Update Azure.Identity.BrokeredAuthentication dependency to Microsoft.Identity.Client.Broker (Azure#30406)

* updating to use native broker impl

* upgrade to latest msal

* disabling manual test

* re-record live tests

* revert local testing Nuget.Config changes

* update api spec

* remove net462 ref from brokered auth tests

* adding comment to beta package dependency

* fix targetframeworks for mac and linux

* fix ACS test class for MSAL break

* making MSAL reference explicit

* updating snippets

* exclude broker tests on non-windows

Author: schaabs

eng/Packages.Data.props

@@ -104,9 +104,13 @@
     <!-- Other approved packages -->
     <PackageReference Update="Microsoft.Azure.Amqp" Version="2.5.10" />
     <PackageReference Update="Microsoft.Azure.WebPubSub.Common" Version="1.1.0" />
-    <PackageReference Update="Microsoft.Identity.Client" Version="4.39.0" />
-    <PackageReference Update="Microsoft.Identity.Client.Desktop" Version="4.39.0" />
-    <PackageReference Update="Microsoft.Identity.Client.Extensions.Msal" Version="2.19.3" />
+    <PackageReference Update="Microsoft.Identity.Client" Version="4.46.0" />
+    <PackageReference Update="Microsoft.Identity.Client.Extensions.Msal" Version="2.23.0" />
+    <!-- 
+      TODO: This package needs to be released as GA and arch-board approved before taking a dependency in any stable SDK library. 
+      Currently, it is referencd by Azure.Identity.BrokeredAuthentication which is still in beta
+    -->
+    <PackageReference Update="Microsoft.Identity.Client.Broker" Version="4.46.0-preview" />
 
     <!-- TODO: Make sure this package is arch-board approved -->
     <PackageReference Update="System.IdentityModel.Tokens.Jwt" Version="6.5.0" />

sdk/communication/Azure.Communication.Identity/tests/Azure.Communication.Identity.Tests.csproj

@@ -8,6 +8,7 @@
     <PackageReference Include="NUnit" />
     <PackageReference Include="NUnit3TestAdapter" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" />
+    <PackageReference Include="Microsoft.Identity.Client" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="$(AzureCoreTestFramework)" />

sdk/communication/Azure.Communication.Identity/tests/Infrastructure/CommunicationIdentityClientLiveTestBase.cs

@@ -72,15 +72,11 @@ protected async Task<GetTokenForTeamsUserOptions> CreateTeamsUserParams()
                     "https://auth.msft.communication.azure.com/Teams.ManageCalls",
                     "https://auth.msft.communication.azure.com/Teams.ManageChats"
                 };
-                SecureString communicationMsalPassword = new SecureString();
-                foreach (char c in TestEnvironment.CommunicationMsalPassword)
-                {
-                    communicationMsalPassword.AppendChar(c);
-                }
+
                 AuthenticationResult result = await publicClientApplication.AcquireTokenByUsernamePassword(
                     scopes,
                     TestEnvironment.CommunicationMsalUsername,
-                    communicationMsalPassword).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
+                    TestEnvironment.CommunicationMsalPassword).ExecuteAsync(CancellationToken.None).ConfigureAwait(false);
                 options = new GetTokenForTeamsUserOptions(result.AccessToken, TestEnvironment.CommunicationM365AppId, result.UniqueId);
             }
             return options;

sdk/identity/Azure.Identity.BrokeredAuthentication/README.md

@@ -27,8 +27,10 @@ dotnet add package Azure.Identity.BrokeredAuthentication --prerelease
 This example demonstrates configuring the `InteractiveBrowserCredential` with the specialized options type `InteractiveBrowserCredentialBrokerOptions` to enable brokered authentication.
 
 ```C# Snippet:ConfigureInteractiveBrowserToUseBroker
+IntPtr parentWindowHandle = GetForegroundWindow();
+
 // Create an interactive browser credential which will use the system authentication broker
-var credential = new InteractiveBrowserCredential(new InteractiveBrowserCredentialBrokerOptions());
+var credential = new InteractiveBrowserCredential(new InteractiveBrowserCredentialBrokerOptions(parentWindowHandle));
 
 // Use the credential to authenticate a secret client
 var client = new SecretClient(new Uri("https://myvault.vault.azure.net/"), credential);

sdk/identity/Azure.Identity.BrokeredAuthentication/api/Azure.Identity.BrokeredAuthentication.net462.cs

@@ -0,0 +1,12 @@
+namespace Azure.Identity.BrokeredAuthentication
+{
+    public partial class InteractiveBrowserCredentialBrokerOptions : Azure.Identity.InteractiveBrowserCredentialOptions
+    {
+        public InteractiveBrowserCredentialBrokerOptions(System.IntPtr parentWindowHandle) { }
+    }
+    public partial class SharedTokenCacheCredentialBrokerOptions : Azure.Identity.SharedTokenCacheCredentialOptions
+    {
+        public SharedTokenCacheCredentialBrokerOptions() { }
+        public SharedTokenCacheCredentialBrokerOptions(Azure.Identity.TokenCachePersistenceOptions tokenCacheOptions) { }
+    }
+}

sdk/identity/Azure.Identity.BrokeredAuthentication/api/Azure.Identity.BrokeredAuthentication.netcoreapp3.1.cs

@@ -0,0 +1,12 @@
+namespace Azure.Identity.BrokeredAuthentication
+{
+    public partial class InteractiveBrowserCredentialBrokerOptions : Azure.Identity.InteractiveBrowserCredentialOptions
+    {
+        public InteractiveBrowserCredentialBrokerOptions(System.IntPtr parentWindowHandle) { }
+    }
+    public partial class SharedTokenCacheCredentialBrokerOptions : Azure.Identity.SharedTokenCacheCredentialOptions
+    {
+        public SharedTokenCacheCredentialBrokerOptions() { }
+        public SharedTokenCacheCredentialBrokerOptions(Azure.Identity.TokenCachePersistenceOptions tokenCacheOptions) { }
+    }
+}

sdk/identity/Azure.Identity.BrokeredAuthentication/api/Azure.Identity.BrokeredAuthentication.netstandard2.0.cs

@@ -2,7 +2,7 @@ namespace Azure.Identity.BrokeredAuthentication
 {
     public partial class InteractiveBrowserCredentialBrokerOptions : Azure.Identity.InteractiveBrowserCredentialOptions
     {
-        public InteractiveBrowserCredentialBrokerOptions() { }
+        public InteractiveBrowserCredentialBrokerOptions(System.IntPtr parentWindowHandle) { }
     }
     public partial class SharedTokenCacheCredentialBrokerOptions : Azure.Identity.SharedTokenCacheCredentialOptions
     {

sdk/identity/Azure.Identity.BrokeredAuthentication/src/Azure.Identity.BrokeredAuthentication.csproj

@@ -4,7 +4,9 @@
     <AssemblyTitle>Microsoft Azure.Identity.BrokeredAuthentication Component</AssemblyTitle>
     <Version>1.0.0-beta.3</Version>
     <PackageTags>Microsoft Azure Identity Broker;$(PackageCommonTags)</PackageTags>
-    <TargetFrameworks>$(RequiredTargetFrameworks);net461</TargetFrameworks>
+    <TargetFrameworks Condition="$([MSBuild]::IsOsPlatform('Windows'))">$(RequiredTargetFrameworks);net462;netcoreapp3.1</TargetFrameworks>
+    <TargetFrameworks Condition="$([MSBuild]::IsOsPlatform('OSX'))">$(RequiredTargetFrameworks);netcoreapp3.1</TargetFrameworks>
+    <TargetFrameworks Condition="$([MSBuild]::IsOsPlatform('Linux')) ">$(RequiredTargetFrameworks);netcoreapp3.1</TargetFrameworks>
     <NoWarn>$(NoWarn);3021</NoWarn>
     <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
   </PropertyGroup>
@@ -17,9 +19,6 @@
     <PackageReference Include="Microsoft.Identity.Client" />
     <PackageReference Include="Microsoft.Identity.Client.Extensions.Msal" />
     <PackageReference Include="System.Security.Cryptography.ProtectedData" />
-  </ItemGroup>
-  <!--Only Add Microsoft.Identity.Client.Desktop when compiled for desktop-->
-  <ItemGroup Condition="('$(TargetFramework)' == 'net461')">
-    <PackageReference Include="Microsoft.Identity.Client.Desktop" />
+    <PackageReference Include="Microsoft.Identity.Client.Broker" />
   </ItemGroup>
 </Project>

sdk/identity/Azure.Identity.BrokeredAuthentication/src/InteractiveBrowserCredentialBrokerOptions.cs

@@ -3,9 +3,7 @@
 
 using System;
 using Microsoft.Identity.Client;
-#if (NETFRAMEWORK)
-using Microsoft.Identity.Client.Desktop;
-#endif
+using Microsoft.Identity.Client.Broker;
 
 namespace Azure.Identity.BrokeredAuthentication
 {
@@ -14,15 +12,22 @@ namespace Azure.Identity.BrokeredAuthentication
     /// </summary>
     public class InteractiveBrowserCredentialBrokerOptions : InteractiveBrowserCredentialOptions, IMsalPublicClientInitializerOptions
     {
+        private IntPtr _parentWindowHandle;
+
+        /// <summary>
+        /// Creates a new instance of <see cref="InteractiveBrowserCredentialBrokerOptions"/> to configure a <see cref="InteractiveBrowserCredential"/>.
+        /// </summary>
+        /// <param name="parentWindowHandle">Handle of the parent window the system authentication broker should be docked to.</param>
+        public InteractiveBrowserCredentialBrokerOptions(IntPtr parentWindowHandle) : base()
+        {
+            _parentWindowHandle = parentWindowHandle;
+        }
+
         Action<PublicClientApplicationBuilder> IMsalPublicClientInitializerOptions.BeforeBuildClient => AddBroker;
 
         private void AddBroker(PublicClientApplicationBuilder builder)
         {
-#if (NETFRAMEWORK)
-            builder.WithWindowsBroker();
-#else
-            builder.WithBroker();
-#endif
+            builder.WithBrokerPreview().WithParentActivityOrWindow(() => _parentWindowHandle);
         }
     }
 }

sdk/identity/Azure.Identity.BrokeredAuthentication/src/SharedTokenCacheCredentialBrokerOptions.cs

@@ -3,9 +3,7 @@
 
 using System;
 using Microsoft.Identity.Client;
-#if (NETFRAMEWORK)
-using Microsoft.Identity.Client.Desktop;
-#endif
+using Microsoft.Identity.Client.Broker;
 
 namespace Azure.Identity.BrokeredAuthentication
 {
@@ -34,11 +32,7 @@ public SharedTokenCacheCredentialBrokerOptions(TokenCachePersistenceOptions toke
 
         private void AddBroker(PublicClientApplicationBuilder builder)
         {
-#if (NETFRAMEWORK)
-            builder.WithWindowsBroker();
-#else
-            builder.WithBroker();
-#endif
+            builder.WithBrokerPreview();
         }
     }
 }