1.7.0 release (#278)

1.7.0 release

Author: SomkaPe

README.md

@@ -1,77 +1,77 @@
-# Microsoft Authentication Library (MSAL) for Java
-
-`master` branch    | `dev` branch    | Reference Docs
---------------------|-----------------|---------------
-[![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=master)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762) | [![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=dev)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762)| [![Javadocs](http://javadoc.io/badge/com.microsoft.azure/msal4j.svg)](http://javadoc.io/doc/com.microsoft.azure/msal4j)
-
-The Microsoft Authentication Library for Java (MSAL4J) enables applications to integrate with the [Microsoft identity platform](https://aka.ms/aaddevv2). It allows you to sign in users or apps with Microsoft identities (Azure AD, Microsoft accounts and Azure AD B2C accounts) and obtain tokens to call Microsoft APIs such as [Microsoft Graph](https://graph.microsoft.io/) or your own APIs registered with the Microsoft identity platform. It is built using industry standard OAuth2 and OpenID Connect protocols.
-
-Quick links:
-
-| [Getting Started](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v2-java-webapp) | [Docs](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki) | [Samples](https://aka.ms/aaddevsamplesv2) | [Support](README.md#community-help-and-support)
-| --- | --- | --- | --- |
-
-## Install
-
-The library supports the following Java environments:
-- Java 8 (or higher)
-
-Current version - 1.6.2
-
-You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/master/changelog.txt).
-
-You can get the msal4j package through Maven or Gradle.
-
-### Maven
-Find [the latest package in the Maven repository](https://mvnrepository.com/artifact/com.microsoft.azure/msal4j).
-```
-<dependency>
-    <groupId>com.microsoft.azure</groupId>
-    <artifactId>msal4j</artifactId>
-    <version>1.6.2</version>
-</dependency>
-```
-### Gradle
-
-```
-compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.6.2'
-```
-
-## Usage
-
-MSAL4J supports multiple [application types and authentication scenarios](https://docs.microsoft.com/azure/active-directory/develop/authentication-flows-app-scenarios).
-
-Refer the [Uncyclo](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki) pages for more details on the usage of MSAL Java and the supported scenarios.
-
-## Migrating from ADAL
-If your application is using ADAL for Java (ADAL4J), we recommend you to update to use MSAL4J. No new feature work will be done in ADAL4J.
-
-See the [ADAL to MSAL migration](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki/Migrate-to-MSAL-Java) guide.
-
-## Roadmap
-
-You can follow the latest updates and plans for MSAL Java in the [Roadmap](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki#roadmap) published on our Uncyclo.
-
-## Contribution
-
-This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
-When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
-This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
-
-## Samples and Documentation
-
-We provide a [full suite of sample applications](https://aka.ms/aaddevsamplesv2) and [documentation](https://aka.ms/aaddevv2) to help you get started with learning the Microsoft identity platform.
-
-## Community Help and Support
-
-We leverage [Stack Overflow](http://stackoverflow.com/) to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browser existing issues to see if someone has had your question before.
-
-We recommend you use the "msal" tag so we can see it! Here is the latest Q&A on Stack Overflow for MSAL: [http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal)
-
-## Security Reporting
-
-If you find a security issue with our libraries or services please report it to [[email protected]](mailto:[email protected]) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://technet.microsoft.com/security/dd252948) and subscribing to Security Advisory Alerts.
-
-## We Value and Adhere to the Microsoft Open Source Code of Conduct
-
-This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
+# Microsoft Authentication Library (MSAL) for Java
+
+`master` branch    | `dev` branch    | Reference Docs
+--------------------|-----------------|---------------
+[![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=master)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762) | [![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=dev)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762)| [![Javadocs](http://javadoc.io/badge/com.microsoft.azure/msal4j.svg)](http://javadoc.io/doc/com.microsoft.azure/msal4j)
+
+The Microsoft Authentication Library for Java (MSAL4J) enables applications to integrate with the [Microsoft identity platform](https://aka.ms/aaddevv2). It allows you to sign in users or apps with Microsoft identities (Azure AD, Microsoft accounts and Azure AD B2C accounts) and obtain tokens to call Microsoft APIs such as [Microsoft Graph](https://graph.microsoft.io/) or your own APIs registered with the Microsoft identity platform. It is built using industry standard OAuth2 and OpenID Connect protocols.
+
+Quick links:
+
+| [Getting Started](https://docs.microsoft.com/azure/active-directory/develop/quickstart-v2-java-webapp) | [Docs](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki) | [Samples](https://aka.ms/aaddevsamplesv2) | [Support](README.md#community-help-and-support)
+| --- | --- | --- | --- |
+
+## Install
+
+The library supports the following Java environments:
+- Java 8 (or higher)
+
+Current version - 1.7.0
+
+You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/master/changelog.txt).
+
+You can get the msal4j package through Maven or Gradle.
+
+### Maven
+Find [the latest package in the Maven repository](https://mvnrepository.com/artifact/com.microsoft.azure/msal4j).
+```
+<dependency>
+    <groupId>com.microsoft.azure</groupId>
+    <artifactId>msal4j</artifactId>
+    <version>1.7.0</version>
+</dependency>
+```
+### Gradle
+
+```
+compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.7.0'
+```
+
+## Usage
+
+MSAL4J supports multiple [application types and authentication scenarios](https://docs.microsoft.com/azure/active-directory/develop/authentication-flows-app-scenarios).
+
+Refer the [Uncyclo](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki) pages for more details on the usage of MSAL Java and the supported scenarios.
+
+## Migrating from ADAL
+If your application is using ADAL for Java (ADAL4J), we recommend you to update to use MSAL4J. No new feature work will be done in ADAL4J.
+
+See the [ADAL to MSAL migration](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki/Migrate-to-MSAL-Java) guide.
+
+## Roadmap
+
+You can follow the latest updates and plans for MSAL Java in the [Roadmap](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki#roadmap) published on our Uncyclo.
+
+## Contribution
+
+This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
+When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
+This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
+
+## Samples and Documentation
+
+We provide a [full suite of sample applications](https://aka.ms/aaddevsamplesv2) and [documentation](https://aka.ms/aaddevv2) to help you get started with learning the Microsoft identity platform.
+
+## Community Help and Support
+
+We leverage [Stack Overflow](http://stackoverflow.com/) to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browser existing issues to see if someone has had your question before.
+
+We recommend you use the "msal" tag so we can see it! Here is the latest Q&A on Stack Overflow for MSAL: [http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal)
+
+## Security Reporting
+
+If you find a security issue with our libraries or services please report it to [[email protected]](mailto:[email protected]) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://technet.microsoft.com/security/dd252948) and subscribing to Security Advisory Alerts.
+
+## We Value and Adhere to the Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.

changelog.txt

@@ -1,3 +1,9 @@
+Version 1.7.0
+=============
+- Tenant profiles added to IAccount
+- Support of certificate chain
+- Api to set connect and read timeouts for default http client
+
 Version 1.6.2
 =============
 - Fix for "NullPointerException during accessing B2C authority aliases"

pom.xml

@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.microsoft.azure</groupId>
 	<artifactId>msal4j</artifactId>
-	<version>1.6.2</version>
+	<version>1.7.0</version>
 	<packaging>jar</packaging>
 	<name>msal4j</name>
 	<description>

src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenSilentIT.java

@@ -83,7 +83,7 @@ public void acquireTokenSilent_LabAuthority_TokenNotRefreshed(String environment
     public void acquireTokenSilent_ForceRefresh(String environment) throws Exception {
         cfg = new Config(environment);
 
-        User user = labUserProvider.getDefaultUser();
+        User user = labUserProvider.getDefaultUser(environment);
 
         PublicClientApplication pca = PublicClientApplication.builder(
                 user.getAppId()).

src/integrationtest/java/com.microsoft.aad.msal4j/ConfidentialClientApplicationUnitT.java

@@ -11,7 +11,6 @@
 import com.nimbusds.jwt.JWTClaimsSet;
 import com.nimbusds.jwt.SignedJWT;
 import com.nimbusds.oauth2.sdk.auth.PrivateKeyJWT;
-import org.apache.commons.lang3.StringUtils;
 import org.easymock.EasyMock;
 import org.powermock.api.easymock.PowerMock;
 import org.powermock.core.classloader.annotations.PowerMockIgnore;
@@ -186,12 +185,14 @@ private ClientAssertion buildShortJwt(String clientId,
         SignedJWT jwt;
         try {
             List<Base64> certs = new ArrayList<>();
-            certs.add(new Base64(credential.publicCertificate()));
+            for (String cert: credential.getEncodedPublicKeyCertificateOrCertificateChain()) {
+                certs.add(new Base64(cert));
+            }
             JWSHeader.Builder builder = new JWSHeader.Builder(JWSAlgorithm.RS256);
             builder.x509CertChain(certs);
             builder.x509CertThumbprint(new Base64URL(credential.publicCertificateHash()));
             jwt = new SignedJWT(builder.build(), claimsSet);
-            final RSASSASigner signer = new RSASSASigner(credential.key());
+            final RSASSASigner signer = new RSASSASigner(credential.privateKey());
             jwt.sign(signer);
         } catch (final Exception e) {
             throw new MsalClientException(e);

src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java

@@ -123,15 +123,6 @@ private void runAutomatedDeviceCodeFlow(DeviceCode deviceCode, User user, String
             } else {
                 SeleniumExtensions.performADLogin(seleniumDriver, user);
             }
-
-            if (environment.equals(AzureEnvironment.AZURE) && !isADFS2019) {
-                //Login flow for azurecloud environment has an extra "Stay signed in?" page after authentication
-                continueBtn = SeleniumExtensions.waitForElementToBeVisibleAndEnable(
-                        seleniumDriver,
-                        new By.ById(continueButtonId));
-                continueBtn.click();
-            }
-
         } catch(Exception e){
             if(!isRunningLocally){
                 SeleniumExtensions.takeScreenShot(seleniumDriver);

src/integrationtest/java/com.microsoft.aad.msal4j/RefreshTokenIT.java

@@ -21,9 +21,9 @@ public class RefreshTokenIT {
 
     private Config cfg;
 
-    private void setUp() throws Exception {
+    private void setUp(String environment) throws Exception {
         LabUserProvider labUserProvider = LabUserProvider.getInstance();
-        User user = labUserProvider.getDefaultUser();
+        User user = labUserProvider.getDefaultUser(environment);
 
         pca = PublicClientApplication.builder(
                 user.getAppId()).
@@ -44,7 +44,7 @@ private void setUp() throws Exception {
     public void acquireTokenWithRefreshToken(String environment) throws Exception{
         cfg = new Config(environment);
 
-        setUp();
+        setUp(environment);
 
         IAuthenticationResult result = pca.acquireToken(RefreshTokenParameters
                 .builder(

src/integrationtest/java/com.microsoft.aad.msal4j/TokenCacheIT.java

@@ -146,7 +146,7 @@ public void twoAccountsInCache_SameUserDifferentTenants_RemoveAccountTest() thro
                 .get();
 
         // There should be two tokens in cache, with same accounts except for tenant
-        Assert.assertEquals(pca2.getAccounts().join().size() , 2);
+        Assert.assertEquals(pca2.getAccounts().join().iterator().next().getTenantProfiles().size() , 2);
 
         IAccount account = pca2.getAccounts().get().iterator().next();
 

src/main/java/com/microsoft/aad/msal4j/AbstractClientApplicationBase.java

@@ -66,6 +66,14 @@ abstract class AbstractClientApplicationBase implements IClientApplicationBase {
     @Getter
     private SSLSocketFactory sslSocketFactory;
 
+    @Accessors(fluent = true)
+    @Getter
+    private Integer connectTimeoutForDefaultHttpClient;
+
+    @Accessors(fluent = true)
+    @Getter
+    private Integer readTimeoutForDefaultHttpClient;
+
     @Accessors(fluent = true)
     @Getter
     protected TokenCache tokenCache;
@@ -284,6 +292,8 @@ abstract static class Builder<T extends Builder<T>> {
         private ITokenCacheAccessAspect tokenCacheAccessAspect;
         private AadInstanceDiscoveryResponse aadInstanceDiscoveryResponse;
         private String clientCapabilities;
+        private Integer connectTimeoutForDefaultHttpClient;
+        private Integer readTimeoutForDefaultHttpClient;
 
         /**
          * Constructor to create instance of Builder of client application
@@ -446,6 +456,34 @@ public T sslSocketFactory(SSLSocketFactory val) {
             return self();
         }
 
+        /**
+         * Sets the connect timeout value used in HttpsURLConnection connections made by {@link DefaultHttpClient},
+         * and is not needed if using a custom HTTP client
+         *
+         * @param val timeout value in milliseconds
+         * @return instance of the Builder on which method was called
+         */
+        public T connectTimeoutForDefaultHttpClient(Integer val) {
+            validateNotNull("connectTimeoutForDefaultHttpClient", val);
+
+            connectTimeoutForDefaultHttpClient = val;
+            return self();
+        }
+
+        /**
+         * Sets the read timeout value used in HttpsURLConnection connections made by {@link DefaultHttpClient},
+         * and is not needed if using a custom HTTP client
+         *
+         * @param val timeout value in milliseconds
+         * @return instance of the Builder on which method was called
+         */
+        public T readTimeoutForDefaultHttpClient(Integer val) {
+            validateNotNull("readTimeoutForDefaultHttpClient", val);
+
+            readTimeoutForDefaultHttpClient = val;
+            return self();
+        }
+
         T telemetryConsumer(Consumer<List<HashMap<String, String>>> val) {
             validateNotNull("telemetryConsumer", val);
 
@@ -549,10 +587,12 @@ public T clientCapabilities(Set<String> capabilities) {
         telemetryConsumer = builder.telemetryConsumer;
         proxy = builder.proxy;
         sslSocketFactory = builder.sslSocketFactory;
+        connectTimeoutForDefaultHttpClient = builder.connectTimeoutForDefaultHttpClient;
+        readTimeoutForDefaultHttpClient = builder.readTimeoutForDefaultHttpClient;
         serviceBundle = new ServiceBundle(
                 builder.executorService,
                 builder.httpClient == null ?
-                        new DefaultHttpClient(builder.proxy, builder.sslSocketFactory) :
+                        new DefaultHttpClient(builder.proxy, builder.sslSocketFactory, builder.connectTimeoutForDefaultHttpClient, builder.readTimeoutForDefaultHttpClient) :
                         builder.httpClient,
                 new TelemetryManager(telemetryConsumer, builder.onlySendFailureTelemetry));
         authenticationAuthority = builder.authenticationAuthority;

src/main/java/com/microsoft/aad/msal4j/Account.java

@@ -7,6 +7,7 @@
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;
+import java.util.Map;
 
 /**
  * Representation of a single user account. If modifying this object, ensure it is compliant with
@@ -23,4 +24,10 @@ class Account implements IAccount {
     String environment;
 
     String username;
+
+    Map<String, ITenantProfile> tenantProfiles;
+
+    public Map<String, ITenantProfile> getTenantProfiles() {
+        return tenantProfiles;
+    }
 }

src/main/java/com/microsoft/aad/msal4j/AccountCacheEntity.java

@@ -10,6 +10,7 @@
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 @Accessors(fluent = true)
 @Getter
@@ -26,7 +27,6 @@ class AccountCacheEntity implements Serializable {
     @JsonProperty("environment")
     protected String environment;
 
-    @EqualsAndHashCode.Exclude
     @JsonProperty("realm")
     protected String realm;
 
@@ -101,6 +101,6 @@ static AccountCacheEntity create(String clientInfoStr, Authority requestAuthorit
     }
 
     IAccount toAccount(){
-        return new Account(homeAccountId, environment, username);
+        return new Account(homeAccountId, environment, username, null);
     }
 }