Fixing navigateToLoginRequestUrl in Auth Code Library

lib/msal-browser/src/app/PublicClientApplication.ts

@@ -114,8 +114,19 @@ export class PublicClientApplication {
         const cachedHash = this.browserStorage.getItem(TemporaryCacheKeys.URL_HASH);
         try {
             // If hash exists, handle in window. Otherwise, cancel any current requests and continue.
-            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage, this.config.auth.navigateToLoginRequestUrl);
-            const responseHash = UrlString.hashContainsKnownProperties(hash) ? hash : cachedHash;
+            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage);
+            let responseHash: string;
+            if (this.config.auth.navigateToLoginRequestUrl && UrlString.hashContainsKnownProperties(hash)) {
+                this.browserStorage.setItem(TemporaryCacheKeys.URL_HASH, hash);
+                interactionHandler.navigateToRequestUrl();
+                return;
+            } else if (!this.config.auth.navigateToLoginRequestUrl) {
+                responseHash = UrlString.hashContainsKnownProperties(hash) ? hash : cachedHash;
+                window.location.hash = "";
+            } else {
+                responseHash = cachedHash;
+            }
+
             if (responseHash) {
                 const tokenResponse = await interactionHandler.handleCodeResponse(responseHash);
                 this.authCallback(null, tokenResponse);
@@ -146,7 +157,7 @@ export class PublicClientApplication {
 
         try {
             // Create redirect interaction handler.
-            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage, this.config.auth.navigateToLoginRequestUrl);
+            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage);
 
             // Create login url, which will by default append the client id scope to the call.
             this.authModule.createLoginUrl(request).then((navigateUrl) => {
@@ -180,7 +191,7 @@ export class PublicClientApplication {
 
         try {
             // Create redirect interaction handler.
-            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage, this.config.auth.navigateToLoginRequestUrl);
+            const interactionHandler = new RedirectHandler(this.authModule, this.browserStorage);
 
             // Create acquire token url.
             this.authModule.createAcquireTokenUrl(request).then((navigateUrl) => {

lib/msal-browser/src/interaction_handler/RedirectHandler.ts

@@ -2,23 +2,14 @@
  * Copyright (c) Microsoft Corporation. All rights reserved.
  * Licensed under the MIT License.
  */
-import { StringUtils, AuthorizationCodeModule, TemporaryCacheKeys, TokenResponse } from "@azure/msal-common";
+import { StringUtils, TemporaryCacheKeys, TokenResponse } from "@azure/msal-common";
 import { InteractionHandler } from "./InteractionHandler";
-import { BrowserStorage } from "../cache/BrowserStorage";
 import { BrowserAuthError } from "../error/BrowserAuthError";
 import { BrowserConstants } from "../utils/BrowserConstants";
 import { BrowserUtils } from "../utils/BrowserUtils";
 
 export class RedirectHandler extends InteractionHandler {
 
-    // Config to navigate to login request url. Set by user, default is true.
-    private navigateToLoginRequestUrl: boolean;
-
-    constructor(authCodeModule: AuthorizationCodeModule, storageImpl: BrowserStorage, navigateToLoginRequestUrl: boolean) {
-        super(authCodeModule, storageImpl);
-        this.navigateToLoginRequestUrl = navigateToLoginRequestUrl;
-    }
-
     /**
      * Redirects window to given URL.
      * @param urlNavigate 
@@ -41,6 +32,20 @@ export class RedirectHandler extends InteractionHandler {
         return window;
     }
 
+    navigateToRequestUrl(): void {
+        if (window.parent === window) {
+            const loginRequestUrl = this.browserStorage.getItem(TemporaryCacheKeys.ORIGIN_URI);
+
+            // Redirect to home page if login request url is null (real null or the string null)
+            if (!loginRequestUrl || loginRequestUrl === "null") {
+                this.authModule.logger.error("Unable to get valid login request url from cache, redirecting to home page");
+                window.location.href = "/";
+            } else {
+                window.location.href = loginRequestUrl;
+            }
+        }
+    }
+
     /**
      * Handle authorization code response in the window.
      * @param hash 
@@ -51,29 +56,12 @@ export class RedirectHandler extends InteractionHandler {
             throw BrowserAuthError.createEmptyHashError(locationHash);
         }
 
-        // If navigateToLoginRequestUrl is true, then cache the hash and navigate to cached request URI.
-        if (this.navigateToLoginRequestUrl) {
-            this.browserStorage.setItem(TemporaryCacheKeys.URL_HASH, locationHash);
-            if (window.parent === window) {
-                const loginRequestUrl = this.browserStorage.getItem(TemporaryCacheKeys.ORIGIN_URI);
-
-                // Redirect to home page if login request url is null (real null or the string null)
-                if (!loginRequestUrl || loginRequestUrl === "null") {
-                    this.authModule.logger.error("Unable to get valid login request url from cache, redirecting to home page");
-                    window.location.href = "/";
-                } else {
-                    window.location.href = loginRequestUrl;
-                }
-            }
-            return null;
-        } else {
-            window.location.hash = "";
-        }
-
         // Interaction is completed - remove interaction status.
         this.browserStorage.removeItem(BrowserConstants.INTERACTION_STATUS_KEY);
         // Handle code response.
         const codeResponse = this.authModule.handleFragmentResponse(locationHash);
+        // Hash was processed successfully - remove from cache
+        this.browserStorage.removeItem(TemporaryCacheKeys.URL_HASH);
         // Acquire token with retrieved code.
         return this.authModule.acquireToken(codeResponse);
     }

lib/msal-common/rollup.config.js

@@ -26,7 +26,7 @@ export default [
             {
                 file: "./lib/msal-common.js",
                 format: "umd",
-                name: "msal",
+                name: "msal-common",
                 banner: fileHeader,
                 sourcemap: "inline"
             }
@@ -49,7 +49,7 @@ export default [
             {
                 file: "./lib/msal-common.min.js",
                 format: "umd",
-                name: "msal",
+                name: "msal-common",
                 banner: useStrictHeader,
                 sourcemap: true
             }

lib/msal-common/src/cache/CacheHelpers.ts

@@ -165,9 +165,17 @@ export class CacheHelpers {
         });
     }
 
+    /**
+     * Checks that any parameters are exact matches for key value, since key.match in the above functions only do contains checks, not exact matches.
+     * @param atKey 
+     * @param clientId 
+     * @param authority 
+     * @param resource 
+     * @param homeAccountIdentifier 
+     */
     private checkForExactKeyMatch(atKey: AccessTokenKey, clientId: string, authority: string, resource?: string, homeAccountIdentifier?: string): boolean {
         const hasClientId = (atKey.clientId === clientId);
-        const hasAuthorityUri = (atKey.authority === authority);
+        const hasAuthorityUri = !StringUtils.isEmpty(authority) ? (atKey.authority === authority) : true;
         const hasResourceUri = !StringUtils.isEmpty(resource) ? (atKey.resource === resource) : true;
         const hasHomeAccountId = !StringUtils.isEmpty(homeAccountIdentifier) ? (atKey.homeAccountIdentifier === homeAccountIdentifier) : true;