Merge branch 'dev' into ameyapat/msid-jwe-decryptor

* dev: (65 commits)
  Resolve error
  Reset flag in teardown
  Address comments
  Remove flight and test
  Update changelog
  Check boolValue but not presence of value. Add more unit tests
  Mocking flight and cache value
  Add Feature flag and cache to control enablement
  trigger pipeline
  Clean up changes
  fix a typo
  fix deprecation compiling issue
  Update test and number in time based claims
  Fix UT
  Add long casting
  Updating error to interaction required
  remove extra ;
  Address comment
  Support domain_hint param.
  Release 1.16.1
  ...

# Conflicts:
#	IdentityCore/IdentityCore.xcodeproj/project.pbxproj
#	IdentityCore/src/MSIDConstants.h
#	changelog.txt

Author: ameyapat

IdentityCore/IdentityCore.xcodeproj/project.pbxproj

@@ -211,12 +211,15 @@ extern NSString * _Nonnull const MSID_FRT_STATUS_DISABLED;
 extern NSString * _Nonnull const MSID_BROWSER_RESPONSE_SWITCH_BROWSER;
 extern NSString * _Nonnull const MSID_BROWSER_RESPONSE_SWITCH_BROWSER_RESUME;
 
+extern NSString * _Nonnull const MSID_BOUND_RT_REDEEM;
+
 extern NSString * _Nonnull const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY;
 extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_DUNA_CBA;
 extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH;
 extern NSString * _Nonnull const MSID_FLIGHT_CLIENT_SFRT_STATUS;
 extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_PREFERRED_IDENTITY_CBA;
 extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_STATE_DUNA_CBA;
+extern NSString * _Nonnull const MSID_FLIGHT_IGNORE_COOKIES_IN_DUNA_RESUME;
 
 /**
  * Flight to indicate if remove account artifacts should be disabled
@@ -234,4 +237,8 @@ extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_REMOVE_ACCOUNT_ARTIFACTS;
 /// ECS configuration id: /1678824
 extern NSString * _Nonnull const MSID_FLIGHT_IS_BART_SUPPORTED;
 
+extern NSString * _Nonnull const MSID_FLIGHT_ENABLE_QUERYING_STK;
+
+extern NSString * _Nonnull const MSID_DOMAIN_HINT_KEY;
+
 #define METHODANDLINE   [NSString stringWithFormat:@"%s [Line %d]", __PRETTY_FUNCTION__, __LINE__]

IdentityCore/src/MSIDConstants.h

@@ -83,16 +83,25 @@
 NSString *const MSID_BROWSER_RESPONSE_SWITCH_BROWSER = @"switch_browser";
 NSString *const MSID_BROWSER_RESPONSE_SWITCH_BROWSER_RESUME = @"switch_browser_resume";
 
+// Bound App Refresh token constants
+NSString *const MSID_BOUND_RT_REDEEM = @"bound_rt_redeem";
+
 NSString *const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY = @"use_v2_web_response_factory";
 NSString *const MSID_FLIGHT_SUPPORT_DUNA_CBA = @"support_duna_cba_v2";
 NSString *const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH = @"disable_jit_remediation_legacy_auth";
 NSString *const MSID_FLIGHT_CLIENT_SFRT_STATUS = @"sfrt_v2";
 NSString *const MSID_FLIGHT_DISABLE_PREFERRED_IDENTITY_CBA = @"dis_pre_iden_cba";
 NSString *const MSID_FLIGHT_SUPPORT_STATE_DUNA_CBA = @"support_state_duna_cba";
+NSString *const MSID_FLIGHT_IGNORE_COOKIES_IN_DUNA_RESUME = @"ignore_cookies_in_duna_resume";
 
 // Making the flight string short to avoid legacy broker url size limit
 NSString *const MSID_FLIGHT_DISABLE_REMOVE_ACCOUNT_ARTIFACTS = @"disable_rm_metadata";
 
+NSString *const MSID_FLIGHT_ENABLE_QUERYING_STK = @"enable_querying_stk";
+NSString *const MSID_FLIGHT_IS_BART_SUPPORTED = @"is_msal_bart_supported";
+
+NSString *const MSID_DOMAIN_HINT_KEY  = @"domain_hint";
+
 
 NSString *const MSID_FLIGHT_IS_BART_SUPPORTED = @"is_bound_app_rt_supported";
 

IdentityCore/src/MSIDConstants.m

@@ -24,6 +24,7 @@
 
 
 #import <Foundation/Foundation.h>
+#import "MSIDFlightManagerQueryKeyDelegate.h"
 
 NS_ASSUME_NONNULL_BEGIN
 
@@ -38,8 +39,11 @@ NS_ASSUME_NONNULL_BEGIN
 @interface MSIDFlightManager : NSObject <MSIDFlightManagerInterface>
 
 @property (nonatomic, nullable) id<MSIDFlightManagerInterface> flightProvider;
+@property (nonatomic, nullable) id<MSIDFlightManagerQueryKeyDelegate> queryKeyFlightProvider;
 
 + (instancetype)sharedInstance;
++ (instancetype)sharedInstanceByQueryKey:(NSString *)queryKey
+                                 keyType:(MSIDFlightManagerQueryKeyType)keyType;
 
 @end
 

IdentityCore/src/MSIDFlightManager.h

@@ -45,6 +45,56 @@ + (instancetype)sharedInstance
     return sharedInstance;
 }
 
++ (instancetype)sharedInstanceByQueryKey:(NSString *)queryKey
+                                 keyType:(MSIDFlightManagerQueryKeyType)keyType
+{
+    if ([NSString msidIsStringNilOrBlank:queryKey])
+    {
+        // Use shared flight manager if queryKey is nil or empty
+        return [MSIDFlightManager sharedInstance];
+    }
+    
+    static NSMutableDictionary<NSString *, MSIDFlightManager *> *instancesByQueryKey = nil;
+    static dispatch_once_t onceToken;
+    static dispatch_queue_t synchronizationQueue;
+    
+    dispatch_once(&onceToken, ^{
+        instancesByQueryKey = [NSMutableDictionary new];
+        synchronizationQueue = dispatch_queue_create("com.microsoft.msidflightmanager.querykey", DISPATCH_QUEUE_CONCURRENT);
+    });
+    
+    __block MSIDFlightManager *instance = nil;
+    
+    // First, try to read the instance concurrently
+    dispatch_sync(synchronizationQueue, ^{
+        instance = instancesByQueryKey[queryKey];
+    });
+    
+    if (!instance)
+    {
+        // If not found, create and insert with a barrier write
+        dispatch_barrier_sync(synchronizationQueue, ^{
+            instance = instancesByQueryKey[queryKey];
+            if (!instance)
+            {
+                instance = [[self.class alloc] initInternal];
+                
+                id<MSIDFlightManagerInterface> flightProvider = [[MSIDFlightManager sharedInstance].queryKeyFlightProvider
+                                                                 flightProviderForQueryKey:queryKey
+                                                                 keyType:keyType];
+                if (flightProvider)
+                {
+                    instance.flightProvider = flightProvider;
+                }
+                
+                instancesByQueryKey[queryKey] = instance;
+            }
+        });
+    }
+    
+    return instance;
+}
+
 - (instancetype)initInternal
 {
     self = [super init];

IdentityCore/src/MSIDFlightManager.m

@@ -22,28 +22,14 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 // THE SOFTWARE.
 
-#import "MSIDWPJKeyPairWithCert.h"
-#import "MSIDWPJKeyPairWithCert+TransportKey.h"
+#import <Foundation/Foundation.h>
+#import "MSIDFlightManagerQueryKeyType.h"
 
-@implementation MSIDWPJKeyPairWithCert (TransportKey)
+@protocol MSIDFlightManagerInterface;
 
-- (void)setPrivateTransportKeyRef:(SecKeyRef)privateTransportKeyRef
-{
-    if (_privateTransportKeyRef != privateTransportKeyRef)
-    {
-        if (_privateTransportKeyRef)
-        {
-            CFRelease(_privateTransportKeyRef);
-            _privateTransportKeyRef = NULL;
-        }
-        
-        _privateTransportKeyRef = privateTransportKeyRef;
-        
-        if (_privateTransportKeyRef)
-        {
-            CFRetain(_privateTransportKeyRef);
-        }
-    }
-}
+@protocol MSIDFlightManagerQueryKeyDelegate <NSObject>
+
+- (nullable id<MSIDFlightManagerInterface>)flightProviderForQueryKey:(nonnull NSString *)queryKey
+                                                             keyType:(nonnull MSIDFlightManagerQueryKeyType)keyType;
 
 @end

…to/MSIDWPJKeyPairWithCert+TransportKey.m …/src/MSIDFlightManagerQueryKeyDelegate.hIdentityCore/src/cache/crypto/MSIDWPJKeyPairWithCert+TransportKey.m renamed to IdentityCore/src/MSIDFlightManagerQueryKeyDelegate.h IdentityCore/src/cache/crypto/MSIDWPJKeyPairWithCert+TransportKey.m renamed to IdentityCore/src/MSIDFlightManagerQueryKeyDelegate.h

@@ -0,0 +1,38 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+typedef NSString * MSIDFlightManagerQueryKeyType NS_STRING_ENUM;
+
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeTenantId;
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeAppBundleId;
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeEcsRegion;
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeUpn;
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeUserId;
+extern MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeVersionNumber;
+
+NS_ASSUME_NONNULL_END

IdentityCore/src/MSIDFlightManagerQueryKeyType.h

@@ -0,0 +1,32 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+#import "MSIDFlightManagerQueryKeyType.h"
+
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeTenantId = @"tenantId";
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeAppBundleId = @"appBundleId";
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeEcsRegion = @"ecsRegion";
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeUpn = @"upn";
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeUserId = @"userId";
+MSIDFlightManagerQueryKeyType const MSIDFlightManagerQueryKeyTypeVersionNumber = @"version_number";

IdentityCore/src/MSIDFlightManagerQueryKeyType.m

@@ -180,3 +180,5 @@ extern NSString *const MSID_CCS_REQUEST_ID_RESPONSE;
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY;
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE;
 extern NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY;
+extern NSString *const MSID_MSAL_CLIENT_APV_PREFIX;
+extern NSString *const MSID_BOUND_REFRESH_TOKEN_EXCHANGE;

IdentityCore/src/MSIDOAuth2Constants.h

@@ -180,4 +180,6 @@
 NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY            = @"x-ms-srs";
 NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE       = @"ccs-request-sequence";
 
+NSString *const MSID_BOUND_REFRESH_TOKEN_EXCHANGE        = @"bound_rt_exchange";
 NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY           = @"bound_device_id";
+NSString *const MSID_MSAL_CLIENT_APV_PREFIX              = @"MsalClient";