Merge pull request #1461 from AzureAD/veena/fixCrash

Fix crash due to null value being added to set

Author: Veena11

IdentityCore/src/cache/accessor/MSIDDefaultTokenCacheAccessor.m

@@ -1277,7 +1277,10 @@ - (BOOL)saveAccount:(MSIDAccount *)account
         }
         else
         {
-            [noReturnAccountsSet addObject:accountCacheItem.username];
+            if (accountCacheItem.username)
+            {
+                [noReturnAccountsSet addObject:accountCacheItem.username];
+            }
         }
     }
 

IdentityCore/tests/integration/MSIDDefaultAccessorSSOIntegrationTests.m

@@ -1788,6 +1788,55 @@ - (void)testAccountsWithAuthority_whenReturnSignedInAccountTrue_shouldFilterOutS
     XCTAssertFalse([accountUPNs containsObject:@"[email protected]"]);
 }
 
+- (void)testAccountsWithAuthority_whenReturnSignedInAccountTrue_AndUserNameNil_shouldNotCrash
+{
+    // setup default cache
+    [self saveResponseWithUPN:@"[email protected]"
+                     clientId:@"test_client_id"
+                    authority:@"https://login.windows.net/common"
+               responseScopes:@"user.read user.write"
+                  inputScopes:@"user.read user.write"
+                          uid:@"uid"
+                         utid:@"utid"
+                  accessToken:@"access token"
+                 refreshToken:@"refresh token"
+                     familyId:@"3"
+                     accessor:_nonSSOAccessor];
+    
+    [self saveResponseWithUPN:nil
+                     clientId:@"test_client_id2"
+                    authority:@"https://login.windows.net/common"
+               responseScopes:@"user.read user.write"
+                  inputScopes:@"user.read user.write"
+                          uid:@"uid2"
+                         utid:@"utid2"
+                  accessToken:@"access token"
+                 refreshToken:@"refresh token 2"
+                     familyId:nil
+                     accessor:_nonSSOAccessor];
+    
+    // sign out the second account
+    NSError *error;
+    XCTAssertTrue([_accountMetadataCache updateSignInStateForHomeAccountId:@"uid2.utid2" clientId:@"test_client_id2" state:MSIDAccountMetadataStateSignedOut context:nil error:&error]);
+    XCTAssertNil(error);
+    
+    // setup legacy cache
+    [self saveResponseWithUPN:@"[email protected]"
+                     clientId:@"test_client_id3"
+                    authority:@"https://login.windows.net/common"
+               responseScopes:@"user.read user.write"
+                  inputScopes:@"user.read user.write"
+                          uid:@"uid3"
+                         utid:@"utid3"
+                  accessToken:@"access token"
+                 refreshToken:@"refresh token 2"
+                     familyId:@"3"
+                     accessor:_otherAccessor];
+    
+    NSArray *accounts = [_defaultAccessor accountsWithAuthority:nil clientId:@"test_client_id2" familyId:@"3" accountIdentifier:nil accountMetadataCache:_accountMetadataCache signedInAccountsOnly:YES context:nil error:&error];
+    XCTAssertEqual([accounts count], 2);
+}
+
 - (void)testAccountsWithAuthority_whenReturnSignedInAccountTrue_shouldFilterOutSignedOutAccountInBothDefaultAndLegacyCache
 {
     // setup default cache
@@ -3117,7 +3166,15 @@ - (void)saveResponseWithUPN:(NSString *)upn
               appIdentifier:(NSString *)appIdentifier
                    accessor:(id<MSIDCacheAccessor>)accessor
 {
-    NSString *idToken = [MSIDTestIdTokenUtil idTokenWithPreferredUsername:upn subject:@"subject" givenName:@"Hello" familyName:@"World" name:@"Hello World" version:@"2.0" tid:tenantId];
+    NSString *idToken = nil;
+    if (!upn)
+    {
+        idToken = [MSIDTestIdTokenUtil idTokenWithGivenName:@"Hello" familyName:@"World" name:@"Hello World" version:@"2.0" tid:tenantId];
+    }
+    else
+    {
+        idToken = [MSIDTestIdTokenUtil idTokenWithPreferredUsername:upn subject:@"subject" givenName:@"Hello" familyName:@"World" name:@"Hello World" version:@"2.0" tid:tenantId];
+    }
 
     MSIDTokenResponse *response = [MSIDTestTokenResponse v2TokenResponseWithAT:accessToken
                                                                             RT:refreshToken

IdentityCore/tests/util/MSIDTestIdTokenUtil.h

@@ -83,4 +83,10 @@
                                    version:(NSString *)version
                                        tid:(NSString *)tid;
 
++ (NSString *)idTokenWithGivenName:(NSString *)givenName
+                        familyName:(NSString *)familyName
+                              name:(NSString *)name
+                           version:(NSString *)version
+                               tid:(NSString *)tid;
+
 @end

IdentityCore/tests/util/MSIDTestIdTokenUtil.m

@@ -170,6 +170,23 @@ + (NSString *)idTokenWithPreferredUsername:(NSString *)username
                                           tid:@"contoso.com"];
 }
 
++ (NSString *)idTokenWithGivenName:(NSString *)givenName
+                        familyName:(NSString *)familyName
+                              name:(NSString *)name
+                           version:(NSString *)version
+                               tid:(NSString *)tid
+{
+    NSString *idTokenp1 = [@{ @"typ": @"JWT", @"alg": @"RS256", @"kid": @"_kid_value"} msidBase64UrlJson];
+    NSString *idTokenp2 = [@{ @"iss" : @"issuer",
+                              @"given_name" : givenName,
+                              @"family_name" : familyName,
+                              @"name" : name,
+                              @"ver": version,
+                              @"tid": tid ? tid : @""
+                           } msidBase64UrlJson];
+    return [NSString stringWithFormat:@"%@.%@.%@", idTokenp1, idTokenp2, idTokenp1];
+}
+
 + (NSString *)idTokenWithPreferredUsername:(NSString *)username
                                    subject:(NSString *)subject
                                  givenName:(NSString *)givenName