Skip to content

Commit 982bf9a

Browse files
josephpabjosephpab
committed
Added flag
1 parent d446153 commit 982bf9a

File tree

4 files changed

+28
-18
lines changed

4 files changed

+28
-18
lines changed

IdentityCore/src/MSIDConstants.h

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -216,6 +216,7 @@ extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_DUNA_CBA;
216216
extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH;
217217
extern NSString * _Nonnull const MSID_FLIGHT_CLIENT_SFRT_STATUS;
218218
extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_PREFERRED_IDENTITY_CBA;
219+
extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_STATE_VALIDATION_DUNA_CBA;
219220

220221
/**
221222
* Flight to indicate if remove account artifacts should be disabled

IdentityCore/src/MSIDConstants.m

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@
8888
NSString *const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH = @"disable_jit_remediation_legacy_auth";
8989
NSString *const MSID_FLIGHT_CLIENT_SFRT_STATUS = @"sfrt_v2";
9090
NSString *const MSID_FLIGHT_DISABLE_PREFERRED_IDENTITY_CBA = @"dis_pre_iden_cba";
91+
NSString *const MSID_FLIGHT_SUPPORT_STATE_VALIDATION_DUNA_CBA = @"support_state_validation_duna_cba";
9192

9293
// Making the flight string short to avoid legacy broker url size limit
9394
NSString *const MSID_FLIGHT_DISABLE_REMOVE_ACCOUNT_ARTIFACTS = @"disable_rm_metadata";

IdentityCore/src/webview/operations/ios/MSIDSwitchBrowserResumeOperation.m

Lines changed: 15 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,8 @@
2828
#import "MSIDWebviewFactory.h"
2929
#import "MSIDInteractiveTokenRequestParameters.h"
3030
#import "MSIDWebResponseOperationFactory.h"
31+
#import "MSIDConstants.h"
32+
#import "MSIDFlightManager.h"
3133

3234
@interface MSIDSwitchBrowserResumeOperation()
3335

@@ -87,17 +89,20 @@ - (void)invokeWithRequestParameters:(nonnull MSIDInteractiveTokenRequestParamete
8789
webviewResponseCompletionBlock:(nonnull MSIDWebviewAuthCompletionHandler)webviewResponseCompletionBlock
8890
authorizationCodeCompletionBlock:(nonnull MSIDInteractiveAuthorizationCodeCompletionBlock)authorizationCodeCompletionBlock
8991
{
90-
MSIDSwitchBrowserResponse *parentResponse = (MSIDSwitchBrowserResponse *)self.switchBrowserResumeResponse.parentResponse;
91-
NSError *stateValidationError = nil;
92-
93-
BOOL stateValidated = [MSIDSwitchBrowserResponse validateStateParameter:self.switchBrowserResumeResponse.state
94-
expectedState:parentResponse.state
95-
error:&stateValidationError];
96-
if (!stateValidated)
92+
if ([MSIDFlightManager.sharedInstance boolForKey:MSID_FLIGHT_SUPPORT_STATE_VALIDATION_DUNA_CBA])
9793
{
98-
MSID_LOG_WITH_CTX(MSIDLogLevelError, requestParameters, @"Resume operation rejected due to state validation failure");
99-
if (webviewResponseCompletionBlock) webviewResponseCompletionBlock(nil, stateValidationError);
100-
return;
94+
MSIDSwitchBrowserResponse *parentResponse = (MSIDSwitchBrowserResponse *)self.switchBrowserResumeResponse.parentResponse;
95+
NSError *stateValidationError = nil;
96+
97+
BOOL stateValidated = [MSIDSwitchBrowserResponse validateStateParameter:self.switchBrowserResumeResponse.state
98+
expectedState:parentResponse.state
99+
error:&stateValidationError];
100+
if (!stateValidated)
101+
{
102+
MSID_LOG_WITH_CTX(MSIDLogLevelError, requestParameters, @"Resume operation rejected due to state validation failure");
103+
if (webviewResponseCompletionBlock) webviewResponseCompletionBlock(nil, stateValidationError);
104+
return;
105+
}
101106
}
102107

103108
webRequestConfiguration.startURL = [[NSURL alloc] initWithString:self.switchBrowserResumeResponse.actionUri];

IdentityCore/src/webview/response/MSIDSwitchBrowserResponse.m

Lines changed: 11 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -50,17 +50,20 @@ - (instancetype)initWithURL:(NSURL *)url
5050
{
5151
if (![self isMyUrl:url redirectUri:redirectUri]) return nil;
5252

53-
NSError *stateCheckError = nil;
54-
BOOL stateValidated = [MSIDSwitchBrowserResponse validateStateParameter:self.parameters[MSID_OAUTH2_STATE]
55-
expectedState:requestState
56-
error:&stateCheckError];
57-
if (!stateValidated)
53+
if ([MSIDFlightManager.sharedInstance boolForKey:MSID_FLIGHT_SUPPORT_STATE_VALIDATION_DUNA_CBA])
5854
{
59-
if (stateCheckError && error)
55+
NSError *stateCheckError = nil;
56+
BOOL stateValidated = [MSIDSwitchBrowserResponse validateStateParameter:self.parameters[MSID_OAUTH2_STATE]
57+
expectedState:requestState
58+
error:&stateCheckError];
59+
if (!stateValidated)
6060
{
61-
*error = stateCheckError;
61+
if (stateCheckError && error)
62+
{
63+
*error = stateCheckError;
64+
}
65+
return nil;
6266
}
63-
return nil;
6467
}
6568

6669
_actionUri = self.parameters[@"action_uri"];

0 commit comments

Comments
 (0)