diff --git a/common b/common index faa4a604d8..605a869c4e 160000 --- a/common +++ b/common @@ -1 +1 @@ -Subproject commit faa4a604d83b259f83094755edd45f8289fb4547 +Subproject commit 605a869c4eea81fb31c163333bdd30f845433a5a diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/crosscloud/TestCase1400731.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/crosscloud/TestCase1400731.java new file mode 100644 index 0000000000..f05b0d3349 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/crosscloud/TestCase1400731.java @@ -0,0 +1,159 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.crosscloud; + +import android.text.TextUtils; + +import androidx.annotation.NonNull; + +import com.microsoft.identity.client.Prompt; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.labapi.utilities.client.LabGuestAccount; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.LabConstants; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Assert; +import org.junit.Test; + +import java.util.Arrays; + +// [Joined] Guest Support: Interactive and Silent Auth with MSAL Test app (Authenticator or Company Portal) +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/1400731/ +@RetryOnFailure(retryCount = 2) +public class TestCase1400731 extends AbstractMsalBrokerTest { + + @Test + public void test_1400731() throws Throwable { + // load a guest user account from the Lab + final LabGuestAccount labGuest = mLabClient.loadGuestAccountFromLab(getLabQuery()); + + final String username = "gcidlab@msidlab4.onmicrosoft.com"; + final String password = mLabClient.getPasswordForGuestUser(labGuest); + + //perform device registration + mBroker.performDeviceRegistration(username, password); + + final MsalSdk msalSdk = new MsalSdk(); + + final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(mScopes)) + .promptParameter(Prompt.SELECT_ACCOUNT) + .authority(LabConstants.MSID_LAB3) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + // start interactive acquire token request in MSAL (should succeed) + final MsalAuthResult authResult = msalSdk.acquireTokenInteractive(authTestParams, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + // Should be silent + } + }, TokenRequestTimeout.MEDIUM); + + Assert.assertFalse(TextUtils.isEmpty(authResult.getAccessToken())); + + final MsalAuthTestParams authTestParams2 = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(mScopes)) + .promptParameter(Prompt.SELECT_ACCOUNT) + .authority(LabConstants.MSID_LAB4) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + // start interactive acquire token request in MSAL for msidlab4 (should succeed and be silent) + final MsalAuthResult authResult2 = msalSdk.acquireTokenInteractive(authTestParams2, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + // Should be silent + } + }, TokenRequestTimeout.MEDIUM); + + authResult2.assertSuccess(); + + // advance clock by more than an hour to expire AT in cache + getSettingsScreen().forwardDeviceTimeForOneDay(); + + final MsalAuthTestParams silentParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .authority(LabConstants.MSID_LAB3) + .forceRefresh(true) + .scopes(Arrays.asList(mScopes)) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + // get a token silently for msidlab3 + final MsalAuthResult silentAuthResult = msalSdk.acquireTokenSilent(silentParams, TokenRequestTimeout.SILENT); + silentAuthResult.assertSuccess(); + + final MsalAuthTestParams silentParams2 = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .authority(LabConstants.MSID_LAB4) + .forceRefresh(true) + .scopes(Arrays.asList(mScopes)) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + // get a token silently for msidlab4 + final MsalAuthResult silentAuthResult2 = msalSdk.acquireTokenSilent(silentParams2, TokenRequestTimeout.SILENT); + silentAuthResult2.assertSuccess(); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.GUEST) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + @Override + public String getAuthority() { + return "https://login.microsoftonline.us/common"; + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} \ No newline at end of file diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/foci/TestCase833544.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/foci/TestCase833544.java new file mode 100644 index 0000000000..03b5b1f47c --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/foci/TestCase833544.java @@ -0,0 +1,235 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.foci; + +import androidx.test.uiautomator.UiObject; + +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.annotations.LongUIAutomationTest; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.annotations.SupportedBrokers; +import com.microsoft.identity.client.ui.automation.app.AzureSampleApp; +import com.microsoft.identity.client.ui.automation.app.OutlookApp; +import com.microsoft.identity.client.ui.automation.app.WordApp; +import com.microsoft.identity.client.ui.automation.broker.BrokerMicrosoftAuthenticator; +import com.microsoft.identity.client.ui.automation.logging.Logger; +import com.microsoft.identity.client.ui.automation.installer.LocalApkInstaller; +import com.microsoft.identity.client.ui.automation.interaction.FirstPartyAppPromptHandlerParameters; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.utils.CommonUtils; +import com.microsoft.identity.client.ui.automation.utils.UiAutomatorUtils; +import com.microsoft.identity.common.java.util.ThreadUtils; +import com.microsoft.identity.labapi.utilities.client.ILabAccount; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.AzureEnvironment; +import com.microsoft.identity.labapi.utilities.constants.FederationProvider; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; +import com.microsoft.identity.labapi.utilities.exception.LabApiException; + +import org.junit.Assert; +import org.junit.Test; + +import java.util.concurrent.TimeUnit; + +// [Non-joined][FoCl] FoCl (Multi-users) with Outlook and Word +// https://identitydivision.visualstudio.com/DevEx/_workitems/edit/833544 +@SupportedBrokers(brokers = {BrokerMicrosoftAuthenticator.class}) +@RetryOnFailure +@LongUIAutomationTest +public class TestCase833544 extends AbstractMsalBrokerTest { + + @Test + public void test_833544() throws LabApiException { + // Recent build of authenticator seems to produce a notification popup on device, this blocks some ui we rely on to validate account presence. Disabling notifications will work. + getSettingsScreen().toggleNotificationsThroughSettings(mBroker.getPackageName()); + + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + final OutlookApp outlook = new OutlookApp(new LocalApkInstaller()); + + outlook.install(); + outlook.launch(); + outlook.handleFirstRun(); + + final FirstPartyAppPromptHandlerParameters promptHandlerParameters = FirstPartyAppPromptHandlerParameters.builder() + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(username) + .broker(mBroker) + .registerPageExpected(false) + .enrollPageExpected(false) + .consentPageExpected(false) + .speedBumpExpected(false) + .sessionExpected(false) + .expectingLoginPageAccountPicker(false) + .expectingBrokerAccountChooserActivity(false) + .build(); + + // add first account to Outlook + outlook.addFirstAccount(username, password, promptHandlerParameters); + outlook.onAccountAdded(); + outlook.confirmAccount(username); + + final WordApp wordApp = new WordApp(new LocalApkInstaller()); + + // open word + wordApp.install(); + wordApp.launch(); + wordApp.handleFirstRun(); + + // Word auto signs the user into with the account that was in Outlook + // Sometimes, it might take a bit longer to see this UI page in word app + final UiObject fileFetchScreen = UiAutomatorUtils.obtainUiObjectWithText("Fetching your files", TimeUnit.SECONDS.toMillis(45)); + Assert.assertTrue(fileFetchScreen.exists()); + + // Make sure the account exists in Word + wordApp.confirmAccount(username); + + // Steps from 833519 + // Make sure a Non-FOCI app (Azure sample in this case) can't see the account + AzureSampleApp azureSample = new AzureSampleApp(); + azureSample.install(); + azureSample.launch(); + + // sign in silently into Azure Sample App, should see account picker and not get signed in + azureSample.signInSilentlyWithSingleAccountFragment(mBrowser, mBroker, false); + + // Confirm that the account picker did show up + final UiObject accountPicker = UiAutomatorUtils.obtainUiObjectWithResourceId(CommonUtils.getResourceId(mBroker.getPackageName(), "account_chooser_listView")); + Assert.assertTrue(accountPicker.exists()); + + // Confirm that no account is logged in to AzureSampleApp + azureSample.forceStop(); + azureSample.launch(); + azureSample.confirmSignedIn("None"); + + // fetch another account from lab - someone from a different tenant + final LabQuery queryForAdfsV3Account = LabQuery.builder() + .userType(UserType.FEDERATED) + .federationProvider(FederationProvider.ADFS_V3) + .build(); + + final ILabAccount labAccountAdfsV3 = mLabClient.getLabAccount(queryForAdfsV3Account); + + final String usernameV3 = labAccountAdfsV3.getUsername(); + final String passwordV3 = labAccountAdfsV3.getPassword(); + + // relaunch Outlook + outlook.forceStop(); + outlook.launch(); + + final FirstPartyAppPromptHandlerParameters outlookPromptParameters = + FirstPartyAppPromptHandlerParameters.builder() + .expectingNonZeroAccountsInTSL(true) + .prompt(PromptParameter.SELECT_ACCOUNT) + .broker(mBroker) + .consentPageExpected(false) + .enrollPageExpected(false) + .registerPageExpected(false) + .isFederated(true) + .expectingBrokerAccountChooserActivity(true) + .expectingLoginPageAccountPicker(false) + .howWouldYouLikeToSignInExpected(true) + .loginHint(usernameV3) + .sessionExpected(false) + .speedBumpExpected(false) + .build(); + + // add another account in Outlook + outlook.addAnotherAccount(usernameV3, passwordV3, outlookPromptParameters); + + // Relaunching word right after outlook sign in is pressed leads to issues, sometimes the user is not signed in + ThreadUtils.sleepSafely(5000, "Sleep failed", "Interrupted"); + + // relaunch Word app + wordApp.forceStop(); + wordApp.launch(); + + // We used to check for a flag to expect what new, which occasionally appears in our testing based on word version + // Let's just ignore any AssertionErrors that get thrown here, we don't know what to expect before hand anyway + try { + // Word shows a Whats New Dialog when the app is launched NEXT TIME after adding first account + final UiObject whatsNewDialog = UiAutomatorUtils.obtainUiObjectWithResourceId( + "com.microsoft.office.word:id/WhatsNewDialogTitleTextView" + ); + + Assert.assertTrue(whatsNewDialog.exists()); + + // Click the close btn to close this dialog + UiAutomatorUtils.handleButtonClick("android:id/button2"); + } catch (AssertionError e){ + Logger.i(TestCase833544.class.getSimpleName(), "What's New Page did not appear: " + e.getMessage()); + } + + final FirstPartyAppPromptHandlerParameters wordPromptParameters = + FirstPartyAppPromptHandlerParameters.builder() + .expectingNonZeroAccountsInTSL(true) + .prompt(PromptParameter.SELECT_ACCOUNT) + .broker(mBroker) + .consentPageExpected(false) + .enrollPageExpected(false) + .registerPageExpected(false) + .isFederated(true) + .expectingBrokerAccountChooserActivity(true) + .expectingLoginPageAccountPicker(false) + .loginHint(usernameV3) + .sessionExpected(true) + .speedBumpExpected(false) + .build(); + + // add another account in Word + wordApp.addAnotherAccount(usernameV3, passwordV3, wordPromptParameters); + + // make sure this other account is in Word + wordApp.confirmAccount(usernameV3); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .azureEnvironment(AzureEnvironment.AZURE_CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return mApplication.getConfiguration().getDefaultAuthority().toString(); + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/mdm/TestCase831126.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/mdm/TestCase831126.java new file mode 100644 index 0000000000..0deb3698ff --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/mdm/TestCase831126.java @@ -0,0 +1,168 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.mdm; + +import static com.microsoft.identity.client.ui.automation.utils.CommonUtils.FIND_UI_ELEMENT_TIMEOUT; +import static org.junit.Assert.fail; + +import androidx.test.uiautomator.UiObject; + +import com.microsoft.identity.client.IAccount; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.annotations.SupportedBrokers; +import com.microsoft.identity.client.ui.automation.app.OutlookApp; +import com.microsoft.identity.client.ui.automation.app.WordApp; +import com.microsoft.identity.client.ui.automation.broker.BrokerCompanyPortal; +import com.microsoft.identity.client.ui.automation.broker.IMdmAgent; +import com.microsoft.identity.client.ui.automation.installer.LocalApkInstaller; +import com.microsoft.identity.client.ui.automation.interaction.FirstPartyAppPromptHandlerParameters; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.utils.CommonUtils; +import com.microsoft.identity.client.ui.automation.utils.UiAutomatorUtils; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.AzureEnvironment; +import com.microsoft.identity.labapi.utilities.constants.ProtectionPolicy; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Assert; +import org.junit.Test; + +import java.util.Arrays; + +// [Joined][MDM] Device Admin MDM: MDM Account with Microsoft Outlook and Word +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/831126 +@SupportedBrokers(brokers = {BrokerCompanyPortal.class}) +@RetryOnFailure +public class TestCase831126 extends AbstractMsalBrokerTest { + + @Test + public void test_831126() throws Throwable { + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + final OutlookApp outlook = new OutlookApp(new LocalApkInstaller()); + + outlook.install(); + + // launch outlook and handle first run + outlook.launch(); + outlook.handleFirstRun(); + + // This went back and forth about needing an additional password prompt in browser, might need to revisit this one + final FirstPartyAppPromptHandlerParameters promptHandlerParameters = FirstPartyAppPromptHandlerParameters.builder() + .broker(mBroker) + .prompt(PromptParameter.LOGIN) + .loginHint(username) + .consentPageExpected(false) + .expectingBrokerAccountChooserActivity(false) + .secondPasswordPageExpected(true) + .expectingLoginPageAccountPicker(false) + .enrollPageExpected(true) + .build(); + + // add first account in Outlook + outlook.addFirstAccount(username, password, promptHandlerParameters); + + // verify go to playstore page to download CP + mBrowser.handleFirstRun(); + final UiObject goToPlayStoreBtn = UiAutomatorUtils.obtainUiObjectWithText("Go to Google Play"); + if (!goToPlayStoreBtn.waitForExists(FIND_UI_ELEMENT_TIMEOUT)) { + fail("Go to play store page did not show up"); + } + + // enroll device in MDM via the Company Portal app + ((IMdmAgent) mBroker).enrollDevice(username, password); + + // re-launch outlook + outlook.launch(); + + final FirstPartyAppPromptHandlerParameters promptHandlerParamsPostEnroll = FirstPartyAppPromptHandlerParameters.builder() + .broker(mBroker) + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(username) + .sessionExpected(true) + .build(); + + outlook.addFirstAccount(username, password, promptHandlerParamsPostEnroll); + outlook.onAccountAdded(); + + // make sure our Account is in Outlook now + outlook.confirmAccount(username); + + final WordApp wordApp = new WordApp(new LocalApkInstaller()); + wordApp.install(); + wordApp.launch(); + wordApp.handleFirstRun(); + + // Word performs auto login using the account that was previously used in one of the other + // microsoft apps. + UiObject fileFetchScreen = UiAutomatorUtils.obtainUiObjectWithText("Fetching your files", CommonUtils.FIND_UI_ELEMENT_TIMEOUT_LONG); + Assert.assertTrue(fileFetchScreen.exists()); + + // confirm that the account appears in Word + wordApp.confirmAccount(username); + // advance clock by more than an hour to expire AT in cache + getSettingsScreen().forwardDeviceTimeForOneDay(); + + // again open outlook and confirm that there is no interactive prompt + outlook.launch(); + outlook.confirmAccount(username); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.CLOUD) + .azureEnvironment(AzureEnvironment.AZURE_CLOUD) + .protectionPolicy(ProtectionPolicy.MDM_CA) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return mApplication.getConfiguration().getDefaultAuthority().getAuthorityURL().toString(); + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} + diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase2139526.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase2139526.java new file mode 100644 index 0000000000..0967de1795 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase2139526.java @@ -0,0 +1,142 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.nonjoined; + +import com.microsoft.identity.client.IAccount; +import com.microsoft.identity.client.Prompt; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TestContext; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.annotations.LongUIAutomationTest; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.interaction.PromptHandlerParameters; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.interaction.microsoftsts.AadPromptHandler; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.ProtectionPolicy; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; + +import org.junit.Test; + +import java.util.Arrays; +import java.util.concurrent.TimeUnit; + +// Acquire Token Silent After Policy Change Should Fail +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/2139526 +@RetryOnFailure +@LongUIAutomationTest +public class TestCase2139526 extends AbstractMsalBrokerTest { + + @Test + public void test_2139526() throws Throwable { + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + final MsalSdk msalSdk = new MsalSdk(); + + // Interactive call + final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(getScopes())) + .resource("00000003-0000-0ff1-ce00-000000000000") + .promptParameter(Prompt.SELECT_ACCOUNT) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult authResult = msalSdk.acquireTokenInteractive(authTestParams, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + final PromptHandlerParameters promptHandlerParameters = PromptHandlerParameters.builder() + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(username) + .sessionExpected(false) + .consentPageExpected(false) + .speedBumpExpected(false) + .broker(mBroker) + .expectingBrokerAccountChooserActivity(false) + .build(); + + new AadPromptHandler(promptHandlerParameters) + .handlePrompt(username, password); + } + }, TokenRequestTimeout.MEDIUM); + + authResult.assertSuccess(); + + // Change the policy to MAM_CA + mLabClient.enablePolicy(username, ProtectionPolicy.MAM_CA); + + // It takes some time for the policy change to reflect + Thread.sleep(TimeUnit.MINUTES.toMillis(3)); + + // advance clock by more than an hour to expire AT in cache + TestContext.getTestContext().getTestDevice().getSettings().forwardDeviceTimeForOneDay(); + + // Try silent call with sharepoint as the resource, this should fail + // Silent call + final IAccount account = msalSdk.getAccount(mActivity,getConfigFileResourceId(),username); + + final MsalAuthTestParams silentParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .authority(account.getAuthority()) + .forceRefresh(true) + .scopes(Arrays.asList(getScopes())) + .resource("00000003-0000-0ff1-ce00-000000000000") + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult silentAuthResult = msalSdk.acquireTokenSilent(silentParams,TokenRequestTimeout.SILENT); + silentAuthResult.assertFailure(); + } + + @Override + public LabQuery getLabQuery() { + return null; + } + + @Override + public TempUserType getTempUserType() { + return TempUserType.BASIC; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return "https://login.microsoftonline.us/common"; + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase3139972.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase3139972.java new file mode 100644 index 0000000000..b0fed0c7fa --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase3139972.java @@ -0,0 +1,130 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.nonjoined; + +import com.microsoft.identity.client.IAccount; +import com.microsoft.identity.client.Prompt; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.interaction.PromptHandlerParameters; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.interaction.microsoftsts.AadPromptHandler; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Test; + +import java.util.Arrays; + +// [Non-joined][MSAL] Acquire Token + Acquire Token Silent, no loginhint (Prompt.SELECT_ACCOUNT) +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/3139972 +@RetryOnFailure(retryCount = 2) +public class TestCase3139972 extends AbstractMsalBrokerTest { + + @Test + public void test_3139972() throws Throwable { + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + final MsalSdk msalSdk = new MsalSdk(); + + // Interactive call + final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(null) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .promptParameter(Prompt.SELECT_ACCOUNT) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult authResult = msalSdk.acquireTokenInteractive(authTestParams, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + final PromptHandlerParameters promptHandlerParameters = PromptHandlerParameters.builder() + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(null) + .sessionExpected(false) + .consentPageExpected(false) + .speedBumpExpected(false) + .broker(mBroker) + .expectingBrokerAccountChooserActivity(false) + .build(); + + new AadPromptHandler(promptHandlerParameters) + .handlePrompt(username, password); + } + }, TokenRequestTimeout.MEDIUM); + + authResult.assertSuccess(); + + // Silent call + final IAccount account = msalSdk.getAccount(mActivity,getConfigFileResourceId(),username); + + final MsalAuthTestParams silentParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .authority(account.getAuthority()) + .forceRefresh(true) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult silentAuthResult = msalSdk.acquireTokenSilent(silentParams,TokenRequestTimeout.SILENT); + silentAuthResult.assertSuccess(); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return "https://login.microsoftonline.us/common"; + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833546.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833546.java new file mode 100644 index 0000000000..5011ec3c2b --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833546.java @@ -0,0 +1,126 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.nonjoined; + +import com.microsoft.identity.client.IAccount; +import com.microsoft.identity.client.Prompt; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.interaction.PromptHandlerParameters; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.interaction.microsoftsts.AadPromptHandler; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Test; + +import java.util.Arrays; + +// [MSAL] Broker Auth for Non-Joined Account - Multiple Resources +// https://identitydivision.visualstudio.com/DevEx/_workitems/edit/833546 +public class TestCase833546 extends AbstractMsalBrokerTest { + @Test + public void test_833546() throws Throwable { + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + final MsalSdk msalSdk = new MsalSdk(); + + // Interactive call + final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(getScopes())) + .resource("00000003-0000-0ff1-ce00-000000000000") + .promptParameter(Prompt.SELECT_ACCOUNT) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult authResult = msalSdk.acquireTokenInteractive(authTestParams, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + final PromptHandlerParameters promptHandlerParameters = PromptHandlerParameters.builder() + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(username) + .sessionExpected(false) + .consentPageExpected(false) + .speedBumpExpected(false) + .broker(mBroker) + .expectingBrokerAccountChooserActivity(false) + .build(); + + new AadPromptHandler(promptHandlerParameters) + .handlePrompt(username, password); + } + }, TokenRequestTimeout.MEDIUM); + + authResult.assertSuccess(); + + // Silent call + final IAccount account = msalSdk.getAccount(mActivity,getConfigFileResourceId(),username); + + final MsalAuthTestParams silentParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .authority(account.getAuthority()) + .forceRefresh(true) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult silentAuthResult = msalSdk.acquireTokenSilent(silentParams,TokenRequestTimeout.SILENT); + silentAuthResult.assertSuccess(); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + @Override + public String getAuthority() { + return "https://login.microsoftonline.us/common"; + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833553.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833553.java new file mode 100644 index 0000000000..c74e3af6f1 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase833553.java @@ -0,0 +1,179 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.nonjoined; + +import com.microsoft.identity.client.IAccount; +import com.microsoft.identity.client.Prompt; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthResult; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalAuthTestParams; +import com.microsoft.identity.client.msal.automationapp.sdk.MsalSdk; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.TokenRequestTimeout; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.interaction.PromptParameter; +import com.microsoft.identity.client.ui.automation.interaction.microsoftsts.MicrosoftStsPromptHandler; +import com.microsoft.identity.client.ui.automation.interaction.microsoftsts.MicrosoftStsPromptHandlerParameters; +import com.microsoft.identity.labapi.utilities.client.LabGuestAccount; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.AzureEnvironment; +import com.microsoft.identity.labapi.utilities.constants.FederationProvider; +import com.microsoft.identity.labapi.utilities.constants.GuestHomedIn; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Test; + +import java.util.Arrays; + +// [MSAL] Broker Auth for Non-Joined Account (Federated User) +// https://identitydivision.visualstudio.com/DevEx/_workitems/edit/833553 +@RetryOnFailure() +public class TestCase833553 extends AbstractMsalBrokerTest { + @Test + public void test_833553() throws Throwable { + final String username = mLabAccount.getUsername(); + + // query to load another user from the same tenant + final LabQuery queryForUserB = LabQuery.builder() + .userType(UserType.GUEST) + .guestHomedIn(GuestHomedIn.ON_PREM) + .azureEnvironment(AzureEnvironment.AZURE_CLOUD) + .federationProvider(FederationProvider.ADFS_V4) + .build(); + + // load this other user + final LabGuestAccount userB = mLabClient.loadGuestAccountFromLab(queryForUserB); + + final String usernameB = userB.getHomeUpn(); + final String password = mLabClient.getPasswordForGuestUser(userB); + + final MsalSdk msalSdk = new MsalSdk(); + + // Interactive call + final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .promptParameter(Prompt.SELECT_ACCOUNT) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult authResult = msalSdk.acquireTokenInteractive(authTestParams, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + final MicrosoftStsPromptHandlerParameters promptHandlerParameters = MicrosoftStsPromptHandlerParameters.builder() + .prompt(PromptParameter.SELECT_ACCOUNT) + .loginHint(username) + .sessionExpected(false) + .consentPageExpected(false) + .isFederated(true) + .speedBumpExpected(false) + .broker(mBroker) + .expectingBrokerAccountChooserActivity(false) + .build(); + + new MicrosoftStsPromptHandler(promptHandlerParameters) + .handlePrompt(username, password); + } + }, TokenRequestTimeout.MEDIUM); + + authResult.assertSuccess(); + + // Interactive call for user b + final MsalAuthTestParams authTestParams2 = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(username) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .promptParameter(Prompt.LOGIN) + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult authResult2 = msalSdk.acquireTokenInteractive(authTestParams2, new com.microsoft.identity.client.ui.automation.interaction.OnInteractionRequired() { + @Override + public void handleUserInteraction() { + final MicrosoftStsPromptHandlerParameters promptHandlerParameters = MicrosoftStsPromptHandlerParameters.builder() + .prompt(PromptParameter.LOGIN) + .loginHint(null) + .sessionExpected(false) + .consentPageExpected(false) + .isFederated(true) + .speedBumpExpected(false) + .broker(mBroker) + .expectingBrokerAccountChooserActivity(false) + .build(); + + new MicrosoftStsPromptHandler(promptHandlerParameters) + .handlePrompt(usernameB, password); + } + }, TokenRequestTimeout.MEDIUM); + + authResult2.assertSuccess(); + + // Silent call + final IAccount account = msalSdk.getAccount(mActivity,getConfigFileResourceId(),usernameB); + + final MsalAuthTestParams silentParams = MsalAuthTestParams.builder() + .activity(mActivity) + .loginHint(usernameB) + .authority(account.getAuthority()) + .forceRefresh(true) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") + .msalConfigResourceId(getConfigFileResourceId()) + .build(); + + final MsalAuthResult silentAuthResult = msalSdk.acquireTokenSilent(silentParams,TokenRequestTimeout.SILENT); + silentAuthResult.assertSuccess(); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.FEDERATED) + .azureEnvironment(AzureEnvironment.AZURE_CLOUD) + .federationProvider(FederationProvider.ADFS_V4) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + @Override + public String getAuthority() { + return "https://login.microsoftonline.us/common"; + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase850455.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase850455.java index d4a07f223b..83a9e2a494 100644 --- a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase850455.java +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/nonjoined/TestCase850455.java @@ -40,6 +40,8 @@ import org.junit.Test; +import java.util.Arrays; + // [Non-joined][MSAL] Acquire Token + Acquire Token Silent (Prompt.SELECT_ACCOUNT) // https://identitydivision.visualstudio.com/DevEx/_workitems/edit/850455 @RetryOnFailure(retryCount = 2) @@ -56,7 +58,8 @@ public void test_850455() throws Throwable { final MsalAuthTestParams authTestParams = MsalAuthTestParams.builder() .activity(mActivity) .loginHint(username) - .resource(mScopes[0]) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") .promptParameter(Prompt.SELECT_ACCOUNT) .msalConfigResourceId(getConfigFileResourceId()) .build(); @@ -89,7 +92,8 @@ public void handleUserInteraction() { .loginHint(username) .authority(account.getAuthority()) .forceRefresh(true) - .resource(mScopes[0]) + .scopes(Arrays.asList(getScopes())) + .resource("00000002-0000-0000-c000-000000000000") .msalConfigResourceId(getConfigFileResourceId()) .build(); @@ -111,9 +115,8 @@ public TempUserType getTempUserType() { @Override public String[] getScopes() { - return new String[]{"00000002-0000-0000-c000-000000000000"}; + return new String[]{"User.read"}; } - @Override public String getAuthority() { return "https://login.microsoftonline.us/common"; diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase831655.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase831655.java new file mode 100644 index 0000000000..effeba2530 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase831655.java @@ -0,0 +1,80 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.wpj; + +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.annotations.SupportedBrokers; +import com.microsoft.identity.client.ui.automation.broker.BrokerCompanyPortal; +import com.microsoft.identity.client.ui.automation.broker.BrokerMicrosoftAuthenticator; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Test; + +// Verify WPJ Cert installation on a Non samsung device with Authenticator +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/831655 + +// Technically this works on Samsung device too (at least Galaxy S6) +// So this should also cover TestCase831570 +// https://identitydivision.visualstudio.com/Engineering/_workitems/edit/831570 +@SupportedBrokers(brokers = {BrokerMicrosoftAuthenticator.class, BrokerCompanyPortal.class}) +public class TestCase831655 extends AbstractMsalBrokerTest { + + @Test + public void test_831655() { + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + // add work account via Settings screen + getSettingsScreen().addWorkAccount(mBroker, username, password); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return mApplication.getConfiguration().getDefaultAuthority().getAuthorityURL().toString(); + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833547.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833547.java new file mode 100644 index 0000000000..fadbd2f4d0 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833547.java @@ -0,0 +1,91 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.wpj; + +import androidx.test.uiautomator.UiObject; + +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.annotations.SupportedBrokers; +import com.microsoft.identity.client.ui.automation.broker.BrokerMicrosoftAuthenticator; +import com.microsoft.identity.client.ui.automation.utils.UiAutomatorUtils; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; +import com.microsoft.identity.labapi.utilities.constants.UserType; + +import org.junit.Assert; +import org.junit.Test; + +// Broker Add Account via Account Manager +// https://identitydivision.visualstudio.com/DevEx/_workitems/edit/833547 +@SupportedBrokers(brokers = {BrokerMicrosoftAuthenticator.class}) +@RetryOnFailure +public class TestCase833547 extends AbstractMsalBrokerTest { + + @Test + public void test_833547() { + // Recent build of authenticator seems to produce a notification popup on device, this blocks some ui we rely on to validate account presence. Disabling notifications will work. + getSettingsScreen().toggleNotificationsThroughSettings(mBroker.getPackageName()); + + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + getSettingsScreen().addWorkAccount(mBroker, username, password); + + // Assert Authenticator Account screen has account + mBroker.launch(); // open Authenticator App + mBroker.handleFirstRun(); + + final UiObject account1 = UiAutomatorUtils.obtainUiObjectWithText(username); + Assert.assertTrue(account1.exists()); // make sure account 1 is there + } + + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .userType(UserType.CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return mApplication.getConfiguration().getDefaultAuthority().getAuthorityURL().toString(); + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +} diff --git a/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833561.java b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833561.java new file mode 100644 index 0000000000..a0d3484d37 --- /dev/null +++ b/msalautomationapp/src/androidTest/java/com/microsoft/identity/client/msal/automationapp/testpass/broker/wpj/TestCase833561.java @@ -0,0 +1,88 @@ +// Copyright (c) Microsoft Corporation. +// All rights reserved. +// +// This code is licensed under the MIT License. +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files(the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions : +// +// The above copyright notice and this permission notice shall be included in +// all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +// THE SOFTWARE. +package com.microsoft.identity.client.msal.automationapp.testpass.broker.wpj; + +import com.microsoft.identity.client.msal.automationapp.BuildConfig; +import com.microsoft.identity.client.msal.automationapp.R; +import com.microsoft.identity.client.msal.automationapp.testpass.broker.AbstractMsalBrokerTest; +import com.microsoft.identity.client.ui.automation.annotations.RetryOnFailure; +import com.microsoft.identity.client.ui.automation.annotations.SupportedBrokers; +import com.microsoft.identity.client.ui.automation.broker.BrokerHost; +import com.microsoft.identity.client.ui.automation.broker.BrokerMicrosoftAuthenticator; +import com.microsoft.identity.labapi.utilities.client.LabQuery; +import com.microsoft.identity.labapi.utilities.constants.AzureEnvironment; +import com.microsoft.identity.labapi.utilities.constants.TempUserType; + +import org.junit.Assume; +import org.junit.Test; + +// [WPJ] Install WPJ Certificate for Browser Access +// https://identitydivision.visualstudio.com/DevEx/_workitems/edit/833561 +@SupportedBrokers(brokers = {BrokerMicrosoftAuthenticator.class, BrokerHost.class}) +//@RetryOnFailure(retryCount = 2) +public class TestCase833561 extends AbstractMsalBrokerTest { + + @Test + public void test_833561() { + // Check flight, this is checking what was passed to automation app, not the broker apks + Assume.assumeFalse( "EnableKeyStoreKeyFactory flight is activated, Test will be skipped", + BuildConfig.COPY_OF_LOCAL_FLIGHTS_FOR_TEST_PURPOSES.contains("EnableKeyStoreKeyFactory:true")); + + // Fetch credentials + final String username = mLabAccount.getUsername(); + final String password = mLabAccount.getPassword(); + + // perform device registration in broker + mBroker.performDeviceRegistration(username, password); + + // enable browser access via broker + mBroker.enableBrowserAccess(username); + } + + @Override + public LabQuery getLabQuery() { + return LabQuery.builder() + .azureEnvironment(AzureEnvironment.AZURE_CLOUD) + .build(); + } + + @Override + public TempUserType getTempUserType() { + return null; + } + + @Override + public String[] getScopes() { + return new String[]{"User.read"}; + } + + @Override + public String getAuthority() { + return mApplication.getConfiguration().getDefaultAuthority().getAuthorityURL().toString(); + } + + @Override + public int getConfigFileResourceId() { + return R.raw.msal_config_default; + } +}