Family refresh token support (#37)

Author: SomkaPe

src/main/java/com/microsoft/aad/msal4j/Account.java

@@ -45,6 +45,7 @@ public class Account {
     @SerializedName("environment")
     protected String environment;
 
+    @EqualsAndHashCode.Exclude
     @SerializedName("realm")
     protected String realm;
 

src/main/java/com/microsoft/aad/msal4j/AccountsSupplier.java

@@ -23,38 +23,41 @@
 
 package com.microsoft.aad.msal4j;
 
-import java.util.Collection;
+import java.net.URL;
+import java.util.Set;
 import java.util.concurrent.CompletionException;
 import java.util.function.Supplier;
 
-class AccountsSupplier implements Supplier<Collection<Account>> {
+class AccountsSupplier implements Supplier<Set<Account>> {
 
-    ClientDataHttpHeaders headers;
     ClientApplicationBase clientApplication;
+    MsalRequest msalRequest;
 
-    AccountsSupplier(ClientApplicationBase clientApplication) {
+    AccountsSupplier(ClientApplicationBase clientApplication, MsalRequest msalRequest) {
 
         this.clientApplication = clientApplication;
-        this.headers = new ClientDataHttpHeaders(clientApplication.correlationId());
+        this.msalRequest = msalRequest;
     }
 
     @Override
-    public Collection<Account> get() {
-        Collection<Account> accounts;
+    public Set<Account> get() {
         try {
             InstanceDiscoveryMetadataEntry instanceDiscoveryData =
-                    AadInstanceDiscovery.cache.get(clientApplication.authenticationAuthority.host());
+                    AadInstanceDiscovery.GetMetadataEntry
+                            (new URL(clientApplication.authority()),
+                                    clientApplication.validateAuthority(),
+                                    msalRequest,
+                                    clientApplication.getServiceBundle());
 
-            accounts = clientApplication.tokenCache.getAccounts
+            return clientApplication.tokenCache.getAccounts
                     (clientApplication.clientId(), instanceDiscoveryData.getAliasesSet());
 
         } catch (Exception ex) {
             clientApplication.log.error(
                     LogHelper.createMessage("Execution of " + this.getClass() + " failed.",
-                            this.headers.getHeaderCorrelationIdValue()), ex);
+                            msalRequest.headers().getHeaderCorrelationIdValue()), ex);
 
             throw new CompletionException(ex);
         }
-        return accounts;
     }
 }

src/main/java/com/microsoft/aad/msal4j/AcquireTokenSilentSupplier.java

@@ -23,6 +23,9 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.Optional;
+import java.util.Set;
+
 class AcquireTokenSilentSupplier extends AuthenticationResultSupplier {
 
     private SilentRequest silentRequest;
@@ -35,7 +38,6 @@ class AcquireTokenSilentSupplier extends AuthenticationResultSupplier {
 
     @Override
     AuthenticationResult execute() throws Exception {
-
         Authority requestAuthority = silentRequest.requestAuthority();
         if(requestAuthority.authorityType != AuthorityType.B2C){
             requestAuthority =
@@ -52,10 +54,7 @@ AuthenticationResult execute() throws Exception {
             return res;
         }
 
-        if (StringHelper.isBlank(res.refreshToken())) {
-            return null;
-        } else {
-
+        if (!StringHelper.isBlank(res.refreshToken())) {
             RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest(
                     RefreshTokenParameters.builder(silentRequest.parameters().scopes(), res.refreshToken()).build(),
                     silentRequest.application(),
@@ -65,6 +64,8 @@ AuthenticationResult execute() throws Exception {
                     new AcquireTokenByAuthorizationGrantSupplier(clientApplication, refreshTokenRequest, requestAuthority);
 
             return acquireTokenByAuthorisationGrantSupplier.execute();
+        } else {
+            return null;
         }
     }
 }

src/main/java/com/microsoft/aad/msal4j/AppMetadataCacheEntity.java

@@ -0,0 +1,36 @@
+package com.microsoft.aad.msal4j;
+
+import com.google.gson.annotations.SerializedName;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.experimental.Accessors;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Accessors(fluent = true)
+@Getter
+@Setter
+public class AppMetadataCacheEntity {
+
+    public static final String APP_METADATA_CACHE_ENTITY_ID = "appmetadata";
+
+    @SerializedName("client_id")
+    private String clientId;
+
+    @SerializedName("environment")
+    private String environment;
+
+    @SerializedName("family_id")
+    private String familyId;
+
+    String getKey(){
+        List<String> keyParts = new ArrayList<>();
+
+        keyParts.add(APP_METADATA_CACHE_ENTITY_ID);
+        keyParts.add(environment);
+        keyParts.add(clientId);
+
+        return String.join(Constants.CACHE_KEY_SEPARATOR, keyParts).toLowerCase();
+    }
+}

src/main/java/com/microsoft/aad/msal4j/AuthenticationResult.java

@@ -52,6 +52,8 @@ public final class AuthenticationResult implements Serializable {
 
     private final String refreshToken;
 
+    private final String familyId;
+
     private final String idToken;
 
     @Getter(value = AccessLevel.PACKAGE, lazy = true)

src/main/java/com/microsoft/aad/msal4j/AuthenticationResultSupplier.java

@@ -31,6 +31,7 @@
 import java.net.URL;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.util.Set;
 import java.util.concurrent.CompletionException;
 import java.util.function.Supplier;
 

src/main/java/com/microsoft/aad/msal4j/ClientApplicationBase.java

@@ -32,10 +32,7 @@
 import java.net.MalformedURLException;
 import java.net.Proxy;
 import java.net.URL;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Collection;
-import java.util.UUID;
+import java.util.*;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Future;
@@ -151,7 +148,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(AuthorizationCodePar
         AuthorizationCodeRequest authorizationCodeRequest = new AuthorizationCodeRequest(
                 parameters,
                 this,
-                createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_BY_AUTHORIZATION_CODE));
+                createRequestContext(PublicApi.ACQUIRE_TOKEN_BY_AUTHORIZATION_CODE));
 
         return this.executeRequest(authorizationCodeRequest);
     }
@@ -174,7 +171,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(RefreshTokenParamete
         RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest(
                 parameters,
                 this,
-                createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_BY_REFRESH_TOKEN));
+                createRequestContext(PublicApi.ACQUIRE_TOKEN_BY_REFRESH_TOKEN));
 
         return executeRequest(refreshTokenRequest);
     }
@@ -192,46 +189,6 @@ CompletableFuture<AuthenticationResult> executeRequest(
         return future;
     }
 
-    /**
-     * Returns accounts for which there is an cached SSO (RT token)
-     */
-    public CompletableFuture<AuthenticationResult> acquireTokenSilently(SilentParameters parameters)
-            throws MalformedURLException {
-
-        validateNotNull("parameters", parameters);
-
-        SilentRequest silentRequest = new SilentRequest(
-                parameters,
-                this,
-                createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_SILENTLY));
-
-        return executeRequest(silentRequest);
-    }
-
-    /**
-     * Returns accounts for which there is an cached SSO (RT token)
-     */
-    public CompletableFuture<Collection<Account>> getAccounts() {
-        AccountsSupplier supplier = new AccountsSupplier(this);
-
-        CompletableFuture<Collection<Account>> future =
-                serviceBundle.getExecutorService() != null ? CompletableFuture.supplyAsync(supplier, serviceBundle.getExecutorService())
-                        : CompletableFuture.supplyAsync(supplier);
-        return future;
-    }
-
-    /**
-     * Remove all credentials from cache related to the account
-     */
-    public CompletableFuture removeAccount(Account account) {
-        RemoveAccountRunnable runnable = new RemoveAccountRunnable(this, account);
-
-        CompletableFuture<Void> future =
-                serviceBundle.getExecutorService() != null ? CompletableFuture.runAsync(runnable, serviceBundle.getExecutorService())
-                        : CompletableFuture.runAsync(runnable);
-        return future;
-    }
-
     AuthenticationResult acquireTokenCommon(MsalRequest msalRequest, Authority requestAuthority)
             throws Exception {
 
@@ -278,7 +235,7 @@ private AuthenticationResultSupplier getAuthenticationResultSupplier(MsalRequest
         return supplier;
     }
 
-    RequestContext createRequestContext(AcquireTokenPublicApi publicApi) {
+    RequestContext createRequestContext(PublicApi publicApi) {
         return new RequestContext(
                 clientId,
                 correlationId(),
@@ -289,6 +246,50 @@ ServiceBundle getServiceBundle() {
         return serviceBundle;
     }
 
+    /**
+     * Returns accounts for which there is an cached SSO (RT token)
+     */
+    public CompletableFuture<AuthenticationResult> acquireTokenSilently(SilentParameters parameters)
+            throws MalformedURLException {
+
+        validateNotNull("parameters", parameters);
+
+        SilentRequest silentRequest = new SilentRequest(
+                parameters,
+                this,
+                createRequestContext(PublicApi.ACQUIRE_TOKEN_SILENTLY));
+
+        return executeRequest(silentRequest);
+    }
+
+    /**
+     * Returns accounts for which there is an cached SSO (RT token)
+     */
+    public CompletableFuture<Set<Account>> getAccounts() {
+        MsalRequest msalRequest =
+                new MsalRequest(this, null,
+                        createRequestContext(PublicApi.GET_ACCOUNTS)){};
+
+        AccountsSupplier supplier = new AccountsSupplier(this, msalRequest);
+
+        CompletableFuture<Set<Account>> future =
+                serviceBundle.getExecutorService() != null ? CompletableFuture.supplyAsync(supplier, serviceBundle.getExecutorService())
+                        : CompletableFuture.supplyAsync(supplier);
+        return future;
+    }
+
+    /**
+     * Remove all credentials from cache related to account
+     */
+    public CompletableFuture removeAccount(Account account) {
+        RemoveAccountRunnable runnable = new RemoveAccountRunnable(this, account);
+
+        CompletableFuture<Void> future =
+                serviceBundle.getExecutorService() != null ? CompletableFuture.runAsync(runnable, serviceBundle.getExecutorService())
+                        : CompletableFuture.runAsync(runnable);
+        return future;
+    }
+
     protected static String canonicalizeUrl(String authority) {
         authority = authority.toLowerCase();
 

src/main/java/com/microsoft/aad/msal4j/ConfidentialClientApplication.java

@@ -35,7 +35,6 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.Set;
 import java.util.concurrent.CompletableFuture;
 
 import static com.microsoft.aad.msal4j.ParameterValidationUtils.validateNotNull;
@@ -59,7 +58,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(ClientCredentialPara
                 new ClientCredentialRequest(
                         parameters,
                         this,
-                        createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_FOR_CLIENT));
+                        createRequestContext(PublicApi.ACQUIRE_TOKEN_FOR_CLIENT));
 
         return this.executeRequest(clientCredentialRequest);
     }
@@ -83,7 +82,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(OnBehalfOfParameters
         OnBehalfOfRequest oboRequest = new OnBehalfOfRequest(
                 parameters,
                 this,
-                createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_ON_BEHALF_OF));
+                createRequestContext(PublicApi.ACQUIRE_TOKEN_ON_BEHALF_OF));
 
         return this.executeRequest(oboRequest);
     }

src/main/java/com/microsoft/aad/msal4j/AcquireTokenPublicApi.java renamed to src/main/java/com/microsoft/aad/msal4j/PublicApi.java

@@ -23,7 +23,7 @@
 
 package com.microsoft.aad.msal4j;
 
-enum AcquireTokenPublicApi {
+enum PublicApi {
     // TODO finalize api ids
     ACQUIRE_TOKEN_BY_REFRESH_TOKEN(82),
     ACQUIRE_TOKEN_BY_USERNAME_PASSWORD(300),
@@ -32,11 +32,12 @@ enum AcquireTokenPublicApi {
     ACQUIRE_TOKEN_BY_DEVICE_CODE_FLOW(620),
     ACQUIRE_TOKEN_FOR_CLIENT(729),
     ACQUIRE_TOKEN_BY_AUTHORIZATION_CODE(831),
-    ACQUIRE_TOKEN_SILENTLY(800);
+    ACQUIRE_TOKEN_SILENTLY(800),
+    GET_ACCOUNTS(801);
 
     private final int apiId;
 
-    AcquireTokenPublicApi(int apiId){
+    PublicApi(int apiId){
         this.apiId = apiId;
     }
 

src/main/java/com/microsoft/aad/msal4j/PublicClientApplication.java

@@ -27,10 +27,8 @@
 import com.nimbusds.oauth2.sdk.id.ClientID;
 import org.slf4j.LoggerFactory;
 
-import java.util.Set;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.atomic.AtomicReference;
-import java.util.function.Consumer;
 
 import static com.microsoft.aad.msal4j.ParameterValidationUtils.validateNotBlank;
 import static com.microsoft.aad.msal4j.ParameterValidationUtils.validateNotNull;
@@ -55,7 +53,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(UserNamePasswordPara
         UserNamePasswordRequest userNamePasswordRequest =
                 new UserNamePasswordRequest(parameters,
                         this,
-                        createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_BY_USERNAME_PASSWORD));
+                        createRequestContext(PublicApi.ACQUIRE_TOKEN_BY_USERNAME_PASSWORD));
 
         return this.executeRequest(userNamePasswordRequest);
     }
@@ -78,7 +76,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(IntegratedWindowsAut
                         parameters,
                         this,
                         createRequestContext(
-                                AcquireTokenPublicApi.ACQUIRE_TOKEN_BY_INTEGRATED_WINDOWS_AUTH));
+                                PublicApi.ACQUIRE_TOKEN_BY_INTEGRATED_WINDOWS_AUTH));
 
         return this.executeRequest(integratedWindowsAuthenticationRequest);
     }
@@ -120,7 +118,7 @@ public CompletableFuture<AuthenticationResult> acquireToken(DeviceCodeFlowParame
                 parameters,
                 futureReference,
                 this,
-                createRequestContext(AcquireTokenPublicApi.ACQUIRE_TOKEN_BY_DEVICE_CODE_FLOW));
+                createRequestContext(PublicApi.ACQUIRE_TOKEN_BY_DEVICE_CODE_FLOW));
 
         CompletableFuture<AuthenticationResult> future = executeRequest(deviceCodeRequest);
         futureReference.set(future);