(q,K,_,z,Y,$,A,O,w)
| 369 | Error Description: ${Y.message}`)}return null}if(!_)this.logger.warning("The developer's authority was not found within the CloudInstanceDiscoveryMetadata returned from the network request."),this.logger.verbose("Creating custom Authority for custom domain scenario."),_=vP.createCloudDiscoveryMetadataFromHost(this.hostnameAndPort);return _}isInKnownAuthorities(){return this.authorityOptions.knownAuthorities.filter((K)=>{return K&&h9.getDomainFromUrl(K).toLowerCase()===this.hostnameAndPort}).length>0}static generateAuthority(q,K){let _;if(K&&K.azureCloudInstance!==Vn.None){let z=K.tenant?K.tenant:m1.DEFAULT_COMMON_TENANT;_=`${K.azureCloudInstance}/${z}/`}return _?_:q}static createCloudDiscoveryMetadataFromHost(q){return{preferred_network:q,preferred_cache:q,aliases:[q]}}getPreferredCache(){if(this.managedIdentity)return m1.DEFAULT_AUTHORITY_HOST;else if(this.discoveryComplete())return this.metadata.preferred_cache;else throw z7(wv)}isAlias(q){return this.metadata.aliases.indexOf(q)>-1}isAliasOfKnownMicrosoftAuthority(q){return xD1.has(q)}static isPublicCloudAuthority(q){return m1.KNOWN_PUBLIC_CLOUDS.indexOf(q)>=0}static buildRegionalAuthorityString(q,K,_){let z=new h9(q);z.validateAsUri();let Y=z.getUrlComponents(),$=`${K}.${Y.HostNameAndPort}`;if(this.isPublicCloudAuthority(Y.HostNameAndPort))$=`${K}.${m1.REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX}`;let A=h9.constructAuthorityUriFromObject({...z.getUrlComponents(),HostNameAndPort:$}).urlString;if(_)return`${A}?${_}`;return A}static replaceWithRegionalInformation(q,K){let _={...q};if(_.authorization_endpoint=vP.buildRegionalAuthorityString(_.authorization_endpoint,K),_.token_endpoint=vP.buildRegionalAuthorityString(_.token_endpoint,K),_.end_session_endpoint)_.end_session_endpoint=vP.buildRegionalAuthorityString(_.end_session_endpoint,K);return _}static transformCIAMAuthority(q){let K=q,z=new h9(q).getUrlComponents();if(z.PathSegments.length===0&&z.HostNameAndPort.endsWith(m1.CIAM_AUTH_URL)){let Y=z.HostNameAndPort.split(".")[0];K=`${K}${Y}${m1.AAD_TENANT_DOMAIN_SUFFIX}`}return K}}function p0q(q){let z=new h9(q).getUrlComponents().PathSegments.slice(-1)[0]?.toLowerCase();switch(z){case RV.COMMON:case RV.ORGANIZATIONS:case RV.CONSUMERS:return;default:return z}}function sX8(q){return q.endsWith(m1.FORWARD_SLASH)?q:`${q}${m1.FORWARD_SLASH}`}function Bf1(q){let K=q.cloudDiscoveryMetadata,_=void 0;if(K)try{_=JSON.parse(K)}catch(z){throw LO(k86)}return{canonicalAuthority:q.authority?sX8(q.authority):void 0,knownAuthorities:q.knownAuthorities,cloudDiscoveryMetadata:_}}var tX8=y(()=>{LD1();S0q();y86();wX();lw();ID1();V86();zQ6();CX8();b0q();I0q();m0q();PS();QI();Sn();aX8();aJ();yn();/*! @azure/msal-common v15.13.1 2025-10-29 */vP.reservedTenantDomains=new Set(["{tenant}","{tenantid}",RV.COMMON,RV.CONSUMERS,RV.ORGANIZATIONS])});var eX8={};T8(eX8,{createDiscoveredInstance:()=>gf1});async function gf1(q,K,_,z,Y,$,A){A?.addQueueMeasurement(N1.AuthorityFactoryCreateDiscoveredInstance,$);let O=vP.transformCIAMAuthority(sX8(q)),w=new vP(O,K,_,z,Y,$,A);try{return await iz(w.resolveEndpointsAsync.bind(w),N1.AuthorityResolveEndpointsAsync,Y,A,$)(),w}catch(j){throw z7(wv)}}var Ff1=y(()=>{tX8();wX();QI();Sn();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */});var Jv;var EZ6=y(()=>{PS();/*! @azure/msal-common v15.13.1 2025-10-29 */Jv=class Jv extends z9{constructor(q,K,_,z,Y){super(q,K,_);this.name="ServerError",this.errorNo=z,this.status=Y,Object.setPrototypeOf(this,Jv.prototype)}}});function LZ6(q,K,_){return{clientId:q,authority:K.authority,scopes:K.scopes,homeAccountIdentifier:_,claims:K.claims,authenticationScheme:K.authenticationScheme,resourceRequestMethod:K.resourceRequestMethod,resourceRequestUri:K.resourceRequestUri,shrClaims:K.shrClaims,sshKid:K.sshKid,embeddedClientId:K.embeddedClientId||K.tokenBodyParameters?.clientId}}var qP8=y(()=>{/*! @azure/msal-common v15.13.1 2025-10-29 */});class Cn{static generateThrottlingStorageKey(q){return`${Bg.THROTTLING_PREFIX}.${JSON.stringify(q)}`}static preProcess(q,K,_){let z=Cn.generateThrottlingStorageKey(K),Y=q.getThrottlingCache(z);if(Y){if(Y.throttleTime<Date.now()){q.removeItem(z,_);return}throw new Jv(Y.errorCodes?.join(" ")||m1.EMPTY_STRING,Y.errorMessage,Y.subError)}}static postProcess(q,K,_,z){if(Cn.checkResponseStatus(_)||Cn.checkResponseForRetryAfter(_)){let Y={throttleTime:Cn.calculateThrottleTime(parseInt(_.headers[cw.RETRY_AFTER])),error:_.body.error,errorCodes:_.body.error_codes,errorMessage:_.body.error_description,subError:_.body.suberror};q.setThrottlingCache(Cn.generateThrottlingStorageKey(K),Y,z)}}static checkResponseStatus(q){return q.status===429||q.status>=500&&q.status<600}static checkResponseForRetryAfter(q){if(q.headers)return q.headers.hasOwnProperty(cw.RETRY_AFTER)&&(q.status<200||q.status>=300);return!1}static calculateThrottleTime(q){let K=q<=0?0:q,_=Date.now()/1000;return Math.floor(Math.min(_+(K||Bg.DEFAULT_THROTTLE_TIME_SECONDS),_+Bg.DEFAULT_MAX_THROTTLE_TIME_SECONDS)*1000)}static removeThrottle(q,K,_,z){let Y=LZ6(K,_,z),$=this.generateThrottlingStorageKey(Y);q.removeItem($,_.correlationId)}}var B0q=y(()=>{lw();EZ6();qP8();/*! @azure/msal-common v15.13.1 2025-10-29 */});var KP8;var g0q=y(()=>{PS();/*! @azure/msal-common v15.13.1 2025-10-29 */KP8=class KP8 extends z9{constructor(q,K,_){super(q.errorCode,q.errorMessage,q.subError);Object.setPrototypeOf(this,KP8.prototype),this.name="NetworkError",this.error=q,this.httpStatus=K,this.responseHeaders=_}}});class YG{constructor(q,K){this.config=L0q(q),this.logger=new SV(this.config.loggerOptions,hX8,XZ6),this.cryptoUtils=this.config.cryptoInterface,this.cacheManager=this.config.storageInterface,this.networkClient=this.config.networkInterface,this.serverTelemetryManager=this.config.serverTelemetryManager,this.authority=this.config.authOptions.authority,this.performanceClient=K}createTokenRequestHeaders(q){let K={};if(K[cw.CONTENT_TYPE]=m1.URL_FORM_CONTENT_TYPE,!this.config.systemOptions.preventCorsPreflight&&q)switch(q.type){case jv.HOME_ACCOUNT_ID:try{let _=Fg(q.credential);K[cw.CCS_HEADER]=`Oid:${_.uid}@${_.utid}`}catch(_){this.logger.verbose("Could not parse home account ID for CCS Header: "+_)}break;case jv.UPN:K[cw.CCS_HEADER]=`UPN: ${q.credential}`;break}return K}async executePostToTokenEndpoint(q,K,_,z,Y,$){if($)this.performanceClient?.addQueueMeasurement($,Y);let A=await this.sendPostRequest(z,q,{body:K,headers:_},Y);if(this.config.serverTelemetryManager&&A.status<500&&A.status!==429)this.config.serverTelemetryManager.clearTelemetryCache();return A}async sendPostRequest(q,K,_,z){Cn.preProcess(this.cacheManager,q,z);let Y;try{Y=await iz(this.networkClient.sendPostRequestAsync.bind(this.networkClient),N1.NetworkClientSendPostRequestAsync,this.logger,this.performanceClient,z)(K,_);let $=Y.headers||{};this.performanceClient?.addFields({refreshTokenSize:Y.body.refresh_token?.length||0,httpVerToken:$[cw.X_MS_HTTP_VERSION]||"",requestId:$[cw.X_MS_REQUEST_ID]||""},z)}catch($){if($ instanceof KP8){let A=$.responseHeaders;if(A)this.performanceClient?.addFields({httpVerToken:A[cw.X_MS_HTTP_VERSION]||"",requestId:A[cw.X_MS_REQUEST_ID]||"",contentTypeHeader:A[cw.CONTENT_TYPE]||void 0,contentLengthHeader:A[cw.CONTENT_LENGTH]||void 0,httpStatus:$.httpStatus},z);throw $.error}if($ instanceof z9)throw $;else throw z7(_Y6)}return Cn.postProcess(this.cacheManager,q,Y,z),Y}async updateAuthority(q,K){this.performanceClient?.addQueueMeasurement(N1.UpdateTokenEndpointAuthority,K);let _=`https://${q}/${this.authority.tenant}/`,z=await gf1(_,this.networkClient,this.cacheManager,this.authority.options,this.logger,K,this.performanceClient);this.authority=z}createTokenQueryParameters(q){let K=new Map;if(q.embeddedClientId)hn(K,this.config.authOptions.clientId,this.config.authOptions.redirectUri);if(q.tokenQueryParameters)Rn(K,q.tokenQueryParameters);return IY6(K,q.correlationId),hY6(K,q.correlationId,this.performanceClient),Ug(K)}}var NQ6=y(()=>{FX8();RX8();lw();SX8();OQ6();fZ6();VZ6();EY6();Ff1();QI();B0q();PS();wX();g0q();Sn();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */});var zP8={};T8(zP8,{uxNotAllowed:()=>_P8,refreshTokenExpired:()=>EQ6,noTokensFound:()=>R86,nativeAccountUnavailable:()=>yQ6,loginRequired:()=>df1,interactionRequired:()=>Uf1,consentRequired:()=>Qf1,badToken:()=>h86});var R86="no_tokens_found",yQ6="native_account_unavailable",EQ6="refresh_token_expired",_P8="ux_not_allowed",Uf1="interaction_required",Qf1="consent_required",df1="login_required",h86="bad_token";var YP8=y(()=>{/*! @azure/msal-common v15.13.1 2025-10-29 */});function AP8(q,K,_){let z=!!q&&F0q.indexOf(q)>-1,Y=!!_&&Ux9.indexOf(_)>-1,$=!!K&&F0q.some((A)=>{return K.indexOf(A)>-1});return z||$||Y}function OP8(q){return new iE(q,$P8[q])}var F0q,Ux9,$P8,cf1,iE;var LQ6=y(()=>{lw();PS();YP8();/*! @azure/msal-common v15.13.1 2025-10-29 */F0q=[Uf1,Qf1,df1,h86,_P8],Ux9=["message_only","additional_action","basic_action","user_password_expired","consent_required","bad_token"],$P8={[R86]:"No refresh token found in the cache. Please sign-in.",[yQ6]:"The requested account is not available in the native broker. It may have been deleted or logged out. Please sign-in again using an interactive API.",[EQ6]:"Refresh token has expired.",[h86]:"Identity provider returned bad_token due to an expired or invalid refresh token. Please invoke an interactive API to resolve.",[_P8]:"`canShowUI` flag in Edge was set to false. User interaction required on web page. Please invoke an interactive API to resolve."},cf1={noTokensFoundError:{code:R86,desc:$P8[R86]},native_account_unavailable:{code:yQ6,desc:$P8[yQ6]},bad_token:{code:h86,desc:$P8[h86]}};iE=class iE extends z9{constructor(q,K,_,z,Y,$,A,O){super(q,K,_);Object.setPrototypeOf(this,iE.prototype),this.timestamp=z||m1.EMPTY_STRING,this.traceId=Y||m1.EMPTY_STRING,this.correlationId=$||m1.EMPTY_STRING,this.claims=A||m1.EMPTY_STRING,this.name="InteractionRequiredAuthError",this.errorNo=O}}});class wP8{static setRequestState(q,K,_){let z=wP8.generateLibraryState(q,_);return K?`${z}${m1.RESOURCE_DELIM}${K}`:z}static generateLibraryState(q,K){if(!q)throw z7(G86);let _={id:q.createNewGuid()};if(K)_.meta=K;let z=JSON.stringify(_);return q.base64Encode(z)}static parseRequestState(q,K){if(!q)throw z7(G86);if(!K)throw z7(UI);try{let _=K.split(m1.RESOURCE_DELIM),z=_[0],Y=_.length>1?_.slice(1).join(m1.RESOURCE_DELIM):m1.EMPTY_STRING,$=q.base64Decode(z),A=JSON.parse($);return{userRequestState:Y||m1.EMPTY_STRING,libraryState:A}}catch(_){throw z7(UI)}}}var U0q=y(()=>{lw();wX();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */});class mY6{constructor(q,K){this.cryptoUtils=q,this.performanceClient=K}async generateCnf(q,K){this.performanceClient?.addQueueMeasurement(N1.PopTokenGenerateCnf,q.correlationId);let _=await iz(this.generateKid.bind(this),N1.PopTokenGenerateCnf,K,this.performanceClient,q.correlationId)(q),z=this.cryptoUtils.base64UrlEncode(JSON.stringify(_));return{kid:_.kid,reqCnfString:z}}async generateKid(q){return this.performanceClient?.addQueueMeasurement(N1.PopTokenGenerateKid,q.correlationId),{kid:await this.cryptoUtils.getPublicKeyThumbprint(q),xms_ksl:Qx9.SW}}async signPopToken(q,K,_){return this.signPayload(q,K,_)}async signPayload(q,K,_,z){let{resourceRequestMethod:Y,resourceRequestUri:$,shrClaims:A,shrNonce:O,shrOptions:w}=_,H=($?new h9($):void 0)?.getUrlComponents();return this.cryptoUtils.signJwt({at:q,ts:nE(),m:Y?.toUpperCase(),u:H?.HostNameAndPort,nonce:O||this.cryptoUtils.createNewGuid(),p:H?.AbsolutePath,q:H?.QueryString?[[],H.QueryString]:void 0,client_claims:A||void 0,...z},K,w,_.correlationId)}}var Qx9;var jP8=y(()=>{L86();y86();QI();Sn();/*! @azure/msal-common v15.13.1 2025-10-29 */Qx9={SW:"sw"}});class DS{constructor(q,K){this.cache=q,this.hasChanged=K}get cacheHasChanged(){return this.hasChanged}get tokenCache(){return this.cache}}var lf1=y(()=>{/*! @azure/msal-common v15.13.1 2025-10-29 */});class MJ{constructor(q,K,_,z,Y,$,A){this.clientId=q,this.cacheStorage=K,this.cryptoObj=_,this.logger=z,this.serializableCache=Y,this.persistencePlugin=$,this.performanceClient=A}validateTokenResponse(q,K){if(q.error||q.error_description||q.suberror){let _=`Error(s): ${q.error_codes||m1.NOT_AVAILABLE} - Timestamp: ${q.timestamp||m1.NOT_AVAILABLE} - Description: ${q.error_description||m1.NOT_AVAILABLE} - Correlation ID: ${q.correlation_id||m1.NOT_AVAILABLE} - Trace ID: ${q.trace_id||m1.NOT_AVAILABLE}`,z=q.error_codes?.length?q.error_codes[0]:void 0,Y=new Jv(q.error,_,q.suberror,z,q.status);if(K&&q.status&&q.status>=_9.SERVER_ERROR_RANGE_START&&q.status<=_9.SERVER_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently unavailable and the access token is unable to be refreshed. |
| 370 | ${Y}`);return}else if(K&&q.status&&q.status>=_9.CLIENT_ERROR_RANGE_START&&q.status<=_9.CLIENT_ERROR_RANGE_END){this.logger.warning(`executeTokenRequest:validateTokenResponse - AAD is currently available but is unable to refresh the access token. |
| 371 | ${Y}`);return}if(AP8(q.error,q.error_description,q.suberror))throw new iE(q.error,q.error_description,q.suberror,q.timestamp||m1.EMPTY_STRING,q.trace_id||m1.EMPTY_STRING,q.correlation_id||m1.EMPTY_STRING,q.claims||m1.EMPTY_STRING,z);throw Y}}async handleServerTokenResponse(q,K,_,z,Y,$,A,O,w){this.performanceClient?.addQueueMeasurement(N1.HandleServerTokenResponse,q.correlation_id);let j;if(q.id_token){if(j=En(q.id_token||m1.EMPTY_STRING,this.cryptoObj.base64Decode),Y&&Y.nonce){if(j.nonce!==Y.nonce)throw z7(AY6)}if(z.maxAge||z.maxAge===0){let X=j.auth_time;if(!X)throw z7(Gn);YQ6(X,z.maxAge)}}this.homeAccountIdentifier=jX.generateHomeAccountId(q.client_info||m1.EMPTY_STRING,K.authorityType,this.logger,this.cryptoObj,j);let H;if(!!Y&&!!Y.state)H=wP8.parseRequestState(this.cryptoObj,Y.state);q.key_id=q.key_id||z.sshKid||void 0;let J=this.generateCacheRecord(q,K,_,z,j,$,Y),M;try{if(this.persistencePlugin&&this.serializableCache)this.logger.verbose("Persistence enabled, calling beforeCacheAccess"),M=new DS(this.serializableCache,!0),await this.persistencePlugin.beforeCacheAccess(M);if(A&&!O&&J.account){let X=this.cacheStorage.generateAccountKey(jX.getAccountInfo(J.account));if(!this.cacheStorage.getAccount(X,z.correlationId))return this.logger.warning("Account used to refresh tokens not in persistence, refreshed tokens will not be stored in the cache"),await MJ.generateAuthenticationResult(this.cryptoObj,K,J,!1,z,j,H,void 0,w)}await this.cacheStorage.saveCacheRecord(J,z.correlationId,hD1(j||{}),z.storeInCache)}finally{if(this.persistencePlugin&&this.serializableCache&&M)this.logger.verbose("Persistence enabled, calling afterCacheAccess"),await this.persistencePlugin.afterCacheAccess(M)}return MJ.generateAuthenticationResult(this.cryptoObj,K,J,!1,z,j,H,q,w)}generateCacheRecord(q,K,_,z,Y,$,A){let O=K.getPreferredCache();if(!O)throw z7(vn);let w=IX8(Y),j,H;if(q.id_token&&!!Y)j=uf1(this.homeAccountIdentifier,O,q.id_token,this.clientId,w||""),H=Q0q(this.cacheStorage,K,this.homeAccountIdentifier,this.cryptoObj.base64Decode,z.correlationId,Y,q.client_info,O,w,A,void 0,this.logger);let J=null;if(q.access_token){let P=q.scope?JJ.fromString(q.scope):new JJ(z.scopes||[]),W=(typeof q.expires_in==="string"?parseInt(q.expires_in,10):q.expires_in)||0,D=(typeof q.ext_expires_in==="string"?parseInt(q.ext_expires_in,10):q.ext_expires_in)||0,f=(typeof q.refresh_in==="string"?parseInt(q.refresh_in,10):q.refresh_in)||void 0,G=_+W,Z=G+D,T=f&&f>0?_+f:void 0;J=mf1(this.homeAccountIdentifier,O,q.access_token,this.clientId,w||K.tenant||"",P.printScopes(),G,Z,this.cryptoObj.base64Decode,T,q.token_type,$,q.key_id,z.claims,z.requestedClaimsHash)}let M=null;if(q.refresh_token){let P;if(q.refresh_token_expires_in){let W=typeof q.refresh_token_expires_in==="string"?parseInt(q.refresh_token_expires_in,10):q.refresh_token_expires_in;P=_+W}M=pf1(this.homeAccountIdentifier,O,q.refresh_token,this.clientId,q.foci,$,P)}let X=null;if(q.foci)X={clientId:this.clientId,environment:O,familyId:q.foci};return{account:H,idToken:j,accessToken:J,refreshToken:M,appMetadata:X}}static async generateAuthenticationResult(q,K,_,z,Y,$,A,O,w){let j=m1.EMPTY_STRING,H=[],J=null,M,X,P=m1.EMPTY_STRING;if(_.accessToken){if(_.accessToken.tokenType===Gz.POP&&!Y.popKid){let G=new mY6(q),{secret:Z,keyId:T}=_.accessToken;if(!T)throw z7(DY6);j=await G.signPopToken(Z,T,Y)}else j=_.accessToken.secret;if(H=JJ.fromString(_.accessToken.target).asArray(),J=kQ6(_.accessToken.expiresOn),M=kQ6(_.accessToken.extendedExpiresOn),_.accessToken.refreshOn)X=kQ6(_.accessToken.refreshOn)}if(_.appMetadata)P=_.appMetadata.familyId===P86?P86:"";let W=$?.oid||$?.sub||"",D=$?.tid||"";if(O?.spa_accountid&&!!_.account)_.account.nativeAccountId=O?.spa_accountid;let f=_.account?bX8(jX.getAccountInfo(_.account),void 0,$,_.idToken?.secret):null;return{authority:K.canonicalAuthority,uniqueId:W,tenantId:D,scopes:H,account:f,idToken:_?.idToken?.secret||"",idTokenClaims:$||{},accessToken:j,fromCache:z,expiresOn:J,extExpiresOn:M,refreshOn:X,correlationId:Y.correlationId,requestId:w||m1.EMPTY_STRING,familyId:P,tokenType:_.accessToken?.tokenType||m1.EMPTY_STRING,state:A?A.userRequestState:m1.EMPTY_STRING,cloudGraphHostName:_.account?.cloudGraphHostName||m1.EMPTY_STRING,msGraphHost:_.account?.msGraphHost||m1.EMPTY_STRING,code:O?.spa_code,fromNativeBroker:!1}}}function Q0q(q,K,_,z,Y,$,A,O,w,j,H,J){J?.verbose("setCachedAccount called");let X=q.getAccountKeys().find((G)=>{return G.startsWith(_)}),P=null;if(X)P=q.getAccount(X,Y);let W=P||jX.createAccount({homeAccountId:_,idTokenClaims:$,clientInfo:A,environment:O,cloudGraphHostName:j?.cloud_graph_host_name,msGraphHost:j?.msgraph_host,nativeAccountId:H},K,z),D=W.tenantProfiles||[],f=w||W.realm;if(f&&!D.find((G)=>{return G.tenantId===f})){let G=_Q6(_,W.localAccountId,f,$);D.push(G)}return W.tenantProfiles=D,W}var RQ6=y(()=>{wX();EZ6();KQ6();uX8();LQ6();U0q();lw();jP8();lf1();QI();ZZ6();RD1();xX8();aX8();L86();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */});async function Mv(q,K,_){if(typeof q==="string")return q;else return q({clientId:K,tokenEndpoint:_})}var HP8=y(()=>{/*! @azure/msal-common v15.13.1 2025-10-29 */});var JP8;var d0q=y(()=>{NQ6();VZ6();EY6();lw();vZ6();FX8();RQ6();N86();wX();y86();jP8();L86();fZ6();OQ6();V86();QI();Sn();HP8();qP8();aJ();yn();/*! @azure/msal-common v15.13.1 2025-10-29 */JP8=class JP8 extends YG{constructor(q,K){super(q,K);this.includeRedirectUri=!0,this.oidcDefaultScopes=this.config.authOptions.authority.options.OIDCOptions?.defaultScopes}async acquireToken(q,K){if(this.performanceClient?.addQueueMeasurement(N1.AuthClientAcquireToken,q.correlationId),!q.code)throw z7(jY6);let _=nE(),z=await iz(this.executeTokenRequest.bind(this),N1.AuthClientExecuteTokenRequest,this.logger,this.performanceClient,q.correlationId)(this.authority,q),Y=z.headers?.[cw.X_MS_REQUEST_ID],$=new MJ(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin,this.performanceClient);return $.validateTokenResponse(z.body),iz($.handleServerTokenResponse.bind($),N1.HandleServerTokenResponse,this.logger,this.performanceClient,q.correlationId)(z.body,this.authority,_,q,K,void 0,void 0,void 0,Y)}getLogoutUri(q){if(!q)throw LO(kY6);let K=this.createLogoutUrlQueryString(q);return h9.appendQueryString(this.authority.endSessionEndpoint,K)}async executeTokenRequest(q,K){this.performanceClient?.addQueueMeasurement(N1.AuthClientExecuteTokenRequest,K.correlationId);let _=this.createTokenQueryParameters(K),z=h9.appendQueryString(q.tokenEndpoint,_),Y=await iz(this.createTokenRequestBody.bind(this),N1.AuthClientCreateTokenRequestBody,this.logger,this.performanceClient,K.correlationId)(K),$=void 0;if(K.clientInfo)try{let w=DZ6(K.clientInfo,this.cryptoUtils.base64Decode);$={credential:`${w.uid}${Zn.CLIENT_INFO_SEPARATOR}${w.utid}`,type:jv.HOME_ACCOUNT_ID}}catch(w){this.logger.verbose("Could not parse client info for CCS Header: "+w)}let A=this.createTokenRequestHeaders($||K.ccsCredential),O=LZ6(this.config.authOptions.clientId,K);return iz(this.executePostToTokenEndpoint.bind(this),N1.AuthorizationCodeClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,K.correlationId)(z,Y,A,O,K.correlationId,N1.AuthorizationCodeClientExecutePostToTokenEndpoint)}async createTokenRequestBody(q){this.performanceClient?.addQueueMeasurement(N1.AuthClientCreateTokenRequestBody,q.correlationId);let K=new Map;if(CY6(K,q.embeddedClientId||q.tokenBodyParameters?.[Qg]||this.config.authOptions.clientId),!this.includeRedirectUri){if(!q.redirectUri)throw LO(fY6)}else bY6(K,q.redirectUri);if(SY6(K,q.scopes,!0,this.oidcDefaultScopes),Sf1(K,q.code),jQ6(K,this.config.libraryInfo),HQ6(K,this.config.telemetry.application),TQ6(K),this.serverTelemetryManager&&!gX8(this.config))GQ6(K,this.serverTelemetryManager);if(q.codeVerifier)bf1(K,q.codeVerifier);if(this.config.clientCredentials.clientSecret)MQ6(K,this.config.clientCredentials.clientSecret);if(this.config.clientCredentials.clientAssertion){let z=this.config.clientCredentials.clientAssertion;XQ6(K,await Mv(z.assertion,this.config.authOptions.clientId,q.resourceRequestUri)),PQ6(K,z.assertionType)}if(WQ6(K,hV.AUTHORIZATION_CODE_GRANT),uY6(K),q.authenticationScheme===Gz.POP){let z=new mY6(this.cryptoUtils,this.performanceClient),Y;if(!q.popKid)Y=(await iz(z.generateCnf.bind(z),N1.PopTokenGenerateCnf,this.logger,this.performanceClient,q.correlationId)(q,this.logger)).reqCnfString;else Y=this.cryptoUtils.encodeKid(q.popKid);fQ6(K,Y)}else if(q.authenticationScheme===Gz.SSH)if(q.sshJwk)ZQ6(K,q.sshJwk);else throw LO(Nn);if(!Yw.isEmptyObj(q.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)xY6(K,q.claims,this.config.authOptions.clientCapabilities);let _=void 0;if(q.clientInfo)try{let z=DZ6(q.clientInfo,this.cryptoUtils.base64Decode);_={credential:`${z.uid}${Zn.CLIENT_INFO_SEPARATOR}${z.utid}`,type:jv.HOME_ACCOUNT_ID}}catch(z){this.logger.verbose("Could not parse client info for CCS Header: "+z)}else _=q.ccsCredential;if(this.config.systemOptions.preventCorsPreflight&&_)switch(_.type){case jv.HOME_ACCOUNT_ID:try{let z=Fg(_.credential);Ln(K,z)}catch(z){this.logger.verbose("Could not parse home account ID for CCS Header: "+z)}break;case jv.UPN:E86(K,_.credential);break}if(q.embeddedClientId)hn(K,this.config.authOptions.clientId,this.config.authOptions.redirectUri);if(q.tokenBodyParameters)Rn(K,q.tokenBodyParameters);if(q.enableSpaAuthorizationCode&&(!q.tokenBodyParameters||!q.tokenBodyParameters[cX8]))Rn(K,{[cX8]:"1"});return hY6(K,q.correlationId,this.performanceClient),Ug(K)}createLogoutUrlQueryString(q){let K=new Map;if(q.postLogoutRedirectUri)yf1(K,q.postLogoutRedirectUri);if(q.correlationId)IY6(K,q.correlationId);if(q.idTokenHint)Ef1(K,q.idTokenHint);if(q.state)JQ6(K,q.state);if(q.logoutHint)xf1(K,q.logoutHint);if(q.extraQueryParameters)Rn(K,q.extraQueryParameters);if(this.config.authOptions.instanceAware)DQ6(K);return Ug(K,this.config.authOptions.encodeExtraQueryParams,q.extraQueryParameters)}}});var dx9=300,RZ6;var c0q=y(()=>{FX8();NQ6();VZ6();EY6();lw();vZ6();RQ6();jP8();N86();V86();wX();EZ6();L86();y86();OQ6();fZ6();LQ6();QI();Sn();HP8();qP8();YP8();yn();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */RZ6=class RZ6 extends YG{constructor(q,K){super(q,K)}async acquireToken(q){this.performanceClient?.addQueueMeasurement(N1.RefreshTokenClientAcquireToken,q.correlationId);let K=nE(),_=await iz(this.executeTokenRequest.bind(this),N1.RefreshTokenClientExecuteTokenRequest,this.logger,this.performanceClient,q.correlationId)(q,this.authority),z=_.headers?.[cw.X_MS_REQUEST_ID],Y=new MJ(this.config.authOptions.clientId,this.cacheManager,this.cryptoUtils,this.logger,this.config.serializableCache,this.config.persistencePlugin);return Y.validateTokenResponse(_.body),iz(Y.handleServerTokenResponse.bind(Y),N1.HandleServerTokenResponse,this.logger,this.performanceClient,q.correlationId)(_.body,this.authority,K,q,void 0,void 0,!0,q.forceCache,z)}async acquireTokenByRefreshToken(q){if(!q)throw LO(vY6);if(this.performanceClient?.addQueueMeasurement(N1.RefreshTokenClientAcquireTokenByRefreshToken,q.correlationId),!q.account)throw z7(Tn);if(this.cacheManager.isAppMetadataFOCI(q.account.environment))try{return await iz(this.acquireTokenWithCachedRefreshToken.bind(this),N1.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,q.correlationId)(q,!0)}catch(_){let z=_ instanceof iE&&_.errorCode===R86,Y=_ instanceof Jv&&_.errorCode===EU6.INVALID_GRANT_ERROR&&_.subError===EU6.CLIENT_MISMATCH_ERROR;if(z||Y)return iz(this.acquireTokenWithCachedRefreshToken.bind(this),N1.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,q.correlationId)(q,!1);else throw _}return iz(this.acquireTokenWithCachedRefreshToken.bind(this),N1.RefreshTokenClientAcquireTokenWithCachedRefreshToken,this.logger,this.performanceClient,q.correlationId)(q,!1)}async acquireTokenWithCachedRefreshToken(q,K){this.performanceClient?.addQueueMeasurement(N1.RefreshTokenClientAcquireTokenWithCachedRefreshToken,q.correlationId);let _=u0q(this.cacheManager.getRefreshToken.bind(this.cacheManager),N1.CacheManagerGetRefreshToken,this.logger,this.performanceClient,q.correlationId)(q.account,K,q.correlationId,void 0,this.performanceClient);if(!_)throw OP8(R86);if(_.expiresOn&&NZ6(_.expiresOn,q.refreshTokenExpirationOffsetSeconds||dx9))throw this.performanceClient?.addFields({rtExpiresOnMs:Number(_.expiresOn)},q.correlationId),OP8(EQ6);let z={...q,refreshToken:_.secret,authenticationScheme:q.authenticationScheme||Gz.BEARER,ccsCredential:{credential:q.account.homeAccountId,type:jv.HOME_ACCOUNT_ID}};try{return await iz(this.acquireToken.bind(this),N1.RefreshTokenClientAcquireToken,this.logger,this.performanceClient,q.correlationId)(z)}catch(Y){if(Y instanceof iE){if(this.performanceClient?.addFields({rtExpiresOnMs:Number(_.expiresOn)},q.correlationId),Y.subError===h86){this.logger.verbose("acquireTokenWithRefreshToken: bad refresh token, removing from cache");let $=this.cacheManager.generateCredentialKey(_);this.cacheManager.removeRefreshToken($,q.correlationId)}}throw Y}}async executeTokenRequest(q,K){this.performanceClient?.addQueueMeasurement(N1.RefreshTokenClientExecuteTokenRequest,q.correlationId);let _=this.createTokenQueryParameters(q),z=h9.appendQueryString(K.tokenEndpoint,_),Y=await iz(this.createTokenRequestBody.bind(this),N1.RefreshTokenClientCreateTokenRequestBody,this.logger,this.performanceClient,q.correlationId)(q),$=this.createTokenRequestHeaders(q.ccsCredential),A=LZ6(this.config.authOptions.clientId,q);return iz(this.executePostToTokenEndpoint.bind(this),N1.RefreshTokenClientExecutePostToTokenEndpoint,this.logger,this.performanceClient,q.correlationId)(z,Y,$,A,q.correlationId,N1.RefreshTokenClientExecutePostToTokenEndpoint)}async createTokenRequestBody(q){this.performanceClient?.addQueueMeasurement(N1.RefreshTokenClientCreateTokenRequestBody,q.correlationId);let K=new Map;if(CY6(K,q.embeddedClientId||q.tokenBodyParameters?.[Qg]||this.config.authOptions.clientId),q.redirectUri)bY6(K,q.redirectUri);if(SY6(K,q.scopes,!0,this.config.authOptions.authority.options.OIDCOptions?.defaultScopes),WQ6(K,hV.REFRESH_TOKEN_GRANT),uY6(K),jQ6(K,this.config.libraryInfo),HQ6(K,this.config.telemetry.application),TQ6(K),this.serverTelemetryManager&&!gX8(this.config))GQ6(K,this.serverTelemetryManager);if(Cf1(K,q.refreshToken),this.config.clientCredentials.clientSecret)MQ6(K,this.config.clientCredentials.clientSecret);if(this.config.clientCredentials.clientAssertion){let _=this.config.clientCredentials.clientAssertion;XQ6(K,await Mv(_.assertion,this.config.authOptions.clientId,q.resourceRequestUri)),PQ6(K,_.assertionType)}if(q.authenticationScheme===Gz.POP){let _=new mY6(this.cryptoUtils,this.performanceClient),z;if(!q.popKid)z=(await iz(_.generateCnf.bind(_),N1.PopTokenGenerateCnf,this.logger,this.performanceClient,q.correlationId)(q,this.logger)).reqCnfString;else z=this.cryptoUtils.encodeKid(q.popKid);fQ6(K,z)}else if(q.authenticationScheme===Gz.SSH)if(q.sshJwk)ZQ6(K,q.sshJwk);else throw LO(Nn);if(!Yw.isEmptyObj(q.claims)||this.config.authOptions.clientCapabilities&&this.config.authOptions.clientCapabilities.length>0)xY6(K,q.claims,this.config.authOptions.clientCapabilities);if(this.config.systemOptions.preventCorsPreflight&&q.ccsCredential)switch(q.ccsCredential.type){case jv.HOME_ACCOUNT_ID:try{let _=Fg(q.ccsCredential.credential);Ln(K,_)}catch(_){this.logger.verbose("Could not parse home account ID for CCS Header: "+_)}break;case jv.UPN:E86(K,q.ccsCredential.credential);break}if(q.embeddedClientId)hn(K,this.config.authOptions.clientId,this.config.authOptions.redirectUri);if(q.tokenBodyParameters)Rn(K,q.tokenBodyParameters);return hY6(K,q.correlationId,this.performanceClient),Ug(K)}}});var MP8;var l0q=y(()=>{NQ6();L86();wX();RQ6();lw();N86();ZZ6();QI();Sn();tX8();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */MP8=class MP8 extends YG{constructor(q,K){super(q,K)}async acquireCachedToken(q){this.performanceClient?.addQueueMeasurement(N1.SilentFlowClientAcquireCachedToken,q.correlationId);let K=zw.NOT_APPLICABLE;if(q.forceRefresh||!this.config.cacheOptions.claimsBasedCachingEnabled&&!Yw.isEmptyObj(q.claims))throw this.setCacheOutcome(zw.FORCE_REFRESH_OR_CLAIMS,q.correlationId),z7(kn);if(!q.account)throw z7(Tn);let _=q.account.tenantId||p0q(q.authority),z=this.cacheManager.getTokenKeys(),Y=this.cacheManager.getAccessToken(q.account,q,z,_);if(!Y)throw this.setCacheOutcome(zw.NO_CACHED_ACCESS_TOKEN,q.correlationId),z7(kn);else if(If1(Y.cachedAt)||NZ6(Y.expiresOn,this.config.systemOptions.tokenRenewalOffsetSeconds))throw this.setCacheOutcome(zw.CACHED_ACCESS_TOKEN_EXPIRED,q.correlationId),z7(kn);else if(Y.refreshOn&&NZ6(Y.refreshOn,0))K=zw.PROACTIVELY_REFRESHED;let $=q.authority||this.authority.getPreferredCache(),A={account:this.cacheManager.getAccount(this.cacheManager.generateAccountKey(q.account),q.correlationId),accessToken:Y,idToken:this.cacheManager.getIdToken(q.account,q.correlationId,z,_,this.performanceClient),refreshToken:null,appMetadata:this.cacheManager.readAppMetadataFromCache($)};if(this.setCacheOutcome(K,q.correlationId),this.config.serverTelemetryManager)this.config.serverTelemetryManager.incrementCacheHits();return[await iz(this.generateResultFromCacheRecord.bind(this),N1.SilentFlowClientGenerateResultFromCacheRecord,this.logger,this.performanceClient,q.correlationId)(A,q),K]}setCacheOutcome(q,K){if(this.serverTelemetryManager?.setCacheOutcome(q),this.performanceClient?.addFields({cacheOutcome:q},K),q!==zw.NOT_APPLICABLE)this.logger.info(`Token refresh is required due to cache outcome: ${q}`)}async generateResultFromCacheRecord(q,K){this.performanceClient?.addQueueMeasurement(N1.SilentFlowClientGenerateResultFromCacheRecord,K.correlationId);let _;if(q.idToken)_=En(q.idToken.secret,this.config.cryptoInterface.base64Decode);if(K.maxAge||K.maxAge===0){let z=_?.auth_time;if(!z)throw z7(Gn);YQ6(z,K.maxAge)}return MJ.generateAuthenticationResult(this.cryptoUtils,this.authority,q,!0,K,_)}}});var hQ6={};T8(hQ6,{validateAuthorizationResponse:()=>n0q,getStandardAuthorizeRequestParameters:()=>cx9,getAuthorizeUrl:()=>lx9,getAuthorizationCodePayload:()=>nx9});function cx9(q,K,_,z){let Y=K.correlationId,$=new Map;CY6($,K.embeddedClientId||K.extraQueryParameters?.[Qg]||q.clientId);let A=[...K.scopes||[],...K.extraScopesToConsent||[]];if(SY6($,A,!0,q.authority.options.OIDCOptions?.defaultScopes),bY6($,K.redirectUri),IY6($,Y),Nf1($,K.responseMode),uY6($),K.prompt)Rf1($,K.prompt),z?.addFields({prompt:K.prompt},Y);if(K.domainHint)Lf1($,K.domainHint),z?.addFields({domainHintFromRequest:!0},Y);if(K.prompt!==X86.SELECT_ACCOUNT){if(K.sid&&K.prompt===X86.NONE)_.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request"),nX8($,K.sid),z?.addFields({sidFromRequest:!0},Y);else if(K.account){let O=rx9(K.account),w=ox9(K.account);if(w&&K.domainHint)_.warning('AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint'),w=null;if(w){_.verbose("createAuthCodeUrlQueryString: login_hint claim present on account"),kZ6($,w),z?.addFields({loginHintFromClaim:!0},Y);try{let j=Fg(K.account.homeAccountId);Ln($,j)}catch(j){_.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(O&&K.prompt===X86.NONE){_.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account"),nX8($,O),z?.addFields({sidFromClaim:!0},Y);try{let j=Fg(K.account.homeAccountId);Ln($,j)}catch(j){_.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}else if(K.loginHint)_.verbose("createAuthCodeUrlQueryString: Adding login_hint from request"),kZ6($,K.loginHint),E86($,K.loginHint),z?.addFields({loginHintFromRequest:!0},Y);else if(K.account.username){_.verbose("createAuthCodeUrlQueryString: Adding login_hint from account"),kZ6($,K.account.username),z?.addFields({loginHintFromUpn:!0},Y);try{let j=Fg(K.account.homeAccountId);Ln($,j)}catch(j){_.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header")}}}else if(K.loginHint)_.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request"),kZ6($,K.loginHint),E86($,K.loginHint),z?.addFields({loginHintFromRequest:!0},Y)}else _.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");if(K.nonce)hf1($,K.nonce);if(K.state)JQ6($,K.state);if(K.claims||q.clientCapabilities&&q.clientCapabilities.length>0)xY6($,K.claims,q.clientCapabilities);if(K.embeddedClientId)hn($,q.clientId,q.redirectUri);if(q.instanceAware&&(!K.extraQueryParameters||!Object.keys(K.extraQueryParameters).includes(TZ6)))DQ6($);return $}function lx9(q,K,_,z){let Y=Ug(K,_,z);return h9.appendQueryString(q.authorizationEndpoint,Y)}function nx9(q,K){if(n0q(q,K),!q.code)throw z7(PY6);return q}function n0q(q,K){if(!q.state||!K)throw q.state?z7(f86,"Cached State"):z7(f86,"Server State");let _,z;try{_=decodeURIComponent(q.state)}catch(Y){throw z7(UI,q.state)}try{z=decodeURIComponent(K)}catch(Y){throw z7(UI,q.state)}if(_!==z)throw z7($Y6);if(q.error||q.error_description||q.suberror){let Y=ix9(q);if(AP8(q.error,q.error_description,q.suberror))throw new iE(q.error||"",q.error_description,q.suberror,q.timestamp||"",q.trace_id||"",q.correlation_id||"",q.claims||"",Y);throw new Jv(q.error||"",q.error_description,q.suberror,Y)}}function ix9(q){let _=q.error_uri?.lastIndexOf("code=");return _&&_>=0?q.error_uri?.substring(_+5):void 0}function rx9(q){return q.idTokenClaims?.sid||null}function ox9(q){return q.loginHint||q.idTokenClaims?.login_hint||null}var i0q=y(()=>{VZ6();vZ6();lw();fZ6();EY6();y86();wX();LQ6();EZ6();aJ();/*! @azure/msal-common v15.13.1 2025-10-29 */});function ax9(q){let{skus:K,libraryName:_,libraryVersion:z,extensionName:Y,extensionVersion:$}=q,A=new Map([[0,[_,z]],[2,[Y,$]]]),O=[];if(K?.length){if(O=K.split(r0q),O.length<4)return K}else O=Array.from({length:4},()=>o0q);return A.forEach((w,j)=>{if(w.length===2&&w[0]?.length&&w[1]?.length)sx9({skuArr:O,index:j,skuName:w[0],skuVersion:w[1]})}),O.join(r0q)}function sx9(q){let{skuArr:K,index:_,skuName:z,skuVersion:Y}=q;if(_>=K.length)return;K[_]=[z,Y].join(o0q)}class S86{constructor(q,K){this.cacheOutcome=zw.NOT_APPLICABLE,this.cacheManager=K,this.apiId=q.apiId,this.correlationId=q.correlationId,this.wrapperSKU=q.wrapperSKU||m1.EMPTY_STRING,this.wrapperVer=q.wrapperVer||m1.EMPTY_STRING,this.telemetryCacheKey=TP.CACHE_KEY+Zn.CACHE_KEY_SEPARATOR+q.clientId}generateCurrentRequestHeaderValue(){let q=`${this.apiId}${TP.VALUE_SEPARATOR}${this.cacheOutcome}`,K=[this.wrapperSKU,this.wrapperVer],_=this.getNativeBrokerErrorCode();if(_?.length)K.push(`broker_error=${_}`);let z=K.join(TP.VALUE_SEPARATOR),Y=this.getRegionDiscoveryFields(),$=[q,Y].join(TP.VALUE_SEPARATOR);return[TP.SCHEMA_VERSION,$,z].join(TP.CATEGORY_SEPARATOR)}generateLastRequestHeaderValue(){let q=this.getLastRequests(),K=S86.maxErrorsToSend(q),_=q.failedRequests.slice(0,2*K).join(TP.VALUE_SEPARATOR),z=q.errors.slice(0,K).join(TP.VALUE_SEPARATOR),Y=q.errors.length,$=K<Y?TP.OVERFLOW_TRUE:TP.OVERFLOW_FALSE,A=[Y,$].join(TP.VALUE_SEPARATOR);return[TP.SCHEMA_VERSION,q.cacheHits,_,z,A].join(TP.CATEGORY_SEPARATOR)}cacheFailedRequest(q){let K=this.getLastRequests();if(K.errors.length>=TP.MAX_CACHED_ERRORS)K.failedRequests.shift(),K.failedRequests.shift(),K.errors.shift();if(K.failedRequests.push(this.apiId,this.correlationId),q instanceof Error&&!!q&&q.toString())if(q instanceof z9)if(q.subError)K.errors.push(q.subError);else if(q.errorCode)K.errors.push(q.errorCode);else K.errors.push(q.toString());else K.errors.push(q.toString());else K.errors.push(TP.UNKNOWN_ERROR);this.cacheManager.setServerTelemetry(this.telemetryCacheKey,K,this.correlationId);return}incrementCacheHits(){let q=this.getLastRequests();return q.cacheHits+=1,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,q,this.correlationId),q.cacheHits}getLastRequests(){let q={failedRequests:[],errors:[],cacheHits:0};return this.cacheManager.getServerTelemetry(this.telemetryCacheKey)||q}clearTelemetryCache(){let q=this.getLastRequests(),K=S86.maxErrorsToSend(q),_=q.errors.length;if(K===_)this.cacheManager.removeItem(this.telemetryCacheKey,this.correlationId);else{let z={failedRequests:q.failedRequests.slice(K*2),errors:q.errors.slice(K),cacheHits:0};this.cacheManager.setServerTelemetry(this.telemetryCacheKey,z,this.correlationId)}}static maxErrorsToSend(q){let K,_=0,z=0,Y=q.errors.length;for(K=0;K<Y;K++){let $=q.failedRequests[2*K]||m1.EMPTY_STRING,A=q.failedRequests[2*K+1]||m1.EMPTY_STRING,O=q.errors[K]||m1.EMPTY_STRING;if(z+=$.toString().length+A.toString().length+O.length+3,z<TP.MAX_LAST_HEADER_BYTES)_+=1;else break}return _}getRegionDiscoveryFields(){let q=[];return q.push(this.regionUsed||m1.EMPTY_STRING),q.push(this.regionSource||m1.EMPTY_STRING),q.push(this.regionOutcome||m1.EMPTY_STRING),q.join(",")}updateRegionDiscoveryMetadata(q){this.regionUsed=q.region_used,this.regionSource=q.region_source,this.regionOutcome=q.region_outcome}setCacheOutcome(q){this.cacheOutcome=q}setNativeBrokerErrorCode(q){let K=this.getLastRequests();K.nativeBrokerErrorCode=q,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,K,this.correlationId)}getNativeBrokerErrorCode(){return this.getLastRequests().nativeBrokerErrorCode}clearNativeBrokerErrorCode(){let q=this.getLastRequests();delete q.nativeBrokerErrorCode,this.cacheManager.setServerTelemetry(this.telemetryCacheKey,q,this.correlationId)}static makeExtraSkuString(q){return ax9(q)}}var r0q=",",o0q="|";var a0q=y(()=>{lw();PS();/*! @azure/msal-common v15.13.1 2025-10-29 */});var vA=y(()=>{d0q();c0q();l0q();NQ6();OQ6();tX8();CX8();zQ6();pD1();uX8();y86();yD1();i0q();VZ6();RQ6();KQ6();RX8();LQ6();YP8();PS();vD1();EZ6();wX();aJ();V86();yn();lw();N86();a0q();ZZ6();Ff1();aX8();L86();EY6();vZ6();lf1();HP8();/*! @azure/msal-common v15.13.1 2025-10-29 */});class C86{static deserializeJSONBlob(q){return!q?{}:JSON.parse(q)}static deserializeAccounts(q){let K={};if(q)Object.keys(q).map(function(_){let z=q[_],Y={homeAccountId:z.home_account_id,environment:z.environment,realm:z.realm,localAccountId:z.local_account_id,username:z.username,authorityType:z.authority_type,name:z.name,clientInfo:z.client_info,lastModificationTime:z.last_modification_time,lastModificationApp:z.last_modification_app,tenantProfiles:z.tenantProfiles?.map((A)=>{return JSON.parse(A)}),lastUpdatedAt:Date.now().toString()},$=new jX;LY6.toObject($,Y),K[_]=$});return K}static deserializeIdTokens(q){let K={};if(q)Object.keys(q).map(function(_){let z=q[_],Y={homeAccountId:z.home_account_id,environment:z.environment,credentialType:z.credential_type,clientId:z.client_id,secret:z.secret,realm:z.realm,lastUpdatedAt:Date.now().toString()};K[_]=Y});return K}static deserializeAccessTokens(q){let K={};if(q)Object.keys(q).map(function(_){let z=q[_],Y={homeAccountId:z.home_account_id,environment:z.environment,credentialType:z.credential_type,clientId:z.client_id,secret:z.secret,realm:z.realm,target:z.target,cachedAt:z.cached_at,expiresOn:z.expires_on,extendedExpiresOn:z.extended_expires_on,refreshOn:z.refresh_on,keyId:z.key_id,tokenType:z.token_type,requestedClaims:z.requestedClaims,requestedClaimsHash:z.requestedClaimsHash,userAssertionHash:z.userAssertionHash,lastUpdatedAt:Date.now().toString()};K[_]=Y});return K}static deserializeRefreshTokens(q){let K={};if(q)Object.keys(q).map(function(_){let z=q[_],Y={homeAccountId:z.home_account_id,environment:z.environment,credentialType:z.credential_type,clientId:z.client_id,secret:z.secret,familyId:z.family_id,target:z.target,realm:z.realm,lastUpdatedAt:Date.now().toString()};K[_]=Y});return K}static deserializeAppMetadata(q){let K={};if(q)Object.keys(q).map(function(_){let z=q[_];K[_]={clientId:z.client_id,environment:z.environment,familyId:z.family_id}});return K}static deserializeAllCache(q){return{accounts:q.Account?this.deserializeAccounts(q.Account):{},idTokens:q.IdToken?this.deserializeIdTokens(q.IdToken):{},accessTokens:q.AccessToken?this.deserializeAccessTokens(q.AccessToken):{},refreshTokens:q.RefreshToken?this.deserializeRefreshTokens(q.RefreshToken):{},appMetadata:q.AppMetadata?this.deserializeAppMetadata(q.AppMetadata):{}}}}var XP8=y(()=>{vA();/*! @azure/msal-node v3.8.1 2025-10-29 */});var nf1={};T8(nf1,{Serializer:()=>az6,Deserializer:()=>C86});var s0q=y(()=>{NX8();XP8();/*! @azure/msal-node v3.8.1 2025-10-29 */});var t0q="system_assigned_managed_identity",YI9="managed_identity",if1,CV,HX,M3,u3,fH,V2,PP8,e0q="REGION_NAME",qZq="MSAL_FORCE_REGION",KZq=32,_Zq,WP8,rf1,Xv,bn,fS,DP8,zZq=4096;var N2=y(()=>{vA();/*! @azure/msal-node v3.8.1 2025-10-29 */if1=`https://login.microsoftonline.com/${YI9}/`,CV={AUTHORIZATION_HEADER_NAME:"Authorization",METADATA_HEADER_NAME:"Metadata",APP_SERVICE_SECRET_HEADER_NAME:"X-IDENTITY-HEADER",ML_AND_SF_SECRET_HEADER_NAME:"secret"},HX={API_VERSION:"api-version",RESOURCE:"resource",SHA256_TOKEN_TO_REFRESH:"token_sha256_to_refresh",XMS_CC:"xms_cc"},M3={AZURE_POD_IDENTITY_AUTHORITY_HOST:"AZURE_POD_IDENTITY_AUTHORITY_HOST",DEFAULT_IDENTITY_CLIENT_ID:"DEFAULT_IDENTITY_CLIENT_ID",IDENTITY_ENDPOINT:"IDENTITY_ENDPOINT",IDENTITY_HEADER:"IDENTITY_HEADER",IDENTITY_SERVER_THUMBPRINT:"IDENTITY_SERVER_THUMBPRINT",IMDS_ENDPOINT:"IMDS_ENDPOINT",MSI_ENDPOINT:"MSI_ENDPOINT",MSI_SECRET:"MSI_SECRET"},u3={APP_SERVICE:"AppService",AZURE_ARC:"AzureArc",CLOUD_SHELL:"CloudShell",DEFAULT_TO_IMDS:"DefaultToImds",IMDS:"Imds",MACHINE_LEARNING:"MachineLearning",SERVICE_FABRIC:"ServiceFabric"},fH={SYSTEM_ASSIGNED:"system-assigned",USER_ASSIGNED_CLIENT_ID:"user-assigned-client-id",USER_ASSIGNED_RESOURCE_ID:"user-assigned-resource-id",USER_ASSIGNED_OBJECT_ID:"user-assigned-object-id"},V2={GET:"get",POST:"post"},PP8={SUCCESS_RANGE_START:_9.SUCCESS_RANGE_START,SUCCESS_RANGE_END:_9.SUCCESS_RANGE_END,SERVER_ERROR:_9.SERVER_ERROR},_Zq={SHA256:"sha256"},WP8={CV_CHARSET:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~"},rf1={KEY_SEPARATOR:"-"},Xv={MSAL_SKU:"msal.js.node",JWT_BEARER_ASSERTION_TYPE:"urn:ietf:params:oauth:client-assertion-type:jwt-bearer",AUTHORIZATION_PENDING:"authorization_pending",HTTP_PROTOCOL:"http://",LOCALHOST:"localhost"},bn={acquireTokenSilent:62,acquireTokenByUsernamePassword:371,acquireTokenByDeviceCode:671,acquireTokenByClientCredential:771,acquireTokenByCode:871,acquireTokenByRefreshToken:872},fS={RSA_256:"RS256",PSS_256:"PS256",X5T_256:"x5t#S256",X5T:"x5t",X5C:"x5c",AUDIENCE:"aud",EXPIRATION_TIME:"exp",ISSUER:"iss",SUBJECT:"sub",NOT_BEFORE:"nbf",JWT_ID:"jti"},DP8={INTERVAL_MS:100,TIMEOUT_MS:5000}});class SQ6{static getNetworkResponse(q,K,_){return{headers:q,body:K,status:_}}static urlToHttpOptions(q){let K={protocol:q.protocol,hostname:q.hostname&&q.hostname.startsWith("[")?q.hostname.slice(1,-1):q.hostname,hash:q.hash,search:q.search,pathname:q.pathname,path:`${q.pathname||""}${q.search||""}`,href:q.href};if(q.port!=="")K.port=Number(q.port);if(q.username||q.password)K.auth=`${decodeURIComponent(q.username)}:${decodeURIComponent(q.password)}`;return K}}var YZq=y(()=>{/*! @azure/msal-node v3.8.1 2025-10-29 */});import of1 from"http";import $Zq from"https";class CQ6{constructor(q,K){this.proxyUrl=q||"",this.customAgentOptions=K||{}}async sendGetRequestAsync(q,K,_){if(this.proxyUrl)return AZq(q,this.proxyUrl,V2.GET,K,this.customAgentOptions,_);else return OZq(q,V2.GET,K,this.customAgentOptions,_)}async sendPostRequestAsync(q,K){if(this.proxyUrl)return AZq(q,this.proxyUrl,V2.POST,K,this.customAgentOptions);else return OZq(q,V2.POST,K,this.customAgentOptions)}}var AZq=(q,K,_,z,Y,$)=>{let A=new URL(q),O=new URL(K),w=z?.headers||{},j={host:O.hostname,port:O.port,method:"CONNECT",path:A.hostname,headers:w};if(Y&&Object.keys(Y).length)j.agent=new of1.Agent(Y);let H="";if(_===V2.POST){let M=z?.body||"";H=`Content-Type: application/x-www-form-urlencoded\r |
| 372 | Content-Length: ${M.length}\r |
| 373 | \r |
| 374 | ${M}`}else if($)j.timeout=$;let J=`${_.toUpperCase()} ${A.href} HTTP/1.1\r |
no test coverage detected