Address comments

Author: neha-bhargava

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AppServiceManagedIdentity.java renamed to msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AppServiceManagedIdentitySource.java

@@ -11,9 +11,9 @@
 import java.util.HashMap;
 import java.util.Map;
 
-class AppServiceManagedIdentity extends AbstractManagedIdentitySource{
+class AppServiceManagedIdentitySource extends AbstractManagedIdentitySource{
 
-    private static final Logger LOG = LoggerFactory.getLogger(AppServiceManagedIdentity.class);
+    private static final Logger LOG = LoggerFactory.getLogger(AppServiceManagedIdentitySource.class);
 
     // MSI Constants. Docs for MSI are available here https://docs.microsoft.com/azure/app-service/overview-managed-identity
     private static final String APP_SERVICE_MSI_API_VERSION = "2019-08-01";
@@ -51,7 +51,7 @@ public void createManagedIdentityRequest(String resource) {
         managedIdentityRequest.queryParameters = queryParameters;
     }
 
-    private AppServiceManagedIdentity(MsalRequest msalRequest, ServiceBundle serviceBundle, URI endpoint, String secret)
+    private AppServiceManagedIdentitySource(MsalRequest msalRequest, ServiceBundle serviceBundle, URI endpoint, String secret)
     {
         super(msalRequest, serviceBundle, ManagedIdentitySourceType.AppService);
         this.endpoint = endpoint;
@@ -61,11 +61,11 @@ private AppServiceManagedIdentity(MsalRequest msalRequest, ServiceBundle service
     protected static AbstractManagedIdentitySource create(MsalRequest msalRequest, ServiceBundle serviceBundle) {
 
         IEnvironmentVariables environmentVariables = getEnvironmentVariables((ManagedIdentityParameters) msalRequest.requestContext().apiParameters());
-        String msiSecret = environmentVariables.getEnvironmentVariable(IEnvironmentVariables.IDENTITY_HEADER);
-        String msiEndpoint = environmentVariables.getEnvironmentVariable(IEnvironmentVariables.IDENTITY_ENDPOINT);
+        String msiSecret = environmentVariables.getEnvironmentVariable(Constants.IDENTITY_HEADER);
+        String msiEndpoint = environmentVariables.getEnvironmentVariable(Constants.IDENTITY_ENDPOINT);
 
         return validateEnvironmentVariables(msiEndpoint, msiSecret)
-                ? new AppServiceManagedIdentity(msalRequest, serviceBundle, endpointUri, msiSecret)
+                ? new AppServiceManagedIdentitySource(msalRequest, serviceBundle, endpointUri, msiSecret)
                 : null;
     }
 

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/Constants.java

@@ -14,4 +14,11 @@ final class Constants {
     public static final String MANAGED_IDENTITY_CLIENT_ID = "client_id";
     public static final String MANAGED_IDENTITY_RESOURCE_ID = "mi_res_id";
 
+    public static final String IDENTITY_ENDPOINT = "IDENTITY_ENDPOINT";
+    public static final String IDENTITY_HEADER = "IDENTITY_HEADER";
+    public static final String AZURE_POD_IDENTITY_AUTHORITY_HOST = "AZURE_POD_IDENTITY_AUTHORITY_HOST";
+    public static final String IMDS_ENDPOINT = "IMDS_ENDPOINT";
+    public static final String MSI_ENDPOINT = "MSI_ENDPOINT";
+    public static final String IDENTITY_SERVER_THUMBPRINT = "IDENTITY_SERVER_THUMBPRINT";
+
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/HttpRequest.java

@@ -3,6 +3,7 @@
 
 package com.microsoft.aad.msal4j;
 
+import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import lombok.experimental.Accessors;
 
@@ -16,6 +17,7 @@
  */
 @Getter
 @Accessors(fluent = true)
+@EqualsAndHashCode
 public class HttpRequest {
 
     /**
@@ -87,36 +89,4 @@ private URL createUrlFromString(String stringUrl) {
 
         return url;
     }
-
-    // Adding this for unit tests to be able to compare expected and actual request.
-    @Override
-    public boolean equals(Object o) {
-        if (o == this)
-            return true;
-
-        if (!(o instanceof HttpRequest))
-            return false;
-
-        HttpRequest otherRequest = (HttpRequest) o;
-
-        return this.url.equals(otherRequest.url)
-                && this.httpMethod.equals(otherRequest.httpMethod)
-                && ((this.headers == null && otherRequest.headers == null) || this.headers.equals(otherRequest.headers))
-                && ((this.body == null && otherRequest.body == null) || this.body.equals(otherRequest.body));
-    }
-
-    @Override
-    public final int hashCode() {
-        int result = 17;
-        if (httpMethod != null) {
-            result = 31 * result + httpMethod.hashCode();
-        }
-        if (headers != null) {
-            result = 31 * result + headers.hashCode();
-        }
-        if (body != null) {
-            result = 31 * result + body.hashCode();
-        }
-        return result;
-    }
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/IEnvironmentVariables.java

@@ -3,13 +3,8 @@
 
 package com.microsoft.aad.msal4j;
 
-public interface IEnvironmentVariables {
-    String IDENTITY_ENDPOINT = "IDENTITY_ENDPOINT";
-    public static final String IDENTITY_HEADER = "IDENTITY_HEADER";
-    public static final String AZURE_POD_IDENTITY_AUTHORITY_HOST = "AZURE_POD_IDENTITY_AUTHORITY_HOST";
-    public static final String IMDS_ENDPOINT = "IMDS_ENDPOINT";
-    public static final String MSI_ENDPOINT = "MSI_ENDPOINT";
-    public static final String IDENTITY_SERVER_THUMBPRINT = "IDENTITY_SERVER_THUMBPRINT";
+interface IEnvironmentVariables {
+
 
     String getEnvironmentVariable(String envVariable);
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/IMDSManagedIdentity.java renamed to msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/IMDSManagedIdentitySource.java

@@ -12,17 +12,17 @@
 import java.util.HashMap;
 import java.util.Map;
 
-public class IMDSManagedIdentity extends AbstractManagedIdentitySource{
+class IMDSManagedIdentitySource extends AbstractManagedIdentitySource{
 
     // IMDS constants. Docs for IMDS are available here https://docs.microsoft.com/azure/active-directory/managed-identities-azure-resources/how-to-use-vm-token#get-a-token-using-http
-    private final static Logger LOG = LoggerFactory.getLogger(IMDSManagedIdentity.class);
-    private static URI DEFAULT_IMDS_ENDPOINT;
+    private static final Logger LOG = LoggerFactory.getLogger(IMDSManagedIdentitySource.class);
+    private static final URI DEFAULT_IMDS_ENDPOINT;
 
     static {
         try {
             DEFAULT_IMDS_ENDPOINT = new URI("http://169.254.169.254/metadata/identity/oauth2/token");
         } catch (URISyntaxException e) {
-            throw new RuntimeException(e);
+            throw new MsalManagedIdentityException(MsalError.INVALID_MANAGED_IDENTITY_ENDPOINT, ManagedIdentitySourceType.Imds);
         }
     }
 
@@ -35,27 +35,32 @@ public class IMDSManagedIdentity extends AbstractManagedIdentitySource{
 
     private URI imdsEndpoint;
 
-    public IMDSManagedIdentity(MsalRequest msalRequest,
-                               ServiceBundle serviceBundle) {
+    public IMDSManagedIdentitySource(MsalRequest msalRequest,
+                                     ServiceBundle serviceBundle) {
         super(msalRequest, serviceBundle, ManagedIdentitySourceType.Imds);
         ManagedIdentityParameters parameters = (ManagedIdentityParameters) msalRequest.requestContext().apiParameters();
         IEnvironmentVariables environmentVariables = ((ManagedIdentityParameters) msalRequest.requestContext().apiParameters()).environmentVariables == null ?
                 new EnvironmentVariables() :
                 parameters.environmentVariables;
-        if (!StringHelper.isNullOrBlank(environmentVariables.getEnvironmentVariable(IEnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST))){
-            LOG.info("[Managed Identity] Environment variable AZURE_POD_IDENTITY_AUTHORITY_HOST for IMDS returned endpoint: " + environmentVariables.getEnvironmentVariable(IEnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST));
+        if (!StringHelper.isNullOrBlank(environmentVariables.getEnvironmentVariable(Constants.AZURE_POD_IDENTITY_AUTHORITY_HOST))){
+            LOG.info("[Managed Identity] Environment variable AZURE_POD_IDENTITY_AUTHORITY_HOST for IMDS returned endpoint: " + environmentVariables.getEnvironmentVariable(Constants.AZURE_POD_IDENTITY_AUTHORITY_HOST));
             try {
-                imdsEndpoint = new URI(environmentVariables.getEnvironmentVariable(IEnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST));
+                imdsEndpoint = new URI(environmentVariables.getEnvironmentVariable(Constants.AZURE_POD_IDENTITY_AUTHORITY_HOST));
             } catch (URISyntaxException e) {
                 throw new RuntimeException(e);
             }
 
-            StringBuilder builder = new StringBuilder(environmentVariables.getEnvironmentVariable(IEnvironmentVariables.AZURE_POD_IDENTITY_AUTHORITY_HOST));
+            StringBuilder builder = new StringBuilder(environmentVariables.getEnvironmentVariable(Constants.AZURE_POD_IDENTITY_AUTHORITY_HOST));
             builder.append("/" + imdsTokenPath);
             try {
                 imdsEndpoint = new URI(builder.toString());
             } catch (URISyntaxException e) {
-                throw new RuntimeException(e);
+                throw new MsalManagedIdentityException(MsalError.INVALID_MANAGED_IDENTITY_ENDPOINT,
+                        String.format(MsalErrorMessage.MANAGED_IDENTITY_ENDPOINT_INVALID_URI_ERROR,
+                                Constants.AZURE_POD_IDENTITY_AUTHORITY_HOST,
+                                builder.toString(),
+                                ManagedIdentitySourceType.Imds),
+                        ManagedIdentitySourceType.Imds);
             }
         }
         else

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/ManagedIdentityApplication.java

@@ -20,7 +20,7 @@ public class ManagedIdentityApplication extends AbstractClientApplicationBase im
     private String resource;
 
     @Getter
-    private ManagedIdentityId managedIdentityId;
+    private final ManagedIdentityId managedIdentityId;
 
     private ManagedIdentityApplication(Builder builder) {
         super(builder);

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/ManagedIdentityClient.java

@@ -34,10 +34,10 @@ public ManagedIdentityResponse getManagedIdentityResponse(ManagedIdentityParamet
     private static AbstractManagedIdentitySource createManagedIdentitySource(MsalRequest msalRequest,
             ServiceBundle serviceBundle) throws Exception {
         AbstractManagedIdentitySource managedIdentitySource;
-        if ((managedIdentitySource = AppServiceManagedIdentity.create(msalRequest, serviceBundle)) != null) {
+        if ((managedIdentitySource = AppServiceManagedIdentitySource.create(msalRequest, serviceBundle)) != null) {
             return managedIdentitySource;
         } else {
-            return new IMDSManagedIdentity(msalRequest, serviceBundle);
+            return new IMDSManagedIdentitySource(msalRequest, serviceBundle);
         }
     }
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/ManagedIdentityIdType.java

@@ -3,7 +3,7 @@
 
 package com.microsoft.aad.msal4j;
 
-public enum ManagedIdentityIdType {
+enum ManagedIdentityIdType {
 
     SystemAssigned,
     ClientId,

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/MsalError.java

@@ -3,14 +3,33 @@
 
 package com.microsoft.aad.msal4j;
 
-class MsalError {
+/**
+ * Error code returned as a property in MsalException.
+ */
+public class MsalError {
+
+    /**
+     * Invalid managed identity endpoint.
+     */
     public static final String INVALID_MANAGED_IDENTITY_ENDPOINT = "invalid_managed_identity_endpoint";
 
+    /**
+     * User assigned managed identity is not supported for this source.
+     */
     public static final String USER_ASSIGNED_MANAGED_IDENTITY_NOT_SUPPORTED = "user_assigned_managed_identity_not_supported";
 
+    /**
+     * Managed Identity error response was received.
+     */
     public static final String MANAGED_IDENTITY_REQUEST_FAILED = "managed_identity_request_failed";
 
-    public static final String SCOPES_REQUIRED = "scopes_required_client_credentials";
+    /**
+     * Resource is required to fetch a token using managed identity.
+     */
+    public static final String RESOURCE_REQUIRED_MANAGED_IDENTITY = "resource_required_managed_identity";
 
+    /**
+     * Managed Identity endpoint is not reachable.
+     */
     public static final String MANAGED_IDENTITY_UNREACHABLE_NETWORK = "managed_identity_unreachable_network";
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/MsalErrorMessage.java

@@ -3,21 +3,19 @@
 
 package com.microsoft.aad.msal4j;
 
-public class MsalErrorMessage {
+class MsalErrorMessage {
 
-    public static final String MANAGED_IDENTITY_ENDPOINT_INVALID_URI_ERROR = "[Managed Identity] The environment variable {0} contains an invalid Uri {1} in {2} managed identity source.";
+    public static final String MANAGED_IDENTITY_ENDPOINT_INVALID_URI_ERROR = "[Managed Identity] The environment variable %s contains an invalid Uri %s in %s managed identity source.";
 
     public static final String MANAGED_IDENTITY_NO_CHALLENGE_ERROR = "[Managed Identity] Did not receive expected WWW-Authenticate header in the response from Azure Arc Managed Identity Endpoint.";
 
     public static final String MANAGED_IDENTITY_INVALID_CHALLENGE = "[Managed Identity] The WWW-Authenticate header in the response from Azure Arc Managed Identity Endpoint did not match the expected format.";
 
     public static final String MANAGED_IDENTITY_UNEXPECTED_RESPONSE = "[Managed Identity] Unexpected exception occurred when parsing the response. See the inner exception for details.";
 
-    public static final String MANAGED_IDENTITY_ENPOINT_INVALID_URI_ERROR = "[Managed Identity] The environment variable {0} contains an invalid Uri {1} in {2} managed identity source.";
-
     public static final String MANAGED_IDENTITY_USER_ASSIGNED_NOT_CONFIGURABLE_AT_RUNTIME = "[Managed Identity] Service Fabric user assigned managed identity ClientId or ResourceId is not configurable at runtime.";
 
-    public static final String MANAGED_IDENTITY_USER_ASSIGNED_NOT_SUPPORTED = "[Managed Identity] User assigned identity is not supported by the {0} Managed Identity. To authenticate with the system assigned identity omit the client id in ManagedIdentityApplicationBuilder.Create().";
+    public static final String MANAGED_IDENTITY_USER_ASSIGNED_NOT_SUPPORTED = "[Managed Identity] User assigned identity is not supported by the %s Managed Identity. To authenticate with the system assigned identity omit the client id in ManagedIdentityApplicationBuilder.Create().";
 
     public static final String SCOPES_REQUIRED = "At least one scope needs to be requested for this authentication flow. ";
 }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/MsalManagedIdentityException.java

@@ -14,15 +14,8 @@ public MsalManagedIdentityException(String errorCode, String errorMessage, Manag
         super(errorMessage, errorCode);
         this.managedIdentitySourceType = sourceType;
     }
-    public MsalManagedIdentityException(String message, String error) {
-        super(message, error);
-    }
-
-    public MsalManagedIdentityException(ErrorResponse errorResponse, Map<String, List<String>> httpHeaders) {
-        super(errorResponse, httpHeaders);
-    }
 
-    public MsalManagedIdentityException(AadInstanceDiscoveryResponse discoveryResponse) {
-        super(discoveryResponse);
+    public MsalManagedIdentityException(String errorCode, ManagedIdentitySourceType sourceType) {
+        this(errorCode, "", sourceType);
     }
 }

msal4j-sdk/src/test/java/com/microsoft/aad/msal4j/EnvironmentVariablesHelper.java

@@ -14,27 +14,27 @@ public class EnvironmentVariablesHelper implements IEnvironmentVariables {
 
         switch (source) {
             case AppService:
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_ENDPOINT, endpoint);
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_HEADER, "secret");
+                mockedEnvironmentVariables.put(Constants.IDENTITY_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.IDENTITY_HEADER, "secret");
                 break;
 
             case Imds:
-                mockedEnvironmentVariables.put(EnvironmentVariables.IMDS_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.IMDS_ENDPOINT, endpoint);
                 break;
 
             case ServiceFabric:
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_ENDPOINT, endpoint);
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_HEADER, "secret");
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_SERVER_THUMBPRINT, "thumbprint");
+                mockedEnvironmentVariables.put(Constants.IDENTITY_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.IDENTITY_HEADER, "secret");
+                mockedEnvironmentVariables.put(Constants.IDENTITY_SERVER_THUMBPRINT, "thumbprint");
                 break;
 
             case CloudShell:
-                mockedEnvironmentVariables.put(IEnvironmentVariables.MSI_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.MSI_ENDPOINT, endpoint);
                 break;
 
             case AzureArc:
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IDENTITY_ENDPOINT, endpoint);
-                mockedEnvironmentVariables.put(IEnvironmentVariables.IMDS_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.IDENTITY_ENDPOINT, endpoint);
+                mockedEnvironmentVariables.put(Constants.IMDS_ENDPOINT, endpoint);
                 break;
         }
     }

msal4j-sdk/src/test/java/com/microsoft/aad/msal4j/ManagedIdentityTests.java

@@ -3,7 +3,6 @@
 
 package com.microsoft.aad.msal4j;
 
-import org.apache.http.HttpException;
 import org.junit.jupiter.api.TestInstance;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.junit.jupiter.params.ParameterizedTest;