UNPKG

@azure/msal-browser

Version:

Microsoft Authentication Library for js

github.com/AzureAD/microsoft-authentication-library-for-js

AzureAD/microsoft-authentication-library-for-js

127 lines (124 loc) 6.53 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
/*! @azure/msal-browser v2.28.1 2022-08-01 */ 'use strict'; import { Authority, IdTokenEntity, AuthToken, AccountEntity, ScopeSet, AccessTokenEntity } from '@azure/msal-common'; import { BrowserAuthError } from '../error/BrowserAuthError.js'; /* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. */ /** * Token cache manager */ var TokenCache = /** @class */ (function () { function TokenCache(configuration, storage, logger, cryptoObj) { this.isBrowserEnvironment = typeof window !== "undefined"; this.config = configuration; this.storage = storage; this.logger = logger; this.cryptoObj = cryptoObj; } // Move getAllAccounts here and cache utility APIs /** * API to load tokens to msal-browser cache. * @param request * @param response * @param options */ TokenCache.prototype.loadExternalTokens = function (request, response, options) { this.logger.info("TokenCache - loadExternalTokens called"); if (!response.id_token) { throw BrowserAuthError.createUnableToLoadTokenError("Please ensure server response includes id token."); } if (request.account) { this.loadIdToken(response.id_token, request.account.homeAccountId, request.account.environment, request.account.tenantId, options); this.loadAccessToken(request, response, request.account.homeAccountId, request.account.environment, request.account.tenantId, options); } else if (request.authority) { var authorityUrl = Authority.generateAuthority(request.authority, request.azureCloudOptions); var authorityOptions = { protocolMode: this.config.auth.protocolMode, knownAuthorities: this.config.auth.knownAuthorities, cloudDiscoveryMetadata: this.config.auth.cloudDiscoveryMetadata, authorityMetadata: this.config.auth.authorityMetadata, skipAuthorityMetadataCache: this.config.auth.skipAuthorityMetadataCache, }; var authority = new Authority(authorityUrl, this.config.system.networkClient, this.storage, authorityOptions); // "clientInfo" from options takes precedence over "clientInfo" in response if (options.clientInfo) { this.logger.trace("TokenCache - homeAccountId from options"); this.loadIdToken(response.id_token, options.clientInfo, authority.hostnameAndPort, authority.tenant, options); this.loadAccessToken(request, response, options.clientInfo, authority.hostnameAndPort, authority.tenant, options); } else if (response.client_info) { this.logger.trace("TokenCache - homeAccountId from response"); this.loadIdToken(response.id_token, response.client_info, authority.hostnameAndPort, authority.tenant, options); this.loadAccessToken(request, response, response.client_info, authority.hostnameAndPort, authority.tenant, options); } else { throw BrowserAuthError.createUnableToLoadTokenError("Please provide clientInfo in the response or options."); } } else { throw BrowserAuthError.createUnableToLoadTokenError("Please provide a request with an account or a request with authority."); } }; /** * Helper function to load id tokens to msal-browser cache * @param idToken * @param homeAccountId * @param environment * @param tenantId * @param options */ TokenCache.prototype.loadIdToken = function (idToken, homeAccountId, environment, tenantId, options) { var idTokenEntity = IdTokenEntity.createIdTokenEntity(homeAccountId, environment, idToken, this.config.auth.clientId, tenantId); var idAuthToken = new AuthToken(idToken, this.cryptoObj); var accountEntity = options.clientInfo ? AccountEntity.createAccount(options.clientInfo, homeAccountId, idAuthToken, undefined, undefined, undefined, environment) : AccountEntity.createGenericAccount(homeAccountId, idAuthToken, undefined, undefined, undefined, environment); if (this.isBrowserEnvironment) { this.logger.verbose("TokenCache - loading id token"); this.storage.setAccount(accountEntity); this.storage.setIdTokenCredential(idTokenEntity); } else { throw BrowserAuthError.createUnableToLoadTokenError("loadExternalTokens is designed to work in browser environments only."); } }; /** * Helper function to load access tokens to msal-browser cache * @param request * @param response * @param options * @param homeAccountId * @param environment * @param tenantId * @returns */ TokenCache.prototype.loadAccessToken = function (request, response, homeAccountId, environment, tenantId, options) { if (!response.access_token) { this.logger.verbose("TokenCache - No access token provided for caching"); return; } if (!response.expires_in) { throw BrowserAuthError.createUnableToLoadTokenError("Please ensure server response includes expires_in value."); } if (!options.extendedExpiresOn) { throw BrowserAuthError.createUnableToLoadTokenError("Please provide an extendedExpiresOn value in the options."); } var scopes = new ScopeSet(request.scopes).printScopes(); var expiresOn = options.expiresOn || (response.expires_in + new Date().getTime() / 1000); var extendedExpiresOn = options.extendedExpiresOn; var accessTokenEntity = AccessTokenEntity.createAccessTokenEntity(homeAccountId, environment, response.access_token, this.config.auth.clientId, tenantId, scopes, expiresOn, extendedExpiresOn, this.cryptoObj); if (this.isBrowserEnvironment) { this.logger.verbose("TokenCache - loading access token"); this.storage.setAccessTokenCredential(accessTokenEntity); } else { throw BrowserAuthError.createUnableToLoadTokenError("loadExternalTokens is designed to work in browser environments only."); } }; return TokenCache; }()); export { TokenCache }; //# sourceMappingURL=TokenCache.js.map