Merge pull request #256 from AzureAD/dev

update master to fix refresh token response handling

README.md

@@ -1,4 +1,4 @@
-#Microsoft Azure Active Directory Authentication Library (ADAL) for Android
+#Microsoft Azure Active Directory Authentication Library (ADAL) for Android
 ===========
 
 The ADAL SDK for Android gives you the ability to add support for Work Accounts to your application with just a few lines of additional code. This SDK gives your application the full functionality of Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two factor authentication support. Best of all, it’s FOSS (Free and Open Source Software) so that you can participate in the development process as we build these libraries. 
@@ -134,7 +134,7 @@ You can get the jar file from maven the repo and drop into the *libs* folder in
             android:theme="@style/AppTheme" >
 
             <activity
-                android:name="com.microsoft.adal.AuthenticationActivity"
+                android:name="com.microsoft.aad.adal.AuthenticationActivity"
                 android:label="@string/title_login_hello_app" >
             </activity>
       ....

pom.xml

@@ -17,7 +17,7 @@
   <properties>
     <scm.branch>master</scm.branch>
     <maven.version>3.1.1</maven.version>
-    <adal.version>1.0.1</adal.version>
+    <adal.version>1.0.2</adal.version>
     <android.platform.maven.plugin>18</android.platform.maven.plugin>
     <android.version>[4.1.1.4,)</android.version>
     <android.support.version>[18,)</android.support.version>

samples/hello/src/com/microsoft/aad/adal/hello/Constants.java

@@ -32,7 +32,7 @@ public class Constants {
 
     // AAD PARAMETERS
     // https://login.windows.net/tenantInfo
-    static final String AUTHORITY_URL = "https://login.windows.net/omercantest.onmicrosoft.com";
+    static final String AUTHORITY_URL = "https://login.windows.net/common";
 
     // Clientid is given from AAD page when you register your Android app
     static final String CLIENT_ID = "650a6609-5463-4bc4-b7c6-19df7990a8bc";

src/pom.xml

@@ -4,13 +4,13 @@
   <modelVersion>4.0.0</modelVersion> 
   <groupId>com.microsoft.aad</groupId>
   <artifactId>adal</artifactId>
-  <version>1.0.1</version>
+  <version>1.0.2</version>
   <packaging>aar</packaging>
   <name>adal</name>
   <properties>
     <scm.branch>master</scm.branch>
     <maven.version>3.1.1</maven.version>
-    <adal.version>1.0.1</adal.version>
+    <adal.version>1.0.2</adal.version>
     <android.platform.maven.plugin>18</android.platform.maven.plugin>
     <android.version>[4.1.1.4,)</android.version>
     <android.support.version>[18,)</android.support.version>

src/src/com/microsoft/aad/adal/ADALError.java

@@ -78,7 +78,8 @@ public enum ADALError {
     /**
      * Activity is not resolved.
      */
-    DEVELOPER_ACTIVITY_IS_NOT_RESOLVED("Activity is not resolved"),
+    DEVELOPER_ACTIVITY_IS_NOT_RESOLVED(
+            "Activity is not resolved. Verify the activity name in your manifest file"),
 
     /**
      * android.permission.INTERNET is not added to AndroidManifest file.

src/src/com/microsoft/aad/adal/AuthenticationConstants.java

@@ -279,13 +279,13 @@ public static final class Broker {
          * Apk packagename that will install AD-Authenticator. It is used to
          * query if this app installed or not from package manager.
          */
-        public static final String PACKAGE_NAME = "com.microsoft.workaccount";
+        public static final String PACKAGE_NAME = "com.microsoft.windowsintune.companyportal";
 
         /**
          * Signature info for AD-Authenticator installing app to verify broker
          * component.
          */
-        public static final String SIGNATURE = "HcArzSmaOsvXP3gYIEMHHVrmozI=\n";
+        public static final String SIGNATURE = "1L4Z9FJCgn5c0VLhyAxC5O9LdlE=";
 
         public static final String CLIENT_TLS_REDIRECT = "urn:http-auth:PKeyAuth";
 

src/src/com/microsoft/aad/adal/AuthenticationContext.java

@@ -23,7 +23,7 @@
 import java.net.URL;
 import java.security.NoSuchAlgorithmException;
 import java.util.Date;
-import java.util.HashMap;
+import java.util.Locale;
 import java.util.UUID;
 import java.util.concurrent.Callable;
 import java.util.concurrent.ExecutionException;
@@ -726,7 +726,6 @@ public void run() {
                                         Logger.v(TAG,
                                                 "OnActivityResult is setting the token to cache. "
                                                         + authenticationRequest.getLogInfo());
-
                                         setItemToCache(authenticationRequest, result, true);
                                         if (waitingRequest != null
                                                 && waitingRequest.mDelagete != null) {
@@ -1439,6 +1438,10 @@ private AuthenticationResult refreshToken(final CallbackHandler callbackHandle,
         try {
             Oauth2 oauthRequest = new Oauth2(request, mWebRequest, mJWSBuilder);
             result = oauthRequest.refreshToken(refreshItem.mRefreshToken);
+            if (StringExtensions.IsNullOrBlank(result.getRefreshToken())) {
+                Logger.v(TAG, "Refresh token is not returned or empty");
+                result.setRefreshToken(refreshItem.mRefreshToken);
+            }
         } catch (Exception exc) {
             // remove item from cache
             Logger.e(TAG, "Error in refresh token for request:" + request.getLogInfo(),
@@ -1762,6 +1765,6 @@ public static String getVersionName() {
         // Package manager does not report for ADAL
         // AndroidManifest files are not merged, so it is returning hard coded
         // value
-        return "1.0.1";
+        return "1.0.2";
     }
 }

src/src/com/microsoft/aad/adal/AuthenticationRequest.java

@@ -53,7 +53,7 @@ class AuthenticationRequest implements Serializable {
     private boolean mSilent = false;
 
     private String mVersion = null;
-    
+
     public AuthenticationRequest() {
 
     }
@@ -102,7 +102,7 @@ public AuthenticationRequest(String authority, String resource, String clientid)
      * @param resource
      * @param clientid
      * @param userid
-     * @param correlationId 
+     * @param correlationId
      */
     public AuthenticationRequest(String authority, String resource, String clientid, String userid,
             UUID correlationId) {
@@ -125,6 +125,10 @@ public String getAuthority() {
         return mAuthority;
     }
 
+    public void setAuthority(String authority) {
+        mAuthority = authority;
+    }
+
     public String getRedirectUri() {
         return mRedirectUri;
     }
@@ -210,11 +214,11 @@ public void setSilent(boolean silent) {
         this.mSilent = silent;
     }
 
-	public String getVersion() {
-		return mVersion;
-	}
+    public String getVersion() {
+        return mVersion;
+    }
 
-	public void setVersion(String version) {
-		this.mVersion = version;
-	}
+    public void setVersion(String version) {
+        this.mVersion = version;
+    }
 }

src/src/com/microsoft/aad/adal/AuthenticationResult.java

@@ -298,4 +298,8 @@ void setIdToken(String idToken) {
     void setTenantId(String tenantid) {
         mTenantId = tenantid;
     }
+
+    void setRefreshToken(String refreshToken){
+        mRefreshToken = refreshToken;
+    }
 }

tests/Functional/src/com/microsoft/aad/adal/test/AuthenticationContextTest.java

@@ -91,7 +91,7 @@ public class AuthenticationContextTest extends AndroidTestCase {
 
     protected final static int ACTIVITY_TIME_OUT = 1000;
 
-    private final static String TEST_AUTHORITY = "http://login.windows.net/common";
+    private final static String TEST_AUTHORITY = "https://login.windows.net/ComMon/";
 
     private static final String TEST_PACKAGE_NAME = "com.microsoft.aad.adal.testapp";
 
@@ -267,8 +267,8 @@ public void testCorrelationId_InWebRequest() throws NoSuchFieldException,
         final CountDownLatch signal = new CountDownLatch(1);
         MockAuthenticationCallback callback = new MockAuthenticationCallback(signal);
         final TestLogResponse response = new TestLogResponse();
-        response.listenLogForMessageSegments(signal, "Authentication failed",
-                "correlation_id:\"\"" + requestCorrelationId.toString());
+        response.listenLogForMessageSegments(signal, "Authentication failed", "correlation_id:\"\""
+                + requestCorrelationId.toString());
 
         // Call acquire token with prompt never to prevent activity launch
         context.setRequestCorrelationId(requestCorrelationId);
@@ -675,7 +675,7 @@ public void testAcquireTokenByRefreshTokenPositive() throws IllegalArgumentExcep
         String exptedResource = "resource" + UUID.randomUUID().toString();
         MockAuthenticationCallback callback = new MockAuthenticationCallback(signal);
 
-        MockWebRequestHandler mockWebRequest = setMockWebRequest(context, id);
+        MockWebRequestHandler mockWebRequest = setMockWebRequest(context, id, "refreshToken" + id);
 
         context.acquireTokenByRefreshToken("refreshTokenSending", expectedClientId, callback);
         signal.await(CONTEXT_REQUEST_TIME_OUT, TimeUnit.MILLISECONDS);
@@ -706,14 +706,44 @@ public void testAcquireTokenByRefreshTokenPositive() throws IllegalArgumentExcep
                 callback.mResult.getUserInfo().getDisplayableId());
     }
 
-    private MockWebRequestHandler setMockWebRequest(final AuthenticationContext context, String id)
-            throws NoSuchFieldException, IllegalAccessException {
+    public void testAcquireTokenByRefreshToken_NotReturningRefreshToken()
+            throws IllegalArgumentException, NoSuchFieldException, IllegalAccessException,
+            ClassNotFoundException, NoSuchMethodException, InstantiationException,
+            InvocationTargetException, NoSuchAlgorithmException, NoSuchPaddingException,
+            InterruptedException {
+        FileMockContext mockContext = new FileMockContext(getContext());
+        ITokenCacheStore mockCache = getCacheForRefreshToken();
+        final AuthenticationContext context = getAuthenticationContext(mockContext,
+                VALID_AUTHORITY, false, mockCache);
+        setConnectionAvailable(context, true);
+        final CountDownLatch signal = new CountDownLatch(1);
+        String id = UUID.randomUUID().toString();
+        String expectedAccessToken = "accessToken" + id;
+        String expectedClientId = "client" + UUID.randomUUID().toString();
+        String exptedResource = "resource" + UUID.randomUUID().toString();
+        String refreshToken = "refreshTokenSending";
+        MockAuthenticationCallback callback = new MockAuthenticationCallback(signal);
+        MockWebRequestHandler mockWebRequest = setMockWebRequest(context, id, "");
+        context.acquireTokenByRefreshToken("refreshTokenSending", expectedClientId, callback);
+        signal.await(CONTEXT_REQUEST_TIME_OUT, TimeUnit.MILLISECONDS);
+
+        // Verify that new refresh token is matching to mock response
+        assertEquals("Same token", expectedAccessToken, callback.mResult.getAccessToken());
+        assertEquals("Same refresh token", refreshToken, callback.mResult.getRefreshToken());
+        assertTrue("Content has client in the message", mockWebRequest.getRequestContent()
+                .contains(expectedClientId));
+        assertFalse("Content does not have resource in the message", mockWebRequest
+                .getRequestContent().contains(exptedResource));
+    }
+
+    private MockWebRequestHandler setMockWebRequest(final AuthenticationContext context, String id,
+            String refreshToken) throws NoSuchFieldException, IllegalAccessException {
         MockWebRequestHandler mockWebRequest = new MockWebRequestHandler();
         String idToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiJlNzBiMTE1ZS1hYzBhLTQ4MjMtODVkYS04ZjRiN2I0ZjAwZTYiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8zMGJhYTY2Ni04ZGY4LTQ4ZTctOTdlNi03N2NmZDA5OTU5NjMvIiwibmJmIjoxMzc2NDI4MzEwLCJleHAiOjEzNzY0NTcxMTAsInZlciI6IjEuMCIsInRpZCI6IjMwYmFhNjY2LThkZjgtNDhlNy05N2U2LTc3Y2ZkMDk5NTk2MyIsIm9pZCI6IjRmODU5OTg5LWEyZmYtNDExZS05MDQ4LWMzMjIyNDdhYzYyYyIsInVwbiI6ImFkbWluQGFhbHRlc3RzLm9ubWljcm9zb2Z0LmNvbSIsInVuaXF1ZV9uYW1lIjoiYWRtaW5AYWFsdGVzdHMub25taWNyb3NvZnQuY29tIiwic3ViIjoiVDU0V2hGR1RnbEJMN1VWYWtlODc5UkdhZEVOaUh5LXNjenNYTmFxRF9jNCIsImZhbWlseV9uYW1lIjoiU2VwZWhyaSIsImdpdmVuX25hbWUiOiJBZnNoaW4ifQ.";
         String json = "{\"access_token\":\"accessToken"
                 + id
-                + "\",\"token_type\":\"Bearer\",\"expires_in\":\"29344\",\"expires_on\":\"1368768616\",\"refresh_token\":\"refreshToken"
-                + id + "\",\"scope\":\"*\",\"id_token\":\"" + idToken + "\"}";
+                + "\",\"token_type\":\"Bearer\",\"expires_in\":\"29344\",\"expires_on\":\"1368768616\",\"refresh_token\":\""
+                + refreshToken + "\",\"scope\":\"*\",\"id_token\":\"" + idToken + "\"}";
         mockWebRequest.setReturnResponse(new HttpWebResponse(200, json.getBytes(Charset
                 .defaultCharset()), null));
         ReflectionUtils.setFieldValue(context, "mWebRequest", mockWebRequest);
@@ -1631,7 +1661,8 @@ public void testAcquireTokenMultiResourceToken_UserId() throws InterruptedExcept
         final AuthenticationContext context = new AuthenticationContext(mockContext,
                 VALID_AUTHORITY, false, mockCache);
         setConnectionAvailable(context, true);
-        MockWebRequestHandler mockWebRequest = setMockWebRequest(context, tokenId);
+        MockWebRequestHandler mockWebRequest = setMockWebRequest(context, tokenId, "refreshToken"
+                + tokenId);
 
         CountDownLatch signal = new CountDownLatch(1);
         MockActivity testActivity = new MockActivity(signal);