Merge pull request #628 from AzureAD/SJAIN/add-refresh-in-logic

add refresh_in logic

Author: siddhijain

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java

@@ -318,14 +318,15 @@ public void validateAppTokenProviderAsync() throws Exception{
         IClientCredential iClientCredential = ClientCredentialFactory.createFromClientAssertion(
                 clientAssertion.assertion());
 
+        Long refreshInSeconds = new Date().getTime() / 1000 + + 800000;
         //builds client with AppTokenProvider
         ConfidentialClientApplication cca = ConfidentialClientApplication.
                 builder(TestConfiguration.AAD_CLIENT_ID, iClientCredential)
                 .appTokenProvider((parameters) -> {
                     Assert.assertNotNull(parameters.scopes);
                     Assert.assertNotNull(parameters.correlationId);
                     Assert.assertNotNull(parameters.tenantId);
-                    return getAppTokenProviderResult("/default");
+                    return getAppTokenProviderResult("/default", refreshInSeconds);
                 })
                 .build();
 
@@ -338,6 +339,10 @@ public void validateAppTokenProviderAsync() throws Exception{
         Assert.assertNotNull(result1.accessToken());
 
         Assert.assertEquals(cca.tokenCache.accessTokens.size(), 1);
+        //check that refreshOn is set correctly when provided by an app developer
+        Assert.assertNotNull(cca.tokenCache.accessTokens.values().iterator().next().refreshOn());
+        Assert.assertEquals(cca.tokenCache.accessTokens.values().iterator().next().refreshOn(), refreshInSeconds.toString());
+        System.out.println(cca.tokenCache.accessTokens.values().iterator().next().refreshOn());
 
         //Acquire token from cache
 
@@ -356,7 +361,7 @@ public void validateAppTokenProviderAsync() throws Exception{
                     Assert.assertNotNull(parameters.scopes);
                     Assert.assertNotNull(parameters.correlationId);
                     Assert.assertNotNull(parameters.tenantId);
-                    return getAppTokenProviderResult("/newScope");
+                    return getAppTokenProviderResult("/newScope", 0L);
                 })
                 .build();
 
@@ -369,17 +374,20 @@ public void validateAppTokenProviderAsync() throws Exception{
 
         Assert.assertNotEquals(result2.accessToken(), result3.accessToken());
         Assert.assertEquals(cca.tokenCache.accessTokens.size(), 1);
-
+        //check that refreshOn is set correctly when a value is not provided by an app developer
+        Assert.assertNotNull(cca.tokenCache.accessTokens.values().iterator().next().refreshOn());
+        System.out.println(cca.tokenCache.accessTokens.values().iterator().next().refreshOn());
     }
 
-    private CompletableFuture<TokenProviderResult> getAppTokenProviderResult(String differentScopesForAt)
+    private CompletableFuture<TokenProviderResult> getAppTokenProviderResult(String differentScopesForAt,
+                                                                             long refreshInSeconds)
     {
         long currTimestampSec = new Date().getTime() / 1000;
         TokenProviderResult token = new TokenProviderResult();
         token.setAccessToken(TestConstants.DEFAULT_ACCESS_TOKEN + differentScopesForAt); //Used to indicate that there is a new access token for a different set of scopes
         token.setTenantId("tenantId");
         token.setExpiresInSeconds(currTimestampSec + 1000000);
-        token.setRefreshInSeconds(currTimestampSec + 800000);
+        token.setRefreshInSeconds(refreshInSeconds);
 
         return CompletableFuture.completedFuture(token);
     }

msal4j-sdk/src/main/java/com/microsoft/aad/msal4j/AcquireTokenByAppProviderSupplier.java

@@ -11,6 +11,8 @@
  */
 class AcquireTokenByAppProviderSupplier extends AuthenticationResultSupplier {
 
+    private static final int TWO_HOURS = 2*3600;
+
     private AppTokenProviderParameters appTokenProviderParameters;
 
     private ClientCredentialRequest clientCredentialRequest;
@@ -23,7 +25,7 @@ class AcquireTokenByAppProviderSupplier extends AuthenticationResultSupplier {
         this.appTokenProviderParameters = appTokenProviderParameters;
     }
 
-    private static void validateTokenProviderResult(TokenProviderResult tokenProviderResult) {
+    private static void validateAndUpdateTokenProviderResult(TokenProviderResult tokenProviderResult) {
         if (null == tokenProviderResult.getAccessToken() || tokenProviderResult.getAccessToken().isEmpty()) {
             handleInvalidExternalValueError(tokenProviderResult.getAccessToken());
         }
@@ -35,6 +37,13 @@ private static void validateTokenProviderResult(TokenProviderResult tokenProvide
         if (null == tokenProviderResult.getTenantId() || tokenProviderResult.getTenantId().isEmpty()) {
             handleInvalidExternalValueError(tokenProviderResult.getTenantId());
         }
+
+        if (0 == tokenProviderResult.getRefreshInSeconds()){
+            long expireInSeconds = tokenProviderResult.getExpiresInSeconds();
+            if(expireInSeconds >= TWO_HOURS){
+                tokenProviderResult.setRefreshInSeconds(expireInSeconds/2);
+            }
+        }
     }
 
     private static void handleInvalidExternalValueError(String nameOfValue) {
@@ -70,7 +79,7 @@ public AuthenticationResult fetchTokenUsingAppTokenProvider(AppTokenProviderPara
             throw new MsalAzureSDKException(ex);
         }
 
-        validateTokenProviderResult(tokenProviderResult);
+        validateAndUpdateTokenProviderResult(tokenProviderResult);
 
         return AuthenticationResult.builder()
                 .accessToken(tokenProviderResult.getAccessToken())