string): void;
setNavigationClient(navigationClient: INavigationClient): void;
/** @internal */
getConfiguration(): BrowserConfiguration;
hydrateCache(
result: AuthenticationResult,
request:
| SilentRequest
| SsoSilentRequest
| RedirectRequest
| PopupRequest
): Promise<void>;
/** @internal */
isBrowserEnv(): boolean;
/** @internal */
getPerformanceClient(): IPerformanceClient;
}

944
node_modules/@azure/msal-browser/src/controllers/NestedAppAuthController.ts generated vendored Normal file
View File

@@ -0,0 +1,944 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import {
CommonAuthorizationUrlRequest,
CommonSilentFlowRequest,
PerformanceCallbackFunction,
AccountInfo,
Logger,
ICrypto,
IPerformanceClient,
DEFAULT_CRYPTO_IMPLEMENTATION,
PerformanceEvents,
TimeUtils,
buildStaticAuthorityOptions,
AccountEntity,
OIDC_DEFAULT_SCOPES,
BaseAuthRequest,
AccountFilter,
AuthError,
} from "@azure/msal-common/browser";
import { ITokenCache } from "../cache/ITokenCache.js";
import { BrowserConfiguration } from "../config/Configuration.js";
import { INavigationClient } from "../navigation/INavigationClient.js";
import { AuthorizationCodeRequest } from "../request/AuthorizationCodeRequest.js";
import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest.js";
import { EndSessionRequest } from "../request/EndSessionRequest.js";
import { PopupRequest } from "../request/PopupRequest.js";
import { RedirectRequest } from "../request/RedirectRequest.js";
import { SilentRequest } from "../request/SilentRequest.js";
import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
import {
ApiId,
WrapperSKU,
InteractionType,
DEFAULT_REQUEST,
CacheLookupPolicy,
} from "../utils/BrowserConstants.js";
import { IController } from "./IController.js";
import { NestedAppOperatingContext } from "../operatingcontext/NestedAppOperatingContext.js";
import { IBridgeProxy } from "../naa/IBridgeProxy.js";
import { CryptoOps } from "../crypto/CryptoOps.js";
import { NestedAppAuthAdapter } from "../naa/mapping/NestedAppAuthAdapter.js";
import { NestedAppAuthError } from "../error/NestedAppAuthError.js";
import { EventHandler } from "../event/EventHandler.js";
import { EventType } from "../event/EventType.js";
import { EventCallbackFunction, EventError } from "../event/EventMessage.js";
import { AuthenticationResult } from "../response/AuthenticationResult.js";
import {
BrowserCacheManager,
DEFAULT_BROWSER_CACHE_MANAGER,
} from "../cache/BrowserCacheManager.js";
import { ClearCacheRequest } from "../request/ClearCacheRequest.js";
import * as AccountManager from "../cache/AccountManager.js";
import { AccountContext } from "../naa/BridgeAccountContext.js";
import { InitializeApplicationRequest } from "../request/InitializeApplicationRequest.js";
import { createNewGuid } from "../crypto/BrowserCrypto.js";
export class NestedAppAuthController implements IController {
// OperatingContext
protected readonly operatingContext: NestedAppOperatingContext;
// BridgeProxy
protected readonly bridgeProxy: IBridgeProxy;
// Crypto interface implementation
protected readonly browserCrypto: ICrypto;
// Input configuration by developer/user
protected readonly config: BrowserConfiguration;
// Storage interface implementation
protected readonly browserStorage!: BrowserCacheManager;
// Logger
protected logger: Logger;
// Performance telemetry client
protected readonly performanceClient: IPerformanceClient;
// EventHandler
protected readonly eventHandler: EventHandler;
// NestedAppAuthAdapter
protected readonly nestedAppAuthAdapter: NestedAppAuthAdapter;
// currentAccount for NAA apps
protected currentAccountContext: AccountContext | null;
constructor(operatingContext: NestedAppOperatingContext) {
this.operatingContext = operatingContext;
const proxy = this.operatingContext.getBridgeProxy();
if (proxy !== undefined) {
this.bridgeProxy = proxy;
} else {
throw new Error("unexpected: bridgeProxy is undefined");
}
// Set the configuration.
this.config = operatingContext.getConfig();
// Initialize logger
this.logger = this.operatingContext.getLogger();
// Initialize performance client
this.performanceClient = this.config.telemetry.client;
// Initialize the crypto class.
this.browserCrypto = operatingContext.isBrowserEnvironment()
? new CryptoOps(this.logger, this.performanceClient, true)
: DEFAULT_CRYPTO_IMPLEMENTATION;
this.eventHandler = new EventHandler(this.logger);
// Initialize the browser storage class.
this.browserStorage = this.operatingContext.isBrowserEnvironment()
? new BrowserCacheManager(
this.config.auth.clientId,
this.config.cache,
this.browserCrypto,
this.logger,
this.performanceClient,
this.eventHandler,
buildStaticAuthorityOptions(this.config.auth)
)
: DEFAULT_BROWSER_CACHE_MANAGER(
this.config.auth.clientId,
this.logger,
this.performanceClient,
this.eventHandler
);
this.nestedAppAuthAdapter = new NestedAppAuthAdapter(
this.config.auth.clientId,
this.config.auth.clientCapabilities,
this.browserCrypto,
this.logger
);
// Set the active account if available
const accountContext = this.bridgeProxy.getAccountContext();
this.currentAccountContext = accountContext ? accountContext : null;
}
/**
* Factory function to create a new instance of NestedAppAuthController
* @param operatingContext
* @returns Promise<IController>
*/
static async createController(
operatingContext: NestedAppOperatingContext
): Promise<IController> {
const controller = new NestedAppAuthController(operatingContext);
return Promise.resolve(controller);
}
/**
* Specific implementation of initialize function for NestedAppAuthController
* @returns
*/
async initialize(
request?: InitializeApplicationRequest,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
isBroker?: boolean
): Promise<void> {
const initCorrelationId = request?.correlationId || createNewGuid();
await this.browserStorage.initialize(initCorrelationId);
return Promise.resolve();
}
/**
* Validate the incoming request and add correlationId if not present
* @param request
* @returns
*/
private ensureValidRequest<
T extends
| SsoSilentRequest
| SilentRequest
| PopupRequest
| RedirectRequest
>(request: T): T {
if (request?.correlationId) {
return request;
}
return {
...request,
correlationId: this.browserCrypto.createNewGuid(),
};
}
/**
* Internal implementation of acquireTokenInteractive flow
* @param request
* @returns
*/
private async acquireTokenInteractive(
request: PopupRequest | RedirectRequest
): Promise<AuthenticationResult> {
const validRequest = this.ensureValidRequest(request);
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_START,
InteractionType.Popup,
validRequest
);
const atPopupMeasurement = this.performanceClient.startMeasurement(
PerformanceEvents.AcquireTokenPopup,
validRequest.correlationId
);
atPopupMeasurement.add({ nestedAppAuthRequest: true });
try {
const naaRequest =
this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
const reqTimestamp = TimeUtils.nowSeconds();
const response = await this.bridgeProxy.getTokenInteractive(
naaRequest
);
const result: AuthenticationResult = {
...this.nestedAppAuthAdapter.fromNaaTokenResponse(
naaRequest,
response,
reqTimestamp
),
};
// cache the tokens in the response
try {
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
await this.hydrateCache(result, request);
} catch (error) {
this.logger.warningPii(
`Failed to hydrate cache. Error: ${error}`,
validRequest.correlationId
);
}
// cache the account context in memory after successful token fetch
this.currentAccountContext = {
homeAccountId: result.account.homeAccountId,
environment: result.account.environment,
tenantId: result.account.tenantId,
};
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_SUCCESS,
InteractionType.Popup,
result
);
atPopupMeasurement.add({
accessTokenSize: result.accessToken.length,
idTokenSize: result.idToken.length,
});
atPopupMeasurement.end(
{
success: true,
requestId: result.requestId,
},
undefined,
result.account
);
return result;
} catch (e) {
const error =
e instanceof AuthError
? e
: this.nestedAppAuthAdapter.fromBridgeError(e);
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_FAILURE,
InteractionType.Popup,
null,
e as EventError
);
atPopupMeasurement.end(
{
success: false,
},
e,
request.account
);
throw error;
}
}
/**
* Internal implementation of acquireTokenSilent flow
* @param request
* @returns
*/
private async acquireTokenSilentInternal(
request: SilentRequest
): Promise<AuthenticationResult> {
const validRequest = this.ensureValidRequest(request);
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_START,
InteractionType.Silent,
validRequest
);
// Look for tokens in the cache first
const result = await this.acquireTokenFromCache(validRequest);
if (result) {
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_SUCCESS,
InteractionType.Silent,
result
);
return result;
}
// proceed with acquiring tokens via the host
const ssoSilentMeasurement = this.performanceClient.startMeasurement(
PerformanceEvents.SsoSilent,
validRequest.correlationId
);
ssoSilentMeasurement.increment({
visibilityChangeCount: 0,
});
ssoSilentMeasurement.add({
nestedAppAuthRequest: true,
});
try {
const naaRequest =
this.nestedAppAuthAdapter.toNaaTokenRequest(validRequest);
naaRequest.forceRefresh = validRequest.forceRefresh;
const reqTimestamp = TimeUtils.nowSeconds();
const response = await this.bridgeProxy.getTokenSilent(naaRequest);
const result: AuthenticationResult =
this.nestedAppAuthAdapter.fromNaaTokenResponse(
naaRequest,
response,
reqTimestamp
);
// cache the tokens in the response
try {
// cache hydration can fail in JS Runtime scenario that doesn't support full crypto API
await this.hydrateCache(result, request);
} catch (error) {
this.logger.warningPii(
`Failed to hydrate cache. Error: ${error}`,
validRequest.correlationId
);
}
// cache the account context in memory after successful token fetch
this.currentAccountContext = {
homeAccountId: result.account.homeAccountId,
environment: result.account.environment,
tenantId: result.account.tenantId,
};
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_SUCCESS,
InteractionType.Silent,
result
);
ssoSilentMeasurement?.add({
accessTokenSize: result.accessToken.length,
idTokenSize: result.idToken.length,
});
ssoSilentMeasurement?.end(
{
success: true,
requestId: result.requestId,
},
undefined,
result.account
);
return result;
} catch (e) {
const error =
e instanceof AuthError
? e
: this.nestedAppAuthAdapter.fromBridgeError(e);
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_FAILURE,
InteractionType.Silent,
null,
e as EventError
);
ssoSilentMeasurement?.end(
{
success: false,
},
e,
request.account
);
throw error;
}
}
/**
* acquires tokens from cache
* @param request
* @returns
*/
private async acquireTokenFromCache(
request: SilentRequest
): Promise<AuthenticationResult | null> {
const atsMeasurement = this.performanceClient.startMeasurement(
PerformanceEvents.AcquireTokenSilent,
request.correlationId
);
atsMeasurement?.add({
nestedAppAuthRequest: true,
});
// if the request has claims, we cannot look up in the cache
if (request.claims) {
this.logger.verbose(
"Claims are present in the request, skipping cache lookup"
);
return null;
}
// if the request has forceRefresh, we cannot look up in the cache
if (request.forceRefresh) {
this.logger.verbose(
"forceRefresh is set to true, skipping cache lookup"
);
return null;
}
// respect cache lookup policy
let result: AuthenticationResult | null = null;
if (!request.cacheLookupPolicy) {
request.cacheLookupPolicy = CacheLookupPolicy.Default;
}
switch (request.cacheLookupPolicy) {
case CacheLookupPolicy.Default:
case CacheLookupPolicy.AccessToken:
case CacheLookupPolicy.AccessTokenAndRefreshToken:
result = await this.acquireTokenFromCacheInternal(request);
break;
default:
return null;
}
if (result) {
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_SUCCESS,
InteractionType.Silent,
result
);
atsMeasurement.add({
accessTokenSize: result.accessToken.length,
idTokenSize: result.idToken.length,
});
atsMeasurement.end(
{
success: true,
},
undefined,
result.account
);
return result;
}
this.logger.warning(
"Cached tokens are not found for the account, proceeding with silent token request."
);
this.eventHandler.emitEvent(
EventType.ACQUIRE_TOKEN_FAILURE,
InteractionType.Silent,
null
);
atsMeasurement.end(
{
success: false,
},
undefined,
request.account
);
return null;
}
/**
*
* @param request
* @returns
*/
private async acquireTokenFromCacheInternal(
request: SilentRequest
): Promise<AuthenticationResult | null> {
// always prioritize the account context from the bridge
const accountContext =
this.bridgeProxy.getAccountContext() || this.currentAccountContext;
let currentAccount: AccountInfo | null = null;
const correlationId =
request.correlationId || this.browserCrypto.createNewGuid();
if (accountContext) {
currentAccount = AccountManager.getAccount(
accountContext,
this.logger,
this.browserStorage,
correlationId
);
}
// fall back to brokering if no cached account is found
if (!currentAccount) {
this.logger.verbose(
"No active account found, falling back to the host"
);
return Promise.resolve(null);
}
this.logger.verbose(
"active account found, attempting to acquire token silently"
);
const authRequest: BaseAuthRequest = {
...request,
correlationId:
request.correlationId || this.browserCrypto.createNewGuid(),
authority: request.authority || currentAccount.environment,
scopes: request.scopes?.length
? request.scopes
: [...OIDC_DEFAULT_SCOPES],
};
// fetch access token and check for expiry
const tokenKeys = this.browserStorage.getTokenKeys();
const cachedAccessToken = this.browserStorage.getAccessToken(
currentAccount,
authRequest,
tokenKeys,
currentAccount.tenantId
);
// If there is no access token, log it and return null
if (!cachedAccessToken) {
this.logger.verbose("No cached access token found");
return Promise.resolve(null);
} else if (
TimeUtils.wasClockTurnedBack(cachedAccessToken.cachedAt) ||
TimeUtils.isTokenExpired(
cachedAccessToken.expiresOn,
this.config.system.tokenRenewalOffsetSeconds
)
) {
this.logger.verbose("Cached access token has expired");
return Promise.resolve(null);
}
const cachedIdToken = this.browserStorage.getIdToken(
currentAccount,
authRequest.correlationId,
tokenKeys,
currentAccount.tenantId,
this.performanceClient
);
if (!cachedIdToken) {
this.logger.verbose("No cached id token found");
return Promise.resolve(null);
}
return this.nestedAppAuthAdapter.toAuthenticationResultFromCache(
currentAccount,
cachedIdToken,
cachedAccessToken,
authRequest,
authRequest.correlationId
);
}
/**
* acquireTokenPopup flow implementation
* @param request
* @returns
*/
async acquireTokenPopup(
request: PopupRequest
): Promise<AuthenticationResult> {
return this.acquireTokenInteractive(request);
}
/**
* acquireTokenRedirect flow is not supported in nested app auth
* @param request
*/
// eslint-disable-next-line @typescript-eslint/no-unused-vars
acquireTokenRedirect(request: RedirectRequest): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
/**
* acquireTokenSilent flow implementation
* @param silentRequest
* @returns
*/
async acquireTokenSilent(
silentRequest: SilentRequest
): Promise<AuthenticationResult> {
return this.acquireTokenSilentInternal(silentRequest);
}
/**
* Hybrid flow is not currently supported in nested app auth
* @param request
*/
// eslint-disable-next-line @typescript-eslint/no-unused-vars
acquireTokenByCode(
request: AuthorizationCodeRequest // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<AuthenticationResult> {
throw NestedAppAuthError.createUnsupportedError();
}
/**
* acquireTokenNative flow is not currently supported in nested app auth
* @param request
* @param apiId
* @param accountId
*/
acquireTokenNative(
request: // eslint-disable-line @typescript-eslint/no-unused-vars
| SilentRequest
| Partial<
Omit<
CommonAuthorizationUrlRequest,
| "requestedClaimsHash"
| "responseMode"
| "earJwk"
| "codeChallenge"
| "codeChallengeMethod"
| "platformBroker"
>
>
| PopupRequest,
apiId: ApiId, // eslint-disable-line @typescript-eslint/no-unused-vars
accountId?: string | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<AuthenticationResult> {
throw NestedAppAuthError.createUnsupportedError();
}
/**
* acquireTokenByRefreshToken flow is not currently supported in nested app auth
* @param commonRequest
* @param silentRequest
*/
acquireTokenByRefreshToken(
commonRequest: CommonSilentFlowRequest, // eslint-disable-line @typescript-eslint/no-unused-vars
silentRequest: SilentRequest // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<AuthenticationResult> {
throw NestedAppAuthError.createUnsupportedError();
}
/**
* Adds event callbacks to array
* @param callback
* @param eventTypes
*/
addEventCallback(
callback: EventCallbackFunction,
eventTypes?: Array<EventType>
): string | null {
return this.eventHandler.addEventCallback(callback, eventTypes);
}
/**
* Removes callback with provided id from callback array
* @param callbackId
*/
removeEventCallback(callbackId: string): void {
this.eventHandler.removeEventCallback(callbackId);
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
addPerformanceCallback(callback: PerformanceCallbackFunction): string {
throw NestedAppAuthError.createUnsupportedError();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
removePerformanceCallback(callbackId: string): boolean {
throw NestedAppAuthError.createUnsupportedError();
}
enableAccountStorageEvents(): void {
throw NestedAppAuthError.createUnsupportedError();
}
disableAccountStorageEvents(): void {
throw NestedAppAuthError.createUnsupportedError();
}
// #region Account APIs
/**
* Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned.
* @param accountFilter - (Optional) filter to narrow down the accounts returned
* @returns Array of AccountInfo objects in cache
*/
getAllAccounts(accountFilter?: AccountFilter): AccountInfo[] {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getAllAccounts(
this.logger,
this.browserStorage,
this.isBrowserEnv(),
correlationId,
accountFilter
);
}
/**
* Returns the first account found in the cache that matches the account filter passed in.
* @param accountFilter
* @returns The first account found in the cache matching the provided filter or null if no account could be found.
*/
getAccount(accountFilter: AccountFilter): AccountInfo | null {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getAccount(
accountFilter,
this.logger,
this.browserStorage,
correlationId
);
}
/**
* Returns the signed in account matching username.
* (the account object is created at the time of successful login)
* or null when no matching account is found.
* This API is provided for convenience but getAccountById should be used for best reliability
* @param username
* @returns The account object stored in MSAL
*/
getAccountByUsername(username: string): AccountInfo | null {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getAccountByUsername(
username,
this.logger,
this.browserStorage,
correlationId
);
}
/**
* Returns the signed in account matching homeAccountId.
* (the account object is created at the time of successful login)
* or null when no matching account is found
* @param homeAccountId
* @returns The account object stored in MSAL
*/
getAccountByHomeId(homeAccountId: string): AccountInfo | null {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getAccountByHomeId(
homeAccountId,
this.logger,
this.browserStorage,
correlationId
);
}
/**
* Returns the signed in account matching localAccountId.
* (the account object is created at the time of successful login)
* or null when no matching account is found
* @param localAccountId
* @returns The account object stored in MSAL
*/
getAccountByLocalId(localAccountId: string): AccountInfo | null {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getAccountByLocalId(
localAccountId,
this.logger,
this.browserStorage,
correlationId
);
}
/**
* Sets the account to use as the active account. If no account is passed to the acquireToken APIs, then MSAL will use this active account.
* @param account
*/
setActiveAccount(account: AccountInfo | null): void {
/*
* StandardController uses this to allow the developer to set the active account
* in the nested app auth scenario the active account is controlled by the app hosting the nested app
*/
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.setActiveAccount(
account,
this.browserStorage,
correlationId
);
}
/**
* Gets the currently active account
*/
getActiveAccount(): AccountInfo | null {
const correlationId = this.browserCrypto.createNewGuid();
return AccountManager.getActiveAccount(
this.browserStorage,
correlationId
);
}
// #endregion
handleRedirectPromise(
hash?: string | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<AuthenticationResult | null> {
return Promise.resolve(null);
}
loginPopup(
request?: PopupRequest | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<AuthenticationResult> {
return this.acquireTokenInteractive(request || DEFAULT_REQUEST);
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
loginRedirect(request?: RedirectRequest | undefined): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
logout(logoutRequest?: EndSessionRequest | undefined): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
logoutRedirect(
logoutRequest?: EndSessionRequest | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
logoutPopup(
logoutRequest?: EndSessionPopupRequest | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
ssoSilent(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request: Partial<
Omit<
CommonAuthorizationUrlRequest,
| "requestedClaimsHash"
| "responseMode"
| "earJwk"
| "codeChallenge"
| "codeChallengeMethod"
| "platformBroker"
>
>
): Promise<AuthenticationResult> {
return this.acquireTokenSilentInternal(request as SilentRequest);
}
getTokenCache(): ITokenCache {
throw NestedAppAuthError.createUnsupportedError();
}
/**
* Returns the logger instance
*/
public getLogger(): Logger {
return this.logger;
}
/**
* Replaces the default logger set in configurations with new Logger with new configurations
* @param logger Logger instance
*/
setLogger(logger: Logger): void {
this.logger = logger;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
initializeWrapperLibrary(sku: WrapperSKU, version: string): void {
/*
* Standard controller uses this to set the sku and version of the wrapper library in the storage
* we do nothing here
*/
return;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
setNavigationClient(navigationClient: INavigationClient): void {
this.logger.warning(
"setNavigationClient is not supported in nested app auth"
);
}
getConfiguration(): BrowserConfiguration {
return this.config;
}
isBrowserEnv(): boolean {
return this.operatingContext.isBrowserEnvironment();
}
getBrowserCrypto(): ICrypto {
return this.browserCrypto;
}
getPerformanceClient(): IPerformanceClient {
throw NestedAppAuthError.createUnsupportedError();
}
getRedirectResponse(): Map<string, Promise<AuthenticationResult | null>> {
throw NestedAppAuthError.createUnsupportedError();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
async clearCache(logoutRequest?: ClearCacheRequest): Promise<void> {
throw NestedAppAuthError.createUnsupportedError();
}
async hydrateCache(
result: AuthenticationResult,
request:
| SilentRequest
| SsoSilentRequest
| RedirectRequest
| PopupRequest
): Promise<void> {
this.logger.verbose("hydrateCache called");
const accountEntity = AccountEntity.createFromAccountInfo(
result.account,
result.cloudGraphHostName,
result.msGraphHost
);
await this.browserStorage.setAccount(
accountEntity,
result.correlationId
);
return this.browserStorage.hydrateCache(result, request);
}
}

2557
node_modules/@azure/msal-browser/src/controllers/StandardController.ts generated vendored Normal file
View File

File diff suppressed because it is too large Load Diff

385
node_modules/@azure/msal-browser/src/controllers/UnknownOperatingContextController.ts generated vendored Normal file
View File

@@ -0,0 +1,385 @@
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
import {
CommonAuthorizationUrlRequest,
CommonSilentFlowRequest,
PerformanceCallbackFunction,
AccountInfo,
Logger,
ICrypto,
IPerformanceClient,
DEFAULT_CRYPTO_IMPLEMENTATION,
AccountFilter,
} from "@azure/msal-common/browser";
import { ITokenCache } from "../cache/ITokenCache.js";
import { BrowserConfiguration } from "../config/Configuration.js";
import {
BrowserCacheManager,
DEFAULT_BROWSER_CACHE_MANAGER,
} from "../cache/BrowserCacheManager.js";
import { INavigationClient } from "../navigation/INavigationClient.js";
import { AuthorizationCodeRequest } from "../request/AuthorizationCodeRequest.js";
import { EndSessionPopupRequest } from "../request/EndSessionPopupRequest.js";
import { EndSessionRequest } from "../request/EndSessionRequest.js";
import { PopupRequest } from "../request/PopupRequest.js";
import { RedirectRequest } from "../request/RedirectRequest.js";
import { SilentRequest } from "../request/SilentRequest.js";
import { SsoSilentRequest } from "../request/SsoSilentRequest.js";
import { AuthenticationResult } from "../response/AuthenticationResult.js";
import { ApiId, WrapperSKU } from "../utils/BrowserConstants.js";
import { IController } from "./IController.js";
import { UnknownOperatingContext } from "../operatingcontext/UnknownOperatingContext.js";
import { CryptoOps } from "../crypto/CryptoOps.js";
import {
blockAPICallsBeforeInitialize,
blockNonBrowserEnvironment,
} from "../utils/BrowserUtils.js";
import { EventCallbackFunction } from "../event/EventMessage.js";
import { ClearCacheRequest } from "../request/ClearCacheRequest.js";
import { EventType } from "../event/EventType.js";
import { EventHandler } from "../event/EventHandler.js";
/**
* UnknownOperatingContextController class
*
* - Until initialize method is called, this controller is the default
* - AFter initialize method is called, this controller will be swapped out for the appropriate controller
* if the operating context can be determined; otherwise this controller will continued be used
*
* - Why do we have this? We don't want to dynamically import (download) all of the code in StandardController if we don't need to.
*
* - Only includes implementation for getAccounts and handleRedirectPromise
* - All other methods are will throw initialization error (because either initialize method or the factory method were not used)
* - This controller is necessary for React Native wrapper, server side rendering and any other scenario where we don't have a DOM
*
*/
export class UnknownOperatingContextController implements IController {
// OperatingContext
protected readonly operatingContext: UnknownOperatingContext;
// Logger
protected logger: Logger;
// Storage interface implementation
protected readonly browserStorage: BrowserCacheManager;
// Input configuration by developer/user
protected readonly config: BrowserConfiguration;
// Performance telemetry client
protected readonly performanceClient: IPerformanceClient;
// Event handler
private readonly eventHandler: EventHandler;
// Crypto interface implementation
protected readonly browserCrypto: ICrypto;
// Flag to indicate if in browser environment
protected isBrowserEnvironment: boolean;
// Flag representing whether or not the initialize API has been called and completed
protected initialized: boolean = false;
constructor(operatingContext: UnknownOperatingContext) {
this.operatingContext = operatingContext;
this.isBrowserEnvironment =
this.operatingContext.isBrowserEnvironment();
this.config = operatingContext.getConfig();
this.logger = operatingContext.getLogger();
// Initialize performance client
this.performanceClient = this.config.telemetry.client;
// Initialize the crypto class.
this.browserCrypto = this.isBrowserEnvironment
? new CryptoOps(this.logger, this.performanceClient)
: DEFAULT_CRYPTO_IMPLEMENTATION;
this.eventHandler = new EventHandler(this.logger);
// Initialize the browser storage class.
this.browserStorage = this.isBrowserEnvironment
? new BrowserCacheManager(
this.config.auth.clientId,
this.config.cache,
this.browserCrypto,
this.logger,
this.performanceClient,
this.eventHandler,
undefined
)
: DEFAULT_BROWSER_CACHE_MANAGER(
this.config.auth.clientId,
this.logger,
this.performanceClient,
this.eventHandler
);
}
getBrowserStorage(): BrowserCacheManager {
return this.browserStorage;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
getAccount(accountFilter: AccountFilter): AccountInfo | null {
return null;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
getAccountByHomeId(homeAccountId: string): AccountInfo | null {
return null;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
getAccountByLocalId(localAccountId: string): AccountInfo | null {
return null;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
getAccountByUsername(username: string): AccountInfo | null {
return null;
}
getAllAccounts(): AccountInfo[] {
return [];
}
initialize(): Promise<void> {
this.initialized = true;
return Promise.resolve();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
acquireTokenRedirect(request: RedirectRequest): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return Promise.resolve();
}
acquireTokenSilent(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
silentRequest: SilentRequest
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
acquireTokenByCode(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request: AuthorizationCodeRequest
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
acquireTokenNative(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request:
| PopupRequest
| SilentRequest
| Partial<
Omit<
CommonAuthorizationUrlRequest,
| "responseMode"
| "earJwk"
| "codeChallenge"
| "codeChallengeMethod"
| "requestedClaimsHash"
| "platformBroker"
>
>,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
apiId: ApiId,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
accountId?: string | undefined
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
acquireTokenByRefreshToken(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
commonRequest: CommonSilentFlowRequest,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
silentRequest: SilentRequest
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
addEventCallback(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
callback: EventCallbackFunction,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
eventTypes?: Array<EventType>
): string | null {
return null;
}
removeEventCallback(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
callbackId: string
): void {}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
addPerformanceCallback(callback: PerformanceCallbackFunction): string {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return "";
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
removePerformanceCallback(callbackId: string): boolean {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return true;
}
enableAccountStorageEvents(): void {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
disableAccountStorageEvents(): void {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
handleRedirectPromise(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
hash?: string | undefined
): Promise<AuthenticationResult | null> {
blockAPICallsBeforeInitialize(this.initialized);
return Promise.resolve(null);
}
loginPopup(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request?: PopupRequest | undefined
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
loginRedirect(request?: RedirectRequest | undefined): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<void>;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
logout(logoutRequest?: EndSessionRequest | undefined): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<void>;
}
logoutRedirect(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
logoutRequest?: EndSessionRequest | undefined
): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<void>;
}
logoutPopup(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
logoutRequest?: EndSessionPopupRequest | undefined
): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<void>;
}
ssoSilent(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request: Partial<
Omit<
CommonAuthorizationUrlRequest,
| "responseMode"
| "earJwk"
| "codeChallenge"
| "codeChallengeMethod"
| "requestedClaimsHash"
| "platformBroker"
>
>
): Promise<AuthenticationResult> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Promise<AuthenticationResult>;
}
getTokenCache(): ITokenCache {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as ITokenCache;
}
getLogger(): Logger {
return this.logger;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
setLogger(logger: Logger): void {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
setActiveAccount(account: AccountInfo | null): void {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
getActiveAccount(): AccountInfo | null {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return null;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
initializeWrapperLibrary(sku: WrapperSKU, version: string): void {
this.browserStorage.setWrapperMetadata(sku, version);
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
setNavigationClient(navigationClient: INavigationClient): void {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
getConfiguration(): BrowserConfiguration {
return this.config;
}
isBrowserEnv(): boolean {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return true;
}
getBrowserCrypto(): ICrypto {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as ICrypto;
}
getPerformanceClient(): IPerformanceClient {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as IPerformanceClient;
}
getRedirectResponse(): Map<string, Promise<AuthenticationResult | null>> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
return {} as Map<string, Promise<AuthenticationResult | null>>;
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
async clearCache(logoutRequest?: ClearCacheRequest): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
// eslint-disable-next-line @typescript-eslint/no-unused-vars
async hydrateCache(
// eslint-disable-next-line @typescript-eslint/no-unused-vars
result: AuthenticationResult,
// eslint-disable-next-line @typescript-eslint/no-unused-vars
request:
| SilentRequest
| SsoSilentRequest
| RedirectRequest
| PopupRequest
): Promise<void> {
blockAPICallsBeforeInitialize(this.initialized);
blockNonBrowserEnvironment();
}
}