Pass Work Profile existence, OS Version, and Manufacturer to ESTS, Fixes AB#3138815

changelog.txt

@@ -1,5 +1,6 @@
 vNext
 ----------
+- [MINOR] Pass Work Profile existence, OS Version, and Manufacturer to ESTS (#2627)
 - [MINOR] Enable the new Broker discovery on MSAL by default (#2618)
 
 Version 21.0.0

common/src/main/java/com/microsoft/identity/common/components/AndroidPlatformComponentsFactory.java

@@ -24,6 +24,9 @@
 
 import android.app.Activity;
 import android.content.Context;
+import android.content.Intent;
+import android.content.pm.ResolveInfo;
+import android.os.Build;
 
 import androidx.annotation.Nullable;
 import androidx.fragment.app.Fragment;
@@ -44,6 +47,7 @@
 import com.microsoft.identity.common.logging.Logger;
 
 import java.io.File;
+import java.util.List;
 
 import lombok.NonNull;
 
@@ -67,6 +71,9 @@ public static synchronized void initializeGlobalStates(@NonNull final Context co
         if (!sGlobalStateInitalized) {
             HttpCache.initialize(context);
             Device.setDeviceMetadata(new AndroidDeviceMetadata());
+
+            // Denotes whether or not request is from personal profile but device has a Work Profile Available
+            Device.setIsInPersonalProfileButClouddpcWorkProfileAvailable(checkIfIsInPersonalProfileButClouddpcWorkProfileAvailable(context));
             Logger.setAndroidLogger();
 
             final File cacheDir = context.getCacheDir();
@@ -142,4 +149,30 @@ public static void fillBuilderWithBasicImplementations(
                     .stateGenerator(new AndroidTaskStateGenerator(activity.getTaskId()));
         }
     }
+
+    /**
+     * Helper method to check if we are in personal profile but a work profile managed by clouddpc
+     * is available. Google Docs for intent used:
+     * https://developers.google.com/android/management/work-profile-detection#detect_if_the_device_has_a_work_profile
+     * @param context context needed to check for intent
+     * @return true if called in personal profile and a work profile managed by clouddpc exists, false otherwise
+     */
+    public static boolean checkIfIsInPersonalProfileButClouddpcWorkProfileAvailable(@NonNull final Context context) {
+        Intent intent = new Intent("com.google.android.apps.work.clouddpc.ACTION_DETECT_WORK_PROFILE");
+        List<ResolveInfo> activities = context.getPackageManager().queryIntentActivities(intent, 0);
+
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+            return activities.stream()
+                    .anyMatch(
+                            (ResolveInfo resolveInfo) -> resolveInfo.isCrossProfileIntentForwarderActivity());
+        } else {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
+                return activities.stream()
+                        .anyMatch(
+                                (ResolveInfo resolveInfo) -> resolveInfo.activityInfo.name.equals("com.android.internal.app.ForwardIntentToManagedProfile"));
+            }
+        }
+
+        return false;
+    }
 }

common4j/src/main/com/microsoft/identity/common/java/platform/Device.java

@@ -50,6 +50,11 @@ public class Device {
 
     private static IDeviceMetadata sDeviceMetadata;
 
+    /**
+     * Denotes whether or not request is from personal profile but device has a Work Profile Available
+     */
+    private static boolean sIsInPersonalProfileButClouddpcWorkProfileAvailable = false;
+
     private static final ReentrantReadWriteLock sLock = new ReentrantReadWriteLock();
 
     @GuardedBy("sLock")
@@ -73,6 +78,26 @@ public static void clearDeviceMetadata(){
         }
     }
 
+    @GuardedBy("sLock")
+    public static void setIsInPersonalProfileButClouddpcWorkProfileAvailable(final boolean isWorkProfileAvailable) {
+        sLock.writeLock().lock();
+        try {
+            sIsInPersonalProfileButClouddpcWorkProfileAvailable = isWorkProfileAvailable;
+        } finally {
+            sLock.writeLock().unlock();
+        }
+    }
+
+    @GuardedBy("sLock")
+    public static boolean getIsInPersonalProfileButClouddpcWorkProfileAvailable() {
+        sLock.writeLock().lock();
+        try {
+            return sIsInPersonalProfileButClouddpcWorkProfileAvailable;
+        } finally {
+            sLock.writeLock().unlock();
+        }
+    }
+
     @NonNull
     @GuardedBy("sLock")
     public static Map<String, String> getPlatformIdParameters() {
@@ -84,10 +109,12 @@ public static Map<String, String> getPlatformIdParameters() {
                 platformParameters.put(PlatformIdParameters.CPU_PLATFORM, sDeviceMetadata.getCpu());
                 platformParameters.put(PlatformIdParameters.OS, sDeviceMetadata.getOsForEsts());
                 platformParameters.put(PlatformIdParameters.DEVICE_MODEL, sDeviceMetadata.getDeviceModel());
+                platformParameters.put(PlatformIdParameters.MANUFACTURER, sDeviceMetadata.getManufacturer());
             } else {
                 platformParameters.put(PlatformIdParameters.CPU_PLATFORM, NOT_SET);
                 platformParameters.put(PlatformIdParameters.OS, NOT_SET);
                 platformParameters.put(PlatformIdParameters.DEVICE_MODEL, NOT_SET);
+                platformParameters.put(PlatformIdParameters.MANUFACTURER, NOT_SET);
             }
 
             return Collections.unmodifiableMap(platformParameters);
@@ -246,6 +273,11 @@ public static final class PlatformIdParameters {
          */
         public static final String OS = "x-client-OS";
 
+        /**
+         * The String representing the device Manufacturer.
+         */
+        public static final String MANUFACTURER = "x-client-MN";
+
         /**
          * The String representing the device model.
          */

common4j/src/main/com/microsoft/identity/common/java/providers/microsoft/MicrosoftAuthorizationRequest.java

@@ -123,6 +123,12 @@ public abstract class MicrosoftAuthorizationRequest<T extends MicrosoftAuthoriza
     @SerializedName("x-client-DM")
     private final String mDiagnosticDM;
 
+    @Expose()
+    @Getter
+    @Accessors(prefix = "m")
+    @SerializedName("x-client-MN")
+    private final String mDiagnosticMN;
+
     @Expose()
     @Getter
     @Accessors(prefix = "m")
@@ -135,6 +141,12 @@ public abstract class MicrosoftAuthorizationRequest<T extends MicrosoftAuthoriza
     @SerializedName("pc")
     private final String mPreferredAuthMethodCode;
 
+    @Expose()
+    @Getter
+    @Accessors(prefix = "m")
+    @SerializedName("x-client-WPAvailable")
+    private final Boolean mWorkProfileAvailable;
+
 
     /**
      * Constructor of MicrosoftAuthorizationRequest.
@@ -162,6 +174,8 @@ protected MicrosoftAuthorizationRequest(@SuppressWarnings(WarningType.rawtype_wa
         mDiagnosticOS = Device.getOsForEsts();
         mDiagnosticDM = Device.getModel();
         mDiagnosticCPU = Device.getCpu();
+        mDiagnosticMN = Device.getManufacturer();
+        mWorkProfileAvailable = Device.getIsInPersonalProfileButClouddpcWorkProfileAvailable();
     }
 
     public abstract static class Builder<B extends MicrosoftAuthorizationRequest.Builder<B>> extends AuthorizationRequest.Builder<B> {