UNPKG

@azure/msal-browser

Version:

Microsoft Authentication Library for js

github.com/AzureAD/microsoft-authentication-library-for-js

AzureAD/microsoft-authentication-library-for-js

78 lines (72 loc) 2.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
/* * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. */ import { ICrypto, Logger, AuthorizeResponse, UrlUtils, } from "@azure/msal-common/browser"; import { BrowserAuthErrorCodes, createBrowserAuthError, } from "../error/BrowserAuthError.js"; import { extractBrowserRequestState } from "../utils/BrowserProtocolUtils.js"; import { InteractionType } from "../utils/BrowserConstants.js"; export function deserializeResponse( responseString: string, responseLocation: string, logger: Logger, correlationId: string ): AuthorizeResponse { // Deserialize hash fragment response parameters. const serverParams = UrlUtils.getDeserializedResponse(responseString); if (!serverParams) { if (!UrlUtils.stripLeadingHashOrQuery(responseString)) { // Hash or Query string is empty logger.error( `The request has returned to the redirectUri but a '${responseLocation}' is not present. It's likely that the '${responseLocation}' has been removed or the page has been redirected by code running on the redirectUri page.`, correlationId ); throw createBrowserAuthError(BrowserAuthErrorCodes.hashEmptyError); } else { logger.error( `A '${responseLocation}' is present in the iframe but it does not contain known properties. It's likely that the '${responseLocation}' has been replaced by code running on the redirectUri page.`, correlationId ); logger.errorPii( `The '${responseLocation}' detected is: '${responseString}'`, correlationId ); throw createBrowserAuthError( BrowserAuthErrorCodes.hashDoesNotContainKnownProperties ); } } return serverParams; } /** * Returns the interaction type that the response object belongs to */ export function validateInteractionType( response: AuthorizeResponse, browserCrypto: ICrypto, interactionType: InteractionType ): void { if (!response.state) { throw createBrowserAuthError(BrowserAuthErrorCodes.noStateInHash); } const platformStateObj = extractBrowserRequestState( browserCrypto, response.state ); if (!platformStateObj) { throw createBrowserAuthError(BrowserAuthErrorCodes.unableToParseState); } if (platformStateObj.interactionType !== interactionType) { throw createBrowserAuthError( BrowserAuthErrorCodes.stateInteractionTypeMismatch ); } }