Edge TB: changes related to GetToken, Fixes AB#3317102

changelog.txt

@@ -21,6 +21,7 @@ Version 23.1.0
 - [MINOR] WebApps AccountId Registry (#2787)
 - [MINOR] Expose WebApps APIs (#2793)
 - [MINOR] Add domainHint support to authorization request (#2792)
+- [MINOR] Add support for WebApps getToken API (#2803)
 - [PATCH] Fix auth method blocked error handling (#2804)
 
 Version 23.0.2

common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java

@@ -1379,22 +1379,32 @@ public static String computeMaxHostBrokerProtocol() {
         /**
          * String for broker webapps get contracts result.
          */
-        public static final String BROKER_WEBAPPS_GET_CONTRACTS_RESULT = "contracts";
+        public static final String BROKER_WEBAPPS_GET_CONTRACTS_RESULT = "web_apps_contracts";
 
         /**
-         * String for broker webapps error result.
+         * String for broker webapps request.
          */
-        public static final String BROKER_WEB_APPS_ERROR = "error";
+        public static final String BROKER_WEB_APPS_EXECUTE_REQUEST = "web_apps_execute_request";
 
         /**
-         * String for broker webapps request.
+         * String for broker webapps additional required params.
          */
-        public static final String BROKER_WEB_APPS_REQUEST = "request";
+        public static final String BROKER_WEB_APPS_ADDITIONAL_REQUIRED_PARAMS = "additional_required_params";
 
         /**
          * String for broker webapps response.
          */
-        public static final String BROKER_WEB_APPS_RESPONSE = "response";
+        public static final String BROKER_WEB_APPS_SUCCESSFUL_RESULT = "web_app_successful_result";
+
+        /**
+         * String for compressed broker webapps response.
+         */
+        public static final String BROKER_WEB_APPS_SUCCESSFUL_RESULT_COMPRESSED = "web_app_successful_result_compressed";
+
+        /**
+         * String for broker webapps error result.
+         */
+        public static final String BROKER_WEB_APPS_ERROR_RESULT = "web_apps_error_result";
 
         /**
          * String for generate shr result.
@@ -2142,4 +2152,3 @@ public static final class SdkPlatformFields {
         public static final String VERSION = com.microsoft.identity.common.java.AuthenticationConstants.SdkPlatformFields.VERSION;
     }
 }
-

common/src/main/java/com/microsoft/identity/common/internal/broker/BrokerRequest.java

@@ -84,6 +84,8 @@ private static final class SerializedNames {
         final static String SIGN_IN_WITH_GOOGLE_CREDENTIAL = "sign_in_with_google_credential";
 
         final static String TENANT_ID = "tenant_id";
+        final static String REQUEST_TYPE = "request_type";
+        final static String WEB_APPS_STATE = "web_apps_state";
     }
 
     /**
@@ -281,4 +283,15 @@ private static final class SerializedNames {
     @Nullable
     @SerializedName(SerializedNames.TENANT_ID)
     private String mTenantId;
+
+    @Nullable
+    @SerializedName(SerializedNames.REQUEST_TYPE)
+    private String mRequestType;
+
+    /**
+     * State for web apps requests. Make sure not to log this.
+     */
+    @Nullable
+    @SerializedName(SerializedNames.WEB_APPS_STATE)
+    private String mWebAppsState;
 }

common/src/main/java/com/microsoft/identity/common/internal/cache/WebAppsAccountIdRegistry.kt

@@ -50,6 +50,7 @@ class WebAppsAccountIdRegistry private constructor(
          * @param supplier The storage supplier.
          * @return A new instance of [WebAppsAccountIdRegistry].
          */
+        @JvmStatic
         fun create(supplier: IStorageSupplier): WebAppsAccountIdRegistry {
             val store = supplier.getEncryptedFileStore(WEBAPPS_ACCOUNT_ID_REGISTRY_STORAGE_KEY)
             return WebAppsAccountIdRegistry(store)

common/src/main/java/com/microsoft/identity/common/internal/platform/AndroidPlatformUtil.java

@@ -50,6 +50,7 @@
 import com.microsoft.identity.common.java.commands.ICommand;
 import com.microsoft.identity.common.java.commands.InteractiveTokenCommand;
 import com.microsoft.identity.common.java.commands.parameters.InteractiveTokenCommandParameters;
+import com.microsoft.identity.common.java.exception.ArgumentException;
 import com.microsoft.identity.common.java.exception.ClientException;
 import com.microsoft.identity.common.java.exception.ErrorStrings;
 import com.microsoft.identity.common.java.flighting.CommonFlight;
@@ -161,6 +162,11 @@ public boolean isValidCallingApp(@NonNull String redirectUri, @NonNull String pa
         return isValidBrokerRedirect;
     }
 
+    @Override
+    public void isValidCallingAppForWebApps(int callingUid) throws ClientException, UnsupportedOperationException {
+        // This operation is not supported in non-broker contexts.
+        throw new UnsupportedOperationException("WebApp APIs are not functional in non-broker scenarios.");
+    }
     @Override
     @Nullable
     public String getEnrollmentId(@NonNull final String userId, @NonNull final String packageName) {
@@ -324,4 +330,8 @@ private boolean isValidHubRedirectURIForNAATests(String redirectUri) {
                 || redirectUri.equals("msauth://com.microsoft.teams/fcg80qvoM1YMKJZibjBwQcDfOno=")
                 || redirectUri.equals("https://login.microsoftonline.com/common/oauth2/nativeclient"));
     }
+
+    protected Context getContext() {
+        return mContext;
+    }
 }

common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java

@@ -29,7 +29,8 @@
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.AUTH_SCHEME_PARAMS_POP;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_REQUEST_V2;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_REQUEST_V2_COMPRESSED;
-import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_WEB_APPS_REQUEST;
+import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_WEB_APPS_ADDITIONAL_REQUIRED_PARAMS;
+import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_WEB_APPS_EXECUTE_REQUEST;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CALLER_INFO_UID;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CAN_FOCI_APPS_CONSTRUCT_ACCOUNTS_FROM_PRT_ID_TOKEN_KEY;
 import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.CLIENT_ADVERTISED_MAXIMUM_BP_VERSION_KEY;
@@ -56,6 +57,8 @@
 import com.microsoft.identity.common.java.authscheme.INameable;
 import com.microsoft.identity.common.java.authscheme.PopAuthenticationSchemeInternal;
 import com.microsoft.identity.common.java.commands.parameters.AcquirePrtSsoTokenCommandParameters;
+import com.microsoft.identity.common.java.commands.parameters.BrokerInteractiveTokenCommandParameters;
+import com.microsoft.identity.common.java.commands.parameters.BrokerSilentTokenCommandParameters;
 import com.microsoft.identity.common.java.commands.parameters.CommandParameters;
 import com.microsoft.identity.common.java.commands.parameters.DeviceCodeFlowCommandParameters;
 import com.microsoft.identity.common.java.commands.parameters.GenerateShrCommandParameters;
@@ -138,6 +141,11 @@ public BrokerRequest brokerRequestFromAcquireTokenParameters(@NonNull final Inte
             brokerRequestBuilder.signInWithGoogleCredential(androidInteractiveTokenCommandParameters.getSignInWithGoogleCredential());
         }
 
+        if (parameters instanceof BrokerInteractiveTokenCommandParameters) {
+            brokerRequestBuilder.requestType(((BrokerInteractiveTokenCommandParameters) parameters).getRequestType().name());
+            brokerRequestBuilder.webAppsState(((BrokerInteractiveTokenCommandParameters) parameters).getWebAppsState());
+        }
+
         return brokerRequestBuilder.build();
     }
 
@@ -178,7 +186,7 @@ public BrokerRequest brokerRequestFromSilentOperationParameters(@NonNull final S
         final String extraOptions = parameters.getExtraOptions() != null ?
                 QueryParamsAdapter._toJson(parameters.getExtraOptions()) : null;
 
-        final BrokerRequest brokerRequest = BrokerRequest.builder()
+        final BrokerRequest.BrokerRequestBuilder brokerRequestBuilder = BrokerRequest.builder()
                 .authority(parameters.getAuthority().getAuthorityURL().toString())
                 .scope(TextUtils.join(" ", parameters.getScopes()))
                 .redirect(parameters.getRedirectUri())
@@ -205,10 +213,13 @@ public BrokerRequest brokerRequestFromSilentOperationParameters(@NonNull final S
                         .spanId(SpanExtension.current().getSpanContext().getSpanId())
                         .traceFlags(SpanExtension.current().getSpanContext().getTraceFlags().asByte())
                         .build()
-                )
-                .build();
+                );
 
-        return brokerRequest;
+        if (parameters instanceof BrokerSilentTokenCommandParameters) {
+            brokerRequestBuilder.requestType(((BrokerSilentTokenCommandParameters) parameters).getRequestType().name());
+        }
+
+        return brokerRequestBuilder.build();
     }
 
     public @NonNull Bundle getRequestBundleForSsoToken(final @NonNull AcquirePrtSsoTokenCommandParameters parameters,
@@ -597,17 +608,20 @@ public Bundle getRequestBundleForAadDeviceIdRequest(
     /**
      * Method to construct a request bundle for broker executeWebAppRequest request.
      *
-     * @param request                      input request
+     * @param request input request
      * @param negotiatedBrokerProtocolVersion protocol version returned by broker hello.
      * @param requiredBrokerProtocolVersion protocol version required by the client.
+     * @param additionalRequiredParams extra required arguments to be sent to broker.
      * @return request Bundle
      */
     public Bundle getRequestBundleForExecuteWebAppRequest(@NonNull final String request,
                                                           @NonNull final String negotiatedBrokerProtocolVersion,
-                                                          @NonNull final String requiredBrokerProtocolVersion) {
+                                                          @NonNull final String requiredBrokerProtocolVersion,
+                                                          @NonNull final String additionalRequiredParams) {
         final Bundle bundle = new Bundle();
         bundle.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, negotiatedBrokerProtocolVersion);
-        bundle.putString(BROKER_WEB_APPS_REQUEST, request);
+        bundle.putString(BROKER_WEB_APPS_EXECUTE_REQUEST, request);
+        bundle.putString(BROKER_WEB_APPS_ADDITIONAL_REQUIRED_PARAMS, additionalRequiredParams);
         addRequiredBrokerProtocolVersionToRequestBundle(bundle, requiredBrokerProtocolVersion);
         return bundle;
     }

common/src/main/java/com/microsoft/identity/common/internal/result/AdalBrokerResultAdapter.java

@@ -168,12 +168,25 @@ public class AdalBrokerResultAdapter implements IBrokerResultAdapter {
         return resultBundle;
     }
 
+    @Override
+    public @NonNull Bundle bundleFromBaseExceptionForWebApps(@NonNull BaseException exception) {
+        throw new UnsupportedOperationException();
+    }
+
     @Override
     public @NonNull
     ILocalAuthenticationResult authenticationResultFromBundle(Bundle resultBundle) {
         throw new UnsupportedOperationException();
     }
 
+    @NonNull
+    @Override
+    public Bundle bundleFromAuthenticationResultForWebApps(@NonNull ILocalAuthenticationResult authenticationResult,
+                                                           @Nullable String negotiatedBrokerProtocolVersion,
+                                                           @Nullable String state) throws BaseException {
+        throw new UnsupportedOperationException();
+    }
+
     @Override
     public @NonNull BaseException getBaseExceptionFromBundle(Bundle resultBundle) {
         throw new UnsupportedOperationException();

common/src/main/java/com/microsoft/identity/common/internal/result/IBrokerResultAdapter.java

@@ -43,6 +43,18 @@ public interface IBrokerResultAdapter {
     @NonNull Bundle bundleFromAuthenticationResult(@NonNull final ILocalAuthenticationResult authenticationResult,
                                                    @Nullable final String negotiatedBrokerProtocolVersion);
 
+    /**
+     * Returns a success bundle with properties from result for web apps.
+     *
+     * @param authenticationResult
+     * @param negotiatedBrokerProtocolVersion
+     * @param state
+     * @return {@link Bundle}
+     */
+    @NonNull Bundle bundleFromAuthenticationResultForWebApps(@NonNull final ILocalAuthenticationResult authenticationResult,
+                                                             @Nullable final String negotiatedBrokerProtocolVersion,
+                                                             @Nullable final String state) throws BaseException;
+
     /**
      * Returns an error bundle with properties from Exception.
      *
@@ -52,6 +64,14 @@ public interface IBrokerResultAdapter {
     @NonNull Bundle bundleFromBaseException(@NonNull BaseException exception,
                                             @Nullable final String negotiatedBrokerProtocolVersion);
 
+    /**
+     * Returns an error bundle with properties from Exception for web apps.
+     *
+     * @param exception
+     * @return {@link Bundle}
+     */
+    @NonNull Bundle bundleFromBaseExceptionForWebApps(@NonNull final BaseException exception);
+
     /**
      * Returns authentication result from Broker result bundle
      *