Release 1.11.0

.gitignore

@@ -24,3 +24,6 @@
 
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
+
+# Lombok
+target/*

README.md

@@ -16,7 +16,7 @@ Quick links:
 The library supports the following Java environments:
 - Java 8 (or higher)
 
-Current version - 1.10.1
+Current version - 1.11.0
 
 You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/master/changelog.txt).
 
@@ -28,13 +28,13 @@ Find [the latest package in the Maven repository](https://mvnrepository.com/arti
 <dependency>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j</artifactId>
-    <version>1.10.1</version>
+    <version>1.11.0</version>
 </dependency>
 ```
 ### Gradle
 
 ```
-compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.10.1'
+compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.11.0'
 ```
 
 ## Usage

changelog.txt

@@ -1,3 +1,8 @@
+Version 1.11.0
+=============
+- Adds ability to override authority in AcquireToken calls
+- Fixes issue where authority port was being dropped from URLs
+
 Version 1.10.1
 =============
 - Improved behavior when using regional authorities

pom.xml

@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.microsoft.azure</groupId>
 	<artifactId>msal4j</artifactId>
-	<version>1.10.1</version>
+	<version>1.11.0</version>
 	<packaging>jar</packaging>
 	<name>msal4j</name>
 	<description>

src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenSilentIT.java

@@ -83,7 +83,7 @@ public void acquireTokenSilent_ForceRefresh(String environment) throws Exception
         assertResultNotNull(resultAfterRefresh);
 
         // Check that new refresh and id tokens are being returned
-        assertResultRefreshed(result, resultAfterRefresh);
+        assertTokensAreNotEqual(result, resultAfterRefresh);
     }
 
     @Test(dataProvider = "environments", dataProviderClass = EnvironmentsProvider.class)
@@ -135,7 +135,7 @@ public void acquireTokenSilent_ADFS2019(String environment) throws Exception{
         IAuthenticationResult resultAfterRefresh = acquireTokenSilently(pca, account, TestConstants.ADFS_SCOPE, true);
         assertResultNotNull(resultAfterRefresh);
 
-        assertResultRefreshed(result, resultAfterRefresh);
+        assertTokensAreNotEqual(result, resultAfterRefresh);
     }
 
     // Commented out due to unclear B2C behavior causing occasional errors
@@ -158,7 +158,7 @@ public void acquireTokenSilent_B2C() throws Exception{
         IAuthenticationResult resultAfterRefresh = acquireTokenSilently(pca, account, TestConstants.B2C_READ_SCOPE, true);
         assertResultNotNull(resultAfterRefresh);
 
-        assertResultRefreshed(result, resultAfterRefresh);
+        assertTokensAreNotEqual(result, resultAfterRefresh);
     }
 
 
@@ -261,7 +261,38 @@ public void acquireTokenSilent_WithRefreshOn(String environment) throws Exceptio
         resultSilentWithRefreshOn = acquireTokenSilently(pca, resultOriginal.account(), cfg.graphDefaultScope(), false);
         //Current time is after refreshOn, so token should be refreshed
         Assert.assertNotNull(resultSilentWithRefreshOn);
-        assertResultRefreshed(resultSilent, resultSilentWithRefreshOn);
+        assertTokensAreNotEqual(resultSilent, resultSilentWithRefreshOn);
+    }
+
+    @Test(dataProvider = "environments", dataProviderClass = EnvironmentsProvider.class)
+    public void acquireTokenSilent_TenantAsParameter(String environment) throws Exception {
+        cfg = new Config(environment);
+
+        User user = labUserProvider.getDefaultUser(environment);
+
+        PublicClientApplication pca = PublicClientApplication.builder(
+                user.getAppId()).
+                authority(cfg.organizationsAuthority()).
+                build();
+
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
+                builder(Collections.singleton(cfg.graphDefaultScope()),
+                        user.getUpn(),
+                        user.getPassword().toCharArray())
+                .build()).get();
+        assertResultNotNull(result);
+
+        IAccount account = pca.getAccounts().join().iterator().next();
+        IAuthenticationResult silentResult = acquireTokenSilently(pca, account, cfg.graphDefaultScope(), false);
+        assertResultNotNull(silentResult);
+        assertTokensAreEqual(result, silentResult);
+
+        IAuthenticationResult resultWithTenantParam = pca.acquireTokenSilently(SilentParameters.
+                builder(Collections.singleton(cfg.graphDefaultScope()), account).
+                    tenant(cfg.tenant()).
+                build()).get();
+        assertResultNotNull(resultWithTenantParam);
+        assertTokensAreNotEqual(result, resultWithTenantParam);
     }
 
     private IConfidentialClientApplication getConfidentialClientApplications() throws Exception{
@@ -335,13 +366,13 @@ private void assertResultNotNull(IAuthenticationResult result) {
         Assert.assertNotNull(result.idToken());
     }
 
-    private void assertResultRefreshed(IAuthenticationResult result, IAuthenticationResult resultAfterRefresh) {
-        Assert.assertNotEquals(result.accessToken(), resultAfterRefresh.accessToken());
-        Assert.assertNotEquals(result.idToken(), resultAfterRefresh.idToken());
+    private void assertTokensAreNotEqual(IAuthenticationResult result, IAuthenticationResult secondResult) {
+        Assert.assertNotEquals(result.accessToken(), secondResult.accessToken());
+        Assert.assertNotEquals(result.idToken(), secondResult.idToken());
     }
 
-    private void assertTokensAreEqual(IAuthenticationResult result, IAuthenticationResult resultAfterRefresh) {
-        Assert.assertEquals(result.accessToken(), resultAfterRefresh.accessToken());
-        Assert.assertEquals(result.idToken(), resultAfterRefresh.idToken());
+    private void assertTokensAreEqual(IAuthenticationResult result, IAuthenticationResult secondResult) {
+        Assert.assertEquals(result.accessToken(), secondResult.accessToken());
+        Assert.assertEquals(result.idToken(), secondResult.idToken());
     }
 }

src/integrationtest/java/com.microsoft.aad.msal4j/ApacheHttpClientAdapter.java

@@ -22,7 +22,7 @@
 
 class ApacheHttpClientAdapter implements IHttpClient {
 
-    private CloseableHttpClient httpClient;
+    private final CloseableHttpClient httpClient;
 
     ApacheHttpClientAdapter(){
         this.httpClient = HttpClients.createDefault();

src/integrationtest/java/com.microsoft.aad.msal4j/Config.java

@@ -15,6 +15,7 @@ public class Config {
     private String tenantSpecificAuthority;
     private String graphDefaultScope;
     AppCredentialProvider appProvider;
+    private String tenant;
 
     String azureEnvironment;
 
@@ -27,12 +28,14 @@ public class Config {
                 tenantSpecificAuthority = TestConstants.TENANT_SPECIFIC_AUTHORITY;
                 graphDefaultScope = TestConstants.GRAPH_DEFAULT_SCOPE;
                 appProvider = new AppCredentialProvider(azureEnvironment);
+                tenant = TestConstants.MICROSOFT_AUTHORITY_TENANT;
                 break;
             case AzureEnvironment.AZURE_US_GOVERNMENT :
                 organizationsAuthority = TestConstants.ARLINGTON_ORGANIZATIONS_AUTHORITY;
                 tenantSpecificAuthority = TestConstants.ARLINGTON_TENANT_SPECIFIC_AUTHORITY;
                 graphDefaultScope = TestConstants.ARLINGTON_GRAPH_DEFAULT_SCOPE;
                 appProvider = new AppCredentialProvider(azureEnvironment);
+                tenant = TestConstants.ARLINGTON_AUTHORITY_TENANT;
                 break;
             default:
                 throw new UnsupportedOperationException("Azure Environment - " + azureEnvironment + " unsupported");

src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java

@@ -26,8 +26,6 @@ public class DeviceCodeIT {
     private LabUserProvider labUserProvider;
     private WebDriver seleniumDriver;
 
-    private Config cfg;
-
     @BeforeClass
     public void setUp(){
         labUserProvider = LabUserProvider.getInstance();
@@ -36,7 +34,7 @@ public void setUp(){
 
     @Test(dataProvider = "environments", dataProviderClass = EnvironmentsProvider.class)
     public void DeviceCodeFlowADTest(String environment) throws Exception {
-        cfg = new Config(environment);
+        Config cfg = new Config(environment);
 
         User user = labUserProvider.getDefaultUser(cfg.azureEnvironment);
 
@@ -56,7 +54,7 @@ public void DeviceCodeFlowADTest(String environment) throws Exception {
                 .get();
 
         Assert.assertNotNull(result);
-        Assert.assertTrue(!Strings.isNullOrEmpty(result.accessToken()));
+        Assert.assertFalse(Strings.isNullOrEmpty(result.accessToken()));
     }
 
     @Test(dataProvider = "environments", dataProviderClass = EnvironmentsProvider.class)

src/integrationtest/java/com.microsoft.aad.msal4j/HttpClientIT.java

@@ -4,7 +4,6 @@
 package com.microsoft.aad.msal4j;
 
 import labapi.LabUserProvider;
-import labapi.AzureEnvironment;
 import labapi.User;
 import org.testng.Assert;
 import org.testng.annotations.BeforeClass;

src/integrationtest/java/com.microsoft.aad.msal4j/OAuthRequestValidationUnitT.java

@@ -31,11 +31,11 @@ public void oAuthRequest_for_acquireTokenByClientCertificate() throws Exception
         }
 
         Map<String, String> queryParams = splitQuery(query);
-        Assert.assertEquals(7, queryParams.size());
+        Assert.assertEquals(queryParams.size(), 7);
 
         // validate Authorization Grants query params
-        Assert.assertEquals(GRANT_TYPE_JWT, queryParams.get("grant_type"));
-        Assert.assertEquals(JWT, queryParams.get("assertion"));
+        Assert.assertEquals(queryParams.get("grant_type"), GRANT_TYPE_JWT);
+        Assert.assertEquals(queryParams.get("assertion"), JWT);
 
         // validate Client Authentication query params
         Assert.assertFalse(StringUtils.isEmpty(queryParams.get("client_assertion")));
@@ -51,10 +51,10 @@ public void oAuthRequest_for_acquireTokenByClientCertificate() throws Exception
         Assert.assertTrue(scopes.contains(AbstractMsalAuthorizationGrant.SCOPE_PROFILE));
         Assert.assertTrue(scopes.contains(AbstractMsalAuthorizationGrant.SCOPE_OFFLINE_ACCESS));
 
-        Assert.assertEquals(CLIENT_ASSERTION_TYPE_JWT, queryParams.get("client_assertion_type"));
-        Assert.assertEquals(ON_BEHALF_OF_USE_JWT, queryParams.get("requested_token_use"));
+        Assert.assertEquals(queryParams.get("client_assertion_type"), CLIENT_ASSERTION_TYPE_JWT);
+        Assert.assertEquals(queryParams.get("requested_token_use"), ON_BEHALF_OF_USE_JWT);
 
-        Assert.assertEquals(CLIENT_INFO_VALUE, queryParams.get("client_info"));
+        Assert.assertEquals(queryParams.get("client_info"), CLIENT_INFO_VALUE);
     }
 
     @Test
@@ -83,18 +83,18 @@ public void oAuthRequest_for_acquireTokenByClientAssertion() throws Exception {
 
         Map<String, String> queryParams = splitQuery(query);
 
-        Assert.assertEquals(5, queryParams.size());
+        Assert.assertEquals(queryParams.size(), 5);
 
         // validate Authorization Grants query params
-        Assert.assertEquals(CLIENT_CREDENTIALS_GRANT_TYPE, queryParams.get("grant_type"));
+        Assert.assertEquals(queryParams.get("grant_type"), CLIENT_CREDENTIALS_GRANT_TYPE);
 
         // validate Client Authentication query params
         Assert.assertTrue(StringUtils.isNotEmpty(queryParams.get("client_assertion")));
-        Assert.assertEquals(CLIENT_ASSERTION_TYPE_JWT, queryParams.get("client_assertion_type"));
+        Assert.assertEquals(queryParams.get("client_assertion_type"), CLIENT_ASSERTION_TYPE_JWT);
 
         // to do validate scopes
-        Assert.assertEquals("https://SomeResource.azure.net openid profile offline_access", queryParams.get("scope"));
+        Assert.assertEquals(queryParams.get("scope"), "https://SomeResource.azure.net openid profile offline_access");
 
-        Assert.assertEquals(CLIENT_INFO_VALUE, queryParams.get("client_info"));
+        Assert.assertEquals(queryParams.get("client_info"), CLIENT_INFO_VALUE);
     }
 }

src/integrationtest/java/com.microsoft.aad.msal4j/OkHttpClientAdapter.java

@@ -15,7 +15,7 @@
 
 class OkHttpClientAdapter implements IHttpClient{
 
-    private OkHttpClient client;
+    private final OkHttpClient client;
 
     OkHttpClientAdapter(){
         this.client = new OkHttpClient();

src/integrationtest/java/com.microsoft.aad.msal4j/RefreshTokenIT.java

@@ -4,10 +4,8 @@
 package com.microsoft.aad.msal4j;
 
 import labapi.LabUserProvider;
-import labapi.AzureEnvironment;
 import labapi.User;
 import org.testng.Assert;
-import org.testng.annotations.BeforeTest;
 import org.testng.annotations.Test;
 
 import java.util.Collections;

src/integrationtest/java/com.microsoft.aad.msal4j/TestConstants.java

@@ -17,16 +17,20 @@ public class TestConstants {
     public final static String B2C_CONFIDENTIAL_CLIENT_LAB_APP_ID = "MSIDLABB2C-MSAapp-AppID";
 
     public final static String MICROSOFT_AUTHORITY_HOST = "https://login.microsoftonline.com/";
+    public final static String MICROSOFT_AUTHORITY_HOST_WITH_PORT = "https://login.microsoftonline.com:443/";
     public final static String ARLINGTON_MICROSOFT_AUTHORITY_HOST = "https://login.microsoftonline.us/";
+    public final static String MICROSOFT_AUTHORITY_TENANT = "msidlab4.onmicrosoft.com";
+    public final static String ARLINGTON_AUTHORITY_TENANT = "arlmsidlab1.onmicrosoft.us";
 
     public final static String ORGANIZATIONS_AUTHORITY = MICROSOFT_AUTHORITY_HOST + "organizations/";
     public final static String COMMON_AUTHORITY = MICROSOFT_AUTHORITY_HOST + "common/";
+    public final static String COMMON_AUTHORITY_WITH_PORT = MICROSOFT_AUTHORITY_HOST_WITH_PORT + "msidlab4.onmicrosoft.com";
     public final static String MICROSOFT_AUTHORITY = MICROSOFT_AUTHORITY_HOST + "microsoft.onmicrosoft.com";
-    public final static String TENANT_SPECIFIC_AUTHORITY = MICROSOFT_AUTHORITY_HOST + "msidlab4.onmicrosoft.com";
+    public final static String TENANT_SPECIFIC_AUTHORITY = MICROSOFT_AUTHORITY_HOST + MICROSOFT_AUTHORITY_TENANT;
 
     public final static String ARLINGTON_ORGANIZATIONS_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + "organizations/";
     public final static String ARLINGTON_COMMON_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + "common/";
-    public final static String ARLINGTON_TENANT_SPECIFIC_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + "arlmsidlab1.onmicrosoft.us";
+    public final static String ARLINGTON_TENANT_SPECIFIC_AUTHORITY = ARLINGTON_MICROSOFT_AUTHORITY_HOST + ARLINGTON_AUTHORITY_TENANT;
     public final static String ARLINGTON_GRAPH_DEFAULT_SCOPE = "https://graph.microsoft.us/.default";
 
 
@@ -48,11 +52,11 @@ public class TestConstants {
     public final static String ADFS_APP_ID = "PublicClientId";
 
     public final static String CLAIMS = "{\"id_token\":{\"auth_time\":{\"essential\":true}}}";
-    public final static Set<String> CLIENT_CAPABILITIES_EMPTY = new HashSet<String>(Collections.emptySet());
-    public final static Set<String> CLIENT_CAPABILITIES_LLT = new HashSet<String>(Collections.singletonList("llt"));
+    public final static Set<String> CLIENT_CAPABILITIES_EMPTY = new HashSet<>(Collections.emptySet());
+    public final static Set<String> CLIENT_CAPABILITIES_LLT = new HashSet<>(Collections.singletonList("llt"));
 
     // cross cloud b2b settings
-    public final static String AUTHORITY_ARLINGTON = "https://login.microsoftonline.us/arlmsidlab1.onmicrosoft.us";
+    public final static String AUTHORITY_ARLINGTON = "https://login.microsoftonline.us/" + ARLINGTON_AUTHORITY_TENANT;
     public final static String AUTHORITY_MOONCAKE = "https://login.chinacloudapi.cn/mncmsidlab1.partner.onmschina.cn";
-    public final static String AUTHORITY_PUBLIC_TENANT_SPECIFIC = "https://login.microsoftonline.com/msidlab4.onmicrosoft.com";
+    public final static String AUTHORITY_PUBLIC_TENANT_SPECIFIC = "https://login.microsoftonline.com/" + MICROSOFT_AUTHORITY_TENANT;
 }

src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java

@@ -97,6 +97,17 @@ public void acquireTokenWithUsernamePassword_ADFSv2(String environment) throws E
         assertAcquireTokenCommonAAD(user);
     }
 
+    @Test
+    public void acquireTokenWithUsernamePassword_AuthorityWithPort() throws Exception {
+        User user = labUserProvider.getDefaultUser();
+
+        assertAcquireTokenCommon(
+                user,
+                TestConstants.COMMON_AUTHORITY_WITH_PORT,
+                TestConstants.GRAPH_DEFAULT_SCOPE,
+                user.getAppId());
+    }
+
     private void assertAcquireTokenCommonADFS(User user) throws Exception {
         assertAcquireTokenCommon(user, TestConstants.ADFS_AUTHORITY, TestConstants.ADFS_SCOPE,
                 TestConstants.ADFS_APP_ID);

src/integrationtest/java/labapi/KeyVaultSecretsProvider.java

@@ -16,14 +16,14 @@
 
 public class KeyVaultSecretsProvider {
 
-    private KeyVaultClient keyVaultClient;
-    private static String CLIENT_ID = "55e7e5af-ca53-482d-9aa3-5cb1cc8eecb5";
+    private final KeyVaultClient keyVaultClient;
+    private static final String CLIENT_ID = "55e7e5af-ca53-482d-9aa3-5cb1cc8eecb5";
     public static String CERTIFICATE_ALIAS = "MsalJavaAutomationRunner";
 
-    private static String WIN_KEYSTORE = "Windows-MY";
-    private static String KEYSTORE_PROVIDER = "SunMSCAPI";
+    private static final String WIN_KEYSTORE = "Windows-MY";
+    private static final String KEYSTORE_PROVIDER = "SunMSCAPI";
 
-    private static String MAC_KEYSTORE = "KeychainStore";
+    private static final String MAC_KEYSTORE = "KeychainStore";
 
     KeyVaultSecretsProvider(){
         keyVaultClient = getAuthenticatedKeyVaultClient();