[decryptedResponse[@"success"] boolValue] returns 'nil' in MSIDDefaultBrokerResponseHandler

[ryanmsmith-v]

MSAL 1.7.0
Intune SDK 19.7.9
Xcode 15.4

I'm integrating the Intune SDK into our company's app and have run into a bug in MSAL.

On an unmanaged device or on an Intune MDM-managed device with MS Authenticator installed, Intune user enrollment is successful. However, on an unmanaged device that has MS Authenticator installed, completing the enrollment flow results in a -50000 error upon returning to the app.

Digging into the MSAL source code, I found that [decryptedResponse[@"success"] boolValue] in line 141 of MSIDDefaultBrokerResponseHandler is being evaluated as nil. The "success" value is a string, @"1", not a number. This causes the failure.

As a short-term solution, I have rewritten this to explicitly treat decryptedResponse[@"success"] as a string:

    // decryptedResponse[@"success"] is @"1"
    // [decryptedResponse[@"success"] boolValue] was returning `nil`, resulting in a failure
    // This instead explicitly converts the value to an NSNumber to get the boolean value
    BOOL success = NO;
    if (decryptedResponse[@"success"]) {
        // Make it an NSString, just in case it's something else
        NSString *successString = [NSString stringWithFormat:@"%@", decryptedResponse[@"success"]];
        if (![NSString msidIsStringNilOrBlank:successString]) {
            NSNumberFormatter *formatter = [[NSNumberFormatter alloc] init];
            NSNumber *successNumber = [formatter numberFromString:successString];
            if (successNumber) {
                success = [successNumber boolValue];
            }
        }
    }
    // Successful case
    if ([NSString msidIsStringNilOrBlank:decryptedResponse[@"broker_error_domain"]]
        && success)
    {

[antonioalwan]

Thanks, @ryanmsmith-v, for submitting this issue. I will investigate further and update you with the outcome.