{"version":3,"file":"InteractionHandler.js","sources":["../../src/interaction_handler/InteractionHandler.ts"],"sourcesContent":["/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { AuthorizationCodePayload, StringUtils, CommonAuthorizationCodeRequest, AuthenticationResult, AuthorizationCodeClient, AuthorityFactory, Authority, INetworkModule, ClientAuthError, CcsCredential, Logger, ServerError } from \"@azure/msal-common\";\n\nimport { BrowserCacheManager } from \"../cache/BrowserCacheManager\";\nimport { BrowserAuthError, BrowserAuthErrorMessage } from \"../error/BrowserAuthError\";\nimport { TemporaryCacheKeys } from \"../utils/BrowserConstants\";\n\nexport type InteractionParams = {};\n\n/**\n * Abstract class which defines operations for a browser interaction handling class.\n */\nexport class InteractionHandler {\n\n    protected authModule: AuthorizationCodeClient;\n    protected browserStorage: BrowserCacheManager;\n    protected authCodeRequest: CommonAuthorizationCodeRequest;\n    protected logger: Logger;\n\n    constructor(authCodeModule: AuthorizationCodeClient, storageImpl: BrowserCacheManager, authCodeRequest: CommonAuthorizationCodeRequest, logger: Logger) {\n        this.authModule = authCodeModule;\n        this.browserStorage = storageImpl;\n        this.authCodeRequest = authCodeRequest;\n        this.logger = logger;\n    }\n\n    /**\n     * Function to handle response parameters from hash.\n     * @param locationHash\n     */\n    async handleCodeResponseFromHash(locationHash: string, state: string, authority: Authority, networkModule: INetworkModule): Promise<AuthenticationResult> {\n        this.logger.verbose(\"InteractionHandler.handleCodeResponse called\");\n        // Check that location hash isn't empty.\n        if (StringUtils.isEmpty(locationHash)) {\n            throw BrowserAuthError.createEmptyHashError(locationHash);\n        }\n\n        // Handle code response.\n        const stateKey = this.browserStorage.generateStateKey(state);\n        const requestState = this.browserStorage.getTemporaryCache(stateKey);\n        if (!requestState) {\n            throw ClientAuthError.createStateNotFoundError(\"Cached State\");\n        }\n\n        let authCodeResponse;\n        try {\n            authCodeResponse = this.authModule.handleFragmentResponse(locationHash, requestState);\n        } catch (e) {\n            if (e instanceof ServerError && e.subError === BrowserAuthErrorMessage.userCancelledError.code) {\n                // Translate server error caused by user closing native prompt to corresponding first class MSAL error\n                throw BrowserAuthError.createUserCancelledError();\n            } else {\n                throw e;\n            }\n        }\n\n        return this.handleCodeResponseFromServer(authCodeResponse, state, authority, networkModule);\n    }\n\n    /**\n     * Process auth code response from AAD\n     * @param authCodeResponse \n     * @param state \n     * @param authority \n     * @param networkModule \n     * @returns \n     */\n    async handleCodeResponseFromServer(authCodeResponse: AuthorizationCodePayload, state: string, authority: Authority, networkModule: INetworkModule, validateNonce: boolean = true): Promise<AuthenticationResult> {\n        this.logger.trace(\"InteractionHandler.handleCodeResponseFromServer called\");\n\n        // Handle code response.\n        const stateKey = this.browserStorage.generateStateKey(state);\n        const requestState = this.browserStorage.getTemporaryCache(stateKey);\n        if (!requestState) {\n            throw ClientAuthError.createStateNotFoundError(\"Cached State\");\n        }\n\n        // Get cached items\n        const nonceKey = this.browserStorage.generateNonceKey(requestState);\n        const cachedNonce = this.browserStorage.getTemporaryCache(nonceKey);\n\n        // Assign code to request\n        this.authCodeRequest.code = authCodeResponse.code;\n\n        // Check for new cloud instance\n        if (authCodeResponse.cloud_instance_host_name) {\n            await this.updateTokenEndpointAuthority(authCodeResponse.cloud_instance_host_name, authority, networkModule);\n        }\n\n        // Nonce validation not needed when redirect not involved (e.g. hybrid spa, renewing token via rt)\n        if (validateNonce) {\n            authCodeResponse.nonce = cachedNonce || undefined;\n        }\n\n        authCodeResponse.state = requestState;\n\n        // Add CCS parameters if available\n        if (authCodeResponse.client_info) {\n            this.authCodeRequest.clientInfo = authCodeResponse.client_info;\n        } else {\n            const cachedCcsCred = this.checkCcsCredentials();\n            if (cachedCcsCred) {\n                this.authCodeRequest.ccsCredential = cachedCcsCred;\n            }\n        }\n\n        // Acquire token with retrieved code.\n        const tokenResponse = await this.authModule.acquireToken(this.authCodeRequest, authCodeResponse);\n        this.browserStorage.cleanRequestByState(state);\n        return tokenResponse;\n    }\n\n    /**\n     * Updates authority based on cloudInstanceHostname\n     * @param cloudInstanceHostname \n     * @param authority \n     * @param networkModule \n     */\n    protected async updateTokenEndpointAuthority(cloudInstanceHostname: string, authority: Authority, networkModule: INetworkModule): Promise<void> {\n        const cloudInstanceAuthorityUri = `https://${cloudInstanceHostname}/${authority.tenant}/`;\n        const cloudInstanceAuthority = await AuthorityFactory.createDiscoveredInstance(cloudInstanceAuthorityUri, networkModule, this.browserStorage, authority.options, this.logger);\n        this.authModule.updateAuthority(cloudInstanceAuthority);\n    }\n\n    /**\n     * Looks up ccs creds in the cache\n     */\n    protected checkCcsCredentials(): CcsCredential | null {\n        // Look up ccs credential in temp cache\n        const cachedCcsCred = this.browserStorage.getTemporaryCache(TemporaryCacheKeys.CCS_CREDENTIAL, true);\n        if (cachedCcsCred) {\n            try {\n                return JSON.parse(cachedCcsCred) as CcsCredential;\n            } catch (e) {\n                this.authModule.logger.error(\"Cache credential could not be parsed\");\n                this.authModule.logger.errorPii(`Cache credential could not be parsed: ${cachedCcsCred}`);\n            }\n        }\n        return null;\n    }\n}\n"],"names":[],"mappings":";;;;;;;AAAA;;;;AAaA;;;;IAUI,4BAAY,cAAuC,EAAE,WAAgC,EAAE,eAA+C,EAAE,MAAc;QAClJ,IAAI,CAAC,UAAU,GAAG,cAAc,CAAC;QACjC,IAAI,CAAC,cAAc,GAAG,WAAW,CAAC;QAClC,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;QACvC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;KACxB;;;;;IAMK,uDAA0B,GAAhC,UAAiC,YAAoB,EAAE,KAAa,EAAE,SAAoB,EAAE,aAA6B;;;;gBACrH,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,8CAA8C,CAAC,CAAC;;gBAEpE,IAAI,WAAW,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;oBACnC,MAAM,gBAAgB,CAAC,oBAAoB,CAAC,YAAY,CAAC,CAAC;iBAC7D;gBAGK,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;gBACvD,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;gBACrE,IAAI,CAAC,YAAY,EAAE;oBACf,MAAM,eAAe,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;iBAClE;gBAGD,IAAI;oBACA,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;iBACzF;gBAAC,OAAO,CAAC,EAAE;oBACR,IAAI,CAAC,YAAY,WAAW,IAAI,CAAC,CAAC,QAAQ,KAAK,uBAAuB,CAAC,kBAAkB,CAAC,IAAI,EAAE;;wBAE5F,MAAM,gBAAgB,CAAC,wBAAwB,EAAE,CAAC;qBACrD;yBAAM;wBACH,MAAM,CAAC,CAAC;qBACX;iBACJ;gBAED,sBAAO,IAAI,CAAC,4BAA4B,CAAC,gBAAgB,EAAE,KAAK,EAAE,SAAS,EAAE,aAAa,CAAC,EAAC;;;KAC/F;;;;;;;;;IAUK,yDAA4B,GAAlC,UAAmC,gBAA0C,EAAE,KAAa,EAAE,SAAoB,EAAE,aAA6B,EAAE,aAA6B;QAA7B,8BAAA,EAAA,oBAA6B;;;;;;wBAC5K,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;wBAGtE,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;wBACvD,YAAY,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;wBACrE,IAAI,CAAC,YAAY,EAAE;4BACf,MAAM,eAAe,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC;yBAClE;wBAGK,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC;wBAC9D,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;;wBAGpE,IAAI,CAAC,eAAe,CAAC,IAAI,GAAG,gBAAgB,CAAC,IAAI,CAAC;6BAG9C,gBAAgB,CAAC,wBAAwB,EAAzC,wBAAyC;wBACzC,qBAAM,IAAI,CAAC,4BAA4B,CAAC,gBAAgB,CAAC,wBAAwB,EAAE,SAAS,EAAE,aAAa,CAAC,EAAA;;wBAA5G,SAA4G,CAAC;;;;wBAIjH,IAAI,aAAa,EAAE;4BACf,gBAAgB,CAAC,KAAK,GAAG,WAAW,IAAI,SAAS,CAAC;yBACrD;wBAED,gBAAgB,CAAC,KAAK,GAAG,YAAY,CAAC;;wBAGtC,IAAI,gBAAgB,CAAC,WAAW,EAAE;4BAC9B,IAAI,CAAC,eAAe,CAAC,UAAU,GAAG,gBAAgB,CAAC,WAAW,CAAC;yBAClE;6BAAM;4BACG,aAAa,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;4BACjD,IAAI,aAAa,EAAE;gCACf,IAAI,CAAC,eAAe,CAAC,aAAa,GAAG,aAAa,CAAC;6BACtD;yBACJ;wBAGqB,qBAAM,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,CAAC,eAAe,EAAE,gBAAgB,CAAC,EAAA;;wBAA1F,aAAa,GAAG,SAA0E;wBAChG,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC;wBAC/C,sBAAO,aAAa,EAAC;;;;KACxB;;;;;;;IAQe,yDAA4B,GAA5C,UAA6C,qBAA6B,EAAE,SAAoB,EAAE,aAA6B;;;;;;wBACrH,yBAAyB,GAAG,aAAW,qBAAqB,SAAI,SAAS,CAAC,MAAM,MAAG,CAAC;wBAC3D,qBAAM,gBAAgB,CAAC,wBAAwB,CAAC,yBAAyB,EAAE,aAAa,EAAE,IAAI,CAAC,cAAc,EAAE,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,EAAA;;wBAAvK,sBAAsB,GAAG,SAA8I;wBAC7K,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,sBAAsB,CAAC,CAAC;;;;;KAC3D;;;;IAKS,gDAAmB,GAA7B;;QAEI,IAAM,aAAa,GAAG,IAAI,CAAC,cAAc,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QACrG,IAAI,aAAa,EAAE;YACf,IAAI;gBACA,OAAO,IAAI,CAAC,KAAK,CAAC,aAAa,CAAkB,CAAC;aACrD;YAAC,OAAO,CAAC,EAAE;gBACR,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;gBACrE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,2CAAyC,aAAe,CAAC,CAAC;aAC7F;SACJ;QACD,OAAO,IAAI,CAAC;KACf;IACL,yBAAC;AAAD,CAAC;;;;"}