Merge branch 'dev' into reliability-client-telemetry

Author: sameerag

change/@azure-msal-common-36367007-286d-40e0-a10f-4e74dc2d3446.json

@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "Fix ClientAssertion configuration typing between common and node #4846",
+  "packageName": "@azure/msal-common",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}

change/@azure-msal-node-614e1963-9c1b-4a82-ac69-77bbae301521.json

@@ -0,0 +1,7 @@
+{
+  "type": "minor",
+  "comment": "Fix ClientAssertion configuration typing between common and node #4846",
+  "packageName": "@azure/msal-node",
+  "email": "[email protected]",
+  "dependentChangeType": "patch"
+}

lib/msal-common/package-lock.json

@@ -0,0 +1,20 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License.
+ */
+
+/**
+ * Client Assertion credential for Confidential Clients
+ */
+export type ClientAssertion = {
+    assertion: string,
+    assertionType: string
+};
+
+/**
+ * Client Credentials set for Confidential Clients
+ */
+export type ClientCredentials = {
+    clientSecret?: string,
+    clientAssertion?: ClientAssertion
+};

lib/msal-common/src/account/ClientCredentials.ts

@@ -226,10 +226,8 @@ export class AuthorizationCodeClient extends BaseClient {
             parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
         }
 
-        // Use clientAssertion from request, fallback to client assertion in base configuration
-        const clientAssertion = request.clientAssertion || this.config.clientCredentials.clientAssertion;
-
-        if (clientAssertion) {
+        if (this.config.clientCredentials.clientAssertion) {
+            const clientAssertion = this.config.clientCredentials.clientAssertion;
             parameterBuilder.addClientAssertion(clientAssertion.assertion);
             parameterBuilder.addClientAssertionType(clientAssertion.assertionType);
         }

lib/msal-common/src/client/AuthorizationCodeClient.ts

@@ -261,10 +261,8 @@ export class OnBehalfOfClient extends BaseClient {
             parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
         }
 
-        // Use clientAssertion from request, fallback to client assertion in base configuration
-        const clientAssertion = request.clientAssertion || this.config.clientCredentials.clientAssertion;
-
-        if (clientAssertion) {
+        if (this.config.clientCredentials.clientAssertion) {
+            const clientAssertion = this.config.clientCredentials.clientAssertion;
             parameterBuilder.addClientAssertion(clientAssertion.assertion);
             parameterBuilder.addClientAssertionType(clientAssertion.assertionType);
         }

lib/msal-common/src/client/OnBehalfOfClient.ts

@@ -199,10 +199,8 @@ export class RefreshTokenClient extends BaseClient {
             parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
         }
 
-        // Use clientAssertion from request, fallback to client assertion in base configuration
-        const clientAssertion = request.clientAssertion || this.config.clientCredentials.clientAssertion;
-
-        if (clientAssertion) {
+        if (this.config.clientCredentials.clientAssertion) {
+            const clientAssertion = this.config.clientCredentials.clientAssertion;
             parameterBuilder.addClientAssertion(clientAssertion.assertion);
             parameterBuilder.addClientAssertionType(clientAssertion.assertionType);
         }

lib/msal-common/src/client/RefreshTokenClient.ts

@@ -114,10 +114,8 @@ export class UsernamePasswordClient extends BaseClient {
             parameterBuilder.addClientSecret(this.config.clientCredentials.clientSecret);
         }
 
-        // Use clientAssertion from request, fallback to client assertion in base configuration
-        const clientAssertion = request.clientAssertion || this.config.clientCredentials.clientAssertion;
-
-        if (clientAssertion) {
+        if (this.config.clientCredentials.clientAssertion) {
+            const clientAssertion = this.config.clientCredentials.clientAssertion;
             parameterBuilder.addClientAssertion(clientAssertion.assertion);
             parameterBuilder.addClientAssertionType(clientAssertion.assertionType);
         }

lib/msal-common/src/client/UsernamePasswordClient.ts

@@ -15,6 +15,7 @@ import { CacheManager, DefaultStorageClass } from "../cache/CacheManager";
 import { ServerTelemetryManager } from "../telemetry/server/ServerTelemetryManager";
 import { ICachePlugin } from "../cache/interface/ICachePlugin";
 import { ISerializableTokenCache } from "../cache/interface/ISerializableTokenCache";
+import { ClientCredentials } from "../account/ClientCredentials";
 
 // Token renewal offset default in seconds
 const DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;
@@ -116,20 +117,6 @@ export type LibraryInfo = {
     os: string
 };
 
-/**
- * Credentials for confidential clients
- */
-
-export type ClientAssertion = {
-    assertion: string,
-    assertionType: string
-};
-
-export type ClientCredentials = {
-    clientSecret?: string,
-    clientAssertion?: ClientAssertion
-};
-
 /**
  * AzureCloudInstance specific options
  *

lib/msal-common/src/config/ClientConfiguration.ts

@@ -4,7 +4,7 @@
  */
 
 import { AuthenticationScheme } from "../utils/Constants";
-import { AzureCloudOptions, ClientAssertion } from "../config/ClientConfiguration";
+import { AzureCloudOptions } from "../config/ClientConfiguration";
 
 /**
  * BaseAuthRequest
@@ -21,7 +21,6 @@ import { AzureCloudOptions, ClientAssertion } from "../config/ClientConfiguratio
  * - sshKid                  - Key ID that uniquely identifies the SSH public key mentioned above.
  * - azureCloudOptions       - Convenience string enums for users to provide public/sovereign cloud ids
  * - requestedClaimsHash     - SHA 256 hash string of the requested claims string, used as part of an access token cache key so tokens can be filtered by requested claims
- * - clientAssertion         - Client assertion passed by the user for confidential client flows
  */
 export type BaseAuthRequest = {
     authority: string;
@@ -37,5 +36,4 @@ export type BaseAuthRequest = {
     sshKid?: string,
     azureCloudOptions?: AzureCloudOptions;
     requestedClaimsHash?: string;
-    clientAssertion?: ClientAssertion;
 };