tri11paragon
/
LookAtMySuitBot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
LookAtMySuitBot/js/node_modules/@azure/msal-common/dist/request/RequestParameterBuilder.mjs

393 lines
13 KiB
JavaScript
Raw Blame History

/*! @azure/msal-common v14.4.0 2023-11-07 */
'use strict';
import { AADServerParamKeys, Constants, ResponseMode, OIDC_DEFAULT_SCOPES, SSOTypes, HeaderNames, CLIENT_INFO, ClaimsRequestKeys, PasswordGrantConstants, AuthenticationScheme, ThrottlingConstants } from '../utils/Constants.mjs';
import { ScopeSet } from './ScopeSet.mjs';
import { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';
import { RequestValidator } from './RequestValidator.mjs';
import { pkceParamsMissing, invalidClaims } from '../error/ClientConfigurationErrorCodes.mjs';
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/** @internal */
class RequestParameterBuilder {
constructor() {
this.parameters = new Map();
}
/**
* add response_type = code
*/
addResponseTypeCode() {
this.parameters.set(AADServerParamKeys.RESPONSE_TYPE, encodeURIComponent(Constants.CODE_RESPONSE_TYPE));
}
/**
* add response_type = token id_token
*/
addResponseTypeForTokenAndIdToken() {
this.parameters.set(AADServerParamKeys.RESPONSE_TYPE, encodeURIComponent(`${Constants.TOKEN_RESPONSE_TYPE} ${Constants.ID_TOKEN_RESPONSE_TYPE}`));
}
/**
* add response_mode. defaults to query.
* @param responseMode
*/
addResponseMode(responseMode) {
this.parameters.set(AADServerParamKeys.RESPONSE_MODE, encodeURIComponent(responseMode ? responseMode : ResponseMode.QUERY));
}
/**
* Add flag to indicate STS should attempt to use WAM if available
*/
addNativeBroker() {
this.parameters.set(AADServerParamKeys.NATIVE_BROKER, encodeURIComponent("1"));
}
/**
* add scopes. set addOidcScopes to false to prevent default scopes in non-user scenarios
* @param scopeSet
* @param addOidcScopes
*/
addScopes(scopes, addOidcScopes = true, defaultScopes = OIDC_DEFAULT_SCOPES) {
// Always add openid to the scopes when adding OIDC scopes
if (addOidcScopes &&
!defaultScopes.includes("openid") &&
!scopes.includes("openid")) {
defaultScopes.push("openid");
}
const requestScopes = addOidcScopes
? [...(scopes || []), ...defaultScopes]
: scopes || [];
const scopeSet = new ScopeSet(requestScopes);
this.parameters.set(AADServerParamKeys.SCOPE, encodeURIComponent(scopeSet.printScopes()));
}
/**
* add clientId
* @param clientId
*/
addClientId(clientId) {
this.parameters.set(AADServerParamKeys.CLIENT_ID, encodeURIComponent(clientId));
}
/**
* add redirect_uri
* @param redirectUri
*/
addRedirectUri(redirectUri) {
RequestValidator.validateRedirectUri(redirectUri);
this.parameters.set(AADServerParamKeys.REDIRECT_URI, encodeURIComponent(redirectUri));
}
/**
* add post logout redirectUri
* @param redirectUri
*/
addPostLogoutRedirectUri(redirectUri) {
RequestValidator.validateRedirectUri(redirectUri);
this.parameters.set(AADServerParamKeys.POST_LOGOUT_URI, encodeURIComponent(redirectUri));
}
/**
* add id_token_hint to logout request
* @param idTokenHint
*/
addIdTokenHint(idTokenHint) {
this.parameters.set(AADServerParamKeys.ID_TOKEN_HINT, encodeURIComponent(idTokenHint));
}
/**
* add domain_hint
* @param domainHint
*/
addDomainHint(domainHint) {
this.parameters.set(SSOTypes.DOMAIN_HINT, encodeURIComponent(domainHint));
}
/**
* add login_hint
* @param loginHint
*/
addLoginHint(loginHint) {
this.parameters.set(SSOTypes.LOGIN_HINT, encodeURIComponent(loginHint));
}
/**
* Adds the CCS (Cache Credential Service) query parameter for login_hint
* @param loginHint
*/
addCcsUpn(loginHint) {
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`UPN:${loginHint}`));
}
/**
* Adds the CCS (Cache Credential Service) query parameter for account object
* @param loginHint
*/
addCcsOid(clientInfo) {
this.parameters.set(HeaderNames.CCS_HEADER, encodeURIComponent(`Oid:${clientInfo.uid}@${clientInfo.utid}`));
}
/**
* add sid
* @param sid
*/
addSid(sid) {
this.parameters.set(SSOTypes.SID, encodeURIComponent(sid));
}
/**
* add claims
* @param claims
*/
addClaims(claims, clientCapabilities) {
const mergedClaims = this.addClientCapabilitiesToClaims(claims, clientCapabilities);
RequestValidator.validateClaims(mergedClaims);
this.parameters.set(AADServerParamKeys.CLAIMS, encodeURIComponent(mergedClaims));
}
/**
* add correlationId
* @param correlationId
*/
addCorrelationId(correlationId) {
this.parameters.set(AADServerParamKeys.CLIENT_REQUEST_ID, encodeURIComponent(correlationId));
}
/**
* add library info query params
* @param libraryInfo
*/
addLibraryInfo(libraryInfo) {
// Telemetry Info
this.parameters.set(AADServerParamKeys.X_CLIENT_SKU, libraryInfo.sku);
this.parameters.set(AADServerParamKeys.X_CLIENT_VER, libraryInfo.version);
if (libraryInfo.os) {
this.parameters.set(AADServerParamKeys.X_CLIENT_OS, libraryInfo.os);
}
if (libraryInfo.cpu) {
this.parameters.set(AADServerParamKeys.X_CLIENT_CPU, libraryInfo.cpu);
}
}
/**
* Add client telemetry parameters
* @param appTelemetry
*/
addApplicationTelemetry(appTelemetry) {
if (appTelemetry?.appName) {
this.parameters.set(AADServerParamKeys.X_APP_NAME, appTelemetry.appName);
}
if (appTelemetry?.appVersion) {
this.parameters.set(AADServerParamKeys.X_APP_VER, appTelemetry.appVersion);
}
}
/**
* add prompt
* @param prompt
*/
addPrompt(prompt) {
RequestValidator.validatePrompt(prompt);
this.parameters.set(`${AADServerParamKeys.PROMPT}`, encodeURIComponent(prompt));
}
/**
* add state
* @param state
*/
addState(state) {
if (state) {
this.parameters.set(AADServerParamKeys.STATE, encodeURIComponent(state));
}
}
/**
* add nonce
* @param nonce
*/
addNonce(nonce) {
this.parameters.set(AADServerParamKeys.NONCE, encodeURIComponent(nonce));
}
/**
* add code_challenge and code_challenge_method
* - throw if either of them are not passed
* @param codeChallenge
* @param codeChallengeMethod
*/
addCodeChallengeParams(codeChallenge, codeChallengeMethod) {
RequestValidator.validateCodeChallengeParams(codeChallenge, codeChallengeMethod);
if (codeChallenge && codeChallengeMethod) {
this.parameters.set(AADServerParamKeys.CODE_CHALLENGE, encodeURIComponent(codeChallenge));
this.parameters.set(AADServerParamKeys.CODE_CHALLENGE_METHOD, encodeURIComponent(codeChallengeMethod));
}
else {
throw createClientConfigurationError(pkceParamsMissing);
}
}
/**
* add the `authorization_code` passed by the user to exchange for a token
* @param code
*/
addAuthorizationCode(code) {
this.parameters.set(AADServerParamKeys.CODE, encodeURIComponent(code));
}
/**
* add the `authorization_code` passed by the user to exchange for a token
* @param code
*/
addDeviceCode(code) {
this.parameters.set(AADServerParamKeys.DEVICE_CODE, encodeURIComponent(code));
}
/**
* add the `refreshToken` passed by the user
* @param refreshToken
*/
addRefreshToken(refreshToken) {
this.parameters.set(AADServerParamKeys.REFRESH_TOKEN, encodeURIComponent(refreshToken));
}
/**
* add the `code_verifier` passed by the user to exchange for a token
* @param codeVerifier
*/
addCodeVerifier(codeVerifier) {
this.parameters.set(AADServerParamKeys.CODE_VERIFIER, encodeURIComponent(codeVerifier));
}
/**
* add client_secret
* @param clientSecret
*/
addClientSecret(clientSecret) {
this.parameters.set(AADServerParamKeys.CLIENT_SECRET, encodeURIComponent(clientSecret));
}
/**
* add clientAssertion for confidential client flows
* @param clientAssertion
*/
addClientAssertion(clientAssertion) {
if (clientAssertion) {
this.parameters.set(AADServerParamKeys.CLIENT_ASSERTION, encodeURIComponent(clientAssertion));
}
}
/**
* add clientAssertionType for confidential client flows
* @param clientAssertionType
*/
addClientAssertionType(clientAssertionType) {
if (clientAssertionType) {
this.parameters.set(AADServerParamKeys.CLIENT_ASSERTION_TYPE, encodeURIComponent(clientAssertionType));
}
}
/**
* add OBO assertion for confidential client flows
* @param clientAssertion
*/
addOboAssertion(oboAssertion) {
this.parameters.set(AADServerParamKeys.OBO_ASSERTION, encodeURIComponent(oboAssertion));
}
/**
* add grant type
* @param grantType
*/
addRequestTokenUse(tokenUse) {
this.parameters.set(AADServerParamKeys.REQUESTED_TOKEN_USE, encodeURIComponent(tokenUse));
}
/**
* add grant type
* @param grantType
*/
addGrantType(grantType) {
this.parameters.set(AADServerParamKeys.GRANT_TYPE, encodeURIComponent(grantType));
}
/**
* add client info
*
*/
addClientInfo() {
this.parameters.set(CLIENT_INFO, "1");
}
/**
* add extraQueryParams
* @param eQParams
*/
addExtraQueryParameters(eQParams) {
const sanitizedEQParams = RequestValidator.sanitizeEQParams(eQParams, this.parameters);
Object.keys(sanitizedEQParams).forEach((key) => {
this.parameters.set(key, eQParams[key]);
});
}
addClientCapabilitiesToClaims(claims, clientCapabilities) {
let mergedClaims;
// Parse provided claims into JSON object or initialize empty object
if (!claims) {
mergedClaims = {};
}
else {
try {
mergedClaims = JSON.parse(claims);
}
catch (e) {
throw createClientConfigurationError(invalidClaims);
}
}
if (clientCapabilities && clientCapabilities.length > 0) {
if (!mergedClaims.hasOwnProperty(ClaimsRequestKeys.ACCESS_TOKEN)) {
// Add access_token key to claims object
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN] = {};
}
// Add xms_cc claim with provided clientCapabilities to access_token key
mergedClaims[ClaimsRequestKeys.ACCESS_TOKEN][ClaimsRequestKeys.XMS_CC] = {
values: clientCapabilities,
};
}
return JSON.stringify(mergedClaims);
}
/**
* adds `username` for Password Grant flow
* @param username
*/
addUsername(username) {
this.parameters.set(PasswordGrantConstants.username, encodeURIComponent(username));
}
/**
* adds `password` for Password Grant flow
* @param password
*/
addPassword(password) {
this.parameters.set(PasswordGrantConstants.password, encodeURIComponent(password));
}
/**
* add pop_jwk to query params
* @param cnfString
*/
addPopToken(cnfString) {
if (cnfString) {
this.parameters.set(AADServerParamKeys.TOKEN_TYPE, AuthenticationScheme.POP);
this.parameters.set(AADServerParamKeys.REQ_CNF, encodeURIComponent(cnfString));
}
}
/**
* add SSH JWK and key ID to query params
*/
addSshJwk(sshJwkString) {
if (sshJwkString) {
this.parameters.set(AADServerParamKeys.TOKEN_TYPE, AuthenticationScheme.SSH);
this.parameters.set(AADServerParamKeys.REQ_CNF, encodeURIComponent(sshJwkString));
}
}
/**
* add server telemetry fields
* @param serverTelemetryManager
*/
addServerTelemetry(serverTelemetryManager) {
this.parameters.set(AADServerParamKeys.X_CLIENT_CURR_TELEM, serverTelemetryManager.generateCurrentRequestHeaderValue());
this.parameters.set(AADServerParamKeys.X_CLIENT_LAST_TELEM, serverTelemetryManager.generateLastRequestHeaderValue());
}
/**
* Adds parameter that indicates to the server that throttling is supported
*/
addThrottling() {
this.parameters.set(AADServerParamKeys.X_MS_LIB_CAPABILITY, ThrottlingConstants.X_MS_LIB_CAPABILITY_VALUE);
}
/**
* Adds logout_hint parameter for "silent" logout which prevent server account picker
*/
addLogoutHint(logoutHint) {
this.parameters.set(AADServerParamKeys.LOGOUT_HINT, encodeURIComponent(logoutHint));
}
/**
* Utility to create a URL from the params map
*/
createQueryString() {
const queryParameterArray = new Array();
this.parameters.forEach((value, key) => {
queryParameterArray.push(`${key}=${value}`);
});
return queryParameterArray.join("&");
}
}
export { RequestParameterBuilder };
//# sourceMappingURL=RequestParameterBuilder.mjs.map
Reference in New Issue View Git Blame Copy Permalink