import { AccountFilter, CredentialFilter, ValidCredentialType, AppMetadataFilter, AppMetadataCache, TokenKeys } from "./utils/CacheTypes"; import { CacheRecord } from "./entities/CacheRecord"; import { AccountEntity } from "./entities/AccountEntity"; import { AccessTokenEntity } from "./entities/AccessTokenEntity"; import { IdTokenEntity } from "./entities/IdTokenEntity"; import { RefreshTokenEntity } from "./entities/RefreshTokenEntity"; import { ICacheManager } from "./interface/ICacheManager"; import { AccountInfo } from "../account/AccountInfo"; import { AppMetadataEntity } from "./entities/AppMetadataEntity"; import { ServerTelemetryEntity } from "./entities/ServerTelemetryEntity"; import { ThrottlingEntity } from "./entities/ThrottlingEntity"; import { ICrypto } from "../crypto/ICrypto"; import { AuthorityMetadataEntity } from "./entities/AuthorityMetadataEntity"; import { BaseAuthRequest } from "../request/BaseAuthRequest"; import { Logger } from "../logger/Logger"; import { StoreInCache } from "../request/StoreInCache"; import { StaticAuthorityOptions } from "../authority/AuthorityOptions"; import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient"; /** * Interface class which implement cache storage functions used by MSAL to perform validity checks, and store tokens. * @internal */ export declare abstract class CacheManager implements ICacheManager { protected clientId: string; protected cryptoImpl: ICrypto; private commonLogger; private staticAuthorityOptions?; constructor(clientId: string, cryptoImpl: ICrypto, logger: Logger, staticAuthorityOptions?: StaticAuthorityOptions); /** * fetch the account entity from the platform cache * @param accountKey */ abstract getAccount(accountKey: string, logger?: Logger): AccountEntity | null; /** * Returns deserialized account if found in the cache, otherwiser returns null */ abstract getCachedAccountEntity(accountKey: string): AccountEntity | null; /** * set account entity in the platform cache * @param account */ abstract setAccount(account: AccountEntity): void; /** * remove account entity from the platform cache if it's outdated */ abstract removeOutdatedAccount(accountKey: string): void; /** * fetch the idToken entity from the platform cache * @param idTokenKey */ abstract getIdTokenCredential(idTokenKey: string): IdTokenEntity | null; /** * set idToken entity to the platform cache * @param idToken */ abstract setIdTokenCredential(idToken: IdTokenEntity): void; /** * fetch the idToken entity from the platform cache * @param accessTokenKey */ abstract getAccessTokenCredential(accessTokenKey: string): AccessTokenEntity | null; /** * set idToken entity to the platform cache * @param accessToken */ abstract setAccessTokenCredential(accessToken: AccessTokenEntity): void; /** * fetch the idToken entity from the platform cache * @param refreshTokenKey */ abstract getRefreshTokenCredential(refreshTokenKey: string): RefreshTokenEntity | null; /** * set idToken entity to the platform cache * @param refreshToken */ abstract setRefreshTokenCredential(refreshToken: RefreshTokenEntity): void; /** * fetch appMetadata entity from the platform cache * @param appMetadataKey */ abstract getAppMetadata(appMetadataKey: string): AppMetadataEntity | null; /** * set appMetadata entity to the platform cache * @param appMetadata */ abstract setAppMetadata(appMetadata: AppMetadataEntity): void; /** * fetch server telemetry entity from the platform cache * @param serverTelemetryKey */ abstract getServerTelemetry(serverTelemetryKey: string): ServerTelemetryEntity | null; /** * set server telemetry entity to the platform cache * @param serverTelemetryKey * @param serverTelemetry */ abstract setServerTelemetry(serverTelemetryKey: string, serverTelemetry: ServerTelemetryEntity): void; /** * fetch cloud discovery metadata entity from the platform cache * @param key */ abstract getAuthorityMetadata(key: string): AuthorityMetadataEntity | null; /** * */ abstract getAuthorityMetadataKeys(): Array; /** * set cloud discovery metadata entity to the platform cache * @param key * @param value */ abstract setAuthorityMetadata(key: string, value: AuthorityMetadataEntity): void; /** * fetch throttling entity from the platform cache * @param throttlingCacheKey */ abstract getThrottlingCache(throttlingCacheKey: string): ThrottlingEntity | null; /** * set throttling entity to the platform cache * @param throttlingCacheKey * @param throttlingCache */ abstract setThrottlingCache(throttlingCacheKey: string, throttlingCache: ThrottlingEntity): void; /** * Function to remove an item from cache given its key. * @param key */ abstract removeItem(key: string): void; /** * Function which retrieves all current keys from the cache. */ abstract getKeys(): string[]; /** * Function which retrieves all account keys from the cache */ abstract getAccountKeys(): string[]; /** * Function which retrieves all token keys from the cache */ abstract getTokenKeys(): TokenKeys; /** * Function which clears cache. */ abstract clear(): Promise; /** * Function which updates an outdated credential cache key */ abstract updateCredentialCacheKey(currentCacheKey: string, credential: ValidCredentialType): string; /** * Returns all the accounts in the cache that match the optional filter. If no filter is provided, all accounts are returned. * @param accountFilter - (Optional) filter to narrow down the accounts returned * @returns Array of AccountInfo objects in cache */ getAllAccounts(accountFilter?: AccountFilter): AccountInfo[]; /** * Gets first tenanted AccountInfo object found based on provided filters */ getAccountInfoFilteredBy(accountFilter: AccountFilter): AccountInfo | null; /** * Returns a single matching * @param accountFilter * @returns */ getBaseAccountInfo(accountFilter: AccountFilter): AccountInfo | null; /** * Matches filtered account entities with cached ID tokens that match the tenant profile-specific account filters * and builds the account info objects from the matching ID token's claims * @param cachedAccounts * @param accountFilter * @returns Array of AccountInfo objects that match account and tenant profile filters */ private buildTenantProfiles; private getTenantedAccountInfoByFilter; private getTenantProfilesFromAccountEntity; private tenantProfileMatchesFilter; private idTokenClaimsMatchTenantProfileFilter; /** * saves a cache record * @param cacheRecord {CacheRecord} * @param storeInCache {?StoreInCache} * @param correlationId {?string} correlation id */ saveCacheRecord(cacheRecord: CacheRecord, storeInCache?: StoreInCache, correlationId?: string): Promise; /** * saves access token credential * @param credential */ private saveAccessToken; /** * Retrieve account entities matching all provided tenant-agnostic filters; if no filter is set, get all account entities in the cache * Not checking for casing as keys are all generated in lower case, remember to convert to lower case if object properties are compared * @param accountFilter - An object containing Account properties to filter by */ getAccountsFilteredBy(accountFilter: AccountFilter): AccountEntity[]; /** * Returns true if the given key matches our account key schema. Also matches homeAccountId and/or tenantId if provided * @param key * @param homeAccountId * @param tenantId * @returns */ isAccountKey(key: string, homeAccountId?: string, tenantId?: string): boolean; /** * Returns true if the given key matches our credential key schema. * @param key */ isCredentialKey(key: string): boolean; /** * Returns whether or not the given credential entity matches the filter * @param entity * @param filter * @returns */ credentialMatchesFilter(entity: ValidCredentialType, filter: CredentialFilter): boolean; /** * retrieve appMetadata matching all provided filters; if no filter is set, get all appMetadata * @param filter */ getAppMetadataFilteredBy(filter: AppMetadataFilter): AppMetadataCache; /** * retrieve authorityMetadata that contains a matching alias * @param filter */ getAuthorityMetadataByAlias(host: string): AuthorityMetadataEntity | null; /** * Removes all accounts and related tokens from cache. */ removeAllAccounts(): Promise; /** * Removes the account and related tokens for a given account key * @param account */ removeAccount(accountKey: string): Promise; /** * Removes credentials associated with the provided account * @param account */ removeAccountContext(account: AccountEntity): Promise; /** * Migrates a single-tenant account and all it's associated alternate cross-tenant account objects in the * cache into a condensed multi-tenant account object with tenant profiles. * @param accountKey * @param accountEntity * @param logger * @returns */ protected updateOutdatedCachedAccount(accountKey: string, accountEntity: AccountEntity | null, logger?: Logger): AccountEntity | null; /** * returns a boolean if the given credential is removed * @param credential */ removeAccessToken(key: string): Promise; /** * Removes all app metadata objects from cache. */ removeAppMetadata(): boolean; /** * Retrieve AccountEntity from cache * @param account */ readAccountFromCache(account: AccountInfo): AccountEntity | null; /** * Retrieve IdTokenEntity from cache * @param account {AccountInfo} * @param tokenKeys {?TokenKeys} * @param targetRealm {?string} * @param performanceClient {?IPerformanceClient} * @param correlationId {?string} */ getIdToken(account: AccountInfo, tokenKeys?: TokenKeys, targetRealm?: string, performanceClient?: IPerformanceClient, correlationId?: string): IdTokenEntity | null; /** * Gets all idTokens matching the given filter * @param filter * @returns */ getIdTokensByFilter(filter: CredentialFilter, tokenKeys?: TokenKeys): Map; /** * Validate the cache key against filter before retrieving and parsing cache value * @param key * @param filter * @returns */ idTokenKeyMatchesFilter(inputKey: string, filter: CredentialFilter): boolean; /** * Removes idToken from the cache * @param key */ removeIdToken(key: string): void; /** * Removes refresh token from the cache * @param key */ removeRefreshToken(key: string): void; /** * Retrieve AccessTokenEntity from cache * @param account {AccountInfo} * @param request {BaseAuthRequest} * @param tokenKeys {?TokenKeys} * @param performanceClient {?IPerformanceClient} * @param correlationId {?string} */ getAccessToken(account: AccountInfo, request: BaseAuthRequest, tokenKeys?: TokenKeys, targetRealm?: string, performanceClient?: IPerformanceClient, correlationId?: string): AccessTokenEntity | null; /** * Validate the cache key against filter before retrieving and parsing cache value * @param key * @param filter * @param keyMustContainAllScopes * @returns */ accessTokenKeyMatchesFilter(inputKey: string, filter: CredentialFilter, keyMustContainAllScopes: boolean): boolean; /** * Gets all access tokens matching the filter * @param filter * @returns */ getAccessTokensByFilter(filter: CredentialFilter): AccessTokenEntity[]; /** * Helper to retrieve the appropriate refresh token from cache * @param account {AccountInfo} * @param familyRT {boolean} * @param tokenKeys {?TokenKeys} * @param performanceClient {?IPerformanceClient} * @param correlationId {?string} */ getRefreshToken(account: AccountInfo, familyRT: boolean, tokenKeys?: TokenKeys, performanceClient?: IPerformanceClient, correlationId?: string): RefreshTokenEntity | null; /** * Validate the cache key against filter before retrieving and parsing cache value * @param key * @param filter */ refreshTokenKeyMatchesFilter(inputKey: string, filter: CredentialFilter): boolean; /** * Retrieve AppMetadataEntity from cache */ readAppMetadataFromCache(environment: string): AppMetadataEntity | null; /** * Return the family_id value associated with FOCI * @param environment * @param clientId */ isAppMetadataFOCI(environment: string): boolean; /** * helper to match account ids * @param value * @param homeAccountId */ private matchHomeAccountId; /** * helper to match account ids * @param entity * @param localAccountId * @returns */ private matchLocalAccountIdFromTokenClaims; private matchLocalAccountIdFromTenantProfile; /** * helper to match names * @param entity * @param name * @returns true if the downcased name properties are present and match in the filter and the entity */ private matchName; /** * helper to match usernames * @param entity * @param username * @returns */ private matchUsername; /** * helper to match assertion * @param value * @param oboAssertion */ private matchUserAssertionHash; /** * helper to match environment * @param value * @param environment */ private matchEnvironment; /** * helper to match credential type * @param entity * @param credentialType */ private matchCredentialType; /** * helper to match client ids * @param entity * @param clientId */ private matchClientId; /** * helper to match family ids * @param entity * @param familyId */ private matchFamilyId; /** * helper to match realm * @param entity * @param realm */ private matchRealm; /** * helper to match nativeAccountId * @param entity * @param nativeAccountId * @returns boolean indicating the match result */ private matchNativeAccountId; /** * helper to match loginHint which can be either: * 1. login_hint ID token claim * 2. username in cached account object * 3. upn in ID token claims * @param entity * @param loginHint * @returns */ private matchLoginHintFromTokenClaims; /** * Helper to match sid * @param entity * @param sid * @returns true if the sid claim is present and matches the filter */ private matchSid; private matchAuthorityType; /** * Returns true if the target scopes are a subset of the current entity's scopes, false otherwise. * @param entity * @param target */ private matchTarget; /** * Returns true if the credential's tokenType or Authentication Scheme matches the one in the request, false otherwise * @param entity * @param tokenType */ private matchTokenType; /** * Returns true if the credential's keyId matches the one in the request, false otherwise * @param entity * @param keyId */ private matchKeyId; /** * returns if a given cache entity is of the type appmetadata * @param key */ private isAppMetadata; /** * returns if a given cache entity is of the type authoritymetadata * @param key */ protected isAuthorityMetadata(key: string): boolean; /** * returns cache key used for cloud instance metadata */ generateAuthorityMetadataCacheKey(authority: string): string; /** * Helper to convert serialized data to object * @param obj * @param json */ static toObject(obj: T, json: object): T; } /** @internal */ export declare class DefaultStorageClass extends CacheManager { setAccount(): void; getAccount(): AccountEntity; getCachedAccountEntity(): AccountEntity | null; setIdTokenCredential(): void; getIdTokenCredential(): IdTokenEntity; setAccessTokenCredential(): void; getAccessTokenCredential(): AccessTokenEntity; setRefreshTokenCredential(): void; getRefreshTokenCredential(): RefreshTokenEntity; setAppMetadata(): void; getAppMetadata(): AppMetadataEntity; setServerTelemetry(): void; getServerTelemetry(): ServerTelemetryEntity; setAuthorityMetadata(): void; getAuthorityMetadata(): AuthorityMetadataEntity | null; getAuthorityMetadataKeys(): Array; setThrottlingCache(): void; getThrottlingCache(): ThrottlingEntity; removeItem(): boolean; getKeys(): string[]; getAccountKeys(): string[]; getTokenKeys(): TokenKeys; clear(): Promise; updateCredentialCacheKey(): string; removeOutdatedAccount(): void; } //# sourceMappingURL=CacheManager.d.ts.map