UNPKG

@azure/msal-browser

Version:

Microsoft Authentication Library for js

github.com/AzureAD/microsoft-authentication-library-for-js

AzureAD/microsoft-authentication-library-for-js

98 lines (95 loc) 4.03 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
/*! @azure/msal-browser v5.6.3 2026-04-01 */ 'use strict'; import { ProtocolUtils, UrlString } from '@azure/msal-common/browser'; export { invoke, invokeAsync } from '@azure/msal-common/browser'; import { createBrowserAuthError } from '../error/BrowserAuthError.mjs'; import { emptyResponse, noStateInHash, unableToParseState } from '../error/BrowserAuthErrorCodes.mjs'; import { base64Decode } from '../encode/Base64Decode.mjs'; /* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. */ /** * Extracts and parses the authentication response from URL (hash and/or query string). * This is a shared utility used across multiple components in msal-browser. * * @returns {Object} An object containing the parsed state information and URL parameters. * @returns {URLSearchParams} params - The parsed URL parameters from the payload. * @returns {string} payload - The combined query string and hash content. * @returns {string} urlHash - The original URL hash. * @returns {string} urlQuery - The original URL query string. * @returns {LibraryStateObject} libraryState - The decoded library state from the state parameter. * * @throws {AuthError} If no authentication payload is found in the URL. * @throws {AuthError} If the state parameter is missing. * @throws {AuthError} If the state is missing required 'id' or 'meta' attributes. */ function parseAuthResponseFromUrl() { // Extract both hash and query string to support hybrid response format const urlHash = window.location.hash; const urlQuery = window.location.search; // Determine which part contains the auth response by checking for 'state' parameter let hasResponseInHash = false; let hasResponseInQuery = false; let payload = ""; let params = undefined; if (urlHash && urlHash.length > 1) { const hashContent = urlHash.charAt(0) === "#" ? urlHash.substring(1) : urlHash; const hashParams = new URLSearchParams(hashContent); if (hashParams.has("state")) { hasResponseInHash = true; payload = hashContent; params = hashParams; } } if (urlQuery && urlQuery.length > 1) { const queryContent = urlQuery.charAt(0) === "?" ? urlQuery.substring(1) : urlQuery; const queryParams = new URLSearchParams(queryContent); if (queryParams.has("state")) { hasResponseInQuery = true; payload = queryContent; params = queryParams; } } // If response is in both, combine them (hybrid format) if (hasResponseInHash && hasResponseInQuery) { const queryContent = urlQuery.charAt(0) === "?" ? urlQuery.substring(1) : urlQuery; const hashContent = urlHash.charAt(0) === "#" ? urlHash.substring(1) : urlHash; payload = `${queryContent}${hashContent}`; params = new URLSearchParams(payload); } if (!payload || !params) { throw createBrowserAuthError(emptyResponse); } const state = params.get("state"); if (!state) { throw createBrowserAuthError(noStateInHash); } const { libraryState } = ProtocolUtils.parseRequestState(base64Decode, state); const { id, meta } = libraryState; if (!id || !meta) { throw createBrowserAuthError(unableToParseState, "missing_library_state"); } return { params, payload, urlHash, urlQuery, hasResponseInHash, hasResponseInQuery, libraryState: { id, meta, }, }; } /** * Gets the homepage url for the current window location. */ function getHomepage() { const currentUrl = new UrlString(window.location.href); const urlComponents = currentUrl.getUrlComponents(); return `${urlComponents.Protocol}//${urlComponents.HostNameAndPort}/`; } export { getHomepage, parseAuthResponseFromUrl }; //# sourceMappingURL=BrowserUtils.mjs.map