Merge branch 'dev' into prsaminathan/read-latency-duration

Author: Prvnkmr337

changelog.txt

@@ -9,6 +9,7 @@ vNext
 - [MINOR] Fix for SDL violation in device pop scenarios, Fixes AB#3284510 (#2744)
 - [MINOR] Adds Authentication Constants to be used for broker latency timestamp in response (#2831)
 - [MINOR] Implemented Common logic to retrieve broker latency duration from result Broker Bundle (#2835)
+- [MINOR] Add support for WebApps getToken API (#2803)
 
 Version 23.1.1
 -----------

common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java

@@ -1379,22 +1379,37 @@ public static String computeMaxHostBrokerProtocol() {
         /**
          * String for broker webapps get contracts result.
          */
-        public static final String BROKER_WEBAPPS_GET_CONTRACTS_RESULT = "contracts";
+        public static final String BROKER_WEBAPPS_GET_CONTRACTS_RESULT = "web_apps_contracts";
 
         /**
-         * String for broker webapps error result.
+         * String for broker webapps request.
          */
-        public static final String BROKER_WEB_APPS_ERROR = "error";
+        public static final String BROKER_WEB_APPS_EXECUTE_REQUEST = "web_apps_execute_request";
 
         /**
-         * String for broker webapps request.
+         * String for broker webapps additional required params.
          */
-        public static final String BROKER_WEB_APPS_REQUEST = "request";
+        public static final String BROKER_WEB_APPS_ADDITIONAL_REQUIRED_PARAMS = "additional_required_params";
 
         /**
          * String for broker webapps response.
          */
-        public static final String BROKER_WEB_APPS_RESPONSE = "response";
+        public static final String BROKER_WEB_APPS_SUCCESSFUL_RESULT = "web_app_successful_result";
+
+        /**
+         * String for compressed broker webapps response.
+         */
+        public static final String BROKER_WEB_APPS_SUCCESSFUL_RESULT_COMPRESSED = "web_app_successful_result_compressed";
+
+        /**
+         * String for broker webapps interactive intent.
+         */
+        public static final String BROKER_WEB_APPS_INTERACTIVE_INTENT = "web_apps_interactive_intent";
+
+        /**
+         * String for broker webapps error result.
+         */
+        public static final String BROKER_WEB_APPS_ERROR_RESULT = "web_apps_error_result";
 
         /**
          * String for generate shr result.
@@ -2142,4 +2157,3 @@ public static final class SdkPlatformFields {
         public static final String VERSION = com.microsoft.identity.common.java.AuthenticationConstants.SdkPlatformFields.VERSION;
     }
 }
-

common/src/main/java/com/microsoft/identity/common/internal/broker/BrokerRequest.java

@@ -84,6 +84,8 @@ private static final class SerializedNames {
         final static String SIGN_IN_WITH_GOOGLE_CREDENTIAL = "sign_in_with_google_credential";
 
         final static String TENANT_ID = "tenant_id";
+        final static String REQUEST_TYPE = "request_type";
+        final static String WEB_APPS_STATE = "web_apps_state";
     }
 
     /**
@@ -281,4 +283,15 @@ private static final class SerializedNames {
     @Nullable
     @SerializedName(SerializedNames.TENANT_ID)
     private String mTenantId;
+
+    @Nullable
+    @SerializedName(SerializedNames.REQUEST_TYPE)
+    private String mRequestType;
+
+    /**
+     * State for web apps requests. Make sure not to log this.
+     */
+    @Nullable
+    @SerializedName(SerializedNames.WEB_APPS_STATE)
+    private String mWebAppsState;
 }

common/src/main/java/com/microsoft/identity/common/internal/cache/WebAppsAccountIdRegistry.kt

@@ -50,6 +50,7 @@ class WebAppsAccountIdRegistry private constructor(
          * @param supplier The storage supplier.
          * @return A new instance of [WebAppsAccountIdRegistry].
          */
+        @JvmStatic
         fun create(supplier: IStorageSupplier): WebAppsAccountIdRegistry {
             val store = supplier.getEncryptedFileStore(WEBAPPS_ACCOUNT_ID_REGISTRY_STORAGE_KEY)
             return WebAppsAccountIdRegistry(store)

common/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java

@@ -22,6 +22,7 @@
 //  THE SOFTWARE.
 package com.microsoft.identity.common.internal.controllers;
 
+import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_WEB_APPS_INTERACTIVE_INTENT;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CLIENT_ADVERTISED_MAXIMUM_BP_VERSION_KEY;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CLIENT_MAX_PROTOCOL_VERSION;
@@ -66,6 +67,7 @@
 import com.microsoft.identity.common.internal.broker.ipc.BrokerOperationBundle;
 import com.microsoft.identity.common.internal.broker.ipc.IIpcStrategy;
 import com.microsoft.identity.common.internal.broker.ipc.WebAppsAdditionalRequiredParameters;
+import com.microsoft.identity.common.internal.util.WebAppsUtil;
 import com.microsoft.identity.common.internal.cache.ActiveBrokerCacheUpdater;
 import com.microsoft.identity.common.internal.cache.ClientActiveBrokerCache;
 import com.microsoft.identity.common.internal.cache.HelloCache;
@@ -113,6 +115,7 @@
 import com.microsoft.identity.common.java.result.GenerateShrResult;
 import com.microsoft.identity.common.java.ui.PreferredAuthMethod;
 import com.microsoft.identity.common.java.util.BrokerProtocolVersionUtil;
+import com.microsoft.identity.common.java.util.ObjectMapper;
 import com.microsoft.identity.common.java.util.ResultFuture;
 import com.microsoft.identity.common.java.util.StringUtil;
 import com.microsoft.identity.common.java.util.ThreadUtils;
@@ -121,8 +124,6 @@
 import com.microsoft.identity.common.logging.Logger;
 import com.microsoft.identity.common.sharedwithoneauth.OneAuthSharedFunctions;
 
-import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.ExecutionException;
 import java.util.concurrent.TimeUnit;
@@ -350,22 +351,53 @@ private String tryGetNegotiatedProtocolVersionFromHelloCache(
     @Override
     public AcquireTokenResult acquireToken(final @NonNull InteractiveTokenCommandParameters parameters)
             throws BaseException, InterruptedException, ExecutionException {
-        final String methodTag = TAG + ":acquireToken";
+        final AcquireTokenResult result;
+        try {
+            //Get the broker interactive parameters intent
+            final Intent interactiveRequestIntent = getBrokerAuthorizationIntent(parameters);
+            final Bundle resultBundle = acquireTokenInternal(parameters, interactiveRequestIntent);
+            final String negotiatedBrokerProtocolVersion = resultBundle.getString(NEGOTIATED_BP_VERSION_KEY);
+            // For MSA Accounts Broker doesn't save the accounts, instead it just passes the result along,
+            // MSAL needs to save this account locally for future token calls.
+            // parameters.getOAuth2TokenCache() will be non-null only in case of MSAL native
+            // If the request is from MSALCPP , OAuth2TokenCache will be null.
+            if (parameters.getOAuth2TokenCache() != null && !BrokerProtocolVersionUtil.canSupportMsaAccountsInBroker(negotiatedBrokerProtocolVersion)) {
+                saveMsaAccountToCache(resultBundle, (MsalOAuth2TokenCache) parameters.getOAuth2TokenCache());
+            }
+
+            verifyBrokerVersionIsSupported(resultBundle, parameters.getRequiredBrokerProtocolVersion());
+            result = mResultAdapter.getAcquireTokenResultFromResultBundle(resultBundle);
+        } catch (final BaseException | ExecutionException e) {
+            Telemetry.emit(
+                    new ApiEndEvent()
+                            .putException(e)
+                            .putApiId(TelemetryEventStrings.Api.BROKER_ACQUIRE_TOKEN_INTERACTIVE)
+            );
+            throw e;
+        }
 
+        Telemetry.emit(
+                new ApiEndEvent()
+                        .putResult(result)
+                        .putApiId(TelemetryEventStrings.Api.BROKER_ACQUIRE_TOKEN_INTERACTIVE)
+        );
+
+        return result;
+    }
+
+    @VisibleForTesting(otherwise = VisibleForTesting.PRIVATE)
+    protected Bundle acquireTokenInternal(final @Nullable InteractiveTokenCommandParameters parameters, final @NonNull Intent interactiveRequestIntent) throws BaseException, InterruptedException, ExecutionException {
+        final String methodTag = TAG + ":acquireTokenInternal";
         Telemetry.emit(
                 new ApiStartEvent()
                         .putProperties(parameters)
                         .putApiId(TelemetryEventStrings.Api.BROKER_ACQUIRE_TOKEN_INTERACTIVE)
         );
-
-        //Create BrokerResultFuture to block on response from the broker... response will be return as an activity result
+        //Create BrokerResultFuture to block on response from the broker...
         //BrokerActivity will receive the result and ask the API dispatcher to complete the request
         //In completeAcquireToken below we will set the result on the future and unblock the flow.
         mBrokerResultFuture = new ResultFuture<>();
 
-        //Get the broker interactive parameters intent
-        final Intent interactiveRequestIntent = getBrokerAuthorizationIntent(parameters);
-
         Activity activity = null;
         if (parameters instanceof AndroidInteractiveTokenCommandParameters) {
             activity = ((AndroidInteractiveTokenCommandParameters) parameters).getActivity();
@@ -418,39 +450,10 @@ public void onReceive(@NonNull PropertyBag propertyBag) {
             // Start the BrokerActivity using our existing Activity
             activity.startActivity(brokerActivityIntent);
         }
-
-        final AcquireTokenResult result;
-        try {
-            //Wait to be notified of the result being returned... we could add a timeout here if we want to
-            final Bundle resultBundle = mBrokerResultFuture.get();
-
-            final String negotiatedBrokerProtocolVersion = interactiveRequestIntent.getStringExtra(NEGOTIATED_BP_VERSION_KEY);
-            // For MSA Accounts Broker doesn't save the accounts, instead it just passes the result along,
-            // MSAL needs to save this account locally for future token calls.
-            // parameters.getOAuth2TokenCache() will be non-null only in case of MSAL native
-            // If the request is from MSALCPP , OAuth2TokenCache will be null.
-            if (parameters.getOAuth2TokenCache() != null && !BrokerProtocolVersionUtil.canSupportMsaAccountsInBroker(negotiatedBrokerProtocolVersion)) {
-                saveMsaAccountToCache(resultBundle, (MsalOAuth2TokenCache) parameters.getOAuth2TokenCache());
-            }
-
-            verifyBrokerVersionIsSupported(resultBundle, parameters.getRequiredBrokerProtocolVersion());
-            result = mResultAdapter.getAcquireTokenResultFromResultBundle(resultBundle);
-        } catch (final BaseException | ExecutionException e) {
-            Telemetry.emit(
-                    new ApiEndEvent()
-                            .putException(e)
-                            .putApiId(TelemetryEventStrings.Api.BROKER_ACQUIRE_TOKEN_INTERACTIVE)
-            );
-            throw e;
-        }
-
-        Telemetry.emit(
-                new ApiEndEvent()
-                        .putResult(result)
-                        .putApiId(TelemetryEventStrings.Api.BROKER_ACQUIRE_TOKEN_INTERACTIVE)
-        );
-
-        return result;
+        //Wait to be notified of the result being returned... we could add a timeout here if we want to
+        final Bundle resultBundle = mBrokerResultFuture.get();
+        resultBundle.putString(NEGOTIATED_BP_VERSION_KEY, interactiveRequestIntent.getStringExtra(NEGOTIATED_BP_VERSION_KEY));
+        return resultBundle;
     }
 
     @Override
@@ -1425,60 +1428,85 @@ public void putValueInSuccessEvent(@NonNull final ApiEndEvent event,
     /**
      * Execute web app request in broker.
      *
-     * @param request request string
+     * @param request request string.
      * @param minBrokerProtocolVersion minimum broker protocol version the caller requires.
      * @param additionalRequiredParams additional required parameters for web app request.
      * @throws BaseException
      */
     public String executeWebAppRequest(@NonNull final String request,
                                        @NonNull final String minBrokerProtocolVersion,
                                        @NonNull final WebAppsAdditionalRequiredParameters additionalRequiredParams) throws BaseException {
-        return getBrokerOperationExecutor().execute(null,
-                new BrokerOperation<String>() {
-                    private String negotiatedBrokerProtocolVersion;
+        try {
+            return getBrokerOperationExecutor().execute(null,
+                    new BrokerOperation<String>() {
+                        private String negotiatedBrokerProtocolVersion;
 
-                    @Override
-                    public void performPrerequisites(@NonNull final IIpcStrategy strategy) throws BaseException {
-                        negotiatedBrokerProtocolVersion = hello(strategy, minBrokerProtocolVersion);
-                    }
+                        @Override
+                        public void performPrerequisites(@NonNull final IIpcStrategy strategy) throws BaseException {
+                            negotiatedBrokerProtocolVersion = hello(strategy, minBrokerProtocolVersion);
+                        }
 
-                    @NonNull
-                    @Override
-                    public BrokerOperationBundle getBundle() throws ClientException {
-                        return new BrokerOperationBundle(
-                                BrokerOperationBundle.Operation.BROKER_WEBAPPS_API_EXECUTE_WEB_APPS_REQUEST,
-                                mActiveBrokerPackageName,
-                                mRequestAdapter.getRequestBundleForExecuteWebAppRequest(request,negotiatedBrokerProtocolVersion, minBrokerProtocolVersion)
-                        );
-                    }
+                        @NonNull
+                        @Override
+                        public BrokerOperationBundle getBundle() throws ClientException {
+                            final String additionalParamsString =  ObjectMapper.serializeObjectToJsonString(additionalRequiredParams);
+                            return new BrokerOperationBundle(
+                                    BrokerOperationBundle.Operation.BROKER_WEBAPPS_API_EXECUTE_WEB_APPS_REQUEST,
+                                    mActiveBrokerPackageName,
+                                    mRequestAdapter.getRequestBundleForExecuteWebAppRequest(
+                                            request,
+                                            negotiatedBrokerProtocolVersion,
+                                            minBrokerProtocolVersion,
+                                            additionalParamsString
+                                    )
+                            );
+                        }
 
-                    @NonNull
-                    @Override
-                    public String extractResultBundle(@Nullable final Bundle resultBundle) throws BaseException {
-                        if (resultBundle == null) {
-                            throw mResultAdapter.getExceptionForEmptyResultBundle();
+                        @NonNull
+                        @Override
+                        public String extractResultBundle(@Nullable final Bundle resultBundle) throws BaseException {
+                            if (resultBundle == null) {
+                                throw mResultAdapter.getExceptionForEmptyResultBundle();
+                            }
+                            verifyBrokerVersionIsSupported(resultBundle, minBrokerProtocolVersion);
+                            if (resultBundle.containsKey(BROKER_WEB_APPS_INTERACTIVE_INTENT)) {
+                                final Intent interactiveIntent = resultBundle.getParcelable(BROKER_WEB_APPS_INTERACTIVE_INTENT);
+                                if (interactiveIntent != null) {
+                                    try {
+                                        final Bundle interactiveGetTokenBundle = acquireTokenInternal(null, interactiveIntent);
+                                        return mResultAdapter.getExecuteWebAppRequestResultFromBundle(interactiveGetTokenBundle);
+                                    } catch (final Throwable t) {
+                                        return WebAppsUtil.createErrorResponseString(t, "Error occurred during interactive request process");
+                                    }
+                                }
+                            }
+                            return mResultAdapter.getExecuteWebAppRequestResultFromBundle(resultBundle);
                         }
-                        verifyBrokerVersionIsSupported(resultBundle, minBrokerProtocolVersion);
-                        return mResultAdapter.getExecuteWebAppRequestResultFromBundle(resultBundle);
-                    }
 
-                    @NonNull
-                    @Override
-                    public String getMethodName() {
-                        return ":executeWebAppRequest";
-                    }
+                        @NonNull
+                        @Override
+                        public String getMethodName() {
+                            return ":executeWebAppRequest";
+                        }
 
-                    @Nullable
-                    @Override
-                    public String getTelemetryApiId() {
-                        return null;
-                    }
+                        @Nullable
+                        @Override
+                        public String getTelemetryApiId() {
+                            return null;
+                        }
 
-                    @Override
-                    public void putValueInSuccessEvent(@NonNull final ApiEndEvent event,
-                                                       @NonNull final String result) {
-                    }
-                });
+                        @Override
+                        public void putValueInSuccessEvent(@NonNull final ApiEndEvent event,
+                                                           @NonNull final String result) {
+                        }
+                    });
+        } catch (final UnsupportedBrokerException ex) {
+            // We want to throw this exception to keep it in line with the other APIs.
+            throw ex;
+        }
+        catch (final Exception ex) {
+            return WebAppsUtil.createErrorResponseString(ex, "Unexpected error occurred");
+        }
     }
 
     /**

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidPlatformUtil.java

@@ -50,6 +50,7 @@
 import com.microsoft.identity.common.java.commands.ICommand;
 import com.microsoft.identity.common.java.commands.InteractiveTokenCommand;
 import com.microsoft.identity.common.java.commands.parameters.InteractiveTokenCommandParameters;
+import com.microsoft.identity.common.java.exception.ArgumentException;
 import com.microsoft.identity.common.java.exception.ClientException;
 import com.microsoft.identity.common.java.exception.ErrorStrings;
 import com.microsoft.identity.common.java.flighting.CommonFlight;
@@ -161,6 +162,11 @@ public boolean isValidCallingApp(@NonNull String redirectUri, @NonNull String pa
         return isValidBrokerRedirect;
     }
 
+    @Override
+    public void isValidCallingAppForWebApps(int callingUid) throws ClientException, UnsupportedOperationException {
+        // This operation is not supported in non-broker contexts.
+        throw new UnsupportedOperationException("WebApp APIs are not functional in non-broker scenarios.");
+    }
     @Override
     @Nullable
     public String getEnrollmentId(@NonNull final String userId, @NonNull final String packageName) {
@@ -324,4 +330,8 @@ private boolean isValidHubRedirectURIForNAATests(String redirectUri) {
                 || redirectUri.equals("msauth://com.microsoft.teams/fcg80qvoM1YMKJZibjBwQcDfOno=")
                 || redirectUri.equals("https://login.microsoftonline.com/common/oauth2/nativeclient"));
     }
+
+    protected Context getContext() {
+        return mContext;
+    }
 }