AzureAD · sangonzal · May 29, 2019 · May 9, 2019 · May 20, 2019 · May 20, 2019
diff --git a/README.md b/README.md
@@ -1,9 +1,46 @@
 # Microsoft Authentication Library (MSAL) for Java
 
+`master` branch    | `dev` branch    | Reference Docs
+--------------------|-----------------|---------------
+[![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=master)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762) | [![Build status](https://identitydivision.visualstudio.com/IDDP/_apis/build/status/CI/Java/MSAL%20Java%20CI%20Build?branchName=dev)](https://identitydivision.visualstudio.com/IDDP/_build/latest?definitionId=762)| [![Javadocs](http://javadoc.io/badge/com.microsoft.azure/adal4j.svg)](http://javadoc.io/doc/com.microsoft.azure/adal4j)
+
+|[Getting Started](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki)| [Docs](https://aka.ms/aaddev)| [Support](README.md#community-help-and-support)
+| --- | --- | --- | 
+
 The MSAL library for Java gives your app the ability to begin using the Microsoft Cloud by supporting Microsoft Azure Active Directory and Microsoft Accounts in a converged experience using industry standard OAuth2 and OpenID Connect.
 
+
+## Versions
+Current version - 0.3.0-preview
+
+You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/master/changelog.txt).
+
 The library is currently in preview. During the preview we reserve the right to make changes to the API, cache format, and other mechanisms of this library without notice which you will be required to take along with bug fixes or feature improvements
 ## Contribution
+
 This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
 When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
 This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
+
+
+## Build and Run
+
+Refer [this page](https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki/Maven)
+
+## Samples and Documentation
+
+We provide a [full suite of sample applications](https://github.com/Azure-Samples) and [documentation](https://aka.ms/aaddev) to help you get started with learning the Azure Identity system. This includes tutorials for native clients such as Windows, Windows Phone, iOS, macOS, Android, and Linux. We also provide full walkthroughs for authentication flows such as OAuth2, OpenID Connect, Graph API, and other awesome features.
+
+## Community Help and Support
+
+We leverage [Stack Overflow](http://stackoverflow.com/) to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browser existing issues to see if someone has had your question before.
+
+We recommend you use the "msal" tag so we can see it! Here is the latest Q&A on Stack Overflow for MSAL: [http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal)
+
+## Security Reporting
+
+If you find a security issue with our libraries or services please report it to [[email protected]](mailto:[email protected]) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://technet.microsoft.com/en-us/security/dd252948) and subscribing to Security Advisory Alerts.
+
+## We Value and Adhere to the Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
diff --git a/changelog.txt b/changelog.txt
@@ -1,3 +1,9 @@
+Version 0.3.0-preview
+=============
+- Added support for FOCI
+- Updated public API to return interfaces
+- Updated cache to be compatible with MSAL Python and MSAL.NET caches
+
 Version 0.2.0-preview
 =============
 - Added support for B2C

diff --git a/pom.xml b/pom.xml
@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.microsoft.azure</groupId>
 	<artifactId>msal4j</artifactId>
-	<version>0.2.0-preview</version>
+	<version>0.3.0-preview</version>
 	<packaging>jar</packaging>
 	<name>msal4j</name>
 	<description>
@@ -155,6 +155,24 @@
 
 	<build>
 		<plugins>
+			<plugin>
+				<groupId>org.projectlombok</groupId>
+				<artifactId>lombok-maven-plugin</artifactId>
+				<version>1.18.2.0</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>delombok</goal>
+						</goals>
+					</execution>
+				</executions>
+				<configuration>
+					<sourceDirectory>src/main/java</sourceDirectory>
+					<outputDirectory>${project.build.directory}/delombok</outputDirectory>
+					<addOutputDirectory>false</addOutputDirectory>
+				</configuration>
+			</plugin>
+
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-jar-plugin</artifactId>
@@ -176,10 +194,14 @@
 					<argLine>-noverify</argLine>
 				</configuration>
 			</plugin>
+
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-javadoc-plugin</artifactId>
-				<version>2.9.1</version>
+				<version>3.1.0</version>
+				<configuration>
+					<sourcepath>${project.build.directory}/delombok</sourcepath>
+				</configuration>
 				<executions>
 					<execution>
 						<id>attach-javadocs</id>
@@ -224,6 +246,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
+				<version>3.7.0</version>
                 <configuration>
                     <source>8</source>
                     <target>8</target>

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java
@@ -220,33 +220,31 @@ public void acquireTokenWithAuthorizationCode_B2C_Google(){
 
     private void assertAcquireTokenAAD(LabResponse labResponse){
         String authCode = acquireAuthorizationCodeAutomated(labResponse, AuthorityType.AAD);
-        AuthenticationResult result = acquireTokenInteractiveAAD(labResponse, authCode);
+        IAuthenticationResult result = acquireTokenInteractiveAAD(labResponse, authCode);
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
     }
 
     private void assertAcquireTokenB2C(LabResponse labResponse){
         String authCode = acquireAuthorizationCodeAutomated(labResponse, AuthorityType.B2C);
-        AuthenticationResult result = acquireTokenInteractiveB2C(labResponse, authCode);
+        IAuthenticationResult result = acquireTokenInteractiveB2C(labResponse, authCode);
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
     }
 
-    private AuthenticationResult acquireTokenInteractiveAAD(
+    private IAuthenticationResult acquireTokenInteractiveAAD(
             LabResponse labResponse,
             String authCode){
 
-        AuthenticationResult result;
+        IAuthenticationResult result;
         try {
             PublicClientApplication pca = PublicClientApplication.builder(
                     labResponse.getAppId()).
@@ -267,9 +265,9 @@ private AuthenticationResult acquireTokenInteractiveAAD(
         return result;
     }
 
-    private AuthenticationResult acquireTokenInteractiveB2C(LabResponse labResponse,
+    private IAuthenticationResult acquireTokenInteractiveB2C(LabResponse labResponse,
                                                             String authCode) {
-        AuthenticationResult result;
+        IAuthenticationResult result;
         try{
             IClientCredential credential = ClientCredentialFactory.create("=]Y)_A7LX`]6\"]_PoD!)Lo24");
             ConfidentialClientApplication cca = ConfidentialClientApplication.builder(

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/ClientCredentialsIT.java
@@ -65,14 +65,13 @@ private void assertAcquireTokenCommon(String clientId, IClientCredential credent
                 authority(TestConstants.AUTHORITY_MICROSOFT).
                 build();
 
-        AuthenticationResult result = cca.acquireToken(ClientCredentialParameters
+        IAuthenticationResult result = cca.acquireToken(ClientCredentialParameters
                 .builder(Collections.singleton(KEYVAULT_DEFAULT_SCOPE))
                 .build())
                 .get();
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNull(result.refreshToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
     }

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/DeviceCodeIT.java
@@ -72,7 +72,7 @@ public void DeviceCodeFlowTest() throws Exception {
         };
 
 
-        AuthenticationResult result = pca.acquireToken(DeviceCodeFlowParameters
+        IAuthenticationResult result = pca.acquireToken(DeviceCodeFlowParameters
                 .builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                         deviceCodeConsumer)
                 .build())

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/NationalCloudIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/NationalCloudIT.java
@@ -66,7 +66,7 @@ private void assertAcquireTokenCommon(NationalCloud cloud) throws Exception{
                 authority(TestConstants.AUTHORITY_ORGANIZATIONS).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(UserNamePasswordParameters
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters
                         .builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                                 labResponse.getUser().getUpn(),
                                 password.toCharArray())
@@ -75,7 +75,6 @@ private void assertAcquireTokenCommon(NationalCloud cloud) throws Exception{
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/OnBehalfOfIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/OnBehalfOfIT.java
@@ -32,7 +32,7 @@ public void setUp() throws Exception{
                 authority(msidlab4Authority).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(
+        IAuthenticationResult result = pca.acquireToken(
                 UserNamePasswordParameters.builder(Collections.singleton(apiReadScope),
                         labResponse.getUser().getUpn(),
                         labResponse.getUser().getPassword().toCharArray()).build()).get();
@@ -51,15 +51,14 @@ public void acquireTokenWithOBO_Managed() throws Exception {
                         authority(msidlab4Authority).
                         build();
 
-        AuthenticationResult result =
+        IAuthenticationResult result =
                 cca.acquireToken(OnBehalfOfParameters.builder(
                         Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                         new UserAssertion(accessToken)).build()).
                         get();
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/RefreshTokenIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/RefreshTokenIT.java
@@ -50,7 +50,7 @@ public void setUp() throws Exception {
                 authority(TestConstants.AUTHORITY_ORGANIZATIONS).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(UserNamePasswordParameters
+        AuthenticationResult result = (AuthenticationResult)pca.acquireToken(UserNamePasswordParameters
                         .builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                                 labResponse.getUser().getUpn(),
                                 password.toCharArray())
@@ -63,7 +63,7 @@ public void setUp() throws Exception {
     @Test
     public void acquireTokenWithRefreshToken() throws Exception{
 
-        AuthenticationResult result = pca.acquireToken(RefreshTokenParameters
+        IAuthenticationResult result = pca.acquireToken(RefreshTokenParameters
                 .builder(
                         Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                         refreshToken)
@@ -72,13 +72,12 @@ public void acquireTokenWithRefreshToken() throws Exception{
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
     }
 
     @Test(expectedExceptions = ExecutionException.class)
     public void acquireTokenWithRefreshToken_WrongScopes() throws Exception{
-        AuthenticationResult result = pca.acquireToken(RefreshTokenParameters
+        IAuthenticationResult result = pca.acquireToken(RefreshTokenParameters
                 .builder(
                         Collections.singleton(TestConstants.KEYVAULT_DEFAULT_SCOPE),
                         refreshToken)

diff --git a/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java b/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java
@@ -100,7 +100,7 @@ public void assertAcquireTokenCommon(LabResponse labResponse, String password)
                 authority(TestConstants.AUTHORITY_ORGANIZATIONS).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
                 builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
                         labResponse.getUser().getUpn(),
                         password.toCharArray())
@@ -109,7 +109,6 @@ public void assertAcquireTokenCommon(LabResponse labResponse, String password)
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         Assert.assertNotNull(result.idToken());
         // TODO AuthenticationResult should have an getAccountInfo API
         // Assert.assertEquals(labResponse.getUser().getUpn(), result.getAccountInfo().getUsername());
@@ -129,7 +128,7 @@ public void acquireTokenWithUsernamePassword_B2C_CustomAuthority() throws Except
                 b2cAuthority(TestConstants.B2C_AUTHORITY_ROPC).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
                 builder(Collections.singleton(TestConstants.B2C_READ_SCOPE),
                         labResponse.getUser().getUpn(),
                         password.toCharArray())
@@ -138,7 +137,6 @@ public void acquireTokenWithUsernamePassword_B2C_CustomAuthority() throws Except
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         // TODO uncomment once service fixes this for ROPC flow
         // Assert.assertNotNull(result.idToken());
     }
@@ -157,7 +155,7 @@ public void acquireTokenWithUsernamePassword_B2C_LoginMicrosoftOnline() throws E
                 b2cAuthority(TestConstants.B2C_MICROSOFTLOGIN_ROPC).
                 build();
 
-        AuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
                 builder(Collections.singleton(TestConstants.B2C_READ_SCOPE),
                         labResponse.getUser().getUpn(),
                         password.toCharArray())
@@ -166,7 +164,6 @@ public void acquireTokenWithUsernamePassword_B2C_LoginMicrosoftOnline() throws E
 
         Assert.assertNotNull(result);
         Assert.assertNotNull(result.accessToken());
-        Assert.assertNotNull(result.refreshToken());
         // TODO uncomment once service fixes this for ROPC flow
         // Assert.assertNotNull(result.idToken());
     }

diff --git a/src/integrationtest/java/labapi/KeyVaultSecretsProvider.java b/src/integrationtest/java/labapi/KeyVaultSecretsProvider.java
@@ -63,7 +63,7 @@ public String doAuthenticate(String authorization, String resource, String scope
     }
 
     private String requestAccessTokenForAutomation() {
-        AuthenticationResult result;
+        IAuthenticationResult result;
         try{
             ConfidentialClientApplication cca = ConfidentialClientApplication.builder(
                     CLIENT_ID, getClientCredentialFromKeyStore()).

diff --git a/src/main/java/com/microsoft/aad/msal4j/AccessTokenCacheEntity.java b/src/main/java/com/microsoft/aad/msal4j/AccessTokenCacheEntity.java
@@ -37,7 +37,7 @@
 class AccessTokenCacheEntity extends Credential {
 
     @SerializedName("credential_type")
-    private String credentialType = "AccessToken";
+    private String credentialType;
 
     @SerializedName("realm")
     protected String realm;