Merge branch 'avdunn/msalruntime-broker' of https://github.com/AzureAD/microsoft-authentication-library-for-java into avdunn/msalruntime-broker

# Conflicts:
#	msal4j-brokers/src/main/java/com/microsoft/aad/msal4jbrokers/Broker.java

Author: Avery-Dunn

.github/ISSUE_TEMPLATE/FeatureRequest.yaml

@@ -0,0 +1,48 @@
+name: Feature request
+description: Suggest a new feature for MSAL Java
+labels: ["feature request", "untriaged", "needs attention"]
+title : '[Feature Request]     '
+body:
+- type: markdown
+  attributes:
+    value: |
+      ## Before submitting your feature request
+      Please make sure that your question or issue is not already covered in [MSAL documentation](https://learn.microsoft.com/entra/msal/java/) or [samples](https://learn.microsoft.com/azure/active-directory/develop/sample-v2-code?tabs=apptype).
+      
+- type: markdown
+  attributes:
+    value: |
+      ## Feature request for MSAL Java
+      
+- type: dropdown
+  attributes:
+    label: MSAL client type
+    description: Are you using PublicClientApplication (desktop / CLI apps), ConfidentialClientApplication (web apps, web APIs, service-to-service) or ManagedIdentityApplication?
+    multiple: true
+    options: 
+      - "Public"
+      - "Confidential"
+      - "Managed identity"
+  validations:
+    required: true
+
+- type: textarea
+  attributes:
+    label: Problem Statement
+    description: "Describe the problem or context for this feature request."
+  validations: 
+    required: true
+
+- type: textarea
+  attributes:
+    label: Proposed solution
+    description: "Describe the solution you'd like."
+  validations: 
+    required: false
+
+- type: textarea
+  attributes:
+    label: Alternatives
+    description: "Describe alternatives you've considered."
+  validations: 
+    required: false

.github/ISSUE_TEMPLATE/bug_report.yaml

@@ -0,0 +1,115 @@
+name: Bug report
+description: Broken or unintended behavior with MSAL4J library
+title: '[Bug] '
+labels: ["untriaged", "needs attention"]
+body:
+- type: markdown
+  attributes:
+    value: |
+      ## Before submitting your issue
+      Please make sure that your question or issue is not already covered in existing issues
+
+      **Logs and network traces**
+      Without logs or traces, it is unlikely that the team can investigate your issue. Capturing logs is described in our [Docs](https://learn.microsoft.com/azure/active-directory/develop/msal-logging-java).
+
+- type: markdown
+  attributes:
+    value: |
+      ## Issue details   
+    
+- type: input
+  attributes:
+    label: Library version used
+    description: "Enter the version of the library where you ran into the issue (e.g. 1.13.10)."
+  validations:
+    required: true
+    
+- type: input
+  attributes:
+    label: Java version
+    description: "Enter the Java SDK and Framework version your application is developed in."
+  validations:
+    required: true
+
+- type: dropdown
+  attributes:
+    label: Scenario
+    description: "Are you using PublicClientApplication,  ConfidentialClientApplication or ManagedIdentityApplication?"
+    multiple: true
+    options: 
+      - "PublicClient (AcquireTokenInteractive, AcquireTokenByUsernamePassword)"      
+      - "ConfidentialClient - web site (AcquireTokenByAuthCode)"
+      - "ConfidentialClient - web api (AcquireTokenOnBehalfOf)"
+      - "ConfidentialClient - service to service (AcquireTokenForClient)"
+      - "ManagedIdentityClient - managed identity"
+      - "Other - please specify"
+  validations:
+    required: true
+   
+- type: dropdown
+  attributes:
+    label: Is this a new or an existing app?
+    description: "Is this a new or existing app?"
+    multiple: false
+    options: 
+      - "The app is in production, and I have upgraded to a new version of MSAL"
+      - "The app is in production, I haven't upgraded MSAL, but started seeing this issue"
+      - "This is a new app or experiment"
+  validations:
+    required: false
+    
+- type: textarea
+  attributes:
+    label: Issue description and reproduction steps
+    description: "Briefly explain the issue you are seeing along with any error messages or stack trace. Provide a link to one of the [standard samples](https://learn.microsoft.com/azure/active-directory/develop/sample-v2-code?tabs=apptype) and steps to reproduce the behavior. Make sure to provide verbose level log messages from MSAL, if available. [Learn more](https://learn.microsoft.com/azure/active-directory/develop/msal-logging-dotnet)"
+  validations:
+    required: true
+    
+- type: textarea
+  attributes:
+    label: Relevant code snippets
+    description: "Provide relevant code snippets that can be used to reproduce the issue."
+    render: csharp
+  validations:
+    required: false
+       
+- type: textarea
+  attributes:
+    label: Expected behavior
+    description: "Describe what you expect the behavior to be."
+  validations:
+    required: false
+    
+- type: dropdown
+  attributes:
+    label: Identity provider
+    options: 
+      - Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
+      - Azure B2C Basic Policy
+      - Azure B2C Custom Policy
+      - Azure Active Directory Federation Services (ADFS)
+      - Microsoft Entra External ID
+      - Other
+  validations:
+    required: true
+       
+- type: input
+  attributes:
+    label: Regression
+    description: "If this behavior worked before, enter the last working version(s) of MSAL."
+    placeholder: "MSAL version: "
+
+- type: textarea
+  attributes:
+    label: Solution and workarounds
+    description: "Possible solution or workarounds, if you know of any."
+  validations:
+    required: false
+        
+- type: markdown
+  attributes:
+    value: "## Security Reporting"
+- type: markdown
+  attributes:
+    value: |
+      If you find a security issue with our libraries or services [please report it to the Microsoft Security Response Center (MSRC)](https://aka.ms/report-security-issue) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://www.microsoft.com/msrc/technical-security-notifications) and subscribing to Security Advisory Alerts.

.github/workflows/codeql.yml

@@ -0,0 +1,18 @@
+# CONTRIBUTING
+
+Microsoft Authentication Library for Java welcomes new contributors.  This document will guide you
+through the process.
+
+## CONTRIBUTOR LICENSE AGREEMENT
+
+Please visit [https://cla.microsoft.com/](https://cla.microsoft.com/) and sign the Contributor License
+Agreement.  You only need to do that once. We can not look at your code until you've submitted this request.
+
+
+## Build
+
+Use Java8.
+
+## Test
+
+Unit tests should run as expected. Integration tests require certificate / secrets which are deployed on CI. External contributors are not able to run integration tests manually.

Contributing.md

@@ -16,7 +16,7 @@ Quick links:
 The library supports the following Java environments:
 - Java 8 (or higher)
 
-Current version - 1.13.8
+Current version - 1.13.11
 
 You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/main/msal4j-sdk/changelog.txt).
 
@@ -28,13 +28,13 @@ Find [the latest package in the Maven repository](https://mvnrepository.com/arti
 <dependency>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j</artifactId>
-    <version>1.13.8</version>
+    <version>1.13.11</version>
 </dependency>
 ```
 ### Gradle
 
 ```gradle
-implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.13.8'
+implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.13.11'
 ```
 
 ## Usage

README.md

@@ -1,4 +1,4 @@
-Version 1.14.1-beta
+Version 1.14.3-beta
 =============
 - Add proof-of-possession token support
 - Add MSALRuntime logging support
@@ -8,6 +8,22 @@ Version 1.14.0-beta
 - Add IBroker interface
 - Add app-level parameter for enabling the use of auth brokers
 
+Version 1.13.11
+=============
+- Hotfix for internal docs generation issue (#705)
+
+Version 1.13.10
+=============
+- Remove default HTTP timeout (#664)
+- Add equals/hash logic to Account class based on homeAccountID (#681)
+- Fix issue with command to open default browser on Linux (#683)
+- Handle null pointer exception in certain ADFS scenarios (#669)
+
+Version 1.13.9
+=============
+- Update automated tests to use JUnit 5/Mockito instead of TestNG/Powermock
+- Fix issue with interactive flow on macOS/Linux/Unix systems
+
 Version 1.13.8
 =============
 - Added support for CIAM authority

msal4j-sdk/changelog.txt renamed to changelog.txt

@@ -5,7 +5,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j-brokers</artifactId>
-    <version>1.0.2-beta</version>
+    <version>1.0.3-beta</version>
     <packaging>jar</packaging>
     <name>msal4j-brokers</name>
     <description>
@@ -34,12 +34,12 @@
         <dependency>
             <groupId>com.microsoft.azure</groupId>
             <artifactId>msal4j</artifactId>
-            <version>1.14.1-beta</version>
+            <version>1.14.3-beta</version>
         </dependency>
         <dependency>
             <groupId>com.microsoft.azure</groupId>
             <artifactId>javamsalruntime</artifactId>
-            <version>0.13.8</version>
+            <version>0.13.10</version>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>

msal4j-brokers/pom.xml

@@ -17,12 +17,14 @@
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.ExecutionException;
 
-public class MsalRuntimeBroker implements IBroker {
-    private static final Logger LOG = LoggerFactory.getLogger(MsalRuntimeBroker.class);
+public class Broker implements IBroker {
+    private static final Logger LOG = LoggerFactory.getLogger(Broker.class);
 
     private static MsalRuntimeInterop interop;
     private static Boolean brokerAvailable;
 
+    private boolean supportWindows;
+
     static {
         try {
             //MsalRuntimeInterop performs various initialization steps in a similar static block,
@@ -107,7 +109,7 @@ public CompletableFuture<IAuthenticationResult> acquireToken(PublicClientApplica
                         parameters.proofOfPossession().getUri(),
                         parameters.proofOfPossession().getNonce());
             }
-            
+
             AuthParameters authParameters = authParamsBuilder.build();
 
             return interop.signInInteractively(parameters.windowHandle(), authParameters, correlationID, parameters.loginHint())
@@ -246,4 +248,33 @@ public void enableBrokerPIILogging(boolean enablePII) {
     private String generateCorrelationID() {
         return UUID.randomUUID().toString();
     }
+
+    public static class Builder {
+        private boolean supportWindows = false;
+
+        public Builder() {
+        }
+
+        /**
+         * When set to true, MSAL Java will attempt to use the broker when the application is running on a Windows OS
+         */
+        public Builder supportWindows(boolean val) {
+            supportWindows = val;
+            return this;
+        }
+
+        public Broker build() {
+            return new Broker(this);
+        }
+    }
+
+    private Broker(Builder builder) {
+        this.supportWindows = builder.supportWindows;
+
+        //This will be expanded to cover other OS options, but for now it is only Windows. Since Windows is the only
+        // option, if app developer doesn't want to use the broker on Windows then they shouldn't use the Broker at all
+        if (!this.supportWindows) {
+            throw new MsalClientException("At least one operating system support option must be used when building the Broker instance", AuthenticationErrorCode.MSALJAVA_BROKERS_ERROR);
+        }
+    }
 }