From 0cbfb123e7241833a4c9592c35e735cb0de716a8 Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Fri, 18 Jun 2021 13:56:02 -0700 Subject: [PATCH 1/8] Add prompt=create to common , browser, and node --- lib/msal-browser/src/request/PopupRequest.ts | 1 + lib/msal-browser/src/request/RedirectRequest.ts | 1 + lib/msal-browser/src/request/SsoSilentRequest.ts | 1 + lib/msal-common/src/error/ClientConfigurationError.ts | 2 +- lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts | 1 + lib/msal-common/src/request/RequestValidator.ts | 3 ++- lib/msal-common/src/utils/Constants.ts | 1 + lib/msal-common/test/request/RequestValidator.spec.ts | 3 +++ lib/msal-node/src/request/AuthorizationUrlRequest.ts | 1 + 9 files changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/msal-browser/src/request/PopupRequest.ts b/lib/msal-browser/src/request/PopupRequest.ts index a37806d8e6..ec5394e6b5 100644 --- a/lib/msal-browser/src/request/PopupRequest.ts +++ b/lib/msal-browser/src/request/PopupRequest.ts @@ -20,6 +20,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common"; * none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error * consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app * select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account + * create: will direct the user to the account creation experience instead of the log in experience * - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. * - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens. * - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant. diff --git a/lib/msal-browser/src/request/RedirectRequest.ts b/lib/msal-browser/src/request/RedirectRequest.ts index 6b1517d231..5c6356c86d 100644 --- a/lib/msal-browser/src/request/RedirectRequest.ts +++ b/lib/msal-browser/src/request/RedirectRequest.ts @@ -20,6 +20,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common"; * none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error * consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app * select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account + * create: will direct the user to the account creation experience instead of the log in experience * - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. * - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens. * - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant. diff --git a/lib/msal-browser/src/request/SsoSilentRequest.ts b/lib/msal-browser/src/request/SsoSilentRequest.ts index 0252cf6bb2..3d74e5a62f 100644 --- a/lib/msal-browser/src/request/SsoSilentRequest.ts +++ b/lib/msal-browser/src/request/SsoSilentRequest.ts @@ -20,6 +20,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common"; * none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error * consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app * select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account + * create: will direct the user to the account creation experience instead of the log in experience * - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. * - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens. * - domainHint - Provides a hint about the tenant or domain that the user should use to sign in. The value of the domain hint is a registered domain for the tenant. diff --git a/lib/msal-common/src/error/ClientConfigurationError.ts b/lib/msal-common/src/error/ClientConfigurationError.ts index d5cd578a99..3d94572a59 100644 --- a/lib/msal-common/src/error/ClientConfigurationError.ts +++ b/lib/msal-common/src/error/ClientConfigurationError.ts @@ -47,7 +47,7 @@ export const ClientConfigurationErrorMessage = { }, invalidPrompt: { code: "invalid_prompt_value", - desc: "Supported prompt values are 'login', 'select_account', 'consent' and 'none'. Please see here for valid configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options", + desc: "Supported prompt values are 'login', 'select_account', 'consent', 'create' and 'none'. Please see here for valid configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options", }, invalidClaimsRequest: { code: "invalid_claims", diff --git a/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts b/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts index 2a5e583647..539591f90a 100644 --- a/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts +++ b/lib/msal-common/src/request/CommonAuthorizationUrlRequest.ts @@ -26,6 +26,7 @@ import { AccountInfo } from "../account/AccountInfo"; * none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error * consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app * select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account + * create: will direct the user to the account creation experience instead of the log in experience * - account - AccountInfo obtained from a getAccount API. Will be used in certain scenarios to generate login_hint if both loginHint and sid params are not provided. * - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. * - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens. diff --git a/lib/msal-common/src/request/RequestValidator.ts b/lib/msal-common/src/request/RequestValidator.ts index 46ba3f2116..ee6493dd79 100644 --- a/lib/msal-common/src/request/RequestValidator.ts +++ b/lib/msal-common/src/request/RequestValidator.ts @@ -33,7 +33,8 @@ export class RequestValidator { PromptValue.LOGIN, PromptValue.SELECT_ACCOUNT, PromptValue.CONSENT, - PromptValue.NONE + PromptValue.NONE, + PromptValue.CREATE ].indexOf(prompt) < 0 ) { throw ClientConfigurationError.createInvalidPromptError(prompt); diff --git a/lib/msal-common/src/utils/Constants.ts b/lib/msal-common/src/utils/Constants.ts index 766b632457..927d3d2468 100644 --- a/lib/msal-common/src/utils/Constants.ts +++ b/lib/msal-common/src/utils/Constants.ts @@ -152,6 +152,7 @@ export const PromptValue = { SELECT_ACCOUNT: "select_account", CONSENT: "consent", NONE: "none", + CREATE: "create" }; /** diff --git a/lib/msal-common/test/request/RequestValidator.spec.ts b/lib/msal-common/test/request/RequestValidator.spec.ts index ed2584a90c..2abda3aee6 100644 --- a/lib/msal-common/test/request/RequestValidator.spec.ts +++ b/lib/msal-common/test/request/RequestValidator.spec.ts @@ -29,6 +29,9 @@ describe("RequestValidator unit tests", () => { it("PromptValue none", () => { RequestValidator.validatePrompt(PromptValue.NONE); }); + it("PromptValue create", () => { + RequestValidator.validatePrompt(PromptValue.CREATE); + }); it("Throws InvalidPromptError if invalid prompt value passed in", () => { expect(function() { RequestValidator.validatePrompt("")}).toThrowError(ClientConfigurationError.createInvalidPromptError("").message); }); diff --git a/lib/msal-node/src/request/AuthorizationUrlRequest.ts b/lib/msal-node/src/request/AuthorizationUrlRequest.ts index 88f93c6ef9..3a01fcc22c 100644 --- a/lib/msal-node/src/request/AuthorizationUrlRequest.ts +++ b/lib/msal-node/src/request/AuthorizationUrlRequest.ts @@ -23,6 +23,7 @@ import { CommonAuthorizationUrlRequest } from "@azure/msal-common"; * none: will ensure that the user isn't presented with any interactive prompt. if request can't be completed via single-sign on, the endpoint will return an interaction_required error * consent: will the trigger the OAuth consent dialog after the user signs in, asking the user to grant permissions to the app * select_account: will interrupt single sign-=on providing account selection experience listing all the accounts in session or any remembered accounts or an option to choose to use a different account + * create: will direct the user to the account creation experience instead of the log in experience * - account - AccountInfo obtained from a getAccount API. Will be used in certain scenarios to generate login_hint if both loginHint and sid params are not provided. * - loginHint - Can be used to pre-fill the username/email address field of the sign-in page for the user, if you know the username/email address ahead of time. Often apps use this parameter during re-authentication, having already extracted the username from a previous sign-in using the preferred_username claim. * - sid - Session ID, unique identifier for the session. Available as an optional claim on ID tokens. From c9314cedfe08b643e43e358243dc7f49253f77ef Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Fri, 18 Jun 2021 14:02:30 -0700 Subject: [PATCH 2/8] Change files --- ...-msal-browser-bf0e766c-c6d5-4ff6-a66d-d53d481f580c.json | 7 +++++++ ...e-msal-common-1e46607b-b77c-4acf-bcfa-7b69e8445136.json | 7 +++++++ ...ure-msal-node-e93b60f1-3b0f-4d5d-8e11-f68e45041dfb.json | 7 +++++++ 3 files changed, 21 insertions(+) create mode 100644 change/@azure-msal-browser-bf0e766c-c6d5-4ff6-a66d-d53d481f580c.json create mode 100644 change/@azure-msal-common-1e46607b-b77c-4acf-bcfa-7b69e8445136.json create mode 100644 change/@azure-msal-node-e93b60f1-3b0f-4d5d-8e11-f68e45041dfb.json diff --git a/change/@azure-msal-browser-bf0e766c-c6d5-4ff6-a66d-d53d481f580c.json b/change/@azure-msal-browser-bf0e766c-c6d5-4ff6-a66d-d53d481f580c.json new file mode 100644 index 0000000000..f33b3d21d5 --- /dev/null +++ b/change/@azure-msal-browser-bf0e766c-c6d5-4ff6-a66d-d53d481f580c.json @@ -0,0 +1,7 @@ +{ + "type": "none", + "comment": "Add support for prompt=create #3773", + "packageName": "@azure/msal-browser", + "email": "joarroyo@microsoft.com", + "dependentChangeType": "none" +} diff --git a/change/@azure-msal-common-1e46607b-b77c-4acf-bcfa-7b69e8445136.json b/change/@azure-msal-common-1e46607b-b77c-4acf-bcfa-7b69e8445136.json new file mode 100644 index 0000000000..e85d593b7c --- /dev/null +++ b/change/@azure-msal-common-1e46607b-b77c-4acf-bcfa-7b69e8445136.json @@ -0,0 +1,7 @@ +{ + "type": "minor", + "comment": "Add support for prompt=create #3773", + "packageName": "@azure/msal-common", + "email": "joarroyo@microsoft.com", + "dependentChangeType": "patch" +} diff --git a/change/@azure-msal-node-e93b60f1-3b0f-4d5d-8e11-f68e45041dfb.json b/change/@azure-msal-node-e93b60f1-3b0f-4d5d-8e11-f68e45041dfb.json new file mode 100644 index 0000000000..0deb9905be --- /dev/null +++ b/change/@azure-msal-node-e93b60f1-3b0f-4d5d-8e11-f68e45041dfb.json @@ -0,0 +1,7 @@ +{ + "type": "none", + "comment": "Add support for prompt=create #3773", + "packageName": "@azure/msal-node", + "email": "joarroyo@microsoft.com", + "dependentChangeType": "none" +} From 339d099c6beb97e30b7108b2d7073969524afa56 Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Wed, 23 Jun 2021 15:12:57 -0700 Subject: [PATCH 3/8] Update FAQs to include information about self-service sign-up --- lib/msal-browser/FAQ.md | 3 +++ lib/msal-node/docs/faq.md | 3 +++ 2 files changed, 6 insertions(+) diff --git a/lib/msal-browser/FAQ.md b/lib/msal-browser/FAQ.md index aec2ecc159..468ad70f6f 100644 --- a/lib/msal-browser/FAQ.md +++ b/lib/msal-browser/FAQ.md @@ -133,6 +133,9 @@ Simply set your `authority` in your MSAL app configuration to **consumers** tena Currently the msal-browser package is designed for Single-Page Applications that are handling all authentication through the browser client. We have not yet optimized this to work with server-side components. As such, requests to retrieve the authorization code from the first leg of the flow can't be met currently. We are currently working on an [implementation of msal that will run in node libraries](https://github.com/AzureAD/microsoft-authentication-library-for-js/projects/4), and as part of that we will explore options to make msal-browser work with server-side components. +## How do I implement self-service sign-up? +MSAL Browser supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_browser.html#popuprequest) for descriptions of prompt values in the request and their expected outcomes, and [here](https://docs.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-overview) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. + # Single Sign-On ## How to get single sign-on in my application with MSAL.js? diff --git a/lib/msal-node/docs/faq.md b/lib/msal-node/docs/faq.md index c069ceceab..0cec467db3 100644 --- a/lib/msal-node/docs/faq.md +++ b/lib/msal-node/docs/faq.md @@ -45,6 +45,9 @@ If you want to work around this, please note: - **Yarn**: Pass the `--ignore-engines` flag to the `yarn` command. - **npm**: Add `engine-strict=false` to your .npmrc file. +### How do I implement self-service sign-up with MSAL Node? +MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_node.html#authorizationurlrequest) for descriptions of prompt values in the request and their expected outcomes, and [here](https://docs.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-overview) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. + ## B2C ### How do I handle the password-reset user-flow? From 98a39051bce1dc462951ff402b9f720e9e8a8ced Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Wed, 23 Jun 2021 16:30:05 -0700 Subject: [PATCH 4/8] Address feedback --- lib/msal-browser/FAQ.md | 2 +- lib/msal-common/src/error/ClientConfigurationError.ts | 2 +- lib/msal-common/src/request/RequestValidator.ts | 10 +--------- lib/msal-node/docs/faq.md | 2 +- 4 files changed, 4 insertions(+), 12 deletions(-) diff --git a/lib/msal-browser/FAQ.md b/lib/msal-browser/FAQ.md index 468ad70f6f..4294ea04a7 100644 --- a/lib/msal-browser/FAQ.md +++ b/lib/msal-browser/FAQ.md @@ -134,7 +134,7 @@ Simply set your `authority` in your MSAL app configuration to **consumers** tena Currently the msal-browser package is designed for Single-Page Applications that are handling all authentication through the browser client. We have not yet optimized this to work with server-side components. As such, requests to retrieve the authorization code from the first leg of the flow can't be met currently. We are currently working on an [implementation of msal that will run in node libraries](https://github.com/AzureAD/microsoft-authentication-library-for-js/projects/4), and as part of that we will explore options to make msal-browser work with server-side components. ## How do I implement self-service sign-up? -MSAL Browser supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_browser.html#popuprequest) for descriptions of prompt values in the request and their expected outcomes, and [here](https://docs.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-overview) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. +MSAL Browser supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_browser.html#popuprequest) for descriptions of prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. # Single Sign-On diff --git a/lib/msal-common/src/error/ClientConfigurationError.ts b/lib/msal-common/src/error/ClientConfigurationError.ts index 3d94572a59..df6420c7f6 100644 --- a/lib/msal-common/src/error/ClientConfigurationError.ts +++ b/lib/msal-common/src/error/ClientConfigurationError.ts @@ -47,7 +47,7 @@ export const ClientConfigurationErrorMessage = { }, invalidPrompt: { code: "invalid_prompt_value", - desc: "Supported prompt values are 'login', 'select_account', 'consent', 'create' and 'none'. Please see here for valid configuration options: https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-js-initializing-client-applications#configuration-options", + desc: "Supported prompt values are 'login', 'select_account', 'consent', 'create' and 'none'. Please see here for valid configuration options: https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_common.html#commonauthorizationurlrequest", }, invalidClaimsRequest: { code: "invalid_claims", diff --git a/lib/msal-common/src/request/RequestValidator.ts b/lib/msal-common/src/request/RequestValidator.ts index ee6493dd79..f0820162f7 100644 --- a/lib/msal-common/src/request/RequestValidator.ts +++ b/lib/msal-common/src/request/RequestValidator.ts @@ -28,15 +28,7 @@ export class RequestValidator { * @param prompt */ static validatePrompt(prompt: string) : void { - if ( - [ - PromptValue.LOGIN, - PromptValue.SELECT_ACCOUNT, - PromptValue.CONSENT, - PromptValue.NONE, - PromptValue.CREATE - ].indexOf(prompt) < 0 - ) { + if (Object.values(PromptValue).indexOf(prompt) < 0) { throw ClientConfigurationError.createInvalidPromptError(prompt); } } diff --git a/lib/msal-node/docs/faq.md b/lib/msal-node/docs/faq.md index 0cec467db3..cd7e3b30c9 100644 --- a/lib/msal-node/docs/faq.md +++ b/lib/msal-node/docs/faq.md @@ -46,7 +46,7 @@ If you want to work around this, please note: - **npm**: Add `engine-strict=false` to your .npmrc file. ### How do I implement self-service sign-up with MSAL Node? -MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_node.html#authorizationurlrequest) for descriptions of prompt values in the request and their expected outcomes, and [here](https://docs.microsoft.com/en-us/azure/active-directory/external-identities/self-service-sign-up-overview) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. +MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_node.html#authorizationurlrequest) for descriptions of prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. ## B2C From a71d15d56b0663170ff600a3515aa48a32d679a6 Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Tue, 29 Jun 2021 13:26:29 -0700 Subject: [PATCH 5/8] Address feedback --- lib/msal-common/src/request/RequestValidator.ts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/msal-common/src/request/RequestValidator.ts b/lib/msal-common/src/request/RequestValidator.ts index f0820162f7..ab2dde3b86 100644 --- a/lib/msal-common/src/request/RequestValidator.ts +++ b/lib/msal-common/src/request/RequestValidator.ts @@ -28,7 +28,13 @@ export class RequestValidator { * @param prompt */ static validatePrompt(prompt: string) : void { - if (Object.values(PromptValue).indexOf(prompt) < 0) { + let promptValues = []; + + for (let value in PromptValue) { + promptValues.push(PromptValue[value]); + } + + if (promptValues.indexOf(prompt) < 0) { throw ClientConfigurationError.createInvalidPromptError(prompt); } } From c225515683894d78c90b6f8cd3076a262a00a6d6 Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Tue, 29 Jun 2021 13:27:41 -0700 Subject: [PATCH 6/8] Apply suggestions from code review Co-authored-by: Sameera Gajjarapu --- lib/msal-browser/FAQ.md | 2 +- lib/msal-node/docs/faq.md | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/msal-browser/FAQ.md b/lib/msal-browser/FAQ.md index 0ca1365017..6befe25b4e 100644 --- a/lib/msal-browser/FAQ.md +++ b/lib/msal-browser/FAQ.md @@ -140,7 +140,7 @@ Simply set your `authority` in your MSAL app configuration to **consumers** tena Currently the msal-browser package is designed for Single-Page Applications that are handling all authentication through the browser client. We have not yet optimized this to work with server-side components. As such, requests to retrieve the authorization code from the first leg of the flow can't be met currently. We are currently working on an [implementation of msal that will run in node libraries](https://github.com/AzureAD/microsoft-authentication-library-for-js/projects/4), and as part of that we will explore options to make msal-browser work with server-side components. ## How do I implement self-service sign-up? -MSAL Browser supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_browser.html#popuprequest) for descriptions of prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. +MSAL Browser supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_browser.html#popuprequest) for supported prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to be made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. # Single Sign-On diff --git a/lib/msal-node/docs/faq.md b/lib/msal-node/docs/faq.md index cd7e3b30c9..a3ed4c93d6 100644 --- a/lib/msal-node/docs/faq.md +++ b/lib/msal-node/docs/faq.md @@ -46,7 +46,7 @@ If you want to work around this, please note: - **npm**: Add `engine-strict=false` to your .npmrc file. ### How do I implement self-service sign-up with MSAL Node? -MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_node.html#authorizationurlrequest) for descriptions of prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. +MSAL Node supports self-service sign-up in the auth code flow. Please see our docs [here](https://azuread.github.io/microsoft-authentication-library-for-js/ref/modules/_azure_msal_node.html#authorizationurlrequest) for supported prompt values in the request and their expected outcomes, and [here](http://aka.ms/s3u) for an overview of self-service sign-up and configuration changes that need to be made to your Azure tenant. Please note that that self-service sign-up is not available in B2C and test environments. ## B2C @@ -60,4 +60,4 @@ Our recommendation is to move to the new password reset experience since it simp ## Can I use MSAL Node with Microsoft Graph JavaScript SDK? -Yes, MSAL Node can be used as a custom authentication provider for the [Microsoft Graph JavaScript SDK](https://github.com/microsoftgraph/msgraph-sdk-javascript). For an implementation, please refer to the sample: [Express Web App calling Graph API](https://github.com/Azure-Samples/ms-identity-javascript-nodejs-tutorial/tree/main/2-Authorization/1-call-graph). \ No newline at end of file +Yes, MSAL Node can be used as a custom authentication provider for the [Microsoft Graph JavaScript SDK](https://github.com/microsoftgraph/msgraph-sdk-javascript). For an implementation, please refer to the sample: [Express Web App calling Graph API](https://github.com/Azure-Samples/ms-identity-javascript-nodejs-tutorial/tree/main/2-Authorization/1-call-graph). From 712d77e9b16491e3619e136c4d01f2489f5c449d Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Tue, 29 Jun 2021 13:55:36 -0700 Subject: [PATCH 7/8] Regenerate package-locks --- lib/msal-angular/package-lock.json | 16 ++++++++-------- lib/msal-browser/package-lock.json | 30 ++++++++++++++++-------------- lib/msal-node/package-lock.json | 8 ++++---- lib/msal-react/package-lock.json | 16 ++++++++-------- 4 files changed, 36 insertions(+), 34 deletions(-) diff --git a/lib/msal-angular/package-lock.json b/lib/msal-angular/package-lock.json index eb72dec634..5825ec1968 100644 --- a/lib/msal-angular/package-lock.json +++ b/lib/msal-angular/package-lock.json @@ -1,6 +1,6 @@ { "name": "@azure/msal-angular", - "version": "2.0.0", + "version": "2.0.1", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -467,18 +467,18 @@ } }, "@azure/msal-browser": { - "version": "2.14.2", - "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.14.2.tgz", - "integrity": "sha512-JKHE9Rer41CI8tweiyE91M8ZbGvQV9P+jOPB4ZtPxyxCi2f7ED3jNfdzyUJ1eGB+hCRnvO56M1Xc61T1R+JfYg==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.15.0.tgz", + "integrity": "sha512-Du0BHQiDQgkqg6OoKovUZWdEIZbTnhh/lma7QLyi5jFKDekk78wXsFIOJLUcFoY97+ZhB+Y2WQOYT1DJphAdCg==", "dev": true, "requires": { - "@azure/msal-common": "^4.3.0" + "@azure/msal-common": "^4.4.0" } }, "@azure/msal-common": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.3.0.tgz", - "integrity": "sha512-jFqUWe83wVb6O8cNGGBFg2QlKvqM1ezUgJTEV7kIsAPX0RXhGFE4B1DLNt6hCnkTXDbw+KGW0zgxOEr4MJQwLw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.4.0.tgz", + "integrity": "sha512-Qrs33Ctt2KM7NxArFPIUKc8UbIcm7zYxJFdJeQ9k7HKBhVk3e88CUz1Mw33cS/Jr+YA1H02OAzHg++bJ+4SFyQ==", "dev": true, "requires": { "debug": "^4.1.1" diff --git a/lib/msal-browser/package-lock.json b/lib/msal-browser/package-lock.json index 1d447405b5..a146b6bba1 100644 --- a/lib/msal-browser/package-lock.json +++ b/lib/msal-browser/package-lock.json @@ -1,6 +1,6 @@ { "name": "@azure/msal-browser", - "version": "2.14.2", + "version": "2.15.0", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -91,9 +91,9 @@ } }, "@azure/msal-common": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.3.0.tgz", - "integrity": "sha512-jFqUWe83wVb6O8cNGGBFg2QlKvqM1ezUgJTEV7kIsAPX0RXhGFE4B1DLNt6hCnkTXDbw+KGW0zgxOEr4MJQwLw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.4.0.tgz", + "integrity": "sha512-Qrs33Ctt2KM7NxArFPIUKc8UbIcm7zYxJFdJeQ9k7HKBhVk3e88CUz1Mw33cS/Jr+YA1H02OAzHg++bJ+4SFyQ==", "requires": { "debug": "^4.1.1" } @@ -1995,6 +1995,18 @@ "requires": { "bole": "npm:@zkochan/bole@^3.0.4", "ndjson": "^1.5.0" + }, + "dependencies": { + "bole": { + "version": "npm:@zkochan/bole@3.0.4", + "resolved": "https://registry.npmjs.org/@zkochan/bole/-/bole-3.0.4.tgz", + "integrity": "sha512-3iPQz6Z7A2aiKc9cxB+I4X0nKxOagBxWAl91+ukUyJ9El+DgejYgbfd4PtzUyam+JRXXydUCkKGKiWYj8EzrGw==", + "dev": true, + "requires": { + "fast-safe-stringify": "~1.1.0", + "individual": "~3.0.0" + } + } } }, "@pnpm/merge-lockfile-changes": { @@ -2839,16 +2851,6 @@ "yargs-parser": "^20.2.4" } }, - "bole": { - "version": "npm:@zkochan/bole@3.0.4", - "resolved": "https://registry.npmjs.org/@zkochan/bole/-/bole-3.0.4.tgz", - "integrity": "sha512-3iPQz6Z7A2aiKc9cxB+I4X0nKxOagBxWAl91+ukUyJ9El+DgejYgbfd4PtzUyam+JRXXydUCkKGKiWYj8EzrGw==", - "dev": true, - "requires": { - "fast-safe-stringify": "~1.1.0", - "individual": "~3.0.0" - } - }, "brace-expansion": { "version": "1.1.11", "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", diff --git a/lib/msal-node/package-lock.json b/lib/msal-node/package-lock.json index 2ba4625272..b871b5fdd9 100644 --- a/lib/msal-node/package-lock.json +++ b/lib/msal-node/package-lock.json @@ -1,13 +1,13 @@ { "name": "@azure/msal-node", - "version": "1.1.0", + "version": "1.2.0", "lockfileVersion": 1, "requires": true, "dependencies": { "@azure/msal-common": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.3.0.tgz", - "integrity": "sha512-jFqUWe83wVb6O8cNGGBFg2QlKvqM1ezUgJTEV7kIsAPX0RXhGFE4B1DLNt6hCnkTXDbw+KGW0zgxOEr4MJQwLw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.4.0.tgz", + "integrity": "sha512-Qrs33Ctt2KM7NxArFPIUKc8UbIcm7zYxJFdJeQ9k7HKBhVk3e88CUz1Mw33cS/Jr+YA1H02OAzHg++bJ+4SFyQ==", "requires": { "debug": "^4.1.1" } diff --git a/lib/msal-react/package-lock.json b/lib/msal-react/package-lock.json index c5266dd3ae..f1624d12b8 100644 --- a/lib/msal-react/package-lock.json +++ b/lib/msal-react/package-lock.json @@ -1,22 +1,22 @@ { "name": "@azure/msal-react", - "version": "1.0.0", + "version": "1.0.1", "lockfileVersion": 1, "requires": true, "dependencies": { "@azure/msal-browser": { - "version": "2.14.2", - "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.14.2.tgz", - "integrity": "sha512-JKHE9Rer41CI8tweiyE91M8ZbGvQV9P+jOPB4ZtPxyxCi2f7ED3jNfdzyUJ1eGB+hCRnvO56M1Xc61T1R+JfYg==", + "version": "2.15.0", + "resolved": "https://registry.npmjs.org/@azure/msal-browser/-/msal-browser-2.15.0.tgz", + "integrity": "sha512-Du0BHQiDQgkqg6OoKovUZWdEIZbTnhh/lma7QLyi5jFKDekk78wXsFIOJLUcFoY97+ZhB+Y2WQOYT1DJphAdCg==", "dev": true, "requires": { - "@azure/msal-common": "^4.3.0" + "@azure/msal-common": "^4.4.0" } }, "@azure/msal-common": { - "version": "4.3.0", - "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.3.0.tgz", - "integrity": "sha512-jFqUWe83wVb6O8cNGGBFg2QlKvqM1ezUgJTEV7kIsAPX0RXhGFE4B1DLNt6hCnkTXDbw+KGW0zgxOEr4MJQwLw==", + "version": "4.4.0", + "resolved": "https://registry.npmjs.org/@azure/msal-common/-/msal-common-4.4.0.tgz", + "integrity": "sha512-Qrs33Ctt2KM7NxArFPIUKc8UbIcm7zYxJFdJeQ9k7HKBhVk3e88CUz1Mw33cS/Jr+YA1H02OAzHg++bJ+4SFyQ==", "dev": true, "requires": { "debug": "^4.1.1" From 55d92e6b55ac802d26a738af708437f91e3aaf4d Mon Sep 17 00:00:00 2001 From: Jo Arroyo Date: Tue, 29 Jun 2021 14:07:51 -0700 Subject: [PATCH 8/8] fix linting --- lib/msal-common/src/request/RequestValidator.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/msal-common/src/request/RequestValidator.ts b/lib/msal-common/src/request/RequestValidator.ts index ab2dde3b86..3844023c43 100644 --- a/lib/msal-common/src/request/RequestValidator.ts +++ b/lib/msal-common/src/request/RequestValidator.ts @@ -28,9 +28,9 @@ export class RequestValidator { * @param prompt */ static validatePrompt(prompt: string) : void { - let promptValues = []; + const promptValues = []; - for (let value in PromptValue) { + for (const value in PromptValue) { promptValues.push(PromptValue[value]); }