[iOS SDK] Update current user account result with latest account and id token after refresh (#2346)

* Update the current user account result data

* Made user account get access token testable
Added unit and e2e tests

* PR comments

* Fixed test around scopes after adding bundle id for IOS to client

* PR comments

* Added ConfigTested to validate config after being created
Made createRetrieveAccessTokenError and adjusted tests

* Reverted issue around UUID

Author: spetrescu84

MSAL/MSAL.xcodeproj/project.pbxproj

@@ -0,0 +1,47 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+/// Wrapper class around PublicClientApplication which helps with testability
+class MSALNativeAuthSilentTokenProvider: MSALNativeAuthSilentTokenProviding {
+
+    private let application: MSALNativeAuthPublicClientApplication?
+
+    init(
+        configuration config: MSALPublicClientApplicationConfig,
+        challengeTypes: MSALNativeAuthChallengeTypes) throws {
+            self.application = try? MSALNativeAuthPublicClientApplication(configuration: config, challengeTypes: challengeTypes)
+        }
+
+    func acquireTokenSilent(parameters: MSALSilentTokenParameters,
+                            completionBlock: @escaping MSALNativeAuthSilentTokenResponse) {
+        application?.acquireTokenSilent(with: parameters) { result, error in
+            if let result {
+                let silentTokenResult = MSALNativeAuthSilentTokenResult(result: result)
+                completionBlock(silentTokenResult, error)
+            } else {
+                completionBlock(nil, error)
+            }
+        }
+    }
+}

MSAL/src/native_auth/client_application_wrapper/silent_token/MSALNativeAuthSilentTokenProvider.swift

@@ -0,0 +1,57 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+/// Class used to extract infromation from MSALResult required by the UserAccountResult to be updated and returned
+/// MSALResult cannot be directly created from Swift
+class MSALNativeAuthSilentTokenResult {
+    let accessTokenResult: MSALNativeAuthTokenResult
+    let rawIdToken: String?
+    let account: MSALAccount
+    let correlationId: UUID
+
+    init(result: MSALResult) {
+        self.rawIdToken = result.idToken
+        self.account = result.account
+        self.accessTokenResult = MSALNativeAuthTokenResult(accessToken: result.accessToken,
+                                                           scopes: result.scopes,
+                                                           expiresOn: result.expiresOn)
+        self.correlationId = result.correlationId
+    }
+
+    init (accessTokenResult: MSALNativeAuthTokenResult,
+          rawIdToken: String?,
+          account: MSALAccount,
+          correlationId: UUID) {
+        self.rawIdToken = rawIdToken
+        self.account = account
+        self.accessTokenResult = accessTokenResult
+        self.correlationId = correlationId
+    }
+}
+
+typealias MSALNativeAuthSilentTokenResponse = (MSALNativeAuthSilentTokenResult?, (any Error)?) -> Void
+
+protocol MSALNativeAuthSilentTokenProviding {
+    func acquireTokenSilent(parameters: MSALSilentTokenParameters, completionBlock: @escaping MSALNativeAuthSilentTokenResponse)
+}

MSAL/src/native_auth/client_application_wrapper/silent_token/MSALNativeAuthSilentTokenProviding.swift

@@ -0,0 +1,28 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+protocol MSALNativeAuthSilentTokenProviderBuildable {
+    func makeSilentTokenProvider(configuration: MSALPublicClientApplicationConfig,
+                                 challengeTypes: MSALNativeAuthChallengeTypes) throws -> MSALNativeAuthSilentTokenProviding?
+}

MSAL/src/native_auth/client_application_wrapper/silent_token/factory/MSALNativeAuthSilentTokenProviderBuildable.swift

@@ -0,0 +1,30 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+class MSALNativeAuthSilentTokenProviderFactory: MSALNativeAuthSilentTokenProviderBuildable {
+    func makeSilentTokenProvider(configuration: MSALPublicClientApplicationConfig,
+                                 challengeTypes: MSALNativeAuthChallengeTypes) throws -> MSALNativeAuthSilentTokenProviding? {
+        return try? MSALNativeAuthSilentTokenProvider(configuration: configuration, challengeTypes: challengeTypes)
+    }
+}

MSAL/src/native_auth/client_application_wrapper/silent_token/factory/MSALNativeAuthSilentTokenProviderFactory.swift

@@ -43,7 +43,7 @@ extension MSALNativeAuthUserAccountResult {
                                                        authority: authority)
         config.bypassRedirectURIValidation = configuration.redirectUri == nil
 
-        guard let client = try? MSALNativeAuthPublicClientApplication(configuration: config, challengeTypes: challengeTypes)
+        guard let silentTokenProvider = try? silentTokenProviderFactory.makeSilentTokenProvider(configuration: config, challengeTypes: challengeTypes)
         else {
             MSALLogger.log(
                             level: .error,
@@ -55,8 +55,7 @@ extension MSALNativeAuthUserAccountResult {
                                                 correlationId: correlationId ?? context.correlationId())) }
             return
         }
-
-        client.acquireTokenSilent(with: params) { [weak self] result, error in
+        silentTokenProvider.acquireTokenSilent(parameters: params) { [weak self] result, error in
             guard let self = self else { return }
 
             if let error = error as? NSError {
@@ -67,10 +66,10 @@ extension MSALNativeAuthUserAccountResult {
 
             if let result = result {
                 let delegateDispatcher = CredentialsDelegateDispatcher(delegate: delegate, telemetryUpdate: nil)
-                let accessTokenResult = MSALNativeAuthTokenResult(accessToken: result.accessToken,
-                                                                  scopes: result.scopes,
-                                                                  expiresOn: result.expiresOn)
-                Task { await delegateDispatcher.dispatchAccessTokenRetrieveCompleted(result: accessTokenResult, correlationId: result.correlationId) }
+                self.rawIdToken = result.rawIdToken
+                self.account = result.account
+                Task { await delegateDispatcher.dispatchAccessTokenRetrieveCompleted(result: result.accessTokenResult,
+                                                                                     correlationId: result.correlationId) }
                 return
             }
 
@@ -83,7 +82,7 @@ extension MSALNativeAuthUserAccountResult {
         }
     }
 
-    func createRetrieveAccessTokenError(error: NSError, context: MSALNativeAuthRequestContext) -> RetrieveAccessTokenError {
+    private func createRetrieveAccessTokenError(error: NSError, context: MSALNativeAuthRequestContext) -> RetrieveAccessTokenError {
         if let innerError = error.userInfo[NSUnderlyingErrorKey] as? NSError {
            return createRetrieveAccessTokenError(error: innerError, context: context)
         }

MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult+Internal.swift

@@ -29,10 +29,11 @@ import Foundation
     /// The account object that holds account information.
     @objc public var account: MSALAccount
 
-    let configuration: MSALNativeAuthConfiguration
-    private var rawIdToken: String?
+    internal let configuration: MSALNativeAuthConfiguration
+    internal var rawIdToken: String?
     private let cacheAccessor: MSALNativeAuthCacheInterface
     private let inputValidator: MSALNativeAuthInputValidating
+    internal let silentTokenProviderFactory: MSALNativeAuthSilentTokenProviderBuildable
 
     /// Get the latest ID token for the account.
     @objc public var idToken: String? {
@@ -44,13 +45,15 @@ import Foundation
         rawIdToken: String?,
         configuration: MSALNativeAuthConfiguration,
         cacheAccessor: MSALNativeAuthCacheInterface,
-        inputValidator: MSALNativeAuthInputValidating = MSALNativeAuthInputValidator()
+        inputValidator: MSALNativeAuthInputValidating = MSALNativeAuthInputValidator(),
+        silentTokenProviderFactory: MSALNativeAuthSilentTokenProviderBuildable = MSALNativeAuthSilentTokenProviderFactory()
     ) {
         self.account = account
         self.rawIdToken = rawIdToken
         self.configuration = configuration
         self.cacheAccessor = cacheAccessor
         self.inputValidator = inputValidator
+        self.silentTokenProviderFactory = silentTokenProviderFactory
     }
 
     /// Removes all the data from the cache.

MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult.swift

@@ -0,0 +1,53 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+@testable import MSAL
+import XCTest
+
+open class CredentialsDelegateSpy: CredentialsDelegate {
+
+    private let expectation: XCTestExpectation
+    private(set) var error: MSAL.RetrieveAccessTokenError?
+    private(set) var result: MSAL.MSALNativeAuthTokenResult?
+    private(set) var onAccessTokenRetrieveErrorCalled = false
+    private(set) var onAccessTokenRetrieveCompletedCalled = false
+
+    init(expectation: XCTestExpectation) {
+        self.expectation = expectation
+    }
+
+    public func onAccessTokenRetrieveCompleted(result: MSALNativeAuthTokenResult) {
+        onAccessTokenRetrieveCompletedCalled = true
+        self.result = result
+
+        expectation.fulfill()
+    }
+
+    public func onAccessTokenRetrieveError(error: MSAL.RetrieveAccessTokenError) {
+        onAccessTokenRetrieveErrorCalled = true
+        self.error = error
+
+        expectation.fulfill()
+    }
+}