Read BART from ests response when refresh_token_type & set deviceID

Author: ameyapat

IdentityCore/src/MSIDBrokerConstants.h

@@ -99,6 +99,7 @@ extern NSString * _Nonnull const MSID_IS_CALLER_MANAGED_KEY;
 extern NSString * _Nonnull const MSID_BROKER_PREFERRED_AUTH_CONFIGURATION_KEY;
 extern NSString * _Nonnull const MSID_BROKER_CLIENT_FLIGHTS_KEY;
 extern NSString * _Nonnull const MSID_BROKER_SDM_WPJ_ATTEMPTED;
+extern NSString * _Nonnull const MSID_BART_DEVICE_ID_KEY;
 extern NSString * _Nonnull const MSID_EXP_RETRY_ON_NETWORK;
 extern NSString * _Nonnull const MSID_EXP_ENABLE_CONNECTION_CLOSE;
 extern NSString * _Nonnull const MSID_HTTP_CONNECTION;

IdentityCore/src/MSIDBrokerConstants.m

@@ -97,6 +97,7 @@
 NSString *const MSID_JIT_TROUBLESHOOTING_HOST = @"jit_troubleshooting";
 NSString *const MSID_IS_CALLER_MANAGED_KEY = @"isCallerAppManaged";
 NSString *const MSID_BROKER_SDM_WPJ_ATTEMPTED = @"sdm_reg_attempted";
+NSString *const MSID_BART_DEVICE_ID_KEY = @"bart_device_id";
 NSString *const MSID_FORCE_REFRESH_KEY = @"force_refresh";
 
 // Experiments

IdentityCore/src/MSIDOAuth2Constants.h

@@ -179,4 +179,6 @@ extern NSString *const MSID_CCS_REQUEST_ID_RESPONSE;
 
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY;
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE;
+extern NSString *const MSID_REFRESH_TOKEN_TYPE;
+extern NSString *const MSID_REFRESH_TOKEN_TYPE_BOUND_APP_RT;
 extern NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY;

IdentityCore/src/MSIDOAuth2Constants.m

@@ -180,4 +180,6 @@
 NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY            = @"x-ms-srs";
 NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE       = @"ccs-request-sequence";
 
+NSString *const MSID_REFRESH_TOKEN_TYPE                  = @"refresh_token_type";
+NSString *const MSID_REFRESH_TOKEN_TYPE_BOUND_APP_RT     = @"bound_app_rt";
 NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY           = @"bound_device_id";

IdentityCore/src/oauth2/MSIDOauth2Factory.m

@@ -27,6 +27,7 @@
 #import "MSIDAccessToken.h"
 #import "MSIDBaseToken.h"
 #import "MSIDRefreshToken.h"
+#import "MSIDBoundRefreshToken.h"
 #import "MSIDLegacySingleResourceToken.h"
 #import "MSIDIdToken.h"
 #import "MSIDAccount.h"
@@ -170,6 +171,15 @@ - (MSIDRefreshToken *)refreshTokenFromResponse:(MSIDTokenResponse *)response
     BOOL result = [self fillRefreshToken:refreshToken fromResponse:response configuration:configuration];
 
     if (!result) return nil;
+    if (refreshToken)
+    {
+        // Saving RT from a token network response
+        if ([response.additionalServerInfo[MSID_REFRESH_TOKEN_TYPE] isEqualToString:MSID_REFRESH_TOKEN_TYPE_BOUND_APP_RT])
+        {
+            MSIDBoundRefreshToken *bart = [[MSIDBoundRefreshToken alloc] initWithRefreshToken:refreshToken boundDeviceId:response.boundAppRefreshTokenDeviceId];
+            return bart;
+        }
+    }
     return refreshToken;
 }
 

IdentityCore/src/oauth2/MSIDTokenResponse.h

@@ -95,6 +95,8 @@
 
 @property (nonatomic) BOOL createdFromCache;
 
+@property (nonatomic, nullable) NSString *boundAppRefreshTokenDeviceId;
+
 - (nullable instancetype)initWithJSONDictionary:(nonnull NSDictionary *)json
                                    refreshToken:(nullable MSIDBaseToken<MSIDRefreshableToken> *)token
                                           error:(NSError * _Nullable __autoreleasing *_Nullable)error;

IdentityCore/src/oauth2/MSIDTokenResponse.m

@@ -170,6 +170,7 @@ - (instancetype)initWithJSONDictionary:(NSDictionary *)json error:(NSError *__au
         _stsErrorCodes = [json msidArrayOfIntegersForKey: MSID_OAUTH2_ERROR_CODES];
         _errorDescription = [[json msidStringObjectForKey:MSID_OAUTH2_ERROR_DESCRIPTION] msidURLDecode];
         _clientAppVersion = [json msidStringObjectForKey:MSID_BROKER_CLIENT_APP_VERSION_KEY];
+        _boundAppRefreshTokenDeviceId = [json msidStringObjectForKey:MSID_BART_DEVICE_ID_KEY];
         [self setAdditionalServerInfo:json];
     }
 

IdentityCore/src/requests/sdk/MSIDTokenResponseValidator.m

@@ -29,6 +29,7 @@
 #import "MSIDBrokerResponse.h"
 #import "MSIDAccessToken.h"
 #import "MSIDRefreshToken.h"
+#import "MSIDBoundRefreshToken.h"
 #import "MSIDBasicContext.h"
 #import "MSIDAccountMetadataCacheAccessor.h"
 #import "MSIDAccountIdentifier.h"
@@ -261,6 +262,12 @@ - (MSIDTokenResult *)validateAndSaveTokenResponse:(MSIDTokenResponse *)tokenResp
         return nil;
     }
 
+    if ([tokenResponse.additionalServerInfo[MSID_REFRESH_TOKEN_TYPE] isEqualToString:MSID_REFRESH_TOKEN_TYPE_BOUND_APP_RT] && tokenResponse.boundAppRefreshTokenDeviceId)
+    {
+        tokenResult.refreshToken = [[MSIDBoundRefreshToken alloc] initWithRefreshToken:(MSIDRefreshToken *)tokenResult.refreshToken
+                                                                         boundDeviceId:tokenResponse.boundAppRefreshTokenDeviceId];
+    }
+
     //save metadata
     NSError *authorityError;
     MSIDAuthority *resultingAuthority = [factory resultAuthorityWithConfiguration:parameters.msidConfiguration tokenResponse:tokenResponse error:&authorityError];