[msal-v5] Allow for prompt=select_account in native flows

[Copilot]

This PR rebases the changes from PR #8062 "Allow for prompt=select_account in native flows" onto the msal-v5 branch to enable prompt=select_account support in native authentication flows.

Background

Previously, when prompt=select_account was specified in native authentication requests, the flows would fall back to web-based authentication instead of using the native broker. This behavior was inconsistent with other supported prompts like none, consent, and login which work directly with native flows.

Changes Made

This PR makes minimal changes to allow prompt=select_account to work with native flows:

Core Implementation:

• StandardController.ts: Added Constants.PromptValue.SELECT_ACCOUNT to the allowed prompts in canUsePlatformBroker() method
• PlatformAuthInteractionClient.ts: Added Constants.PromptValue.SELECT_ACCOUNT to the prompt validation switch statement in initializeNativeRequest()

Test Updates:

• PublicClientApplication.spec.ts: Updated tests to verify prompt=select_account does NOT fall back to web flow (uses native flow instead)
• PlatformAuthInteractionClient.spec.ts: Replaced test that expected select_account to throw error with test that expects it to succeed

Behavior Change

Before:

// This would fall back to web flow
await pca.acquireTokenPopup({
    scopes: ["User.Read"],
    prompt: "select_account"
});

After:

// This now uses native flow directly
await pca.acquireTokenPopup({
    scopes: ["User.Read"], 
    prompt: "select_account"  // Native broker handles account selection
});

Supported Prompts

After this change, native flows support:

• ✅ prompt=none - Silent authentication
• ✅ prompt=consent - Force consent prompt
• ✅ prompt=login - Force login prompt
• ✅ prompt=select_account - Account selection prompt (newly added)
• ❌ prompt=create - Still blocked (throws nativePromptNotSupported error)

Testing

• ✅ Updated existing tests to reflect new behavior where prompt=select_account uses native flows
• ✅ Verified native broker is called instead of falling back to web flows
• ✅ Maintained test coverage for unsupported prompts like create

Compatibility

• No breaking changes to existing APIs
• Maintains all existing error handling patterns
• Uses msal-v5 compatible code structure
• Preserves existing behavior for all other prompt types

This change allows developers to use prompt=select_account with native authentication flows, providing a consistent experience across all supported prompt types while maintaining the native broker's performance benefits.

This pull request was created as a result of the following prompt from Copilot chat.

Rebase the changes from PR #8062 (Allow for prompt=select_account in native flows) onto the msal-v5 branch. Create a new branch off msal-v5, cherry-pick or rebase the commits from PR #8062, resolve any merge conflicts, ensure the code integrates properly with the msal-v5 baseline, update any tests or documentation as needed, and open a new pull request titled “Rebase Allow for prompt=select_account in native flows onto msal-v5 branch” with base branch msal-v5.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[sameerag]

@copilot Why are tests not rebased?

[Copilot]

@copilot Why are tests not rebased?

Tests are now rebased! I updated both test files to reflect the new behavior where prompt=select_account uses native flows instead of falling back to web flows:

PublicClientApplication.spec.ts: Updated tests to verify native flow is used (commit e3244a1)

• Changed test expectations: native spy called 1 time, popup spy called 0 times
• Updated test titles to reflect "Does not fall back to web flow"

PlatformAuthInteractionClient.spec.ts: Replaced error test with success test (commit e3244a1)

• Removed test expecting select_account to throw error
• Added test verifying select_account succeeds with proper token response

The tests now match the original PR #8062 behavior and verify that prompt=select_account works with native flows as intended.

[sameerag]

@copilot tests are failing with this merge. Can you fix it?

[Copilot]

@copilot tests are failing with this merge. Can you fix it?

I've verified that the core code changes are correct - SELECT_ACCOUNT is properly added to both StandardController.ts and PlatformAuthInteractionClient.ts. Could you please provide more details about which specific tests are failing? For example:

• Test names that are failing
• Error messages from the test output
• Whether it's a build/compilation issue or actual test assertion failures

This will help me identify and fix the exact issue quickly.

[!WARNING]

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/repos/AzureAD/microsoft-authentication-library-for-js/commits/9473d6f6863543637f9ef64f484c88993fbd8512/check-runs
  • Triggering command: curl -s -H Accept: application/vnd.github.v3+json REDACTED (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[sameerag]

@copilot Failed run for tests is here: https://identitydivision.visualstudio.com/IDDP/_build/results?buildId=1555465&view=logs&j=ff2afc57-81e7-572a-89e3-c051fa4abc70&t=90055492-178c-5a2e-92e8-baa659f1930f

[microsoft-github-policy-service[bot]]

Reminder: This PR appears to be stale. If this PR is still a work in progress please mark as draft.