Merge pull request #526 from AzureAD/oldalton/merge_broker_release_to…

…_master

Merge broker release to master (0.3.0)

CODEOWNERS

@@ -0,0 +1,7 @@
+# These owners will be the default owners for everything in the repo.
+# Unless a later match takes precedence, these users will be requested
+# for review whenever someone opens a pull request.
+*       @AzureAD/AppleIdentity
+# For more details about inheritance patterns, or to assign different
+# owners for individual file extensions, see:
+# https://help.github.com/articles/about-codeowners/

MSAL.podspec

@@ -1,6 +1,6 @@
 Pod::Spec.new do |s|
   s.name         = "MSAL"
-  s.version      = "0.2.3"
+  s.version      = "0.3.0"
   s.summary      = "Microsoft Authentication Library (MSAL) Preview for iOS"
 
   s.description  = <<-DESC

MSAL/resources/ios/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>0.2.2</string>
+	<string>0.3.0</string>
 	<key>CFBundleVersion</key>
 	<string>$(CURRENT_PROJECT_VERSION)</string>
 	<key>NSPrincipalClass</key>

MSAL/resources/mac/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>0.2.2</string>
+	<string>0.3.0</string>
 	<key>CFBundleVersion</key>
 	<string>$(CURRENT_PROJECT_VERSION)</string>
 	<key>NSHumanReadableCopyright</key>

MSAL/src/MSAL.pch

@@ -50,5 +50,11 @@
 #import "NSOrderedSet+MSIDExtensions.h"
 #import "MSIDOAuth2Constants.h"
 
+// Broker SDK relies on having ADAL_BROKER defined to 1.
+// This is defined in the ADAuthenticationBroker/Frameworks/aad_overrides.h file.
+// Without this, the build for Broker will not include this definition.
+#if __has_include("../../../aad_overrides.h")
+#include "../../../aad_overrides.h"
+#endif
 
 #endif /* MSAL_pch */

MSAL/src/MSALAccount.m

@@ -73,15 +73,15 @@ - (id)initWithUsername:(NSString *)username
             utid = accountIdComponents[1];
         }
 
-        _homeAccountId = [[MSALAccountId alloc] initWithHomeAccountIdentifier:homeAccountId
-                                                                          uid:uid
-                                                                         utid:utid];
-
-        _localAccountId = [[MSALAccountId alloc] initWithLocalAccountIdentifier:localAccountId
-                                                                       objectId:localAccountId
-                                                                       tenantId:tenantId];
-
-        _lookupAccountIdentifier = [[MSIDAccountIdentifier alloc] initWithLegacyAccountId:username homeAccountId:homeAccountId];
+        _homeAccountId = [[MSALAccountId alloc] initWithAccountIdentifier:homeAccountId
+                                                                 objectId:uid
+                                                                 tenantId:utid];
+        
+        _localAccountId = [[MSALAccountId alloc] initWithAccountIdentifier:localAccountId
+                                                                  objectId:localAccountId
+                                                                  tenantId:tenantId];
+
+        _lookupAccountIdentifier = [[MSIDAccountIdentifier alloc] initWithDisplayableId:username homeAccountId:homeAccountId];
     }
 
     return self;

MSAL/src/MSALAccountId+Internal.h

@@ -29,12 +29,8 @@
 
 @interface MSALAccountId ()
 
-- (instancetype)initWithHomeAccountIdentifier:(NSString *)identifier
-                                          uid:(NSString *)uid
-                                         utid:(NSString *)utid;
-
-- (instancetype)initWithLocalAccountIdentifier:(NSString *)identifier
-                                      objectId:(NSString *)objectId
-                                      tenantId:(NSString *)tenantId;
+- (instancetype)initWithAccountIdentifier:(NSString *)identifier
+                                 objectId:(NSString *)objectId
+                                 tenantId:(NSString *)tenantId;
 
 @end

MSAL/src/MSALAccountId.m

@@ -25,25 +25,9 @@
 
 @implementation MSALAccountId
 
-- (instancetype)initWithHomeAccountIdentifier:(NSString *)identifier
-                                          uid:(NSString *)uid
-                                         utid:(NSString *)utid
-{
-    self = [super init];
-
-    if (self)
-    {
-        _identifier = identifier;
-        _objectId = uid;
-        _tenantId = utid;
-    }
-
-    return self;
-}
-
-- (instancetype)initWithLocalAccountIdentifier:(NSString *)identifier
-                                      objectId:(NSString *)objectId
-                                      tenantId:(NSString *)tenantId
+- (instancetype)initWithAccountIdentifier:(NSString *)identifier
+                                 objectId:(NSString *)objectId
+                                 tenantId:(NSString *)tenantId
 {
     self = [super init];
 
@@ -75,4 +59,29 @@ - (NSUInteger)hash
     return hash;
 }
 
+- (BOOL)isEqual:(id)object
+{
+    if (self == object)
+    {
+        return YES;
+    }
+
+    if (![object isKindOfClass:MSALAccountId.class])
+    {
+        return NO;
+    }
+
+    return [self isEqualToItem:object];
+}
+
+- (BOOL)isEqualToItem:(MSALAccountId *)accountId
+{
+    BOOL result = YES;
+    result &= (!self.identifier && !accountId.identifier) || [self.identifier isEqualToString:accountId.identifier];
+    result &= (!self.objectId && !accountId.objectId) || [self.objectId isEqualToString:accountId.objectId];
+    result &= (!self.tenantId && !accountId.tenantId) || [self.tenantId isEqualToString:accountId.tenantId];
+
+    return result;
+}
+
 @end

MSAL/src/MSALError.m

@@ -36,3 +36,7 @@
 NSString *MSALCorrelationIDKey = @"MSALCorrelationIDKey";
 NSString *MSALDeclinedScopesKey = @"MSALDeclinedScopesKey";
 NSString *MSALGrantedScopesKey = @"MSALGrantedScopesKey";
+NSString *MSALInvalidResultKey = @"MSALInvalidResultKey";
+NSString *MSALDisplayableUserIdKey = @"MSALDisplayableUserIdKey";
+NSString *MSALBrokerVersionKey = @"MSALBrokerVersionKey";
+NSString *MSALHomeAccountIdKey = @"MSALHomeAccountIdKey";

MSAL/src/requests/MSALInteractiveRequest.h → MSAL/src/MSALErrorConverter+Internal.h

@@ -25,19 +25,17 @@
 //
 //------------------------------------------------------------------------------
 
-#import "MSAL.h"
-#import "MSALBaseRequest.h"
+#import "MSALErrorConverter.h"
 
-@interface MSALInteractiveRequest : MSALBaseRequest
-{
-    MSALScopes *_extraScopesToConsent;
-    MSALUIBehavior _uiBehavior;
-}
+@interface MSALErrorConverter (Internal)
 
-- (id)initWithParameters:(MSALRequestParameters *)parameters
-    extraScopesToConsent:(NSArray<NSString *> *)extraScopesToConsent
-                behavior:(MSALUIBehavior)behavior
-              tokenCache:(MSIDDefaultTokenCacheAccessor *)tokenCache
-                   error:(NSError * __autoreleasing *)error;
++ (NSError *)errorWithDomain:(NSString *)domain
+                        code:(NSInteger)code
+            errorDescription:(NSString *)errorDescription
+                  oauthError:(NSString *)oauthError
+                    subError:(NSString *)subError
+             underlyingError:(NSError *)underlyingError
+               correlationId:(NSUUID *)correlationId
+                    userInfo:(NSDictionary *)userInfo;
 
 @end

MSAL/src/MSALErrorConverter.h

@@ -26,8 +26,9 @@
 //------------------------------------------------------------------------------
 
 #import "MSIDError.h"
-#import "MSIDErrorConverter.h"
 
-@interface MSALErrorConverter : NSObject <MSIDErrorConverting>
+@interface MSALErrorConverter : NSObject
+
++ (NSError *)msalErrorFromMsidError:(NSError *)msidError;
 
 @end

MSAL/src/MSALErrorConverter.m

@@ -25,20 +25,16 @@
 //
 //------------------------------------------------------------------------------
 
-#import "MSALErrorConverter.h"
+#import "MSALErrorConverter+Internal.h"
 #import "MSALError_Internal.h"
+#import "MSALResult+Internal.h"
 
 static NSDictionary *s_errorDomainMapping;
 static NSDictionary *s_errorCodeMapping;
 static NSDictionary *s_userInfoKeyMapping;
 
 @implementation MSALErrorConverter
 
-+ (void)load
-{
-    MSIDErrorConverter.errorConverter = [MSALErrorConverter new];
-}
-
 + (void)initialize
 {
     s_errorDomainMapping = @{
@@ -55,9 +51,14 @@ + (void)initialize
                                    @(MSIDErrorInvalidInternalParameter) : @(MSALErrorInternal),
                                    @(MSIDErrorInvalidDeveloperParameter) :@(MSALErrorInvalidParameter),
                                    @(MSIDErrorUnsupportedFunctionality): @(MSALErrorInternal),
+                                   @(MSIDErrorMissingAccountParameter): @(MSALErrorAccountRequired),
+                                   @(MSIDErrorInteractionRequired): @(MSALErrorInteractionRequired),
+                                   @(MSIDErrorServerNonHttpsRedirect) : @(MSALErrorNonHttpsRedirect),
+                                   @(MSIDErrorMismatchedAccount): @(MSALErrorMismatchedUser),
+
                                    // Cache
                                    @(MSIDErrorCacheMultipleUsers) : @(MSALErrorInternal),
-                                   @(MSIDErrorCacheBadFormat) : @(MSALErrorWrapperCacheFailure),
+                                   @(MSIDErrorCacheBadFormat) : @(MSALErrorInternal),
                                    // Authority Validation
                                    @(MSIDErrorAuthorityValidation) : @(MSALErrorFailedAuthorityValidation),
                                    // Interactive flow
@@ -67,21 +68,37 @@ + (void)initialize
                                    @(MSIDErrorInteractiveSessionStartFailure) : @(MSALErrorInternal),
                                    @(MSIDErrorInteractiveSessionAlreadyRunning) : @(MSALErrorInteractiveSessionAlreadyRunning),
                                    @(MSIDErrorNoMainViewController) : @(MSALErrorNoViewController),
+                                   @(MSIDErrorAttemptToOpenURLFromExtension): @(MSALErrorAttemptToOpenURLFromExtension),
+                                   @(MSIDErrorUINotSupportedInExtension): @(MSALErrorUINotSupportedInExtension),
+
+                                   // Broker errors
+                                   @(MSIDErrorBrokerResponseNotReceived): @(MSALErrorBrokerResponseNotReceived),
+                                   @(MSIDErrorBrokerNoResumeStateFound): @(MSALErrorBrokerNoResumeStateFound),
+                                   @(MSIDErrorBrokerBadResumeStateFound): @(MSALErrorBrokerBadResumeStateFound),
+                                   @(MSIDErrorBrokerMismatchedResumeState): @(MSALErrorBrokerMismatchedResumeState),
+                                   @(MSIDErrorBrokerResponseHashMissing): @(MSALErrorBrokerResponseHashMissing),
+                                   @(MSIDErrorBrokerCorruptedResponse): @(MSALErrorBrokerCorruptedResponse),
+                                   @(MSIDErrorBrokerResponseDecryptionFailed): @(MSALErrorBrokerResponseDecryptionFailed),
+                                   @(MSIDErrorBrokerResponseHashMismatch): @(MSALErrorBrokerResponseHashMismatch),
+                                   @(MSIDErrorBrokerKeyFailedToCreate): @(MSALErrorBrokerKeyFailedToCreate),
+                                   @(MSIDErrorBrokerKeyNotFound): @(MSALErrorBrokerKeyNotFound),
+                                   @(MSIDErrorWorkplaceJoinRequired): @(MSALErrorWorkplaceJoinRequired),
+                                   @(MSIDErrorBrokerUnknown): @(MSALErrorBrokerUnknown),
+
                                    // Oauth2 errors
-                                   @(MSIDErrorInteractionRequired) : @(MSALErrorInteractionRequired),
                                    @(MSIDErrorServerOauth) : @(MSALErrorAuthorizationFailed),
                                    @(MSIDErrorServerInvalidResponse) : @(MSALErrorInvalidResponse),
-                                   @(MSIDErrorServerRefreshTokenRejected) : @(MSALErrorRefreshTokenRejected),
+                                   // We don't support this error code in MSAL. This error
+                                   // exists specifically for ADAL.
+                                   @(MSIDErrorServerRefreshTokenRejected) : @(MSALErrorInternal),
                                    @(MSIDErrorServerInvalidRequest) :@(MSALErrorInvalidRequest),
                                    @(MSIDErrorServerInvalidClient) : @(MSALErrorInvalidClient),
                                    @(MSIDErrorServerInvalidGrant) : @(MSALErrorInvalidGrant),
                                    @(MSIDErrorServerInvalidScope) : @(MSALErrorInvalidScope),
+                                   @(MSIDErrorServerUnauthorizedClient): @(MSALErrorUnauthorizedClient),
+                                   @(MSIDErrorServerDeclinedScopes): @(MSALErrorServerDeclinedScopes),
                                    @(MSIDErrorServerInvalidState) : @(MSALErrorInvalidState),
-                                   @(MSIDErrorServerNonHttpsRedirect) : @(MSALErrorNonHttpsRedirect),
                                    @(MSIDErrorServerProtectionPoliciesRequired) : @(MSALErrorServerProtectionPoliciesRequired),
-                                   @(MSIDErrorServerUnhandledResponse) : @(MSALErrorUnhandledResponse)
-                                   },
-                           MSIDHttpErrorCodeDomain: @{
                                    @(MSIDErrorServerUnhandledResponse) : @(MSALErrorUnhandledResponse)
                                    }
                            };
@@ -92,13 +109,28 @@ + (void)initialize
                              MSIDCorrelationIdKey : MSALCorrelationIDKey,
                              MSIDErrorDescriptionKey : MSALErrorDescriptionKey,
                              MSIDOAuthErrorKey: MSALOAuthErrorKey,
-                             MSIDOAuthSubErrorKey: MSALOAuthSubErrorKey
+                             MSIDOAuthSubErrorKey: MSALOAuthSubErrorKey,
+                             MSIDDeclinedScopesKey: MSALDeclinedScopesKey,
+                             MSIDGrantedScopesKey: MSALGrantedScopesKey,
+                             MSIDUserDisplayableIdkey: MSALDisplayableUserIdKey,
+                             MSIDBrokerVersionKey: MSALBrokerVersionKey,
+                             MSIDHomeAccountIdkey: MSALHomeAccountIdKey
                              };
 }
 
-#pragma mark - MSIDErrorConverting
++ (NSError *)msalErrorFromMsidError:(NSError *)msidError
+{
+    return [self errorWithDomain:msidError.domain
+                            code:msidError.code
+                errorDescription:msidError.userInfo[MSIDErrorDescriptionKey]
+                      oauthError:msidError.userInfo[MSIDOAuthErrorKey]
+                        subError:msidError.userInfo[MSIDOAuthSubErrorKey]
+                 underlyingError:msidError.userInfo[NSUnderlyingErrorKey]
+                   correlationId:msidError.userInfo[MSIDCorrelationIdKey]
+                        userInfo:msidError.userInfo];
+}
 
-- (NSError *)errorWithDomain:(NSString *)domain
++ (NSError *)errorWithDomain:(NSString *)domain
                         code:(NSInteger)code
             errorDescription:(NSString *)errorDescription
                   oauthError:(NSString *)oauthError
@@ -111,32 +143,23 @@ - (NSError *)errorWithDomain:(NSString *)domain
     {
         return nil;
     }
-
-    NSString *msalDomain = domain;
-
+
     // Map domain
-    NSString *newDomain = s_errorDomainMapping[domain];
-    if (newDomain)
-    {
-        msalDomain = newDomain;
-    }
-
+    NSString *mappedDomain = s_errorDomainMapping[domain];
+
     // Map errorCode
-    // errorCode mapping is needed only if domain is mapped
-    NSInteger msalErrorCode = code;
-    if (msalDomain && msalErrorCode && s_errorCodeMapping[msalDomain])
+    // errorCode mapping is needed only if domain is mapped to MSALErrorDomain
+    NSNumber *mappedCode = nil;
+    if (mappedDomain == MSALErrorDomain)
     {
-        NSNumber *mappedErrorCode = s_errorCodeMapping[msalDomain][@(msalErrorCode)];
-        if (mappedErrorCode != nil)
-        {
-            msalErrorCode = [mappedErrorCode integerValue];
-        }
-        else
+        mappedCode = s_errorCodeMapping[mappedDomain][@(code)];
+        if (mappedCode == nil)
         {
-            MSID_LOG_WARN(nil, @"MSALErrorConverter could not find the error code mapping entry for domain (%@) + error code (%ld).", domain, (long)msalErrorCode);
+            MSID_LOG_WARN(nil, @"MSALErrorConverter could not find the error code mapping entry for domain (%@) + error code (%ld).", domain, (long)code);
+            mappedCode = @(MSALErrorInternal);
         }
     }
-
+    
     NSMutableDictionary *msalUserInfo = [NSMutableDictionary new];
 
     for (NSString *key in [userInfo allKeys])
@@ -150,7 +173,27 @@ - (NSError *)errorWithDomain:(NSString *)domain
     msalUserInfo[MSALOAuthSubErrorKey] = subError;
     msalUserInfo[NSUnderlyingErrorKey]  = underlyingError;
 
-    return [NSError errorWithDomain:msalDomain code:msalErrorCode userInfo:msalUserInfo];
+    if (userInfo[MSIDInvalidTokenResultKey])
+    {
+        NSError *resultError = nil;
+        MSALResult *msalResult = [MSALResult resultWithTokenResult:userInfo[MSIDInvalidTokenResultKey] error:&resultError];
+
+        if (!msalResult)
+        {
+            MSID_LOG_NO_PII(MSIDLogLevelWarning, nil, nil, @"MSALErrorConverter could not convert MSIDTokenResult to MSALResult %ld, %@", (long)resultError.code, resultError.domain);
+            MSID_LOG_PII(MSIDLogLevelWarning, nil, nil, @"MSALErrorConverter could not convert MSIDTokenResult to MSALResult %@", resultError);
+        }
+        else
+        {
+            msalUserInfo[MSALInvalidResultKey] = msalResult;
+        }
+
+        [msalUserInfo removeObjectForKey:MSIDInvalidTokenResultKey];
+    }
+
+    return [NSError errorWithDomain:mappedDomain ? : domain
+                               code:(mappedCode != nil) ? mappedCode.integerValue : code
+                           userInfo:msalUserInfo];
 }
 
 @end

MSAL/src/MSALError_Internal.h

@@ -26,7 +26,7 @@
 //------------------------------------------------------------------------------
 
 #import <Foundation/Foundation.h>
-
+#import "MSALError.h" 
 
 extern NSString *MSALStringForErrorCode(MSALErrorCode code);