Sign in 1.2.X

Author: Yuki-YuXin

MSAL/test/integration/native_auth/end_to_end/sign_in/MSALNativeAuthSignInUserNameAndPasswordEndToEndTests.swift

@@ -85,6 +85,92 @@ final class MSALNativeAuthSignInUsernameAndPasswordEndToEndTests: MSALNativeAuth
         XCTAssertTrue(signInDelegateSpy.error!.isInvalidCredentials)
     }
 
+    // User Case 1.2.4. Sign In - User signs in with account A, while data for account A already exists in SDK persistence
+    func test_signInWithAccountSigned() async throws {
+        guard let sut = initialisePublicClientApplication(), let username = retrieveUsernameForSignInUsernameAndPassword(), let password = await retrievePasswordForSignInUsername() else {
+            XCTFail("Missing information")
+            return
+        }
+
+        let signInExpectation = expectation(description: "signing in")
+        let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
+
+        sut.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy)
+
+        await fulfillment(of: [signInExpectation])
+
+        XCTAssertTrue(signInDelegateSpy.onSignInCompletedCalled)
+        XCTAssertNotNil(signInDelegateSpy.result?.idToken)
+        XCTAssertEqual(signInDelegateSpy.result?.account.username, username)
+        
+        // Now signed in the account again
+        let signInExpectation2 = expectation(description: "signing in")
+        let signInDelegateSpy2 = SignInPasswordStartDelegateSpy(expectation: signInExpectation2)
+
+        sut.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy2)
+        
+        XCTAssertTrue(signInDelegateSpy2.error!.description, "An account is already signed in.")
+    }
+    
+    // User Case 1.2.5. Sign In - User signs in with account B, while data for account A already exists in SDK persistence
+    // The same as 1.2.4
+    
+    // User Case 1.2.6. Sign In - Ability to provide scope to control auth strength of the token
+    
+    // User Case 1.2.7. Sign In - User email is registered with email OTP auth method, which is supported by the developer
+    func test_signInWithOTPSufficientChallengeResultsInSuccess() async throws {
+        guard let sut = initialisePublicClientApplication(), let username = retrieveUsernameForSignInUsernameAndPassword(), let password = await retrievePasswordForSignInUsername() else {
+            XCTFail("Missing information")
+            return
+        }
+
+        let signInExpectation = expectation(description: "signing in")
+        let passwordRequiredExpectation = expectation(description: "verifying password")
+        let signInDelegateSpy = SignInStartDelegateSpy(expectation: signInExpectation)
+        let signInPasswordRequiredDelegateSpy = SignInPasswordRequiredDelegateSpy(expectation: passwordRequiredExpectation)
+
+        sut.signIn(username: username, correlationId: correlationId, delegate: signInDelegateSpy)
+
+        await fulfillment(of: [signInExpectation])
+
+        guard signInDelegateSpy.onSignInPasswordRequiredCalled else {
+            XCTFail("onSignInPasswordRequired not called")
+            return
+        }
+
+        XCTAssertNotNil(signInDelegateSpy.newStatePasswordRequired)
+
+        // Now submit the password..
+
+        signInDelegateSpy.newStatePasswordRequired?.submitPassword(password: password, delegate: signInPasswordRequiredDelegateSpy)
+
+        await fulfillment(of: [passwordRequiredExpectation])
+
+        XCTAssertTrue(signInPasswordRequiredDelegateSpy.onSignInCompletedCalled)
+    }
+    
+    // User Case 1.2.8. Sign In - User attempts to sign in with email and password, but server requires second factor authentication (MFA OTP)
+    // Please refer to MFA End to End Test
+    
+    // User Case 1.2.9. Sign In - User email is registered with email OTP auth method, which is not supported by the developer (aka redirect flow)
+    func test_signInWithOTPInsufficientChallengeResultsInError() async throws {
+        guard let sut = initialisePublicClientApplication(), let username = retrieveUsernameForSignInUsernameAndPassword(), let password = await retrievePasswordForSignInUsername() else {
+            XCTFail("Missing information")
+            return
+        }
+
+        let signInExpectation = expectation(description: "signing in")
+        let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
+
+        sut.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy)
+
+        await fulfillment(of: [signInExpectation])
+
+        XCTAssertTrue(signInDelegateSpy.onSignInPasswordErrorCalled)
+        XCTAssertTrue(signInDelegateSpy.error!.isBrowserRequired)
+    }
+    
+    
     // Sign in - Password is incorrect (sent over delegate.newStatePasswordRequired)
     func test_signInAndSendingIncorrectPasswordResultsInError() async throws {
         guard let sut = initialisePublicClientApplication(), let username = retrieveUsernameForSignInUsernameAndPassword() else {