diff --git a/README.md b/README.md
index d6116bff2f..8461c18dd1 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ The [`lib`](https://github.com/AzureAD/microsoft-authentication-library-for-js/t
- [Refresh Token Grant](https://oauth.net/2/grant-types/refresh-token/)
- [Client Credential Grant](https://oauth.net/2/grant-types/client-credentials/) (Coming soon)
-- [Microsoft Authentication Library for JavaScript v2.x (Preview)](lib/msal-browser/): A browser-based, framework-agnostic browser library that enables authentication and token acquisition with the Microsoft Identity platform in JavaScript applications. Implements the OAuth 2.0 [Authorization Code Flow with PKCE](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow), and is [OpenID-compliant](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc).
+- [Microsoft Authentication Library for JavaScript v2.x](lib/msal-browser/): A browser-based, framework-agnostic browser library that enables authentication and token acquisition with the Microsoft Identity platform in JavaScript applications. Implements the OAuth 2.0 [Authorization Code Flow with PKCE](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow), and is [OpenID-compliant](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc).
- [Microsoft Authentication Library for JavaScript v1.x](lib/msal-core/): A browser-based, framework-agnostic core library that enables authentication and token acquisition with the Microsoft Identity platform in JavaScript applications. Implements the OAuth 2.0 [Implicit Grant Flow](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-implicit-grant-flow), and is [OpenID-compliant](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc).
diff --git a/lib/msal-browser/FAQ.md b/lib/msal-browser/FAQ.md
index 591a2a9508..0fc5cf5f11 100644
--- a/lib/msal-browser/FAQ.md
+++ b/lib/msal-browser/FAQ.md
@@ -14,4 +14,4 @@ We are currently working with the B2C service team to allow for authorization co
# Common Error Handling
-1. If you try to use Auth Code flow and see this error: `access to XMLHttpRequest at 'https://login.microsoftonline.com/common/v2.0/oauth2/token' from origin 'yourApp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.`, you will need to update your redirect URI to be tagged type 'spa' rather than type 'web'. You can do this in your app manifest or in the azure portal [comming soon].
+1. If you try to use Auth Code flow and see this error: `access to XMLHttpRequest at 'https://login.microsoftonline.com/common/v2.0/oauth2/token' from origin 'yourApp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.`, you will need to update your redirect URI to be tagged type 'spa' rather than type 'web'. You can do this in your app manifest or [in the Azure Portal](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration).
diff --git a/lib/msal-browser/README.md b/lib/msal-browser/README.md
index 5bcb431daf..32e535a26d 100644
--- a/lib/msal-browser/README.md
+++ b/lib/msal-browser/README.md
@@ -1,4 +1,4 @@
-# (Preview) Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications
+# Microsoft Authentication Library for JavaScript (MSAL.js) 2.0 for Browser-Based Single-Page Applications
[](https://www.npmjs.com/package/@azure/msal-browser/)[](https://nodei.co/npm/@azure/msal-browser/)[](https://coveralls.io/github/AzureAD/microsoft-authentication-library-for-js?branch=dev)
| Getting Started | AAD Docs | Library Reference |
@@ -24,16 +24,12 @@
**Important:** MSAL.js 2.0 with Authorization Code Flow is **not** yet available for B2C tenants (coming soon).
-Want to join our Private Preview and test out the lastest changes to the Azure Portal? Fill out [this form]( https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR_XA414hlD9MhfBiqanxI2JUOElQMk1LUjNBWDY4R0w3MFlPR0FIMkxMVC4u).
-
The MSAL library for JavaScript enables client-side JavaScript applications to authenticate users using [Azure AD](https://docs.microsoft.com/azure/active-directory/develop/v2-overview) work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through [Azure AD B2C](https://docs.microsoft.com/azure/active-directory-b2c/active-directory-b2c-overview#identity-providers) service. It also enables your app to get tokens to access [Microsoft Cloud](https://www.microsoft.com/enterprise) services such as [Microsoft Graph](https://graph.microsoft.io).
The `@azure/msal-browser` package described by the code in this folder uses the [`@azure/msal-common` package](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-common) as a dependency to enable authentication in Javascript Single-Page Applications without backend servers. This version of the library uses the OAuth 2.0 Authorization Code Flow with PKCE. To read more about this protocol, as well as the differences between implicit flow and authorization code flow, see the section [below](#implicit-flow-vs-authorization-code-flow-with-pkce). If you are looking for the version of the library that uses the implicit flow, please see the [`msal-core` library](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-core).
This is an improvement upon the current `msal-core` library which will utilize the authorization code flow in the browser. Most features available in the old library will be available in this one, but there are nuances to the authentication flow in both. The `@azure/msal-browser` package does NOT support the implicit flow.
-**IMPORTANT:** Please be aware that this is not a production ready library. We are making changes in the [Azure portal](https://azure.microsoft.com/en-us/features/azure-portal/) to ensure we can deliver a polished end-to-end experience.
-
## FAQ
See [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/FAQ.md).
@@ -44,16 +40,16 @@ See [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/bl
| Date | Release | Announcement | Main features |
| ------| ------- | ---------| --------- |
-| July 20th, 2020 (Tentative) | @azure/msal-browser v2.0.0 | No release notes yet | Full version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0 |
-| May 11, 2020 | @azure/msal-browser v2.0.0-beta | No release notes yet | Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta |
-| January 17, 2020 | @azure/msal-browser v2.0.0-alpha | No release notes yet | Alpha version of the `@azure/msal-browser` package with authorization code flow for SPAs working in dev; relies on msal-common v1.0.0-alpha |
+| | @azure/msal-browser v2.1.0 | | Throttling, Client and Server Telemetry, Access Token Proof-of-Possession (Tentative) |
+| July 20th, 2020 | @azure/msal-browser v2.0.0 | [Release Notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-browser-v2.0.0) | Full version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0 |
+| May 11, 2020 | @azure/msal-browser v2.0.0-beta | No release notes | Beta version of the `@azure/msal-browser` package; relies on `@azure/msal-common` v1.0.0-beta |
+| January 17, 2020 | @azure/msal-browser v2.0.0-alpha | No release notes | Alpha version of the `@azure/msal-browser` package with authorization code flow for SPAs working in dev; relies on msal-common v1.0.0-alpha |
## Prerequisites
- `@azure/msal-browser` is meant to be used in [Single-Page Application scenarios](https://docs.microsoft.com/azure/active-directory/develop/scenario-spa-overview).
-- Before using `@azure/msal-browser` you will need to [register a Single Page Application in Azure AD](hhttps://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.
-
+- Before using `@azure/msal-browser` you will need to [register a Single Page Application in Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/develop/scenario-spa-app-registration) to get a valid `clientId` for configuration, and to register the routes that your app will accept redirect traffic on.
## Installation
### Via NPM:
@@ -61,33 +57,21 @@ See [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/bl
npm install @azure/msal-browser
```
### Via CDN (with SRI Hash):
+
+See [here](./docs/cdn-usage.md) for more info on how to use this package from the Microsoft CDN.
+
+### Compiled
+
```javascript
-
-```
-```javascript
-
-```
-```javascript
-
-```
-```javascript
-
-```
-### Via CDN (minified JavaScript with SRI Hash):
-```javascript
-
-```
-```javascript
-
-```
-```javascript
-
+
```
+
+### Minified
+
```javascript
-
+
```
-
## Usage
### Migrating from Previous MSAL Versions
@@ -120,11 +104,12 @@ Here is a complete list of samples for the MSAL.js 2.x library:
| Sample | Description | How to Run |
| ------ | ----------- | ---------- |
+| [TypeScript Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/TypescriptTestApp2.0) | A TypeScript sample showing usage of MSAL 2.0 with the Microsoft Graph API. | `npm start` |
| [Basic Auth Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/default) | A vanilla Javascript sample showing basic usage of the MSAL 2.0 library (`@azure/msal-browser` package) with the Microsoft Graph API. | `npm start -- -s default` |
| [Multiple Resources Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/multipleResources) | A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. | `npm start -- -s multipleResources` |
| [On Page Load Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/onPageLoad) | A vanilla JS sample showing usage of MSAL 2.0 with authentication on page load with a redirect. | `npm start -- -s onPageLoad` |
| [ssoSilent() Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/app/ssoSilent) | A vanilla JS sample showing usage of the ssoSilent API, allowing you to sign in a user silently if a context exists on the authentication server. | `npm start -- -s ssoSilent` |
-| [TypeScript Sample](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-browser-samples/TypescriptTestApp2.0) | A TypeScript sample showing usage of MSAL 2.0 with the Microsoft Graph API. | `npm start` |
+| [Internet Explorer 11 Sample]() | A vanilla JS sample showing usage of `@azure/msal-browser` in an application designed to run in Internet Explorer 11. | `npm start -- -s ie11-sample` |
More instructions to run the samples can be found in the [`README.md` file](https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/samples/msal-browser-samples/VanillaJSTestApp2.0/Readme.md) of the VanillaJSTestApp2.0 folder.
diff --git a/lib/msal-browser/docs/cdn-usage.md b/lib/msal-browser/docs/cdn-usage.md
index e69de29bb2..062b84cfc4 100644
--- a/lib/msal-browser/docs/cdn-usage.md
+++ b/lib/msal-browser/docs/cdn-usage.md
@@ -0,0 +1,68 @@
+# CDN Usage for @azure/msal-browser
+
+The `@azure/msal-browser` package is available through CDN if you do not wish to use the npm released version. Please be aware that our CDN releases are a bit slower than our npm releases and may require a few more days before they are available here.
+
+## Release CDN URLs and SRI Hash
+
+### Compiled
+
+Version | CDN URL | SRI Hash
+--------------- | ------- | ---------------------------
+2.0.0-beta.4 | https://alcdn.msauth.net/browser/2.0.0-beta.4/js/msal-browser.js | sha384-7sxY2tN3GMVE5jXH2RL9AdbO6s46vUh9lUid4yNCHJMUzDoj+0N4ve6rLOmR88yN
+2.0.0-beta.3 | https://alcdn.msauth.net/browser/2.0.0-beta.3/js/msal-browser.js | sha384-iKgpFzdbMAsg695JG+EmHleQe5gRjoAAixuMf0jfM7pCOVuGqhyBuXO1Ai71fixx
+2.0.0-beta.2 | https://alcdn.msauth.net/browser/2.0.0-beta.2/js/msal-browser.js | sha384-CEQpk7EG1PVKCHHdoQzDdR5uU7nJ1PLlcdx1s7vi8Ta/Pndhr04imhqCUkZGimOj
+2.0.0-beta.0 | https://alcdn.msauth.net/browser/2.0.0-beta.0/js/msal-browser.js | sha384-r7Qxfs6PYHyfoBR6zG62DGzptfLBxnREThAlcJyEfzJ4dq5rqExc1Xj3TPFE/9TH
+
+### Minified
+
+Version | CDN URL | SRI Hash
+--------------- | ------- | ---------------------------
+2.0.0-beta.4 | https://alcdn.msauth.net/browser/2.0.0-beta.4/js/msal-browser.min.js | sha384-j9+OYwF1QFM1A8/DNvWKqvTw+bc5alOXQ7IA2WvGAcLLLpN/tK9XRTbJtlTiSFJI
+2.0.0-beta.3 | https://alcdn.msauth.net/browser/2.0.0-beta.3/js/msal-browser.min.js | sha384-X2nv+6ViZGj+UCfGAbimHAXpBEAi0RA6GWuqCckbMLU5jVr8uDjf6pGUvTkq7wME
+2.0.0-beta.2 | https://alcdn.msauth.net/browser/2.0.0-beta.2/js/msal-browser.min.js | sha384-O3n9nwTefR6cSLikBQsCDYke2pWL5YWluwvp0RgGe+VK2eU0+RJC1cmMow5jD1OE
+2.0.0-beta.0 | https://alcdn.msauth.net/browser/2.0.0-beta.0/js/msal-browser.min.js | sha384-OV4a42kPPZv7IxRWcyqoLn9Ohs0g1WXejuNceZxAE9usAfLVFBcdre9yqo4I03VN
+
+## Installation Via CDN (with SRI Hash):
+MSAL is available in a compiled umd format, and also includes a minified/uglified version.
+
+You can include the `msal-browser.js` or the `msal-browser.min.js` files by adding the one of following script tags:
+
+### Compiled
+
+```javascript
+
+```
+
+### Minified
+
+```javascript
+
+```
+
+### Notes
+- [Subresource Integrity (SRI)](https://developer.mozilla.org/docs/Web/Security/Subresource_Integrity) attributes are optional in the script tag, but we recommend including the SRI Hash with all script tags when using `msal.js` or `msal.min.js` (including when using a third-party CDN). When providing the SRI Hash, you *must* also provide the `crossorigin="anonymous"` field in the same tag.
+- All hashes are unique to the version of MSAL. You can find the previous hashes [below]().
+
+
+### Alternate region URLs
+
+To help ensure reliability, Microsoft provides a second CDN:
+
+```html
+
+```
+
+```html
+
+```
+
+Below is an example of how to use one CDN as a fallback when the other CDN is not working:
+
+```html
+
+
+```
+
+**Note:** This method of using `document.write` may be blocked in certain browsers in certain situations. More information can be found [here](https://www.chromestatus.com/feature/5718547946799104).
diff --git a/lib/msal-browser/package.json b/lib/msal-browser/package.json
index 6ffb22277f..933728e0f1 100644
--- a/lib/msal-browser/package.json
+++ b/lib/msal-browser/package.json
@@ -97,6 +97,6 @@
"typescript": "^3.8.3"
},
"dependencies": {
- "@azure/msal-common": "1.0.0-beta.4"
+ "@azure/msal-common": "1.0.0"
}
}
diff --git a/lib/msal-browser/src/app/PublicClientApplication.ts b/lib/msal-browser/src/app/PublicClientApplication.ts
index ac97c6dd53..866ad37874 100644
--- a/lib/msal-browser/src/app/PublicClientApplication.ts
+++ b/lib/msal-browser/src/app/PublicClientApplication.ts
@@ -121,7 +121,7 @@ export class PublicClientApplication implements IPublicClientApplication {
* Event handler function which allows users to fire events after the PublicClientApplication object
* has loaded during redirect flows. This should be invoked on all page loads involved in redirect
* auth flows.
- * @returns token response or null. If the return value is null, then no auth redirect was detected.
+ * @returns {Promise.} token response or null. If the return value is null, then no auth redirect was detected.
*/
async handleRedirectPromise(): Promise {
return this.handleRedirectResponse();
@@ -142,12 +142,14 @@ export class PublicClientApplication implements IPublicClientApplication {
const currentUrlNormalized = UrlString.removeHashFromUrl(window.location.href);
const loginRequestUrlNormalized = UrlString.removeHashFromUrl(loginRequestUrl || "");
if (loginRequestUrlNormalized === currentUrlNormalized && this.config.auth.navigateToLoginRequestUrl) {
+ // We are on the page we need to navigate to - handle hash
// Replace current hash with non-msal hash, if present
BrowserUtils.replaceHash(loginRequestUrl);
return this.handleHash(isResponseHash ? hash : cachedHash);
}
if (!this.config.auth.navigateToLoginRequestUrl) {
+ // We don't need to navigate - handle hash
BrowserUtils.clearHash();
return this.handleHash(isResponseHash ? hash : cachedHash);
}
@@ -195,7 +197,7 @@ export class PublicClientApplication implements IPublicClientApplication {
* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
*
- * @param {@link (AuthenticationParameters:type)}
+ * @param {@link (RedirectRequest:type)}
*/
async loginRedirect(request: RedirectRequest): Promise {
return this.acquireTokenRedirect(request);
@@ -207,9 +209,8 @@ export class PublicClientApplication implements IPublicClientApplication {
*
* IMPORTANT: It is NOT recommended to have code that is dependent on the resolution of the Promise. This function will navigate away from the current
* browser window. It currently returns a Promise in order to reflect the asynchronous nature of the code running in this function.
- * @param {@link (AuthenticationParameters:type)}
*
- * To acquire only idToken, please pass clientId as the only scope in the Authentication Parameters
+ * @param {@link (RedirectRequest:type)}
*/
async acquireTokenRedirect(request: RedirectRequest): Promise {
try {
@@ -244,7 +245,7 @@ export class PublicClientApplication implements IPublicClientApplication {
/**
* Use when initiating the login process via opening a popup window in the user's browser
*
- * @param {@link (AuthenticationParameters:type)}
+ * @param {@link (PopupRequest:type)}
*
* @returns {Promise.} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
*/
@@ -254,9 +255,8 @@ export class PublicClientApplication implements IPublicClientApplication {
/**
* Use when you want to obtain an access_token for your API via opening a popup window in the user's browser
- * @param {@link AuthenticationParameters}
+ * @param {@link (PopupRequest:type)}
*
- * To acquire only idToken, please pass clientId as the only scope in the Authentication Parameters
* @returns {Promise.} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
*/
async acquireTokenPopup(request: PopupRequest): Promise {
@@ -313,7 +313,6 @@ export class PublicClientApplication implements IPublicClientApplication {
* you session on the server still exists.
* @param {@link AuthorizationUrlRequest}
*
- * To renew idToken, please pass clientId as the only scope in the Authentication Parameters.
* @returns {Promise.} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
*/
async ssoSilent(request: AuthorizationUrlRequest): Promise {
@@ -357,7 +356,7 @@ export class PublicClientApplication implements IPublicClientApplication {
* MSAL return's a cached token when available
* Or it send's a request to the STS to obtain a new token using a refresh token.
*
- * @param {@link AuthenticationParameters}
+ * @param {@link (SilentRequest:type)}
*
* To renew idToken, please pass clientId as the only scope in the Authentication Parameters
* @returns {Promise.} - a promise that is fulfilled when this function has completed, or rejected if an error was raised. Returns the {@link AuthResponse} object
@@ -434,7 +433,7 @@ export class PublicClientApplication implements IPublicClientApplication {
/**
* Use to log out the current user, and redirect the user to the postLogoutRedirectUri.
* Default behaviour is to redirect the user to `window.location.href`.
- * @param logoutRequest
+ * @param {@link (EndSessionRequest:type)}
*/
async logout(logoutRequest?: EndSessionRequest): Promise {
const validLogoutRequest = this.initializeLogoutRequest(logoutRequest);
@@ -452,7 +451,7 @@ export class PublicClientApplication implements IPublicClientApplication {
* Returns all accounts that MSAL currently has data for.
* (the account object is created at the time of successful login)
* or null when no state is found
- * @returns {@link IAccount[]} - Array of account objects in cache
+ * @returns {@link AccountInfo[]} - Array of account objects in cache
*/
getAllAccounts(): AccountInfo[] {
return this.browserStorage.getAllAccounts();
@@ -462,7 +461,7 @@ export class PublicClientApplication implements IPublicClientApplication {
* Returns the signed in account matching username.
* (the account object is created at the time of successful login)
* or null when no state is found
- * @returns {@link IAccount} - the account object stored in MSAL
+ * @returns {@link AccountInfo} - the account object stored in MSAL
*/
getAccountByUsername(userName: string): AccountInfo {
const allAccounts = this.getAllAccounts();
diff --git a/lib/msal-browser/src/config/Configuration.ts b/lib/msal-browser/src/config/Configuration.ts
index 0b70abb2e5..c7765cc28f 100644
--- a/lib/msal-browser/src/config/Configuration.ts
+++ b/lib/msal-browser/src/config/Configuration.ts
@@ -10,6 +10,17 @@ import { BrowserConstants } from "../utils/BrowserConstants";
const DEFAULT_POPUP_TIMEOUT_MS = 60000;
const DEFAULT_IFRAME_TIMEOUT_MS = 6000;
+/**
+ * Use this to configure the auth options in the Configuration object
+ *
+ * - clientId - Client ID of your app registered with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview in Microsoft Identity Platform
+ * - authority - You can configure a specific authority, defaults to " " or "https://login.microsoftonline.com/common"
+ * - knownAuthorities - An array of URIs that are known to be valid. Used in B2C scenarios.
+ * - cloudDiscoveryMetadata - A string containing the cloud discovery response. Used in AAD scenarios.
+ * - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
+ * - postLogoutRedirectUri - The redirect URI where the window navigates after a successful logout.
+ * - navigateToLoginRequestUrl - Boolean indicating whether to navigate to the original request URL after the auth server navigates to the redirect URL.
+ */
export type BrowserAuthOptions = {
clientId: string;
authority?: string;
@@ -29,16 +40,17 @@ export type BrowserAuthOptions = {
export type CacheOptions = {
cacheLocation?: string;
storeAuthStateInCookie?: boolean;
- storeInMemory?: boolean;
};
/**
* Library Specific Options
*
- * - logger - Used to initialize the Logger object; TODO: Expand on logger details or link to the documentation on logger
+ * - tokenRenewalOffsetSeconds - Sets the window of offset needed to renew the token before expiry
+ * - loggerOptions - Used to initialize the Logger object (See ClientConfiguration.ts)
+ * - networkClient - Network interface implementation
+ * - windowHashTimeout - sets the timeout for waiting for a response hash in a popup
+ * - iframeHashTimeout - sets the timeout for waiting for a response hash in an iframe
* - loadFrameTimeout - maximum time the library should wait for a frame to load
- * - windowHashTimeout - sets the wait time for hidden iFrame navigation
- * - tokenRenewalOffsetSeconds - sets the window of offset needed to renew the token before expiry
*/
export type BrowserSystemOptions = SystemOptions & {
loggerOptions?: LoggerOptions;
diff --git a/lib/msal-browser/src/request/SilentRequest.ts b/lib/msal-browser/src/request/SilentRequest.ts
index 5cd119b58a..1a0a34d38b 100644
--- a/lib/msal-browser/src/request/SilentRequest.ts
+++ b/lib/msal-browser/src/request/SilentRequest.ts
@@ -15,7 +15,7 @@ import { SilentFlowRequest } from "@azure/msal-common";
* - correlationId - Unique GUID set per request to trace a request end-to-end for telemetry purposes.
* - account - Account entity to lookup the credentials.
* - forceRefresh - Forces silent requests to make network calls if true.
- * - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal.
+ * - redirectUri - The redirect URI where authentication responses can be received by your application. It must exactly match one of the redirect URIs registered in the Azure portal. Only used for cases where refresh token is expired.
*/
export type SilentRequest = SilentFlowRequest & {
redirectUri?: string;
diff --git a/lib/msal-common/README.md b/lib/msal-common/README.md
index 6507a91208..029b16a6f6 100644
--- a/lib/msal-common/README.md
+++ b/lib/msal-common/README.md
@@ -1,4 +1,4 @@
-# (Preview) Microsoft Authentication Library for JavaScript (MSAL.js) Common Package
+# Microsoft Authentication Library for JavaScript (MSAL.js) Common Protocols Package
[](https://www.npmjs.com/package/@azure/msal-common/)[](https://nodei.co/npm/@azure/msal-common/)[](https://coveralls.io/github/AzureAD/microsoft-authentication-library-for-js?branch=dev)
| Getting Started | AAD Docs | Library Reference |
@@ -17,7 +17,7 @@
The MSAL library for JavaScript enables client-side JavaScript applications to authenticate users using [Azure AD](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-overview) work and school accounts (AAD), Microsoft personal accounts (MSA) and social identity providers like Facebook, Google, LinkedIn, Microsoft accounts, etc. through [Azure AD B2C](https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-overview#identity-providers) service. It also enables your app to get tokens to access [Microsoft Cloud](https://www.microsoft.com/enterprise) services such as [Microsoft Graph](https://graph.microsoft.io).
-The `@azure/msal-common` package described by the code in this folder serves as a common package dependency for the `@azure/msal-browser` package (and in the future, the msal-node package). **It is not meant for production consumption by itself.**
+The `@azure/msal-common` package described by the code in this folder serves as a common package dependency for the `@azure/msal-browser` package (and in the future, the msal-node package). Be aware that this is an internal library, and is subject to frequent change. **It is not meant for production consumption by itself.**
## FAQ
@@ -29,7 +29,7 @@ See [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/bl
| Date | Release | Announcement | Main features |
| ------| ------- | ---------| --------- |
-| July 13, 2020 (Tentative) | @azure/msal-common v2.0.0 | Full release version of the `@azure/msal-common` |
+| July 20, 2020 | @azure/msal-common v2.0.0 | [Release Notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases/tag/msal-common-v1.0.0) | Full release version of the `@azure/msal-common` |
| May 11, 2020 | @azure/msal-common v2.0.0-beta | Beta version of the `@azure/msal-common` package |
| January 17, 2020 | @azure/msal-common v1.0.0-alpha | No release notes yet | Alpha version of the `@azure/msal-common` package with authorization code flow for SPAs working in dev. |
@@ -37,6 +37,7 @@ See [here](https://github.com/AzureAD/microsoft-authentication-library-for-js/bl
This library is not meant for production use. Please use one of these packages specific to the platform you are developing for:
- [MSAL for Single Page Applications (SPAs)](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-browser)
+- [MSAL for Node.js](https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/lib/msal-node)
## Installation
### Via NPM:
diff --git a/lib/msal-common/changelog.md b/lib/msal-common/changelog.md
index 352c4b5f21..b0497b91f0 100644
--- a/lib/msal-common/changelog.md
+++ b/lib/msal-common/changelog.md
@@ -1,3 +1,14 @@
+# 1.0.0
+## Breaking Changes
+- None
+
+## Features and Fixes
+- Fixed an issue where scopes were being made lower case before being sent to the service (#1961)
+- Fix an issue where token values were replaced with undefined if not sent by server (#1946)
+- Fix an issue where cache lookup for accounts was not working correctly (#1919)
+- Removed TelemetryOptions from msal-common since they were unused (#1983)
+- Add a response handler for the device code flow (#1947)
+
# 1.0.0-beta.4
## Breaking Changes
- None
diff --git a/lib/msal-common/package-lock.json b/lib/msal-common/package-lock.json
index dd1277e75a..d3b49c7c06 100644
--- a/lib/msal-common/package-lock.json
+++ b/lib/msal-common/package-lock.json
@@ -1,6 +1,6 @@
{
"name": "@azure/msal-common",
- "version": "1.0.0-beta.4",
+ "version": "1.0.0",
"lockfileVersion": 1,
"requires": true,
"dependencies": {
diff --git a/lib/msal-common/package.json b/lib/msal-common/package.json
index 6d422979ea..da7d3aca49 100644
--- a/lib/msal-common/package.json
+++ b/lib/msal-common/package.json
@@ -10,7 +10,7 @@
"type": "git",
"url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
},
- "version": "1.0.0-beta.4",
+ "version": "1.0.0",
"description": "Microsoft Authentication Library for js",
"keywords": [
"implicit",
diff --git a/lib/msal-common/src/config/ClientConfiguration.ts b/lib/msal-common/src/config/ClientConfiguration.ts
index e668be15f8..89b50d95cb 100644
--- a/lib/msal-common/src/config/ClientConfiguration.ts
+++ b/lib/msal-common/src/config/ClientConfiguration.ts
@@ -38,7 +38,7 @@ export type ClientConfiguration = {
};
/**
- * Use this to configure the auth options in the Configuration object
+ * Use this to configure the auth options in the ClientConfiguration object
*
* - clientId - Client ID of your app registered with our Application registration portal : https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredAppsPreview in Microsoft Identity Platform
* - authority - You can configure a specific authority, defaults to " " or "https://login.microsoftonline.com/common"
diff --git a/lib/msal-node/package.json b/lib/msal-node/package.json
index caa41fa12d..807d33d772 100644
--- a/lib/msal-node/package.json
+++ b/lib/msal-node/package.json
@@ -74,7 +74,7 @@
"typescript": "^3.8.3"
},
"dependencies": {
- "@azure/msal-common": "1.0.0-beta.4",
+ "@azure/msal-common": "1.0.0",
"axios": "^0.19.2",
"debug": "^4.1.1"
}