@azure/msal-browser/lib/msal-browser.cjs.map

Microsoft Authentication Library for js

{"version":3,"file":"msal-browser.cjs","sources":["../../msal-common/dist/utils/Constants.mjs","../../msal-common/dist/error/AuthErrorCodes.mjs","../../msal-common/dist/error/AuthError.mjs","../../msal-common/dist/error/ClientAuthErrorCodes.mjs","../../msal-common/dist/error/ClientAuthError.mjs","../../msal-common/dist/crypto/ICrypto.mjs","../../msal-common/dist/logger/Logger.mjs","../../msal-common/dist/packageMetadata.mjs","../../msal-common/dist/authority/AuthorityOptions.mjs","../../msal-common/dist/account/AuthToken.mjs","../../msal-common/dist/utils/TimeUtils.mjs","../../msal-common/dist/cache/utils/CacheHelpers.mjs","../../msal-common/dist/error/ClientConfigurationErrorCodes.mjs","../../msal-common/dist/error/ClientConfigurationError.mjs","../../msal-common/dist/utils/StringUtils.mjs","../../msal-common/dist/request/ScopeSet.mjs","../../msal-common/dist/account/ClientInfo.mjs","../../msal-common/dist/account/AccountInfo.mjs","../../msal-common/dist/authority/AuthorityType.mjs","../../msal-common/dist/account/TokenClaims.mjs","../../msal-common/dist/authority/ProtocolMode.mjs","../../msal-common/dist/cache/entities/AccountEntity.mjs","../../msal-common/dist/utils/UrlUtils.mjs","../../msal-common/dist/url/UrlString.mjs","../../msal-common/dist/authority/AuthorityMetadata.mjs","../../msal-common/dist/error/CacheErrorCodes.mjs","../../msal-common/dist/error/CacheError.mjs","../../msal-common/dist/cache/CacheManager.mjs","../../msal-common/dist/config/ClientConfiguration.mjs","../../msal-common/dist/account/CcsCredential.mjs","../../msal-common/dist/constants/AADServerParamKeys.mjs","../../msal-common/dist/request/RequestParameterBuilder.mjs","../../msal-common/dist/authority/OpenIdConfigResponse.mjs","../../msal-common/dist/authority/CloudInstanceDiscoveryResponse.mjs","../../msal-common/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs","../../msal-common/dist/telemetry/performance/PerformanceEvent.mjs","../../msal-common/dist/utils/FunctionWrappers.mjs","../../msal-common/dist/authority/RegionDiscovery.mjs","../../msal-common/dist/authority/Authority.mjs","../../msal-common/dist/authority/AuthorityFactory.mjs","../../msal-common/dist/error/ServerError.mjs","../../msal-common/dist/network/RequestThumbprint.mjs","../../msal-common/dist/network/ThrottlingUtils.mjs","../../msal-common/dist/error/NetworkError.mjs","../../msal-common/dist/client/BaseClient.mjs","../../msal-common/dist/error/InteractionRequiredAuthErrorCodes.mjs","../../msal-common/dist/error/InteractionRequiredAuthError.mjs","../../msal-common/dist/utils/ProtocolUtils.mjs","../../msal-common/dist/crypto/PopTokenGenerator.mjs","../../msal-common/dist/cache/persistence/TokenCacheContext.mjs","../../msal-common/dist/response/ResponseHandler.mjs","../../msal-common/dist/request/RequestValidator.mjs","../../msal-common/dist/utils/ClientAssertionUtils.mjs","../../msal-common/dist/client/AuthorizationCodeClient.mjs","../../msal-common/dist/client/RefreshTokenClient.mjs","../../msal-common/dist/client/SilentFlowClient.mjs","../../msal-common/dist/network/INetworkModule.mjs","../../msal-common/dist/protocol/Authorize.mjs","../../msal-common/dist/request/AuthenticationHeaderParser.mjs","../../msal-common/dist/telemetry/server/ServerTelemetryManager.mjs","../../msal-common/dist/error/JoseHeaderErrorCodes.mjs","../../msal-common/dist/error/JoseHeaderError.mjs","../../msal-common/dist/crypto/JoseHeader.mjs","../../msal-common/dist/telemetry/performance/StubPerformanceClient.mjs","../../msal-common/dist/telemetry/performance/PerformanceClient.mjs","../../src/error/BrowserAuthErrorCodes.ts","../../src/error/BrowserAuthError.ts","../../src/utils/BrowserConstants.ts","../../src/encode/Base64Encode.ts","../../src/encode/Base64Decode.ts","../../src/crypto/BrowserCrypto.ts","../../src/error/BrowserConfigurationAuthErrorCodes.ts","../../src/error/BrowserConfigurationAuthError.ts","../../src/utils/BrowserUtils.ts","../../src/navigation/NavigationClient.ts","../../src/network/FetchClient.ts","../../src/config/Configuration.ts","../../src/packageMetadata.ts","../../src/operatingcontext/BaseOperatingContext.ts","../../src/naa/BridgeStatusCode.ts","../../src/naa/BridgeProxy.ts","../../src/operatingcontext/NestedAppOperatingContext.ts","../../src/operatingcontext/StandardOperatingContext.ts","../../src/cache/DatabaseStorage.ts","../../src/cache/MemoryStorage.ts","../../src/cache/AsyncMemoryStorage.ts","../../src/crypto/CryptoOps.ts","../../src/cache/CookieStorage.ts","../../src/cache/CacheHelpers.ts","../../src/cache/LocalStorage.ts","../../src/cache/SessionStorage.ts","../../src/event/EventType.ts","../../src/cache/BrowserCacheManager.ts","../../src/cache/AccountManager.ts","../../src/event/EventHandler.ts","../../src/interaction_client/BaseInteractionClient.ts","../../src/request/RequestHelpers.ts","../../src/interaction_client/StandardInteractionClient.ts","../../src/error/NativeAuthErrorCodes.ts","../../src/broker/nativeBroker/NativeStatusCodes.ts","../../src/error/NativeAuthError.ts","../../src/broker/nativeBroker/NativeMessageHandler.ts","../../src/utils/BrowserProtocolUtils.ts","../../src/response/ResponseHandler.ts","../../src/interaction_handler/InteractionHandler.ts","../../src/interaction_client/SilentCacheClient.ts","../../src/interaction_client/NativeInteractionClient.ts","../../src/protocol/Authorize.ts","../../src/crypto/PkceGenerator.ts","../../src/interaction_client/PopupClient.ts","../../src/interaction_client/RedirectClient.ts","../../src/interaction_handler/SilentHandler.ts","../../src/interaction_client/SilentIframeClient.ts","../../src/interaction_client/SilentRefreshClient.ts","../../src/cache/TokenCache.ts","../../src/interaction_client/HybridSpaAuthorizationCodeClient.ts","../../src/interaction_client/SilentAuthCodeClient.ts","../../src/utils/MsalFrameStatsUtils.ts","../../src/controllers/StandardController.ts","../../src/naa/BridgeError.ts","../../src/naa/mapping/NestedAppAuthAdapter.ts","../../src/error/NestedAppAuthError.ts","../../src/controllers/NestedAppAuthController.ts","../../src/controllers/ControllerFactory.ts","../../src/app/PublicClientApplication.ts","../../src/controllers/UnknownOperatingContextController.ts","../../src/operatingcontext/UnknownOperatingContext.ts","../../src/app/PublicClientNext.ts","../../src/app/IPublicClientApplication.ts","../../src/event/EventMessage.ts","../../src/crypto/SignedHttpRequest.ts","../../src/telemetry/BrowserPerformanceClient.ts","../../src/telemetry/BrowserPerformanceMeasurement.ts"],"sourcesContent":["/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst Constants = {\r\n    LIBRARY_NAME: \"MSAL.JS\",\r\n    SKU: \"msal.js.common\",\r\n    // Prefix for all library cache entries\r\n    CACHE_PREFIX: \"msal\",\r\n    // default authority\r\n    DEFAULT_AUTHORITY: \"https://login.microsoftonline.com/common/\",\r\n    DEFAULT_AUTHORITY_HOST: \"login.microsoftonline.com\",\r\n    DEFAULT_COMMON_TENANT: \"common\",\r\n    // ADFS String\r\n    ADFS: \"adfs\",\r\n    DSTS: \"dstsv2\",\r\n    // Default AAD Instance Discovery Endpoint\r\n    AAD_INSTANCE_DISCOVERY_ENDPT: \"https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=\",\r\n    // CIAM URL\r\n    CIAM_AUTH_URL: \".ciamlogin.com\",\r\n    AAD_TENANT_DOMAIN_SUFFIX: \".onmicrosoft.com\",\r\n    // Resource delimiter - used for certain cache entries\r\n    RESOURCE_DELIM: \"|\",\r\n    // Placeholder for non-existent account ids/objects\r\n    NO_ACCOUNT: \"NO_ACCOUNT\",\r\n    // Claims\r\n    CLAIMS: \"claims\",\r\n    // Consumer UTID\r\n    CONSUMER_UTID: \"9188040d-6c67-4c5b-b112-36a304b66dad\",\r\n    // Default scopes\r\n    OPENID_SCOPE: \"openid\",\r\n    PROFILE_SCOPE: \"profile\",\r\n    OFFLINE_ACCESS_SCOPE: \"offline_access\",\r\n    EMAIL_SCOPE: \"email\",\r\n    CODE_GRANT_TYPE: \"authorization_code\",\r\n    RT_GRANT_TYPE: \"refresh_token\",\r\n    S256_CODE_CHALLENGE_METHOD: \"S256\",\r\n    URL_FORM_CONTENT_TYPE: \"application/x-www-form-urlencoded;charset=utf-8\",\r\n    AUTHORIZATION_PENDING: \"authorization_pending\",\r\n    NOT_DEFINED: \"not_defined\",\r\n    EMPTY_STRING: \"\",\r\n    NOT_APPLICABLE: \"N/A\",\r\n    NOT_AVAILABLE: \"Not Available\",\r\n    FORWARD_SLASH: \"/\",\r\n    IMDS_ENDPOINT: \"http://169.254.169.254/metadata/instance/compute/location\",\r\n    IMDS_VERSION: \"2020-06-01\",\r\n    IMDS_TIMEOUT: 2000,\r\n    AZURE_REGION_AUTO_DISCOVER_FLAG: \"TryAutoDetect\",\r\n    REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX: \"login.microsoft.com\",\r\n    KNOWN_PUBLIC_CLOUDS: [\r\n        \"login.microsoftonline.com\",\r\n        \"login.windows.net\",\r\n        \"login.microsoft.com\",\r\n        \"sts.windows.net\",\r\n    ],\r\n    SHR_NONCE_VALIDITY: 240,\r\n    INVALID_INSTANCE: \"invalid_instance\",\r\n};\r\nconst HttpStatus = {\r\n    SUCCESS: 200,\r\n    SUCCESS_RANGE_START: 200,\r\n    SUCCESS_RANGE_END: 299,\r\n    REDIRECT: 302,\r\n    CLIENT_ERROR: 400,\r\n    CLIENT_ERROR_RANGE_START: 400,\r\n    BAD_REQUEST: 400,\r\n    UNAUTHORIZED: 401,\r\n    NOT_FOUND: 404,\r\n    REQUEST_TIMEOUT: 408,\r\n    GONE: 410,\r\n    TOO_MANY_REQUESTS: 429,\r\n    CLIENT_ERROR_RANGE_END: 499,\r\n    SERVER_ERROR: 500,\r\n    SERVER_ERROR_RANGE_START: 500,\r\n    SERVICE_UNAVAILABLE: 503,\r\n    GATEWAY_TIMEOUT: 504,\r\n    SERVER_ERROR_RANGE_END: 599,\r\n    MULTI_SIDED_ERROR: 600,\r\n};\r\nconst OIDC_DEFAULT_SCOPES = [\r\n    Constants.OPENID_SCOPE,\r\n    Constants.PROFILE_SCOPE,\r\n    Constants.OFFLINE_ACCESS_SCOPE,\r\n];\r\nconst OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, Constants.EMAIL_SCOPE];\r\n/**\r\n * Request header names\r\n */\r\nconst HeaderNames = {\r\n    CONTENT_TYPE: \"Content-Type\",\r\n    CONTENT_LENGTH: \"Content-Length\",\r\n    RETRY_AFTER: \"Retry-After\",\r\n    CCS_HEADER: \"X-AnchorMailbox\",\r\n    WWWAuthenticate: \"WWW-Authenticate\",\r\n    AuthenticationInfo: \"Authentication-Info\",\r\n    X_MS_REQUEST_ID: \"x-ms-request-id\",\r\n    X_MS_HTTP_VERSION: \"x-ms-httpver\",\r\n};\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nconst PersistentCacheKeys = {\r\n    ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\r\n};\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nconst AADAuthorityConstants = {\r\n    COMMON: \"common\",\r\n    ORGANIZATIONS: \"organizations\",\r\n    CONSUMERS: \"consumers\",\r\n};\r\n/**\r\n * Claims request keys\r\n */\r\nconst ClaimsRequestKeys = {\r\n    ACCESS_TOKEN: \"access_token\",\r\n    XMS_CC: \"xms_cc\",\r\n};\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nconst PromptValue = {\r\n    LOGIN: \"login\",\r\n    SELECT_ACCOUNT: \"select_account\",\r\n    CONSENT: \"consent\",\r\n    NONE: \"none\",\r\n    CREATE: \"create\",\r\n    NO_SESSION: \"no_session\",\r\n};\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nconst CodeChallengeMethodValues = {\r\n    PLAIN: \"plain\",\r\n    S256: \"S256\",\r\n};\r\n/**\r\n * Allowed values for response_type\r\n */\r\nconst OAuthResponseType = {\r\n    CODE: \"code\",\r\n    IDTOKEN_TOKEN: \"id_token token\",\r\n    IDTOKEN_TOKEN_REFRESHTOKEN: \"id_token token refresh_token\",\r\n};\r\n/**\r\n * allowed values for server response type\r\n * @deprecated Use ResponseMode instead\r\n */\r\nconst ServerResponseType = {\r\n    QUERY: \"query\",\r\n    FRAGMENT: \"fragment\",\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nconst ResponseMode = {\r\n    QUERY: \"query\",\r\n    FRAGMENT: \"fragment\",\r\n    FORM_POST: \"form_post\",\r\n};\r\n/**\r\n * allowed grant_type\r\n */\r\nconst GrantType = {\r\n    IMPLICIT_GRANT: \"implicit\",\r\n    AUTHORIZATION_CODE_GRANT: \"authorization_code\",\r\n    CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\r\n    RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\r\n    REFRESH_TOKEN_GRANT: \"refresh_token\",\r\n    DEVICE_CODE_GRANT: \"device_code\",\r\n    JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\r\n};\r\n/**\r\n * Account types in Cache\r\n */\r\nconst CacheAccountType = {\r\n    MSSTS_ACCOUNT_TYPE: \"MSSTS\",\r\n    ADFS_ACCOUNT_TYPE: \"ADFS\",\r\n    MSAV1_ACCOUNT_TYPE: \"MSA\",\r\n    GENERIC_ACCOUNT_TYPE: \"Generic\", // NTLM, Kerberos, FBA, Basic etc\r\n};\r\n/**\r\n * Separators used in cache\r\n */\r\nconst Separators = {\r\n    CACHE_KEY_SEPARATOR: \"-\",\r\n    CLIENT_INFO_SEPARATOR: \".\",\r\n};\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nconst CredentialType = {\r\n    ID_TOKEN: \"IdToken\",\r\n    ACCESS_TOKEN: \"AccessToken\",\r\n    ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\r\n    REFRESH_TOKEN: \"RefreshToken\",\r\n};\r\n/**\r\n * Combine all cache types\r\n */\r\nconst CacheType = {\r\n    ADFS: 1001,\r\n    MSA: 1002,\r\n    MSSTS: 1003,\r\n    GENERIC: 1004,\r\n    ACCESS_TOKEN: 2001,\r\n    REFRESH_TOKEN: 2002,\r\n    ID_TOKEN: 2003,\r\n    APP_METADATA: 3001,\r\n    UNDEFINED: 9999,\r\n};\r\n/**\r\n * More Cache related constants\r\n */\r\nconst APP_METADATA = \"appmetadata\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst THE_FAMILY_ID = \"1\";\r\nconst AUTHORITY_METADATA_CONSTANTS = {\r\n    CACHE_KEY: \"authority-metadata\",\r\n    REFRESH_TIME_SECONDS: 3600 * 24, // 24 Hours\r\n};\r\nconst AuthorityMetadataSource = {\r\n    CONFIG: \"config\",\r\n    CACHE: \"cache\",\r\n    NETWORK: \"network\",\r\n    HARDCODED_VALUES: \"hardcoded_values\",\r\n};\r\nconst SERVER_TELEM_CONSTANTS = {\r\n    SCHEMA_VERSION: 5,\r\n    MAX_CUR_HEADER_BYTES: 80,\r\n    MAX_LAST_HEADER_BYTES: 330,\r\n    MAX_CACHED_ERRORS: 50,\r\n    CACHE_KEY: \"server-telemetry\",\r\n    CATEGORY_SEPARATOR: \"|\",\r\n    VALUE_SEPARATOR: \",\",\r\n    OVERFLOW_TRUE: \"1\",\r\n    OVERFLOW_FALSE: \"0\",\r\n    UNKNOWN_ERROR: \"unknown_error\",\r\n};\r\n/**\r\n * Type of the authentication request\r\n */\r\nconst AuthenticationScheme = {\r\n    BEARER: \"Bearer\",\r\n    POP: \"pop\",\r\n    SSH: \"ssh-cert\",\r\n};\r\n/**\r\n * Constants related to throttling\r\n */\r\nconst ThrottlingConstants = {\r\n    // Default time to throttle RequestThumbprint in seconds\r\n    DEFAULT_THROTTLE_TIME_SECONDS: 60,\r\n    // Default maximum time to throttle in seconds, overrides what the server sends back\r\n    DEFAULT_MAX_THROTTLE_TIME_SECONDS: 3600,\r\n    // Prefix for storing throttling entries\r\n    THROTTLING_PREFIX: \"throttling\",\r\n    // Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\n    X_MS_LIB_CAPABILITY_VALUE: \"retry-after, h429\",\r\n};\r\nconst Errors = {\r\n    INVALID_GRANT_ERROR: \"invalid_grant\",\r\n    CLIENT_MISMATCH_ERROR: \"client_mismatch\",\r\n};\r\n/**\r\n * Password grant parameters\r\n */\r\nconst PasswordGrantConstants = {\r\n    username: \"username\",\r\n    password: \"password\",\r\n};\r\n/**\r\n * Response codes\r\n */\r\nconst ResponseCodes = {\r\n    httpSuccess: 200,\r\n    httpBadRequest: 400,\r\n};\r\n/**\r\n * Region Discovery Sources\r\n */\r\nconst RegionDiscoverySources = {\r\n    FAILED_AUTO_DETECTION: \"1\",\r\n    INTERNAL_CACHE: \"2\",\r\n    ENVIRONMENT_VARIABLE: \"3\",\r\n    IMDS: \"4\",\r\n};\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nconst RegionDiscoveryOutcomes = {\r\n    CONFIGURED_MATCHES_DETECTED: \"1\",\r\n    CONFIGURED_NO_AUTO_DETECTION: \"2\",\r\n    CONFIGURED_NOT_DETECTED: \"3\",\r\n    AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\r\n    AUTO_DETECTION_REQUESTED_FAILED: \"5\",\r\n};\r\n/**\r\n * Specifies the reason for fetching the access token from the identity provider\r\n */\r\nconst CacheOutcome = {\r\n    // When a token is found in the cache or the cache is not supposed to be hit when making the request\r\n    NOT_APPLICABLE: \"0\",\r\n    // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\r\n    FORCE_REFRESH_OR_CLAIMS: \"1\",\r\n    // When the token request goes to the identity provider because no cached access token exists\r\n    NO_CACHED_ACCESS_TOKEN: \"2\",\r\n    // When the token request goes to the identity provider because cached access token expired\r\n    CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\r\n    // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\r\n    PROACTIVELY_REFRESHED: \"4\",\r\n};\r\nconst JsonWebTokenTypes = {\r\n    Jwt: \"JWT\",\r\n    Jwk: \"JWK\",\r\n    Pop: \"pop\",\r\n};\r\nconst ONE_DAY_IN_MS = 86400000;\r\n// Token renewal offset default in seconds\r\nconst DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\n\nexport { AADAuthorityConstants, APP_METADATA, AUTHORITY_METADATA_CONSTANTS, AuthenticationScheme, AuthorityMetadataSource, CLIENT_INFO, CacheAccountType, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, Constants, CredentialType, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, Errors, GrantType, HeaderNames, HttpStatus, JsonWebTokenTypes, OAuthResponseType, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, PasswordGrantConstants, PersistentCacheKeys, PromptValue, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseCodes, ResponseMode, SERVER_TELEM_CONSTANTS, Separators, ServerResponseType, THE_FAMILY_ID, ThrottlingConstants };\n//# sourceMappingURL=Constants.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * AuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nconst unexpectedError = \"unexpected_error\";\r\nconst postRequestFailed = \"post_request_failed\";\n\nexport { postRequestFailed, unexpectedError };\n//# sourceMappingURL=AuthErrorCodes.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\nimport { Constants } from '../utils/Constants.mjs';\nimport { unexpectedError, postRequestFailed } from './AuthErrorCodes.mjs';\nimport * as AuthErrorCodes from './AuthErrorCodes.mjs';\nexport { AuthErrorCodes };\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst AuthErrorMessages = {\r\n    [unexpectedError]: \"Unexpected error in authentication.\",\r\n    [postRequestFailed]: \"Post request failed from the network, could be a 4xx/5xx or a network unavailability. Please check the exact error code for details.\",\r\n};\r\n/**\r\n * AuthErrorMessage class containing string constants used by error codes and messages.\r\n * @deprecated Use AuthErrorCodes instead\r\n */\r\nconst AuthErrorMessage = {\r\n    unexpectedError: {\r\n        code: unexpectedError,\r\n        desc: AuthErrorMessages[unexpectedError],\r\n    },\r\n    postRequestFailed: {\r\n        code: postRequestFailed,\r\n        desc: AuthErrorMessages[postRequestFailed],\r\n    },\r\n};\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nclass AuthError extends Error {\r\n    constructor(errorCode, errorMessage, suberror) {\r\n        const errorString = errorMessage\r\n            ? `${errorCode}: ${errorMessage}`\r\n            : errorCode;\r\n        super(errorString);\r\n        Object.setPrototypeOf(this, AuthError.prototype);\r\n        this.errorCode = errorCode || Constants.EMPTY_STRING;\r\n        this.errorMessage = errorMessage || Constants.EMPTY_STRING;\r\n        this.subError = suberror || Constants.EMPTY_STRING;\r\n        this.name = \"AuthError\";\r\n    }\r\n    setCorrelationId(correlationId) {\r\n        this.correlationId = correlationId;\r\n    }\r\n}\r\nfunction createAuthError(code, additionalMessage) {\r\n    return new AuthError(code, additionalMessage\r\n        ? `${AuthErrorMessages[code]} ${additionalMessage}`\r\n        : AuthErrorMessages[code]);\r\n}\n\nexport { AuthError, AuthErrorMessage, AuthErrorMessages, createAuthError };\n//# sourceMappingURL=AuthError.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst clientInfoDecodingError = \"client_info_decoding_error\";\r\nconst clientInfoEmptyError = \"client_info_empty_error\";\r\nconst tokenParsingError = \"token_parsing_error\";\r\nconst nullOrEmptyToken = \"null_or_empty_token\";\r\nconst endpointResolutionError = \"endpoints_resolution_error\";\r\nconst networkError = \"network_error\";\r\nconst openIdConfigError = \"openid_config_error\";\r\nconst hashNotDeserialized = \"hash_not_deserialized\";\r\nconst invalidState = \"invalid_state\";\r\nconst stateMismatch = \"state_mismatch\";\r\nconst stateNotFound = \"state_not_found\";\r\nconst nonceMismatch = \"nonce_mismatch\";\r\nconst authTimeNotFound = \"auth_time_not_found\";\r\nconst maxAgeTranspired = \"max_age_transpired\";\r\nconst multipleMatchingTokens = \"multiple_matching_tokens\";\r\nconst multipleMatchingAccounts = \"multiple_matching_accounts\";\r\nconst multipleMatchingAppMetadata = \"multiple_matching_appMetadata\";\r\nconst requestCannotBeMade = \"request_cannot_be_made\";\r\nconst cannotRemoveEmptyScope = \"cannot_remove_empty_scope\";\r\nconst cannotAppendScopeSet = \"cannot_append_scopeset\";\r\nconst emptyInputScopeSet = \"empty_input_scopeset\";\r\nconst deviceCodePollingCancelled = \"device_code_polling_cancelled\";\r\nconst deviceCodeExpired = \"device_code_expired\";\r\nconst deviceCodeUnknownError = \"device_code_unknown_error\";\r\nconst noAccountInSilentRequest = \"no_account_in_silent_request\";\r\nconst invalidCacheRecord = \"invalid_cache_record\";\r\nconst invalidCacheEnvironment = \"invalid_cache_environment\";\r\nconst noAccountFound = \"no_account_found\";\r\nconst noCryptoObject = \"no_crypto_object\";\r\nconst unexpectedCredentialType = \"unexpected_credential_type\";\r\nconst invalidAssertion = \"invalid_assertion\";\r\nconst invalidClientCredential = \"invalid_client_credential\";\r\nconst tokenRefreshRequired = \"token_refresh_required\";\r\nconst userTimeoutReached = \"user_timeout_reached\";\r\nconst tokenClaimsCnfRequiredForSignedJwt = \"token_claims_cnf_required_for_signedjwt\";\r\nconst authorizationCodeMissingFromServerResponse = \"authorization_code_missing_from_server_response\";\r\nconst bindingKeyNotRemoved = \"binding_key_not_removed\";\r\nconst endSessionEndpointNotSupported = \"end_session_endpoint_not_supported\";\r\nconst keyIdMissing = \"key_id_missing\";\r\nconst noNetworkConnectivity = \"no_network_connectivity\";\r\nconst userCanceled = \"user_canceled\";\r\nconst missingTenantIdError = \"missing_tenant_id_error\";\r\nconst methodNotImplemented = \"method_not_implemented\";\r\nconst nestedAppAuthBridgeDisabled = \"nested_app_auth_bridge_disabled\";\n\nexport { authTimeNotFound, authorizationCodeMissingFromServerResponse, bindingKeyNotRemoved, cannotAppendScopeSet, cannotRemoveEmptyScope, clientInfoDecodingError, clientInfoEmptyError, deviceCodeExpired, deviceCodePollingCancelled, deviceCodeUnknownError, emptyInputScopeSet, endSessionEndpointNotSupported, endpointResolutionError, hashNotDeserialized, invalidAssertion, invalidCacheEnvironment, invalidCacheRecord, invalidClientCredential, invalidState, keyIdMissing, maxAgeTranspired, methodNotImplemented, missingTenantIdError, multipleMatchingAccounts, multipleMatchingAppMetadata, multipleMatchingTokens, nestedAppAuthBridgeDisabled, networkError, noAccountFound, noAccountInSilentRequest, noCryptoObject, noNetworkConnectivity, nonceMismatch, nullOrEmptyToken, openIdConfigError, requestCannotBeMade, stateMismatch, stateNotFound, tokenClaimsCnfRequiredForSignedJwt, tokenParsingError, tokenRefreshRequired, unexpectedCredentialType, userCanceled, userTimeoutReached };\n//# sourceMappingURL=ClientAuthErrorCodes.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\nimport { clientInfoDecodingError, clientInfoEmptyError, tokenParsingError, nullOrEmptyToken, endpointResolutionError, networkError, openIdConfigError, hashNotDeserialized, invalidState, stateMismatch, stateNotFound, nonceMismatch, authTimeNotFound, maxAgeTranspired, multipleMatchingTokens, multipleMatchingAccounts, multipleMatchingAppMetadata, requestCannotBeMade, cannotRemoveEmptyScope, cannotAppendScopeSet, emptyInputScopeSet, deviceCodePollingCancelled, deviceCodeExpired, deviceCodeUnknownError, noAccountInSilentRequest, invalidCacheRecord, invalidCacheEnvironment, noAccountFound, noCryptoObject, unexpectedCredentialType, invalidAssertion, invalidClientCredential, tokenRefreshRequired, userTimeoutReached, tokenClaimsCnfRequiredForSignedJwt, authorizationCodeMissingFromServerResponse, bindingKeyNotRemoved, endSessionEndpointNotSupported, keyIdMissing, noNetworkConnectivity, userCanceled, missingTenantIdError, nestedAppAuthBridgeDisabled, methodNotImplemented } from './ClientAuthErrorCodes.mjs';\nimport * as ClientAuthErrorCodes from './ClientAuthErrorCodes.mjs';\nexport { ClientAuthErrorCodes };\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\nconst ClientAuthErrorMessages = {\r\n    [clientInfoDecodingError]: \"The client info could not be parsed/decoded correctly\",\r\n    [clientInfoEmptyError]: \"The client info was empty\",\r\n    [tokenParsingError]: \"Token cannot be parsed\",\r\n    [nullOrEmptyToken]: \"The token is null or empty\",\r\n    [endpointResolutionError]: \"Endpoints cannot be resolved\",\r\n    [networkError]: \"Network request failed\",\r\n    [openIdConfigError]: \"Could not retrieve endpoints. Check your authority and verify the .well-known/openid-configuration endpoint returns the required endpoints.\",\r\n    [hashNotDeserialized]: \"The hash parameters could not be deserialized\",\r\n    [invalidState]: \"State was not the expected format\",\r\n    [stateMismatch]: \"State mismatch error\",\r\n    [stateNotFound]: \"State not found\",\r\n    [nonceMismatch]: \"Nonce mismatch error\",\r\n    [authTimeNotFound]: \"Max Age was requested and the ID token is missing the auth_time variable.\" +\r\n        \" auth_time is an optional claim and is not enabled by default - it must be enabled.\" +\r\n        \" See https://aka.ms/msaljs/optional-claims for more information.\",\r\n    [maxAgeTranspired]: \"Max Age is set to 0, or too much time has elapsed since the last end-user authentication.\",\r\n    [multipleMatchingTokens]: \"The cache contains multiple tokens satisfying the requirements. \" +\r\n        \"Call AcquireToken again providing more requirements such as authority or account.\",\r\n    [multipleMatchingAccounts]: \"The cache contains multiple accounts satisfying the given parameters. Please pass more info to obtain the correct account\",\r\n    [multipleMatchingAppMetadata]: \"The cache contains multiple appMetadata satisfying the given parameters. Please pass more info to obtain the correct appMetadata\",\r\n    [requestCannotBeMade]: \"Token request cannot be made without authorization code or refresh token.\",\r\n    [cannotRemoveEmptyScope]: \"Cannot remove null or empty scope from ScopeSet\",\r\n    [cannotAppendScopeSet]: \"Cannot append ScopeSet\",\r\n    [emptyInputScopeSet]: \"Empty input ScopeSet cannot be processed\",\r\n    [deviceCodePollingCancelled]: \"Caller has cancelled token endpoint polling during device code flow by setting DeviceCodeRequest.cancel = true.\",\r\n    [deviceCodeExpired]: \"Device code is expired.\",\r\n    [deviceCodeUnknownError]: \"Device code stopped polling for unknown reasons.\",\r\n    [noAccountInSilentRequest]: \"Please pass an account object, silent flow is not supported without account information\",\r\n    [invalidCacheRecord]: \"Cache record object was null or undefined.\",\r\n    [invalidCacheEnvironment]: \"Invalid environment when attempting to create cache entry\",\r\n    [noAccountFound]: \"No account found in cache for given key.\",\r\n    [noCryptoObject]: \"No crypto object detected.\",\r\n    [unexpectedCredentialType]: \"Unexpected credential type.\",\r\n    [invalidAssertion]: \"Client assertion must meet requirements described in https://tools.ietf.org/html/rfc7515\",\r\n    [invalidClientCredential]: \"Client credential (secret, certificate, or assertion) must not be empty when creating a confidential client. An application should at most have one credential\",\r\n    [tokenRefreshRequired]: \"Cannot return token from cache because it must be refreshed. This may be due to one of the following reasons: forceRefresh parameter is set to true, claims have been requested, there is no cached access token or it is expired.\",\r\n    [userTimeoutReached]: \"User defined timeout for device code polling reached\",\r\n    [tokenClaimsCnfRequiredForSignedJwt]: \"Cannot generate a POP jwt if the token_claims are not populated\",\r\n    [authorizationCodeMissingFromServerResponse]: \"Server response does not contain an authorization code to proceed\",\r\n    [bindingKeyNotRemoved]: \"Could not remove the credential's binding key from storage.\",\r\n    [endSessionEndpointNotSupported]: \"The provided authority does not support logout\",\r\n    [keyIdMissing]: \"A keyId value is missing from the requested bound token's cache record and is required to match the token to it's stored binding key.\",\r\n    [noNetworkConnectivity]: \"No network connectivity. Check your internet connection.\",\r\n    [userCanceled]: \"User cancelled the flow.\",\r\n    [missingTenantIdError]: \"A tenant id - not common, organizations, or consumers - must be specified when using the client_credentials flow.\",\r\n    [methodNotImplemented]: \"This method has not been implemented\",\r\n    [nestedAppAuthBridgeDisabled]: \"The nested app auth bridge is disabled\",\r\n};\r\n/**\r\n * String constants used by error codes and messages.\r\n * @deprecated Use ClientAuthErrorCodes instead\r\n */\r\nconst ClientAuthErrorMessage = {\r\n    clientInfoDecodingError: {\r\n        code: clientInfoDecodingError,\r\n        desc: ClientAuthErrorMessages[clientInfoDecodingError],\r\n    },\r\n    clientInfoEmptyError: {\r\n        code: clientInfoEmptyError,\r\n        desc: ClientAuthErrorMessages[clientInfoEmptyError],\r\n    },\r\n    tokenParsingError: {\r\n        code: tokenParsingError,\r\n        desc: ClientAuthErrorMessages[tokenParsingError],\r\n    },\r\n    nullOrEmptyToken: {\r\n        code: nullOrEmptyToken,\r\n        desc: ClientAuthErrorMessages[nullOrEmptyToken],\r\n    },\r\n    endpointResolutionError: {\r\n        code: endpointResolutionError,\r\n        desc: ClientAuthErrorMessages[endpointResolutionError],\r\n    },\r\n    networkError: {\r\n        code: networkError,\r\n        desc: ClientAuthErrorMessages[networkError],\r\n    },\r\n    unableToGetOpenidConfigError: {\r\n        code: openIdConfigError,\r\n        desc: ClientAuthErrorMessages[openIdConfigError],\r\n    },\r\n    hashNotDeserialized: {\r\n        code: hashNotDeserialized,\r\n        desc: ClientAuthErrorMessages[hashNotDeserialized],\r\n    },\r\n    invalidStateError: {\r\n        code: invalidState,\r\n        desc: ClientAuthErrorMessages[invalidState],\r\n    },\r\n    stateMismatchError: {\r\n        code: stateMismatch,\r\n        desc: ClientAuthErrorMessages[stateMismatch],\r\n    },\r\n    stateNotFoundError: {\r\n        code: stateNotFound,\r\n        desc: ClientAuthErrorMessages[stateNotFound],\r\n    },\r\n    nonceMismatchError: {\r\n        code: nonceMismatch,\r\n        desc: ClientAuthErrorMessages[nonceMismatch],\r\n    },\r\n    authTimeNotFoundError: {\r\n        code: authTimeNotFound,\r\n        desc: ClientAuthErrorMessages[authTimeNotFound],\r\n    },\r\n    maxAgeTranspired: {\r\n        code: maxAgeTranspired,\r\n        desc: ClientAuthErrorMessages[maxAgeTranspired],\r\n    },\r\n    multipleMatchingTokens: {\r\n        code: multipleMatchingTokens,\r\n        desc: ClientAuthErrorMessages[multipleMatchingTokens],\r\n    },\r\n    multipleMatchingAccounts: {\r\n        code: multipleMatchingAccounts,\r\n        desc: ClientAuthErrorMessages[multipleMatchingAccounts],\r\n    },\r\n    multipleMatchingAppMetadata: {\r\n        code: multipleMatchingAppMetadata,\r\n        desc: ClientAuthErrorMessages[multipleMatchingAppMetadata],\r\n    },\r\n    tokenRequestCannotBeMade: {\r\n        code: requestCannotBeMade,\r\n        desc: ClientAuthErrorMessages[requestCannotBeMade],\r\n    },\r\n    removeEmptyScopeError: {\r\n        code: cannotRemoveEmptyScope,\r\n        desc: ClientAuthErrorMessages[cannotRemoveEmptyScope],\r\n    },\r\n    appendScopeSetError: {\r\n        code: cannotAppendScopeSet,\r\n        desc: ClientAuthErrorMessages[cannotAppendScopeSet],\r\n    },\r\n    emptyInputScopeSetError: {\r\n        code: emptyInputScopeSet,\r\n        desc: ClientAuthErrorMessages[emptyInputScopeSet],\r\n    },\r\n    DeviceCodePollingCancelled: {\r\n        code: deviceCodePollingCancelled,\r\n        desc: ClientAuthErrorMessages[deviceCodePollingCancelled],\r\n    },\r\n    DeviceCodeExpired: {\r\n        code: deviceCodeExpired,\r\n        desc: ClientAuthErrorMessages[deviceCodeExpired],\r\n    },\r\n    DeviceCodeUnknownError: {\r\n        code: deviceCodeUnknownError,\r\n        desc: ClientAuthErrorMessages[deviceCodeUnknownError],\r\n    },\r\n    NoAccountInSilentRequest: {\r\n        code: noAccountInSilentRequest,\r\n        desc: ClientAuthErrorMessages[noAccountInSilentRequest],\r\n    },\r\n    invalidCacheRecord: {\r\n        code: invalidCacheRecord,\r\n        desc: ClientAuthErrorMessages[invalidCacheRecord],\r\n    },\r\n    invalidCacheEnvironment: {\r\n        code: invalidCacheEnvironment,\r\n        desc: ClientAuthErrorMessages[invalidCacheEnvironment],\r\n    },\r\n    noAccountFound: {\r\n        code: noAccountFound,\r\n        desc: ClientAuthErrorMessages[noAccountFound],\r\n    },\r\n    noCryptoObj: {\r\n        code: noCryptoObject,\r\n        desc: ClientAuthErrorMessages[noCryptoObject],\r\n    },\r\n    unexpectedCredentialType: {\r\n        code: unexpectedCredentialType,\r\n        desc: ClientAuthErrorMessages[unexpectedCredentialType],\r\n    },\r\n    invalidAssertion: {\r\n        code: invalidAssertion,\r\n        desc: ClientAuthErrorMessages[invalidAssertion],\r\n    },\r\n    invalidClientCredential: {\r\n        code: invalidClientCredential,\r\n        desc: ClientAuthErrorMessages[invalidClientCredential],\r\n    },\r\n    tokenRefreshRequired: {\r\n        code: tokenRefreshRequired,\r\n        desc: ClientAuthErrorMessages[tokenRefreshRequired],\r\n    },\r\n    userTimeoutReached: {\r\n        code: userTimeoutReached,\r\n        desc: ClientAuthErrorMessages[userTimeoutReached],\r\n    },\r\n    tokenClaimsRequired: {\r\n        code: tokenClaimsCnfRequiredForSignedJwt,\r\n        desc: ClientAuthErrorMessages[tokenClaimsCnfRequiredForSignedJwt],\r\n    },\r\n    noAuthorizationCodeFromServer: {\r\n        code: authorizationCodeMissingFromServerResponse,\r\n        desc: ClientAuthErrorMessages[authorizationCodeMissingFromServerResponse],\r\n    },\r\n    bindingKeyNotRemovedError: {\r\n        code: bindingKeyNotRemoved,\r\n        desc: ClientAuthErrorMessages[bindingKeyNotRemoved],\r\n    },\r\n    logoutNotSupported: {\r\n        code: endSessionEndpointNotSupported,\r\n        desc: ClientAuthErrorMessages[endSessionEndpointNotSupported],\r\n    },\r\n    keyIdMissing: {\r\n        code: keyIdMissing,\r\n        desc: ClientAuthErrorMessages[keyIdMissing],\r\n    },\r\n    noNetworkConnectivity: {\r\n        code: noNetworkConnectivity,\r\n        desc: ClientAuthErrorMessages[noNetworkConnectivity],\r\n    },\r\n    userCanceledError: {\r\n        code: userCanceled,\r\n        desc: ClientAuthErrorMessages[userCanceled],\r\n    },\r\n    missingTenantIdError: {\r\n        code: missingTenantIdError,\r\n        desc: ClientAuthErrorMessages[missingTenantIdError],\r\n    },\r\n    nestedAppAuthBridgeDisabled: {\r\n        code: nestedAppAuthBridgeDisabled,\r\n        desc: ClientAuthErrorMessages[nestedAppAuthBridgeDisabled],\r\n    },\r\n};\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nclass ClientAuthError extends AuthError {\r\n    constructor(errorCode, additionalMessage) {\r\n        super(errorCode, additionalMessage\r\n            ? `${ClientAuthErrorMessages[errorCode]}: ${additionalMessage}`\r\n            : ClientAuthErrorMessages[errorCode]);\r\n        this.name = \"ClientAuthError\";\r\n        Object.setPrototypeOf(this, ClientAuthError.prototype);\r\n    }\r\n}\r\nfunction createClientAuthError(errorCode, additionalMessage) {\r\n    return new ClientAuthError(errorCode, additionalMessage);\r\n}\n\nexport { ClientAuthError, ClientAuthErrorMessage, ClientAuthErrorMessages, createClientAuthError };\n//# sourceMappingURL=ClientAuthError.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\nimport { createClientAuthError } from '../error/ClientAuthError.mjs';\nimport { methodNotImplemented } from '../error/ClientAuthErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst DEFAULT_CRYPTO_IMPLEMENTATION = {\r\n    createNewGuid: () => {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    base64Decode: () => {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    base64Encode: () => {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    base64UrlEncode: () => {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    encodeKid: () => {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    async getPublicKeyThumbprint() {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    async removeTokenBindingKey() {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    async clearKeystore() {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    async signJwt() {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n    async hashString() {\r\n        throw createClientAuthError(methodNotImplemented);\r\n    },\r\n};\n\nexport { DEFAULT_CRYPTO_IMPLEMENTATION };\n//# sourceMappingURL=ICrypto.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\nimport { Constants } from '../utils/Constants.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Log message level.\r\n */\r\nvar LogLevel;\r\n(function (LogLevel) {\r\n    LogLevel[LogLevel[\"Error\"] = 0] = \"Error\";\r\n    LogLevel[LogLevel[\"Warning\"] = 1] = \"Warning\";\r\n    LogLevel[LogLevel[\"Info\"] = 2] = \"Info\";\r\n    LogLevel[LogLevel[\"Verbose\"] = 3] = \"Verbose\";\r\n    LogLevel[LogLevel[\"Trace\"] = 4] = \"Trace\";\r\n})(LogLevel || (LogLevel = {}));\r\n/**\r\n * Class which facilitates logging of messages to a specific place.\r\n */\r\nclass Logger {\r\n    constructor(loggerOptions, packageName, packageVersion) {\r\n        // Current log level, defaults to info.\r\n        this.level = LogLevel.Info;\r\n        const defaultLoggerCallback = () => {\r\n            return;\r\n        };\r\n        const setLoggerOptions = loggerOptions || Logger.createDefaultLoggerOptions();\r\n        this.localCallback =\r\n            setLoggerOptions.loggerCallback || defaultLoggerCallback;\r\n        this.piiLoggingEnabled = setLoggerOptions.piiLoggingEnabled || false;\r\n        this.level =\r\n            typeof setLoggerOptions.logLevel === \"number\"\r\n                ? setLoggerOptions.logLevel\r\n                : LogLevel.Info;\r\n        this.correlationId =\r\n            setLoggerOptions.correlationId || Constants.EMPTY_STRING;\r\n        this.packageName = packageName || Constants.EMPTY_STRING;\r\n        this.packageVersion = packageVersion || Constants.EMPTY_STRING;\r\n    }\r\n    static createDefaultLoggerOptions() {\r\n        return {\r\n            loggerCallback: () => {\r\n                // allow users to not set loggerCallback\r\n            },\r\n            piiLoggingEnabled: false,\r\n            logLevel: LogLevel.Info,\r\n        };\r\n    }\r\n    /**\r\n     * Create new Logger with existing configurations.\r\n     */\r\n    clone(packageName, packageVersion, correlationId) {\r\n        return new Logger({\r\n            loggerCallback: this.localCallback,\r\n            piiLoggingEnabled: this.piiLoggingEnabled,\r\n            logLevel: this.level,\r\n            correlationId: correlationId || this.correlationId,\r\n        }, packageName, packageVersion);\r\n    }\r\n    /**\r\n     * Log message with required options.\r\n     */\r\n    logMessage(logMessage, options) {\r\n        if (options.logLevel > this.level ||\r\n            (!this.piiLoggingEnabled && options.containsPii)) {\r\n            return;\r\n        }\r\n        const timestamp = new Date().toUTCString();\r\n        // Add correlationId to logs if set, correlationId provided on log messages take precedence\r\n        const logHeader = `[${timestamp}] : [${options.correlationId || this.correlationId || \"\"}]`;\r\n        const log = `${logHeader} : ${this.packageName}@${this.packageVersion} : ${LogLevel[options.logLevel]} - ${logMessage}`;\r\n        // debug(`msal:${LogLevel[options.logLevel]}${options.containsPii ? \"-Pii\": Constants.EMPTY_STRING}${options.context ? `:${options.context}` : Constants.EMPTY_STRING}`)(logMessage);\r\n        this.executeCallback(options.logLevel, log, options.containsPii || false);\r\n    }\r\n    /**\r\n     * Execute callback with message.\r\n     */\r\n    executeCallback(level, message, containsPii) {\r\n        if (this.localCallback) {\r\n            this.localCallback(level, message, containsPii);\r\n        }\r\n    }\r\n    /**\r\n     * Logs error messages.\r\n     */\r\n    error(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Error,\r\n            containsPii: false,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs error messages with PII.\r\n     */\r\n    errorPii(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Error,\r\n            containsPii: true,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs warning messages.\r\n     */\r\n    warning(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Warning,\r\n            containsPii: false,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs warning messages with PII.\r\n     */\r\n    warningPii(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Warning,\r\n            containsPii: true,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs info messages.\r\n     */\r\n    info(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Info,\r\n            containsPii: false,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs info messages with PII.\r\n     */\r\n    infoPii(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Info,\r\n            containsPii: true,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs verbose messages.\r\n     */\r\n    verbose(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Verbose,\r\n            containsPii: false,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs verbose messages with PII.\r\n     */\r\n    verbosePii(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Verbose,\r\n            containsPii: true,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs trace messages.\r\n     */\r\n    trace(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Trace,\r\n            containsPii: false,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Logs trace messages with PII.\r\n     */\r\n    tracePii(message, correlationId) {\r\n        this.logMessage(message, {\r\n            logLevel: LogLevel.Trace,\r\n            containsPii: true,\r\n            correlationId: correlationId || Constants.EMPTY_STRING,\r\n        });\r\n    }\r\n    /**\r\n     * Returns whether PII Logging is enabled or not.\r\n     */\r\n    isPiiLoggingEnabled() {\r\n        return this.piiLoggingEnabled || false;\r\n    }\r\n}\n\nexport { LogLevel, Logger };\n//# sourceMappingURL=Logger.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/* eslint-disable header/header */\r\nconst name = \"@azure/msal-common\";\r\nconst version = \"15.6.0\";\n\nexport { name, version };\n//# sourceMappingURL=packageMetadata.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst AzureCloudInstance = {\r\n    // AzureCloudInstance is not specified.\r\n    None: \"none\",\r\n    // Microsoft Azure public cloud\r\n    AzurePublic: \"https://login.microsoftonline.com\",\r\n    // Microsoft PPE\r\n    AzurePpe: \"https://login.windows-ppe.net\",\r\n    // Microsoft Chinese national/regional cloud\r\n    AzureChina: \"https://login.chinacloudapi.cn\",\r\n    // Microsoft German national/regional cloud (\"Black Forest\")\r\n    AzureGermany: \"https://login.microsoftonline.de\",\r\n    // US Government cloud\r\n    AzureUsGovernment: \"https://login.microsoftonline.us\",\r\n};\n\nexport { AzureCloudInstance };\n//# sourceMappingURL=AuthorityOptions.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\nimport { createClientAuthError } from '../error/ClientAuthError.mjs';\nimport { tokenParsingError, nullOrEmptyToken, maxAgeTranspired } from '../error/ClientAuthErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Extract token by decoding the rawToken\r\n *\r\n * @param encodedToken\r\n */\r\nfunction extractTokenClaims(encodedToken, base64Decode) {\r\n    const jswPayload = getJWSPayload(encodedToken);\r\n    // token will be decoded to get the username\r\n    try {\r\n        // base64Decode() should throw an error if there is an issue\r\n        const base64Decoded = base64Decode(jswPayload);\r\n        return JSON.parse(base64Decoded);\r\n    }\r\n    catch (err) {\r\n        throw createClientAuthError(tokenParsingError);\r\n    }\r\n}\r\n/**\r\n * decode a JWT\r\n *\r\n * @param authToken\r\n */\r\nfunction getJWSPayload(authToken) {\r\n    if (!authToken) {\r\n        throw createClientAuthError(nullOrEmptyToken);\r\n    }\r\n    const tokenPartsRegex = /^([^\\.\\s]*)\\.([^\\.\\s]+)\\.([^\\.\\s]*)$/;\r\n    const matches = tokenPartsRegex.exec(authToken);\r\n    if (!matches || matches.length < 4) {\r\n        throw createClientAuthError(tokenParsingError);\r\n    }\r\n    /**\r\n     * const crackedToken = {\r\n     *  header: matches[1],\r\n     *  JWSPayload: matches[2],\r\n     *  JWSSig: matches[3],\r\n     * };\r\n     */\r\n    return matches[2];\r\n}\r\n/**\r\n * Determine if the token's max_age has transpired\r\n */\r\nfunction checkMaxAge(authTime, maxAge) {\r\n    /*\r\n     * per https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest\r\n     * To force an immediate re-authentication: If an app requires that a user re-authenticate prior to access,\r\n     * provide a value of 0 for the max_age parameter and the AS will force a fresh login.\r\n     */\r\n    const fiveMinuteSkew = 300000; // five minutes in milliseconds\r\n    if (maxAge === 0 || Date.now() - fiveMinuteSkew > authTime + maxAge) {\r\n        throw createClientAuthError(maxAgeTranspired);\r\n    }\r\n}\n\nexport { checkMaxAge, extractTokenClaims, getJWSPayload };\n//# sourceMappingURL=AuthToken.mjs.map\n","/*! @azure/msal-common v15.6.0 2025-05-06 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Utility functions for managing date and time operations.\r\n */\r\n/**\r\n * return the current time in Unix time (seconds).\r\n */\r\nfunction nowSeconds() {\r\n    // Date.getTime() returns in milliseconds.\r\n    return Math.round(new Date().getTime() / 1000.0);\r\n}\r\n/**\r\n * Converts JS Date object to seconds\r\n * @param date Date\r\n */\r\nfunction toSecondsFromDate(date) {\r\n    // Convert date to seconds\r\n    return d