merging changes to token cache (#41)

* merging changes to token cache

Author: SomkaPe

src/main/java/com/microsoft/aad/msal4j/AccessTokenCacheEntity.java

@@ -37,7 +37,7 @@
 class AccessTokenCacheEntity extends Credential {
 
     @SerializedName("credential_type")
-    private String credentialType = "AccessToken";
+    private String credentialType;
 
     @SerializedName("realm")
     protected String realm;

src/main/java/com/microsoft/aad/msal4j/CredentialTypeEnum.java

@@ -0,0 +1,41 @@
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+
+package com.microsoft.aad.msal4j;
+
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.experimental.Accessors;
+
+@Accessors(fluent = true)
+@Getter
+@AllArgsConstructor
+public enum CredentialTypeEnum {
+
+    ACCESS_TOKEN("AccessToken"),
+    REFRESH_TOKEN("RefreshToken"),
+    ID_TOKEN("IdToken");
+
+    private final String value;
+}

src/main/java/com/microsoft/aad/msal4j/IdTokenCacheEntity.java

@@ -26,14 +26,20 @@
 import com.google.gson.annotations.SerializedName;
 import com.microsoft.aad.msal4j.Constants;
 import com.microsoft.aad.msal4j.Credential;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.experimental.Accessors;
 
 import java.util.ArrayList;
 import java.util.List;
 
+@Accessors(fluent = true)
+@Getter
+@Setter
 class IdTokenCacheEntity extends Credential {
 
     @SerializedName("credential_type")
-    private String credentialType = "IdToken";
+    private String credentialType;
 
     @SerializedName("realm")
     protected String realm;
@@ -52,12 +58,4 @@ String getKey(){
 
         return String.join(Constants.CACHE_KEY_SEPARATOR, keyParts).toLowerCase();
     }
-
-    String getRealm() {
-        return realm;
-    }
-
-    void setRealm(String realm) {
-        this.realm = realm;
-    }
 }

src/main/java/com/microsoft/aad/msal4j/RefreshTokenCacheEntity.java

@@ -37,7 +37,7 @@
 class RefreshTokenCacheEntity extends Credential {
 
     @SerializedName("credential_type")
-    private String credentialType = "RefreshToken";
+    private String credentialType;
 
     @SerializedName("family_id")
     private String family_id;

src/main/java/com/microsoft/aad/msal4j/TokenCache.java

@@ -23,8 +23,7 @@
 
 package com.microsoft.aad.msal4j;
 
-import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
+import com.google.gson.*;
 import com.google.gson.annotations.SerializedName;
 import com.google.gson.internal.LinkedTreeMap;
 
@@ -80,23 +79,40 @@ public void deserialize(String data) {
         this.appMetadata = deserializedCache.appMetadata;
     }
 
+    private static void mergeJsonObjects(JsonObject old, JsonObject update) {
+
+        for (Map.Entry<String, JsonElement> uEntry : update.entrySet())
+        {
+            String key = uEntry.getKey();
+            JsonElement uValue = uEntry.getValue();
+            if (!old.has(key)) {
+                if(!uValue.isJsonNull() &&
+                        !(uValue.isJsonObject() && uValue.getAsJsonObject().size() == 0)){
+                    old.add(key, uValue);
+                }
+            }
+            else{
+                JsonElement oValue = old.get(key);
+                if(uValue.isJsonObject()){
+                    mergeJsonObjects(oValue.getAsJsonObject(), uValue.getAsJsonObject());
+                }
+                else{
+                    old.add(key, uValue);
+                }
+            }
+        }
+    }
+
     @Override
     public String serialize() {
         if(!StringHelper.isBlank(serializedCachedData)){
-            Object o = new Gson().fromJson(serializedCachedData, Object.class);
-            Map<String, Object> map = (Map<String, Object>)o;
-
-            map.put("AccessToken", accessTokens);
-            map.put("RefreshToken", refreshTokens);
+            JsonObject cache = new JsonParser().parse(serializedCachedData).getAsJsonObject();
+            JsonObject update = new Gson().toJsonTree(this).getAsJsonObject();
 
-            map.put("IdToken", idTokens);
-            map.put("AccountCacheEntity", accounts);
+            mergeJsonObjects(cache, update);
 
-            map.put("AppMetadata", appMetadata);
-
-            return new GsonBuilder().create().toJson(map);
+            return cache.toString();
         }
-
         return new GsonBuilder().create().toJson(this);
     }
 
@@ -154,6 +170,7 @@ static RefreshTokenCacheEntity createRefreshTokenCacheEntity(TokenRequest tokenR
                                                                  AuthenticationResult authenticationResult,
                                                                  String environmentAlias) {
         RefreshTokenCacheEntity rt = new RefreshTokenCacheEntity();
+        rt.credentialType(CredentialTypeEnum.REFRESH_TOKEN.value());
 
         if(authenticationResult.account() != null){
             rt.homeAccountId(authenticationResult.account().homeAccountId());
@@ -172,6 +189,7 @@ static AccessTokenCacheEntity createAccessTokenCacheEntity(TokenRequest tokenReq
                                                                AuthenticationResult authenticationResult,
                                                                String environmentAlias) {
         AccessTokenCacheEntity at = new AccessTokenCacheEntity();
+        at.credentialType(CredentialTypeEnum.ACCESS_TOKEN.value());
 
         if(authenticationResult.account() != null){
             at.homeAccountId(authenticationResult.account().homeAccountId());
@@ -204,6 +222,7 @@ static IdTokenCacheEntity createIdTokenCacheEntity(TokenRequest tokenRequest,
                                                        AuthenticationResult authenticationResult,
                                                        String environmentAlias) {
         IdTokenCacheEntity idToken = new IdTokenCacheEntity();
+        idToken.credentialType(CredentialTypeEnum.ID_TOKEN.value());
 
         if(authenticationResult.account() != null){
             idToken.homeAccountId(authenticationResult.account().homeAccountId());
@@ -214,7 +233,7 @@ static IdTokenCacheEntity createIdTokenCacheEntity(TokenRequest tokenRequest,
 
         IdToken idTokenObj = authenticationResult.idTokenObject();
         if (idTokenObj != null) {
-            idToken.setRealm(idTokenObj.tenantIdentifier);
+            idToken.realm(idTokenObj.tenantIdentifier);
         }
 
         return idToken;

src/main/java/com/microsoft/aad/msal4j/TokenResponse.java

@@ -119,8 +119,8 @@ static TokenResponse parseJsonObject(final JSONObject jsonObject)
         }
 
         String foci = null;
-        if (jsonObject.containsKey("familyId")) {
-            foci = JSONObjectUtils.getString(jsonObject, "familyId");
+        if (jsonObject.containsKey("foci")) {
+            foci = JSONObjectUtils.getString(jsonObject, "foci");
         }
 
         return new TokenResponse(accessToken, refreshToken,

src/test/resources/cache_data/serialized_cache.json

@@ -1,52 +1,60 @@
 {
-  "AccessToken": {
-    "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca-login.microsoftonline.com-accesstoken-b6c69a37-df96-4db0-9088-2ab96e1d8215-f645ad92-e38d-4d1a-b510-d1b09a74a8ca-calendars.read openid profile tasks.read user.read email": {
-      "credential_type": "AccessToken",
-      "realm": "f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "target": "Calendars.Read openid profile Tasks.Read User.Read email",
-      "cached_at": "1553397772",
-      "expires_on": "1553401371",
-      "extended_expires_on": "1553660571",
-      "home_account_id": "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "environment": "login.microsoftonline.com",
-      "client_id": "b6c69a37-df96-4db0-9088-2ab96e1d8215",
-      "secret": "\u003cremoved_at\u003e"
+  "Account": {
+    "uid.utid-login.example.com-contoso": {
+      "username": "John Doe",
+      "local_account_id": "object1234",
+      "realm": "contoso",
+      "environment": "login.example.com",
+      "home_account_id": "uid.utid",
+      "authority_type": "MSSTS"
     }
   },
   "RefreshToken": {
-    "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca-login.microsoftonline.com-refreshtoken-b6c69a37-df96-4db0-9088-2ab96e1d8215--": {
+    "uid.utid-login.example.com-refreshtoken-my_client_id--s2 s1 s3": {
+      "target": "s2 s1 s3",
+      "environment": "login.example.com",
       "credential_type": "RefreshToken",
-      "home_account_id": "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "environment": "login.microsoftonline.com",
-      "client_id": "b6c69a37-df96-4db0-9088-2ab96e1d8215",
-      "secret": "\u003cremoved_rt\u003e"
+      "secret": "a refresh token",
+      "client_id": "my_client_id",
+      "home_account_id": "uid.utid"
     }
   },
-  "IdToken": {
-    "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca-login.microsoftonline.com-idtoken-b6c69a37-df96-4db0-9088-2ab96e1d8215-f645ad92-e38d-4d1a-b510-d1b09a74a8ca-": {
-      "credential_type": "IdToken",
-      "realm": "f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "home_account_id": "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "environment": "login.microsoftonline.com",
-      "client_id": "b6c69a37-df96-4db0-9088-2ab96e1d8215",
-      "secret": "eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.ew0KICAiYXVkIjogImI2YzY5YTM3LWRmOTYtNGRiMC05MDg4LTJhYjk2ZTFkODIxNSIsDQogICJpc3MiOiAiaHR0cHM6Ly9sb2dpbi5taWNyb3NvZnRvbmxpbmUuY29tL2Y2NDVhZDkyLWUzOGQtNGQxYS1iNTEwLWQxYjA5YTc0YThjYS92Mi4wIiwNCiAgImlhdCI6IDE1Mzg1Mzg0MjIsDQogICJuYmYiOiAxNTM4NTM4NDIyLA0KICAiZXhwIjogMTUzODU0MjMyMiwNCiAgIm5hbWUiOiAiQ2xvdWQgSURMQUIgQmFzaWMgVXNlciIsDQogICJvaWQiOiAiOWY0ODgwZDgtODBiYS00YzQwLTk3YmMtZjdhMjNjNzAzMDg0IiwNCiAgInByZWZlcnJlZF91c2VybmFtZSI6ICJpZGxhYkBtc2lkbGFiNC5vbm1pY3Jvc29mdC5jb20iLA0KICAic3ViIjogIlk2WWtCZEhOTkxITm1US2VsOUtoUno4d3Jhc3hkTFJGaVAxNEJSUFdybjQiLA0KICAidGlkIjogImY2NDVhZDkyLWUzOGQtNGQxYS1iNTEwLWQxYjA5YTc0YThjYSIsDQogICJ1dGkiOiAiNm5jaVgwMlNNa2k5azczLUYxc1pBQSIsDQogICJ2ZXIiOiAiMi4wIg0KfQ\u003d\u003d.e30\u003d"
+  "AccessToken": {
+    "an-entry": {
+      "foo": "bar"
+    },
+    "uid.utid-login.example.com-accesstoken-my_client_id-contoso-s2 s1 s3": {
+      "environment": "login.example.com",
+      "credential_type": "AccessToken",
+      "secret": "an access token",
+      "realm": "contoso",
+      "target": "s2 s1 s3",
+      "client_id": "my_client_id",
+      "cached_at": "1000",
+      "home_account_id": "uid.utid",
+      "extended_expires_on": "4600",
+      "expires_on": "4600"
     }
   },
-  "Account": {
-    "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca-login.microsoftonline.com-f645ad92-e38d-4d1a-b510-d1b09a74a8ca": {
-      "home_account_id": "9f4880d8-80ba-4c40-97bc-f7a23c703084.f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "environment": "login.microsoftonline.com",
-      "realm": "f645ad92-e38d-4d1a-b510-d1b09a74a8ca",
-      "local_account_id": "9f4880d8-80ba-4c40-97bc-f7a23c703084",
-      "username": "[email protected]",
-      "name": "Cloud IDLAB Basic User",
-      "client_info": "eyJ1aWQiOiI5ZjQ4ODBkOC04MGJhLTRjNDAtOTdiYy1mN2EyM2M3MDMwODQiLCJ1dGlkIjoiZjY0NWFkOTItZTM4ZC00ZDFhLWI1MTAtZDFiMDlhNzRhOGNhIn0",
-      "authority_type": "MSSTS"
+  "IdToken": {
+    "uid.utid-login.example.com-idtoken-my_client_id-contoso-": {
+      "realm": "contoso",
+      "environment": "login.example.com",
+      "credential_type": "IdToken",
+      "secret": "header.eyJvaWQiOiAib2JqZWN0MTIzNCIsICJwcmVmZXJyZWRfdXNlcm5hbWUiOiAiSm9obiBEb2UiLCAic3ViIjogInN1YiJ9.signature",
+      "client_id": "my_client_id",
+      "home_account_id": "uid.utid"
     }
   },
-  "AppMetadata":{},
   "unknownEntity": {
     "field1": "1",
     "field2": "whats"
+  },
+  "AppMetadata": {
+    "appmetadata-login.example.com-my_client_id": {
+      "environment": "login.example.com",
+      "family_id": null,
+      "client_id": "my_client_id"
+    }
   }
 }