Address comments

neha-bhargava · neha-bhargava · commit b24bd256ad77 · 2025-05-05T14:48:13.000-07:00
diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/Constants.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/Constants.java
@@ -30,7 +30,6 @@ final class Constants {
     
     // Only Service Fabric and App Service managed identity environments support token revocation
     public static final ManagedIdentitySourceType[] TOKEN_REVOCATION_SUPPORTED_ENVIRONMENTS = {
-            ManagedIdentitySourceType.APP_SERVICE,
             ManagedIdentitySourceType.SERVICE_FABRIC
     };
 
diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/ManagedIdentityRequest.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/ManagedIdentityRequest.java
@@ -57,7 +57,7 @@ public ManagedIdentityRequest(ManagedIdentityApplication managedIdentityApplicat
                     if (queryParameters == null) {
                         queryParameters = new HashMap<>();
                     }
-                    String tokenHash = TokenRevocationUtil.convertTokenToSHA256HashString(parameters.getTokenToRevoke());
+                    String tokenHash = StringHelper.createSha256HashHexString(parameters.getTokenToRevoke());
                     queryParameters.put(Constants.TOKEN_REVOCATION_REQUEST_PARAM, Collections.singletonList(tokenHash));
                 }
             }
diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/StringHelper.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/StringHelper.java
@@ -41,6 +41,39 @@ static private String createSha256Hash(String stringToHash, boolean base64Encode
         return res;
     }
 
+    /**
+     * Creates a SHA-256 hash of the input string and returns it as a lowercase hex string.
+     * This is used for token revocation and other scenarios requiring hex hash representation.
+     *
+     * @param stringToHash The string to hash
+     * @return The SHA-256 hash of the string as a lowercase hex string
+     * @throws MsalClientException If the SHA-256 algorithm is not available
+     */
+    public static String createSha256HashHexString(String stringToHash) {
+        if (stringToHash == null || stringToHash.isEmpty()) {
+            throw new IllegalArgumentException("String to hash cannot be null or empty");
+        }
+
+        try {
+            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
+            byte[] hash = messageDigest.digest(stringToHash.getBytes(StandardCharsets.UTF_8));
+            
+            // Convert to hex string
+            StringBuilder hexString = new StringBuilder();
+            for (byte b : hash) {
+                String hex = Integer.toHexString(0xff & b);
+                if (hex.length() == 1) {
+                    hexString.append('0');
+                }
+                hexString.append(hex);
+            }
+            return hexString.toString();
+        } catch (NoSuchAlgorithmException e) {
+            throw new MsalClientException("Failed to create SHA-256 hash: " + e.getMessage(),
+                    AuthenticationErrorCode.CRYPTO_ERROR);
+        }
+    }
+
     public static boolean isNullOrBlank(final String str) {
         return str == null || str.trim().length() == 0;
     }
diff --git a/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/TokenRevocationUtil.java b/msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/TokenRevocationUtil.java
diff --git a/msal4j-sdk/src/test/java/com/microsoft/aad/msal4j/TokenRevocationTest.java b/msal4j-sdk/src/test/java/com/microsoft/aad/msal4j/TokenRevocationTest.java
@@ -4,35 +4,29 @@
 package com.microsoft.aad.msal4j;
 
 import org.junit.jupiter.api.Test;
-import org.junit.jupiter.api.BeforeEach;
 import static org.junit.jupiter.api.Assertions.*;
 
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.Map;
-
 public class TokenRevocationTest {
 
     private static final String TEST_TOKEN = "test_token";
     private static final String EXPECTED_TOKEN_HASH = "cc0af97287543b65da2c7e1476426021826cab166f1e063ed012b855ff819656";
     private static final String TEST_RESOURCE = "https://management.azure.com";
-    
-    @Test
+      @Test
     public void testConvertTokenToSHA256Hash() {
-        String hash = TokenRevocationUtil.convertTokenToSHA256HashString(TEST_TOKEN);
+        String hash = StringHelper.createSha256HashHexString(TEST_TOKEN);
         assertEquals(EXPECTED_TOKEN_HASH, hash);
     }
     
     @Test
     public void testTokenToRevokeValidation() {
         // Should throw exception when null
         assertThrows(IllegalArgumentException.class, () -> {
-            TokenRevocationUtil.convertTokenToSHA256HashString(null);
+            StringHelper.createSha256HashHexString(null);
         });
         
         // Should throw exception when empty
         assertThrows(IllegalArgumentException.class, () -> {
-            TokenRevocationUtil.convertTokenToSHA256HashString("");
+            StringHelper.createSha256HashHexString("");
         });
     }
     

Original file line number	Diff line number	Diff line change
`@@ -57,7 +57,7 @@ public ManagedIdentityRequest(ManagedIdentityApplication managedIdentityApplicat`
`57`	`57`	`if (queryParameters == null) {`
`58`	`58`	`queryParameters = new HashMap<>();`
`59`	`59`	`}`
`60`		`- String tokenHash = TokenRevocationUtil.convertTokenToSHA256HashString(parameters.getTokenToRevoke());`
	`60`	`+ String tokenHash = StringHelper.createSha256HashHexString(parameters.getTokenToRevoke());`
`61`	`61`	`queryParameters.put(Constants.TOKEN_REVOCATION_REQUEST_PARAM, Collections.singletonList(tokenHash));`
`62`	`62`	`}`
`63`	`63`	`}`