Merge branch 'dev' into veena/fixHttpErrorMapping

Author: Veena11

CODEOWNERS

@@ -2,10 +2,11 @@
 # Unless a later match takes precedence, these users will be requested
 # for review whenever someone opens a pull request.
 *       @AzureAD/AppleIdentityTeam
-# @AzureAD/AppleIdentityTeam and @AzureAD/MSAL-ObjC-CIAM will be the co-owners of MSAL.project, CHANGELOG.md and all files under azure_pipelines
+# @AzureAD/AppleIdentityTeam and @AzureAD/MSAL-ObjC-CIAM will be the co-owners of MSAL.project, CHANGELOG.md, Package.swift and all files under azure_pipelines
 /MSAL/MSAL.xcodeproj/project.pbxproj @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM
 CHANGELOG.md @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM
 /azure_pipelines/ @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM
+/Package.swift @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM
 # @AzureAD/MSAL-ObjC-CIAM owns any files in the */native_auth
 # directories, subdirectories and other files related to native auth.
 /MSAL/module.modulemap @AzureAD/MSAL-ObjC-CIAM
@@ -22,7 +23,6 @@ CHANGELOG.md @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM
 /MSAL/MSAL.xcodeproj/xcshareddata/xcschemes/unit-test-host-mac.xcscheme @AzureAD/MSAL-ObjC-CIAM
 /MSAL/MSAL.xcodeproj/xcshareddata/xcschemes/MSAL\ iOS\ Native\ Auth\ E2E\ Tests.xcscheme @AzureAD/MSAL-ObjC-CIAM
 /MSAL/MSAL.xcodeproj/xcshareddata/xcschemes/MSAL\ Mac\ Native\ Auth\ E2E\ Tests.xcscheme @AzureAD/MSAL-ObjC-CIAM
-/Package.swift @AzureAD/MSAL-ObjC-CIAM
 /spm-integration-test.sh @AzureAD/MSAL-ObjC-CIAM
 # For more details about inheritance patterns, or to assign different
 # owners for individual file extensions, see:

MSAL/test/integration/native_auth/end_to_end/mfa/MSALNativeAuthSignInWithMFAEndToEndTests.swift

@@ -29,6 +29,7 @@ import MSAL
 final class MSALNativeAuthSignInWithMFAEndToEndTests: MSALNativeAuthEndToEndPasswordTestCase {
 
     func test_signInUsingPasswordWithMFASubmitWrongChallengeResendChallengeThen_completeSuccessfully() async throws {
+        throw XCTSkip("Retrieving OTP failure")
 #if os(macOS)
         throw XCTSkip("For some reason this test now requires Keychain access, reason needs to be investigated")
 #endif
@@ -88,6 +89,7 @@ final class MSALNativeAuthSignInWithMFAEndToEndTests: MSALNativeAuthEndToEndPass
     }
 
     func test_signInUsingPasswordWithMFAGetAuthMethods_thenCompleteSuccessfully() async throws {
+        throw XCTSkip("Retrieving OTP failure")
 #if os(macOS)
         throw XCTSkip("For some reason this test now requires Keychain access, reason needs to be investigated")
 #endif
@@ -146,6 +148,7 @@ final class MSALNativeAuthSignInWithMFAEndToEndTests: MSALNativeAuthEndToEndPass
     }
 
     func test_signInUsingPasswordWithMFANoDefaultAuthMethod_completeSuccessfully() async throws {
+        throw XCTSkip("Retrieving OTP failure")
 #if os(macOS)
         throw XCTSkip("For some reason this test now requires Keychain access, reason needs to be investigated")
 #endif

MSAL/test/integration/native_auth/end_to_end/reset_password/MSALNativeAuthResetPasswordEndToEndTests.swift

@@ -31,6 +31,8 @@ final class MSALNativeAuthResetPasswordEndToEndTests: MSALNativeAuthEndToEndBase
     private let codeRetryCount = 3
 
     func test_resetPassword_withoutAutomaticSignIn_succeeds() async throws {
+        throw XCTSkip("1secmail service is down. Ignoring test for now.")
+        
         guard let sut = initialisePublicClientApplication(),
               let username = retrieveUsernameForResetPassword()
         else {
@@ -72,6 +74,8 @@ final class MSALNativeAuthResetPasswordEndToEndTests: MSALNativeAuthEndToEndBase
 
     // SSPR - with automatic sign in
     func test_resetPassword_withAutomaticSignIn_succeeds() async throws {
+        throw XCTSkip("1secmail service is down. Ignoring test for now.")
+        
         guard let sut = initialisePublicClientApplication(),
               let username = retrieveUsernameForResetPassword()
         else {

MSAL/test/integration/native_auth/end_to_end/sign_in/MSALNativeAuthSignInUsernameEndToEndTests.swift

@@ -49,7 +49,8 @@ final class MSALNativeAuthSignInUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.2.7. Sign in - Invalid OTP code
     func test_signInAndSendingIncorrectOTPResultsInError() async throws {
-
+        throw XCTSkip("The test account is locked")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code), let username = retrieveUsernameForSignInCode() else {
             XCTFail("Missing information")
             return
@@ -85,6 +86,7 @@ final class MSALNativeAuthSignInUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.2.1. Sign in - Use email and OTP to get token and sign in
     func test_signInAndSendingCorrectOTPResultsInSuccess() async throws {
+        throw XCTSkip("Retrieving OTP failure")
 
         guard let sut = initialisePublicClientApplication(clientIdType: .code), let username = retrieveUsernameForSignInCode() else {
             XCTFail("Missing information")
@@ -128,6 +130,8 @@ final class MSALNativeAuthSignInUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Sign In - Verify Custom URL Domain - "https://<tenantName>.ciamlogin.com/<tenantName>.onmicrosoft.com"
     func test_signInCustomSubdomainLongInSuccess() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code, customAuthorityURLFormat: .tenantSubdomainLongVersion), let username = retrieveUsernameForSignInCode() else {
             XCTFail("Missing information")
             return
@@ -170,6 +174,8 @@ final class MSALNativeAuthSignInUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Sign In - Verify Custom URL Domain - "https://<tenantName>.ciamlogin.com/<tenantId>"
     func test_signInCustomSubdomainIdInSuccess() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code, customAuthorityURLFormat: .tenantSubdomainTenantId), let username = retrieveUsernameForSignInCode() else {
             XCTFail("Missing information")
             return
@@ -212,6 +218,8 @@ final class MSALNativeAuthSignInUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Sign In - Verify Custom URL Domain - "https://<tenantName>.ciamlogin.com/"
     func test_signInCustomSubdomainShortInSuccess() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code, customAuthorityURLFormat: .tenantSubdomainShortVersion), let username = retrieveUsernameForSignInCode() else {
             XCTFail("Missing information")
             return

MSAL/test/integration/native_auth/end_to_end/sign_up/MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests.swift

@@ -29,6 +29,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Hero Scenario 1.1.1. Sign up - with Email verification as LAST step (Email & Password)
     func test_signUpWithPassword_withEmailVerificationLastStep_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication() else {
             XCTFail("Missing information")
             return
@@ -87,6 +89,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Use case 1.1.2. Sign up - with Email & Password, Resend email OOB
     func test_signUpWithEmailPassword_resendEmail_success() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication() else {
             XCTFail("Missing information")
             return
@@ -139,6 +143,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Hero Scenario 1.1.3. Sign up - with Email verification as LAST step & Custom Attributes (Email & Password)
     func test_signUpWithPassword_withEmailVerificationAsLastStepAndCustomAttributes_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .passwordAndAttributes) else {
             XCTFail("Missing information")
             return
@@ -199,6 +205,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Hero Scenario 1.1.4. Sign up - with Email verification as FIRST step (Email & Password)
     func test_signUpWithPassword_withEmailVerificationAsFirstStepAndThenSetPassword_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication() else {
             XCTFail("Missing information")
             return
@@ -273,6 +281,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Use case 1.1.5. Sign up - with Email & Password, Verify email address using email OTP, resend OTP and then set password
     func test_signUpWithEmailOTP_andSetPasswordAfterOTP_success() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication() else {
             XCTFail("Missing information")
             return
@@ -339,6 +349,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Hero Scenario 1.1.6. Sign up - with Email verification as FIRST step & Custom Attribute (Email & Password)
     func test_signUpWithPasswordWithEmailVerificationAsFirstStepAndCustomAttributes_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .passwordAndAttributes) else {
             XCTFail("Missing information")
             return
@@ -431,6 +443,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Sign up - with Email verification as FIRST step & Custom Attributes over MULTIPLE screens (Email & Password)
     func test_signUpWithPasswordWithEmailVerificationAsFirstStepAndCustomAttributesOverMultipleScreens_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .passwordAndAttributes) else {
             XCTFail("Missing information")
             return
@@ -541,6 +555,8 @@ final class MSALNativeAuthSignUpUsernameAndPasswordEndToEndTests: MSALNativeAuth
 
     // Sign up – without automatic sign in (Email & Password)
     func test_signUpWithPasswordWithoutAutomaticSignIn() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication() else {
             XCTFail("Missing information")
             return

MSAL/test/integration/native_auth/end_to_end/sign_up/MSALNativeAuthSignUpUsernameEndToEndTests.swift

@@ -29,6 +29,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.1.1. Sign up – with Email Verification (Email & Email OTP)
     func test_signUpWithCode_withEmailVerification_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code) else {
             XCTFail("Missing information")
             return
@@ -73,6 +75,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.1.2. Sign up – with Email Verification as LAST step & Custom Attributes (Email & Email OTP)
     func test_signUpWithCode_withEmailVerificationAsLastStepAndCustomAttributes_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .codeAndAttributes) else {
             XCTFail("OTP code not retrieved from email")
             return
@@ -114,6 +118,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.1.3. Sign up – with Email Verification as FIRST step & Custom Attributes (Email & Email OTP)
     func test_signUpWithCode_withEmailVerificationAsFirstStepAndCustomAttributes_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .codeAndAttributes) else {
             XCTFail("Missing information")
             return
@@ -168,6 +174,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.1.4. Sign up – with Email Verification as FIRST step & Custom Attributes over MULTIPLE screens (Email & Email OTP)
     func test_signUpWithCode_withEmailVerificationAsFirstStepAndCustomAttributesOverMultipleScreens_succeeds() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .codeAndAttributes) else {
             XCTFail("Missing information")
             return
@@ -239,6 +247,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // use case 2.1.5. Sign up - with Email & OTP resend email OTP
     func test_signUpWithEmailOTP_resendEmail_success() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code) else {
             XCTFail("Missing information")
             return
@@ -366,6 +376,8 @@ final class MSALNativeAuthSignUpUsernameEndToEndTests: MSALNativeAuthEndToEndBas
 
     // Hero Scenario 2.1.9. Sign up – without automatic sign in (Email & Email OTP)
     func test_signUpWithoutAutomaticSignIn() async throws {
+        throw XCTSkip("Retrieving OTP failure")
+        
         guard let sut = initialisePublicClientApplication(clientIdType: .code) else {
             XCTFail("Missing information")
             return

azure_pipelines/broker_submodule_check.yml

@@ -0,0 +1,164 @@
+# Xcode
+# Build, test, and archive an Xcode workspace on macOS.
+# Add steps that install certificates, test, sign, and distribute an app, save build artifacts, and more:
+# https://docs.microsoft.com/azure/devops/pipelines/languages/xcode
+
+trigger:
+  branches:
+    include:
+    - dev
+
+pr:
+  autoCancel: true
+  branches:
+    include:
+    - '*'
+  drafts: true
+
+pool:
+  name: 'Azure Pipelines'
+
+resources:
+ repositories:
+   - repository: azure-activedirectory-tokenbroker-for-objc
+     type: github
+     endpoint: 'MSAL ObjC Service Connection'
+     name: AzureAD/azure-activedirectory-tokenbroker-for-objc
+
+   - repository: WorkplaceJoin-for-iOS
+     type: github
+     endpoint: 'MSAL ObjC Service Connection'
+     name: AzureAD/WorkplaceJoin-for-iOS
+
+jobs:
+- job: 'Validate_Pull_Request'
+  displayName: Validate Pull Request
+  pool:
+    vmImage: 'macOS-14'
+    timeOutInMinutes: 30
+
+  steps:
+  - checkout: azure-activedirectory-tokenbroker-for-objc
+    displayName: 'Checkout Broker'
+    clean: false
+    submodules: false
+    fetchTags: true
+    persistCredentials: true
+
+  - checkout: self
+    displayName: 'Checkout MSAL'
+    clean: false
+    submodules: false
+    fetchTags: true
+    path: 's/azure-activedirectory-tokenbroker-for-objc/ADAuthenticationBroker/Frameworks/microsoft-authentication-library-for-objc'
+    persistCredentials: true
+
+  - task: Bash@3
+    displayName: 'Checkout MSAL submodules + ADAL'
+    inputs:
+      workingDirectory: $(Pipeline.Workspace)/s
+      targetType: 'inline'
+      script: |
+        cd azure-activedirectory-tokenbroker-for-objc
+        git submodule update --init --recursive ADAuthenticationBroker/Frameworks/adal
+        cd ADAuthenticationBroker/Frameworks/microsoft-authentication-library-for-objc
+        git submodule update --init --recursive
+
+  - checkout: WorkplaceJoin-for-iOS
+    displayName: 'Checkout WPJ'
+    clean: false
+    submodules: false
+    fetchTags: true
+    path: 's/azure-activedirectory-tokenbroker-for-objc/ADAuthenticationBroker/Frameworks/WorkplaceJoin-for-iOS'
+    persistCredentials: true
+
+  - task: AzureCLI@2
+    inputs:
+      azureSubscription: 'AuthSdkResourceManager'
+      scriptType: 'pscore'
+      scriptLocation: 'inlineScript'
+      inlineScript: |
+        # if this fails, check out this bash script that includes diagnostics:
+        # https://gist.github.com/johnterickson/19f80a3e969e39f1000d118739176e62
+        # uncomment these for more debugging spew
+        # GIT_TRACE=1
+        # GIT_CURL_VERBOSE=1
+        
+        # Note that the resoruce is specified to limit the token to Azure DevOps
+        $token = az account get-access-token --query accessToken --resource 499b84ac-1321-427f-aa17-267ca6975798 -o tsv
+        Write-Host "##vso[task.setvariable variable=aadToken;issecret=true]$token"
+  - task: Bash@3
+    displayName: 'Checkout NGC Submodules'
+    env:
+      AccessToken: $(MSAzureToken_encoded)
+    inputs:
+      workingDirectory: $(Pipeline.Workspace)/s
+      targetType: 'inline'
+      script: |
+        cd azure-activedirectory-tokenbroker-for-objc/ADAuthenticationBroker/Frameworks
+        git -c http.https://msazure.visualstudio.com/DefaultCollection/One/_git/AD-MFA-NGCAuthentication.extraheader="AUTHORIZATION: bearer $(aadToken)" submodule update --init AD-MFA-NGCAuthentication
+        cd AD-MFA-NGCAuthentication
+        git -c http.https://msazure.visualstudio.com/DefaultCollection/One/_git/AD-MFA-NGCKeyProvider-ios.extraheader="AUTHORIZATION: bearer $(aadToken)" submodule update --init NGCKeyProvider
+        git -c http.https://msazure.visualstudio.com/DefaultCollection/One/_git/AD-MFA-MSAuthNetworking.extraheader="AUTHORIZATION: bearer $(aadToken)" submodule update --init MSAuthNetworking
+
+  - task: Bash@3
+    displayName: 'Checkout WPJ openssl-msft submodule'
+    inputs:
+      workingDirectory: $(Pipeline.Workspace)/s
+      targetType: 'inline'
+      script: |
+        cd azure-activedirectory-tokenbroker-for-objc/ADAuthenticationBroker/Frameworks/WorkplaceJoin-for-iOS
+        git -c http.https://msazure.visualstudio.com/DefaultCollection/PlatformCrypto/_git/openssl-msft.extraheader="AUTHORIZATION: bearer $(aadToken)" submodule update --init Frameworks/openssl-msft
+
+  - task: Bash@3
+    displayName: 'Update WPJ submodules'
+    inputs:
+      workingDirectory: $(Pipeline.Workspace)/s
+      targetType: 'inline'
+      script: |
+        cd azure-activedirectory-tokenbroker-for-objc/ADAuthenticationBroker/Frameworks/WorkplaceJoin-for-iOS
+        git submodule update --init --recursive Frameworks/microsoft-authentication-library-for-objc
+        
+  - script: 'gem uninstall xcpretty -I --version 0.4.0'
+    displayName: 'Uninstall xcpretty v0.4.0'
+
+  - script: 'gem install xcpretty -N -v 0.3.0'
+    displayName: 'Install xcpretty v0.3.0'
+    
+  - script: 'gem install slather -N'
+    displayName: 'Install slather'
+
+  - task: UsePythonVersion@0
+    displayName: 'Use Python 3.x'
+
+  - task: Bash@3
+    displayName: 'Select Xcode version'
+    inputs:
+      targetType: 'inline'
+      script: '/bin/bash -c "sudo xcode-select -s /Applications/Xcode_15.4.app"'
+
+# The following is needed to install the visionOS SDK on macos-14 vm image which
+# doesn't have visionOS installed by default.
+# TODO: Remove when macos-14-arm64 is supported on ADO.
+  - task: Bash@3
+    displayName: download visionOS SDK
+    inputs:
+      targetType: 'inline'
+      script: |
+        echo "Downloading simulator for visionOS"
+        sudo xcode-select -s /Applications/Xcode_15.4.app/Contents/Developer
+        defaults write com.apple.dt.Xcode AllowUnsupportedVisionOSHost -bool YES
+        defaults write com.apple.CoreSimulator AllowUnsupportedVisionOSHost -bool YES
+        xcodebuild -downloadPlatform visionOS
+      failOnStderr: false
+
+
+  - task: Bash@3
+    displayName: 'Run a python script for Broker'
+    inputs:
+      targetType: 'inline'
+      script: |
+        cd azure-activedirectory-tokenbroker-for-objc
+        echo "executing build:./build.py"
+        python3 ./build.py
+