From f0802a137253a664b0ca6ec3749c2df79e0c6ddb Mon Sep 17 00:00:00 2001 From: Sameera Gajjarapu Date: Tue, 14 Jan 2025 19:28:10 -0800 Subject: [PATCH] Rename `native` to `platformBroker` in public API and docs (#7503) As CIAM has already a `native` component for all MSAL platforms and they plan to implement the same for JS, we are clarifying the nomenclature for platform broker flows --------- Co-authored-by: Thomas Norling Co-authored-by: Hector Morales --- ...-b99b4861-e6bf-410d-90d4-a6735bd10eb9.json | 7 + ...-74a12d5f-e927-4402-ad19-8b4fe41d1acd.json | 7 + ...-29b9bf5a-d41a-4f62-b8ac-18c563bb3243.json | 7 + lib/msal-angular/docs/configuration.md | 541 +++++++++--------- .../apiReview/msal-browser.api.md | 10 +- lib/msal-browser/docs/device-bound-tokens.md | 22 +- lib/msal-browser/docs/errors.md | 78 +-- .../nativeBroker/NativeMessageHandler.ts | 14 +- .../src/broker/nativeBroker/NativeResponse.ts | 2 +- lib/msal-browser/src/config/Configuration.ts | 12 +- .../controllers/NestedAppAuthController.ts | 4 +- .../src/controllers/StandardController.ts | 42 +- .../UnknownOperatingContextController.ts | 4 +- .../src/interaction_client/PopupClient.ts | 17 +- .../src/interaction_client/RedirectClient.ts | 2 +- .../interaction_client/SilentIframeClient.ts | 2 +- .../src/request/AuthorizationUrlRequest.ts | 2 +- lib/msal-browser/src/request/PopupRequest.ts | 2 +- .../src/request/RedirectRequest.ts | 2 +- .../src/request/SsoSilentRequest.ts | 2 +- .../test/app/PCANonBrowser.spec.ts | 2 +- .../test/app/PublicClientApplication.spec.ts | 90 +-- .../test/config/Configuration.spec.ts | 8 +- .../interaction_client/PopupClient.spec.ts | 4 +- .../interaction_client/RedirectClient.spec.ts | 4 +- .../SilentIframeClient.spec.ts | 4 +- lib/msal-common/apiReview/msal-common.api.md | 12 +- .../src/client/AuthorizationCodeClient.ts | 2 +- .../src/error/ClientConfigurationError.ts | 10 +- .../error/ClientConfigurationErrorCodes.ts | 2 +- .../request/CommonAuthorizationUrlRequest.ts | 2 +- .../telemetry/performance/PerformanceEvent.ts | 4 +- .../client/AuthorizationCodeClient.spec.ts | 2 +- lib/msal-react/test/MsalProvider.spec.tsx | 2 +- .../components/AuthenticatedTemplate.spec.tsx | 2 +- .../MsalAuthenticationTemplate.spec.tsx | 2 +- .../UnauthenticatedTemplate.spec.tsx | 2 +- .../test/components/withMsal.spec.tsx | 2 +- .../test/hooks/useIsAuthenticated.spec.tsx | 2 +- .../src/app/app.module.ts | 61 +- .../angular-standalone-sample/src/main.ts | 203 ++++--- .../src/app/app.module.ts | 65 ++- .../src/app/app.module.ts | 65 ++- .../src/app/app.config.ts | 86 ++- .../src/app/app.config.ts | 2 +- .../HybridSample/views/client-redirect.hbs | 2 +- .../VanillaJSTestApp2.0/app/b2c/authConfig.js | 2 +- .../app/client-capabilities/authConfig.js | 2 +- .../authConfigs/aadAuthConfig.json | 2 +- .../authConfigs/aadMultiTenantAuthConfig.json | 2 +- .../authConfigs/aadTenantedAuthConfig.json | 2 +- .../authConfigs/b2cAuthConfig.json | 2 +- .../authConfigs/localStorageAuthConfig.json | 2 +- .../authConfigs/memStorageAuthConfig.json | 2 +- .../app/customizable-e2e-test/testConfig.json | 2 +- .../app/facebook-sample/Readme.md | 25 +- .../app/facebook-sample/authConfig.js | 2 +- .../app/instanceAware/authConfig.js | 2 +- .../app/multipleResources/authConfig.js | 2 +- .../app/navigateToLoginPage/authConfig.js | 2 +- .../app/onPageLoad/authConfig.js | 2 +- .../VanillaJSTestApp2.0/app/pop/authConfig.js | 2 +- .../VanillaJSTestApp2.0/app/ssh/authConfig.js | 2 +- .../app/ssoSilent/authConfig.js | 2 +- .../app/ssoSilentNoHint/authConfig.js | 2 +- .../app/wamBroker/authConfig.js | 2 +- .../b2c-sample/src/authConfig.js | 2 +- .../nextjs-sample/src/authConfig.js | 2 +- .../react-router-sample/src/authConfig.js | 2 +- .../typescript-sample/src/authConfig.ts | 10 +- 70 files changed, 826 insertions(+), 674 deletions(-) create mode 100644 change/@azure-msal-browser-b99b4861-e6bf-410d-90d4-a6735bd10eb9.json create mode 100644 change/@azure-msal-common-74a12d5f-e927-4402-ad19-8b4fe41d1acd.json create mode 100644 change/@azure-msal-react-29b9bf5a-d41a-4f62-b8ac-18c563bb3243.json diff --git a/change/@azure-msal-browser-b99b4861-e6bf-410d-90d4-a6735bd10eb9.json b/change/@azure-msal-browser-b99b4861-e6bf-410d-90d4-a6735bd10eb9.json new file mode 100644 index 0000000000..865fcff40a --- /dev/null +++ b/change/@azure-msal-browser-b99b4861-e6bf-410d-90d4-a6735bd10eb9.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "Rename `native` to `platformBroker` in public API and docs", + "packageName": "@azure/msal-browser", + "email": "sameera.gajjarapu@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/change/@azure-msal-common-74a12d5f-e927-4402-ad19-8b4fe41d1acd.json b/change/@azure-msal-common-74a12d5f-e927-4402-ad19-8b4fe41d1acd.json new file mode 100644 index 0000000000..a88ebbcbdd --- /dev/null +++ b/change/@azure-msal-common-74a12d5f-e927-4402-ad19-8b4fe41d1acd.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "Rename `native` to `platformBroker` in public API and docs", + "packageName": "@azure/msal-common", + "email": "sameera.gajjarapu@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/change/@azure-msal-react-29b9bf5a-d41a-4f62-b8ac-18c563bb3243.json b/change/@azure-msal-react-29b9bf5a-d41a-4f62-b8ac-18c563bb3243.json new file mode 100644 index 0000000000..d69a526bd1 --- /dev/null +++ b/change/@azure-msal-react-29b9bf5a-d41a-4f62-b8ac-18c563bb3243.json @@ -0,0 +1,7 @@ +{ + "type": "patch", + "comment": "Rename `native` to `platformBroker` in public API and docs", + "packageName": "@azure/msal-react", + "email": "sameera.gajjarapu@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/lib/msal-angular/docs/configuration.md b/lib/msal-angular/docs/configuration.md index 9b4178790f..5abf0004bb 100644 --- a/lib/msal-angular/docs/configuration.md +++ b/lib/msal-angular/docs/configuration.md @@ -1,6 +1,7 @@ # MSAL Angular Configuration MSAL for Angular can be configured in multiple ways: + 1. [`MsalModule.forRoot`](#msalmoduleforroot) 1. [Factory providers](#factory-providers) 1. [`platformBrowserDynamic`](#platformbrowserdynamic) @@ -19,16 +20,16 @@ This guide will detail how to leverage each method for your application. ### Angular-specific configurations -* An `interactionType` must be specified on `MsalGuardConfiguration` and `MsalInterceptorConfiguration`, and can be set to `Popup` or `Redirect`. -* The `protectedResourceMap` object on `MsalInterceptorConfiguration` is used to protect routes. -* An optional `authRequest` object can be specified on `MsalGuardConfiguration` and `MsalInterceptorConfiguration` to set additional options. -* An optional `loginFailedRoute` string can be set on `MsalGuardConfiguration`. Msal Guard will redirect to this route if login is required and fails. +- An `interactionType` must be specified on `MsalGuardConfiguration` and `MsalInterceptorConfiguration`, and can be set to `Popup` or `Redirect`. +- The `protectedResourceMap` object on `MsalInterceptorConfiguration` is used to protect routes. +- An optional `authRequest` object can be specified on `MsalGuardConfiguration` and `MsalInterceptorConfiguration` to set additional options. +- An optional `loginFailedRoute` string can be set on `MsalGuardConfiguration`. Msal Guard will redirect to this route if login is required and fails. Please see our [MsalInterceptor](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-angular/docs/msal-interceptor.md) and [MsalGuard](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-angular/docs/msal-guard.md) docs for more details on configurations, usage, and differences to MSAL Angular v1. ### Configuration for redirects -We recommend importing `MsalRedirectComponent` and bootstrapping with the `AppComponent` if you intend to use redirects. Please see the [redirect documentation](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-angular/docs/redirects.md) for more details. +We recommend importing `MsalRedirectComponent` and bootstrapping with the `AppComponent` if you intend to use redirects. Please see the [redirect documentation](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-angular/docs/redirects.md) for more details. **Note:** As of MSAL v3.x, initialization of the application object is now required. See the [v2-v3 upgrade guide](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-angular/docs/v2-v3-upgrade-guide.md) for more details. @@ -37,52 +38,57 @@ We recommend importing `MsalRedirectComponent` and bootstrapping with the `AppCo The `MsalModule` class contains a static method that can be called in your `app.module.ts` file: ```typescript -import { NgModule } from '@angular/core'; -import { HTTP_INTERCEPTORS } from '@angular/common/http'; -import { AppComponent } from './app.component'; +import { NgModule } from "@angular/core"; +import { HTTP_INTERCEPTORS } from "@angular/common/http"; +import { AppComponent } from "./app.component"; import { MsalModule, MsalService, MsalGuard, MsalInterceptor, MsalBroadcastService, MsalRedirectComponent } from "@azure/msal-angular"; import { PublicClientApplication, InteractionType, BrowserCacheLocation } from "@azure/msal-browser"; @NgModule({ - imports: [ - MsalModule.forRoot( new PublicClientApplication({ // MSAL Configuration - auth: { - clientId: "clientid", - authority: "https://login.microsoftonline.com/common/", - redirectUri: "http://localhost:4200/", - postLogoutRedirectUri: "http://localhost:4200/", - navigateToLoginRequestUrl: true - }, - cache: { - cacheLocation : BrowserCacheLocation.LocalStorage, - storeAuthStateInCookie: true, // set to true for IE 11 - }, - system: { - loggerOptions: { - loggerCallback: () => {}, - piiLoggingEnabled: false - } - } - }), { - interactionType: InteractionType.Popup, // MSAL Guard Configuration - authRequest: { - scopes: ['user.read'] - }, - loginFailedRoute: "/login-failed" - }, { - interactionType: InteractionType.Redirect, // MSAL Interceptor Configuration - protectedResourceMap - }) - ], - providers: [ - { - provide: HTTP_INTERCEPTORS, - useClass: MsalInterceptor, - multi: true + imports: [ + MsalModule.forRoot( + new PublicClientApplication({ + // MSAL Configuration + auth: { + clientId: "clientid", + authority: "https://login.microsoftonline.com/common/", + redirectUri: "http://localhost:4200/", + postLogoutRedirectUri: "http://localhost:4200/", + navigateToLoginRequestUrl: true, + }, + cache: { + cacheLocation: BrowserCacheLocation.LocalStorage, + storeAuthStateInCookie: true, // set to true for IE 11 }, - MsalGuard - ], - bootstrap: [AppComponent, MsalRedirectComponent] + system: { + loggerOptions: { + loggerCallback: () => {}, + piiLoggingEnabled: false, + }, + }, + }), + { + interactionType: InteractionType.Popup, // MSAL Guard Configuration + authRequest: { + scopes: ["user.read"], + }, + loginFailedRoute: "/login-failed", + }, + { + interactionType: InteractionType.Redirect, // MSAL Interceptor Configuration + protectedResourceMap, + } + ), + ], + providers: [ + { + provide: HTTP_INTERCEPTORS, + useClass: MsalInterceptor, + multi: true, + }, + MsalGuard, + ], + bootstrap: [AppComponent, MsalRedirectComponent], }) export class AppModule {} ``` @@ -92,16 +98,7 @@ export class AppModule {} You may also provide the configuration options via factory providers. ```typescript -import { - MsalModule, - MsalService, - MsalInterceptor, - MsalInterceptorConfiguration, - MsalGuard, - MsalGuardConfiguration, - MsalBroadcastService, - MsalRedirectComponent -} from "@azure/msal-angular"; +import { MsalModule, MsalService, MsalInterceptor, MsalInterceptorConfiguration, MsalGuard, MsalGuardConfiguration, MsalBroadcastService, MsalRedirectComponent } from "@azure/msal-angular"; import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation } from "@azure/msal-browser"; export function MSALInstanceFactory(): IPublicClientApplication { @@ -109,10 +106,10 @@ export function MSALInstanceFactory(): IPublicClientApplication { auth: { clientId: "b5c2e510-4a17-4feb-b219-e55aa5b74144", redirectUri: "http://localhost:4200", - postLogoutRedirectUri: "http://localhost:4200" + postLogoutRedirectUri: "http://localhost:4200", }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, }); } @@ -128,44 +125,42 @@ export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { } export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: { - scopes: ['user.read'] + scopes: ["user.read"], }, - loginFailedRoute: "./login-failed" + loginFailedRoute: "./login-failed", }; } @NgModule({ - imports: [ - MsalModule - ], + imports: [MsalModule], providers: [ { provide: HTTP_INTERCEPTORS, useClass: MsalInterceptor, - multi: true + multi: true, }, { provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + useFactory: MSALInstanceFactory, }, { provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + useFactory: MSALGuardConfigFactory, }, { provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + useFactory: MSALInterceptorConfigFactory, }, MsalGuard, MsalBroadcastService, - MsalService + MsalService, ], - bootstrap: [AppComponent, MsalRedirectComponent] + bootstrap: [AppComponent, MsalRedirectComponent], }) -export class AppModule { } +export class AppModule {} ``` ## platformBrowserDynamic @@ -175,39 +170,35 @@ If you need to dynamically configure MSAL Angular (e.g. based on values returned The following is an example of how to dynamically configure `@azure/msal-angular` with `platformBrowserDynamic` and a json file: `app.module.ts` + ```typescript -import { - MsalModule, - MsalInterceptor, - MsalService, -} from '@azure/msal-angular'; +import { MsalModule, MsalInterceptor, MsalService } from "@azure/msal-angular"; @NgModule({ - imports: [ - MsalModule - ], + imports: [MsalModule], providers: [ { provide: HTTP_INTERCEPTORS, useClass: MsalInterceptor, - multi: true + multi: true, }, - MsalService + MsalService, ], - bootstrap: [AppComponent] + bootstrap: [AppComponent], }) -export class AppModule { } +export class AppModule {} ``` `main.ts` + ```typescript -import { enableProdMode } from '@angular/core'; -import { platformBrowserDynamic } from '@angular/platform-browser-dynamic'; +import { enableProdMode } from "@angular/core"; +import { platformBrowserDynamic } from "@angular/platform-browser-dynamic"; -import { AppModule } from './app/app.module'; -import { environment } from './environments/environment'; -import { MSAL_INSTANCE, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG } from '@azure/msal-angular'; -import { PublicClientApplication, Configuration } from '@azure/msal-browser'; +import { AppModule } from "./app/app.module"; +import { environment } from "./environments/environment"; +import { MSAL_INSTANCE, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG } from "@azure/msal-angular"; +import { PublicClientApplication, Configuration } from "@azure/msal-browser"; if (environment.production) { enableProdMode(); @@ -217,37 +208,47 @@ function loggerCallback(logLevel: LogLevel, message: string) { console.log("MSAL Angular: ", message); } -fetch('/assets/configuration.json') - .then(response => response.json()) - .then(json => { +fetch("/assets/configuration.json") + .then((response) => response.json()) + .then((json) => { platformBrowserDynamic([ - { provide: MSAL_INSTANCE, useValue: new PublicClientApplication({ - auth: json.msal.auth, - cache: json.msal.cache, - system: { - loggerOptions: { - loggerCallback, - logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } - }) }, - { provide: MSAL_GUARD_CONFIG, useValue: { - interactionType: json.guard.interactionType, - authRequest: json.guard.authRequest, - loginFailedRoute: json.guard.loginFailedRoute - } as MsalGuardConfiguration }, - { provide: MSAL_INTERCEPTOR_CONFIG, useValue: { - interactionType: json.interceptor.interactionType, - protectedResourceMap: new Map(json.interceptor.protectedResourceMap) - } as MsalInterceptorConfiguration }, + { + provide: MSAL_INSTANCE, + useValue: new PublicClientApplication({ + auth: json.msal.auth, + cache: json.msal.cache, + system: { + loggerOptions: { + loggerCallback, + logLevel: LogLevel.Info, + piiLoggingEnabled: false, + }, + }, + }), + }, + { + provide: MSAL_GUARD_CONFIG, + useValue: { + interactionType: json.guard.interactionType, + authRequest: json.guard.authRequest, + loginFailedRoute: json.guard.loginFailedRoute, + } as MsalGuardConfiguration, + }, + { + provide: MSAL_INTERCEPTOR_CONFIG, + useValue: { + interactionType: json.interceptor.interactionType, + protectedResourceMap: new Map(json.interceptor.protectedResourceMap), + } as MsalInterceptorConfiguration, + }, ]) .bootstrapModule(AppModule) - .catch(err => console.error(err)); + .catch((err) => console.error(err)); }); ``` `src/assets/configuration.json` + ```json { "msal": { @@ -268,13 +269,11 @@ fetch('/assets/configuration.json') "authRequest": { "scopes": ["user.read"] }, - "loginFailedRoute": "/login-failed" + "loginFailedRoute": "/login-failed" }, "interceptor": { "interactionType": "redirect", - "protectedResourceMap": [ - ["https://graph.microsoft.com/v1.0/me", ["user.read"]] - ] + "protectedResourceMap": [["https://graph.microsoft.com/v1.0/me", ["user.read"]]] } } ``` @@ -284,13 +283,14 @@ fetch('/assets/configuration.json') To dynamically configure MSAL Angular, you can use the Factory Providers with APP_INITIALIZER. `src/app/config.service.ts` + ```typescript -import { Injectable } from '@angular/core'; -import { HttpClient, HttpBackend } from '@angular/common/http'; -import { map } from 'rxjs/operators'; +import { Injectable } from "@angular/core"; +import { HttpClient, HttpBackend } from "@angular/common/http"; +import { map } from "rxjs/operators"; @Injectable({ - providedIn: 'root' + providedIn: "root", }) export class ConfigService { private settings: any; @@ -302,14 +302,18 @@ export class ConfigService { init(endpoint: string): Promise { return new Promise((resolve, reject) => { - this.http.get(endpoint).pipe(map(result => result)) - .subscribe(value => { - this.settings = value; - resolve(true); - }, - (error) => { - reject(error); - }); + this.http + .get(endpoint) + .pipe(map((result) => result)) + .subscribe( + (value) => { + this.settings = value; + resolve(true); + }, + (error) => { + reject(error); + } + ); }); } @@ -319,7 +323,7 @@ export class ConfigService { } if (!Array.isArray(key)) { - key = key.split('.'); + key = key.split("."); } let result = key.reduce((account: any, current: string) => account && account[current], this.settings); @@ -330,24 +334,21 @@ export class ConfigService { ``` `src/app/msal-config-dynamic.module.ts` + ```typescript -import { InjectionToken, NgModule, APP_INITIALIZER } from '@angular/core'; -import { IPublicClientApplication, PublicClientApplication, - LogLevel } from '@azure/msal-browser'; -import { MsalGuard, MsalInterceptor, MsalBroadcastService, - MsalInterceptorConfiguration, MsalModule, MsalService, - MSAL_GUARD_CONFIG, MSAL_INSTANCE, MSAL_INTERCEPTOR_CONFIG, - MsalGuardConfiguration } from '@azure/msal-angular'; -import { HTTP_INTERCEPTORS } from '@angular/common/http'; -import { ConfigService } from './config.service'; - -const AUTH_CONFIG_URL_TOKEN = new InjectionToken('AUTH_CONFIG_URL'); +import { InjectionToken, NgModule, APP_INITIALIZER } from "@angular/core"; +import { IPublicClientApplication, PublicClientApplication, LogLevel } from "@azure/msal-browser"; +import { MsalGuard, MsalInterceptor, MsalBroadcastService, MsalInterceptorConfiguration, MsalModule, MsalService, MSAL_GUARD_CONFIG, MSAL_INSTANCE, MSAL_INTERCEPTOR_CONFIG, MsalGuardConfiguration } from "@azure/msal-angular"; +import { HTTP_INTERCEPTORS } from "@angular/common/http"; +import { ConfigService } from "./config.service"; + +const AUTH_CONFIG_URL_TOKEN = new InjectionToken("AUTH_CONFIG_URL"); export function initializerFactory(env: ConfigService, configUrl: string): any { - const promise = env.init(configUrl).then((value) => { - console.log('finished getting configurations dynamically.'); - }); - return () => promise; + const promise = env.init(configUrl).then((value) => { + console.log("finished getting configurations dynamically."); + }); + return () => promise; } export function loggerCallback(logLevel: LogLevel, message: string) { @@ -356,121 +357,108 @@ export function loggerCallback(logLevel: LogLevel, message: string) { export function MSALInstanceFactory(config: ConfigService): IPublicClientApplication { return new PublicClientApplication({ - auth: config.getSettings('msal').auth, - cache: config.getSettings('msal').cache, + auth: config.getSettings("msal").auth, + cache: config.getSettings("msal").cache, system: { loggerOptions: { loggerCallback, logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } export function MSALInterceptorConfigFactory(config: ConfigService): MsalInterceptorConfiguration { - const protectedResourceMap = new Map>(config.getSettings('interceptor').protectedResourceMap) - - return { - interactionType: config.getSettings('interceptor').interactionType, - protectedResourceMap - }; - } - + const protectedResourceMap = new Map>(config.getSettings("interceptor").protectedResourceMap); + + return { + interactionType: config.getSettings("interceptor").interactionType, + protectedResourceMap, + }; +} + export function MSALGuardConfigFactory(config: ConfigService): MsalGuardConfiguration { - return { - interactionType: config.getSettings('guard').interactionType, - authRequest: config.getSettings('guard').authRequest, - loginFailedRoute: config.getSettings('guard').loginFailedRoute - }; + return { + interactionType: config.getSettings("guard").interactionType, + authRequest: config.getSettings("guard").authRequest, + loginFailedRoute: config.getSettings("guard").loginFailedRoute, + }; } @NgModule({ - providers: [], - imports: [MsalModule] + providers: [], + imports: [MsalModule], }) export class MsalConfigDynamicModule { - - static forRoot(configFile: string) { - return { - ngModule: MsalConfigDynamicModule, - providers: [ - ConfigService, - { provide: AUTH_CONFIG_URL_TOKEN, useValue: configFile }, - { provide: APP_INITIALIZER, useFactory: initializerFactory, - deps: [ConfigService, AUTH_CONFIG_URL_TOKEN], multi: true }, - { - provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory, - deps: [ConfigService] - }, - { - provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory, - deps: [ConfigService] - }, - { - provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory, - deps: [ConfigService] - }, - MsalService, - MsalGuard, - MsalBroadcastService, - { - provide: HTTP_INTERCEPTORS, - useClass: MsalInterceptor, - multi: true - } - ] - }; - } + static forRoot(configFile: string) { + return { + ngModule: MsalConfigDynamicModule, + providers: [ + ConfigService, + { provide: AUTH_CONFIG_URL_TOKEN, useValue: configFile }, + { provide: APP_INITIALIZER, useFactory: initializerFactory, deps: [ConfigService, AUTH_CONFIG_URL_TOKEN], multi: true }, + { + provide: MSAL_INSTANCE, + useFactory: MSALInstanceFactory, + deps: [ConfigService], + }, + { + provide: MSAL_GUARD_CONFIG, + useFactory: MSALGuardConfigFactory, + deps: [ConfigService], + }, + { + provide: MSAL_INTERCEPTOR_CONFIG, + useFactory: MSALInterceptorConfigFactory, + deps: [ConfigService], + }, + MsalService, + MsalGuard, + MsalBroadcastService, + { + provide: HTTP_INTERCEPTORS, + useClass: MsalInterceptor, + multi: true, + }, + ], + }; + } } ``` + `src/app/app.module.ts` + ```typescript -import { BrowserModule } from '@angular/platform-browser'; -import { BrowserAnimationsModule } from '@angular/platform-browser/animations'; -import { NgModule } from '@angular/core'; +import { BrowserModule } from "@angular/platform-browser"; +import { BrowserAnimationsModule } from "@angular/platform-browser/animations"; +import { NgModule } from "@angular/core"; -import { MatButtonModule } from '@angular/material/button'; -import { MatToolbarModule } from '@angular/material/toolbar'; -import { MatListModule } from '@angular/material/list'; +import { MatButtonModule } from "@angular/material/button"; +import { MatToolbarModule } from "@angular/material/toolbar"; +import { MatListModule } from "@angular/material/list"; -import { AppRoutingModule } from './app-routing.module'; -import { AppComponent } from './app.component'; -import { HomeComponent } from './home/home.component'; -import { ProfileComponent } from './profile/profile.component'; +import { AppRoutingModule } from "./app-routing.module"; +import { AppComponent } from "./app.component"; +import { HomeComponent } from "./home/home.component"; +import { ProfileComponent } from "./profile/profile.component"; -import { HttpClientModule } from '@angular/common/http'; -import { MsalRedirectComponent } from '@azure/msal-angular'; -import { DetailComponent } from './detail/detail.component'; -import { MsalConfigDynamicModule } from './msal-config-dynamic.module'; +import { HttpClientModule } from "@angular/common/http"; +import { MsalRedirectComponent } from "@azure/msal-angular"; +import { DetailComponent } from "./detail/detail.component"; +import { MsalConfigDynamicModule } from "./msal-config-dynamic.module"; @NgModule({ - declarations: [ - AppComponent, - HomeComponent, - ProfileComponent, - DetailComponent - ], - imports: [ - BrowserModule, - BrowserAnimationsModule, - AppRoutingModule, - MatButtonModule, - MatToolbarModule, - MatListModule, - HttpClientModule, - MsalConfigDynamicModule.forRoot('assets/configuration.json') - ], + declarations: [AppComponent, HomeComponent, ProfileComponent, DetailComponent], + imports: [BrowserModule, BrowserAnimationsModule, AppRoutingModule, MatButtonModule, MatToolbarModule, MatListModule, HttpClientModule, MsalConfigDynamicModule.forRoot("assets/configuration.json")], providers: [], - bootstrap: [AppComponent, MsalRedirectComponent] + bootstrap: [AppComponent, MsalRedirectComponent], }) -export class AppModule { } +export class AppModule {} ``` `src/assets/configuration.json` + ```json { "msal": { @@ -491,13 +479,11 @@ export class AppModule { } "authRequest": { "scopes": ["user.read"] }, - "loginFailedRoute": "/login-failed" + "loginFailedRoute": "/login-failed" }, "interceptor": { "interactionType": "redirect", - "protectedResourceMap": [ - ["https://graph.microsoft.com/v1.0/me", ["user.read"]] - ] + "protectedResourceMap": [["https://graph.microsoft.com/v1.0/me", ["user.read"]]] } } ``` @@ -508,16 +494,14 @@ The **MsalGuard** also allows you to dynamically change the **authRequest** at r ```js export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: (authService, state) => { return { - scopes: state.root.url.some(x => x.path === 'calendar') - ? ['user.read', ' Calendars.Read'] - : ['user.read'] - } + scopes: state.root.url.some((x) => x.path === "calendar") ? ["user.read", " Calendars.Read"] : ["user.read"], + }; }, - loginFailedRoute: "./login-failed" + loginFailedRoute: "./login-failed", }; } ``` @@ -530,14 +514,14 @@ Please see our [Angular 17 Standalone Sample](https://github.com/AzureAD/microso ```ts // app.config.ts -import { ApplicationConfig, importProvidersFrom } from '@angular/core'; -import { provideRouter } from '@angular/router'; -import { routes } from './app.routes'; -import { BrowserModule } from '@angular/platform-browser'; -import { provideHttpClient, withInterceptorsFromDi, HTTP_INTERCEPTORS, withFetch, withInterceptors } from '@angular/common/http'; -import { provideNoopAnimations } from '@angular/platform-browser/animations'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from '@azure/msal-browser'; -import { MsalInterceptor, MSAL_INSTANCE, MsalInterceptorConfiguration, MsalGuardConfiguration, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG, MsalService, MsalGuard, MsalBroadcastService } from '@azure/msal-angular'; +import { ApplicationConfig, importProvidersFrom } from "@angular/core"; +import { provideRouter } from "@angular/router"; +import { routes } from "./app.routes"; +import { BrowserModule } from "@angular/platform-browser"; +import { provideHttpClient, withInterceptorsFromDi, HTTP_INTERCEPTORS, withFetch, withInterceptors } from "@angular/common/http"; +import { provideNoopAnimations } from "@angular/platform-browser/animations"; +import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from "@azure/msal-browser"; +import { MsalInterceptor, MSAL_INSTANCE, MsalInterceptorConfiguration, MsalGuardConfiguration, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG, MsalService, MsalGuard, MsalBroadcastService } from "@azure/msal-angular"; export function loggerCallback(logLevel: LogLevel, message: string) { console.log(message); @@ -548,20 +532,20 @@ export function MSALInstanceFactory(): IPublicClientApplication { auth: { clientId: "clientid", authority: "https://login.microsoftonline.com/common/", - redirectUri: '/', - postLogoutRedirectUri: '/' + redirectUri: "/", + postLogoutRedirectUri: "/", }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } @@ -571,56 +555,55 @@ export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { return { interactionType: InteractionType.Redirect, - protectedResourceMap + protectedResourceMap, }; } export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: { - scopes: ['user.read'] + scopes: ["user.read"], }, - loginFailedRoute: '/login-failed' + loginFailedRoute: "/login-failed", }; } export const appConfig: ApplicationConfig = { providers: [ - provideRouter(routes), + provideRouter(routes), importProvidersFrom(BrowserModule), provideNoopAnimations(), provideHttpClient(withInterceptorsFromDi(), withFetch()), { - provide: HTTP_INTERCEPTORS, - useClass: MsalInterceptor, - multi: true + provide: HTTP_INTERCEPTORS, + useClass: MsalInterceptor, + multi: true, }, { - provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + provide: MSAL_INSTANCE, + useFactory: MSALInstanceFactory, }, { - provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + provide: MSAL_GUARD_CONFIG, + useFactory: MSALGuardConfigFactory, }, { - provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + provide: MSAL_INTERCEPTOR_CONFIG, + useFactory: MSALInterceptorConfigFactory, }, MsalService, MsalGuard, - MsalBroadcastService - ] + MsalBroadcastService, + ], }; ``` ```ts // main.ts -import { bootstrapApplication } from '@angular/platform-browser'; -import { appConfig } from './app/app.config'; -import { AppComponent } from './app/app.component'; +import { bootstrapApplication } from "@angular/platform-browser"; +import { appConfig } from "./app/app.config"; +import { AppComponent } from "./app/app.component"; -bootstrapApplication(AppComponent, appConfig) - .catch((err) => console.error(err)); -``` \ No newline at end of file +bootstrapApplication(AppComponent, appConfig).catch((err) => console.error(err)); +``` diff --git a/lib/msal-browser/apiReview/msal-browser.api.md b/lib/msal-browser/apiReview/msal-browser.api.md index 327a39fa02..598fe77cd3 100644 --- a/lib/msal-browser/apiReview/msal-browser.api.md +++ b/lib/msal-browser/apiReview/msal-browser.api.md @@ -127,7 +127,7 @@ export type AuthorizationCodeRequest = Partial & { +export type AuthorizationUrlRequest = Omit & { state: string; nonce: string; }; @@ -575,7 +575,7 @@ export type BrowserSystemOptions = SystemOptions & { redirectNavigationTimeout?: number; asyncPopups?: boolean; allowRedirectInIframe?: boolean; - allowNativeBroker?: boolean; + allowPlatformBroker?: boolean; nativeBrokerHandshakeTimeout?: number; pollIntervalMilliseconds?: number; }; @@ -1336,7 +1336,7 @@ export type PopupPosition = { // Warning: (ae-missing-release-tag) "PopupRequest" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export type PopupRequest = Partial> & { +export type PopupRequest = Partial> & { scopes: Array; popupWindowAttributes?: PopupWindowAttributes; tokenBodyParameters?: StringDict; @@ -1594,7 +1594,7 @@ function redirectPreflightCheck(initialized: boolean, config: BrowserConfigurati // Warning: (ae-missing-release-tag) "RedirectRequest" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export type RedirectRequest = Partial> & { +export type RedirectRequest = Partial> & { scopes: Array; redirectStartPage?: string; onRedirectNavigate?: (url: string) => boolean | void; @@ -1688,7 +1688,7 @@ const spaCodeAndNativeAccountIdPresent = "spa_code_and_nativeAccountId_present"; // Warning: (ae-missing-release-tag) "SsoSilentRequest" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public -export type SsoSilentRequest = Partial> & { +export type SsoSilentRequest = Partial> & { tokenBodyParameters?: StringDict; }; diff --git a/lib/msal-browser/docs/device-bound-tokens.md b/lib/msal-browser/docs/device-bound-tokens.md index 9bbd1e1dab..853e830ba2 100644 --- a/lib/msal-browser/docs/device-bound-tokens.md +++ b/lib/msal-browser/docs/device-bound-tokens.md @@ -6,25 +6,25 @@ MSAL.js supports acquiring tokens from the Web Account Manager (WAM) on Windows. This feature is currently only supported in the following environment: -- A machine running a Windows build that supports the feature (more to come on this) -- Chrome and Edge browsers or Teams -- [Windows Accounts extension](https://chrome.google.com/webstore/detail/windows-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji) (version 1.0.5 or higher) is installed if using Chrome or Edge -- App must be hosted on `https` +- A machine running a Windows build that supports the feature (more to come on this) +- Chrome and Edge browsers or Teams +- [Windows Accounts extension](https://chrome.google.com/webstore/detail/windows-accounts/ppnbnpeolgkicgegkbkbjmhlideopiji) (version 1.0.5 or higher) is installed if using Chrome or Edge +- App must be hosted on `https` Additionally, this feature is currently only supported for Work and School Accounts ## Enable the feature in MSAL.js -In order to enable this feature in MSAL.js set the `allowNativeBroker` flag to true in your configuration object like so: +In order to enable this feature in MSAL.js set the `allowPlatformBroker` flag to true in your configuration object like so: ```javascript const msalConfig = { auth: { - clientId: "insert-clientId" + clientId: "insert-clientId", }, system: { - allowNativeBroker: true - } + allowPlatformBroker: true, + }, }; ``` @@ -51,6 +51,6 @@ A working sample can be found [here](https://github.com/AzureAD/microsoft-authen There are a few things that may behave a little differently when acquiring tokens through WAM. -- All cache related configuration applies only to MSAL's local cache. The native broker controls its own, more secure, cache which is used instead of browser storage and it does not support configuration of its cache behavior. This means you may receive a cached token regardless of the value of request parameters such as: `forceRefresh`, `cacheLookupPolicy` or `storeInCache`. In addition, tokens received from the native broker are _not_ stored in local or session storage regardless of what you have configured on PublicClientApplication. -- If WAM needs to prompt the user for interaction a system prompt will be opened. This prompt looks a bit different from the browser popup windows you may be used to. -- Switching your account in the WAM prompt is not supported and MSAL.js will throw an error (Error Code: user_switch) if this happens. It is your app's responsibility to catch this error and handle it in a way that makes sense for your scenarios (e.g. Show an error page, retry with the new account, retry with the original account, etc.) +- All cache related configuration applies only to MSAL's local cache. The native broker controls its own, more secure, cache which is used instead of browser storage and it does not support configuration of its cache behavior. This means you may receive a cached token regardless of the value of request parameters such as: `forceRefresh`, `cacheLookupPolicy` or `storeInCache`. In addition, tokens received from the native broker are _not_ stored in local or session storage regardless of what you have configured on PublicClientApplication. +- If WAM needs to prompt the user for interaction a system prompt will be opened. This prompt looks a bit different from the browser popup windows you may be used to. +- Switching your account in the WAM prompt is not supported and MSAL.js will throw an error (Error Code: user_switch) if this happens. It is your app's responsibility to catch this error and handle it in a way that makes sense for your scenarios (e.g. Show an error page, retry with the new account, retry with the original account, etc.) diff --git a/lib/msal-browser/docs/errors.md b/lib/msal-browser/docs/errors.md index dea8855245..70d7305439 100644 --- a/lib/msal-browser/docs/errors.md +++ b/lib/msal-browser/docs/errors.md @@ -115,8 +115,8 @@ msalInstance If you are using one of our wrapper libraries (React or Angular), please see the error docs in those specific libraries for additional reasons you may be receiving this error: -- [msal-react errors](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-react/docs/errors.md#interaction_in_progress) -- [msal-angular errors](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-angular/docs/v2-docs/errors.md#interaction_in_progress) +- [msal-react errors](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-react/docs/errors.md#interaction_in_progress) +- [msal-angular errors](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-angular/docs/v2-docs/errors.md#interaction_in_progress) If you are not using any of the wrapper libraries but concerned that your application might trigger concurrent interactive requests, you should check if any other interaction is in progress prior to invoking an interaction in your token acquisition method. You can achieve this by implementing a global application state or a broadcast service etc. that emits the current MSAL interaction status via [MSAL Events API](./events.md). @@ -128,7 +128,7 @@ async function myAcquireToken(request) { const tokenRequest = { account: msalInstance.getActiveAccount() || null, - ...request + ...request, }; let tokenResponse; @@ -139,7 +139,9 @@ async function myAcquireToken(request) { } catch (error) { if (error instanceof InteractionRequiredAuthError) { try { - tokenResponse = await msalInstance.acquireTokenPopup(tokenRequest); + tokenResponse = await msalInstance.acquireTokenPopup( + tokenRequest + ); } catch (err) { console.log(err); // handle other errors @@ -151,10 +153,10 @@ async function myAcquireToken(request) { } return tokenResponse; -}; +} const request = { - scopes: ["User.Read"] + scopes: ["User.Read"], }; myAcquireToken(request); @@ -169,7 +171,7 @@ async function myAcquireToken(request) { const tokenRequest = { account: msalInstance.getActiveAccount() || null, - ...request + ...request, }; let tokenResponse; @@ -180,12 +182,16 @@ async function myAcquireToken(request) { } catch (error) { if (error instanceof InteractionRequiredAuthError) { // check for any interactions - if (myGlobalState.getInteractionStatus() !== InteractionStatus.None) { + if ( + myGlobalState.getInteractionStatus() !== InteractionStatus.None + ) { // throw a new error to be handled in the caller below throw new Error("interaction_in_progress"); } else { // no interaction, invoke popup flow - tokenResponse = await msalInstance.acquireTokenPopup(tokenRequest); + tokenResponse = await msalInstance.acquireTokenPopup( + tokenRequest + ); } } @@ -194,21 +200,23 @@ async function myAcquireToken(request) { } return tokenResponse; -}; +} async function myInteractionInProgressHandler() { /** * "myWaitFor" method polls the interaction status via getInteractionStatus() from * the application state and resolves when it's equal to "None". */ - await myWaitFor(() => myGlobalState.getInteractionStatus() === InteractionStatus.None); + await myWaitFor( + () => myGlobalState.getInteractionStatus() === InteractionStatus.None + ); // wait is over, call myAcquireToken again to re-try acquireTokenSilent - return (await myAcquireToken(tokenRequest)); -}; + return await myAcquireToken(tokenRequest); +} const request = { - scopes: ["User.Read"] + scopes: ["User.Read"], }; myAcquireToken(request).catch((e) => myInteractionInProgressHandler()); @@ -217,14 +225,14 @@ myAcquireToken(request).catch((e) => myInteractionInProgressHandler()); #### Troubleshooting Steps -- [Enable verbose logging](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md#using-the-config-object) and trace the order of events. Verify that `handleRedirectPromise` is called and returns before any `login` or `acquireToken` API is called. +- [Enable verbose logging](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/configuration.md#using-the-config-object) and trace the order of events. Verify that `handleRedirectPromise` is called and returns before any `login` or `acquireToken` API is called. If you are unable to figure out why this error is being thrown please [open an issue](https://github.com/AzureAD/microsoft-authentication-library-for-js/issues/new/choose) and be prepared to share the following information: -- Verbose logs -- A sample app and/or code snippets that we can use to reproduce the issue -- Refresh the page. Does the error go away? -- Open your application in a new tab. Does the error go away? +- Verbose logs +- A sample app and/or code snippets that we can use to reproduce the issue +- Refresh the page. Does the error go away? +- Open your application in a new tab. Does the error go away? ### block_iframe_reload @@ -250,13 +258,13 @@ If you do not want to use a dedicated `redirectUri` for this purpose, you should **Error Messages**: -- Token acquisition in iframe failed due to timeout. +- Token acquisition in iframe failed due to timeout. This error can be thrown when calling `ssoSilent`, `acquireTokenSilent`, `acquireTokenPopup` or `loginPopup` and there are several reasons this could happen. These are a few of the most common: 1. The page you use as your `redirectUri` is removing or manipulating the hash 1. The page you use as your `redirectUri` is automatically navigating to a different page -1. You are being throttled by your identity provider. The identity provider may throttle clients that make too many similar requests in a short period of time. Never implement an endless retry mechanism or retry more than once. Attempts to retry non-network errors typically yield the same result. See [throttling guide](#Throttling) for more details. +1. You are being throttled by your identity provider. The identity provider may throttle clients that make too many similar requests in a short period of time. Never implement an endless retry mechanism or retry more than once. Attempts to retry non-network errors typically yield the same result. See [throttling guide](#Throttling) for more details. 1. Your identity provider did not redirect back to your `redirectUri`. **Important**: If your application uses a router library (e.g. React Router, Angular Router), please make sure it does not strip the hash or auto-redirect while MSAL token acquisition is in progress. If possible, it is best if your `redirectUri` page does not invoke the router at all. @@ -280,8 +288,8 @@ Remember that you will need to register this new `redirectUri` on your App Regis **Notes regarding Angular and React:** -- If you are using `@azure/msal-angular` your `redirectUri` page should not be protected by the `MsalGuard`. -- If you are using `@azure/msal-react` your `redirectUri` page should not render the `MsalAuthenticationComponent` or use the `useMsalAuthentication` hook. +- If you are using `@azure/msal-angular` your `redirectUri` page should not be protected by the `MsalGuard`. +- If you are using `@azure/msal-react` your `redirectUri` page should not render the `MsalAuthenticationComponent` or use the `useMsalAuthentication` hook. #### Issues caused by the Identity Provider @@ -302,10 +310,10 @@ You can also get this error if the Identity Provider fails to redirect back to y Some B2C flows are expected to throw this error due to their need for user interaction. These flows include: -- Password reset -- Profile edit -- Sign up -- Some custom policies depending on how they are configured +- Password reset +- Profile edit +- Sign up +- Some custom policies depending on how they are configured ##### Network Latency @@ -351,7 +359,7 @@ Please see explanation for [hash_empty_error](#hash_empty_error) above. The root **Error Messages**: -- Unable to acquire token from native platform. +- Unable to acquire token from native platform. This error is thrown when calling the `acquireTokenByCode` API with the `nativeAccountId` instead of `code` and the app is running in an environment which does not acquire tokens from the native broker. For a list of pre-requisites please review the doc on [device bound tokens](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/device-bound-tokens.md). @@ -359,18 +367,18 @@ This error is thrown when calling the `acquireTokenByCode` API with the `nativeA **Error Messages**: -- Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). +- Connection to native platform has not been established. Please install a compatible browser extension and run initialize(). This error is thrown when the user signed in with the native broker but no connection to the native broker currently exists. This can happen for the following reasons: -- The Windows Accounts extension was uninstalled or disabled -- The `initialize` API has not been called or was not awaited before invoking another MSAL API +- The Windows Accounts extension was uninstalled or disabled +- The `initialize` API has not been called or was not awaited before invoking another MSAL API ### uninitialized_public_client_application **Error Messages**: -- You must call and await the initialize function before attempting to call any other MSAL API. +- You must call and await the initialize function before attempting to call any other MSAL API. This error is thrown when a `login`, `acquireToken` or `handleRedirectPromise` API is invoked before the `initialize` API has been called. The `initialize` API must be called and awaited before attempting to acquire tokens. @@ -382,7 +390,7 @@ const msalInstance = new PublicClientApplication({ clientId: "your-client-id", }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -398,7 +406,7 @@ const msalInstance = new PublicClientApplication({ clientId: "your-client-id", }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -423,7 +431,7 @@ This error occurs with MSAL.js v2.x and is due to improper configuration during **Error messages**: -- Exceeded cache storage capacity +- Exceeded cache storage capacity This error occurs when MSAL.js surpasses the allotted storage limit when attempting to save token information in the [configured cache storage](./caching.md#cache-storage). See [here](https://developer.mozilla.org/en-US/docs/Web/API/Storage_API/Storage_quotas_and_eviction_criteria#web_storage) for web storage limits. diff --git a/lib/msal-browser/src/broker/nativeBroker/NativeMessageHandler.ts b/lib/msal-browser/src/broker/nativeBroker/NativeMessageHandler.ts index df5aa8b3ee..3314601734 100644 --- a/lib/msal-browser/src/broker/nativeBroker/NativeMessageHandler.ts +++ b/lib/msal-browser/src/broker/nativeBroker/NativeMessageHandler.ts @@ -372,16 +372,16 @@ export class NativeMessageHandler { * @param nativeExtensionProvider * @param authenticationScheme */ - static isNativeAvailable( + static isPlatformBrokerAvailable( config: BrowserConfiguration, logger: Logger, nativeExtensionProvider?: NativeMessageHandler, authenticationScheme?: AuthenticationScheme ): boolean { - logger.trace("isNativeAvailable called"); - if (!config.system.allowNativeBroker) { + logger.trace("isPlatformBrokerAvailable called"); + if (!config.system.allowPlatformBroker) { logger.trace( - "isNativeAvailable: allowNativeBroker is not enabled, returning false" + "isPlatformBrokerAvailable: allowPlatformBroker is not enabled, returning false" ); // Developer disabled WAM return false; @@ -389,7 +389,7 @@ export class NativeMessageHandler { if (!nativeExtensionProvider) { logger.trace( - "isNativeAvailable: WAM extension provider is not initialized, returning false" + "isPlatformBrokerAvailable: Platform extension provider is not initialized, returning false" ); // Extension is not available return false; @@ -400,12 +400,12 @@ export class NativeMessageHandler { case AuthenticationScheme.BEARER: case AuthenticationScheme.POP: logger.trace( - "isNativeAvailable: authenticationScheme is supported, returning true" + "isPlatformBrokerAvailable: authenticationScheme is supported, returning true" ); return true; default: logger.trace( - "isNativeAvailable: authenticationScheme is not supported, returning false" + "isPlatformBrokerAvailable: authenticationScheme is not supported, returning false" ); return false; } diff --git a/lib/msal-browser/src/broker/nativeBroker/NativeResponse.ts b/lib/msal-browser/src/broker/nativeBroker/NativeResponse.ts index b75e8558e0..79392395df 100644 --- a/lib/msal-browser/src/broker/nativeBroker/NativeResponse.ts +++ b/lib/msal-browser/src/broker/nativeBroker/NativeResponse.ts @@ -13,7 +13,7 @@ export type NativeAccountInfo = { }; /** - * Token response returned by Native Platform e.g. WAM + * Token response returned by Native Platform */ export type NativeResponse = { access_token: string; diff --git a/lib/msal-browser/src/config/Configuration.ts b/lib/msal-browser/src/config/Configuration.ts index b4f1bc9ae2..2e4172a1f3 100644 --- a/lib/msal-browser/src/config/Configuration.ts +++ b/lib/msal-browser/src/config/Configuration.ts @@ -192,9 +192,9 @@ export type BrowserSystemOptions = SystemOptions & { */ allowRedirectInIframe?: boolean; /** - * Flag to enable native broker support (e.g. acquiring tokens from WAM on Windows) + * Flag to enable native broker support (e.g. acquiring tokens from WAM on Windows, MacBroker on Mac) */ - allowNativeBroker?: boolean; + allowPlatformBroker?: boolean; /** * Sets the timeout for waiting for the native broker handshake to resolve */ @@ -340,7 +340,7 @@ export function buildConfiguration( redirectNavigationTimeout: DEFAULT_REDIRECT_TIMEOUT_MS, asyncPopups: false, allowRedirectInIframe: false, - allowNativeBroker: false, + allowPlatformBroker: false, nativeBrokerHandshakeTimeout: userInputSystem?.nativeBrokerHandshakeTimeout || DEFAULT_NATIVE_BROKER_HANDSHAKE_TIMEOUT_MS, @@ -376,14 +376,14 @@ export function buildConfiguration( ); } - // Throw an error if user has set allowNativeBroker to true without being in AAD protocol mode + // Throw an error if user has set allowPlatformBroker to true without being in AAD protocol mode if ( userInputAuth?.protocolMode && userInputAuth.protocolMode !== ProtocolMode.AAD && - providedSystemOptions?.allowNativeBroker + providedSystemOptions?.allowPlatformBroker ) { throw createClientConfigurationError( - ClientConfigurationErrorCodes.cannotAllowNativeBroker + ClientConfigurationErrorCodes.cannotAllowPlatformBroker ); } diff --git a/lib/msal-browser/src/controllers/NestedAppAuthController.ts b/lib/msal-browser/src/controllers/NestedAppAuthController.ts index 13e74e5f2c..d59221fe44 100644 --- a/lib/msal-browser/src/controllers/NestedAppAuthController.ts +++ b/lib/msal-browser/src/controllers/NestedAppAuthController.ts @@ -573,7 +573,7 @@ export class NestedAppAuthController implements IController { | "responseMode" | "codeChallenge" | "codeChallengeMethod" - | "nativeBroker" + | "platformBroker" > > | PopupRequest, @@ -766,7 +766,7 @@ export class NestedAppAuthController implements IController { | "responseMode" | "codeChallenge" | "codeChallengeMethod" - | "nativeBroker" + | "platformBroker" > > ): Promise { diff --git a/lib/msal-browser/src/controllers/StandardController.ts b/lib/msal-browser/src/controllers/StandardController.ts index 286f6de274..51c1cfc2ac 100644 --- a/lib/msal-browser/src/controllers/StandardController.ts +++ b/lib/msal-browser/src/controllers/StandardController.ts @@ -333,7 +333,7 @@ export class StandardController implements IController { const initCorrelationId = request?.correlationId || this.getRequestCorrelationId(); - const allowNativeBroker = this.config.system.allowNativeBroker; + const allowPlatformBroker = this.config.system.allowPlatformBroker; const initMeasurement = this.performanceClient.startMeasurement( PerformanceEvents.InitializeClientApplication, initCorrelationId @@ -348,7 +348,7 @@ export class StandardController implements IController { initCorrelationId )(initCorrelationId); - if (allowNativeBroker) { + if (allowPlatformBroker) { try { this.nativeExtensionProvider = await NativeMessageHandler.createProvider( @@ -379,7 +379,10 @@ export class StandardController implements IController { this.initialized = true; this.eventHandler.emitEvent(EventType.INITIALIZE_END); - initMeasurement.end({ allowNativeBroker, success: true }); + initMeasurement.end({ + allowPlatformBroker: allowPlatformBroker, + success: true, + }); } // #region Redirect Flow @@ -439,7 +442,7 @@ export class StandardController implements IController { this.browserStorage.getCachedNativeRequest(); const useNative = request && - NativeMessageHandler.isNativeAvailable( + NativeMessageHandler.isPlatformBrokerAvailable( this.config, this.logger, this.nativeExtensionProvider @@ -662,7 +665,10 @@ export class StandardController implements IController { let result: Promise; - if (this.nativeExtensionProvider && this.canUseNative(request)) { + if ( + this.nativeExtensionProvider && + this.canUsePlatformBroker(request) + ) { const nativeClient = new NativeInteractionClient( this.config, this.browserStorage, @@ -776,7 +782,7 @@ export class StandardController implements IController { let result: Promise; - if (this.canUseNative(request)) { + if (this.canUsePlatformBroker(request)) { result = this.acquireTokenNative( { ...request, @@ -945,7 +951,7 @@ export class StandardController implements IController { let result: Promise; - if (this.canUseNative(validRequest)) { + if (this.canUsePlatformBroker(validRequest)) { result = this.acquireTokenNative( validRequest, ApiId.ssoSilent @@ -1093,7 +1099,9 @@ export class StandardController implements IController { } return await response; } else if (request.nativeAccountId) { - if (this.canUseNative(request, request.nativeAccountId)) { + if ( + this.canUsePlatformBroker(request, request.nativeAccountId) + ) { const result = await this.acquireTokenNative( { ...request, @@ -1533,16 +1541,16 @@ export class StandardController implements IController { } /** - * Returns boolean indicating if this request can use the native broker + * Returns boolean indicating if this request can use the platform broker * @param request */ - public canUseNative( + public canUsePlatformBroker( request: RedirectRequest | PopupRequest | SsoSilentRequest, accountId?: string ): boolean { - this.logger.trace("canUseNative called"); + this.logger.trace("canUsePlatformBroker called"); if ( - !NativeMessageHandler.isNativeAvailable( + !NativeMessageHandler.isPlatformBrokerAvailable( this.config, this.logger, this.nativeExtensionProvider, @@ -1550,7 +1558,7 @@ export class StandardController implements IController { ) ) { this.logger.trace( - "canUseNative: isNativeAvailable returned false, returning false" + "canUsePlatformBroker: isPlatformBrokerAvailable returned false, returning false" ); return false; } @@ -1561,12 +1569,12 @@ export class StandardController implements IController { case PromptValue.CONSENT: case PromptValue.LOGIN: this.logger.trace( - "canUseNative: prompt is compatible with native flow" + "canUsePlatformBroker: prompt is compatible with platform broker flow" ); break; default: this.logger.trace( - `canUseNative: prompt = ${request.prompt} is not compatible with native flow, returning false` + `canUsePlatformBroker: prompt = ${request.prompt} is not compatible with platform broker flow, returning false` ); return false; } @@ -1574,7 +1582,7 @@ export class StandardController implements IController { if (!accountId && !this.getNativeAccountId(request)) { this.logger.trace( - "canUseNative: nativeAccountId is not available, returning false" + "canUsePlatformBroker: nativeAccountId is not available, returning false" ); return false; } @@ -2263,7 +2271,7 @@ export class StandardController implements IController { cacheLookupPolicy: CacheLookupPolicy ): Promise { if ( - NativeMessageHandler.isNativeAvailable( + NativeMessageHandler.isPlatformBrokerAvailable( this.config, this.logger, this.nativeExtensionProvider, diff --git a/lib/msal-browser/src/controllers/UnknownOperatingContextController.ts b/lib/msal-browser/src/controllers/UnknownOperatingContextController.ts index 4515d7e820..b361987049 100644 --- a/lib/msal-browser/src/controllers/UnknownOperatingContextController.ts +++ b/lib/msal-browser/src/controllers/UnknownOperatingContextController.ts @@ -181,7 +181,7 @@ export class UnknownOperatingContextController implements IController { | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" - | "nativeBroker" + | "platformBroker" > >, // eslint-disable-next-line @typescript-eslint/no-unused-vars @@ -288,7 +288,7 @@ export class UnknownOperatingContextController implements IController { | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" - | "nativeBroker" + | "platformBroker" > > ): Promise { diff --git a/lib/msal-browser/src/interaction_client/PopupClient.ts b/lib/msal-browser/src/interaction_client/PopupClient.ts index 2fd05de3c5..aafccc7e07 100644 --- a/lib/msal-browser/src/interaction_client/PopupClient.ts +++ b/lib/msal-browser/src/interaction_client/PopupClient.ts @@ -227,15 +227,16 @@ export class PopupClient extends StandardInteractionClient { account: validRequest.account, }); - const isNativeBroker = NativeMessageHandler.isNativeAvailable( - this.config, - this.logger, - this.nativeMessageHandler, - request.authenticationScheme - ); + const isPlatformBroker = + NativeMessageHandler.isPlatformBrokerAvailable( + this.config, + this.logger, + this.nativeMessageHandler, + request.authenticationScheme + ); // Start measurement for server calls with native brokering enabled let fetchNativeAccountIdMeasurement; - if (isNativeBroker) { + if (isPlatformBroker) { fetchNativeAccountIdMeasurement = this.performanceClient.startMeasurement( PerformanceEvents.FetchAccountIdWithNativeBroker, @@ -246,7 +247,7 @@ export class PopupClient extends StandardInteractionClient { // Create acquire token url. const navigateUrl = await authClient.getAuthCodeUrl({ ...validRequest, - nativeBroker: isNativeBroker, + platformBroker: isPlatformBroker, }); // Create popup interaction handler. diff --git a/lib/msal-browser/src/interaction_client/RedirectClient.ts b/lib/msal-browser/src/interaction_client/RedirectClient.ts index abd01a3615..0d18134bd9 100644 --- a/lib/msal-browser/src/interaction_client/RedirectClient.ts +++ b/lib/msal-browser/src/interaction_client/RedirectClient.ts @@ -170,7 +170,7 @@ export class RedirectClient extends StandardInteractionClient { // Create acquire token url. const navigateUrl = await authClient.getAuthCodeUrl({ ...validRequest, - nativeBroker: NativeMessageHandler.isNativeAvailable( + platformBroker: NativeMessageHandler.isPlatformBrokerAvailable( this.config, this.logger, this.nativeMessageHandler, diff --git a/lib/msal-browser/src/interaction_client/SilentIframeClient.ts b/lib/msal-browser/src/interaction_client/SilentIframeClient.ts index 36a28b8d18..7229e782ca 100644 --- a/lib/msal-browser/src/interaction_client/SilentIframeClient.ts +++ b/lib/msal-browser/src/interaction_client/SilentIframeClient.ts @@ -239,7 +239,7 @@ export class SilentIframeClient extends StandardInteractionClient { correlationId )({ ...silentRequest, - nativeBroker: NativeMessageHandler.isNativeAvailable( + platformBroker: NativeMessageHandler.isPlatformBrokerAvailable( this.config, this.logger, this.nativeMessageHandler, diff --git a/lib/msal-browser/src/request/AuthorizationUrlRequest.ts b/lib/msal-browser/src/request/AuthorizationUrlRequest.ts index b21c1dc80e..c9ca87debc 100644 --- a/lib/msal-browser/src/request/AuthorizationUrlRequest.ts +++ b/lib/msal-browser/src/request/AuthorizationUrlRequest.ts @@ -10,7 +10,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common/browser"; */ export type AuthorizationUrlRequest = Omit< CommonAuthorizationUrlRequest, - "state" | "nonce" | "requestedClaimsHash" | "nativeBroker" + "state" | "nonce" | "requestedClaimsHash" | "platformBroker" > & { state: string; nonce: string; diff --git a/lib/msal-browser/src/request/PopupRequest.ts b/lib/msal-browser/src/request/PopupRequest.ts index e8522e9a86..52abf06cb3 100644 --- a/lib/msal-browser/src/request/PopupRequest.ts +++ b/lib/msal-browser/src/request/PopupRequest.ts @@ -46,7 +46,7 @@ export type PopupRequest = Partial< | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" - | "nativeBroker" + | "platformBroker" > > & { scopes: Array; diff --git a/lib/msal-browser/src/request/RedirectRequest.ts b/lib/msal-browser/src/request/RedirectRequest.ts index e0d5f6aa9c..c7cfa14b56 100644 --- a/lib/msal-browser/src/request/RedirectRequest.ts +++ b/lib/msal-browser/src/request/RedirectRequest.ts @@ -44,7 +44,7 @@ export type RedirectRequest = Partial< | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" - | "nativeBroker" + | "platformBroker" > > & { scopes: Array; diff --git a/lib/msal-browser/src/request/SsoSilentRequest.ts b/lib/msal-browser/src/request/SsoSilentRequest.ts index c5b8119fea..80e3793a44 100644 --- a/lib/msal-browser/src/request/SsoSilentRequest.ts +++ b/lib/msal-browser/src/request/SsoSilentRequest.ts @@ -40,7 +40,7 @@ export type SsoSilentRequest = Partial< | "codeChallenge" | "codeChallengeMethod" | "requestedClaimsHash" - | "nativeBroker" + | "platformBroker" > > & { tokenBodyParameters?: StringDict; diff --git a/lib/msal-browser/test/app/PCANonBrowser.spec.ts b/lib/msal-browser/test/app/PCANonBrowser.spec.ts index c511faf6e7..39896d27a4 100644 --- a/lib/msal-browser/test/app/PCANonBrowser.spec.ts +++ b/lib/msal-browser/test/app/PCANonBrowser.spec.ts @@ -267,7 +267,7 @@ describe("Non-browser environment", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); instance.initialize().then(() => { diff --git a/lib/msal-browser/test/app/PublicClientApplication.spec.ts b/lib/msal-browser/test/app/PublicClientApplication.spec.ts index b8bf1cac1f..4b22e4f324 100644 --- a/lib/msal-browser/test/app/PublicClientApplication.spec.ts +++ b/lib/msal-browser/test/app/PublicClientApplication.spec.ts @@ -177,7 +177,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { }, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); @@ -250,7 +250,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; const concurrency = 5; @@ -340,7 +340,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; const concurrency = 6; @@ -426,13 +426,13 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { } }); - it("creates extension provider if allowNativeBroker is true", async () => { + it("creates extension provider if allowPlatformBroker is true", async () => { const config = { auth: { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -452,7 +452,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { ); }); - it("does not create extension provider if allowNativeBroker is false", async () => { + it("does not create extension provider if allowPlatformBroker is false", async () => { const createProviderSpy = jest.spyOn( NativeMessageHandler, "createProvider" @@ -462,7 +462,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); await pca.initialize(); @@ -484,7 +484,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); await pca.initialize(); @@ -633,7 +633,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -716,7 +716,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, telemetry: { client: new BrowserPerformanceClient(testAppConfig), @@ -987,7 +987,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); @@ -1130,7 +1130,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { }, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); @@ -1284,7 +1284,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -1336,7 +1336,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, telemetry: { client: new BrowserPerformanceClient(testAppConfig), @@ -1361,7 +1361,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { PerformanceEvents.InitializeClientApplication ) { expect(event.success).toBeTruthy(); - expect(event.allowNativeBroker).toBeTruthy(); + expect(event.allowPlatformBroker).toBeTruthy(); pca.removePerformanceCallback(callbackId); done(); } @@ -1377,7 +1377,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -1420,7 +1420,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -1467,7 +1467,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -1516,7 +1516,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -1704,7 +1704,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { storeAuthStateInCookie: false, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }); await pca.initialize(); @@ -1794,7 +1794,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; @@ -2201,7 +2201,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2264,7 +2264,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2319,7 +2319,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2377,7 +2377,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2437,7 +2437,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2525,7 +2525,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); await expect( @@ -2870,7 +2870,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2927,7 +2927,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -2985,7 +2985,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -3276,7 +3276,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -3328,7 +3328,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -3365,7 +3365,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); await pca.initialize(); @@ -3723,7 +3723,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -3773,7 +3773,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -3829,7 +3829,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -3888,7 +3888,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -4270,7 +4270,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, cache: { claimsBasedCachingEnabled: true, @@ -4580,7 +4580,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, cache: { claimsBasedCachingEnabled: true, @@ -6482,7 +6482,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }; pca = new PublicClientApplication(config); @@ -6539,7 +6539,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: LogLevel.Info, loggerCallback: (level, message, containsPii) => { @@ -6585,7 +6585,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: LogLevel.Verbose, loggerCallback: (level, message, containsPii) => { @@ -6626,7 +6626,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: LogLevel.Info, loggerCallback: (level, message, containsPii) => { @@ -6679,7 +6679,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: LogLevel.Info, loggerCallback: (level, message, containsPii) => { @@ -6728,7 +6728,7 @@ describe("PublicClientApplication.ts Class Unit Tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: LogLevel.Verbose, loggerCallback: (level, message, containsPii) => { diff --git a/lib/msal-browser/test/config/Configuration.spec.ts b/lib/msal-browser/test/config/Configuration.spec.ts index d4cb230fdb..ee850833bb 100644 --- a/lib/msal-browser/test/config/Configuration.spec.ts +++ b/lib/msal-browser/test/config/Configuration.spec.ts @@ -75,23 +75,23 @@ describe("Configuration.ts Class Unit Tests", () => { expect(emptyConfig.system?.navigateFrameWait).toBe(0); expect(emptyConfig.system?.tokenRenewalOffsetSeconds).toBe(300); expect(emptyConfig.system?.asyncPopups).toBe(false); - expect(emptyConfig.system?.allowNativeBroker).toBe(false); + expect(emptyConfig.system?.allowPlatformBroker).toBe(false); }); - it("sets allowNativeBroker to passed in true value", () => { + it("sets allowPlatformBroker to passed in true value", () => { const config: Configuration = buildConfiguration( { auth: { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }, true ); - expect(config.system?.allowNativeBroker).toBe(true); + expect(config.system?.allowPlatformBroker).toBe(true); }); it("sets timeouts with loadFrameTimeout", () => { diff --git a/lib/msal-browser/test/interaction_client/PopupClient.spec.ts b/lib/msal-browser/test/interaction_client/PopupClient.spec.ts index 29c1c40d8a..8239a3a4c6 100644 --- a/lib/msal-browser/test/interaction_client/PopupClient.spec.ts +++ b/lib/msal-browser/test/interaction_client/PopupClient.spec.ts @@ -287,7 +287,7 @@ describe("PopupClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -405,7 +405,7 @@ describe("PopupClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); diff --git a/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts b/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts index bae9ae9b06..23eeba2225 100644 --- a/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts +++ b/lib/msal-browser/test/interaction_client/RedirectClient.spec.ts @@ -561,7 +561,7 @@ describe("RedirectClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -723,7 +723,7 @@ describe("RedirectClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); diff --git a/lib/msal-browser/test/interaction_client/SilentIframeClient.spec.ts b/lib/msal-browser/test/interaction_client/SilentIframeClient.spec.ts index 8faeb86654..b0a3220a4d 100644 --- a/lib/msal-browser/test/interaction_client/SilentIframeClient.spec.ts +++ b/lib/msal-browser/test/interaction_client/SilentIframeClient.spec.ts @@ -399,7 +399,7 @@ describe("SilentIframeClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); @@ -509,7 +509,7 @@ describe("SilentIframeClient", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: true, + allowPlatformBroker: true, }, }); diff --git a/lib/msal-common/apiReview/msal-common.api.md b/lib/msal-common/apiReview/msal-common.api.md index 218a60423b..c4833276a0 100644 --- a/lib/msal-common/apiReview/msal-common.api.md +++ b/lib/msal-common/apiReview/msal-common.api.md @@ -961,10 +961,10 @@ export type CacheType = (typeof CacheType)[keyof typeof CacheType]; // @public (undocumented) const cacheUnknownErrorCode = "cache_error_unknown"; -// Warning: (ae-missing-release-tag) "cannotAllowNativeBroker" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) +// Warning: (ae-missing-release-tag) "cannotAllowPlatformBroker" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) // // @public (undocumented) -const cannotAllowNativeBroker = "cannot_allow_native_broker"; +const cannotAllowPlatformBroker = "cannot_allow_platform_broker"; // Warning: (ae-missing-release-tag) "cannotAppendScopeSet" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) // @@ -1374,7 +1374,7 @@ declare namespace ClientConfigurationErrorCodes { missingNonceAuthenticationHeader, invalidAuthenticationHeader, cannotSetOIDCOptions, - cannotAllowNativeBroker, + cannotAllowPlatformBroker, authorityMismatch } } @@ -1464,7 +1464,7 @@ export const ClientConfigurationErrorMessage: { code: string; desc: string; }; - cannotAllowNativeBroker: { + cannotAllowPlatformBroker: { code: string; desc: string; }; @@ -1550,7 +1550,7 @@ export type CommonAuthorizationUrlRequest = BaseAuthRequest & { prompt?: string; sid?: string; state?: string; - nativeBroker?: boolean; + platformBroker?: boolean; }; // Warning: (ae-missing-release-tag) "CommonClientCredentialRequest" is part of the package's API, but it is missing a release tag (@alpha, @beta, @public, or @internal) @@ -3043,7 +3043,7 @@ export type PerformanceEvent = { httpStatus?: number; contentTypeHeader?: string; contentLengthHeader?: string; - allowNativeBroker?: boolean; + allowPlatformBroker?: boolean; extensionInstalled?: boolean; extensionHandshakeTimeoutMs?: number; extensionHandshakeTimedOut?: boolean; diff --git a/lib/msal-common/src/client/AuthorizationCodeClient.ts b/lib/msal-common/src/client/AuthorizationCodeClient.ts index bf7062344e..13f7b2670a 100644 --- a/lib/msal-common/src/client/AuthorizationCodeClient.ts +++ b/lib/msal-common/src/client/AuthorizationCodeClient.ts @@ -694,7 +694,7 @@ export class AuthorizationCodeClient extends BaseClient { this.addExtraQueryParams(request, parameterBuilder); - if (request.nativeBroker) { + if (request.platformBroker) { // signal ests that this is a WAM call parameterBuilder.addNativeBroker(); diff --git a/lib/msal-common/src/error/ClientConfigurationError.ts b/lib/msal-common/src/error/ClientConfigurationError.ts index 92f4f07abd..c5f560d29e 100644 --- a/lib/msal-common/src/error/ClientConfigurationError.ts +++ b/lib/msal-common/src/error/ClientConfigurationError.ts @@ -47,8 +47,8 @@ export const ClientConfigurationErrorMessages = { "Invalid authentication header provided", [ClientConfigurationErrorCodes.cannotSetOIDCOptions]: "Cannot set OIDCOptions parameter. Please change the protocol mode to OIDC or use a non-Microsoft authority.", - [ClientConfigurationErrorCodes.cannotAllowNativeBroker]: - "Cannot set allowNativeBroker parameter to true when not in AAD protocol mode.", + [ClientConfigurationErrorCodes.cannotAllowPlatformBroker]: + "Cannot set allowPlatformBroker parameter to true when not in AAD protocol mode.", [ClientConfigurationErrorCodes.authorityMismatch]: "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.", }; @@ -178,10 +178,10 @@ export const ClientConfigurationErrorMessage = { ClientConfigurationErrorCodes.cannotSetOIDCOptions ], }, - cannotAllowNativeBroker: { - code: ClientConfigurationErrorCodes.cannotAllowNativeBroker, + cannotAllowPlatformBroker: { + code: ClientConfigurationErrorCodes.cannotAllowPlatformBroker, desc: ClientConfigurationErrorMessages[ - ClientConfigurationErrorCodes.cannotAllowNativeBroker + ClientConfigurationErrorCodes.cannotAllowPlatformBroker ], }, authorityMismatch: { diff --git a/lib/msal-common/src/error/ClientConfigurationErrorCodes.ts b/lib/msal-common/src/error/ClientConfigurationErrorCodes.ts index c60c03a95a..2be49e6781 100644 --- a/lib/msal-common/src/error/ClientConfigurationErrorCodes.ts +++ b/lib/msal-common/src/error/ClientConfigurationErrorCodes.ts @@ -24,5 +24,5 @@ export const missingNonceAuthenticationHeader = "missing_nonce_authentication_header"; export const invalidAuthenticationHeader = "invalid_authentication_header"; export const cannotSetOIDCOptions = "cannot_set_OIDCOptions"; -export const cannotAllowNativeBroker = "cannot_allow_native_broker"; +export const cannotAllowPlatformBroker = "cannot_allow_platform_broker"; export const authorityMismatch = "authority_mismatch"; diff --git a/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts b/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts index ffaca49a33..97039539ce 100644 --- a/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts +++ b/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts @@ -52,5 +52,5 @@ export type CommonAuthorizationUrlRequest = BaseAuthRequest & { prompt?: string; sid?: string; state?: string; - nativeBroker?: boolean; + platformBroker?: boolean; }; diff --git a/lib/msal-common/src/telemetry/performance/PerformanceEvent.ts b/lib/msal-common/src/telemetry/performance/PerformanceEvent.ts index 448ca4032e..e98dd38744 100644 --- a/lib/msal-common/src/telemetry/performance/PerformanceEvent.ts +++ b/lib/msal-common/src/telemetry/performance/PerformanceEvent.ts @@ -824,9 +824,9 @@ export type PerformanceEvent = { contentLengthHeader?: string; /** - * Native broker fields + * Platform broker fields */ - allowNativeBroker?: boolean; + allowPlatformBroker?: boolean; extensionInstalled?: boolean; extensionHandshakeTimeoutMs?: number; extensionHandshakeTimedOut?: boolean; diff --git a/lib/msal-common/test/client/AuthorizationCodeClient.spec.ts b/lib/msal-common/test/client/AuthorizationCodeClient.spec.ts index 04e908afc5..a0ca9b904f 100644 --- a/lib/msal-common/test/client/AuthorizationCodeClient.spec.ts +++ b/lib/msal-common/test/client/AuthorizationCodeClient.spec.ts @@ -1285,7 +1285,7 @@ describe("AuthorizationCodeClient unit tests", () => { nonce: TEST_CONFIG.NONCE, correlationId: RANDOM_TEST_GUID, authenticationScheme: AuthenticationScheme.POP, - nativeBroker: true, + platformBroker: true, }; const loginUrl = await client.getAuthCodeUrl(authCodeUrlRequest); expect( diff --git a/lib/msal-react/test/MsalProvider.spec.tsx b/lib/msal-react/test/MsalProvider.spec.tsx index 4b11438dde..b4b31130ad 100644 --- a/lib/msal-react/test/MsalProvider.spec.tsx +++ b/lib/msal-react/test/MsalProvider.spec.tsx @@ -27,7 +27,7 @@ describe("MsalProvider tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/lib/msal-react/test/components/AuthenticatedTemplate.spec.tsx b/lib/msal-react/test/components/AuthenticatedTemplate.spec.tsx index ebc5b17cab..9427204fb0 100644 --- a/lib/msal-react/test/components/AuthenticatedTemplate.spec.tsx +++ b/lib/msal-react/test/components/AuthenticatedTemplate.spec.tsx @@ -22,7 +22,7 @@ describe("AuthenticatedTemplate tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/lib/msal-react/test/components/MsalAuthenticationTemplate.spec.tsx b/lib/msal-react/test/components/MsalAuthenticationTemplate.spec.tsx index 9ad6a16ee1..260b55a3a8 100644 --- a/lib/msal-react/test/components/MsalAuthenticationTemplate.spec.tsx +++ b/lib/msal-react/test/components/MsalAuthenticationTemplate.spec.tsx @@ -41,7 +41,7 @@ describe("MsalAuthenticationTemplate tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/lib/msal-react/test/components/UnauthenticatedTemplate.spec.tsx b/lib/msal-react/test/components/UnauthenticatedTemplate.spec.tsx index 70b828c6ba..e4eaebf24d 100644 --- a/lib/msal-react/test/components/UnauthenticatedTemplate.spec.tsx +++ b/lib/msal-react/test/components/UnauthenticatedTemplate.spec.tsx @@ -25,7 +25,7 @@ describe("UnauthenticatedTemplate tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/lib/msal-react/test/components/withMsal.spec.tsx b/lib/msal-react/test/components/withMsal.spec.tsx index 4fb78fdd0c..3327083b90 100644 --- a/lib/msal-react/test/components/withMsal.spec.tsx +++ b/lib/msal-react/test/components/withMsal.spec.tsx @@ -20,7 +20,7 @@ describe("withMsal tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/lib/msal-react/test/hooks/useIsAuthenticated.spec.tsx b/lib/msal-react/test/hooks/useIsAuthenticated.spec.tsx index 4630529509..4ed69548af 100644 --- a/lib/msal-react/test/hooks/useIsAuthenticated.spec.tsx +++ b/lib/msal-react/test/hooks/useIsAuthenticated.spec.tsx @@ -12,7 +12,7 @@ describe("useIsAuthenticated tests", () => { clientId: TEST_CONFIG.MSAL_CLIENT_ID, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, }, }; diff --git a/samples/msal-angular-v3-samples/angular-b2c-sample-app/src/app/app.module.ts b/samples/msal-angular-v3-samples/angular-b2c-sample-app/src/app/app.module.ts index a9de2a2dd1..150f77cc6f 100644 --- a/samples/msal-angular-v3-samples/angular-b2c-sample-app/src/app/app.module.ts +++ b/samples/msal-angular-v3-samples/angular-b2c-sample-app/src/app/app.module.ts @@ -15,8 +15,26 @@ import { ProfileComponent } from './profile/profile.component'; import { FailedComponent } from './failed/failed.component'; import { HTTP_INTERCEPTORS, HttpClientModule } from '@angular/common/http'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from '@azure/msal-browser'; -import { MsalGuard, MsalInterceptor, MsalBroadcastService, MsalInterceptorConfiguration, MsalModule, MsalService, MSAL_GUARD_CONFIG, MSAL_INSTANCE, MSAL_INTERCEPTOR_CONFIG, MsalGuardConfiguration, MsalRedirectComponent } from '@azure/msal-angular'; +import { + IPublicClientApplication, + PublicClientApplication, + InteractionType, + BrowserCacheLocation, + LogLevel, +} from '@azure/msal-browser'; +import { + MsalGuard, + MsalInterceptor, + MsalBroadcastService, + MsalInterceptorConfiguration, + MsalModule, + MsalService, + MSAL_GUARD_CONFIG, + MSAL_INSTANCE, + MSAL_INTERCEPTOR_CONFIG, + MsalGuardConfiguration, + MsalRedirectComponent, +} from '@azure/msal-angular'; import { environment } from 'src/environments/environment'; @@ -31,30 +49,33 @@ export function MSALInstanceFactory(): IPublicClientApplication { authority: environment.b2cPolicies.authorities.signUpSignIn.authority, redirectUri: '/', postLogoutRedirectUri: '/', - knownAuthorities: [environment.b2cPolicies.authorityDomain] + knownAuthorities: [environment.b2cPolicies.authorityDomain], }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Verbose, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { const protectedResourceMap = new Map>(); - protectedResourceMap.set(environment.apiConfig.uri, environment.apiConfig.scopes); + protectedResourceMap.set( + environment.apiConfig.uri, + environment.apiConfig.scopes + ); return { interactionType: InteractionType.Redirect, - protectedResourceMap + protectedResourceMap, }; } @@ -64,7 +85,7 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { authRequest: { scopes: [...environment.apiConfig.scopes], }, - loginFailedRoute: '/login-failed' + loginFailedRoute: '/login-failed', }; } @@ -73,7 +94,7 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { AppComponent, HomeComponent, ProfileComponent, - FailedComponent + FailedComponent, ], imports: [ BrowserModule, @@ -85,30 +106,30 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { MatMenuModule, MatTableModule, HttpClientModule, - MsalModule + MsalModule, ], providers: [ { provide: HTTP_INTERCEPTORS, useClass: MsalInterceptor, - multi: true + multi: true, }, { provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + useFactory: MSALInstanceFactory, }, { provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + useFactory: MSALGuardConfigFactory, }, { provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + useFactory: MSALInterceptorConfigFactory, }, MsalService, MsalGuard, - MsalBroadcastService + MsalBroadcastService, ], - bootstrap: [AppComponent, MsalRedirectComponent] + bootstrap: [AppComponent, MsalRedirectComponent], }) -export class AppModule { } \ No newline at end of file +export class AppModule {} diff --git a/samples/msal-angular-v3-samples/angular-standalone-sample/src/main.ts b/samples/msal-angular-v3-samples/angular-standalone-sample/src/main.ts index 99579cb6a8..27b7017abf 100644 --- a/samples/msal-angular-v3-samples/angular-standalone-sample/src/main.ts +++ b/samples/msal-angular-v3-samples/angular-standalone-sample/src/main.ts @@ -1,14 +1,40 @@ import { enableProdMode, importProvidersFrom } from '@angular/core'; -import { HTTP_INTERCEPTORS, withInterceptorsFromDi, provideHttpClient } from '@angular/common/http'; +import { + HTTP_INTERCEPTORS, + withInterceptorsFromDi, + provideHttpClient, +} from '@angular/common/http'; import { MatMenuModule } from '@angular/material/menu'; import { MatListModule } from '@angular/material/list'; import { MatToolbarModule } from '@angular/material/toolbar'; import { MatButtonModule } from '@angular/material/button'; import { provideNoopAnimations } from '@angular/platform-browser/animations'; import { BrowserModule, bootstrapApplication } from '@angular/platform-browser'; -import { Route, provideRouter, withDisabledInitialNavigation, withEnabledBlockingInitialNavigation } from '@angular/router'; -import { MsalInterceptor, MSAL_INSTANCE, MsalInterceptorConfiguration, MsalGuardConfiguration, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG, MsalService, MsalGuard, MsalBroadcastService } from '@azure/msal-angular'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel, BrowserUtils } from '@azure/msal-browser'; +import { + Route, + provideRouter, + withDisabledInitialNavigation, + withEnabledBlockingInitialNavigation, +} from '@angular/router'; +import { + MsalInterceptor, + MSAL_INSTANCE, + MsalInterceptorConfiguration, + MsalGuardConfiguration, + MSAL_GUARD_CONFIG, + MSAL_INTERCEPTOR_CONFIG, + MsalService, + MsalGuard, + MsalBroadcastService, +} from '@azure/msal-angular'; +import { + IPublicClientApplication, + PublicClientApplication, + InteractionType, + BrowserCacheLocation, + LogLevel, + BrowserUtils, +} from '@azure/msal-browser'; import { AppComponent } from './app/app.component'; import { HomeComponent } from './app/home/home.component'; import { ProfileComponent } from './app/profile/profile.component'; @@ -16,101 +42,110 @@ import { FailedComponent } from './app/failed/failed.component'; import { environment } from './environments/environment'; export function loggerCallback(logLevel: LogLevel, message: string) { - console.log(message); + console.log(message); } export function MSALInstanceFactory(): IPublicClientApplication { - return new PublicClientApplication({ - auth: { - clientId: environment.msalConfig.auth.clientId, - authority: environment.msalConfig.auth.authority, - redirectUri: '/', - postLogoutRedirectUri: '/' - }, - cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + return new PublicClientApplication({ + auth: { + clientId: environment.msalConfig.auth.clientId, + authority: environment.msalConfig.auth.authority, + redirectUri: '/', + postLogoutRedirectUri: '/', + }, + cache: { + cacheLocation: BrowserCacheLocation.LocalStorage, + }, + system: { + allowPlatformBroker: false, // Disables WAM Broker + loggerOptions: { + loggerCallback, + logLevel: LogLevel.Info, + piiLoggingEnabled: false, }, - system: { - allowNativeBroker: false, // Disables WAM Broker - loggerOptions: { - loggerCallback, - logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } - }); + }, + }); } export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { - const protectedResourceMap = new Map>(); - protectedResourceMap.set(environment.apiConfig.uri, environment.apiConfig.scopes); - - return { - interactionType: InteractionType.Redirect, - protectedResourceMap - }; - } - - export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { - interactionType: InteractionType.Redirect, - authRequest: { - scopes: [...environment.apiConfig.scopes] - }, - loginFailedRoute: '/login-failed' - }; + const protectedResourceMap = new Map>(); + protectedResourceMap.set( + environment.apiConfig.uri, + environment.apiConfig.scopes + ); + + return { + interactionType: InteractionType.Redirect, + protectedResourceMap, + }; } -const initialNavigation = !BrowserUtils.isInIframe() && !BrowserUtils.isInPopup() +export function MSALGuardConfigFactory(): MsalGuardConfiguration { + return { + interactionType: InteractionType.Redirect, + authRequest: { + scopes: [...environment.apiConfig.scopes], + }, + loginFailedRoute: '/login-failed', + }; +} + +const initialNavigation = + !BrowserUtils.isInIframe() && !BrowserUtils.isInPopup() ? withEnabledBlockingInitialNavigation() // Set to enabledBlocking to use Angular Universal - : withDisabledInitialNavigation(); + : withDisabledInitialNavigation(); export const Routes: Route[] = [ - { - path: 'profile', - component: ProfileComponent, - canActivate: [MsalGuard] - }, - { - path: '', - component: HomeComponent - }, - { - path: 'login-failed', - component: FailedComponent - } - ]; + { + path: 'profile', + component: ProfileComponent, + canActivate: [MsalGuard], + }, + { + path: '', + component: HomeComponent, + }, + { + path: 'login-failed', + component: FailedComponent, + }, +]; if (environment.production) { enableProdMode(); } bootstrapApplication(AppComponent, { - providers: [ - importProvidersFrom(BrowserModule, MatButtonModule, MatToolbarModule, MatListModule, MatMenuModule), - provideRouter(Routes, initialNavigation), - provideNoopAnimations(), - provideHttpClient(withInterceptorsFromDi()), - { - provide: HTTP_INTERCEPTORS, - useClass: MsalInterceptor, - multi: true - }, - { - provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory - }, - { - provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory - }, - { - provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory - }, - MsalService, - MsalGuard, - MsalBroadcastService - ] -}) - .catch(err => console.error(err)); + providers: [ + importProvidersFrom( + BrowserModule, + MatButtonModule, + MatToolbarModule, + MatListModule, + MatMenuModule + ), + provideRouter(Routes, initialNavigation), + provideNoopAnimations(), + provideHttpClient(withInterceptorsFromDi()), + { + provide: HTTP_INTERCEPTORS, + useClass: MsalInterceptor, + multi: true, + }, + { + provide: MSAL_INSTANCE, + useFactory: MSALInstanceFactory, + }, + { + provide: MSAL_GUARD_CONFIG, + useFactory: MSALGuardConfigFactory, + }, + { + provide: MSAL_INTERCEPTOR_CONFIG, + useFactory: MSALInterceptorConfigFactory, + }, + MsalService, + MsalGuard, + MsalBroadcastService, + ], +}).catch((err) => console.error(err)); diff --git a/samples/msal-angular-v3-samples/angular15-sample-app/src/app/app.module.ts b/samples/msal-angular-v3-samples/angular15-sample-app/src/app/app.module.ts index 71e86c8a22..500ab6328b 100644 --- a/samples/msal-angular-v3-samples/angular15-sample-app/src/app/app.module.ts +++ b/samples/msal-angular-v3-samples/angular15-sample-app/src/app/app.module.ts @@ -13,8 +13,26 @@ import { HomeComponent } from './home/home.component'; import { ProfileComponent } from './profile/profile.component'; import { HTTP_INTERCEPTORS, HttpClientModule } from '@angular/common/http'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from '@azure/msal-browser'; -import { MsalGuard, MsalInterceptor, MsalBroadcastService, MsalInterceptorConfiguration, MsalModule, MsalService, MSAL_GUARD_CONFIG, MSAL_INSTANCE, MSAL_INTERCEPTOR_CONFIG, MsalGuardConfiguration, MsalRedirectComponent } from '@azure/msal-angular'; +import { + IPublicClientApplication, + PublicClientApplication, + InteractionType, + BrowserCacheLocation, + LogLevel, +} from '@azure/msal-browser'; +import { + MsalGuard, + MsalInterceptor, + MsalBroadcastService, + MsalInterceptorConfiguration, + MsalModule, + MsalService, + MSAL_GUARD_CONFIG, + MSAL_INSTANCE, + MSAL_INTERCEPTOR_CONFIG, + MsalGuardConfiguration, + MsalRedirectComponent, +} from '@azure/msal-angular'; import { FailedComponent } from './failed/failed.component'; import { environment } from 'src/environments/environment'; @@ -28,39 +46,42 @@ export function MSALInstanceFactory(): IPublicClientApplication { clientId: environment.msalConfig.auth.clientId, authority: environment.msalConfig.auth.authority, redirectUri: '/', - postLogoutRedirectUri: '/' + postLogoutRedirectUri: '/', }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { const protectedResourceMap = new Map>(); - protectedResourceMap.set(environment.apiConfig.uri, environment.apiConfig.scopes); + protectedResourceMap.set( + environment.apiConfig.uri, + environment.apiConfig.scopes + ); return { interactionType: InteractionType.Redirect, - protectedResourceMap + protectedResourceMap, }; } export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: { - scopes: [...environment.apiConfig.scopes] + scopes: [...environment.apiConfig.scopes], }, - loginFailedRoute: '/login-failed' + loginFailedRoute: '/login-failed', }; } @@ -69,7 +90,7 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { AppComponent, HomeComponent, ProfileComponent, - FailedComponent + FailedComponent, ], imports: [ BrowserModule, @@ -80,30 +101,30 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { MatListModule, MatMenuModule, HttpClientModule, - MsalModule + MsalModule, ], providers: [ { provide: HTTP_INTERCEPTORS, useClass: MsalInterceptor, - multi: true + multi: true, }, { provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + useFactory: MSALInstanceFactory, }, { provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + useFactory: MSALGuardConfigFactory, }, { provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + useFactory: MSALInterceptorConfigFactory, }, MsalService, MsalGuard, - MsalBroadcastService + MsalBroadcastService, ], - bootstrap: [AppComponent, MsalRedirectComponent] + bootstrap: [AppComponent, MsalRedirectComponent], }) -export class AppModule { } +export class AppModule {} diff --git a/samples/msal-angular-v3-samples/angular16-sample-app/src/app/app.module.ts b/samples/msal-angular-v3-samples/angular16-sample-app/src/app/app.module.ts index 71e86c8a22..500ab6328b 100644 --- a/samples/msal-angular-v3-samples/angular16-sample-app/src/app/app.module.ts +++ b/samples/msal-angular-v3-samples/angular16-sample-app/src/app/app.module.ts @@ -13,8 +13,26 @@ import { HomeComponent } from './home/home.component'; import { ProfileComponent } from './profile/profile.component'; import { HTTP_INTERCEPTORS, HttpClientModule } from '@angular/common/http'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from '@azure/msal-browser'; -import { MsalGuard, MsalInterceptor, MsalBroadcastService, MsalInterceptorConfiguration, MsalModule, MsalService, MSAL_GUARD_CONFIG, MSAL_INSTANCE, MSAL_INTERCEPTOR_CONFIG, MsalGuardConfiguration, MsalRedirectComponent } from '@azure/msal-angular'; +import { + IPublicClientApplication, + PublicClientApplication, + InteractionType, + BrowserCacheLocation, + LogLevel, +} from '@azure/msal-browser'; +import { + MsalGuard, + MsalInterceptor, + MsalBroadcastService, + MsalInterceptorConfiguration, + MsalModule, + MsalService, + MSAL_GUARD_CONFIG, + MSAL_INSTANCE, + MSAL_INTERCEPTOR_CONFIG, + MsalGuardConfiguration, + MsalRedirectComponent, +} from '@azure/msal-angular'; import { FailedComponent } from './failed/failed.component'; import { environment } from 'src/environments/environment'; @@ -28,39 +46,42 @@ export function MSALInstanceFactory(): IPublicClientApplication { clientId: environment.msalConfig.auth.clientId, authority: environment.msalConfig.auth.authority, redirectUri: '/', - postLogoutRedirectUri: '/' + postLogoutRedirectUri: '/', }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { const protectedResourceMap = new Map>(); - protectedResourceMap.set(environment.apiConfig.uri, environment.apiConfig.scopes); + protectedResourceMap.set( + environment.apiConfig.uri, + environment.apiConfig.scopes + ); return { interactionType: InteractionType.Redirect, - protectedResourceMap + protectedResourceMap, }; } export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: { - scopes: [...environment.apiConfig.scopes] + scopes: [...environment.apiConfig.scopes], }, - loginFailedRoute: '/login-failed' + loginFailedRoute: '/login-failed', }; } @@ -69,7 +90,7 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { AppComponent, HomeComponent, ProfileComponent, - FailedComponent + FailedComponent, ], imports: [ BrowserModule, @@ -80,30 +101,30 @@ export function MSALGuardConfigFactory(): MsalGuardConfiguration { MatListModule, MatMenuModule, HttpClientModule, - MsalModule + MsalModule, ], providers: [ { provide: HTTP_INTERCEPTORS, useClass: MsalInterceptor, - multi: true + multi: true, }, { provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + useFactory: MSALInstanceFactory, }, { provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + useFactory: MSALGuardConfigFactory, }, { provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + useFactory: MSALInterceptorConfigFactory, }, MsalService, MsalGuard, - MsalBroadcastService + MsalBroadcastService, ], - bootstrap: [AppComponent, MsalRedirectComponent] + bootstrap: [AppComponent, MsalRedirectComponent], }) -export class AppModule { } +export class AppModule {} diff --git a/samples/msal-angular-v3-samples/angular17-standalone-sample/src/app/app.config.ts b/samples/msal-angular-v3-samples/angular17-standalone-sample/src/app/app.config.ts index 921275be90..eb3d96181d 100644 --- a/samples/msal-angular-v3-samples/angular17-standalone-sample/src/app/app.config.ts +++ b/samples/msal-angular-v3-samples/angular17-standalone-sample/src/app/app.config.ts @@ -2,15 +2,36 @@ import { ApplicationConfig, importProvidersFrom } from '@angular/core'; import { provideRouter } from '@angular/router'; import { routes } from './app.routes'; import { BrowserModule } from '@angular/platform-browser'; -import { provideHttpClient, withInterceptorsFromDi, HTTP_INTERCEPTORS, withFetch } from '@angular/common/http'; +import { + provideHttpClient, + withInterceptorsFromDi, + HTTP_INTERCEPTORS, + withFetch, +} from '@angular/common/http'; import { provideNoopAnimations } from '@angular/platform-browser/animations'; -import { IPublicClientApplication, PublicClientApplication, InteractionType, BrowserCacheLocation, LogLevel } from '@azure/msal-browser'; -import { MsalInterceptor, MSAL_INSTANCE, MsalInterceptorConfiguration, MsalGuardConfiguration, MSAL_GUARD_CONFIG, MSAL_INTERCEPTOR_CONFIG, MsalService, MsalGuard, MsalBroadcastService } from '@azure/msal-angular'; +import { + IPublicClientApplication, + PublicClientApplication, + InteractionType, + BrowserCacheLocation, + LogLevel, +} from '@azure/msal-browser'; +import { + MsalInterceptor, + MSAL_INSTANCE, + MsalInterceptorConfiguration, + MsalGuardConfiguration, + MSAL_GUARD_CONFIG, + MSAL_INTERCEPTOR_CONFIG, + MsalService, + MsalGuard, + MsalBroadcastService, +} from '@azure/msal-angular'; import { environment } from '../environments/environment'; import { MatButtonModule } from '@angular/material/button'; import { MatMenuModule } from '@angular/material/menu'; import { MatToolbarModule } from '@angular/material/toolbar'; -import { MatListModule} from '@angular/material/list'; +import { MatListModule } from '@angular/material/list'; export function loggerCallback(logLevel: LogLevel, message: string) { console.log(message); @@ -22,67 +43,76 @@ export function MSALInstanceFactory(): IPublicClientApplication { clientId: environment.msalConfig.auth.clientId, authority: environment.msalConfig.auth.authority, redirectUri: '/', - postLogoutRedirectUri: '/' + postLogoutRedirectUri: '/', }, cache: { - cacheLocation: BrowserCacheLocation.LocalStorage + cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Info, - piiLoggingEnabled: false - } - } + piiLoggingEnabled: false, + }, + }, }); } export function MSALInterceptorConfigFactory(): MsalInterceptorConfiguration { const protectedResourceMap = new Map>(); - protectedResourceMap.set(environment.apiConfig.uri, environment.apiConfig.scopes); + protectedResourceMap.set( + environment.apiConfig.uri, + environment.apiConfig.scopes + ); return { interactionType: InteractionType.Redirect, - protectedResourceMap + protectedResourceMap, }; } export function MSALGuardConfigFactory(): MsalGuardConfiguration { - return { + return { interactionType: InteractionType.Redirect, authRequest: { - scopes: [...environment.apiConfig.scopes] + scopes: [...environment.apiConfig.scopes], }, - loginFailedRoute: '/login-failed' + loginFailedRoute: '/login-failed', }; } export const appConfig: ApplicationConfig = { providers: [ - provideRouter(routes), - importProvidersFrom(BrowserModule, MatButtonModule, MatToolbarModule, MatListModule, MatMenuModule), + provideRouter(routes), + importProvidersFrom( + BrowserModule, + MatButtonModule, + MatToolbarModule, + MatListModule, + MatMenuModule + ), provideNoopAnimations(), provideHttpClient(withInterceptorsFromDi(), withFetch()), { - provide: HTTP_INTERCEPTORS, - useClass: MsalInterceptor, - multi: true + provide: HTTP_INTERCEPTORS, + useClass: MsalInterceptor, + multi: true, }, { - provide: MSAL_INSTANCE, - useFactory: MSALInstanceFactory + provide: MSAL_INSTANCE, + useFactory: MSALInstanceFactory, }, { - provide: MSAL_GUARD_CONFIG, - useFactory: MSALGuardConfigFactory + provide: MSAL_GUARD_CONFIG, + useFactory: MSALGuardConfigFactory, }, { - provide: MSAL_INTERCEPTOR_CONFIG, - useFactory: MSALInterceptorConfigFactory + provide: MSAL_INTERCEPTOR_CONFIG, + useFactory: MSALInterceptorConfigFactory, }, MsalService, MsalGuard, - MsalBroadcastService - ] + MsalBroadcastService, + ], }; diff --git a/samples/msal-angular-v3-samples/angular18-standalone-sample/src/app/app.config.ts b/samples/msal-angular-v3-samples/angular18-standalone-sample/src/app/app.config.ts index c2566a47e1..8e7d5b61d8 100644 --- a/samples/msal-angular-v3-samples/angular18-standalone-sample/src/app/app.config.ts +++ b/samples/msal-angular-v3-samples/angular18-standalone-sample/src/app/app.config.ts @@ -53,7 +53,7 @@ export function MSALInstanceFactory(): IPublicClientApplication { cacheLocation: BrowserCacheLocation.LocalStorage, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback, logLevel: LogLevel.Info, diff --git a/samples/msal-browser-samples/HybridSample/views/client-redirect.hbs b/samples/msal-browser-samples/HybridSample/views/client-redirect.hbs index 550e713709..b05b88da0c 100644 --- a/samples/msal-browser-samples/HybridSample/views/client-redirect.hbs +++ b/samples/msal-browser-samples/HybridSample/views/client-redirect.hbs @@ -17,7 +17,7 @@ piiLoggingEnabled: false, logLevel: msal.LogLevel.Verbose, }, - allowNativeBroker: true + allowPlatformBroker: true } }); diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c/authConfig.js index be1bf7a95a..8519ce2097 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/b2c/authConfig.js @@ -10,7 +10,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false // Disables WAM Broker + allowPlatformBroker: false // Disables WAM Broker } }; diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/client-capabilities/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/client-capabilities/authConfig.js index 2019a6d844..2b6f92bfee 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/client-capabilities/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/client-capabilities/authConfig.js @@ -10,7 +10,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json index ef1806e30b..90ec1944b5 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadAuthConfig.json @@ -9,7 +9,7 @@ "storeAuthStateInCookie": false }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json index 3c9b81aeaa..5b8a7aec68 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadMultiTenantAuthConfig.json @@ -9,7 +9,7 @@ "storeAuthStateInCookie": false }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json index 8d9d0c5996..01141aec79 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/aadTenantedAuthConfig.json @@ -9,7 +9,7 @@ "storeAuthStateInCookie": false }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json index 0e49ab63f2..e7755bd5d0 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/b2cAuthConfig.json @@ -10,7 +10,7 @@ "storeAuthStateInCookie": false }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json index 6b0d6c0b38..42e38744a0 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/localStorageAuthConfig.json @@ -9,7 +9,7 @@ "storeAuthStateInCookie": false }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json index 18b8d4acff..580be73a47 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/authConfigs/memStorageAuthConfig.json @@ -9,7 +9,7 @@ "storeAuthStateInCookie": true }, "system": { - "allowNativeBroker": false + "allowPlatformBroker": false } }, "request": { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/testConfig.json b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/testConfig.json index fad64e9541..03e2e663d2 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/testConfig.json +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/customizable-e2e-test/testConfig.json @@ -1 +1 @@ -{"msalConfig":{"auth":{"clientId":"b5c2e510-4a17-4feb-b219-e55aa5b74144","authority":"https://login.microsoftonline.com/common"},"cache":{"cacheLocation":"memoryStorage","storeAuthStateInCookie":true},"system":{"allowNativeBroker":false}},"request":{"scopes":["User.Read"]}} \ No newline at end of file +{"msalConfig":{"auth":{"clientId":"b5c2e510-4a17-4feb-b219-e55aa5b74144","authority":"https://login.microsoftonline.com/common"},"cache":{"cacheLocation":"memoryStorage","storeAuthStateInCookie":true},"system":{"allowPlatformBroker":false}},"request":{"scopes":["User.Read"]}} \ No newline at end of file diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/Readme.md b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/Readme.md index 1fb9a6ba2e..2374f4995a 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/Readme.md +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/Readme.md @@ -1,19 +1,22 @@ # MSAL.js Sample - Authorization Code Flow for Non-Microsoft Identity Providers ## About this sample + This developer sample is used to demonstrate how to configure an app for use with non-Microsoft identity providers by using Facebook as an example. ## How to run the sample: -- Replace client ID with the app ID from the basic settings page of the app registration on the [Meta for Developers page](https://developers.facebook.com/). + +- Replace client ID with the app ID from the basic settings page of the app registration on the [Meta for Developers page](https://developers.facebook.com/). ## Important changes when using non-Microsoft identity providers -- You must change the authority in the config to an authority supported by the identity provider. Additionally, for non-Microsoft authorities, you must add the authority (without the https://) to the knownAuthorities parameter in the config. -- You must set the protocol mode to OIDC. -- You have the option of configuring different authentication options when using OIDC protocol mode. These are set in the OIDCOptions parameter. - - The `serverResponseType` parameter sets the format supported by MSAL for requests and server responses. Supported options are: - - `ServerResponseType.FRAGMENT` (for a hash fragment). If not set, MSAL defaults to `ServerResponseType.FRAGMENT`. If supported by the identity provider, we highly recommend using `ServerResponseType.FRAGMENT`. - - `ServerResponseType.QUERY` (for a query parameter). We recommend using `ServerResponseType.QUERY` only if the identity provider does not support sending server responses in a hash fragment. - - The `defaultScopes` parameter provides the option to override the default scopes sent by MSAL. If not set, it defaults to ["openid", "profile", "offline_access"]. If `defaultScopes` does not include "openid", MSAL will automatically add it for OIDC compliance. -- You have the option to manually configure endpoints used by the identity provider. If not set, MSAL will attempt to discover the endpoints. Manual endpoint configuration should be passed in a stringified JSON object and include issuer, authorization_endpoint, token_endpoint, jwks_uri, and (if available) end_session_endpoint. -- You must not set allowNativeBroker to true when using a non-Microsoft identity provider. -- If the identity provider does not have an end_session_endpoint, MSAL will not automatically redirect the page upon logout. \ No newline at end of file + +- You must change the authority in the config to an authority supported by the identity provider. Additionally, for non-Microsoft authorities, you must add the authority (without the https://) to the knownAuthorities parameter in the config. +- You must set the protocol mode to OIDC. +- You have the option of configuring different authentication options when using OIDC protocol mode. These are set in the OIDCOptions parameter. + - The `serverResponseType` parameter sets the format supported by MSAL for requests and server responses. Supported options are: + - `ServerResponseType.FRAGMENT` (for a hash fragment). If not set, MSAL defaults to `ServerResponseType.FRAGMENT`. If supported by the identity provider, we highly recommend using `ServerResponseType.FRAGMENT`. + - `ServerResponseType.QUERY` (for a query parameter). We recommend using `ServerResponseType.QUERY` only if the identity provider does not support sending server responses in a hash fragment. + - The `defaultScopes` parameter provides the option to override the default scopes sent by MSAL. If not set, it defaults to ["openid", "profile", "offline_access"]. If `defaultScopes` does not include "openid", MSAL will automatically add it for OIDC compliance. +- You have the option to manually configure endpoints used by the identity provider. If not set, MSAL will attempt to discover the endpoints. Manual endpoint configuration should be passed in a stringified JSON object and include issuer, authorization_endpoint, token_endpoint, jwks_uri, and (if available) end_session_endpoint. +- You must not set allowPlatformBroker to true when using a non-Microsoft identity provider. +- If the identity provider does not have an end_session_endpoint, MSAL will not automatically redirect the page upon logout. diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/authConfig.js index 336bf4d640..632d29ff65 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/facebook-sample/authConfig.js @@ -12,7 +12,7 @@ const msalConfig = { storeAuthStateInCookie: false, }, system: { - allowNativeBroker: false, + allowPlatformBroker: false, loggerOptions: { logLevel: msal.LogLevel.Trace, loggerCallback: (level, message, containsPii) => { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/instanceAware/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/instanceAware/authConfig.js index 000eda4b42..6159569f26 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/instanceAware/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/instanceAware/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources/authConfig.js index bfbb84d474..3038776d4c 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/navigateToLoginPage/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/navigateToLoginPage/authConfig.js index 26d3c72361..08c6c4055e 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/navigateToLoginPage/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/navigateToLoginPage/authConfig.js @@ -11,7 +11,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad/authConfig.js index 7460d61a38..9be86e1691 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad/authConfig.js @@ -10,7 +10,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/pop/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/pop/authConfig.js index 0eb1aab333..5acaef100b 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/pop/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/pop/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { logLevel: msal.LogLevel.Verbose, loggerCallback: (level, message, containsPii) => { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssh/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssh/authConfig.js index 1649064231..3fa9add64d 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssh/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssh/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent/authConfig.js index 5f6c4c97a9..edb316d3f4 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilentNoHint/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilentNoHint/authConfig.js index 5573e94ba8..8fbf4a41e9 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilentNoHint/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilentNoHint/authConfig.js @@ -9,7 +9,7 @@ const msalConfig = { storeAuthStateInCookie: false, // Set this to "true" if you are having issues on IE11 or Edge }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/wamBroker/authConfig.js b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/wamBroker/authConfig.js index 49ef682c3b..3714c6dd9b 100644 --- a/samples/msal-browser-samples/VanillaJSTestApp2.0/app/wamBroker/authConfig.js +++ b/samples/msal-browser-samples/VanillaJSTestApp2.0/app/wamBroker/authConfig.js @@ -34,7 +34,7 @@ const msalConfig = { }, logLevel: msal.LogLevel.Trace }, - allowNativeBroker: true // For demonstration purposes, allowNativeBroker is true by default as of MSAL Browser v3 + allowPlatformBroker: true // For demonstration purposes, allowPlatformBroker is true by default as of MSAL Browser v3 } }; diff --git a/samples/msal-react-samples/b2c-sample/src/authConfig.js b/samples/msal-react-samples/b2c-sample/src/authConfig.js index 59b3874de4..24ab6cff3b 100644 --- a/samples/msal-react-samples/b2c-sample/src/authConfig.js +++ b/samples/msal-react-samples/b2c-sample/src/authConfig.js @@ -46,7 +46,7 @@ export const msalConfig = { storeAuthStateInCookie: isIE || isEdge || isFirefox }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-react-samples/nextjs-sample/src/authConfig.js b/samples/msal-react-samples/nextjs-sample/src/authConfig.js index a8a2922d2a..41fa666d10 100644 --- a/samples/msal-react-samples/nextjs-sample/src/authConfig.js +++ b/samples/msal-react-samples/nextjs-sample/src/authConfig.js @@ -7,7 +7,7 @@ export const msalConfig = { postLogoutRedirectUri: "/" }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker } }; diff --git a/samples/msal-react-samples/react-router-sample/src/authConfig.js b/samples/msal-react-samples/react-router-sample/src/authConfig.js index 250cd8c533..c60c2b005a 100644 --- a/samples/msal-react-samples/react-router-sample/src/authConfig.js +++ b/samples/msal-react-samples/react-router-sample/src/authConfig.js @@ -24,7 +24,7 @@ export const msalConfig = { storeAuthStateInCookie: isIE || isEdge || isFirefox, }, system: { - allowNativeBroker: false, // Disables WAM Broker + allowPlatformBroker: false, // Disables WAM Broker loggerOptions: { loggerCallback: (level, message, containsPii) => { if (containsPii) { diff --git a/samples/msal-react-samples/typescript-sample/src/authConfig.ts b/samples/msal-react-samples/typescript-sample/src/authConfig.ts index 05175b7ff1..605c14cba2 100644 --- a/samples/msal-react-samples/typescript-sample/src/authConfig.ts +++ b/samples/msal-react-samples/typescript-sample/src/authConfig.ts @@ -6,19 +6,19 @@ export const msalConfig: Configuration = { clientId: "b5c2e510-4a17-4feb-b219-e55aa5b74144", authority: "https://login.microsoftonline.com/common", redirectUri: "/", - postLogoutRedirectUri: "/" + postLogoutRedirectUri: "/", }, system: { - allowNativeBroker: false // Disables WAM Broker - } + allowPlatformBroker: false, // Disables WAM Broker + }, }; // Add here scopes for id token to be used at MS Identity Platform endpoints. export const loginRequest: PopupRequest = { - scopes: ["User.Read"] + scopes: ["User.Read"], }; // Add here the endpoints for MS Graph API services you would like to use. export const graphConfig = { - graphMeEndpoint: "https://graph.microsoft.com/v1.0/me" + graphMeEndpoint: "https://graph.microsoft.com/v1.0/me", };