Add feature flags provider to be controlled from broker

Author: juan-arias

IdentityCore/IdentityCore.xcodeproj/project.pbxproj

@@ -1797,6 +1797,9 @@
 		B443F0002AD6327700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.h in Headers */ = {isa = PBXBuildFile; fileRef = B443EFFF2AD6327700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.h */; };
 		B443F0022AD6328700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.m in Sources */ = {isa = PBXBuildFile; fileRef = B443F0012AD6328700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.m */; };
 		B443F0032AD6328700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.m in Sources */ = {isa = PBXBuildFile; fileRef = B443F0012AD6328700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.m */; };
+		B48FC02F2D726A52007B80DB /* MSIDBrokerFlightProvider.h in Headers */ = {isa = PBXBuildFile; fileRef = B48FC02E2D726A48007B80DB /* MSIDBrokerFlightProvider.h */; };
+		B48FC0312D726A66007B80DB /* MSIDBrokerFlightProvider.m in Sources */ = {isa = PBXBuildFile; fileRef = B48FC0302D726A64007B80DB /* MSIDBrokerFlightProvider.m */; };
+		B48FC0322D726A66007B80DB /* MSIDBrokerFlightProvider.m in Sources */ = {isa = PBXBuildFile; fileRef = B48FC0302D726A64007B80DB /* MSIDBrokerFlightProvider.m */; };
 		B49323912AD491C600E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.h in Headers */ = {isa = PBXBuildFile; fileRef = B493238F2AD4919400E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.h */; };
 		B49323922AD491CE00E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.m in Sources */ = {isa = PBXBuildFile; fileRef = B49323902AD491B900E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.m */; };
 		B49323932AD491CF00E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.m in Sources */ = {isa = PBXBuildFile; fileRef = B49323902AD491B900E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.m */; };
@@ -3243,6 +3246,8 @@
 		B443EFFC2AD6307E00782168 /* MSIDBrokerOperationGetPasskeyCredentialResponse.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MSIDBrokerOperationGetPasskeyCredentialResponse.m; sourceTree = "<group>"; };
 		B443EFFF2AD6327700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MSIDBrokerOperationPasskeyCredentialRequest.h; sourceTree = "<group>"; };
 		B443F0012AD6328700782168 /* MSIDBrokerOperationPasskeyCredentialRequest.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MSIDBrokerOperationPasskeyCredentialRequest.m; sourceTree = "<group>"; };
+		B48FC02E2D726A48007B80DB /* MSIDBrokerFlightProvider.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MSIDBrokerFlightProvider.h; sourceTree = "<group>"; };
+		B48FC0302D726A64007B80DB /* MSIDBrokerFlightProvider.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MSIDBrokerFlightProvider.m; sourceTree = "<group>"; };
 		B493238F2AD4919400E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MSIDBrokerOperationPasskeyAssertionRequest.h; sourceTree = "<group>"; };
 		B49323902AD491B900E0CBC0 /* MSIDBrokerOperationPasskeyAssertionRequest.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MSIDBrokerOperationPasskeyAssertionRequest.m; sourceTree = "<group>"; };
 		B49323942AD4DA0200E0CBC0 /* MSIDBrokerOperationGetPasskeyAssertionResponse.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MSIDBrokerOperationGetPasskeyAssertionResponse.h; sourceTree = "<group>"; };
@@ -5534,6 +5539,8 @@
 				728209CB26FE951900B5F018 /* MSIDJwtAlgorithm.h */,
 				237F8F2C2D5166FE0095F164 /* MSIDFlightManager.h */,
 				237F8F2D2D5166FE0095F164 /* MSIDFlightManager.m */,
+				B48FC02E2D726A48007B80DB /* MSIDBrokerFlightProvider.h */,
+				B48FC0302D726A64007B80DB /* MSIDBrokerFlightProvider.m */,
 			);
 			path = src;
 			sourceTree = "<group>";
@@ -5976,6 +5983,7 @@
 				B2C707FD2192530E00D917B8 /* MSIDDefaultSilentTokenRequest.h in Headers */,
 				1EE541402458B30300A86414 /* MSIDDevicePopManager.h in Headers */,
 				E656E07D2C2627FB0011FB23 /* MSIDWebUpgradeRegResponse.h in Headers */,
+				B48FC02F2D726A52007B80DB /* MSIDBrokerFlightProvider.h in Headers */,
 				B286B9B32389DD78007833AD /* MSIDWebAADAuthCodeResponse.h in Headers */,
 				886F516E29CCA83000F09471 /* MSIDCIAMAuthorityResolver.h in Headers */,
 				B286B9D22389DF19007833AD /* MSIDAadAuthorityCache.h in Headers */,
@@ -7254,6 +7262,7 @@
 				600D19982095988C0004CD43 /* MSIDChallengeHandler.m in Sources */,
 				B26CEB042367B3B9009E6E54 /* MSIDSystemWebViewControllerFactory.m in Sources */,
 				609E74BE228CA5CA005E3FED /* MSIDAccountMetadataCacheAccessor.m in Sources */,
+				B48FC0312D726A66007B80DB /* MSIDBrokerFlightProvider.m in Sources */,
 				23B018C42356D51200207FEC /* NSDictionary+MSIDQueryItems.m in Sources */,
 				2394F2042D4894FF00E44F6E /* MSIDWebUpgradeRegOperation.m in Sources */,
 				B2C708AE219A612A00D917B8 /* MSIDDefaultBrokerTokenRequest.m in Sources */,
@@ -8072,6 +8081,7 @@
 				96235F96207D7286007EAB36 /* MSIDWebOAuth2AuthCodeResponse.m in Sources */,
 				B239A43D209E8170000A3268 /* MSIDAccountCredentialCache.m in Sources */,
 				23B018822355481800207FEC /* MSIDSSOExtensionInteractiveTokenRequest.m in Sources */,
+				B48FC0322D726A66007B80DB /* MSIDBrokerFlightProvider.m in Sources */,
 				239E8F88233D951D00251373 /* MSIDBrokerOperationTokenResponse.m in Sources */,
 				B208854A29ADB86200A50B88 /* MSIDExternalSSOContextMock.m in Sources */,
 				B2B1D57320425DFD00DD81F0 /* MSIDAccountCacheItem.m in Sources */,

IdentityCore/src/MSIDBrokerConstants.h

@@ -96,6 +96,7 @@ extern NSString * _Nonnull const MSID_SKIP_VALIDATE_RESULT_ACCOUNT_KEY;
 extern NSString * _Nonnull const MSID_JIT_TROUBLESHOOTING_HOST;
 extern NSString * _Nonnull const MSID_IS_CALLER_MANAGED_KEY;
 extern NSString * _Nonnull const MSID_BROKER_PREFERRED_AUTH_CONFIGURATION_KEY;
+extern NSString * _Nonnull const MSID_BROKER_CLIENT_FLIGHTS_KEY;
 extern NSString * _Nonnull const MSID_BROKER_SDM_WPJ_ATTEMPTED;
 extern NSString * _Nonnull const MSID_EXP_RETRY_ON_NETWORK;
 extern NSString * _Nonnull const MSID_EXP_ENABLE_CONNECTION_CLOSE;

IdentityCore/src/MSIDBrokerConstants.m

@@ -77,6 +77,7 @@
 NSString *const MSID_BROKER_TYPES_OF_HEADER = @"types_of_header";
 NSString *const MSID_BROKER_REQUEST_SENT_TIMESTAMP = @"request_sent_timestamp";
 NSString *const MSID_BROKER_PREFERRED_AUTH_CONFIGURATION_KEY = @"preferred_auth_config";
+NSString *const MSID_BROKER_CLIENT_FLIGHTS_KEY = @"client_flights";
 NSString *const MSID_BROKER_ACCOUNT_HOME_TENANT_ID = @"account_home_tenant_id";
 NSString *const MSID_CLIENT_SKU_KEY = @"client_sku";
 NSString *const MSID_SKIP_VALIDATE_RESULT_ACCOUNT_KEY = @"skip_validate_result_account";

IdentityCore/src/MSIDBrokerFlightProvider.h

@@ -0,0 +1,40 @@
+
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+#import <Foundation/Foundation.h>
+#import "MSIDFlightManager.h"
+
+NS_ASSUME_NONNULL_BEGIN
+
+@interface MSIDBrokerFlightProvider : NSObject <MSIDFlightManagerInterface>
+
+- (instancetype)initWithBase64EncodedFlightsPayload:(nullable NSString *)base64EncodedFlightsPayload;
+
+- (instancetype _Nullable )init NS_UNAVAILABLE;
++ (instancetype _Nullable )new NS_UNAVAILABLE;
+
+@end
+
+NS_ASSUME_NONNULL_END

IdentityCore/src/MSIDBrokerFlightProvider.m

@@ -0,0 +1,89 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+#import "MSIDBrokerFlightProvider.h"
+#import "NSJSONSerialization+MSIDExtensions.h"
+
+@interface MSIDBrokerFlightProvider()
+
+@property (nonatomic, nullable) NSDictionary *clientFlightsPayload;
+
+@end
+
+@implementation MSIDBrokerFlightProvider
+
+- (instancetype)initWithBase64EncodedFlightsPayload:(nullable NSString *)base64EncodedFlightsPayload
+{
+    self = [super init];
+    
+    if (self)
+    {
+        if ([NSString msidIsStringNilOrBlank:base64EncodedFlightsPayload])
+        {
+            MSID_LOG_WITH_CTX(MSIDLogLevelInfo,nil, @"Broker client flights is nil or empty");
+            return nil;
+        }
+        
+        NSDictionary *clientFlightsDict = nil;
+        
+        NSData *decodedJsonData =  [[base64EncodedFlightsPayload msidBase64UrlDecode] dataUsingEncoding:NSUTF8StringEncoding];
+        if (decodedJsonData && [decodedJsonData length])
+        {
+            clientFlightsDict = [NSJSONSerialization msidNormalizedDictionaryFromJsonData:decodedJsonData error:nil];
+            
+            if (![clientFlightsDict isKindOfClass:[NSDictionary class]])
+            {
+                MSID_LOG_WITH_CTX(MSIDLogLevelWarning,nil, @"Invalid broker client flight format");
+                return nil;
+            }
+        }
+        else
+        {
+            MSID_LOG_WITH_CTX(MSIDLogLevelWarning,nil, @"Failed to decode base64encoded client flights from broker");
+            return nil;
+        }
+        
+        if (clientFlightsDict)
+        {
+            self.clientFlightsPayload = clientFlightsDict;
+            MSID_LOG_WITH_CTX(MSIDLogLevelInfo, nil, @"Client flights from broker is decoded successfully");
+        }
+    }
+    
+    return self;
+}
+
+#pragma mark - MSIDFlightManagerInterface
+
+- (BOOL)boolForKey:(nonnull NSString *)flightKey
+{
+    if (self.clientFlightsPayload)
+    {
+        return [self.clientFlightsPayload[flightKey] boolValue];
+    }
+    
+    return NO;
+}
+
+@end

IdentityCore/src/MSIDConstants.h

@@ -176,5 +176,6 @@ extern NSString * _Nonnull const MSID_BROWSER_RESPONSE_SWITCH_BROWSER_RESUME;
 
 extern NSString * _Nonnull const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY;
 extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_DUNA_CBA;
+extern NSString * _Nonnull const MSID_FLIGHT_ENABLE_CLIENT_SINGLE_FAMILY_REFRESH_TOKEN;
 
 #define METHODANDLINE   [NSString stringWithFormat:@"%s [Line %d]", __PRETTY_FUNCTION__, __LINE__]

IdentityCore/src/MSIDConstants.m

@@ -78,6 +78,7 @@
 
 NSString *const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY = @"use_v2_web_response_factory";
 NSString *const MSID_FLIGHT_SUPPORT_DUNA_CBA = @"support_duna_cba";
+NSString *const MSID_FLIGHT_ENABLE_CLIENT_SINGLE_FAMILY_REFRESH_TOKEN = @"enable_client_single_family_refresh_token";
 
 
 #define METHODANDLINE   [NSString stringWithFormat:@"%s [Line %d]", __PRETTY_FUNCTION__, __LINE__]

IdentityCore/src/broker_operation/response/MSIDDeviceInfo.h

@@ -66,6 +66,7 @@ NS_ASSUME_NONNULL_BEGIN
 @property (nonatomic, nullable) NSString *brokerVersion;
 @property (nonatomic) NSDictionary *additionalExtensionData;
 @property (nonatomic) MSIDPreferredAuthMethod preferredAuthConfig;
+@property (nonatomic) NSString *clientFlights;
 
 #if TARGET_OS_OSX
 @property (nonatomic) MSIDPlatformSSOStatus platformSSOStatus;

IdentityCore/src/broker_operation/response/MSIDDeviceInfo.m

@@ -63,6 +63,7 @@ - (instancetype)initWithJSONDictionary:(NSDictionary *)json error:(__unused NSEr
         _wpjStatus = [self wpjStatusEnumFromString:[json msidStringObjectForKey:MSID_BROKER_WPJ_STATUS_KEY]];
         _brokerVersion = [json msidStringObjectForKey:MSID_BROKER_BROKER_VERSION_KEY];
         _preferredAuthConfig = [self preferredAuthConfigurationEnumFromString:[json msidStringObjectForKey:MSID_BROKER_PREFERRED_AUTH_CONFIGURATION_KEY]];
+        _clientFlights = [json msidStringObjectForKey:MSID_BROKER_CLIENT_FLIGHTS_KEY];
 
 #if TARGET_OS_OSX
         _platformSSOStatus = [self platformSSOStatusEnumFromString:[json msidStringObjectForKey:MSID_PLATFORM_SSO_STATUS_KEY]];
@@ -95,6 +96,7 @@ - (NSDictionary *)jsonDictionary
     json[MSID_BROKER_WPJ_STATUS_KEY] = [self wpjStatusStringFromEnum:self.wpjStatus];
     json[MSID_BROKER_BROKER_VERSION_KEY] = self.brokerVersion;
     json[MSID_BROKER_PREFERRED_AUTH_CONFIGURATION_KEY] = [self preferredAuthConfigurationStringFromEnum:self.preferredAuthConfig];
+    json[MSID_BROKER_CLIENT_FLIGHTS_KEY] = self.clientFlights;
 #if TARGET_OS_OSX
     json[MSID_PLATFORM_SSO_STATUS_KEY] = [self platformSSOStatusStringFromEnum:self.platformSSOStatus];
 #endif

IdentityCore/src/oauth2/MSIDBrokerResponse.h

@@ -43,6 +43,9 @@
 @property (readonly) NSString *errorDomain;
 @property (readonly) NSString *target;
 
+// Client flights managed by broker, base64 encoded
+@property (readonly) NSString *clientFlights;
+
 // Derived properties
 @property (readonly) MSIDTokenResponse *tokenResponse;
 @property (readonly) MSIDAuthority *msidAuthority;