Broker fixes and feedback (#733)

* Delete codeql.yml * Test framework update (#672) * Initial working tests * Remove CIAM extra query parameter * Fix failing tests * Remove duplicate unit tests * Remove duplicate unit tests * Update tests with mocking to use Mockito * Remove testng and powermock, add junit and mockito * Remove AbstractMsalTests and PowerMockTestCase * Fix mistaken null check * Properly scope dependency * Update CIAM tests (#673) * Bump guava from 31.1-jre to 32.0.0-jre in /msal4j-sdk (#671) Bumps [guava](https://github.com/google/guava) from 31.1-jre to 32.0.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:development ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Avery-Dunn <avdunn@microsoft.com> * Delete contributing.md (#667) Co-authored-by: Avery-Dunn <avdunn@microsoft.com> * Create Contributing.md (#668) Co-authored-by: Avery-Dunn <avdunn@microsoft.com> * Version changes for 1.13.9 (#674) * Add space between command and arguments when executing linux command to open browser. Refs #682 (#683) Co-authored-by: Ric Emery <remery@denmartech.com> * Assorted fixes (#684) * Remove default timeouts and improve exception messages * Fix NPE for on-prem ADFS scenario * Log MSAL message but re-throw exception * Update vulnerable test dependency * Issue-679: Fix for Account Cache; .contains() was not possible and you had to iterate through all elements as workaround. (#681) * Version changes for 1.13.10 (#685) * Move changelog * Move changelog to root * Update issue templates (#707) * Re-add lombok source line (#705) * Version changes for release 1.13.11 (#714) * Update bug report * Delete .github/ISSUE_TEMPLATE/bug_report.md * Update bug_report.yaml * Create FeatureRequest.yaml * Update FeatureRequest.yaml * Set default throttling time to 5 sec (#721) Co-authored-by: Kulyakhtin, Alexander (Ext) <alexander.kulyakhtin_ext@novartis.com> * Ensure correlation ID is never null * Rename MsalRuntimeBroker and add builder pattern for better API consistency --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Bogdan Gavril <bogavril@microsoft.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ric Emery <ric.emery@gmail.com> Co-authored-by: Ric Emery <remery@denmartech.com> Co-authored-by: Maximilian Pfeffer <admin@maxpfeffer.de> Co-authored-by: akulyakhtin <akulyakhtin@gmail.com> Co-authored-by: Kulyakhtin, Alexander (Ext) <alexander.kulyakhtin_ext@novartis.com>
AzureAD · Oct 20, 2023 · d627b7a · d627b7a
1 parent f638f61
commit d627b7a
Show file tree

Hide file tree

Showing 73 changed files with 1,660 additions and 3,055 deletions.
diff --git a/.github/ISSUE_TEMPLATE/FeatureRequest.yaml b/.github/ISSUE_TEMPLATE/FeatureRequest.yaml
@@ -0,0 +1,48 @@
+name: Feature request
+description: Suggest a new feature for MSAL Java
+labels: ["feature request", "untriaged", "needs attention"]
+title : '[Feature Request]     '
+body:
+- type: markdown
+  attributes:
+    value: |
+      ## Before submitting your feature request
+      Please make sure that your question or issue is not already covered in [MSAL documentation](https://learn.microsoft.com/entra/msal/java/) or [samples](https://learn.microsoft.com/azure/active-directory/develop/sample-v2-code?tabs=apptype).
+      
+- type: markdown
+  attributes:
+    value: |
+      ## Feature request for MSAL Java
+      
+- type: dropdown
+  attributes:
+    label: MSAL client type
+    description: Are you using PublicClientApplication (desktop / CLI apps), ConfidentialClientApplication (web apps, web APIs, service-to-service) or ManagedIdentityApplication?
+    multiple: true
+    options: 
+      - "Public"
+      - "Confidential"
+      - "Managed identity"
+  validations:
+    required: true
+
+- type: textarea
+  attributes:
+    label: Problem Statement
+    description: "Describe the problem or context for this feature request."
+  validations: 
+    required: true
+
+- type: textarea
+  attributes:
+    label: Proposed solution
+    description: "Describe the solution you'd like."
+  validations: 
+    required: false
+
+- type: textarea
+  attributes:
+    label: Alternatives
+    description: "Describe alternatives you've considered."
+  validations: 
+    required: false
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml
@@ -0,0 +1,115 @@
+name: Bug report
+description: Broken or unintended behavior with MSAL4J library
+title: '[Bug] '
+labels: ["untriaged", "needs attention"]
+body:
+- type: markdown
+  attributes:
+    value: |
+      ## Before submitting your issue
+      Please make sure that your question or issue is not already covered in existing issues
+
+      **Logs and network traces**
+      Without logs or traces, it is unlikely that the team can investigate your issue. Capturing logs is described in our [Docs](https://learn.microsoft.com/azure/active-directory/develop/msal-logging-java).
+
+- type: markdown
+  attributes:
+    value: |
+      ## Issue details   
+    
+- type: input
+  attributes:
+    label: Library version used
+    description: "Enter the version of the library where you ran into the issue (e.g. 1.13.10)."
+  validations:
+    required: true
+
+- type: input
+  attributes:
+    label: Java version
+    description: "Enter the Java SDK and Framework version your application is developed in."
+  validations:
+    required: true
+
+- type: dropdown
+  attributes:
+    label: Scenario
+    description: "Are you using PublicClientApplication,  ConfidentialClientApplication or ManagedIdentityApplication?"
+    multiple: true
+    options: 
+      - "PublicClient (AcquireTokenInteractive, AcquireTokenByUsernamePassword)"      
+      - "ConfidentialClient - web site (AcquireTokenByAuthCode)"
+      - "ConfidentialClient - web api (AcquireTokenOnBehalfOf)"
+      - "ConfidentialClient - service to service (AcquireTokenForClient)"
+      - "ManagedIdentityClient - managed identity"
+      - "Other - please specify"
+  validations:
+    required: true
+
+- type: dropdown
+  attributes:
+    label: Is this a new or an existing app?
+    description: "Is this a new or existing app?"
+    multiple: false
+    options: 
+      - "The app is in production, and I have upgraded to a new version of MSAL"
+      - "The app is in production, I haven't upgraded MSAL, but started seeing this issue"
+      - "This is a new app or experiment"
+  validations:
+    required: false
+
+- type: textarea
+  attributes:
+    label: Issue description and reproduction steps
+    description: "Briefly explain the issue you are seeing along with any error messages or stack trace. Provide a link to one of the [standard samples](https://learn.microsoft.com/azure/active-directory/develop/sample-v2-code?tabs=apptype) and steps to reproduce the behavior. Make sure to provide verbose level log messages from MSAL, if available. [Learn more](https://learn.microsoft.com/azure/active-directory/develop/msal-logging-dotnet)"
+  validations:
+    required: true
+
+- type: textarea
+  attributes:
+    label: Relevant code snippets
+    description: "Provide relevant code snippets that can be used to reproduce the issue."
+    render: csharp
+  validations:
+    required: false
+
+- type: textarea
+  attributes:
+    label: Expected behavior
+    description: "Describe what you expect the behavior to be."
+  validations:
+    required: false
+
+- type: dropdown
+  attributes:
+    label: Identity provider
+    options: 
+      - Microsoft Entra ID (Work and School accounts and Personal Microsoft accounts)
+      - Azure B2C Basic Policy
+      - Azure B2C Custom Policy
+      - Azure Active Directory Federation Services (ADFS)
+      - Microsoft Entra External ID
+      - Other
+  validations:
+    required: true
+
+- type: input
+  attributes:
+    label: Regression
+    description: "If this behavior worked before, enter the last working version(s) of MSAL."
+    placeholder: "MSAL version: "
+
+- type: textarea
+  attributes:
+    label: Solution and workarounds
+    description: "Possible solution or workarounds, if you know of any."
+  validations:
+    required: false
+
+- type: markdown
+  attributes:
+    value: "## Security Reporting"
+- type: markdown
+  attributes:
+    value: |
+      If you find a security issue with our libraries or services [please report it to the Microsoft Security Response Center (MSRC)](https://aka.ms/report-security-issue) with as much detail as possible. Your submission may be eligible for a bounty through the [Microsoft Bounty](http://aka.ms/bugbounty) program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting [this page](https://www.microsoft.com/msrc/technical-security-notifications) and subscribing to Security Advisory Alerts.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
diff --git a/Contributing.md b/Contributing.md
@@ -0,0 +1,18 @@
+# CONTRIBUTING
+
+Microsoft Authentication Library for Java welcomes new contributors.  This document will guide you
+through the process.
+
+## CONTRIBUTOR LICENSE AGREEMENT
+
+Please visit [https://cla.microsoft.com/](https://cla.microsoft.com/) and sign the Contributor License
+Agreement.  You only need to do that once. We can not look at your code until you've submitted this request.
+
+
+## Build
+
+Use Java8.
+
+## Test
+
+Unit tests should run as expected. Integration tests require certificate / secrets which are deployed on CI. External contributors are not able to run integration tests manually.
diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ Quick links:
 The library supports the following Java environments:
 - Java 8 (or higher)
 
-Current version - 1.13.8
+Current version - 1.13.11
 
 You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/main/msal4j-sdk/changelog.txt).
 
@@ -28,13 +28,13 @@ Find [the latest package in the Maven repository](https://mvnrepository.com/arti
 <dependency>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j</artifactId>
-    <version>1.13.8</version>
+    <version>1.13.11</version>
 </dependency>
 ```
 ### Gradle
 
 ```gradle
-implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.13.8'
+implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.13.11'
 ```
 
 ## Usage

diff --git a/msal4j-sdk/changelog.txt → changelog.txt b/msal4j-sdk/changelog.txt → changelog.txt
@@ -8,6 +8,22 @@ Version 1.14.0-beta
 - Add IBroker interface
 - Add app-level parameter for enabling the use of auth brokers
 
+Version 1.13.11
+=============
+- Hotfix for internal docs generation issue (#705)
+
+Version 1.13.10
+=============
+- Remove default HTTP timeout (#664)
+- Add equals/hash logic to Account class based on homeAccountID (#681)
+- Fix issue with command to open default browser on Linux (#683)
+- Handle null pointer exception in certain ADFS scenarios (#669)
+
+Version 1.13.9
+=============
+- Update automated tests to use JUnit 5/Mockito instead of TestNG/Powermock
+- Fix issue with interactive flow on macOS/Linux/Unix systems
+
 Version 1.13.8
 =============
 - Added support for CIAM authority