Merge pull request #370 from AzureAD/oldalton/schema_compliance

Updated common core and optimized silent requests
AzureAD · Oct 12, 2018 · 4266cb5 · 4266cb5
2 parents 8646193 + 9f5cded
commit 4266cb5
Show file tree

Hide file tree

Showing 14 changed files with 129 additions and 161 deletions.
diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore
diff --git a/MSAL/src/MSALAccount+Internal.h b/MSAL/src/MSALAccount+Internal.h
@@ -67,8 +67,7 @@
          homeAccountId:(NSString *)homeAccountId
         localAccountId:(NSString *)localAccountId
            environment:(NSString *)environment
-              tenantId:(NSString *)tenantId
-            clientInfo:(MSIDClientInfo *)clientInfo;
+              tenantId:(NSString *)tenantId;
 
 /*!
  Initialize an MSALAccount with MSIDAccount

diff --git a/MSAL/src/MSALAccount.m b/MSAL/src/MSALAccount.m
@@ -53,7 +53,6 @@ - (id)initWithUsername:(NSString *)username
         localAccountId:(NSString *)localAccountId
            environment:(NSString *)environment
               tenantId:(NSString *)tenantId
-            clientInfo:(MSIDClientInfo *)clientInfo
 {
     self = [super init];
 
@@ -63,18 +62,15 @@ - (id)initWithUsername:(NSString *)username
         _name = name;
         _environment = environment;
 
-        NSString *uid = clientInfo.uid;
-        NSString *utid = clientInfo.utid;
+        NSArray *accountIdComponents = [homeAccountId componentsSeparatedByString:@"."];
 
-        if (!uid && !utid)
-        {
-            NSArray *accountIdComponents = [homeAccountId componentsSeparatedByString:@"."];
+        NSString *uid = nil;
+        NSString *utid = nil;
 
-            if ([accountIdComponents count] == 2)
-            {
-                uid = accountIdComponents[0];
-                utid = accountIdComponents[1];
-            }
+        if ([accountIdComponents count] == 2)
+        {
+            uid = accountIdComponents[0];
+            utid = accountIdComponents[1];
         }
 
         _homeAccountId = [[MSALAccountId alloc] initWithHomeAccountIdentifier:homeAccountId
@@ -94,12 +90,11 @@ - (id)initWithUsername:(NSString *)username
 - (id)initWithMSIDAccount:(MSIDAccount *)account
 {
     return [self initWithUsername:account.username
-                                  name:account.name
-                         homeAccountId:account.accountIdentifier.homeAccountId
-                        localAccountId:account.localAccountId
-                           environment:account.authority.environment
-                              tenantId:account.authority.url.msidTenant
-                            clientInfo:account.clientInfo];
+                             name:account.name
+                    homeAccountId:account.accountIdentifier.homeAccountId
+                   localAccountId:account.localAccountId
+                      environment:account.authority.environment
+                         tenantId:account.authority.url.msidTenant];
 }
 
 #pragma mark - NSCopying

diff --git a/MSAL/src/MSALResult+Internal.h b/MSAL/src/MSALResult+Internal.h
@@ -29,6 +29,7 @@
 
 @class MSIDAccessToken;
 @class MSIDIdToken;
+@class MSIDClientInfo;
 
 @interface MSALResult (Internal)
 

diff --git a/MSAL/src/MSALResult.m b/MSAL/src/MSALResult.m
@@ -84,12 +84,11 @@ + (MSALResult *)resultWithAccessToken:(MSIDAccessToken *)accessToken
     }
 
     MSALAccount *account = [[MSALAccount alloc] initWithUsername:idTokenClaims.preferredUsername
-                                                                 name:idTokenClaims.name
-                                                        homeAccountId:accessToken.accountIdentifier.homeAccountId
-                                                       localAccountId:idTokenClaims.objectId
-                                                          environment:accessToken.authority.environment
-                                                             tenantId:idTokenClaims.tenantId
-                                                           clientInfo:accessToken.clientInfo];
+                                                            name:idTokenClaims.name
+                                                   homeAccountId:accessToken.accountIdentifier.homeAccountId
+                                                  localAccountId:idTokenClaims.objectId
+                                                     environment:accessToken.authority.environment
+                                                        tenantId:idTokenClaims.tenantId];
 
     NSError *authorityError = nil;
     MSALAuthority *authority = [[MSALAuthorityFactory new] authorityFromUrl:accessToken.authority.url

diff --git a/MSAL/src/requests/MSALBaseRequest.m b/MSAL/src/requests/MSALBaseRequest.m
@@ -164,21 +164,16 @@ - (void)resolveEndpoints:(MSALAuthorityCompletion)completionBlock
                                                  context:_parameters
                                          completionBlock:^(NSURL *openIdConfigurationEndpoint, BOOL validated, NSError *error)
      {
-         [_parameters.unvalidatedAuthority loadOpenIdMetadataWithContext:_parameters
-                                                         completionBlock:^(MSIDOpenIdProviderMetadata *metadata, NSError *error)
-          {
-              if (error)
-              {
-                  MSALTelemetryAPIEvent *event = [self getTelemetryAPIEvent];
-                  [self stopTelemetryEvent:event error:error];
-
-                  completionBlock(NO, error);
-                  return;
-              }
-
-              _authority = _parameters.unvalidatedAuthority;
-              completionBlock(YES, nil);
-          }];
+         if (error)
+         {
+             MSALTelemetryAPIEvent *event = [self getTelemetryAPIEvent];
+             [self stopTelemetryEvent:event error:error];
+
+             completionBlock(NO, error);
+             return;
+         }
+
+         completionBlock(YES, nil);
      }];
 }
 
@@ -321,7 +316,10 @@ - (MSALResult *)resultFromTokenResponse:(MSIDAADV2TokenResponse *)tokenResponse
         if (error) *error = resultError;
     }
 
-    MSALResult *result = [MSALResult resultWithAccessToken:accessToken idToken:idToken isExtendedLifetimeToken:NO error:error];
+    MSALResult *result = [MSALResult resultWithAccessToken:accessToken
+                                                   idToken:idToken
+                                   isExtendedLifetimeToken:NO
+                                                     error:error];
     return result;
 }
 

diff --git a/MSAL/src/requests/MSALInteractiveRequest.m b/MSAL/src/requests/MSALInteractiveRequest.m
@@ -113,7 +113,21 @@ - (void)acquireToken:(MSALCompletionBlock)completionBlock
             return;
         }
 
-        [self acquireTokenImpl:completionBlock];
+        [_parameters.unvalidatedAuthority loadOpenIdMetadataWithContext:_parameters
+                                                        completionBlock:^(MSIDOpenIdProviderMetadata *metadata, NSError *error)
+         {
+             if (error)
+             {
+                 MSALTelemetryAPIEvent *event = [self getTelemetryAPIEvent];
+                 [self stopTelemetryEvent:event error:error];
+
+                 completionBlock(nil, error);
+                 return;
+             }
+
+             _authority = _parameters.unvalidatedAuthority;
+             [self acquireTokenImpl:completionBlock];
+         }];
     }];
 }
 

diff --git a/MSAL/src/requests/MSALSilentRequest.m b/MSAL/src/requests/MSALSilentRequest.m
@@ -82,6 +82,7 @@ - (void)acquireToken:(MSALCompletionBlock)completionBlock
             return;
         }
 
+        _authority = _parameters.unvalidatedAuthority;
         [self acquireTokenImpl:completionBlock];
     }];
 }
@@ -159,26 +160,50 @@ - (void)acquireTokenImpl:(MSALCompletionBlock)completionBlock
     MSID_LOG_INFO(_parameters, @"Refreshing access token");
     MSID_LOG_INFO_PII(_parameters, @"Refreshing access token");
 
-    [super acquireToken:^(MSALResult *result, NSError *error)
-    {
-         // Logic for returning extended lifetime token
-         if (_parameters.extendedLifetimeEnabled && _extendedLifetimeAccessToken && [self isServerUnavailable:error])
+    [self acquireTokenWithRefreshToken:self.refreshToken
+                         configuration:msidConfiguration
+                       completionBlock:completionBlock];
+}
+
+- (void)acquireTokenWithRefreshToken:(MSIDRefreshToken *)refreshToken
+                       configuration:(MSIDConfiguration *)configuration
+                     completionBlock:(MSALCompletionBlock)completionBlock
+{
+    [_parameters.unvalidatedAuthority loadOpenIdMetadataWithContext:_parameters
+                                                    completionBlock:^(MSIDOpenIdProviderMetadata *metadata, NSError *error)
+     {
+         if (error)
          {
-             MSIDIdToken *idToken = [self.tokenCache getIDTokenForAccount:_parameters.account.lookupAccountIdentifier
-                                                            configuration:msidConfiguration
-                                                                  context:_parameters
-                                                                    error:&error];
-
-             NSError *resultError = nil;
-
-             result = [MSALResult resultWithAccessToken:_extendedLifetimeAccessToken
-                                                idToken:idToken
-                                isExtendedLifetimeToken:YES
-                                                  error:&resultError];
-             error = resultError;
+             MSALTelemetryAPIEvent *event = [self getTelemetryAPIEvent];
+             [self stopTelemetryEvent:event error:error];
+
+             completionBlock(nil, error);
+             return;
          }
 
-         completionBlock(result, error);
+         _authority = _parameters.unvalidatedAuthority;
+
+         [super acquireToken:^(MSALResult *result, NSError *error)
+          {
+              // Logic for returning extended lifetime token
+              if (_parameters.extendedLifetimeEnabled && _extendedLifetimeAccessToken && [self isServerUnavailable:error])
+              {
+                  MSIDIdToken *idToken = [self.tokenCache getIDTokenForAccount:_parameters.account.lookupAccountIdentifier
+                                                                 configuration:configuration
+                                                                       context:_parameters
+                                                                         error:&error];
+
+                  NSError *resultError = nil;
+
+                  result = [MSALResult resultWithAccessToken:_extendedLifetimeAccessToken
+                                                     idToken:idToken
+                                     isExtendedLifetimeToken:YES
+                                                       error:&resultError];
+                  error = resultError;
+              }
+
+              completionBlock(result, error);
+          }];
      }];
 }
 

diff --git a/MSAL/test/automation/tests/interactive/MSALAADBasicInteractiveTests.m b/MSAL/test/automation/tests/interactive/MSALAADBasicInteractiveTests.m
@@ -105,7 +105,7 @@ - (void)testInteractiveAADLogin_withConvergedApp_andMicrosoftGraphScopes_andComm
     [self closeResultView];
 
     // 5. Run silent with not consented scopes
-    request.scopes = @"Calendars.Read";
+    request.scopes = @"Contacts.Read";
     config = [self configWithTestRequest:request];
     [self acquireTokenSilent:config];
     [self assertErrorCode:@"MSALErrorInteractionRequired"];
+11 −5		IdentityCore/IdentityCore.xcodeproj/project.pbxproj
+1 −0		IdentityCore/src/MSIDOAuth2Constants.h
+5 −4		IdentityCore/src/MSIDOAuth2Constants.m
+1 −1		IdentityCore/src/cache/key/MSIDDefaultCredentialCacheKey.m
+0 −3		IdentityCore/src/cache/token/MSIDCredentialCacheItem.h
+1 −6		IdentityCore/src/cache/token/MSIDCredentialCacheItem.m
+0 −8		IdentityCore/src/cache/token/MSIDLegacyTokenCacheItem.m
+4 −2		IdentityCore/src/oauth2/MSIDOauth2Factory.m
+0 −2		IdentityCore/src/oauth2/aad_base/MSIDAADOauth2Factory.m
+0 −6		IdentityCore/src/oauth2/aad_base/MSIDAADTokenResponse.m
+10 −1		IdentityCore/src/oauth2/aad_v2/MSIDAADV2Oauth2Factory.m
+4 −4		IdentityCore/src/oauth2/account/MSIDAccountType.m
+0 −2		IdentityCore/src/oauth2/token/MSIDBaseToken.h
+2 −8		IdentityCore/src/oauth2/token/MSIDBaseToken.m
+6 −6		IdentityCore/src/oauth2/token/MSIDCredentialType.m
+0 −1		IdentityCore/src/oauth2/token/MSIDLegacyAccessToken.m
+0 −1		IdentityCore/src/oauth2/token/MSIDLegacyRefreshToken.m
+6 −1		IdentityCore/src/util/NSData+MSIDExtensions.m
+8 −0		IdentityCore/src/util/NSOrderedSet+MSIDExtensions.h
+13 −2		IdentityCore/src/util/NSOrderedSet+MSIDExtensions.m
+1 −1		IdentityCore/src/validation/MSIDAuthorityFactory.m
+5 −0		IdentityCore/src/validation/MSIDB2CAuthority.h
+18 −0		IdentityCore/src/validation/MSIDB2CAuthority.m
+10 −2		IdentityCore/src/webview/systemWebview/ios/MSIDAuthenticationSession.m
+22 −0		IdentityCore/tests/MSIDAADAuthorityTests.m
+4 −20		IdentityCore/tests/MSIDAADOauth2FactoryTests.m
+0 −30		IdentityCore/tests/MSIDAADTokenResponseTests.m
+5 −26		IdentityCore/tests/MSIDAADV1Oauth2FactoryTests.m
+5 −20		IdentityCore/tests/MSIDAADV2Oauth2FactoryTests.m
+0 −6		IdentityCore/tests/MSIDAccessTokenTests.m
+11 −0		IdentityCore/tests/MSIDB2CAuthorityTests.m
+0 −25		IdentityCore/tests/MSIDBaseTokenTests.m
+12 −36		IdentityCore/tests/MSIDCredentialCacheItemTests.m
+8 −8		IdentityCore/tests/MSIDCredentialTypeTests.m
+0 −4		IdentityCore/tests/MSIDIdTokenTests.m
+0 −1		IdentityCore/tests/MSIDJsonSerializerTests.m
+0 −2		IdentityCore/tests/MSIDKeyedArchiverSerializerTests.m
+0 −5		IdentityCore/tests/MSIDLegacyAccessTokenTests.m
+0 −5		IdentityCore/tests/MSIDLegacyRefreshTokenTests.m
+0 −5		IdentityCore/tests/MSIDLegacySingleResourceTokenTests.m
+0 −21		IdentityCore/tests/MSIDLegacyTokenCacheItemTests.m
+0 −7		IdentityCore/tests/MSIDOauth2FactoryTests.m
+12 −0		IdentityCore/tests/MSIDOrderedSetExtensionsTests.m
+0 −4		IdentityCore/tests/MSIDRefreshTokenTests.m
+865 −0		IdentityCore/tests/integration/MSIDCacheSchemaValidationTests.m