[v5] Add support for authorize call using method POST

[hectormmg]

This PR:

• Adds the httpMethod and authorizePostBodyParameters options to BaseAuthRequest
• Enables calls to the /authorize endpoint using HTTP method "POST" using the Redirect, Popup, and SilentIFrame flows
• Ensures extraQueryParameters are still encoded into the request URL in POST flow
• Ensures httpMethod cannot be set to 'GET' when using the EAR protocol mode (throws when the request is validated)
• Ensures request validation to make sure the combinations of httpMethod and authorizePostBodyParameters as well as httpMethod and protocol mode happens before synchronous popup is opened.

[Copilot]

Pull Request Overview

This PR adds support for calling the /authorize endpoint using HTTP POST method across all browser authentication flows. The implementation includes new request validation logic that ensures proper combinations of HTTP method, protocol mode, and body parameters while maintaining backward compatibility with existing GET-based flows.

• Adds httpMethod and authorizePostBodyParameters fields to the BaseAuthRequest interface
• Implements POST flow support for Redirect, Popup, and SilentIFrame authentication flows
• Ensures validation prevents invalid combinations like GET method with body parameters or GET method with EAR protocol mode

Reviewed Changes

Copilot reviewed 22 out of 22 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
lib/msal-common/src/utils/Constants.ts	Adds HttpMethod enum with GET and POST values
lib/msal-common/src/request/BaseAuthRequest.ts	Extends request interface with httpMethod and authorizePostBodyParameters fields
lib/msal-common/src/error/ClientConfigurationErrorCodes.ts	Adds validation error codes for invalid request method configurations
lib/msal-common/src/request/RequestParameterBuilder.ts	Adds utility function to handle POST body parameters
lib/msal-browser/src/request/RequestHelpers.ts	Implements request validation logic for HTTP method combinations
lib/msal-browser/src/protocol/Authorize.ts	Adds getCodeForm function for creating POST forms
lib/msal-browser/src/interaction_handler/SilentHandler.ts	Implements POST flow support for silent iframe requests
lib/msal-browser/src/interaction_client/StandardInteractionClient.ts	Integrates request validation into authorization request initialization
lib/msal-browser/src/interaction_client/SilentIframeClient.ts	Adds POST method support to silent iframe flow
lib/msal-browser/src/interaction_client/RedirectClient.ts	Implements POST flow execution for redirect authentication
lib/msal-browser/src/interaction_client/PopupClient.ts	Adds POST method support to popup authentication flow
Sample files	Updates test app to demonstrate POST method usage
Test files	Adds comprehensive test coverage for new functionality
Change files	Documents API changes for both msal-common and msal-browser packages

---

_{You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.}

[Copilot]

Missing hyphen after parameter name in JSDoc comment. Should be '@param parameters - Description of parameters'

Suggested change

	* @param bodyParameters
	* @param parameters - The map to which body parameters will be added.
	* @param bodyParameters - The body parameters to add to the map.

[Copilot]

Missing hyphen after parameter name in JSDoc comment. Should be '@param bodyParameters - Description of bodyParameters'

Suggested change

	* @param bodyParameters
	* @param parameters - Map to which body parameters will be added
	* @param bodyParameters - Key-value pairs to add to the parameters map

[Copilot]

Missing release tag (@Alpha, @beta, @public, or @internal) for the addPostBodyParameters function as indicated by the API extractor warning

[Copilot]

Missing release tag (@Alpha, @beta, @public, or @internal) for the HttpMethod constant as indicated by the API extractor warning

Suggested change

	// @public (undocumented)
	// @public