Merge branch 'dev' into jarias/use-single-frt

# Conflicts:
#	MSAL/IdentityCore

Author: juan-arias

CHANGELOG.md

@@ -1,3 +1,7 @@
+## TBD
+* Support sendable result #2518
+* Support DUNA protocol for CBA flow #2508
+
 ## [1.7.0]
 * Add support for claims request in native authentication signIn (#2496)
 * Move native auth public methods to parameter class (#2492)

MSAL/IdentityCore

@@ -5811,8 +5811,6 @@
 					};
 					D61A64321E5A29580086D120 = {
 						CreatedOnToolsVersion = 8.2.1;
-						DevelopmentTeam = UBF8T346G9;
-						ProvisioningStyle = Manual;
 						SystemCapabilities = {
 							com.apple.Keychain = {
 								enabled = 1;
@@ -8783,9 +8781,8 @@
 				ASSETCATALOG_COMPILER_LAUNCHIMAGE_NAME = "";
 				CLANG_ALLOW_NON_MODULAR_INCLUDES_IN_FRAMEWORK_MODULES = NO;
 				CODE_SIGN_ENTITLEMENTS = "MSAL Test App.entitlements";
-				CODE_SIGN_IDENTITY = "iPhone Developer";
-				"CODE_SIGN_IDENTITY[sdk=iphoneos*]" = "iPhone Developer";
-				CODE_SIGN_STYLE = Manual;
+				CODE_SIGN_IDENTITY = "Apple Development";
+				CODE_SIGN_STYLE = Automatic;
 				DEVELOPMENT_TEAM = UBF8T346G9;
 				ENABLE_BITCODE = NO;
 				GCC_OPTIMIZATION_LEVEL = 0;
@@ -8797,7 +8794,7 @@
 				);
 				PRODUCT_BUNDLE_IDENTIFIER = com.microsoft.MSALTestApp;
 				PROVISIONING_PROFILE = "";
-				PROVISIONING_PROFILE_SPECIFIER = "iOS Team Provisioning Profile";
+				PROVISIONING_PROFILE_SPECIFIER = "";
 				USER_HEADER_SEARCH_PATHS = (
 					"$(inherited)",
 					"$IDCORE_PATH/src/**",

MSAL/MSAL.xcodeproj/project.pbxproj

@@ -27,8 +27,6 @@
       selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
       selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
       shouldUseLaunchSchemeArgsEnv = "YES">
-      <Testables>
-      </Testables>
       <MacroExpansion>
          <BuildableReference
             BuildableIdentifier = "primary"
@@ -38,8 +36,8 @@
             ReferencedContainer = "container:MSAL.xcodeproj">
          </BuildableReference>
       </MacroExpansion>
-      <AdditionalOptions>
-      </AdditionalOptions>
+      <Testables>
+      </Testables>
    </TestAction>
    <LaunchAction
       buildConfiguration = "Debug"
@@ -61,8 +59,6 @@
             ReferencedContainer = "container:MSAL.xcodeproj">
          </BuildableReference>
       </BuildableProductRunnable>
-      <AdditionalOptions>
-      </AdditionalOptions>
    </LaunchAction>
    <ProfileAction
       buildConfiguration = "Release"

MSAL/MSAL.xcodeproj/xcshareddata/xcschemes/MSAL Test App (iOS).xcscheme

@@ -89,7 +89,6 @@
 #import "MSALWebviewParameters.h"
 #import "MSIDAccountIdentifier.h"
 #if TARGET_OS_IPHONE
-#import "MSIDCertAuthHandler+iOS.h"
 #import "MSIDBrokerInteractiveController.h"
 #import <UIKit/UIKit.h>
 #else
@@ -113,6 +112,7 @@
 #import "MSALWipeCacheForAllAccountsConfig.h"
 #import "NSString+MSIDTelemetryExtensions.h"
 #import "MSIDVersion.h"
+#import "MSIDCertAuthManager.h"
 
 @interface MSALPublicClientApplication()
 {
@@ -142,7 +142,7 @@ + (void)load
     MSIDNotifications.webAuthWillSwitchToBrokerAppNotificationName = MSALWebAuthWillSwitchToBrokerApp;
     MSIDNotifications.webAuthDidReceiveResponseFromBrokerNotificationName = MSALWebAuthDidReceiveResponseFromBroker;
     #if TARGET_OS_IPHONE && !AD_BROKER && !MSID_EXCLUDE_SYSTEMWV
-        [MSIDCertAuthHandler setUseAuthSession:YES];
+    MSIDCertAuthManager.sharedInstance.useAuthSession = YES;
     #endif
 }
 
@@ -626,8 +626,8 @@ + (BOOL)handleMSALResponse:(NSURL *)response
     {
         return YES;
     }
-
-    if ([MSIDCertAuthHandler completeCertAuthChallenge:response])
+    
+    if ([MSIDCertAuthManager.sharedInstance completeWithCallbackURL:response])
     {
         return YES;
     }

MSAL/src/MSALPublicClientApplication.m

@@ -35,6 +35,7 @@
     MSALResult represents information returned to the application after a successful interactive or silent token acquisition.
     It contains information requested by the application (e.g. access_token and id_token), and information that can be used to get a token silently from MSAL (e.g. account).
  */
+NS_SWIFT_SENDABLE
 @interface MSALResult : NSObject
 
 #pragma mark - Token response

MSAL/src/public/MSALResult.h

@@ -24,6 +24,7 @@
 
 import Foundation
 import XCTest
+import MSAL
 
 final class MSALNativeAuthUserAccountEndToEndTests: MSALNativeAuthEndToEndPasswordTestCase {
 
@@ -40,7 +41,10 @@ final class MSALNativeAuthUserAccountEndToEndTests: MSALNativeAuthEndToEndPasswo
         let signInExpectation = expectation(description: "signing in")
         let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
 
-        sut.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy)
+        let param = MSALNativeAuthSignInParameters(username: username)
+        param.password = password
+        param.correlationId = correlationId
+        sut.signIn(parameters: param, delegate: signInDelegateSpy)
 
         await fulfillment(of: [signInExpectation])
 
@@ -52,7 +56,9 @@ final class MSALNativeAuthUserAccountEndToEndTests: MSALNativeAuthEndToEndPasswo
         let refreshAccessTokenExpectation = expectation(description: "refreshing access token")
         let credentialsDelegateSpy = CredentialsDelegateSpy(expectation: refreshAccessTokenExpectation)
 
-        signInDelegateSpy.result?.getAccessToken(forceRefresh: true, delegate: credentialsDelegateSpy)
+        let tokenParam = MSALNativeAuthGetAccessTokenParameters()
+        tokenParam.forceRefresh = true
+        signInDelegateSpy.result?.getAccessToken(parameters: tokenParam, delegate: credentialsDelegateSpy)
 
         await fulfillment(of: [refreshAccessTokenExpectation])
 
@@ -75,7 +81,10 @@ final class MSALNativeAuthUserAccountEndToEndTests: MSALNativeAuthEndToEndPasswo
         let signInExpectation = expectation(description: "signing in")
         let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
 
-        sut.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy)
+        let signInParam = MSALNativeAuthSignInParameters(username: username)
+        signInParam.password = password
+        signInParam.correlationId = correlationId
+        sut.signIn(parameters: signInParam, delegate: signInDelegateSpy)
 
         await fulfillment(of: [signInExpectation])
 
@@ -86,11 +95,48 @@ final class MSALNativeAuthUserAccountEndToEndTests: MSALNativeAuthEndToEndPasswo
         let refreshAccessTokenExpectation = expectation(description: "refreshing access token")
         let credentialsDelegateSpy = CredentialsDelegateSpy(expectation: refreshAccessTokenExpectation)
 
-        signInDelegateSpy.result?.getAccessToken(scopes: ["Calendar.Read"], forceRefresh: true, delegate: credentialsDelegateSpy)
+        let tokenParam = MSALNativeAuthGetAccessTokenParameters()
+        tokenParam.scopes = ["Calendar.Read"]
+        tokenParam.forceRefresh = true
+        signInDelegateSpy.result?.getAccessToken(parameters: tokenParam, delegate: credentialsDelegateSpy)
 
         await fulfillment(of: [refreshAccessTokenExpectation])
 
         XCTAssertTrue(credentialsDelegateSpy.onAccessTokenRetrieveErrorCalled)
         XCTAssertTrue(credentialsDelegateSpy.error!.errorDescription!.contains("Send an interactive authorization request for this user and resource."))
     }
+    
+    // Sign in with username and password with extra scopes to get access token and validate the scopes
+    func test_signInWithExtraScopes() async throws {
+#if os(macOS)
+        throw XCTSkip("Bundle id for macOS is not added to the client id, test is not needed on both iOS and macOS")
+#endif
+        guard let sut = initialisePublicClientApplication(), let username = retrieveUsernameForSignInUsernameAndPassword(), let password = await retrievePasswordForSignInUsername() else {
+            XCTFail("Missing information")
+            return
+        }
+
+        let signInExpectation = expectation(description: "signing in")
+        let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
+
+        sut.signIn(username: username, password: password, scopes: ["User.Read"], correlationId: correlationId, delegate: signInDelegateSpy)
+
+        await fulfillment(of: [signInExpectation])
+
+        XCTAssertTrue(signInDelegateSpy.onSignInCompletedCalled)
+        XCTAssertNotNil(signInDelegateSpy.result?.idToken)
+        XCTAssertEqual(signInDelegateSpy.result?.account.username, username)
+
+        let getAccessTokenExpectation = expectation(description: "getting access token")
+        let credentialsDelegateSpy = CredentialsDelegateSpy(expectation: getAccessTokenExpectation)
+
+        signInDelegateSpy.result?.getAccessToken(scopes: ["User.Read"], delegate: credentialsDelegateSpy)
+
+        await fulfillment(of: [getAccessTokenExpectation])
+
+        XCTAssertTrue(credentialsDelegateSpy.onAccessTokenRetrieveCompletedCalled)
+        XCTAssertNotNil(credentialsDelegateSpy.result?.accessToken)
+        XCTAssertNotNil(credentialsDelegateSpy.result?.scopes)
+        XCTAssertTrue(credentialsDelegateSpy.result!.scopes.contains("User.Read"))
+    }
 }

MSAL/test/integration/native_auth/end_to_end/credentials/MSALNativeAuthUserAccountEndToEndTests.swift

@@ -323,8 +323,12 @@ final class MSALNativeAuthSignInWithMFAEndToEndTests: MSALNativeAuthEndToEndPass
         }
         let signInExpectation = expectation(description: "signing in")
         let signInDelegateSpy = SignInPasswordStartDelegateSpy(expectation: signInExpectation)
+        
+        let param = MSALNativeAuthSignInParameters(username: username)
+        param.password = password
+        param.correlationId = correlationId
 
-        application.signIn(username: username, password: password, correlationId: correlationId, delegate: signInDelegateSpy)
+        application.signIn(parameters: param, delegate: signInDelegateSpy)
 
         await fulfillment(of: [signInExpectation])