From a237068adcbdf853d67ef62a1e481e96ecefaae4 Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Mon, 13 May 2024 12:57:16 -0700 Subject: [PATCH 01/19] Update core. --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 67d290262d..091c59ec23 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 67d290262d358d12666b2b04e4348f7d8eda7539 +Subproject commit 091c59ec23abdc83eb8aa4540d7129967e1fed82 From b011ed25393a8ca4bce1515796ee218dace1324f Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Mon, 13 May 2024 13:03:50 -0700 Subject: [PATCH 02/19] Bump version. --- CHANGELOG.md | 3 +++ MSAL.podspec | 2 +- MSAL/resources/ios/Info.plist | 2 +- MSAL/resources/mac/Info.plist | 2 +- MSAL/src/MSAL_Internal.h | 2 +- 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b20fe87b87..3568ae22ab 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +## [1.3.3] +* Update common core submodule. + ## [1.3.2] * Add forceRefresh param to ignore AT in cache and request a new AT. diff --git a/MSAL.podspec b/MSAL.podspec index 120f528dc8..fda3d2344d 100644 --- a/MSAL.podspec +++ b/MSAL.podspec @@ -1,6 +1,6 @@ Pod::Spec.new do |s| s.name = "MSAL" - s.version = "1.3.2" + s.version = "1.3.3" s.summary = "Microsoft Authentication Library (MSAL) for iOS" s.description = <<-DESC The MSAL library for iOS gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Microsoft Azure B2C for those using our hosted identity management service. diff --git a/MSAL/resources/ios/Info.plist b/MSAL/resources/ios/Info.plist index 2a3d8cec78..a6867d0c5a 100644 --- a/MSAL/resources/ios/Info.plist +++ b/MSAL/resources/ios/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.2 + 1.3.3 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSPrincipalClass diff --git a/MSAL/resources/mac/Info.plist b/MSAL/resources/mac/Info.plist index 0f0474702a..f0f56c5e0d 100644 --- a/MSAL/resources/mac/Info.plist +++ b/MSAL/resources/mac/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.2 + 1.3.3 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSHumanReadableCopyright diff --git a/MSAL/src/MSAL_Internal.h b/MSAL/src/MSAL_Internal.h index 67a95b5a33..5c2086c0ef 100644 --- a/MSAL/src/MSAL_Internal.h +++ b/MSAL/src/MSAL_Internal.h @@ -27,7 +27,7 @@ #define MSAL_VER_HIGH 1 #define MSAL_VER_LOW 3 -#define MSAL_VER_PATCH 2 +#define MSAL_VER_PATCH 3 #define STR_HELPER(x) #x #define STR(x) STR_HELPER(x) From 334d357e56e90aad59652bd25f9bb1a3b3f4b7c6 Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Mon, 13 May 2024 14:08:32 -0700 Subject: [PATCH 03/19] modified: CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3568ae22ab..394b419d20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ ## [1.3.3] * Update common core submodule. +* Automation improvements. ## [1.3.2] * Add forceRefresh param to ignore AT in cache and request a new AT. From 208c5daed7dda44cca05f8f68138cf0fd2d5845b Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Mon, 13 May 2024 14:18:51 -0700 Subject: [PATCH 04/19] modified: IdentityCore --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 091c59ec23..a5e4771a18 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 091c59ec23abdc83eb8aa4540d7129967e1fed82 +Subproject commit a5e4771a18aadfde77e8d19772dfc243001712a8 From 0a192c23e7417d248459c3f4b0aa93dd39cde30a Mon Sep 17 00:00:00 2001 From: Sergei Demchenko Date: Fri, 17 May 2024 15:49:26 -0700 Subject: [PATCH 05/19] Merge release 1.3.3 to main (#2165) * Update msal-release-ado-trigger.yml for Azure Pipelines * Update msal-release-ado-trigger.yml for Azure Pipelines * Update msal-release-ado-trigger.yml for Azure Pipelines * Update msal-release-ado-trigger.yml for Azure Pipelines * Update msal-release-ado-trigger.yml for Azure Pipelines * Update msal-release-ado-trigger.yml for Azure Pipelines * Delete spm-framework.yml * Update from dev * remove test * Reintroduce Minimum OS Version Requirements to Readme Reintroducing minimum version indicators that were [mistakenly?] removed in #2080 * So support ssh-cert flow through broker (Update submodule only) (#2134) * cc update * Update submodule * Update submodule * ID Token should be updated when Access Token is refreshed/acquired silently (#2141) * Changed refresh token to update account and tokens on UserAccountResult * Unit tests * Swiftlint * Updated code comment * PR Comments * Update automation.yml for Azure Pipelines * Update automation.yml for Azure Pipelines * Update automation.yml for Azure Pipelines * This PR removes the ADAL keyvault and client secret (#2150) * Update submodule * Update yml file * Revert conf file from testings * Update msal submodule (#2160) * Update core. * Bump version. * modified: CHANGELOG.md * modified: IdentityCore --------- Co-authored-by: Ameya Patil Co-authored-by: Ameya <> Co-authored-by: Antonio Alwan Co-authored-by: Hieu Nguyen Co-authored-by: Ameya Patil Co-authored-by: Hieu Nguyen <65981263+hieunguyenmsft@users.noreply.github.com> Co-authored-by: Brian Melton-Grace Co-authored-by: Kai Co-authored-by: Silviu Petrescu <111577419+spetrescu84@users.noreply.github.com> Co-authored-by: Swasti Gupta --- CHANGELOG.md | 4 + MSAL.podspec | 2 +- MSAL/IdentityCore | 2 +- MSAL/MSAL.xcodeproj/project.pbxproj | 2 - MSAL/resources/ios/Info.plist | 2 +- MSAL/resources/mac/Info.plist | 2 +- MSAL/src/MSAL_Internal.h | 2 +- .../MSALNativeAuthCredentialsController.swift | 39 +- ...MSALNativeAuthCredentialsControlling.swift | 4 +- .../MSALNativeAuthResultFactory.swift | 36 +- ...NativeAuthUserAccountResult+Internal.swift | 7 +- .../MSALNativeAuthUserAccountResult.swift | 6 +- ...NativeAuthCredentialsControllerTests.swift | 21 +- .../MSALNativeAuthResultFactoryTests.swift | 94 ++-- ...LNativeAuthCredentialsControllerMock.swift | 4 +- .../mock/MSALNativeAuthFactoriesMocks.swift | 22 + README.md | 5 + azure_pipelines/automation.yml | 8 +- azure_pipelines/msal-release-ado-trigger.yml | 12 +- azure_pipelines/spm-framework.yml | 417 ------------------ 20 files changed, 191 insertions(+), 500 deletions(-) delete mode 100644 azure_pipelines/spm-framework.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index b20fe87b87..394b419d20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +## [1.3.3] +* Update common core submodule. +* Automation improvements. + ## [1.3.2] * Add forceRefresh param to ignore AT in cache and request a new AT. diff --git a/MSAL.podspec b/MSAL.podspec index 120f528dc8..fda3d2344d 100644 --- a/MSAL.podspec +++ b/MSAL.podspec @@ -1,6 +1,6 @@ Pod::Spec.new do |s| s.name = "MSAL" - s.version = "1.3.2" + s.version = "1.3.3" s.summary = "Microsoft Authentication Library (MSAL) for iOS" s.description = <<-DESC The MSAL library for iOS gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Microsoft Azure B2C for those using our hosted identity management service. diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index ab5051f880..a5e4771a18 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit ab5051f880196698db65ecfbf5803f8fd2b075e1 +Subproject commit a5e4771a18aadfde77e8d19772dfc243001712a8 diff --git a/MSAL/MSAL.xcodeproj/project.pbxproj b/MSAL/MSAL.xcodeproj/project.pbxproj index 9166bfd047..5c217bd727 100644 --- a/MSAL/MSAL.xcodeproj/project.pbxproj +++ b/MSAL/MSAL.xcodeproj/project.pbxproj @@ -761,7 +761,6 @@ B2C17B0A1FC8DB2E0070A514 /* MSIDVersion.m in Sources */ = {isa = PBXBuildFile; fileRef = B2C17B091FC8DB2E0070A514 /* MSIDVersion.m */; }; B2C17B0B1FC8DB2E0070A514 /* MSIDVersion.m in Sources */ = {isa = PBXBuildFile; fileRef = B2C17B091FC8DB2E0070A514 /* MSIDVersion.m */; }; B2D0A38321C708CF0071E0DA /* MSALADFSv4FederatedTests.m in Sources */ = {isa = PBXBuildFile; fileRef = B21F9DE72120E85100B1B40C /* MSALADFSv4FederatedTests.m */; }; - B2D0A38821C709C30071E0DA /* MSALShibUITests.m in Sources */ = {isa = PBXBuildFile; fileRef = B21F9DEE2120F0E800B1B40C /* MSALShibUITests.m */; }; B2D0A38A21C70AF50071E0DA /* MSALPingUITests.m in Sources */ = {isa = PBXBuildFile; fileRef = B21F9DEC2120EB3E00B1B40C /* MSALPingUITests.m */; }; B2D0A38E21C71B8C0071E0DA /* MSALGuestUserTests.m in Sources */ = {isa = PBXBuildFile; fileRef = B21F9DF02120F5CE00B1B40C /* MSALGuestUserTests.m */; }; B2D0A38F21C71D900071E0DA /* MSALCacheRemovalTests.m in Sources */ = {isa = PBXBuildFile; fileRef = B2C232AA2122A6A5008092C1 /* MSALCacheRemovalTests.m */; }; @@ -5555,7 +5554,6 @@ B2A1C33F21C7038D00DDAE8E /* MSALADFSv3FederatedTests.m in Sources */, B2F4572A211C0B4800818910 /* MSALBaseAADUITest.m in Sources */, B282255C23EF811F0007DFE4 /* MSALB2CInteractiveTests.m in Sources */, - B2D0A38821C709C30071E0DA /* MSALShibUITests.m in Sources */, B2BB73732112C32C000EA4C5 /* MSALAADBasicInteractiveTests.m in Sources */, B2D0A38E21C71B8C0071E0DA /* MSALGuestUserTests.m in Sources */, B2D0A39221C72C740071E0DA /* MSALMSABasicInteractiveTests.m in Sources */, diff --git a/MSAL/resources/ios/Info.plist b/MSAL/resources/ios/Info.plist index 2a3d8cec78..a6867d0c5a 100644 --- a/MSAL/resources/ios/Info.plist +++ b/MSAL/resources/ios/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.2 + 1.3.3 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSPrincipalClass diff --git a/MSAL/resources/mac/Info.plist b/MSAL/resources/mac/Info.plist index 0f0474702a..f0f56c5e0d 100644 --- a/MSAL/resources/mac/Info.plist +++ b/MSAL/resources/mac/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.2 + 1.3.3 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSHumanReadableCopyright diff --git a/MSAL/src/MSAL_Internal.h b/MSAL/src/MSAL_Internal.h index 67a95b5a33..5c2086c0ef 100644 --- a/MSAL/src/MSAL_Internal.h +++ b/MSAL/src/MSAL_Internal.h @@ -27,7 +27,7 @@ #define MSAL_VER_HIGH 1 #define MSAL_VER_LOW 3 -#define MSAL_VER_PATCH 2 +#define MSAL_VER_PATCH 3 #define STR_HELPER(x) #x #define STR(x) STR_HELPER(x) diff --git a/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsController.swift b/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsController.swift index 82261faedd..257376e22b 100644 --- a/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsController.swift +++ b/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsController.swift @@ -83,7 +83,9 @@ final class MSALNativeAuthCredentialsController: MSALNativeAuthTokenController, return nil } - func refreshToken(context: MSALNativeAuthRequestContext, authTokens: MSALNativeAuthTokens) async -> RefreshTokenCredentialControllerResponse { + func refreshToken(context: MSALNativeAuthRequestContext, + authTokens: MSALNativeAuthTokens, + userAccountResult: MSALNativeAuthUserAccountResult) async -> RefreshTokenCredentialControllerResponse { MSALLogger.log(level: .verbose, context: context, format: "Refresh started") let telemetryEvent = makeAndStartTelemetryEvent(id: .telemetryApiIdRefreshToken, context: context) let scopes = authTokens.accessToken.scopes.array as? [String] ?? [] @@ -104,7 +106,8 @@ final class MSALNativeAuthCredentialsController: MSALNativeAuthTokenController, response, scopes: scopes, context: context, - telemetryEvent: telemetryEvent + telemetryEvent: telemetryEvent, + userAccountResult: userAccountResult ) } @@ -147,7 +150,8 @@ final class MSALNativeAuthCredentialsController: MSALNativeAuthTokenController, _ response: MSALNativeAuthTokenValidatedResponse, scopes: [String], context: MSALNativeAuthRequestContext, - telemetryEvent: MSIDTelemetryAPIEvent? + telemetryEvent: MSIDTelemetryAPIEvent?, + userAccountResult: MSALNativeAuthUserAccountResult ) -> RefreshTokenCredentialControllerResponse { let config = factory.makeMSIDConfiguration(scopes: scopes) switch response { @@ -156,7 +160,8 @@ final class MSALNativeAuthCredentialsController: MSALNativeAuthTokenController, tokenResponse: tokenResponse, telemetryEvent: telemetryEvent, context: context, - config: config + config: config, + userAccountResult: userAccountResult ) case .error(let errorType): let error = errorType.convertToRetrieveAccessTokenError(correlationId: context.correlationId()) @@ -173,21 +178,23 @@ final class MSALNativeAuthCredentialsController: MSALNativeAuthTokenController, tokenResponse: MSIDTokenResponse, telemetryEvent: MSIDTelemetryAPIEvent?, context: MSALNativeAuthRequestContext, - config: MSIDConfiguration + config: MSIDConfiguration, + userAccountResult: MSALNativeAuthUserAccountResult ) -> RefreshTokenCredentialControllerResponse { do { let tokenResult = try cacheTokenResponse(tokenResponse, context: context, msidConfiguration: config) - MSALLogger.log( - level: .verbose, - context: context, - format: "Refresh Token completed successfully") - // TODO: Handle tokenResult.refreshToken as? MSIDRefreshToken in a safer way - return .init( - .success(MSALNativeAuthTokenResult(authTokens: MSALNativeAuthTokens( - accessToken: tokenResult.accessToken, - refreshToken: tokenResult.refreshToken as? MSIDRefreshToken, - rawIdToken: tokenResult.rawIdToken - ))), + let account = factory.makeAccount(tokenResult: tokenResult, context: context) + guard let authTokens = factory.makeAuthTokens(tokenResult: tokenResult, context: context) else { + let error = RetrieveAccessTokenError(type: .generalError, correlationId: context.correlationId()) + MSALLogger.log( + level: .error, + context: context, + format: "Auth Tokens could not be created") + stopTelemetryEvent(telemetryEvent, context: context, error: error) + return .init(.failure(error), correlationId: context.correlationId()) + } + userAccountResult.refreshData(authTokens: authTokens, account: account) + return .init(.success(MSALNativeAuthTokenResult(authTokens: authTokens)), correlationId: context.correlationId(), telemetryUpdate: { [weak self] result in telemetryEvent?.setUserInformation(tokenResult.account) diff --git a/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsControlling.swift b/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsControlling.swift index 2b8882032e..1408afc6a4 100644 --- a/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsControlling.swift +++ b/MSAL/src/native_auth/controllers/credentials/MSALNativeAuthCredentialsControlling.swift @@ -29,5 +29,7 @@ protocol MSALNativeAuthCredentialsControlling { MSALNativeAuthControllerTelemetryWrapper> func retrieveUserAccountResult(context: MSALNativeAuthRequestContext) -> MSALNativeAuthUserAccountResult? - func refreshToken(context: MSALNativeAuthRequestContext, authTokens: MSALNativeAuthTokens) async -> RefreshTokenCredentialControllerResponse + func refreshToken(context: MSALNativeAuthRequestContext, + authTokens: MSALNativeAuthTokens, + userAccountResult: MSALNativeAuthUserAccountResult) async -> RefreshTokenCredentialControllerResponse } diff --git a/MSAL/src/native_auth/controllers/factories/MSALNativeAuthResultFactory.swift b/MSAL/src/native_auth/controllers/factories/MSALNativeAuthResultFactory.swift index 6f9a9a5df9..f2ed181ba5 100644 --- a/MSAL/src/native_auth/controllers/factories/MSALNativeAuthResultFactory.swift +++ b/MSAL/src/native_auth/controllers/factories/MSALNativeAuthResultFactory.swift @@ -28,6 +28,10 @@ protocol MSALNativeAuthResultBuildable { var config: MSALNativeAuthConfiguration {get} + func makeAccount(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALAccount + + func makeAuthTokens(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALNativeAuthTokens? + func makeUserAccountResult(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALNativeAuthUserAccountResult? func makeUserAccountResult(account: MSALAccount, authTokens: MSALNativeAuthTokens) -> MSALNativeAuthUserAccountResult? @@ -45,42 +49,50 @@ final class MSALNativeAuthResultFactory: MSALNativeAuthResultBuildable { self.cacheAccessor = cacheAccessor } - func makeUserAccountResult(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALNativeAuthUserAccountResult? { + func makeAccount(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALAccount { var jsonDictionary: [AnyHashable: Any]? do { let claims = try MSIDIdTokenClaims.init(rawIdToken: tokenResult.rawIdToken) jsonDictionary = claims.jsonDictionary() if jsonDictionary == nil { MSALLogger.log( - level: .error, + level: .warning, context: context, format: "Initialising account without claims") } } catch { MSALLogger.log( - level: .error, + level: .warning, context: context, format: "Claims for account could not be created - \(error)" ) } - guard let account = MSALAccount.init(msidAccount: tokenResult.account, - createTenantProfile: false, - accountClaims: jsonDictionary) else { + return MSALAccount.init(msidAccount: tokenResult.account, + createTenantProfile: false, + accountClaims: jsonDictionary) + } + + func makeAuthTokens(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALNativeAuthTokens? { + guard let refreshToken = tokenResult.refreshToken as? MSIDRefreshToken else { MSALLogger.log( level: .error, context: context, - format: "Account could not be created") + format: "Refresh token invalid, account result could not be created") return nil } - guard let refreshToken = tokenResult.refreshToken as? MSIDRefreshToken else { + return MSALNativeAuthTokens(accessToken: tokenResult.accessToken, + refreshToken: refreshToken, + rawIdToken: tokenResult.rawIdToken) + } + + func makeUserAccountResult(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALNativeAuthUserAccountResult? { + let account = makeAccount(tokenResult: tokenResult, context: context) + guard let authTokens = makeAuthTokens(tokenResult: tokenResult, context: context) else { MSALLogger.log( level: .error, context: context, - format: "Refresh token invalid, account result could not be created") + format: "Auth Tokens could not be created") return nil } - let authTokens = MSALNativeAuthTokens(accessToken: tokenResult.accessToken, - refreshToken: refreshToken, - rawIdToken: tokenResult.rawIdToken) return .init(account: account, authTokens: authTokens, configuration: config, cacheAccessor: cacheAccessor) } diff --git a/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult+Internal.swift b/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult+Internal.swift index 12972ea676..51d4dae85c 100644 --- a/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult+Internal.swift +++ b/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult+Internal.swift @@ -37,9 +37,14 @@ extension MSALNativeAuthUserAccountResult { if forceRefresh || self.authTokens.accessToken.isExpired() { let controllerFactory = MSALNativeAuthControllerFactory(config: configuration) let credentialsController = controllerFactory.makeCredentialsController(cacheAccessor: cacheAccessor) - return await credentialsController.refreshToken(context: context, authTokens: authTokens) + return await credentialsController.refreshToken(context: context, authTokens: authTokens, userAccountResult: self) } else { return .init(.success(MSALNativeAuthTokenResult(authTokens: authTokens)), correlationId: correlationId) } } + + func refreshData(authTokens: MSALNativeAuthTokens, account: MSALAccount) { + self.authTokens = authTokens + self.account = account + } } diff --git a/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult.swift b/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult.swift index 960a4f5c1f..6fe0fb4a0d 100644 --- a/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult.swift +++ b/MSAL/src/native_auth/public/MSALNativeAuthUserAccountResult.swift @@ -27,13 +27,13 @@ import Foundation /// Class that groups account and token information. @objc public class MSALNativeAuthUserAccountResult: NSObject { /// The account object that holds account information. - @objc public let account: MSALAccount + @objc public var account: MSALAccount - let authTokens: MSALNativeAuthTokens + var authTokens: MSALNativeAuthTokens let configuration: MSALNativeAuthConfiguration private let cacheAccessor: MSALNativeAuthCacheInterface - /// Get the ID token for the account. + /// Get the latest ID token for the account. @objc public var idToken: String? { authTokens.rawIdToken } diff --git a/MSAL/test/unit/native_auth/controllers/MSALNativeAuthCredentialsControllerTests.swift b/MSAL/test/unit/native_auth/controllers/MSALNativeAuthCredentialsControllerTests.swift index b7098bc616..625104a8a2 100644 --- a/MSAL/test/unit/native_auth/controllers/MSALNativeAuthCredentialsControllerTests.swift +++ b/MSAL/test/unit/native_auth/controllers/MSALNativeAuthCredentialsControllerTests.swift @@ -73,13 +73,13 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { // MARK: get native user account tests - func test_whenNoAccountPresent_shouldReturnNoAccounts() { + func test_whenNoAccountPresent_shouldReturnNoUserAccountResult() { let expectedContext = MSALNativeAuthRequestContext(correlationId: defaultUUID) let accountResult = sut.retrieveUserAccountResult(context: expectedContext) XCTAssertNil(accountResult) } - func test_whenNoTokenPresent_shouldReturnNoAccounts() { + func test_whenNoTokenPresent_shouldReturnNoUserAccountResult() { let account = MSALNativeAuthUserAccountResultStub.account let authTokens = MSALNativeAuthUserAccountResultStub.authTokens let userAccountResult = MSALNativeAuthUserAccountResult( @@ -95,7 +95,7 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { XCTAssertNil(accountResult) } - func test_whenAccountSet_shouldReturnAccount() async { + func test_whenAccountSet_shouldReturnUserAccountResult() async { let account = MSALNativeAuthUserAccountResultStub.account let authTokens = MSALNativeAuthUserAccountResultStub.authTokens @@ -121,13 +121,14 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { let expectedContext = MSALNativeAuthRequestContext(correlationId: defaultUUID) let authTokens = MSALNativeAuthUserAccountResultStub.authTokens + let userAccountResult = MSALNativeAuthUserAccountResultStub.result requestProviderMock.expectedTokenParams = MSALNativeAuthTokenRequestParameters(context: expectedContext, username: nil, continuationToken: nil, grantType: MSALNativeAuthGrantType.refreshToken, scope: "" , password: nil, oobCode: nil, includeChallengeType: true, refreshToken: "refreshToken") requestProviderMock.throwingRefreshTokenError = ErrorMock.error let helper = CredentialsTestValidatorHelper(expectation: expectation, expectedError: RetrieveAccessTokenError(type: .generalError, correlationId: defaultUUID)) - let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens) + let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens, userAccountResult: userAccountResult) helper.onAccessTokenRetrieveError(result) await fulfillment(of: [expectation], timeout: 1) @@ -138,6 +139,7 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { let expectation = expectation(description: "CredentialsController") let account = MSALNativeAuthUserAccountResultStub.account + let newAccount = MSALAccount(msidAccount: MSIDAccount(), createTenantProfile: false, accountClaims: ["claim1": "true"]) let authTokens = MSALNativeAuthUserAccountResultStub.authTokens let userAccountResult = MSALNativeAuthUserAccountResult(account: account, authTokens: authTokens, @@ -148,6 +150,7 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { requestProviderMock.mockRequestRefreshTokenFunc(MSALNativeAuthHTTPRequestMock.prepareMockRequest()) let expectedAccessToken = "accessToken" + let expectedIdToken = "newIdToken" let helper = CredentialsTestValidatorHelper(expectation: expectation, expectedResult: MSALNativeAuthTokenResult(authTokens: authTokens)) helper.expectedAccessToken = authTokens.accessToken.accessToken helper.expectedExpiresOn = authTokens.accessToken.expiresOn @@ -156,15 +159,18 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { factory.mockMakeUserAccountResult(userAccountResult) tokenResult.accessToken = MSIDAccessToken() tokenResult.accessToken.accessToken = expectedAccessToken + tokenResult.rawIdToken = expectedIdToken responseValidatorMock.tokenValidatedResponse = .success(tokenResponse) - cacheAccessorMock.mockUserAccounts = [account] + cacheAccessorMock.mockUserAccounts = [newAccount!] cacheAccessorMock.mockAuthTokens = authTokens cacheAccessorMock.expectedMSIDTokenResult = tokenResult - let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens) + let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens, userAccountResult: userAccountResult) helper.onAccessTokenRetrieveCompleted(result) await fulfillment(of: [expectation], timeout: 1) XCTAssertEqual(expectedAccessToken, authTokens.accessToken.accessToken) + XCTAssertEqual(userAccountResult.idToken, expectedIdToken) + XCTAssertEqual(userAccountResult.account, newAccount) } func test_whenErrorIsReturnedFromValidator_itIsCorrectlyTranslatedToDelegateError() async { @@ -183,6 +189,7 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { private func checkPublicErrorWithValidatorError(publicError: RetrieveAccessTokenError, validatorError: MSALNativeAuthTokenValidatedErrorType) async { let expectedContext = MSALNativeAuthRequestContext(correlationId: defaultUUID) let authTokens = MSALNativeAuthUserAccountResultStub.authTokens + let userAccountResult = MSALNativeAuthUserAccountResultStub.result let expectation = expectation(description: "CredentialsController") @@ -191,7 +198,7 @@ final class MSALNativeAuthCredentialsControllerTests: MSALNativeAuthTestCase { let helper = CredentialsTestValidatorHelper(expectation: expectation, expectedError: publicError) responseValidatorMock.tokenValidatedResponse = .error(validatorError) - let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens) + let result = await sut.refreshToken(context: expectedContext, authTokens: authTokens, userAccountResult: userAccountResult) helper.onAccessTokenRetrieveError(result) checkTelemetryEventResult(id: .telemetryApiIdRefreshToken, isSuccessful: false) diff --git a/MSAL/test/unit/native_auth/controllers/factories/MSALNativeAuthResultFactoryTests.swift b/MSAL/test/unit/native_auth/controllers/factories/MSALNativeAuthResultFactoryTests.swift index 1752c6d7eb..cf1e7fbbd0 100644 --- a/MSAL/test/unit/native_auth/controllers/factories/MSALNativeAuthResultFactoryTests.swift +++ b/MSAL/test/unit/native_auth/controllers/factories/MSALNativeAuthResultFactoryTests.swift @@ -53,40 +53,81 @@ final class MSALNativeAuthResultFactoryTests: XCTestCase { XCTAssertEqual(result.clientId, DEFAULT_TEST_CLIENT_ID) XCTAssertEqual(result.target, " ") } - - func test_makeUserAccount_returnExpectedResult() { - let accessTokenString = "accessToken" + + func test_makeAccount_withInvalidIdToken_shouldNotCreateClaims() { + let idToken = "invalidIdToken" + let username = "username" + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) + let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) + let account = sut.makeAccount(tokenResult: tokenResult!, context: context) + XCTAssertEqual(account.username, "username") + XCTAssertNil(account.accountClaims) + } + + func test_makeAccount_withValidIdToken_returnsExpectedResult() { let idToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJmODdmN2Q2NS1jZjY2LTQzNzAtYTllZi0yNGQzNzBlZDllNjQiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vZmU2MjYwOTYtZWQ5Ny00NTA0LTg4ZTMtNTVhMzNkMmVkNGQ2L3YyLjAiLCJpYXQiOjE2OTUwMzMzMDYsIm5iZiI6MTY5NTAzMzMwNiwiZXhwIjoxNjk1MDM3MjA2LCJhaW8iOiJBVFFBeS84VUFBQUFyeVNpU1Rsa0dHNTl0VHFmcWdHU1ZZRWY4RzRQbldDSnlUZ2hXdzdDU2MvRGZwMWxYRXI0T1JTWFBJbzdzaldnIiwibmFtZSI6InVua25vd24iLCJvaWQiOiIzYzIwZWM4Zi0xNzVkLTQxMjgtODZhMy01MDM5MDRhNDRiMTUiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJkdWFsdGFnaG1zZnQrc2lnbnVwMzFAb3V0bG9vay5jb20iLCJyaCI6IjAuQWM4QWxtQmlfcGZ0QkVXSTQxV2pQUzdVMW1WOWZfaG16M0JEcWU4azAzRHRubVRQQUJJLiIsInN1YiI6ImcwLTc0U3hHUnhSTjBqT19hXzY4bG9adGVsY1EwdTJFX3hyYmNBaGRtWjAiLCJ0aWQiOiJmZTYyNjA5Ni1lZDk3LTQ1MDQtODhlMy01NWEzM2QyZWQ0ZDYiLCJ1dGkiOiJGeWxCbk9nYkwwQy0zX0Z1Ym5VQUFBIiwidmVyIjoiMi4wIiwiZGF0ZU9mQmlydGgiOiIwMS8wMS8yMDAwIiwiY3VzdG9tUm9sZXMiOlsiV3JpdGVyIiwiRWRpdG9yIl0sImFwaVZlcnNpb24iOiIxLjAuMCIsImNvcnJlbGF0aW9uSWQiOiI4ZmM5M2FlYi01ZmMxLTQzOWQtYjM4OC1kYmY0YjM4ZGM3ODUifQ.rBu4Vw3ftWivyNXaDC7fB6HAB7TucGK1BUbSOt_ZW-ivsPLpHK7A4E0i8hu8Qs-zade6Fsp2deSaZNNLLNQCSDav7iMKZukNwQviWOG_Uvz31GVpkh1l26xTs3dlKS-6NjdwpkvccEg1VeIW-pyC_7RLAaCb1uzMoKFn7mA6meFCYBVnEZ3lRSw0_XtoKrcw5hJfvST4MOe7EJw2a2DH-fu1DDh-5FbCP4Y_nn6esre0I_Q0EwuF_4TYTESy_vqHwXZcTKZq34-5x4thRPGE1I_CBEJZkKXIWC6z788zEXSgnHvRfGEH52bRo_ZuPsftV1R1M9os0wPzgBOWwvMzOA" let username = "username" - let scopes = ["scope1", "scope2"] - let expiresOn = Date() - let accessToken = MSIDAccessToken() - accessToken.accessToken = accessTokenString - accessToken.accountIdentifier = MSIDAccountIdentifier(displayableId: username, homeAccountId: "") - accessToken.expiresOn = expiresOn - accessToken.scopes = NSOrderedSet(array: scopes) - let refreshToken = MSIDRefreshToken() - refreshToken.refreshToken = "refreshToken" - let msidAccount = MSIDAccount() - msidAccount.username = username - guard let tokenResult = MSIDTokenResult(accessToken: accessToken, refreshToken: refreshToken, idToken: idToken, account: msidAccount, authority: MSALNativeAuthNetworkStubs.msidAuthority, correlationId: UUID(), tokenResponse: nil) else { - XCTFail("Unexpected nil token") - return - } + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) + let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) + let account = sut.makeAccount(tokenResult: tokenResult!, context: context) + XCTAssertEqual(account.username, "username") + XCTAssertNotNil(account.accountClaims) + XCTAssertEqual(account.accountClaims?.count, 21) + } + + func test_makeAuthTokens_withNilRefreshToken_shouldNotCreateAuthTokens() { + let idToken = "correctIdToken" + let username = "username" + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) + tokenResult?.refreshToken = nil + let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) + let authTokens = sut.makeAuthTokens(tokenResult: tokenResult!, context: context) + XCTAssertNil(authTokens) + } + + func test_makeAuthTokens_withNonNilRefreshToken_shouldCreateAuthTokens() { + let idToken = "correctIdToken" + let username = "username" + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) - guard let accountResult = sut.makeUserAccountResult(tokenResult: tokenResult, context: context) else { + let authTokens = sut.makeAuthTokens(tokenResult: tokenResult!, context: context) + XCTAssertNotNil(authTokens) + XCTAssertEqual(authTokens?.accessToken.accessToken, "accessToken") + XCTAssertEqual(authTokens?.refreshToken?.refreshToken, "refreshToken") + XCTAssertEqual(authTokens?.rawIdToken, idToken) + } + + func test_makeUserAccount_withIncorrectIdToken_accountClaimsNotPresent() { + let idToken = "invalidIdToken" + let username = "username" + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) + let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) + guard let accountResult = sut.makeUserAccountResult(tokenResult: tokenResult!, context: context) else { XCTFail("Unexpected nil account") return } XCTAssertEqual(accountResult.account.username, username) XCTAssertEqual(accountResult.idToken, idToken) + XCTAssertNil(accountResult.account.accountClaims) + } + + func test_makeUserAccount_returnsExpectedResult() { + let idToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJmODdmN2Q2NS1jZjY2LTQzNzAtYTllZi0yNGQzNzBlZDllNjQiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vZmU2MjYwOTYtZWQ5Ny00NTA0LTg4ZTMtNTVhMzNkMmVkNGQ2L3YyLjAiLCJpYXQiOjE2OTUwMzMzMDYsIm5iZiI6MTY5NTAzMzMwNiwiZXhwIjoxNjk1MDM3MjA2LCJhaW8iOiJBVFFBeS84VUFBQUFyeVNpU1Rsa0dHNTl0VHFmcWdHU1ZZRWY4RzRQbldDSnlUZ2hXdzdDU2MvRGZwMWxYRXI0T1JTWFBJbzdzaldnIiwibmFtZSI6InVua25vd24iLCJvaWQiOiIzYzIwZWM4Zi0xNzVkLTQxMjgtODZhMy01MDM5MDRhNDRiMTUiLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJkdWFsdGFnaG1zZnQrc2lnbnVwMzFAb3V0bG9vay5jb20iLCJyaCI6IjAuQWM4QWxtQmlfcGZ0QkVXSTQxV2pQUzdVMW1WOWZfaG16M0JEcWU4azAzRHRubVRQQUJJLiIsInN1YiI6ImcwLTc0U3hHUnhSTjBqT19hXzY4bG9adGVsY1EwdTJFX3hyYmNBaGRtWjAiLCJ0aWQiOiJmZTYyNjA5Ni1lZDk3LTQ1MDQtODhlMy01NWEzM2QyZWQ0ZDYiLCJ1dGkiOiJGeWxCbk9nYkwwQy0zX0Z1Ym5VQUFBIiwidmVyIjoiMi4wIiwiZGF0ZU9mQmlydGgiOiIwMS8wMS8yMDAwIiwiY3VzdG9tUm9sZXMiOlsiV3JpdGVyIiwiRWRpdG9yIl0sImFwaVZlcnNpb24iOiIxLjAuMCIsImNvcnJlbGF0aW9uSWQiOiI4ZmM5M2FlYi01ZmMxLTQzOWQtYjM4OC1kYmY0YjM4ZGM3ODUifQ.rBu4Vw3ftWivyNXaDC7fB6HAB7TucGK1BUbSOt_ZW-ivsPLpHK7A4E0i8hu8Qs-zade6Fsp2deSaZNNLLNQCSDav7iMKZukNwQviWOG_Uvz31GVpkh1l26xTs3dlKS-6NjdwpkvccEg1VeIW-pyC_7RLAaCb1uzMoKFn7mA6meFCYBVnEZ3lRSw0_XtoKrcw5hJfvST4MOe7EJw2a2DH-fu1DDh-5FbCP4Y_nn6esre0I_Q0EwuF_4TYTESy_vqHwXZcTKZq34-5x4thRPGE1I_CBEJZkKXIWC6z788zEXSgnHvRfGEH52bRo_ZuPsftV1R1M9os0wPzgBOWwvMzOA" + let username = "username" + let tokenResult = getMSIDTokenResultFromData(idToken: idToken, username: username) + let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) + guard let accountResult = sut.makeUserAccountResult(tokenResult: tokenResult!, context: context) else { + XCTFail("Unexpected nil user account result") + return + } + XCTAssertEqual(accountResult.account.username, "username") + XCTAssertEqual(accountResult.idToken, idToken) XCTAssertNotNil(accountResult.account.accountClaims) XCTAssertEqual(accountResult.account.accountClaims?.count, 21) } - func test_makeUserAccount_withIncorrectIdToken_accountClaimsNotPresent() { + func getMSIDTokenResultFromData(idToken: String, username: String) -> MSIDTokenResult? { let accessTokenString = "accessToken" - let idToken = "idToken" let username = "username" let scopes = ["scope1", "scope2"] let expiresOn = Date() @@ -101,15 +142,8 @@ final class MSALNativeAuthResultFactoryTests: XCTestCase { msidAccount.username = username guard let tokenResult = MSIDTokenResult(accessToken: accessToken, refreshToken: refreshToken, idToken: idToken, account: msidAccount, authority: MSALNativeAuthNetworkStubs.msidAuthority, correlationId: UUID(), tokenResponse: nil) else { XCTFail("Unexpected nil token") - return + return nil } - let context = MSALNativeAuthRequestContext(correlationId: .init(uuidString: DEFAULT_TEST_UID)!) - guard let accountResult = sut.makeUserAccountResult(tokenResult: tokenResult, context: context) else { - XCTFail("Unexpected nil account") - return - } - XCTAssertEqual(accountResult.account.username, username) - XCTAssertEqual(accountResult.idToken, idToken) - XCTAssertNil(accountResult.account.accountClaims) + return tokenResult } } diff --git a/MSAL/test/unit/native_auth/mock/MSALNativeAuthCredentialsControllerMock.swift b/MSAL/test/unit/native_auth/mock/MSALNativeAuthCredentialsControllerMock.swift index 0bcf5c47d3..5017e01ad4 100644 --- a/MSAL/test/unit/native_auth/mock/MSALNativeAuthCredentialsControllerMock.swift +++ b/MSAL/test/unit/native_auth/mock/MSALNativeAuthCredentialsControllerMock.swift @@ -31,7 +31,9 @@ class MSALNativeAuthCredentialsControllerMock: MSALNativeAuthCredentialsControll var refreshTokenResult: RefreshTokenCredentialControllerResponse! var accountResult: MSALNativeAuthUserAccountResult? - func refreshToken(context: MSAL.MSALNativeAuthRequestContext, authTokens: MSAL.MSALNativeAuthTokens) async -> RefreshTokenCredentialControllerResponse { + func refreshToken(context: MSALNativeAuthRequestContext, + authTokens: MSALNativeAuthTokens, + userAccountResult: MSALNativeAuthUserAccountResult) async -> RefreshTokenCredentialControllerResponse { return refreshTokenResult } diff --git a/MSAL/test/unit/native_auth/mock/MSALNativeAuthFactoriesMocks.swift b/MSAL/test/unit/native_auth/mock/MSALNativeAuthFactoriesMocks.swift index a1acb93231..17ae90336b 100644 --- a/MSAL/test/unit/native_auth/mock/MSALNativeAuthFactoriesMocks.swift +++ b/MSAL/test/unit/native_auth/mock/MSALNativeAuthFactoriesMocks.swift @@ -31,8 +31,30 @@ class MSALNativeAuthResultFactoryMock: MSALNativeAuthResultBuildable { var config: MSAL.MSALNativeAuthConfiguration = MSALNativeAuthConfigStubs.configuration private(set) var makeMsidConfigurationResult: MSIDConfiguration? + private(set) var makeAccount: MSALAccount? + private(set) var makeNativeAuthTokens: MSALNativeAuthTokens? private(set) var makeNativeAuthUserAccountResult: MSALNativeAuthUserAccountResult? + func mockMakeAccount(_ account: MSALAccount) { + self.makeAccount = account + } + + func makeAccount(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSALAccount { + return makeAccount ?? MSALAccount.init(msidAccount: tokenResult.account, createTenantProfile: false) + } + + func mockMakeNativeAuthTokens(_ authTokens: MSALNativeAuthTokens) { + self.makeNativeAuthTokens = authTokens + } + + func makeAuthTokens(tokenResult: MSIDTokenResult, context: MSIDRequestContext) -> MSAL.MSALNativeAuthTokens? { + return makeNativeAuthTokens ?? MSALNativeAuthTokens( + accessToken: tokenResult.accessToken, + refreshToken: tokenResult.refreshToken as? MSIDRefreshToken, + rawIdToken: tokenResult.rawIdToken + ) + } + func mockMakeUserAccountResult(_ result: MSALNativeAuthUserAccountResult) { self.makeNativeAuthUserAccountResult = result } diff --git a/README.md b/README.md index dfe2a14597..b5a04e47d6 100644 --- a/README.md +++ b/README.md @@ -176,6 +176,11 @@ After installation, please follow the official [MSAL iOS and macOS documentation For more information on common usage patterns, error handling and debugging, logging, telemetry, and other library functionalities, please refere to the official [MSAL iOS and macOS documentation](https://learn.microsoft.com/en-us/entra/msal/objc/). +## Supported Versions + +**iOS** - MSAL supports iOS 14 and above. + +**macOS** - MSAL supports macOS (OSX) 10.13 and above. ## Community help and support diff --git a/azure_pipelines/automation.yml b/azure_pipelines/automation.yml index 75fe46a7ca..24ce7e7d5e 100644 --- a/azure_pipelines/automation.yml +++ b/azure_pipelines/automation.yml @@ -48,7 +48,7 @@ jobs: displayName: 'Select Xcode version' inputs: targetType: 'inline' - script: '/bin/bash -c "sudo xcode-select -s /Applications/Xcode_14.3.app"' + script: '/bin/bash -c "sudo xcode-select -s /Applications/Xcode_15.0.1.app"' - task: Bash@3 displayName: Go to project folder @@ -78,7 +78,7 @@ jobs: -workspace MSAL.xcworkspace \ -scheme "MSAL Test Automation (iOS)" \ -sdk iphonesimulator \ - -destination 'platform=iOS Simulator,name=iPhone 14,OS=16.4' \ + -destination 'platform=iOS Simulator,name=iPhone 15,OS=17.2' \ -derivedDataPath 'build' \ | tee xcodebuild.log \ | xcpretty -c @@ -90,8 +90,8 @@ jobs: script: | ls build/Build/Products/ xcodebuild test-without-building \ - -xctestrun 'build/Build/Products/MSAL Test Automation (iOS)_iphonesimulator16.4-x86_64.xctestrun' \ - -destination 'platform=iOS Simulator,name=iPhone 14,OS=16.4' \ + -xctestrun 'build/Build/Products/MSAL Test Automation (iOS)_iphonesimulator17.0-x86_64.xctestrun' \ + -destination 'platform=iOS Simulator,name=iPhone 15,OS=17.2' \ -retry-tests-on-failure \ -parallel-testing-enabled NO \ -resultBundlePath '$(Agent.BuildDirectory)/s/test_output/report.xcresult' diff --git a/azure_pipelines/msal-release-ado-trigger.yml b/azure_pipelines/msal-release-ado-trigger.yml index c8cebf7d88..dedd032297 100644 --- a/azure_pipelines/msal-release-ado-trigger.yml +++ b/azure_pipelines/msal-release-ado-trigger.yml @@ -6,4 +6,14 @@ trigger: include: - CHANGELOG.md -pr: none \ No newline at end of file +pr: none + +jobs: +- job: + displayName: "Trigger MSAL Release - OneBranch Pipeline" + steps: + - bash: | + az pipelines run --project $(ADOPROJECT) --id $(MSAL_ADO_RELEASE_PIPELINE_ID) --branch 'main' --organization $(ADOORGANIZATION) + displayName: 'Trigger MSAL Release - OneBranch Pipeline' + env: + AZURE_DEVOPS_EXT_PAT: $(System.AccessToken) \ No newline at end of file diff --git a/azure_pipelines/spm-framework.yml b/azure_pipelines/spm-framework.yml deleted file mode 100644 index cd1154a4f0..0000000000 --- a/azure_pipelines/spm-framework.yml +++ /dev/null @@ -1,417 +0,0 @@ -variables: - - name: 'releaseVersion' - value: null - - name: 'commonCoreReleaseVersion' - value: null - - name: 'frameworkChecksum' - value: null - - name: 'repositoryName' # Name of the repository - value: 'AzureAD/microsoft-authentication-library-for-objc' - - name: 'repositoryBranch' # Name of the branch where version number will be updated for files that contain version number. - value: 'main' - - name: 'GithubServiceConnection' # Service connection name used to connect Github repository - value: 'MSAL ObjC Service Connection' - - name: 'docsRepositoryBranch' # Name of the branch where public reference docs will be pushed for github page - value: 'gh-pages' - -trigger: - branches: - include: - - main - paths: - include: - - CHANGELOG.md - -pr: none - -resources: - repositories: - - repository: msalRepository - type: github - endpoint: 'GitHub for AzureAD and Azure-Samples (as aadidgit service)' - name: $(repositoryName) - ref: $(repositoryBranch) - -jobs: -- job: BuildXcFrameworks - displayName: Build MSAL framework and release - pool: - vmImage: 'macOS-13' - timeOutInMinutes: 20 - - steps: - - checkout: msalRepository - clean: true - submodules: true - fetchDepth: 1 - persistCredentials: false - - task: Xcode@5 - displayName: Build archive for iOS Simulator - inputs: - actions: 'archive' - sdk: 'iphonesimulator' - xcWorkspacePath: 'MSAL.xcworkspace' - scheme: 'MSAL (iOS Framework)' - packageApp: false - args: 'SKIP_INSTALL=NO BUILD_LIBRARY_FOR_DISTRIBUTION=YES -archivePath $(Build.binariesDirectory)/iOS-Sim' - exportPath: $(Build.binariesDirectory)/iOS-Sim - - task: Xcode@5 - displayName: Build archive for iOS device - inputs: - actions: 'archive' - sdk: 'iphoneos' - xcWorkspacePath: 'MSAL.xcworkspace' - scheme: 'MSAL (iOS Framework)' - packageApp: false - destinationTypeOption: 'devices' - args: 'SKIP_INSTALL=NO BUILD_LIBRARY_FOR_DISTRIBUTION=YES -archivePath $(Build.binariesDirectory)/iOS' - exportPath: $(Build.binariesDirectory)/iOS - - task: Xcode@5 - displayName: Build archive for macOS - inputs: - actions: 'archive' - sdk: 'macosx' - xcWorkspacePath: 'MSAL.xcworkspace' - scheme: 'MSAL (Mac Framework)' - packageApp: false - args: 'SKIP_INSTALL=NO BUILD_LIBRARY_FOR_DISTRIBUTION=YES -archivePath $(Build.binariesDirectory)/macOS' - exportPath: $(Build.binariesDirectory)/macOS - - task: Bash@3 - displayName: Build xcframework from archives - inputs: - workingDirectory: $(Build.binariesDirectory) - targetType: 'inline' - script: | - # Building xcframework - cd $(Build.BinariesDirectory) - - echo "Build Dir = $(pwd)" - - xcodebuild -create-xcframework \ - -framework $(Build.binariesDirectory)/iOS.xcarchive/Products/Library/Frameworks/MSAL.framework \ - -framework $(Build.binariesDirectory)/iOS-Sim.xcarchive/Products/Library/Frameworks/MSAL.framework \ - -framework $(Build.binariesDirectory)/macOS.xcarchive/Products/Library/Frameworks/MSAL.framework \ - -output $(Build.ArtifactStagingDirectory)/MSAL.xcframework - failOnStderr: true - - task: Bash@3 - displayName: Zip xcframework for codesigning - inputs: - workingDirectory: $(Build.ArtifactStagingDirectory) - targetType: 'inline' - script: | - # Zipping xcframework. -y : including symlinks (Need to preserve symlinks in xcframework so that codesign validation doesn't fail) -v : verbose logging - zip -r $(Build.ArtifactStagingDirectory)/MSAL.zip MSAL.xcframework -y -v - failOnStderr: true - - task: UseDotNet@2 - inputs: - packageType: 'runtime' - version: '6.0.0' - installationPath: '/Users/runner/.dotnet' - - task: EsrpCodeSigning@2 - inputs: - ConnectedServiceName: 'MSAL ESRP CodeSign Service Connection' - FolderPath: '$(Build.ArtifactStagingDirectory)' - Pattern: 'MSAL.zip' - signConfigType: 'inlineSignParams' - SessionTimeout: '60' - MaxConcurrency: '50' - MaxRetryAttempts: '5' - UseMinimatch: false - inlineOperation: | - [ - { - "keyCode": "CP-233039-Apple", - "operationCode": "iOSSdkSign", - "parameters": {}, - "toolName": "sign", - "toolVersion": "1.0" - } - ] - - task: Bash@3 - displayName: Zip and unzip # Task to unzip signed contents and repackage it into MSAL.xcframework - inputs: - targetType: 'inline' - script: | - # Codesigning service explodes xcframework in output zip. Need to re-package contents into xcframework - # Extract code signature and add it into built xcframework - unzip MSAL.zip _CodeSignature\* -d MSAL.xcframework - # Delete zip file - rm MSAL.zip - # Delete md file created by codesigning service - rm *.md - # Zip xcframework into zip file with symlinks preserved and delete xcframework - zip -r MSAL.zip MSAL.xcframework -y -m - workingDirectory: '$(Build.ArtifactStagingDirectory)' - failOnStderr: true - - task: Bash@3 - displayName: Calculate checksum | extract release version from changelog - inputs: - targetType: 'inline' - script: | - chksm=$(shasum -a 256 $(Build.ArtifactStagingDirectory)/MSAL.zip | cut -d ' ' -f 1) - echo "##vso[task.setvariable variable=frameworkChecksum]${chksm}" - - #Regex for semver versioning - ver=$(egrep -om1 '\[((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)\]' CHANGELOG.md | sed -E -e "s/\[|\]//g") - echo "##vso[task.setvariable variable=releaseVersion]${ver}" - workingDirectory: '$(Build.SourcesDirectory)' - failOnStderr: true - noProfile: false - noRc: false - - - task: Shellpp@0 - displayName: Generating release archive zips - inputs: - type: 'FilePath' - scriptPath: 'ReleaseArchive.sh' - args: '$(releaseVersion) $(Build.ArtifactStagingDirectory)' - - - task: AzureArtifacts.manifest-generator-task.manifest-generator-task.ManifestGeneratorTask@0 - displayName: 'Generate SBOM file' - inputs: - BuildDropPath: '$(Build.ArtifactStagingDirectory)' - - - task: PublishPipelineArtifact@1 - inputs: - targetPath: $(Build.ArtifactStagingDirectory) - artifactName: Artifact - - - task: Bash@3 - displayName: Common Core - extract release version from changelog | Build release notes - inputs: - targetType: 'inline' - script: | - #Regex for semver versioning - cc_ver=$(egrep -om1 '((0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?)' MSAL/IdentityCore/changelog.txt) - echo "##vso[task.setvariable variable=commonCoreReleaseVersion]${cc_ver}" - - chlg="## Release Notes"$'\n' - if [ ! -e "MSAL/IdentityCore/changelog.txt" ]; then - echo "CHANGELOG NOT FOUND!" - else - fl=0 - while read p; do - if [[ "$p" =~ 'Version' ]]; then - fl=$((fl + 1)) - if [ $fl -gt 1 ] - then - break - fi - fi - - if [[ ($fl -eq 1) && !("$p" =~ ^\*\s+) ]]; then - chlg="$chlg"$'\n'"$p" - fi - done < "MSAL/IdentityCore/changelog.txt" - fi - echo "chlg = ${chlg}" - echo "${chlg}" > cc-release-notes.md - - workingDirectory: '$(Build.SourcesDirectory)' - failOnStderr: true - noProfile: false - noRc: false - - task: GitHubRelease@1 - displayName: Generate Common Core Github Release - inputs: - gitHubConnection: '$(GithubServiceConnection)' - repositoryName: 'AzureAD/microsoft-authentication-library-common-for-objc' - action: 'create' - target: 'main' - tagSource: 'userSpecifiedTag' - tag: '$(commonCoreReleaseVersion)' - title: '$(commonCoreReleaseVersion)' - releaseNotesFilePath: 'cc-release-notes.md' - changeLogCompareToRelease: 'lastFullRelease' - changeLogType: 'issueBased' - assets: | - *.abcd - - task: InstallSSHKey@0 - displayName: Install SSH Key for MSAL Github Repo - inputs: - knownHostsEntry: '$(sshKnownHosts)' - sshPublicKey: '$(sshPublicKey)' - sshKeySecureFile: 'msal_objc_private_key' - addEntryToConfig: true - configHostAlias: 'ADO Release Pipeline Public Key' - configHostname: 'github.com' - - task: Bash@3 - displayName: Update package.swift with url & checksum & git push - inputs: - targetType: 'inline' - script: | - rm -rf cc-release-notes.md - ssh-keyscan github.com | tee -a ~/.ssh/known_hosts - git remote set-url origin git@github.com:$(repositoryName).git - - authorName=$(git log -1 --pretty=format:'%an') - authorEmail=$(git log -1 --pretty=format:'%ae') - git config --global user.email "${authorEmail}" - git config --global user.name "${authorName}" - - git fetch origin $(repositoryBranch) -q - git checkout FETCH_HEAD -q - git checkout -b update-package-for-$(releaseVersion) -q - - if [ ! -e Package.swift ]; then - echo -e "// swift-tools-version:5.3\n" >> Package.swift - cat >> Package.swift << EOF - import PackageDescription - - let package = Package( - name: "MSAL", - platforms: [ - .macOS(.v10_12),.iOS(.v11) - ], - products: [ - .library( - name: "MSAL", - targets: ["MSAL"]), - ], - targets: [ - .binaryTarget(name: "MSAL", url: "https://github.com/$(repositoryName)/releases/download/releaseTag1.2.3/MSAL.zip", checksum: "abcdefabcdef1234567890abcdef1234567890abcdef1234567890abcdef1234") - ] - ) - EOF - fi - perl -i -pe's/checksum:\s+\"[\da-fA-F]{64}\"/checksum: \"$(frameworkChecksum)\"/' Package.swift - perl -i -pe's/releases\/download\/[0-9a-zA-Z\.].+\//releases\/download\/$(releaseVersion)\//' Package.swift - perl -i -pe's/s\.version\s+=\s+".*"/s.version = \"$(releaseVersion)\"/' MSAL.podspec - plutil -replace CFBundleShortVersionString -string $(releaseVersion) MSAL/resources/ios/Info.plist - plutil -replace CFBundleShortVersionString -string $(releaseVersion) MSAL/resources/mac/Info.plist - majorVer=$(echo $(releaseVersion) | cut -d"." -f1) - minorVer=$(echo $(releaseVersion) | cut -d"." -f2) - patchVer=$(echo $(releaseVersion) | cut -d"." -f3) - - perl -i -pe"s/MSAL_VER_HIGH\s+.*$/MSAL_VER_HIGH $majorVer/" MSAL/src/MSAL_Internal.h - perl -i -pe"s/MSAL_VER_LOW\s+.*$/MSAL_VER_LOW $minorVer/" MSAL/src/MSAL_Internal.h - perl -i -pe"s/MSAL_VER_PATCH\s+.*$/MSAL_VER_PATCH $patchVer/" MSAL/src/MSAL_Internal.h - - git add Package.swift - git add MSAL.podspec - git add MSAL/resources/ios/Info.plist - git add MSAL/resources/mac/Info.plist - git add MSAL/src/MSAL_Internal.h - - author=$(git log -1 --pretty=format:'%an <%ae>') - git commit -a -m "Updating MSAL framework checksum & url for $(releaseVersion) [skip ci]" -q --author="${author}" - - git checkout $(repositoryBranch) -q - git merge update-package-for-$(releaseVersion) -q - git push origin $(repositoryBranch) -q - git branch -d update-package-for-$(releaseVersion) -q - workingDirectory: '$(Build.SourcesDirectory)' - failOnStderr: false - noProfile: false - noRc: false - - task: Bash@3 - displayName: Build release notes - inputs: - targetType: 'inline' - script: | - chlg="## Release Notes"$'\n' - if [ ! -e CHANGELOG.md ]; then - echo "CHANGELOG NOT FOUND!" - else - fl=0 - while read p; do - if [[ $p =~ ^\#\#.*$ ]]; then - fl=$((fl + 1)) - if [ $fl -gt 1 ] - then - break - fi - fi - - if [[ ($fl -eq 1) && !($p =~ ^\#\#) ]]; then - chlg="$chlg"$'\n'"$p" - fi - done release-notes.md - - workingDirectory: '$(Build.SourcesDirectory)' - failOnStderr: true - noProfile: false - noRc: false - - task: GitHubRelease@1 - displayName: Generate MSAL Github Release - inputs: - gitHubConnection: '$(GithubServiceConnection)' - repositoryName: '$(repositoryName)' - action: 'create' - target: '$(repositoryBranch)' - tagSource: 'userSpecifiedTag' - tag: '$(releaseVersion)' - title: '$(releaseVersion)' - releaseNotesFilePath: 'release-notes.md' - assets: | - $(Build.ArtifactStagingDirectory)/*.zip - $(Build.ArtifactStagingDirectory)/*.tar.gz - changeLogCompareToRelease: 'lastFullRelease' - changeLogType: 'issueBased' - - task: Bash@3 - displayName: Push pod to Cocoapods - inputs: - targetType: 'inline' - script: | - # Release to CocoaPods - # Do not use "--use-libraries" option because native auth code doesn't support static library yet - pod trunk push --allow-warnings MSAL.podspec - #pod trunk me - workingDirectory: '$(Build.SourcesDirectory)' - env: - COCOAPODS_TRUNK_TOKEN: $(COCOAPODS_TRUNK_TOKEN) - - task: Bash@3 - displayName: Install Sourcekitten - inputs: - targetType: 'inline' - script: | - brew install sourcekitten - - task: Bash@3 - displayName: Build MSAL docs via Jazzy - inputs: - filePath: 'build_docs.sh' - - task: Bash@3 - displayName: Push docs to github page for repository - inputs: - targetType: 'inline' - script: | - # NOTE : This should be the last step since it changes branch from main to $(docsRepositoryBranch) - if [ ! -d "docs.temp" ]; then - echo "Docs were not generated in previous step!" - else - authorName=$(git log -1 --pretty=format:'%an') - authorEmail=$(git log -1 --pretty=format:'%ae') - git config --global user.email "${authorEmail}" - git config --global user.name "${authorName}" - - author=$(git log -1 --pretty=format:'%an <%ae>') - # Create a temp branch to cherry pick doc changes - git checkout -b 'update-docs-for-release-$(releaseVersion)' - git add docs.temp/docs/* - git commit -m 'adding docs for release' --author="${author}" --status - - # Cleanup - rm -rf docs.temp - git fetch origin $(docsRepositoryBranch) - git checkout FETCH_HEAD - git checkout $(docsRepositoryBranch) - git clean -fd - - # Get previously commited changes for docs - git cherry-pick --strategy-option theirs "update-docs-for-release-$(releaseVersion)" - - # Copy files in docs.temp folder to root - \cp -r docs.temp/docs/* . - - # Push changes to docsRepositoryBranch branch - git add -A - git commit -m 'Update docs for release $(releaseVersion)' --status --author="${author}" - git push origin $(docsRepositoryBranch) - fi - workingDirectory: '$(Build.SourcesDirectory)' - failOnStderr: false - noProfile: false - noRc: false From cd08b63f48862a04f70b933646e53edb4258a94b Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Fri, 17 May 2024 16:09:11 -0700 Subject: [PATCH 06/19] modified: MSAL/IdentityCore --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index a5e4771a18..85050f618e 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit a5e4771a18aadfde77e8d19772dfc243001712a8 +Subproject commit 85050f618ed287723dd8887a2e70b0cac0b8a50f From d2f81ded070ac6452b2a6acb5bc45eb566427fe7 Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Sat, 18 May 2024 00:51:25 +0000 Subject: [PATCH 07/19] Updating MSAL framework checksum & url for 1.3.3 [skip ci] --- Package.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Package.swift b/Package.swift index 211d29136a..baf593e715 100644 --- a/Package.swift +++ b/Package.swift @@ -13,6 +13,6 @@ let package = Package( targets: ["MSAL"]), ], targets: [ - .binaryTarget(name: "MSAL", url: "https://github.com/AzureAD/microsoft-authentication-library-for-objc/releases/download/1.3.2/MSAL.zip", checksum: "06ce6a727e6707673815452956861d2846bcff0e40afdcca3cebdb22e371028e") + .binaryTarget(name: "MSAL", url: "https://github.com/AzureAD/microsoft-authentication-library-for-objc/releases/download/1.3.3/MSAL.zip", checksum: "4c4a52ed5bbc20875efed36707216ce0ca6b2b8846f2b88c16fc44f634093f2d") ] ) From f27b8833dcb31a8161d79161015a444a431aa415 Mon Sep 17 00:00:00 2001 From: Sergei Demchenko Date: Mon, 10 Jun 2024 15:33:14 -0700 Subject: [PATCH 08/19] Add platform sequence param. (#2192) * Add platform sequence param. * Update core. * Update core. * Update changelog. --- CHANGELOG.md | 3 +++ MSAL/IdentityCore | 2 +- MSAL/src/MSALPublicClientApplication.m | 13 ++++++++++++- 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 394b419d20..64806ae66b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,6 @@ +TBD: +* Add platform sequence param. #2192 + ## [1.3.3] * Update common core submodule. * Automation improvements. diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 53a837a14d..c686a03102 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 53a837a14d6bf3c59b1f2f4928e221cb69ef94cb +Subproject commit c686a03102d0b02725279c0012c25cb81cd958bc diff --git a/MSAL/src/MSALPublicClientApplication.m b/MSAL/src/MSALPublicClientApplication.m index 7d5cd26b0c..7491b7eb77 100644 --- a/MSAL/src/MSALPublicClientApplication.m +++ b/MSAL/src/MSALPublicClientApplication.m @@ -111,6 +111,7 @@ #import "MSIDAssymetricKeyLookupAttributes.h" #import "MSIDRequestTelemetryConstants.h" #import "MSALWipeCacheForAllAccountsConfig.h" +#import "NSString+MSIDTelemetryExtensions.h" @interface MSALPublicClientApplication() { @@ -863,6 +864,10 @@ - (void)acquireTokenSilentWithParameters:(MSALSilentTokenParameters *)parameters NSMutableDictionary *extraURLQueryParameters = [self.internalConfig.extraQueryParameters.extraURLQueryParameters mutableCopy]; [extraURLQueryParameters addEntriesFromDictionary:parameters.extraQueryParameters]; msidParams.extraURLQueryParameters = extraURLQueryParameters; + + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] + version:[MSIDVersion sdkVersion] + toSequence:nil]; msidParams.tokenExpirationBuffer = self.internalConfig.tokenExpirationBuffer; msidParams.claimsRequest = parameters.claimsRequest.msidClaimsRequest; @@ -1201,6 +1206,10 @@ - (void)acquireTokenWithParameters:(MSALInteractiveTokenParameters *)parameters [extraURLQueryParameters addEntriesFromDictionary:parameters.extraQueryParameters]; msidParams.extraURLQueryParameters = extraURLQueryParameters; + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] + version:[MSIDVersion sdkVersion] + toSequence:nil]; + msidParams.tokenExpirationBuffer = self.internalConfig.tokenExpirationBuffer; msidParams.extendedLifetimeEnabled = self.internalConfig.extendedLifetimeEnabled; msidParams.clientCapabilities = self.internalConfig.clientApplicationCapabilities; @@ -1454,7 +1463,9 @@ - (void)signoutWithAccount:(nonnull MSALAccount *)account msidParams.validateAuthority = [self shouldValidateAuthorityForRequestAuthority:requestAuthority]; msidParams.keychainAccessGroup = self.internalConfig.cacheConfig.keychainSharingGroup; msidParams.providedAuthority = requestAuthority; - + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] + version:[MSIDVersion sdkVersion] + toSequence:nil]; NSError *localError; BOOL localRemovalResult = [self removeAccountImpl:account wipeAccount:signoutParameters.wipeAccount error:&localError]; From f5592e78f3c0a448cb7fb3e09ffa756b3313bc61 Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Mon, 10 Jun 2024 21:45:43 -0700 Subject: [PATCH 09/19] Update changelog, version number and submodule for release 1.3.4 --- CHANGELOG.md | 2 +- MSAL.podspec | 2 +- MSAL/IdentityCore | 2 +- MSAL/resources/ios/Info.plist | 2 +- MSAL/resources/mac/Info.plist | 2 +- MSAL/src/MSAL_Internal.h | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 64806ae66b..a69b2f71bb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,4 @@ -TBD: +## [1.3.4]: * Add platform sequence param. #2192 ## [1.3.3] diff --git a/MSAL.podspec b/MSAL.podspec index fda3d2344d..1f74287008 100644 --- a/MSAL.podspec +++ b/MSAL.podspec @@ -1,6 +1,6 @@ Pod::Spec.new do |s| s.name = "MSAL" - s.version = "1.3.3" + s.version = "1.3.4" s.summary = "Microsoft Authentication Library (MSAL) for iOS" s.description = <<-DESC The MSAL library for iOS gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Microsoft Azure B2C for those using our hosted identity management service. diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index c686a03102..c4017fd6b1 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit c686a03102d0b02725279c0012c25cb81cd958bc +Subproject commit c4017fd6b1b4b9669b4093afe5ecccfe08222cf6 diff --git a/MSAL/resources/ios/Info.plist b/MSAL/resources/ios/Info.plist index a6867d0c5a..e4a695b0de 100644 --- a/MSAL/resources/ios/Info.plist +++ b/MSAL/resources/ios/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.3 + 1.3.4 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSPrincipalClass diff --git a/MSAL/resources/mac/Info.plist b/MSAL/resources/mac/Info.plist index f0f56c5e0d..14432ca933 100644 --- a/MSAL/resources/mac/Info.plist +++ b/MSAL/resources/mac/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.3 + 1.3.4 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSHumanReadableCopyright diff --git a/MSAL/src/MSAL_Internal.h b/MSAL/src/MSAL_Internal.h index 5c2086c0ef..d0d4012646 100644 --- a/MSAL/src/MSAL_Internal.h +++ b/MSAL/src/MSAL_Internal.h @@ -27,7 +27,7 @@ #define MSAL_VER_HIGH 1 #define MSAL_VER_LOW 3 -#define MSAL_VER_PATCH 3 +#define MSAL_VER_PATCH 4 #define STR_HELPER(x) #x #define STR(x) STR_HELPER(x) From a21c23ef4f15b81650c881f4c9edc17ebf9ccdcc Mon Sep 17 00:00:00 2001 From: Danilo Raspa <105228698+nilo-ms@users.noreply.github.com> Date: Tue, 11 Jun 2024 08:56:50 +0100 Subject: [PATCH 10/19] share ownership of CHANGELOG file (#2194) --- CODEOWNERS | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index bde0b19eae..4f7f5dd7d9 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -2,8 +2,9 @@ # Unless a later match takes precedence, these users will be requested # for review whenever someone opens a pull request. * @AzureAD/AppleIdentityTeam -# @AzureAD/AppleIdentityTeam and @AzureAD/MSAL-ObjC-CIAM will be the co-owners of the MSAL.project file +# @AzureAD/AppleIdentityTeam and @AzureAD/MSAL-ObjC-CIAM will be the co-owners of MSAL.project and CHANGELOG.md files /MSAL/MSAL.xcodeproj/project.pbxproj @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM +CHANGELOG.md @AzureAD/AppleIdentityTeam @AzureAD/MSAL-ObjC-CIAM # @AzureAD/MSAL-ObjC-CIAM owns any files in the */native_auth # directories, subdirectories and the module.modulemap file. /MSAL/module.modulemap @AzureAD/MSAL-ObjC-CIAM From 00fec9a23e217b6b976b7ac2cc0134ad2f901d2d Mon Sep 17 00:00:00 2001 From: Danilo Raspa Date: Tue, 11 Jun 2024 09:53:24 +0100 Subject: [PATCH 11/19] Update changelog, version number and submodule for release 1.3.4 --- CHANGELOG.md | 3 ++- MSAL.podspec | 2 +- MSAL/resources/ios/Info.plist | 2 +- MSAL/resources/mac/Info.plist | 2 +- MSAL/src/MSAL_Internal.h | 4 ++-- 5 files changed, 7 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a69b2f71bb..0783fb7db0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ -## [1.3.4]: +## [1.4.0]: * Add platform sequence param. #2192 +* Native auth can now store multiple access tokens related to different resources. ## [1.3.3] * Update common core submodule. diff --git a/MSAL.podspec b/MSAL.podspec index 1f74287008..b54f11330d 100644 --- a/MSAL.podspec +++ b/MSAL.podspec @@ -1,6 +1,6 @@ Pod::Spec.new do |s| s.name = "MSAL" - s.version = "1.3.4" + s.version = "1.4.0" s.summary = "Microsoft Authentication Library (MSAL) for iOS" s.description = <<-DESC The MSAL library for iOS gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect. The library also supports Microsoft Azure B2C for those using our hosted identity management service. diff --git a/MSAL/resources/ios/Info.plist b/MSAL/resources/ios/Info.plist index e4a695b0de..5385f16065 100644 --- a/MSAL/resources/ios/Info.plist +++ b/MSAL/resources/ios/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.4 + 1.4.0 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSPrincipalClass diff --git a/MSAL/resources/mac/Info.plist b/MSAL/resources/mac/Info.plist index 14432ca933..a699236b7e 100644 --- a/MSAL/resources/mac/Info.plist +++ b/MSAL/resources/mac/Info.plist @@ -15,7 +15,7 @@ CFBundlePackageType FMWK CFBundleShortVersionString - 1.3.4 + 1.4.0 CFBundleVersion $(CURRENT_PROJECT_VERSION) NSHumanReadableCopyright diff --git a/MSAL/src/MSAL_Internal.h b/MSAL/src/MSAL_Internal.h index d0d4012646..4811846e0b 100644 --- a/MSAL/src/MSAL_Internal.h +++ b/MSAL/src/MSAL_Internal.h @@ -26,8 +26,8 @@ //------------------------------------------------------------------------------ #define MSAL_VER_HIGH 1 -#define MSAL_VER_LOW 3 -#define MSAL_VER_PATCH 4 +#define MSAL_VER_LOW 4 +#define MSAL_VER_PATCH 0 #define STR_HELPER(x) #x #define STR(x) STR_HELPER(x) From 5bfb7fbfc9f5a7d637148fa57646686c499d3449 Mon Sep 17 00:00:00 2001 From: Sergey Demchenko Date: Tue, 11 Jun 2024 10:27:22 -0700 Subject: [PATCH 12/19] Include version header. --- MSAL/src/MSALPublicClientApplication.m | 1 + 1 file changed, 1 insertion(+) diff --git a/MSAL/src/MSALPublicClientApplication.m b/MSAL/src/MSALPublicClientApplication.m index 7491b7eb77..23bd5bf376 100644 --- a/MSAL/src/MSALPublicClientApplication.m +++ b/MSAL/src/MSALPublicClientApplication.m @@ -112,6 +112,7 @@ #import "MSIDRequestTelemetryConstants.h" #import "MSALWipeCacheForAllAccountsConfig.h" #import "NSString+MSIDTelemetryExtensions.h" +#import "MSIDVersion.h" @interface MSALPublicClientApplication() { From 89adec011af60eb655aeb5f9b95f9ee39b8d724a Mon Sep 17 00:00:00 2001 From: Sergei Demchenko Date: Wed, 12 Jun 2024 11:20:05 -0700 Subject: [PATCH 13/19] Update x-client-xtra-sku format (#2202) * Update platfrom sequence format. * Update core. --- MSAL/IdentityCore | 2 +- MSAL/src/MSALPublicClientApplication.m | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index c4017fd6b1..413d7d905f 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit c4017fd6b1b4b9669b4093afe5ecccfe08222cf6 +Subproject commit 413d7d905f82fc5572717ca8b014acbe68e835f7 diff --git a/MSAL/src/MSALPublicClientApplication.m b/MSAL/src/MSALPublicClientApplication.m index 23bd5bf376..cade8c4d4b 100644 --- a/MSAL/src/MSALPublicClientApplication.m +++ b/MSAL/src/MSALPublicClientApplication.m @@ -866,9 +866,9 @@ - (void)acquireTokenSilentWithParameters:(MSALSilentTokenParameters *)parameters [extraURLQueryParameters addEntriesFromDictionary:parameters.extraQueryParameters]; msidParams.extraURLQueryParameters = extraURLQueryParameters; - msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] - version:[MSIDVersion sdkVersion] - toSequence:nil]; + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithSrcName:[MSIDVersion platformName] + srcVersion:[MSIDVersion sdkVersion] + sequence:nil]; msidParams.tokenExpirationBuffer = self.internalConfig.tokenExpirationBuffer; msidParams.claimsRequest = parameters.claimsRequest.msidClaimsRequest; @@ -1207,9 +1207,9 @@ - (void)acquireTokenWithParameters:(MSALInteractiveTokenParameters *)parameters [extraURLQueryParameters addEntriesFromDictionary:parameters.extraQueryParameters]; msidParams.extraURLQueryParameters = extraURLQueryParameters; - msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] - version:[MSIDVersion sdkVersion] - toSequence:nil]; + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithSrcName:[MSIDVersion platformName] + srcVersion:[MSIDVersion sdkVersion] + sequence:nil]; msidParams.tokenExpirationBuffer = self.internalConfig.tokenExpirationBuffer; msidParams.extendedLifetimeEnabled = self.internalConfig.extendedLifetimeEnabled; @@ -1464,9 +1464,9 @@ - (void)signoutWithAccount:(nonnull MSALAccount *)account msidParams.validateAuthority = [self shouldValidateAuthorityForRequestAuthority:requestAuthority]; msidParams.keychainAccessGroup = self.internalConfig.cacheConfig.keychainSharingGroup; msidParams.providedAuthority = requestAuthority; - msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithName:[MSIDVersion platformName] - version:[MSIDVersion sdkVersion] - toSequence:nil]; + msidParams.platformSequence = [NSString msidUpdatePlatformSequenceParamWithSrcName:[MSIDVersion platformName] + srcVersion:[MSIDVersion sdkVersion] + sequence:nil]; NSError *localError; BOOL localRemovalResult = [self removeAccountImpl:account wipeAccount:signoutParameters.wipeAccount error:&localError]; From e1fc105752a2d8c228add52bd210a7ae279a4a42 Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Wed, 12 Jun 2024 13:20:16 -0700 Subject: [PATCH 14/19] Force tap 'Done' button when using SafariViewController to fix flaky automation test --- MSAL/test/automation/tests/MSALBaseUITest.m | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/MSAL/test/automation/tests/MSALBaseUITest.m b/MSAL/test/automation/tests/MSALBaseUITest.m index 5ce7c5424f..d1ccfadbed 100644 --- a/MSAL/test/automation/tests/MSALBaseUITest.m +++ b/MSAL/test/automation/tests/MSALBaseUITest.m @@ -214,9 +214,21 @@ - (void)closeAuthUIUsingWebViewType:(MSIDWebviewType)webViewType // We take the second one and tap it XCUIElement *secondButton = [elementQuery elementBoundByIndex:1]; [secondButton msidTap]; - } else + } + else { - [self.testApp.buttons[buttonTitle] msidTap]; + if (webViewType == MSIDWebviewTypeSafariViewController) + { + // We take the first one and force tap it, for some reason tap doesn't work + XCUIElement *firstButton = [elementQuery elementBoundByIndex:0]; + + __auto_type coordinate = [firstButton coordinateWithNormalizedOffset:CGVectorMake(0, 0)]; + [coordinate tap]; + } + else + { + [self.testApp.buttons[buttonTitle] msidTap]; + } } } From c5e172009b370e89e5cad56685066e9fa219d503 Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Wed, 12 Jun 2024 16:27:19 -0700 Subject: [PATCH 15/19] Update CommonCore submodule. --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 413d7d905f..4b51087480 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 413d7d905f82fc5572717ca8b014acbe68e835f7 +Subproject commit 4b510874805fce0b0e22323b089fdc861438a3de From c2d7a950f1537a3a63a7ba67ccce106a6d2ee16c Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Thu, 13 Jun 2024 12:47:16 -0700 Subject: [PATCH 16/19] Update configuration for CIAM automation test --- MSAL/test/automation/tests/interactive/MSALCIAMAuthorityTests.m | 1 - 1 file changed, 1 deletion(-) diff --git a/MSAL/test/automation/tests/interactive/MSALCIAMAuthorityTests.m b/MSAL/test/automation/tests/interactive/MSALCIAMAuthorityTests.m index 91380f3862..713c6912cc 100644 --- a/MSAL/test/automation/tests/interactive/MSALCIAMAuthorityTests.m +++ b/MSAL/test/automation/tests/interactive/MSALCIAMAuthorityTests.m @@ -45,7 +45,6 @@ - (void)setUp MSIDTestAutomationAccountConfigurationRequest *accountConfigurationRequest = [MSIDTestAutomationAccountConfigurationRequest new]; accountConfigurationRequest.federationProviderType = MSIDTestAccountFederationProviderTypeCIAM; - accountConfigurationRequest.additionalQueryParameters = @{@"signInAudience": @"azureadmyorg",@"PublicClient": @"No"}; [self loadTestAccount:accountConfigurationRequest]; From 8b8ff58310c9e4bc4953f99563d42a9004db79a7 Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Mon, 17 Jun 2024 14:06:38 -0700 Subject: [PATCH 17/19] Update CommonCore submodule to main --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 4b51087480..8231b7cf3a 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 4b510874805fce0b0e22323b089fdc861438a3de +Subproject commit 8231b7cf3ae4f892abb945ce4247763f2ed65cbd From 9ae8b61c868962153d5fa6a2492deddf804b1acd Mon Sep 17 00:00:00 2001 From: Antonio Alwan Date: Mon, 17 Jun 2024 22:05:13 +0000 Subject: [PATCH 18/19] Updating MSAL framework checksum & url for 1.4.0 [skip ci] --- Package.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Package.swift b/Package.swift index baf593e715..dbe3a98dc1 100644 --- a/Package.swift +++ b/Package.swift @@ -13,6 +13,6 @@ let package = Package( targets: ["MSAL"]), ], targets: [ - .binaryTarget(name: "MSAL", url: "https://github.com/AzureAD/microsoft-authentication-library-for-objc/releases/download/1.3.3/MSAL.zip", checksum: "4c4a52ed5bbc20875efed36707216ce0ca6b2b8846f2b88c16fc44f634093f2d") + .binaryTarget(name: "MSAL", url: "https://github.com/AzureAD/microsoft-authentication-library-for-objc/releases/download/1.4.0/MSAL.zip", checksum: "0bd52aa02ef94ec39ce7912fb66c5388b48cfd89c43ee3040b2d242505014fc8") ] ) From 80e29032b363df3a357a69b129a492c59b016259 Mon Sep 17 00:00:00 2001 From: Juan Arias Roldan <1686668+juan-arias@users.noreply.github.com> Date: Mon, 17 Jun 2024 19:23:41 -0700 Subject: [PATCH 19/19] Update submodule --- MSAL/IdentityCore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MSAL/IdentityCore b/MSAL/IdentityCore index 8231b7cf3a..e9ed22c633 160000 --- a/MSAL/IdentityCore +++ b/MSAL/IdentityCore @@ -1 +1 @@ -Subproject commit 8231b7cf3ae4f892abb945ce4247763f2ed65cbd +Subproject commit e9ed22c633cf0d924802b96904be80c281958229