diff --git a/changelog.txt b/changelog.txt
index 13978a533b..ab56848927 100644
--- a/changelog.txt
+++ b/changelog.txt
@@ -11,6 +11,7 @@ vNext
- [MINOR] SDK now handles SMS as strong authentication method #2766
- [MINOR] Added error handling when webcp redirects have browser protocol #2767
- [PATCH] Fix for app link redirect from CCT due to forced browser preference (#2775)
+- [MINOR] getAllSsoTokens method for Edge (#2774)
Version 22.1.3
----------
diff --git a/common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java b/common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java
index 4701b212ae..62a3abec01 100644
--- a/common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java
+++ b/common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java
@@ -642,7 +642,7 @@ public static final class Broker {
*
* @see Android Auth Broker Protocol Versions
*/
- public static final String LATEST_MSAL_TO_BROKER_PROTOCOL_VERSION_CODE = "18.0";
+ public static final String LATEST_MSAL_TO_BROKER_PROTOCOL_VERSION_CODE = "19.0";
/**
* The maximum msal-to-broker protocol version known by clients such as MSAL Android.
@@ -1371,6 +1371,11 @@ public static String computeMaxHostBrokerProtocol() {
*/
public static final String BROKER_GENERATE_SSO_TOKEN_RESULT = "broker_generate_sso_token";
+ /**
+ * String for all SSO tokens result.
+ */
+ public static final String BROKER_GENERATE_ALL_SSO_TOKENS_RESULT = "broker_generate_all_sso_tokens";
+
/**
* String for generate shr result.
*/
@@ -1683,6 +1688,8 @@ public enum API {
BROKER_GET_FLIGHTS(BROKER_API_GET_FLIGHTS_PATH, BROKER_VERSION_3, null),
GET_SSO_TOKEN(GET_SSO_TOKEN_PATH, null, VERSION_7),
+ GET_ALL_SSO_TOKENS(GET_ALL_SSO_TOKENS_PATH, null, null),
+
UNKNOWN(null, null, null),
DEVICE_REGISTRATION_PROTOCOLS(DEVICE_REGISTRATION_PROTOCOLS_PATH, null, null),
BROKER_UPLOAD_LOGS(BROKER_API_UPLOAD_LOGS, BROKER_VERSION_4, null),
@@ -1858,6 +1865,11 @@ public String getMsalVersion(){
*/
public static final String GET_SSO_TOKEN_PATH = "/ssoToken";
+ /**
+ * Api path for getting all SSO tokens based on environment.
+ */
+ public static final String GET_ALL_SSO_TOKENS_PATH = "/allSsoTokens";
+
/**
* ContentProvider path to get the preferred auth method.
*/
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/broker/ipc/BrokerOperationBundle.java b/common/src/main/java/com/microsoft/identity/common/internal/broker/ipc/BrokerOperationBundle.java
index 4f41c53a42..c03cf29711 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/broker/ipc/BrokerOperationBundle.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/broker/ipc/BrokerOperationBundle.java
@@ -63,6 +63,7 @@ public enum Operation {
BROKER_GET_FLIGHTS(API.BROKER_GET_FLIGHTS, null),
BROKER_SET_FLIGHTS(API.BROKER_SET_FLIGHTS, null),
MSAL_SSO_TOKEN(API.GET_SSO_TOKEN, null),
+ MSAL_ALL_SSO_TOKENS(API.GET_ALL_SSO_TOKENS, null),
DEVICE_REGISTRATION_OPERATIONS(API.DEVICE_REGISTRATION_PROTOCOLS, null),
BROKER_API_UPLOAD_LOGS(API.BROKER_UPLOAD_LOGS, null),
MSAL_FETCH_DCF_AUTH_RESULT(API.FETCH_DCF_AUTH_RESULT, null),
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java b/common/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java
index 1032f46cf2..78c01d76ac 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/controllers/BrokerMsalController.java
@@ -81,6 +81,7 @@
import com.microsoft.identity.common.java.authscheme.PopAuthenticationSchemeWithClientKeyInternal;
import com.microsoft.identity.common.java.cache.ICacheRecord;
import com.microsoft.identity.common.java.cache.MsalOAuth2TokenCache;
+import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenBatchResult;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.commands.parameters.AcquirePrtSsoTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.CommandParameters;
@@ -119,6 +120,8 @@
import com.microsoft.identity.common.logging.Logger;
import com.microsoft.identity.common.sharedwithoneauth.OneAuthSharedFunctions;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
@@ -1188,6 +1191,66 @@ public void putValueInSuccessEvent(@NonNull final ApiEndEvent event,
});
}
+ /**
+ * Get SSO tokens from broker by environment from given request authority.
+ * Note: The result is limited to the tokens associated with the 3 most recently acquired PRTs.
+ * @param parameters {@link AcquirePrtSsoTokenCommandParameters}
+ * @return {@link AcquirePrtSsoTokenBatchResult} containing up to 3 of the most recent relevant SSO tokens.
+ * @throws BaseException
+ */
+ public AcquirePrtSsoTokenBatchResult getAllSsoTokens(@NonNull final AcquirePrtSsoTokenCommandParameters parameters) throws BaseException {
+ return getBrokerOperationExecutor().execute(parameters,
+ new BrokerOperation() {
+ private String negotiatedBrokerProtocolVersion;
+
+ @Override
+ public void performPrerequisites(@NonNull final IIpcStrategy strategy) throws BaseException {
+ negotiatedBrokerProtocolVersion = hello(strategy, parameters.getRequiredBrokerProtocolVersion());
+ }
+
+ @NonNull
+ @Override
+ public BrokerOperationBundle getBundle() throws ClientException {
+ return new BrokerOperationBundle(
+ BrokerOperationBundle.Operation.MSAL_ALL_SSO_TOKENS,
+ mActiveBrokerPackageName,
+ mRequestAdapter.getRequestBundleForAllSsoTokens(
+ parameters,
+ negotiatedBrokerProtocolVersion
+ )
+ );
+ }
+
+ @NonNull
+ @Override
+ public AcquirePrtSsoTokenBatchResult extractResultBundle(
+ @Nullable final Bundle resultBundle) throws BaseException {
+ if (resultBundle == null) {
+ throw mResultAdapter.getExceptionForEmptyResultBundle();
+ }
+ verifyBrokerVersionIsSupported(resultBundle, parameters.getRequiredBrokerProtocolVersion());
+ return mResultAdapter.getAcquirePrtSsoTokenBatchResultFromBundle(resultBundle);
+ }
+
+ @NonNull
+ @Override
+ public String getMethodName() {
+ return ":getAllSsoTokens";
+ }
+
+ @Nullable
+ @Override
+ public String getTelemetryApiId() {
+ return null;
+ }
+
+ @Override
+ public void putValueInSuccessEvent(@NonNull final ApiEndEvent event,
+ @NonNull final AcquirePrtSsoTokenBatchResult result) {
+ }
+ });
+ }
+
/**
* Sign in a resource account in broker based on given parameters. Should called by OneAuth/MSAL
* to provision resource account in broker.
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java b/common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java
index 8c26f37698..1a1440ed24 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java
@@ -232,6 +232,24 @@ public BrokerRequest brokerRequestFromSilentOperationParameters(@NonNull final S
return requestBundle;
}
+ public @NonNull Bundle getRequestBundleForAllSsoTokens(@NonNull final AcquirePrtSsoTokenCommandParameters parameters,
+ @NonNull final String negotiatedBrokerProtocolVersion) {
+
+ final Bundle bundle = new Bundle();
+ bundle.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, negotiatedBrokerProtocolVersion);
+ if (parameters.getRequestAuthority() != null) {
+ bundle.putString(AuthenticationConstants.Broker.REQUEST_AUTHORITY, parameters.getRequestAuthority());
+ }
+ if (parameters.getSsoUrl() != null) {
+ bundle.putString(AuthenticationConstants.Broker.BROKER_SSO_URL_KEY, parameters.getSsoUrl());
+ }
+ if (parameters.getCorrelationId() != null) {
+ bundle.putString(AuthenticationConstants.Broker.ACCOUNT_CORRELATIONID, parameters.getCorrelationId());
+ }
+ addRequiredBrokerProtocolVersionToRequestBundle(bundle, parameters.getRequiredBrokerProtocolVersion());
+ return bundle;
+ }
+
/**
* Method to construct a request bundle for broker hello request.
*
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/result/AdalBrokerResultAdapter.java b/common/src/main/java/com/microsoft/identity/common/internal/result/AdalBrokerResultAdapter.java
index 1fee8a5353..5b1f929b38 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/result/AdalBrokerResultAdapter.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/result/AdalBrokerResultAdapter.java
@@ -34,6 +34,7 @@
import com.microsoft.identity.common.adal.internal.ADALError;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
+import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenBatchResult;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.constants.OAuth2ErrorCode;
import com.microsoft.identity.common.java.exception.ArgumentException;
@@ -184,6 +185,12 @@ public AcquirePrtSsoTokenResult getAcquirePrtSsoTokenResultFromBundle(Bundle res
throw new UnsupportedOperationException();
}
+ @NonNull
+ @Override
+ public AcquirePrtSsoTokenBatchResult getAcquirePrtSsoTokenBatchResultFromBundle(Bundle resultBundle) {
+ throw new UnsupportedOperationException();
+ }
+
/**
* Helper method to map and add errors to Adal specific constants.
*/
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/result/IBrokerResultAdapter.java b/common/src/main/java/com/microsoft/identity/common/internal/result/IBrokerResultAdapter.java
index 5e757c3f2d..7968960c0c 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/result/IBrokerResultAdapter.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/result/IBrokerResultAdapter.java
@@ -27,6 +27,7 @@
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
+import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenBatchResult;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.result.ILocalAuthenticationResult;
@@ -75,4 +76,7 @@ public interface IBrokerResultAdapter {
*/
@NonNull
AcquirePrtSsoTokenResult getAcquirePrtSsoTokenResultFromBundle(Bundle resultBundle);
+
+ @NonNull
+ AcquirePrtSsoTokenBatchResult getAcquirePrtSsoTokenBatchResultFromBundle(Bundle resultBundle);
}
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/result/MsalBrokerResultAdapter.java b/common/src/main/java/com/microsoft/identity/common/internal/result/MsalBrokerResultAdapter.java
index 18e215bb18..efea3f52fb 100644
--- a/common/src/main/java/com/microsoft/identity/common/internal/result/MsalBrokerResultAdapter.java
+++ b/common/src/main/java/com/microsoft/identity/common/internal/result/MsalBrokerResultAdapter.java
@@ -26,6 +26,7 @@
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_ACCOUNTS_COMPRESSED;
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_ACTIVITY_NAME;
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_DEVICE_MODE;
+import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_GENERATE_ALL_SSO_TOKENS_RESULT;
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_GENERATE_SHR_RESULT;
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_GENERATE_SSO_TOKEN_RESULT;
import static com.microsoft.identity.common.adal.internal.AuthenticationConstants.Broker.BROKER_PACKAGE_NAME;
@@ -56,6 +57,7 @@
import com.microsoft.identity.common.java.authorities.AzureActiveDirectoryAudience;
import com.microsoft.identity.common.java.cache.CacheRecord;
import com.microsoft.identity.common.java.cache.ICacheRecord;
+import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenBatchResult;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.constants.OAuth2ErrorCode;
import com.microsoft.identity.common.java.constants.OAuth2SubErrorCode;
@@ -414,6 +416,12 @@ public AcquirePrtSsoTokenResult getAcquirePrtSsoTokenResultFromBundle(Bundle res
return GSON.fromJson(resultBundle.getString(BROKER_GENERATE_SSO_TOKEN_RESULT), AcquirePrtSsoTokenResult.class);
}
+ @NonNull
+ @Override
+ public AcquirePrtSsoTokenBatchResult getAcquirePrtSsoTokenBatchResultFromBundle(Bundle resultBundle) {
+ return GSON.fromJson(resultBundle.getString(BROKER_GENERATE_ALL_SSO_TOKENS_RESULT), AcquirePrtSsoTokenBatchResult.class);
+ }
+
@NonNull
public Bundle bundleFromBrokerResult(@NonNull final BrokerResult brokerResult,
@Nullable final String negotiatedBrokerProtocolVersion) {
diff --git a/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenBatchResult.java b/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenBatchResult.java
new file mode 100644
index 0000000000..4e1c666f0d
--- /dev/null
+++ b/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenBatchResult.java
@@ -0,0 +1,74 @@
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+package com.microsoft.identity.common.java.commands;
+
+import com.google.gson.annotations.SerializedName;
+
+import java.util.List;
+import java.util.Map;
+
+import edu.umd.cs.findbugs.annotations.Nullable;
+import lombok.Builder;
+import lombok.Getter;
+import lombok.NonNull;
+import lombok.experimental.Accessors;
+
+/**
+ * A DTO for the results of a batch AcquirePrtSsoToken request.
+ */
+@Builder
+@Getter
+@Accessors(prefix = "m")
+public class AcquirePrtSsoTokenBatchResult {
+
+ /**
+ * List of successful per-account results.
+ */
+ @SerializedName("results")
+ private final @NonNull List mResults;
+
+ /**
+ * Map of failed accounts keyed by home account id with error message/code.
+ * (Only include accounts that did not produce a full result object.)
+ */
+ @SerializedName("failedAccounts")
+ private final @Nullable Map mFailedAccounts;
+
+ /**
+ * Optional top-level error.
+ */
+ @SerializedName("error")
+ private final @Nullable String mError;
+
+ /**
+ * Correlation id for diagnostics.
+ */
+ @SerializedName("correlationId")
+ private final @Nullable String mCorrelationId;
+
+ /**
+ * Authority used for the request.
+ */
+ @SerializedName("authority")
+ private final @Nullable String mAuthority;
+}
diff --git a/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenResult.java b/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenResult.java
index 00c3b520ad..8af353de79 100644
--- a/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenResult.java
+++ b/common4j/src/main/com/microsoft/identity/common/java/commands/AcquirePrtSsoTokenResult.java
@@ -89,4 +89,10 @@ public class AcquirePrtSsoTokenResult {
@SerializedName("telemetry")
private final @NonNull Map mTelemetry;
+ /**
+ * The time when the token was acquired, in milliseconds since epoch.
+ */
+ @SerializedName("acquisitionTimeMillis")
+ private final @Nullable Long mAcquisitionTimeMillis;
+
}
diff --git a/common4j/src/main/com/microsoft/identity/common/java/opentelemetry/SpanName.java b/common4j/src/main/com/microsoft/identity/common/java/opentelemetry/SpanName.java
index 533dea4d85..6c99bcc48f 100644
--- a/common4j/src/main/com/microsoft/identity/common/java/opentelemetry/SpanName.java
+++ b/common4j/src/main/com/microsoft/identity/common/java/opentelemetry/SpanName.java
@@ -67,9 +67,9 @@ public enum SpanName {
SecretKeyWrapping,
WrappedKeyAlgorithmIdentifier,
ProcessWebCpRedirects,
-
ProvisionResourceAccount,
ProcessWebsiteRequest,
+ GetAllSsoTokens,
ProcessWebCpEnrollmentRedirect,
ProcessWebCpAuthorizeUrlRedirect
}