Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support a new API Path for Account Transfer V2 in Broker #2375

Open
wants to merge 40 commits into
base: dev
Choose a base branch
from
Open

Support a new API Path for Account Transfer V2 in Broker #2375

wants to merge 40 commits into from

Conversation

fadidurah
Copy link
Contributor

@fadidurah fadidurah commented Apr 9, 2024
edited

In this PR, i'm adding a new API Path for Account Transfer V2 rather than adding the functionality through Account Chooser activity and Acquire Token. This will make it easier to track the code path for ATv2.

Changes:

  • Added acquireTokenForAccountTransfer in BrokerMsalController, along with metho to get intent for ATv2. This method is defined in BaseController, although it throws an exception in BaseController, and is only implemented in BrokerMsalController
  • Added AccountTransferTokenCommandParameters to store transfer token
  • Added various fields in AuthenticationConstants to support new API
  • New field in BrokerRequest for mAccountTransferToken

Broker PR to support these changes: https://github.com/AzureAD/ad-accounts-for-android/pull/2768

Consumers check (expecting broker to fail): https://identitydivision.visualstudio.com/Engineering/_build/results?buildId=1298934&view=results

@fadidurah
add parameter to show if request is ATv2
a8cd886
@fadidurah
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
1e2d432 
…tion-library-common-for-android into fadi/ATv2-parameter
@fadidurah
changelog
e939efa
@fadidurah
draft changes for new api for ATv2
0b0b0f1
@fadidurah
add back methodname
1b4d2a5
@fadidurah
adjust def
e2dc7ce
@fadidurah
revert some changes
10366ec
@fadidurah
explicit parameter creation
9075f9e
@fadidurah
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
89a5317 
…tion-library-common-for-android into fadi/ATv2-API
@fadidurah
fix pmd
9399008
@fadidurah
add check for slk
2ceaa9c
@fadidurah
return method tag
243660c
@fadidurah
return getBrokerAuthorizationIntent
262d3a8
@fadidurah
Merge branch 'dev' of https://github.com/AzureAD/microsoft-authentica…
6eb8aba 
…tion-library-common-for-android into fadi/ATv2-API
@fadidurah
comment
049096a
@fadidurah
add error for missing slk
5c414cb
@fadidurah fadidurah changed the base branch from dev to fadi/ATv2-parameter April 9, 2024 17:17
@fadidurah fadidurah changed the base branch from fadi/ATv2-parameter to dev April 9, 2024 17:18
@fadidurah fadidurah changed the title Fadi/a tv2 api Support a new API Path for Account Transfer V2 in Broker Apr 10, 2024
@fadidurah fadidurah marked this pull request as ready for review April 10, 2024 04:53
@fadidurah fadidurah requested a review from a team as a code owner April 10, 2024 04:53
fadidurah
fadidurah commented Apr 10, 2024
View reviewed changes
common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java
@@ -1599,6 +1600,12 @@ public String getMsalVersion(){
*/
public static final String MSAL_ACQUIRE_TOKEN_INTERACTIVE_PATH = "/acquireTokenInteractive";

/**
* URI Path constant for MSAL-to-Broker acquireTokenInteractive (for ATv2) request using ContentProvider.
* TODO: Not really sure how this works, this seems right
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ping

@fadidurah fadidurah added the Skip-Consumers-Check Only include this if making a breaking change purposefully, and there is an MSAL/ADAL/Broker PR label Apr 24, 2024
mohitc1
mohitc1 approved these changes Apr 26, 2024
View reviewed changes
Copy link
Contributor

@mohitc1 mohitc1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved with suggestions

@fadidurah fadidurah removed the Skip-Consumers-Check Only include this if making a breaking change purposefully, and there is an MSAL/ADAL/Broker PR label May 14, 2024
@fadidurah fadidurah added the Skip-Consumers-Check Only include this if making a breaking change purposefully, and there is an MSAL/ADAL/Broker PR label May 14, 2024
rpdome
rpdome reviewed May 23, 2024
View reviewed changes
common/src/main/aidl/com/microsoft/identity/client/IMicrosoftAuthService.aidl
@@ -38,6 +38,8 @@ interface IMicrosoftAuthService {

Intent getIntentForInteractiveRequest();

Intent getIntentForAccountTransferInteractiveRequest();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

add it at the bottom.

there might be some weird side effects if the order of aidl on broker and MSAL/OneAuth side mismatches.

common/src/main/java/com/microsoft/identity/common/internal/broker/MicrosoftAuthClient.java
final Intent accountTransferIntent = microsoftAuthService.getIntentForAccountTransferInteractiveRequest();
final Bundle accountTransferBundle = accountTransferIntent.getExtras();

//older brokers (pre-ContentProvider) are ONLY sending these values in the intent itself.
Copy link
Member

@rpdome rpdome May 23, 2024
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this msg could be confusing - since this operation is just added (it's not pre-ContentProvider)

you actually can just expose
GetBundleForAccountTransferInteractiveRequestMsalBrokerOperation
on the Broker side, and return the resulted bundle as is.

The code will be cleaner on the Broker side, and you wouldn't need to do extra conversion here.

...n/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java
@Override
public void performPrerequisites(final @NonNull IIpcStrategy strategy) throws BaseException {
verifyTokenParametersAreSupported(parameters);
negotiatedBrokerProtocolVersion = hello(strategy, parameters.getRequiredBrokerProtocolVersion());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if the negotiatedBrokerProtocolVersion is lower than the new version you just added, it means the broker does NOT support this operation.

In that case, you might want to fail the request early. (no need to make the request to the broker because it'll just throw "not supported" back)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rpdome rpdome rpdome left review comments

@shahzaibj shahzaibj shahzaibj left review comments

@mohitc1 mohitc1 mohitc1 approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
Skip-Consumers-Check Only include this if making a breaking change purposefully, and there is an MSAL/ADAL/Broker PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@fadidurah @rpdome @mohitc1 @shahzaibj