Merge branch 'dev' into antonioalwan/15_add_temp_tests_adj

* dev: Fix cookie clearing Minor automation tweaks Use older version of xcpretty Make upn hash case insensitive Resolve a crash when assign the 0 to expectedFulfillmentCount Update changelog Support web_page_uri. (#1440) Support web_page_uri. dummy change to trigger the pipeline Trigger the build with a dummy change Add new key for sub error description copy over tested pipeline yaml from different branch use azure pipeline integrated checkout system and update triggers add new yaml file for MSAL submodule check pipeline Add MSID_BROKER_SDK_BROKER_XPC_CAPABILITY const Add new requestType for telemetry service
AzureAD · Dec 9, 2024 · 8616f50 · 8616f50
2 parents 77b8b96 + 5ab5435
commit 8616f50
Show file tree

Hide file tree

Showing 15 changed files with 170 additions and 4 deletions.
diff --git a/IdentityCore/src/MSIDBrokerConstants.h b/IdentityCore/src/MSIDBrokerConstants.h
@@ -74,6 +74,7 @@ extern NSString * _Nonnull const MSID_ADAL_BROKER_MESSAGE_VERSION;
 extern NSString * _Nonnull const MSID_MSAL_BROKER_MESSAGE_VERSION;
 extern NSString * _Nonnull const MSID_BROKER_SDK_CAPABILITIES_KEY;
 extern NSString * _Nonnull const MSID_BROKER_SDK_SSO_EXTENSION_CAPABILITY;
+extern NSString * _Nonnull const MSID_BROKER_SDK_BROKER_XPC_CAPABILITY;
 extern NSString * _Nonnull const MSID_BROKER_SSO_URL;
 extern NSString * _Nonnull const MSID_BROKER_ACCOUNT_IDENTIFIER;
 extern NSString * _Nonnull const MSID_BROKER_TYPES_OF_HEADER;

diff --git a/IdentityCore/src/MSIDBrokerConstants.m b/IdentityCore/src/MSIDBrokerConstants.m
@@ -71,6 +71,7 @@
 NSString *const MSID_MSAL_BROKER_MESSAGE_VERSION   = @"3";
 NSString *const MSID_BROKER_SDK_CAPABILITIES_KEY   = @"sdk_broker_capabilities";
 NSString *const MSID_BROKER_SDK_SSO_EXTENSION_CAPABILITY = @"sso_extension";
+NSString *const MSID_BROKER_SDK_BROKER_XPC_CAPABILITY = @"broker_xpc";
 NSString *const MSID_BROKER_SSO_URL = @"sso_url";
 NSString *const MSID_BROKER_ACCOUNT_IDENTIFIER = @"account_identifier";
 NSString *const MSID_BROKER_TYPES_OF_HEADER = @"types_of_header";

diff --git a/IdentityCore/src/MSIDError.h b/IdentityCore/src/MSIDError.h
@@ -26,6 +26,7 @@
 extern NSString * _Nonnull MSIDErrorDescriptionKey;
 extern NSString * _Nonnull MSIDOAuthErrorKey;
 extern NSString * _Nonnull MSIDOAuthSubErrorKey;
+extern NSString * _Nonnull MSIDOAuthSubErrorDescriptionKey;
 extern NSString * _Nonnull MSIDCorrelationIdKey;
 extern NSString * _Nonnull MSIDHTTPHeadersKey;
 extern NSString * _Nonnull MSIDHTTPResponseCodeKey;

diff --git a/IdentityCore/src/MSIDError.m b/IdentityCore/src/MSIDError.m
@@ -26,6 +26,7 @@
 NSString *MSIDErrorDescriptionKey = @"MSIDErrorDescriptionKey";
 NSString *MSIDOAuthErrorKey = @"MSIDOAuthErrorKey";
 NSString *MSIDOAuthSubErrorKey = @"MSIDOAuthSubErrorKey";
+NSString *MSIDOAuthSubErrorDescriptionKey = @"MSIDOAuthSubErrorDescriptionKey";
 NSString *MSIDCorrelationIdKey = @"MSIDCorrelationIdKey";
 NSString *MSIDHTTPHeadersKey = @"MSIDHTTPHeadersKey";
 NSString *MSIDHTTPResponseCodeKey = @"MSIDHTTPResponseCodeKey";

diff --git a/IdentityCore/src/broker_operation/request/MSIDBaseBrokerOperationRequest.h b/IdentityCore/src/broker_operation/request/MSIDBaseBrokerOperationRequest.h
@@ -33,6 +33,7 @@ NS_ASSUME_NONNULL_BEGIN
 
 @property (nonatomic, class, readonly) NSString *operation;
 @property (nonatomic) NSUUID *correlationId;
+@property (nonatomic) NSInteger requestType;
 
 - (nullable NSString *)logInfo;
 

diff --git a/IdentityCore/src/broker_operation/request/token_request/MSIDBrokerOperationTokenRequest.h b/IdentityCore/src/broker_operation/request/token_request/MSIDBrokerOperationTokenRequest.h
@@ -43,6 +43,7 @@ NS_ASSUME_NONNULL_BEGIN
 @property (nonatomic, nullable) MSIDClaimsRequest *claimsRequest;
 @property (nonatomic) NSDate *requestSentDate;
 @property (nonatomic) NSString *nonce;
+@property (nonatomic) NSString *webPageUri;
 @property (nonatomic, nullable) NSString *accountHomeTenantId;
 @property (nonatomic, nullable) NSString *clientSku;
 @property (nonatomic) BOOL skipValidateResultAccount;

diff --git a/IdentityCore/src/broker_operation/request/token_request/MSIDBrokerOperationTokenRequest.m b/IdentityCore/src/broker_operation/request/token_request/MSIDBrokerOperationTokenRequest.m
@@ -61,6 +61,7 @@ + (BOOL)fillRequest:(MSIDBrokerOperationTokenRequest *)request
     request.claimsRequest = parameters.claimsRequest;
     request.requestSentDate = requestSentDate;
     request.nonce = parameters.nonce;
+    request.webPageUri = parameters.webPageUri;
     request.clientSku = parameters.clientSku;
     request.skipValidateResultAccount = parameters.skipValidateResultAccount;
     request.forceRefresh = parameters.forceRefresh;
@@ -79,6 +80,8 @@ - (instancetype)initWithJSONDictionary:(NSDictionary *)json error:(NSError *__au
         _configuration = [[MSIDConfiguration alloc] initWithJSONDictionary:json error:error];
         if (!_configuration) return nil;
 
+        _webPageUri = [json msidStringObjectForKey:@"web_page_uri"];
+
         _providerType = MSIDProviderTypeFromString([json msidStringObjectForKey:MSID_PROVIDER_TYPE_JSON_KEY]);
 
         _oidcScope = [json msidStringObjectForKey:MSID_BROKER_EXTRA_OIDC_SCOPES_KEY];
@@ -135,6 +138,7 @@ - (NSDictionary *)jsonDictionary
     }
 
     [json addEntriesFromDictionary:configurationJson];
+    json[@"web_page_uri"] = self.webPageUri;
     json[MSID_PROVIDER_TYPE_JSON_KEY] = MSIDProviderTypeToString(self.providerType);
     json[MSID_BROKER_EXTRA_OIDC_SCOPES_KEY] = self.oidcScope;
     json[MSID_BROKER_EXTRA_QUERY_PARAM_KEY] = [self.extraQueryParameters msidWWWFormURLEncode];

diff --git a/IdentityCore/src/logger/MSIDMaskedUsernameLogParameter.m b/IdentityCore/src/logger/MSIDMaskedUsernameLogParameter.m
@@ -49,7 +49,7 @@ - (NSString *)maskedDescription
             domain = [stringValue substringFromIndex:emailIndex.location + 1];
         }
 
-        return [NSString stringWithFormat:@"auth.placeholder-%@__%@", [username msidSecretLoggingHash], domain];
+        return [NSString stringWithFormat:@"auth.placeholder-%@__%@", [username.lowercaseString msidSecretLoggingHash], domain.lowercaseString];
     }
 
     return [self.parameterValue msidSecretLoggingHash];

diff --git a/IdentityCore/src/parameters/MSIDRequestParameters.h b/IdentityCore/src/parameters/MSIDRequestParameters.h
@@ -48,6 +48,7 @@
 @property (nonatomic) MSIDAuthority *providedAuthority;
 @property (nonatomic) MSIDAuthority *cloudAuthority;
 @property (nonatomic) NSString *redirectUri;
+@property (nonatomic) NSString *webPageUri;
 @property (nonatomic) NSString *clientId;
 @property (nonatomic) NSString *target;
 @property (nonatomic) NSString *oidcScope;

diff --git a/IdentityCore/tests/MSIDMaskedUsernameLogParameterTests.m b/IdentityCore/tests/MSIDMaskedUsernameLogParameterTests.m
@@ -88,4 +88,15 @@ - (void)testDescription_whenPIINotEnabled_andEmailParameterWithNoDomain_andSpace
     XCTAssertEqualObjects(description, @"auth.placeholder-9f86d081__ ");
 }
 
+- (void)testDescription_whenPIINotEnabled_andEmailParameterWithDomain_shouldReturnSameMaskedValueForDifferentCase
+{
+    [MSIDLogger sharedLogger].logMaskingLevel = MSIDLogMaskingSettingsMaskAllPII;
+    MSIDMaskedUsernameLogParameter *logParameter = [[MSIDMaskedUsernameLogParameter alloc] initWithParameterValue:@"[email protected]"];
+    MSIDMaskedUsernameLogParameter *logParameter1 = [[MSIDMaskedUsernameLogParameter alloc] initWithParameterValue:@"[email protected]"];
+    NSString *description = [logParameter description];
+    NSString *description1 = [logParameter1 description];
+    XCTAssertEqualObjects(description, @"auth.placeholder-16f78a7d__domain.com");
+    XCTAssertEqualObjects(description, description1);
+}
+
 @end
diff --git a/IdentityCore/tests/automation/ui_app_lib/MSIDClearCookiesTestAction.m b/IdentityCore/tests/automation/ui_app_lib/MSIDClearCookiesTestAction.m
@@ -72,6 +72,14 @@ - (void)performActionWithParameters:(__unused NSDictionary *)parameters
                                                modifiedSince:[NSDate dateWithTimeIntervalSince1970:0]
                                            completionHandler:^{}];
 
+    NSHTTPCookieStorage *separatedStorage = [NSHTTPCookieStorage sharedCookieStorageForGroupContainerIdentifier:@"group.com.microsoft.azureauthenticator.sso"];
+
+    for (NSHTTPCookie *cookie in separatedStorage.cookies)
+    {
+        [separatedStorage deleteCookie:cookie];
+        count++;
+    }
+
     MSIDAutomationTestResult *testResult = [[MSIDAutomationTestResult alloc] initWithAction:self.actionIdentifier
                                                                                     success:YES
                                                                              additionalInfo:@{@"cleared_items_count":@(count)}];

diff --git a/IdentityCore/tests/automation/ui_tests_lib/MSIDBaseUITest.m b/IdentityCore/tests/automation/ui_tests_lib/MSIDBaseUITest.m
@@ -436,7 +436,10 @@ - (NSArray *)loadTestAccountRequest:(MSIDAutomationBaseApiRequest *)accountReque
         XCTAssertTrue(results.count >= 1);
 
         XCTestExpectation *passwordLoadExpecation = [self expectationWithDescription:@"Get password"];
-        passwordLoadExpecation.expectedFulfillmentCount = results.count;
+        if (results && results.count > 0)
+        {
+            passwordLoadExpecation.expectedFulfillmentCount = results.count;
+        }
 
         for (MSIDTestAutomationAccount *account in results)
         {

diff --git a/azure_pipelines/msal_submodule_check.yaml b/azure_pipelines/msal_submodule_check.yaml
@@ -0,0 +1,118 @@
+# Pipeline will be triggered for PR & any updates on the PR on all branches
+pr:
+  branches:
+    include:
+    - '*'
+
+# Trigger CI for only main/release branches
+trigger:
+  branches:
+    include:
+    - main
+    - release/*
+
+resources:
+ repositories:
+   - repository: microsoft-authentication-library-for-objc
+     type: github
+     endpoint: 'MSAL ObjC Service Connection'
+     name: AzureAD/microsoft-authentication-library-for-objc
+
+# Define parallel jobs that run build script for specified targets
+jobs:
+- job: 'Validate_Pull_Request'
+  strategy:
+    maxParallel: 3
+    matrix:
+      IOS_FRAMEWORK:
+        target: "iosFramework iosTestApp sampleIosApp sampleIosAppSwift"
+      MAC_FRAMEWORK:
+        target: "macFramework"
+      VISION_FRAMEWORK:
+        target: "visionOSFramework"
+  displayName: Validate Pull Request
+  pool:
+    vmImage: 'macOS-14'
+    timeOutInMinutes: 30
+
+  steps:
+  - script: |
+          /bin/bash -c "sudo xcode-select -s /Applications/Xcode_15.4.app"
+    displayName: 'Switch to use Xcode 15.4'
+  - task: CmdLine@2
+    displayName: Installing xcpretty
+    inputs:
+      script: |
+        gem install xcpretty -N -v 0.3.0
+      failOnStderr: true
+  - task: CmdLine@2
+    displayName: Installing dependencies
+    inputs:
+      script: |
+        gem install slather bundler -N
+      failOnStderr: true
+
+# The following is needed to install the visionOS SDK on macos-14 vm image which
+# doesn't have visionOS installed by default.
+# TODO: Remove when macos-14-arm64 is supported on ADO.
+  - task: Bash@3
+    displayName: download visionOS SDK
+    inputs:
+      targetType: 'inline'
+      script: |
+        echo $(target)
+        if [ $(target) == 'visionOSFramework' ]; then
+            echo "Downloading simulator for visionOS"
+            sudo xcode-select -s /Applications/Xcode_15.4.app/Contents/Developer
+            defaults write com.apple.dt.Xcode AllowUnsupportedVisionOSHost -bool YES
+            defaults write com.apple.CoreSimulator AllowUnsupportedVisionOSHost -bool YES
+            xcodebuild -downloadPlatform visionOS
+        else
+            echo "Not visionOS job, no download needed"
+        fi
+      failOnStderr: false
+
+  - checkout: microsoft-authentication-library-for-objc
+    displayName: 'Checkout MSAL'
+    clean: true
+    submodules: true
+    fetchTags: true
+    persistCredentials: true
+
+  - checkout: self
+    clean: true
+    submodules: false
+    fetchDepth: 1
+    path: 's/microsoft-authentication-library-for-objc/MSAL/IdentityCore'
+    persistCredentials: false
+
+  - task: Bash@3
+    displayName: Run Build script & check for Errors
+    inputs:
+      targetType: 'inline'
+      script: |
+        cd $(Agent.BuildDirectory)/s/microsoft-authentication-library-for-objc
+        { output=$(./build.py --target $(target) 2>&1 1>&3-) ;} 3>&1
+        final_status=$(<./build/status.txt)
+        echo "FINAL STATUS  = ${final_status}"
+        echo "POSSIBLE ERRORS: ${output}"
+        
+        if [ $final_status != "0" ]; then
+          echo "Build & Testing Failed! \n ${output}" >&2
+        fi
+      failOnStderr: true
+  - task: Bash@3
+    condition: always()
+    displayName: Cleanup
+    inputs:
+      targetType: 'inline'
+      script: |
+        rm -rf $(Agent.BuildDirectory)/s/build/status.txt
+  - task: PublishTestResults@2
+    condition: always()
+    displayName: Publish Test Report
+    inputs:
+      testResultsFormat: 'JUnit'
+      testResultsFiles: '$(Agent.BuildDirectory)/s/build/reports/*'
+      failTaskOnFailedTests: true
+      testRunTitle: 'Test Run - $(target)'
diff --git a/azure_pipelines/pr-validation.yml b/azure_pipelines/pr-validation.yml
@@ -29,10 +29,16 @@ jobs:
 
   steps:
   - task: CmdLine@2
-    displayName: Installing dependencies
+    displayName: Installing xcpretty
     inputs:
       script: |
-        gem install xcpretty slather -N
+        gem install xcpretty -N -v 0.3.0
+      failOnStderr: true
+  - task: CmdLine@2
+    displayName: Installing slather
+    inputs:
+      script: |
+        gem install slather -N
       failOnStderr: true
   - checkout: self
     clean: true

diff --git a/changelog.txt b/changelog.txt
@@ -1,3 +1,12 @@
+Version TBD
+* Make hashed ups in logs case insensitive (#1446)
+
+Version 1.7.43
+* Support web_page_uri #1440
+* Save error received from ESTS, and return it to the client on silent broker calls (#1438)
+* XPC CommonCore Minor change to support broker XPC changes (#1436)
+* Assign completion block before perform request (#1434)
+
 Version 1.7.42
 * Support extra query parameters on signout (#1243)
 * Wrap ASAuthorizationProviderExtensionAuthorizationRequest methods (#1427)