Merge pull request #1607 from AzureAD/release/1.17.0

Release 1.17.0

Author: josephpab

IdentityCore/IdentityCore.xcodeproj/project.pbxproj

@@ -211,6 +211,8 @@ extern NSString * _Nonnull const MSID_FRT_STATUS_DISABLED;
 extern NSString * _Nonnull const MSID_BROWSER_RESPONSE_SWITCH_BROWSER;
 extern NSString * _Nonnull const MSID_BROWSER_RESPONSE_SWITCH_BROWSER_RESUME;
 
+extern NSString * _Nonnull const MSID_BOUND_RT_REDEEM;
+
 extern NSString * _Nonnull const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY;
 extern NSString * _Nonnull const MSID_FLIGHT_SUPPORT_DUNA_CBA;
 extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH;
@@ -231,5 +233,8 @@ extern NSString * _Nonnull const MSID_FLIGHT_IGNORE_COOKIES_IN_DUNA_RESUME;
 extern NSString * _Nonnull const MSID_FLIGHT_DISABLE_REMOVE_ACCOUNT_ARTIFACTS;
 
 extern NSString * _Nonnull const MSID_FLIGHT_ENABLE_QUERYING_STK;
+extern NSString * _Nonnull const MSID_FLIGHT_IS_BART_SUPPORTED;
+
+extern NSString * _Nonnull const MSID_DOMAIN_HINT_KEY;
 
 #define METHODANDLINE   [NSString stringWithFormat:@"%s [Line %d]", __PRETTY_FUNCTION__, __LINE__]

IdentityCore/src/MSIDConstants.h

@@ -83,6 +83,9 @@
 NSString *const MSID_BROWSER_RESPONSE_SWITCH_BROWSER = @"switch_browser";
 NSString *const MSID_BROWSER_RESPONSE_SWITCH_BROWSER_RESUME = @"switch_browser_resume";
 
+// Bound App Refresh token constants
+NSString *const MSID_BOUND_RT_REDEEM = @"bound_rt_redeem";
+
 NSString *const MSID_FLIGHT_USE_V2_WEB_RESPONSE_FACTORY = @"use_v2_web_response_factory";
 NSString *const MSID_FLIGHT_SUPPORT_DUNA_CBA = @"support_duna_cba_v2";
 NSString *const MSID_FLIGHT_DISABLE_JIT_TROUBLESHOOTING_LEGACY_AUTH = @"disable_jit_remediation_legacy_auth";
@@ -95,6 +98,9 @@
 NSString *const MSID_FLIGHT_DISABLE_REMOVE_ACCOUNT_ARTIFACTS = @"disable_rm_metadata";
 
 NSString *const MSID_FLIGHT_ENABLE_QUERYING_STK = @"enable_querying_stk";
+NSString *const MSID_FLIGHT_IS_BART_SUPPORTED = @"is_msal_bart_supported";
+
+NSString *const MSID_DOMAIN_HINT_KEY  = @"domain_hint";
 
 
 #define METHODANDLINE   [NSString stringWithFormat:@"%s [Line %d]", __PRETTY_FUNCTION__, __LINE__]

IdentityCore/src/MSIDConstants.m

@@ -180,3 +180,5 @@ extern NSString *const MSID_CCS_REQUEST_ID_RESPONSE;
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY;
 extern NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE;
 extern NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY;
+extern NSString *const MSID_MSAL_CLIENT_APV_PREFIX;
+extern NSString *const MSID_BOUND_REFRESH_TOKEN_EXCHANGE;

IdentityCore/src/MSIDOAuth2Constants.h

@@ -180,4 +180,6 @@
 NSString *const MSID_CCS_REQUEST_SEQUENCE_KEY            = @"x-ms-srs";
 NSString *const MSID_CCS_REQUEST_SEQUENCE_RESPONSE       = @"ccs-request-sequence";
 
+NSString *const MSID_BOUND_REFRESH_TOKEN_EXCHANGE        = @"bound_rt_exchange";
 NSString *const MSID_BOUND_DEVICE_ID_CACHE_KEY           = @"bound_device_id";
+NSString *const MSID_MSAL_CLIENT_APV_PREFIX              = @"MsalClient";

IdentityCore/src/MSIDOAuth2Constants.m

@@ -432,12 +432,11 @@ - (BOOL)completeAcquireTokenWithResult:(MSIDTokenResult *)tokenResult error:(NSE
     else
     {
         [brokerEvent setResultStatus:MSID_TELEMETRY_VALUE_SUCCEEDED];
-    
-        if (tokenResult.brokerAppVersion)
+        id brokerAppVersion = [tokenResult.brokerMetaData objectForKey:MSID_TOKEN_RESULT_BROKER_APP_VERSION];
+        if (brokerAppVersion && [brokerAppVersion isKindOfClass:NSString.class])
         {
-            [brokerEvent setBrokerAppVersion:tokenResult.brokerAppVersion];
+            [brokerEvent setBrokerAppVersion:brokerAppVersion];
         }
-
         MSIDTelemetryAPIEvent *telemetryEvent = [self telemetryAPIEvent];
         [telemetryEvent setUserInformation:tokenResult.account];
         [self stopTelemetryEvent:telemetryEvent error:nil];

IdentityCore/src/controllers/broker/ios/MSIDBrokerInteractiveController.m

@@ -0,0 +1,43 @@
+//
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.  
+
+#import "MSIDBoundRefreshToken.h"
+#import "MSIDBoundRefreshTokenRedemptionParameters.h"
+
+NS_ASSUME_NONNULL_BEGIN
+@interface MSIDBoundRefreshToken (Redemption)
+/*!
+    @brief For specified tenant ID, get a signed JWT request to redeem this bound refresh token. Tenant ID is used to query registration and match device ID from it to this bound refresh token.
+    @param tenantId The tenant ID that will be used to query the device registration.
+    @param jweCrypto Optional dictionary to receive JWE crypto information. It will be also part of the resulting JWT's payload.
+    @param error Pointer to an NSError object that will be set if an error occurs.
+    @return A JWT string for token redemption, or nil if an error occurs.
+*/
+- (NSString *) getTokenRedemptionJwtForTenantId: (nullable NSString *)tenantId
+                      tokenRedemptionParameters: (MSIDBoundRefreshTokenRedemptionParameters *)requestParameters
+                                        context:(id<MSIDRequestContext> _Nullable)context
+                                      jweCrypto: (NSDictionary *__nonnull *__nonnull)jweCrypto
+                                          error: (NSError *__nonnull __autoreleasing *__nonnull)error;
+@end
+NS_ASSUME_NONNULL_END