{"version":3,"file":"SilentFlowClient.js","sources":["../../src/client/SilentFlowClient.ts"],"sourcesContent":["/*\n * Copyright (c) Microsoft Corporation. All rights reserved.\n * Licensed under the MIT License.\n */\n\nimport { BaseClient } from \"./BaseClient\";\nimport { ClientConfiguration } from \"../config/ClientConfiguration\";\nimport { CommonSilentFlowRequest } from \"../request/CommonSilentFlowRequest\";\nimport { AuthenticationResult } from \"../response/AuthenticationResult\";\nimport { AuthToken } from \"../account/AuthToken\";\nimport { TimeUtils } from \"../utils/TimeUtils\";\nimport { RefreshTokenClient } from \"./RefreshTokenClient\";\nimport { ClientAuthError, ClientAuthErrorMessage } from \"../error/ClientAuthError\";\nimport { ClientConfigurationError } from \"../error/ClientConfigurationError\";\nimport { ResponseHandler } from \"../response/ResponseHandler\";\nimport { CacheRecord } from \"../cache/entities/CacheRecord\";\nimport { CacheOutcome } from \"../utils/Constants\";\nimport { IPerformanceClient } from \"../telemetry/performance/IPerformanceClient\";\n\nexport class SilentFlowClient extends BaseClient {\n    \n    constructor(configuration: ClientConfiguration, performanceClient?: IPerformanceClient) {\n        super(configuration,performanceClient);\n    }\n    \n    /**\n     * Retrieves a token from cache if it is still valid, or uses the cached refresh token to renew\n     * the given token and returns the renewed token\n     * @param request\n     */\n    async acquireToken(request: CommonSilentFlowRequest): Promise<AuthenticationResult> {\n        try {\n            return await this.acquireCachedToken(request);\n        } catch (e) {\n            if (e instanceof ClientAuthError && e.errorCode === ClientAuthErrorMessage.tokenRefreshRequired.code) {\n                const refreshTokenClient = new RefreshTokenClient(this.config, this.performanceClient);\n                return refreshTokenClient.acquireTokenByRefreshToken(request);\n            } else {\n                throw e;\n            }\n        }\n    }\n    \n    /**\n     * Retrieves token from cache or throws an error if it must be refreshed.\n     * @param request\n     */\n    async acquireCachedToken(request: CommonSilentFlowRequest): Promise<AuthenticationResult> {\n        // Cannot renew token if no request object is given.\n        if (!request) {\n            throw ClientConfigurationError.createEmptyTokenRequestError();\n        }\n\n        if (request.forceRefresh) {\n            // Must refresh due to present force_refresh flag.\n            this.serverTelemetryManager?.setCacheOutcome(CacheOutcome.FORCE_REFRESH);\n            this.logger.info(\"SilentFlowClient:acquireCachedToken - Skipping cache because forceRefresh is true.\");\n            throw ClientAuthError.createRefreshRequiredError();\n        }\n\n        // We currently do not support silent flow for account === null use cases; This will be revisited for confidential flow usecases\n        if (!request.account) {\n            throw ClientAuthError.createNoAccountInSilentRequestError();\n        }\n\n        const environment = request.authority || this.authority.getPreferredCache();\n\n        const cacheRecord = this.cacheManager.readCacheRecord(request.account, this.config.authOptions.clientId, request, environment);\n\n        if (!cacheRecord.accessToken) {\n            // Must refresh due to non-existent access_token.\n            this.serverTelemetryManager?.setCacheOutcome(CacheOutcome.NO_CACHED_ACCESS_TOKEN);\n            this.logger.info(\"SilentFlowClient:acquireCachedToken - No access token found in cache for the given properties.\");\n            throw ClientAuthError.createRefreshRequiredError();\n        } else if (\n            TimeUtils.wasClockTurnedBack(cacheRecord.accessToken.cachedAt) ||\n            TimeUtils.isTokenExpired(cacheRecord.accessToken.expiresOn, this.config.systemOptions.tokenRenewalOffsetSeconds)\n        ) {\n            // Must refresh due to expired access_token.\n            this.serverTelemetryManager?.setCacheOutcome(CacheOutcome.CACHED_ACCESS_TOKEN_EXPIRED);\n            this.logger.info(`SilentFlowClient:acquireCachedToken - Cached access token is expired or will expire within ${this.config.systemOptions.tokenRenewalOffsetSeconds} seconds.`);\n            throw ClientAuthError.createRefreshRequiredError();\n        } else if (cacheRecord.accessToken.refreshOn && TimeUtils.isTokenExpired(cacheRecord.accessToken.refreshOn, 0)) {\n            // Must refresh due to the refresh_in value.\n            this.serverTelemetryManager?.setCacheOutcome(CacheOutcome.REFRESH_CACHED_ACCESS_TOKEN);\n            this.logger.info(\"SilentFlowClient:acquireCachedToken - Cached access token's refreshOn property has been exceeded'.\");\n            throw ClientAuthError.createRefreshRequiredError();\n        }\n\n        if (this.config.serverTelemetryManager) {\n            this.config.serverTelemetryManager.incrementCacheHits();\n        }\n\n        return await this.generateResultFromCacheRecord(cacheRecord, request);\n    }\n\n    /**\n     * Helper function to build response object from the CacheRecord\n     * @param cacheRecord\n     */\n    private async generateResultFromCacheRecord(cacheRecord: CacheRecord, request: CommonSilentFlowRequest): Promise<AuthenticationResult> {\n        let idTokenObj: AuthToken | undefined;\n        if (cacheRecord.idToken) {\n            idTokenObj = new AuthToken(cacheRecord.idToken.secret, this.config.cryptoInterface);\n        }\n\n        // token max_age check\n        if (request.maxAge || (request.maxAge === 0)) {\n            const authTime = idTokenObj?.claims.auth_time;\n            if (!authTime) {\n                throw ClientAuthError.createAuthTimeNotFoundError();\n            }\n\n            AuthToken.checkMaxAge(authTime, request.maxAge);\n        }\n\n        return await ResponseHandler.generateAuthenticationResult(\n            this.cryptoUtils,\n            this.authority,\n            cacheRecord,\n            true,\n            request,\n            idTokenObj\n        );\n    }\n}\n"],"names":[],"mappings":";;;;;;;;;;;;AAAA;;;AAGG;AAgBH,IAAA,gBAAA,kBAAA,UAAA,MAAA,EAAA;IAAsC,SAAU,CAAA,gBAAA,EAAA,MAAA,CAAA,CAAA;IAE5C,SAAY,gBAAA,CAAA,aAAkC,EAAE,iBAAsC,EAAA;eAClF,MAAM,CAAA,IAAA,CAAA,IAAA,EAAA,aAAa,EAAC,iBAAiB,CAAC,IAAA,IAAA,CAAA;KACzC;AAED;;;;AAIG;IACG,gBAAY,CAAA,SAAA,CAAA,YAAA,GAAlB,UAAmB,OAAgC,EAAA;;;;;;;AAEpC,wBAAA,OAAA,CAAA,CAAA,YAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA,CAAA;AAA7C,oBAAA,KAAA,CAAA,EAAA,OAAA,CAAA,CAAA,aAAO,SAAsC,CAAC,CAAA;;;AAE9C,wBAAA,IAAI,GAAC,YAAY,eAAe,IAAI,GAAC,CAAC,SAAS,KAAK,sBAAsB,CAAC,oBAAoB,CAAC,IAAI,EAAE;AAC5F,4BAAA,kBAAkB,GAAG,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,iBAAiB,CAAC,CAAC;AACvF,4BAAA,OAAA,CAAA,CAAA,aAAO,kBAAkB,CAAC,0BAA0B,CAAC,OAAO,CAAC,CAAC,CAAA;AACjE,yBAAA;AAAM,6BAAA;AACH,4BAAA,MAAM,GAAC,CAAC;AACX,yBAAA;;;;;AAER,KAAA,CAAA;AAED;;;AAGG;IACG,gBAAkB,CAAA,SAAA,CAAA,kBAAA,GAAxB,UAAyB,OAAgC,EAAA;;;;;;;;wBAErD,IAAI,CAAC,OAAO,EAAE;AACV,4BAAA,MAAM,wBAAwB,CAAC,4BAA4B,EAAE,CAAC;AACjE,yBAAA;wBAED,IAAI,OAAO,CAAC,YAAY,EAAE;;4BAEtB,CAAA,EAAA,GAAA,IAAI,CAAC,sBAAsB,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAE,eAAe,CAAC,YAAY,CAAC,aAAa,CAAE,CAAA;AACzE,4BAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oFAAoF,CAAC,CAAC;AACvG,4BAAA,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;AACtD,yBAAA;;AAGD,wBAAA,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE;AAClB,4BAAA,MAAM,eAAe,CAAC,mCAAmC,EAAE,CAAC;AAC/D,yBAAA;wBAEK,WAAW,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE,CAAC;wBAEtE,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AAE/H,wBAAA,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE;;4BAE1B,CAAA,EAAA,GAAA,IAAI,CAAC,sBAAsB,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAE,eAAe,CAAC,YAAY,CAAC,sBAAsB,CAAE,CAAA;AAClF,4BAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gGAAgG,CAAC,CAAC;AACnH,4BAAA,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;AACtD,yBAAA;6BAAM,IACH,SAAS,CAAC,kBAAkB,CAAC,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC;AAC9D,4BAAA,SAAS,CAAC,cAAc,CAAC,WAAW,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,yBAAyB,CAAC,EAClH;;4BAEE,CAAA,EAAA,GAAA,IAAI,CAAC,sBAAsB,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAE,eAAe,CAAC,YAAY,CAAC,2BAA2B,CAAE,CAAA;AACvF,4BAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6FAA8F,GAAA,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,yBAAyB,GAAA,WAAW,CAAC,CAAC;AAC/K,4BAAA,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;AACtD,yBAAA;AAAM,6BAAA,IAAI,WAAW,CAAC,WAAW,CAAC,SAAS,IAAI,SAAS,CAAC,cAAc,CAAC,WAAW,CAAC,WAAW,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE;;4BAE5G,CAAA,EAAA,GAAA,IAAI,CAAC,sBAAsB,MAAA,IAAA,IAAA,EAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,EAAA,CAAE,eAAe,CAAC,YAAY,CAAC,2BAA2B,CAAE,CAAA;AACvF,4BAAA,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oGAAoG,CAAC,CAAC;AACvH,4BAAA,MAAM,eAAe,CAAC,0BAA0B,EAAE,CAAC;AACtD,yBAAA;AAED,wBAAA,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE;AACpC,4BAAA,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC,kBAAkB,EAAE,CAAC;AAC3D,yBAAA;wBAEM,OAAM,CAAA,CAAA,YAAA,IAAI,CAAC,6BAA6B,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA,CAAA;AAArE,oBAAA,KAAA,CAAA,EAAA,OAAA,CAAA,CAAA,aAAO,SAA8D,CAAC,CAAA;;;;AACzE,KAAA,CAAA;AAED;;;AAGG;AACW,IAAA,gBAAA,CAAA,SAAA,CAAA,6BAA6B,GAA3C,UAA4C,WAAwB,EAAE,OAAgC,EAAA;;;;;;wBAElG,IAAI,WAAW,CAAC,OAAO,EAAE;AACrB,4BAAA,UAAU,GAAG,IAAI,SAAS,CAAC,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;AACvF,yBAAA;;wBAGD,IAAI,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE;4BACpC,QAAQ,GAAG,UAAU,KAAA,IAAA,IAAV,UAAU,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAV,UAAU,CAAE,MAAM,CAAC,SAAS,CAAC;4BAC9C,IAAI,CAAC,QAAQ,EAAE;AACX,gCAAA,MAAM,eAAe,CAAC,2BAA2B,EAAE,CAAC;AACvD,6BAAA;4BAED,SAAS,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AACnD,yBAAA;wBAEM,OAAM,CAAA,CAAA,YAAA,eAAe,CAAC,4BAA4B,CACrD,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,SAAS,EACd,WAAW,EACX,IAAI,EACJ,OAAO,EACP,UAAU,CACb,CAAA,CAAA;AAPD,oBAAA,KAAA,CAAA,EAAA,OAAA,CAAA,CAAA,aAAO,SAON,CAAC,CAAA;;;;AACL,KAAA,CAAA;IACL,OAAC,gBAAA,CAAA;AAAD,CA1GA,CAAsC,UAAU,CA0G/C;;;;"}