removed thrown error claimsBasedCaching. Marked it as deprecated in m…

…sal-node

lib/msal-browser/src/config/Configuration.ts

@@ -252,12 +252,6 @@ export function buildConfiguration(
     }: Configuration,
     isBrowserEnvironment: boolean
 ): BrowserConfiguration {
-    if (userInputCache?.claimsBasedCachingEnabled) {
-        throw createClientConfigurationError(
-            ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-        );
-    }
-
     // Default auth options for browser
     const DEFAULT_AUTH_OPTIONS: InternalAuthOptions = {
         clientId: Constants.EMPTY_STRING,

lib/msal-browser/test/config/Configuration.spec.ts

@@ -12,8 +12,6 @@ import {
     ProtocolMode,
     ServerResponseType,
     Logger,
-    createClientConfigurationError,
-    ClientConfigurationErrorCodes,
 } from "@azure/msal-common";
 import sinon from "sinon";
 import { BrowserCacheLocation } from "../../src/utils/BrowserConstants";
@@ -249,7 +247,7 @@ describe("Configuration.ts Class Unit Tests", () => {
                     cacheLocation: BrowserCacheLocation.LocalStorage,
                     storeAuthStateInCookie: true,
                     secureCookies: true,
-                    claimsBasedCachingEnabled: false,
+                    claimsBasedCachingEnabled: true,
                 },
                 system: {
                     windowHashTimeout: TEST_POPUP_TIMEOUT_MS,
@@ -281,7 +279,7 @@ describe("Configuration.ts Class Unit Tests", () => {
         expect(newConfig.cache?.storeAuthStateInCookie).not.toBeNull();
         expect(newConfig.cache?.storeAuthStateInCookie).toBe(true);
         expect(newConfig.cache?.secureCookies).toBe(true);
-        expect(newConfig.cache?.claimsBasedCachingEnabled).toBe(false);
+        expect(newConfig.cache?.claimsBasedCachingEnabled).toBe(true);
         // System config checks
         expect(newConfig.system).not.toBeNull();
         expect(newConfig.system?.windowHashTimeout).not.toBeNull();
@@ -313,21 +311,4 @@ describe("Configuration.ts Class Unit Tests", () => {
         );
         expect(loggerSpy).toBeCalled();
     });
-
-    it("throws an error when claimsBasedCaching is enabled", () => {
-        expect(() => {
-            buildConfiguration(
-                {
-                    // @ts-ignore
-                    auth: null,
-                    cache: { claimsBasedCachingEnabled: true },
-                },
-                true
-            );
-        }).toThrow(
-            createClientConfigurationError(
-                ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-            )
-        );
-    });
 });

lib/msal-common/src/config/ClientConfiguration.ts

@@ -23,10 +23,6 @@ import {
     ClientAuthErrorCodes,
     createClientAuthError,
 } from "../error/ClientAuthError";
-import {
-    ClientConfigurationErrorCodes,
-    createClientConfigurationError,
-} from "../error/ClientConfigurationError";
 
 /**
  * Use the configuration object to configure MSAL Modules and initialize the base interfaces for MSAL.
@@ -237,12 +233,6 @@ export function buildClientConfiguration({
     persistencePlugin: persistencePlugin,
     serializableCache: serializableCache,
 }: ClientConfiguration): CommonClientConfiguration {
-    if (userCacheOptions?.claimsBasedCachingEnabled) {
-        throw createClientConfigurationError(
-            ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-        );
-    }
-
     const loggerOptions = {
         ...DEFAULT_LOGGER_IMPLEMENTATION,
         ...userLoggerOption,

lib/msal-common/src/error/ClientConfigurationError.ts

@@ -51,8 +51,6 @@ export const ClientConfigurationErrorMessages = {
         "Cannot set allowNativeBroker parameter to true when not in AAD protocol mode.",
     [ClientConfigurationErrorCodes.authorityMismatch]:
         "Authority mismatch error. Authority provided in login request or PublicClientApplication config does not match the environment of the provided account. Please use a matching account or make an interactive request to login to this authority.",
-    [ClientConfigurationErrorCodes.claimsBasedCachingEnabled]:
-        "Claims based caching is not supported in MSALJS.",
 };
 
 /**

lib/msal-common/src/error/ClientConfigurationErrorCodes.ts

@@ -26,4 +26,3 @@ export const invalidAuthenticationHeader = "invalid_authentication_header";
 export const cannotSetOIDCOptions = "cannot_set_OIDCOptions";
 export const cannotAllowNativeBroker = "cannot_allow_native_broker";
 export const authorityMismatch = "authority_mismatch";
-export const claimsBasedCachingEnabled = "claims_based_caching_enabled";

lib/msal-common/test/client/SilentFlowClient.spec.ts

@@ -366,6 +366,71 @@ describe("SilentFlowClient unit tests", () => {
             );
         });
 
+        it("acquireCachedToken does not throw when given valid claims with claimsBasedCachingEnabled", async () => {
+            const testScopes = [
+                Constants.OPENID_SCOPE,
+                Constants.PROFILE_SCOPE,
+                ...TEST_CONFIG.DEFAULT_GRAPH_SCOPE,
+            ];
+            testAccessTokenEntity.target = testScopes.join(" ");
+            sinon
+                .stub(
+                    Authority.prototype,
+                    <any>"getEndpointMetadataFromNetwork"
+                )
+                .resolves(DEFAULT_OPENID_CONFIG_RESPONSE.body);
+            sinon
+                .stub(CacheManager.prototype, "readAccountFromCache")
+                .returns(testAccountEntity);
+            sinon
+                .stub(CacheManager.prototype, "getIdToken")
+                .returns(testIdToken);
+            sinon
+                .stub(CacheManager.prototype, "getAccessToken")
+                .returns(testAccessTokenEntity);
+            sinon
+                .stub(CacheManager.prototype, "getRefreshToken")
+                .returns(testRefreshTokenEntity);
+            const config =
+                await ClientTestUtils.createTestClientConfiguration();
+            const client = new SilentFlowClient(
+                {
+                    ...config,
+                    cacheOptions: {
+                        ...config.cacheOptions,
+                        claimsBasedCachingEnabled: true,
+                    },
+                },
+                stubPerformanceClient
+            );
+            sinon.stub(TimeUtils, <any>"isTokenExpired").returns(false);
+
+            const silentFlowRequest: CommonSilentFlowRequest = {
+                scopes: TEST_CONFIG.DEFAULT_GRAPH_SCOPE,
+                account: testAccount,
+                authority: TEST_CONFIG.validAuthority,
+                correlationId: TEST_CONFIG.CORRELATION_ID,
+                forceRefresh: false,
+                claims: `{ "access_token": { "xms_cc":{"values":["cp1"] } }}`,
+            };
+
+            const response = await client.acquireCachedToken(silentFlowRequest);
+            const authResult: AuthenticationResult = response[0];
+            expect(authResult.authority).toEqual(
+                `${TEST_URIS.DEFAULT_INSTANCE}${TEST_CONFIG.TENANT}/`
+            );
+            expect(authResult.uniqueId).toEqual(ID_TOKEN_CLAIMS.oid);
+            expect(authResult.tenantId).toEqual(ID_TOKEN_CLAIMS.tid);
+            expect(authResult.scopes).toEqual(testScopes);
+            expect(authResult.account).toEqual(testAccount);
+            expect(authResult.idToken).toEqual(testIdToken.secret);
+            expect(authResult.idTokenClaims).toEqual(ID_TOKEN_CLAIMS);
+            expect(authResult.accessToken).toEqual(
+                testAccessTokenEntity.secret
+            );
+            expect(authResult.state).toBe("");
+        });
+
         it("acquireCachedToken returns correct token when max age is provided and has not transpired yet", async () => {
             const testScopes = [
                 Constants.OPENID_SCOPE,

lib/msal-common/test/config/ClientConfiguration.spec.ts

@@ -14,12 +14,7 @@ import {
 import { MockStorageClass, mockCrypto } from "../client/ClientTestUtils";
 import { MockCache } from "../cache/entities/cacheConstants";
 import { Constants } from "../../src/utils/Constants";
-import {
-    ClientAuthErrorCodes,
-    ClientConfigurationErrorCodes,
-    createClientAuthError,
-    createClientConfigurationError,
-} from "../../src";
+import { ClientAuthErrorCodes, createClientAuthError } from "../../src";
 
 describe("ClientConfiguration.ts Class Unit Tests", () => {
     it("buildConfiguration assigns default functions", async () => {
@@ -36,21 +31,21 @@ describe("ClientConfiguration.ts Class Unit Tests", () => {
         expect(emptyConfig.cryptoInterface.base64Decode).not.toBeNull();
         expect(() =>
             emptyConfig.cryptoInterface.base64Decode("test input")
-        ).toThrow(
+        ).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
         expect(() =>
             emptyConfig.cryptoInterface.base64Decode("test input")
-        ).toThrow(AuthError);
+        ).toThrowError(AuthError);
         expect(emptyConfig.cryptoInterface.base64Encode).not.toBeNull();
         expect(() =>
             emptyConfig.cryptoInterface.base64Encode("test input")
-        ).toThrow(
+        ).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
         expect(() =>
             emptyConfig.cryptoInterface.base64Encode("test input")
-        ).toThrow(AuthError);
+        ).toThrowError(AuthError);
         // Storage interface checks
         expect(emptyConfig.storageInterface).not.toBeNull();
         expect(emptyConfig.storageInterface.clear).not.toBeNull();
@@ -62,35 +57,37 @@ describe("ClientConfiguration.ts Class Unit Tests", () => {
         expect(emptyConfig.storageInterface.getAccount).not.toBeNull();
         expect(() =>
             emptyConfig.storageInterface.getAccount("testKey")
-        ).toThrow(
+        ).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
         expect(() =>
             emptyConfig.storageInterface.getAccount("testKey")
-        ).toThrow(AuthError);
+        ).toThrowError(AuthError);
         expect(emptyConfig.storageInterface.getKeys).not.toBeNull();
-        expect(() => emptyConfig.storageInterface.getKeys()).toThrow(
+        expect(() => emptyConfig.storageInterface.getKeys()).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
-        expect(() => emptyConfig.storageInterface.getKeys()).toThrow(AuthError);
+        expect(() => emptyConfig.storageInterface.getKeys()).toThrowError(
+            AuthError
+        );
         expect(emptyConfig.storageInterface.removeItem).not.toBeNull();
         expect(() =>
             emptyConfig.storageInterface.removeItem("testKey")
-        ).toThrow(
+        ).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
         expect(() =>
             emptyConfig.storageInterface.removeItem("testKey")
-        ).toThrow(AuthError);
+        ).toThrowError(AuthError);
         expect(emptyConfig.storageInterface.setAccount).not.toBeNull();
         expect(() =>
             emptyConfig.storageInterface.setAccount(MockCache.acc)
-        ).toThrow(
+        ).toThrowError(
             createClientAuthError(ClientAuthErrorCodes.methodNotImplemented)
         );
         expect(() =>
             emptyConfig.storageInterface.setAccount(MockCache.acc)
-        ).toThrow(AuthError);
+        ).toThrowError(AuthError);
         // Network interface checks
         expect(emptyConfig.networkInterface).not.toBeNull();
         expect(emptyConfig.networkInterface.sendGetRequestAsync).not.toBeNull();
@@ -194,6 +191,9 @@ describe("ClientConfiguration.ts Class Unit Tests", () => {
                 ): void => {},
                 piiLoggingEnabled: true,
             },
+            cacheOptions: {
+                claimsBasedCachingEnabled: true,
+            },
             libraryInfo: {
                 sku: TEST_CONFIG.TEST_SKU,
                 version: TEST_CONFIG.TEST_VERSION,
@@ -265,7 +265,7 @@ describe("ClientConfiguration.ts Class Unit Tests", () => {
         expect(newConfig.loggerOptions.piiLoggingEnabled).toBe(true);
         // Cache options tests
         expect(newConfig.cacheOptions).not.toBeNull();
-        expect(newConfig.cacheOptions.claimsBasedCachingEnabled).toBe(false);
+        expect(newConfig.cacheOptions.claimsBasedCachingEnabled).toBe(true);
         // Client info tests
         expect(newConfig.libraryInfo.sku).toBe(TEST_CONFIG.TEST_SKU);
         expect(newConfig.libraryInfo.version).toBe(TEST_CONFIG.TEST_VERSION);
@@ -279,20 +279,4 @@ describe("ClientConfiguration.ts Class Unit Tests", () => {
             TEST_CONFIG.TEST_APP_VER
         );
     });
-
-    test("throws an error when claimsBasedCaching is enabled", async () => {
-        expect(() => {
-            buildClientConfiguration({
-                //@ts-ignore
-                authOptions: {
-                    clientId: TEST_CONFIG.MSAL_CLIENT_ID,
-                },
-                cacheOptions: { claimsBasedCachingEnabled: true },
-            });
-        }).toThrow(
-            createClientConfigurationError(
-                ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-            )
-        );
-    });
 });

lib/msal-node/src/config/Configuration.ts

@@ -14,8 +14,6 @@ import {
     AzureCloudOptions,
     ApplicationTelemetry,
     INativeBrokerPlugin,
-    createClientConfigurationError,
-    ClientConfigurationErrorCodes,
 } from "@azure/msal-common";
 import { HttpClient } from "../network/HttpClient.js";
 import http from "http";
@@ -67,6 +65,9 @@ export type NodeAuthOptions = {
  */
 export type CacheOptions = {
     cachePlugin?: ICachePlugin;
+    /**
+     * @deprecated claims-based-caching functionality will be removed in the next version of MSALJS
+     */
     claimsBasedCachingEnabled?: boolean;
 };
 
@@ -205,12 +206,6 @@ export function buildAppConfiguration({
     system,
     telemetry,
 }: Configuration): NodeConfiguration {
-    if (cache?.claimsBasedCachingEnabled) {
-        throw createClientConfigurationError(
-            ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-        );
-    }
-
     const systemOptions: Required<NodeSystemOptions> = {
         ...DEFAULT_SYSTEM_OPTIONS,
         networkClient: new HttpClient(

lib/msal-node/test/client/ClientCredentialClient.spec.ts

@@ -20,8 +20,6 @@ import {
     createClientAuthError,
     ClientAuthErrorCodes,
     CacheHelpers,
-    createClientConfigurationError,
-    ClientConfigurationErrorCodes,
 } from "@azure/msal-common";
 import { ClientCredentialClient, UsernamePasswordClient } from "../../src";
 import {
@@ -502,20 +500,6 @@ describe("ClientCredentialClient unit tests", () => {
         );
     });
 
-    it("An error is thrown when claims based caching is enabled", async () => {
-        expect(() => {
-            // will use msal-common's buildAppConfiguration
-            new ClientCredentialClient({
-                ...config,
-                cacheOptions: { claimsBasedCachingEnabled: true },
-            });
-        }).toThrow(
-            createClientConfigurationError(
-                ClientConfigurationErrorCodes.claimsBasedCachingEnabled
-            )
-        );
-    });
-
     it("Does not add claims when empty object provided", async () => {
         const client: ClientCredentialClient = new ClientCredentialClient(
             config