AzureAD · nilo-ms · May 20, 2025 · Apr 17, 2025 · Apr 30, 2025 · May 8, 2025
@@ -8,6 +8,7 @@ Version 21.1.0
 - [MINOR] Move camera logic to CameraPermissionRequestHandler and add SdmQrPinManager (#2630)
 - [MINOR] Pass Work Profile existence, OS Version, and Manufacturer to ESTS (#2627)
 - [MINOR] Add telemetry for the switch browser protocol (#2612)
+- [MINOR] Native auth: user can now register new strong authentication method when MFA is required (#2639)
 
 Version 21.0.0
 ----------

@@ -0,0 +1,69 @@
+//
+//  This code is licensed under the MIT License.
+//
+//  Permission is hereby granted, free of charge, to any person obtaining a copy
+//  of this software and associated documentation files(the "Software"), to deal
+//  in the Software without restriction, including without limitation the rights
+//  to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+//  copies of the Software, and to permit persons to whom the Software is
+//  furnished to do so, subject to the following conditions :
+//
+//  The above copyright notice and this permission notice shall be included in
+//  all copies or substantial portions of the Software.
+//
+//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+//  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+//  THE SOFTWARE.
+package com.microsoft.identity.common.nativeauth.internal.commands
+
+import com.microsoft.identity.common.java.logging.LogSession
+import com.microsoft.identity.common.java.logging.Logger
+import com.microsoft.identity.common.java.nativeauth.commands.parameters.JITChallengeAuthMethodCommandParameters
+import com.microsoft.identity.common.java.nativeauth.controllers.results.JITChallengeAuthMethodCommandResult
+import com.microsoft.identity.common.nativeauth.internal.controllers.NativeAuthMsalController
+
+/**
+ * Command class to call controllers to trigger register/challenge JIT endpoint.
+ * {@see com.microsoft.identity.common.java.controllers.CommandDispatcher}.
+ */
+class JITChallengeAuthMethodCommand(
+    private val parameters: JITChallengeAuthMethodCommandParameters,
+    private val controller: NativeAuthMsalController,
+    publicApiId: String
+) : BaseNativeAuthCommand<JITChallengeAuthMethodCommandResult>(
+    parameters,
+    controller,
+    publicApiId
+) {
+
+    companion object {
+        private val TAG = JITChallengeAuthMethodCommand::class.java.simpleName
+    }
+
+    /**
+     * The execution part of the command, to be run on the background thread.
+     * It calls the jitChallengeAuthMethod method of the native auth MSAL controller with the given parameters.
+     */
+    override fun execute(): JITChallengeAuthMethodCommandResult {
+        LogSession.logMethodCall(
+            tag = TAG,
+            correlationId = parameters.getCorrelationId(),
+            methodName = "${TAG}.execute"
+        )
+        val result = controller.jitChallengeAuthMethod(
+            parameters = parameters
+        )
+
+        Logger.infoWithObject(
+            TAG,
+            parameters.getCorrelationId(),
+            "Returning result: ",
+            result
+        )
+        return result
+    }
+}
@@ -0,0 +1,70 @@
+//
+//  This code is licensed under the MIT License.
+//
+//  Permission is hereby granted, free of charge, to any person obtaining a copy
+//  of this software and associated documentation files(the "Software"), to deal
+//  in the Software without restriction, including without limitation the rights
+//  to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+//  copies of the Software, and to permit persons to whom the Software is
+//  furnished to do so, subject to the following conditions :
+//
+//  The above copyright notice and this permission notice shall be included in
+//  all copies or substantial portions of the Software.
+//
+//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+//  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+//  THE SOFTWARE.
+package com.microsoft.identity.common.nativeauth.internal.commands
+
+import com.microsoft.identity.common.java.logging.LogSession
+import com.microsoft.identity.common.java.logging.Logger
+import com.microsoft.identity.common.java.nativeauth.commands.parameters.JITContinueCommandParameters
+import com.microsoft.identity.common.java.nativeauth.controllers.results.JITSubmitChallengeCommandResult
+import com.microsoft.identity.common.nativeauth.internal.controllers.NativeAuthMsalController
+
+/**
+ * Command class to call controllers to trigger register/continue JIT endpoint.
+ * {@see com.microsoft.identity.common.java.controllers.CommandDispatcher}.
+ */
+class JITSubmitChallengeCommand(
+    private val parameters: JITContinueCommandParameters,
+    private val controller: NativeAuthMsalController,
+    publicApiId: String
+) : BaseNativeAuthCommand<JITSubmitChallengeCommandResult>(
+    parameters,
+    controller,
+    publicApiId
+) {
+
+    companion object {
+        private val TAG = JITSubmitChallengeCommand::class.java.simpleName
+    }
+
+    /**
+     * The execution part of the command, to be run on the background thread.
+     * It calls the jitSubmitChallenge method of the native auth MSAL controller with the given parameters.
+     */
+    override fun execute(): JITSubmitChallengeCommandResult {
+        LogSession.logMethodCall(
+            tag = TAG,
+            correlationId = parameters.getCorrelationId(),
+            methodName = "${TAG}.execute"
+        )
+        val result = controller.jitSubmitChallenge(
+            parameters = parameters
+        )
+
+        Logger.infoWithObject(
+            TAG,
+            parameters.getCorrelationId(),
+            "Returning result: ",
+            result
+        )
+        return result
+    }
+
+}