Pesomka/client cred silent (#68)

silent flow support for client cred grant

Author: SomkaPe

src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java

@@ -38,6 +38,7 @@
 import java.security.cert.X509Certificate;
 import java.util.Collections;
 
+import static com.microsoft.aad.msal4j.TestConstants.GRAPH_DEFAULT_SCOPE;
 import static com.microsoft.aad.msal4j.TestConstants.KEYVAULT_DEFAULT_SCOPE;
 
 @Test
@@ -72,8 +73,23 @@ private void assertAcquireTokenCommon(String clientId, IClientCredential credent
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        // TODO AuthenticationResult should have an getAccountInfo API
-        // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
+
+        String cachedAt = result.accessToken();
+
+        result = cca.acquireTokenSilently(SilentParameters
+                .builder(Collections.singleton(GRAPH_DEFAULT_SCOPE))
+                .build())
+                .get();
+
+        Assert.assertNull(result);
+
+        result = cca.acquireTokenSilently(SilentParameters
+                .builder(Collections.singleton(KEYVAULT_DEFAULT_SCOPE))
+                .build())
+                .get();
+
+        Assert.assertNotNull(result);
+        Assert.assertEquals(result.accessToken(), cachedAt);
     }
 
 

src/main/java/com/microsoft/aad/msal4j/AcquireTokenSilentSupplier.java

@@ -23,9 +23,6 @@
 
 package com.microsoft.aad.msal4j;
 
-import java.util.Optional;
-import java.util.Set;
-
 class AcquireTokenSilentSupplier extends AuthenticationResultSupplier {
 
     private SilentRequest silentRequest;
@@ -44,7 +41,17 @@ AuthenticationResult execute() throws Exception {
                     getAuthorityWithPrefNetworkHost(silentRequest.requestAuthority().authority());
         }
 
-        AuthenticationResult res = clientApplication.tokenCache.getAuthenticationResult(
+        AuthenticationResult res;
+
+        if(silentRequest.parameters().account() == null){
+            res = clientApplication.tokenCache.getCachedAuthenticationResult(
+                    requestAuthority,
+                    silentRequest.parameters().scopes(),
+                    clientApplication.clientId());
+            return StringHelper.isBlank(res.accessToken()) ? null : res;
+        }
+
+        res = clientApplication.tokenCache.getCachedAuthenticationResult(
                 silentRequest.parameters().account(),
                 requestAuthority,
                 silentRequest.parameters().scopes(),

src/main/java/com/microsoft/aad/msal4j/AuthenticationResultSupplier.java

@@ -76,11 +76,14 @@ public IAuthenticationResult get() {
                             true)) {
             try {
                 result = execute();
-                logResult(result, msalRequest.headers());
-
                 apiEvent.setWasSuccessful(true);
-                if (result.account() != null) {
-                    apiEvent.setTenantId(result.accountCacheEntity().realm());
+
+                if(result != null){
+                    logResult(result, msalRequest.headers());
+
+                    if (result.account() != null) {
+                        apiEvent.setTenantId(result.accountCacheEntity().realm());
+                    }
                 }
             } catch(Exception ex) {
                 if (ex instanceof AuthenticationException) {

src/main/java/com/microsoft/aad/msal4j/Authority.java

@@ -26,6 +26,8 @@
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.experimental.Accessors;
+
+import java.net.MalformedURLException;
 import java.net.URL;
 
 /**
@@ -54,6 +56,10 @@ abstract class Authority {
 
     String tokenEndpoint;
 
+    URL tokenEndpointUrl() throws MalformedURLException {
+        return new URL(tokenEndpoint);
+    }
+
     Authority(URL canonicalAuthorityUrl){
         this.canonicalAuthorityUrl = canonicalAuthorityUrl;
         this.authorityType = detectAuthorityType(canonicalAuthorityUrl);

src/main/java/com/microsoft/aad/msal4j/ClientApplicationBase.java

@@ -140,8 +140,7 @@ AuthenticationResult acquireTokenCommon(MsalRequest msalRequest, Authority reque
                     headers.getHeaderCorrelationIdValue()));
         }
 
-        URL url = new URL(requestAuthority.tokenEndpoint());
-        TokenRequest request = new TokenRequest(url, msalRequest, serviceBundle);
+        TokenRequest request = new TokenRequest(requestAuthority, msalRequest, serviceBundle);
 
         AuthenticationResult result = request.executeOauthRequestAndProcessResponse();
 
@@ -150,7 +149,7 @@ AuthenticationResult acquireTokenCommon(MsalRequest msalRequest, Authority reque
         } else {
             InstanceDiscoveryMetadataEntry instanceDiscoveryMetadata =
                     AadInstanceDiscovery.GetMetadataEntry
-                            (url, validateAuthority, msalRequest, serviceBundle);
+                            (requestAuthority.canonicalAuthorityUrl(), validateAuthority, msalRequest, serviceBundle);
 
             tokenCache.saveTokens(request, result, instanceDiscoveryMetadata.preferredCache);
         }

src/main/java/com/microsoft/aad/msal4j/OAuthAuthorizationGrant.java

@@ -55,6 +55,7 @@ private OAuthAuthorizationGrant() {
 
 
         if (!StringHelper.isBlank(scopes)) {
+            this.scopes = scopes;
             params.put(SCOPE_PARAM_NAME,
                     Collections.singletonList(String.join(" ",params.get(SCOPE_PARAM_NAME)) + SCOPES_DELIMITER + scopes));
         }

src/main/java/com/microsoft/aad/msal4j/SilentParameters.java

@@ -29,6 +29,7 @@
 import java.util.Set;
 
 import static com.microsoft.aad.msal4j.ParameterValidationUtils.validateNotEmpty;
+import static com.microsoft.aad.msal4j.ParameterValidationUtils.validateNotNull;
 
 @Builder
 @Accessors(fluent = true)
@@ -39,7 +40,6 @@ public class SilentParameters {
     @NonNull
     private Set<String> scopes;
 
-    @NonNull
     private IAccount account;
 
     private String authorityUrl;
@@ -53,10 +53,17 @@ private static SilentParametersBuilder builder() {
 
     public static SilentParametersBuilder builder(Set<String> scopes, IAccount account) {
 
+        validateNotNull("account", account);
         validateNotEmpty("scopes", scopes);
 
         return builder()
                 .scopes(scopes)
                 .account(account);
     }
+
+    public static SilentParametersBuilder builder(Set<String> scopes) {
+        validateNotEmpty("scopes", scopes);
+
+        return builder().scopes(scopes);
+    }
 }