[IOS SDK] Just In Time registration (#2596)

* Native auth: Just in time SDK mock interface  (#2555)

* add new state and delegate for JIT

* add mock implementation and update for signIn after singUp and SSPR delegates

* Add callback also to signIn password delegate

* make jit state methods public

* use right callback method name

* [iOS SDK] JIT Registration, Network implementation (#2576)

* Added JIT classes

* Jit classes

* Controllers

* New controllers

* Moved controller

* Changes for PR

* Cleanup

* Revert controller changes

* Reverted changes on dispatchers

* Fixed unit tests

* remove non network files

* Unit tests

* Removed failing tests

* PR comments

* PR Comments

* Swiftlint

* Unit tests

* Add error validation for invalid verification contact

* Update MSAL/src/native_auth/public/state_machine/delegate_dispatcher/SignInDelegateDispatchers.swift

Co-authored-by: Danilo Raspa <[email protected]>

* Update MSAL/src/native_auth/public/state_machine/delegate_dispatcher/SignInDelegateDispatchers.swift

Co-authored-by: Danilo Raspa <[email protected]>

* Moved code to KnonwnESTSAPIErrorCodes

* Moved to error case

* Integration tests

* Added comment

---------

Co-authored-by: Danilo Raspa <[email protected]>

* [iOS SDK] JIT Registration, Business implementation (#2583)

* Added JIT classes

* Jit classes

* Controllers

* New controllers

* Moved controller

* Changes for PR

* Cleanup

* Revert controller changes

* Reverted changes on dispatchers

* Fixed unit tests

* remove non network files

* Unit tests

* Removed failing tests

* PR comments

* PR Comments

* Swiftlint

* Unit tests

* Add error validation for invalid verification contact

* Update MSAL/src/native_auth/public/state_machine/delegate_dispatcher/SignInDelegateDispatchers.swift

Co-authored-by: Danilo Raspa <[email protected]>

* Update MSAL/src/native_auth/public/state_machine/delegate_dispatcher/SignInDelegateDispatchers.swift

Co-authored-by: Danilo Raspa <[email protected]>

* Moved code to KnonwnESTSAPIErrorCodes

* Moved to error case

* Controller code

* Linked controllers

* Fix infinite allocation loop and empty verification contact

* New SignIn method

* Fix Unit tests

* Removed not needed code

* Split functions to handlers for responses

* Update MSAL/src/native_auth/controllers/jit/MSALNativeAuthJITController.swift

Co-authored-by: Danilo Raspa <[email protected]>

* Removed unused parameter

* Removed not needed swiftlint

* Removed not needed username

* Changed general error to browser required

* removed not needed config

* Renamed jitRequired to jitAuthMethodsSelectionRequired
Moved logic to jitcontroller

* changed incorrect error

* Added preverified path

* refactor, remove task inside of task

* Finished moving away from the on... parameters
Combined both signIn functions from the protocol into one

* Removed redirect case from introspect endpoints

* Renamed to HandleTokenResult

* Integration tests

* Added comment

* Unit tests

* Unit tests

* PR Comments

---------

Co-authored-by: Danilo Raspa <[email protected]>
Co-authored-by: Danilo Raspa <[email protected]>

* IC

* Removed incorrect unit test host

* Removed incorrect extra msal.framework

* Swiftlint

* Preverified

---------

Co-authored-by: Danilo Raspa <[email protected]>
Co-authored-by: Danilo Raspa <[email protected]>

Author: spetrescu84

MSAL/MSAL.xcodeproj/project.pbxproj

@@ -53,12 +53,10 @@ class MSALNativeAuthTokenController: MSALNativeAuthBaseController {
 
     func performAndValidateTokenRequest(
         _ request: MSIDHttpRequest,
-        config: MSIDConfiguration,
         context: MSALNativeAuthRequestContext) async -> MSALNativeAuthTokenValidatedResponse {
             let ciamTokenResponse: Result<MSIDCIAMTokenResponse, Error> = await performTokenRequest(request, context: context)
             return responseValidator.validate(
                 context: context,
-                msidConfiguration: config,
                 result: ciamTokenResponse
             )
         }
@@ -76,7 +74,7 @@ class MSALNativeAuthTokenController: MSALNativeAuthBaseController {
     func createTokenRequest(
         username: String? = nil,
         password: String? = nil,
-        scopes: [String],
+        scopes: [String]? = nil,
         continuationToken: String? = nil,
         oobCode: String? = nil,
         grantType: MSALNativeAuthGrantType,
@@ -89,7 +87,7 @@ class MSALNativeAuthTokenController: MSALNativeAuthBaseController {
                     username: username,
                     continuationToken: continuationToken,
                     grantType: grantType,
-                    scope: scopes.joinScopes(),
+                    scope: scopes?.joinScopes(),
                     password: password,
                     oobCode: oobCode,
                     includeChallengeType: includeChallengeType,

MSAL/src/native_auth/controllers/MSALNativeAuthTokenController.swift

@@ -25,6 +25,7 @@
 protocol MSALNativeAuthControllerBuildable {
     func makeSignUpController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthSignUpControlling
     func makeSignInController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthSignInControlling
+    func makeJITController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthJITControlling
     func makeResetPasswordController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthResetPasswordControlling
     func makeCredentialsController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthCredentialsControlling
 }
@@ -44,6 +45,10 @@ final class MSALNativeAuthControllerFactory: MSALNativeAuthControllerBuildable {
         return MSALNativeAuthSignInController(config: config, cacheAccessor: cacheAccessor)
     }
 
+    func makeJITController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthJITControlling {
+        return MSALNativeAuthJITController(config: config, cacheAccessor: cacheAccessor)
+    }
+
     func makeResetPasswordController(cacheAccessor: MSALNativeAuthCacheInterface) -> MSALNativeAuthResetPasswordControlling {
         return MSALNativeAuthResetPasswordController(config: config, cacheAccessor: cacheAccessor)
     }

MSAL/src/native_auth/controllers/factories/MSALNativeAuthControllerFactory.swift

@@ -0,0 +1,50 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+import Foundation
+
+protocol MSALNativeAuthJITControlling {
+    typealias JITGetJITAuthMethodsControllerResponse = MSALNativeAuthControllerTelemetryWrapper<JITRequestGetAuthMethodsResult>
+    typealias JITRequestChallengeControllerResponse = MSALNativeAuthControllerTelemetryWrapper<JITRequestChallengeResult>
+    typealias JITSubmitChallengeControllerResponse = MSALNativeAuthControllerTelemetryWrapper<JITSubmitChallengeResult>
+
+    func getJITAuthMethods(
+        continuationToken: String,
+        context: MSALNativeAuthRequestContext
+    ) async -> JITGetJITAuthMethodsControllerResponse
+
+    func requestJITChallenge(
+        continuationToken: String,
+        authMethod: MSALAuthMethod,
+        verificationContact: String?,
+        context: MSALNativeAuthRequestContext
+    ) async -> JITRequestChallengeControllerResponse
+
+    func submitJITChallenge(
+        challenge: String?,
+        continuationToken: String,
+        grantType: MSALNativeAuthGrantType,
+        context: MSALNativeAuthRequestContext
+    ) async -> JITSubmitChallengeControllerResponse
+}

MSAL/src/native_auth/controllers/jit/MSALNativeAuthJITController.swift

@@ -0,0 +1,44 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+import Foundation
+
+enum JITRequestGetAuthMethodsResult {
+    case selectionRequired(authMethods: [MSALAuthMethod], newState: RegisterStrongAuthState)
+    case error(error: MSALNativeAuthJITIntrospectValidatedErrorType)
+}
+
+enum JITRequestChallengeResult {
+    case verificationRequired(sentTo: String,
+                              channelTargetType: MSALNativeAuthChannelType,
+                              codeLength: Int,
+                              newState: RegisterStrongAuthVerificationRequiredState)
+    case completed(MSALNativeAuthUserAccountResult)
+    case error(error: RegisterStrongAuthChallengeError, newState: RegisterStrongAuthState?)
+}
+
+enum JITSubmitChallengeResult {
+    case completed(MSALNativeAuthUserAccountResult)
+    case error(error: RegisterStrongAuthSubmitChallengeError, newState: RegisterStrongAuthVerificationRequiredState?)
+}

MSAL/src/native_auth/controllers/jit/MSALNativeAuthJITControlling.swift

@@ -29,6 +29,7 @@ enum SignInStartResult {
     case codeRequired(newState: SignInCodeRequiredState, sentTo: String, channelTargetType: MSALNativeAuthChannelType, codeLength: Int)
     case passwordRequired(newState: SignInPasswordRequiredState)
     case awaitingMFA(newState: AwaitingMFAState)
+    case jitAuthMethodsSelectionRequired(authMethods: [MSALAuthMethod], newState: RegisterStrongAuthState)
     case error(SignInStartError)
 }
 
@@ -37,6 +38,7 @@ typealias SignInResendCodeResult = CodeRequiredGenericResult<SignInCodeRequiredS
 enum SignInPasswordRequiredResult {
     case completed(MSALNativeAuthUserAccountResult)
     case awaitingMFA(newState: AwaitingMFAState)
+    case jitAuthMethodsSelectionRequired(authMethods: [MSALAuthMethod], newState: RegisterStrongAuthState)
     case error(error: PasswordRequiredError, newState: SignInPasswordRequiredState?)
 }