Nested App Auth: allow empty parameters for loginPopup (#6941)

codexeon · web-flow · commit 62327356f6cb · 2024-04-09T11:47:53.000-07:00
This change allows empty parameters for loginPopup by using a default
request to match the behavior of StandardController. It also removes the
dependency on crypto.randomUUID() which is not used elsewhere in the
MSAL code base. Use the shared implementation to generate UUID v7
instead.
diff --git a/change/@azure-msal-browser-0e07359f-e5c7-42a4-a825-4a80c43b7d7d.json b/change/@azure-msal-browser-0e07359f-e5c7-42a4-a825-4a80c43b7d7d.json
@@ -0,0 +1,7 @@
+{
+  "type": "patch",
+  "comment": "Nested App Auth: allow empty parameters for loginPopup (#6941)",
+  "packageName": "@azure/msal-browser",
+  "email": "dasau@microsoft.com",
+  "dependentChangeType": "patch"
+}
diff --git a/lib/msal-browser/src/controllers/NestedAppAuthController.ts b/lib/msal-browser/src/controllers/NestedAppAuthController.ts
@@ -26,7 +26,12 @@ import { PopupRequest } from "../request/PopupRequest";
 import { RedirectRequest } from "../request/RedirectRequest";
 import { SilentRequest } from "../request/SilentRequest";
 import { SsoSilentRequest } from "../request/SsoSilentRequest";
-import { ApiId, WrapperSKU, InteractionType } from "../utils/BrowserConstants";
+import {
+    ApiId,
+    WrapperSKU,
+    InteractionType,
+    DEFAULT_REQUEST,
+} from "../utils/BrowserConstants";
 import { IController } from "./IController";
 import { TeamsAppOperatingContext } from "../operatingcontext/TeamsAppOperatingContext";
 import { IBridgeProxy } from "../naa/IBridgeProxy";
@@ -418,11 +423,7 @@ export class NestedAppAuthController implements IController {
     loginPopup(
         request?: PopupRequest | undefined // eslint-disable-line @typescript-eslint/no-unused-vars
     ): Promise<AuthenticationResult> {
-        if (request !== undefined) {
-            return this.acquireTokenInteractive(request);
-        } else {
-            throw NestedAppAuthError.createUnsupportedError();
-        }
+        return this.acquireTokenInteractive(request || DEFAULT_REQUEST);
     }
     // eslint-disable-next-line @typescript-eslint/no-unused-vars
     loginRedirect(request?: RedirectRequest | undefined): Promise<void> {
diff --git a/lib/msal-browser/src/naa/BridgeProxy.ts b/lib/msal-browser/src/naa/BridgeProxy.ts
@@ -15,6 +15,7 @@ import { BridgeStatusCode } from "./BridgeStatusCode";
 import { IBridgeProxy } from "./IBridgeProxy";
 import { InitContext } from "./InitContext";
 import { TokenRequest } from "./TokenRequest";
+import * as BrowserCrypto from "../crypto/BrowserCrypto";
 
 declare global {
     interface Window {
@@ -29,7 +30,6 @@ declare global {
  */
 export class BridgeProxy implements IBridgeProxy {
     static bridgeRequests: BridgeRequest[] = [];
-    static crypto: Crypto;
     sdkName: string;
     sdkVersion: string;
     capabilities?: BridgeCapabilities;
@@ -47,13 +47,8 @@ export class BridgeProxy implements IBridgeProxy {
         if (window.nestedAppAuthBridge === undefined) {
             throw new Error("window.nestedAppAuthBridge is undefined");
         }
-        if (window.crypto === undefined) {
-            throw new Error("window.crypto is undefined");
-        }
 
         try {
-            BridgeProxy.crypto = window.crypto;
-
             window.nestedAppAuthBridge.addEventListener(
                 "message",
                 (response: AuthBridgeResponse) => {
@@ -84,7 +79,7 @@ export class BridgeProxy implements IBridgeProxy {
                     const message: BridgeRequestEnvelope = {
                         messageType: "NestedAppAuthRequest",
                         method: "GetInitContext",
-                        requestId: BridgeProxy.getRandomId(),
+                        requestId: BrowserCrypto.createNewGuid(),
                     };
                     const request: BridgeRequest = {
                         requestId: message.requestId,
@@ -108,10 +103,6 @@ export class BridgeProxy implements IBridgeProxy {
         }
     }
 
-    public static getRandomId(): string {
-        return BridgeProxy.crypto.randomUUID();
-    }
-
     /**
      * getTokenInteractive - Attempts to get a token interactively from the bridge
      * @param request A token request
@@ -164,7 +155,7 @@ export class BridgeProxy implements IBridgeProxy {
         const message: BridgeRequestEnvelope = {
             messageType: "NestedAppAuthRequest",
             method: method,
-            requestId: BridgeProxy.getRandomId(),
+            requestId: BrowserCrypto.createNewGuid(),
             ...requestParams,
         };
 
diff --git a/lib/msal-browser/test/naa/BridgeProxy.spec.ts b/lib/msal-browser/test/naa/BridgeProxy.spec.ts
@@ -46,13 +46,6 @@ describe("BridgeProxy tests", () => {
                 "window.nestedAppAuthBridge is undefined"
             );
         });
-
-        it("should throw an error if window.crypto is undefined", () => {
-            windowSpy.mockImplementation(() => ({ nestedAppAuthBridge: {} }));
-            expect(() => BridgeProxy.create()).rejects.toThrow(
-                "window.crypto is undefined"
-            );
-        });
     });
 
     describe("get token silent tests", () => {
