Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentication-library-for-java into avdunn/tenant-override-fix

Author: Avery-Dunn

msal4j-sdk/pom.xml

@@ -48,6 +48,12 @@
             <artifactId>slf4j-api</artifactId>
             <version>1.7.36</version>
         </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+            <version>1.6.2</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
@@ -57,7 +63,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.13.4.2</version>
+            <version>2.18.1</version>
         </dependency>
 
         <!-- test dependencies -->

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java

@@ -15,7 +15,6 @@
 import org.junit.jupiter.params.provider.MethodSource;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotEquals;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 import java.net.MalformedURLException;
 import java.net.URI;
@@ -53,7 +52,7 @@ void acquireTokenInteractive_ManagedUser(String environment) {
         cfg = new Config(environment);
 
         User user = labUserProvider.getDefaultUser(cfg.azureEnvironment);
-        assertAcquireTokenCommon(user, cfg.organizationsAuthority(), cfg.graphDefaultScope());
+        assertAcquireTokenCommon(user, cfg.commonAuthority(), cfg.graphDefaultScope());
     }
 
     @Test()
@@ -146,27 +145,19 @@ void acquireTokenInteractive_Ciam() {
             throw new RuntimeException("Error acquiring token with authCode: " + e.getMessage());
         }
 
-        assertTokenResultNotNull(result);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
     }
 
     private void assertAcquireTokenCommon(User user, String authority, String scope) {
-        PublicClientApplication pca;
-        try {
-            pca = PublicClientApplication.builder(
-                    user.getAppId()).
-                    authority(authority).
-                    build();
-        } catch (MalformedURLException ex) {
-            throw new RuntimeException(ex.getMessage());
-        }
+        PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), authority);
 
         IAuthenticationResult result = acquireTokenInteractive(
                 user,
                 pca,
                 scope);
 
-        assertTokenResultNotNull(result);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
     }
 
@@ -183,23 +174,15 @@ private void assertAcquireTokenB2C(User user, String authority) {
         }
 
         IAuthenticationResult result = acquireTokenInteractive(user, pca, user.getAppId());
-        assertTokenResultNotNull(result);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
     }
 
     private void assertAcquireTokenInstanceAware(User user) {
-        PublicClientApplication pca;
-        try {
-            pca = PublicClientApplication.builder(
-                    user.getAppId()).
-                    authority(cfg.organizationsAuthority()).
-                    build();
-        } catch (MalformedURLException ex) {
-            throw new RuntimeException(ex.getMessage());
-        }
+        PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), TestConstants.MICROSOFT_AUTHORITY_HOST + user.getTenantID());
 
         IAuthenticationResult result = acquireTokenInteractive_instanceAware(user, pca, cfg.graphDefaultScope());
 
-        assertTokenResultNotNull(result);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
 
         //This test is using a client app with the login.microsoftonline.com config to get tokens for a login.microsoftonline.us user,
@@ -253,7 +236,7 @@ public void afterCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext)
                 build();
 
         IAuthenticationResult result = acquireTokenInteractive(user, publicCloudPca, TestConstants.USER_READ_SCOPE);
-        assertTokenResultNotNull(result);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getHomeUPN(), result.account().username());
 
         publicCloudPca.removeAccount(publicCloudPca.getAccounts().join().iterator().next()).join();
@@ -291,12 +274,6 @@ private IAuthenticationResult acquireTokenInteractive(
         return result;
     }
 
-    private void assertTokenResultNotNull(IAuthenticationResult result) {
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
-        assertNotNull(result.idToken());
-    }
-
     private IAuthenticationResult acquireTokenInteractive_instanceAware(
             User user,
             PublicClientApplication pca,

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java

@@ -14,7 +14,6 @@
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.MethodSource;
 import static org.junit.jupiter.api.Assertions.assertEquals;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 import java.net.MalformedURLException;
 import java.net.URI;
@@ -114,17 +113,15 @@ public void acquireTokenWithAuthorizationCode_CiamCud() throws Exception {
                         .build())
                 .get();
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
-        assertNotNull(result.idToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
 
         IAuthenticationResult resultSilent = pca.acquireTokenSilently(SilentParameters
                 .builder(Collections.singleton("user.read"), result.account())
                         .build())
                 .get();
 
-        assertNotNull(resultSilent);
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(resultSilent.accessToken(), result.accessToken());
         assertEquals(resultSilent.account().username(), result.account().username());
     }
@@ -146,38 +143,21 @@ private void assertAcquireTokenADFS2019(User user) {
                 authCode,
                 Collections.singleton(TestConstants.ADFS_SCOPE));
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
-        assertNotNull(result.idToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
     }
 
     private void assertAcquireTokenAAD(User user, Map<String, Set<String>> parameters) {
 
-        PublicClientApplication pca;
-        Set<String> clientCapabilities = null;
-        if (parameters != null) {
-            clientCapabilities = parameters.getOrDefault("clientCapabilities", null);
-        }
-        try {
-            pca = PublicClientApplication.builder(
-                    user.getAppId()).
-                    authority(cfg.organizationsAuthority()).
-                    clientCapabilities(clientCapabilities).
-                    build();
-        } catch (MalformedURLException ex) {
-            throw new RuntimeException(ex.getMessage());
-        }
+        PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), cfg.commonAuthority());
 
         String authCode = acquireAuthorizationCodeAutomated(user, pca, parameters);
         IAuthenticationResult result = acquireTokenAuthorizationCodeFlow(
                 pca,
                 authCode,
                 Collections.singleton(cfg.graphDefaultScope()));
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
-        assertNotNull(result.idToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
         assertEquals(user.getUpn(), result.account().username());
     }
 
@@ -200,9 +180,7 @@ private void assertAcquireTokenB2C(User user) {
         String authCode = acquireAuthorizationCodeAutomated(user, cca, null);
         IAuthenticationResult result = acquireTokenInteractiveB2C(cca, authCode);
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
-        assertNotNull(result.idToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
     }
 
     private IAuthenticationResult acquireTokenAuthorizationCodeFlow(

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/Config.java

@@ -13,6 +13,7 @@
 public class Config {
     private String organizationsAuthority;
     private String tenantSpecificAuthority;
+    private String commonAuthority;
     private String graphDefaultScope;
     AppCredentialProvider appProvider;
     private String tenant;
@@ -25,6 +26,7 @@ public class Config {
         switch (azureEnvironment) {
             case AzureEnvironment.AZURE:
                 organizationsAuthority = TestConstants.ORGANIZATIONS_AUTHORITY;
+                commonAuthority = TestConstants.COMMON_AUTHORITY;
                 tenantSpecificAuthority = TestConstants.TENANT_SPECIFIC_AUTHORITY;
                 graphDefaultScope = TestConstants.GRAPH_DEFAULT_SCOPE;
                 appProvider = new AppCredentialProvider(azureEnvironment);
@@ -33,6 +35,7 @@ public class Config {
             case AzureEnvironment.AZURE_US_GOVERNMENT:
                 organizationsAuthority = TestConstants.ARLINGTON_ORGANIZATIONS_AUTHORITY;
                 tenantSpecificAuthority = TestConstants.ARLINGTON_TENANT_SPECIFIC_AUTHORITY;
+                commonAuthority = TestConstants.ARLINGTON_COMMON_AUTHORITY;
                 graphDefaultScope = TestConstants.ARLINGTON_GRAPH_DEFAULT_SCOPE;
                 appProvider = new AppCredentialProvider(azureEnvironment);
                 tenant = TestConstants.ARLINGTON_AUTHORITY_TENANT;

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java

@@ -16,7 +16,6 @@
 import org.junit.jupiter.params.provider.MethodSource;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.AfterAll;
-import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import java.util.Collections;
 import java.util.function.Consumer;
@@ -41,10 +40,7 @@ void DeviceCodeFlowADTest(String environment) throws Exception {
 
         User user = labUserProvider.getDefaultUser(cfg.azureEnvironment);
 
-        PublicClientApplication pca = PublicClientApplication.builder(
-                user.getAppId()).
-                authority(cfg.tenantSpecificAuthority()).
-                build();
+        PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), cfg.commonAuthority());
 
         Consumer<DeviceCode> deviceCodeConsumer = (DeviceCode deviceCode) -> runAutomatedDeviceCodeFlow(deviceCode, user);
 
@@ -54,8 +50,7 @@ void DeviceCodeFlowADTest(String environment) throws Exception {
                 .build())
                 .get();
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
     }
 
     @Test()
@@ -78,19 +73,15 @@ void DeviceCodeFlowADFSv2019Test() throws Exception {
                 .build())
                 .get();
 
-        assertNotNull(result);
-        assertNotNull(result.accessToken());
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
     }
 
     @Test()
     void DeviceCodeFlowMSATest() throws Exception {
 
         User user = labUserProvider.getMSAUser();
 
-        PublicClientApplication pca = PublicClientApplication.builder(
-                user.getAppId()).
-                authority(TestConstants.CONSUMERS_AUTHORITY).
-                build();
+        PublicClientApplication pca = IntegrationTestHelper.createPublicApp(user.getAppId(), TestConstants.CONSUMERS_AUTHORITY);
 
         Consumer<DeviceCode> deviceCodeConsumer = (DeviceCode deviceCode) -> {
             runAutomatedDeviceCodeFlow(deviceCode, user);

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/IntegrationTestHelper.java

@@ -0,0 +1,28 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package com.microsoft.aad.msal4j;
+
+import java.net.MalformedURLException;
+
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+
+class IntegrationTestHelper {
+
+    static PublicClientApplication createPublicApp(String appID, String authority) {
+        try {
+            return PublicClientApplication.builder(
+                            appID).
+                    authority(authority).
+                    build();
+        } catch (MalformedURLException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    static void assertAccessAndIdTokensNotNull(IAuthenticationResult result) {
+        assertNotNull(result);
+        assertNotNull(result.accessToken());
+        assertNotNull(result.idToken());
+    }
+}

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java

@@ -3,10 +3,6 @@
 
 package com.microsoft.aad.msal4j;
 
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
 public class TestConstants {
     public final static String KEYVAULT_DEFAULT_SCOPE = "https://vault.azure.net/.default";
     public final static String MSIDLAB_DEFAULT_SCOPE = "https://request.msidlab.com/.default";
@@ -34,15 +30,9 @@ public class TestConstants {
     public final static String TENANT_SPECIFIC_AUTHORITY = MICROSOFT_AUTHORITY_HOST + MICROSOFT_AUTHORITY_TENANT;
     public final static String REGIONAL_MICROSOFT_AUTHORITY_BASIC_HOST_WESTUS = "westus.login.microsoft.com";
 
-    public final static String REGIONAL_MICROSOFT_AUTHORITY_BASIC_HOST_EASTUS = "eastus.login.microsoft.com";
-
-//    public final static String CIAM_AUTHORITY = MICROSOFT_AUTHORITY_HOST + "msidlabciam1.onmicrosoft.com";
-    public final static String CIAM_AUTHORITY = "https://msidlabciam1.ciamlogin.com/" + "msidlabciam1.onmicrosoft.com";
-
-    public final static String CIAM_TEST_AUTHORITY = "https://contoso0781.ciamlogin.com/6babcaad-604b-40ac-a9d7-9fd97c0b779f/v2.0/.well-known/openid-configuration?dc=ESTS-PUB-EUS-AZ1-FD000-TEST1&ciamhost=true";
-
     public final static String ARLINGTON_ORGANIZATIONS_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + "organizations/";
     public final static String ARLINGTON_TENANT_SPECIFIC_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + ARLINGTON_AUTHORITY_TENANT;
+    public final static String ARLINGTON_COMMON_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + "common/";
     public final static String ARLINGTON_GRAPH_DEFAULT_SCOPE = "https://graph.microsoft.us/.default";
 
     public final static String B2C_AUTHORITY = "https://msidlabb2c.b2clogin.com/msidlabb2c.onmicrosoft.com/";
@@ -63,9 +53,5 @@ public class TestConstants {
     public final static String ADFS_SCOPE = USER_READ_SCOPE;
     public final static String ADFS_APP_ID = "PublicClientId";
 
-    public final static String CLAIMS = "{\"id_token\":{\"auth_time\":{\"essential\":true}}}";
-    public final static Set<String> CLIENT_CAPABILITIES_EMPTY = new HashSet<>(Collections.emptySet());
     public final static String AUTHORITY_PUBLIC_TENANT_SPECIFIC = "https://login.microsoftonline.com/" + MICROSOFT_AUTHORITY_TENANT;
-
-    public final static String DEFAULT_ACCESS_TOKEN = "defaultAccessToken";
 }