Use parameter instead of config when initialization #2313
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
❌ Work item link check failed. Description does not contain AB#{ID}. Click here to Learn more. |
There was a problem hiding this comment.
Pull Request Overview
This PR refactors native authentication initialization to use a standalone NativeAuthConfigParameters object (with capabilities) instead of relying on the config file, and adds validation and serialization support for the new capabilities field.
- Introduced
capabilitiesinNativeAuthConfigParametersand madePublicClientApplicationaccept it. - Extended
NativeAuthPublicClientApplicationConfigurationto parse, merge, serialize, and validate capabilities. - Updated tests (
setupPCAcalls) and added unit tests for missing, invalid, and correct capabilities.
Reviewed Changes
Copilot reviewed 33 out of 33 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| msal/src/test/java/.../NativeAuthPublicClientApplicationConfigurationTest.kt | Added tests for missing/invalid/case-insensitive capabilities |
| msal/src/test/java/.../NativeAuthOAuth2ConfigurationTest.kt | Passed capabilities = null into OAuth2 config |
| msal/src/test/java/.../SignUpEmailPasswordTest.kt | Updated setupPCA calls to include defaultCapabilities |
| msal/src/test/java/.../SignUpEmailPasswordAttributesTest.kt | Updated setup to include defaultCapabilities |
| msal/src/test/java/.../SignUpEmailOTPTest.kt | Updated setupPCA calls and removed old setup |
| msal/src/test/java/.../SignUpEmailOTPAttributesTest.kt | Updated setup to include defaultCapabilities |
| msal/src/test/java/.../SignInMFATest.kt | Passed defaultCapabilities to setupPCA |
| msal/src/test/java/.../SignInJITTest.kt | Passed defaultCapabilities and added JIT error test |
| msal/src/test/java/.../SignInEmailPasswordTest.kt | Passed defaultCapabilities to setupPCA |
| msal/src/test/java/.../SignInEmailOTPTest.kt | Added defaultCapabilities and updated setup |
| msal/src/test/java/.../SSPRTest.kt | Passed defaultCapabilities to setupPCA |
| msal/src/test/java/.../NativeAuthPublicClientApplicationAbstractTest.kt | Extended setupPCA signature to take capabilities |
| msal/src/test/java/.../GetTokenTests.kt | Updated setup to include defaultCapabilities |
| msal/src/main/java/.../SignUpStates.kt | Switched to use redirectReason in errors and separated cases |
| msal/src/main/java/.../SignInStates.kt | Switched to use redirectReason and separated cases |
| msal/src/main/java/.../ResetPasswordStates.kt | Switched to use redirectReason and separated cases |
| msal/src/main/java/.../MFAStates.kt | Switched to use redirectReason and separated cases |
| msal/src/main/java/.../JITStates.kt | Switched to use redirectReason and separated cases |
| msal/src/main/java/.../SignInErrors.kt | Made SignInSubmitPasswordError extend BrowserRequiredError |
| msal/src/main/java/.../ResetPasswordErrors.kt | Made ResetPasswordSubmitPasswordError extend BrowserRequiredError |
| msal/src/main/java/.../MFAErrors.kt | Made MFASubmitChallengeError extend BrowserRequiredError |
| msal/src/main/java/.../JITErrors.kt | Made JIT errors extend BrowserRequiredError |
| msal/src/main/java/.../GetAccessTokenError.kt | Made GetAccessTokenError extend BrowserRequiredError |
| msal/src/main/java/.../Error.kt | Made ResendCodeError extend BrowserRequiredError |
| msal/src/main/java/.../NativeAuthRegisterStrongAuthVerificationRequiredResultParameters.kt | Added missing copyright header |
| msal/src/main/java/.../NativeAuthConfigParameters.kt | New parameter class for native-auth init (includes capabilities) |
| msal/src/main/java/.../NativeAuthChallengeAuthMethodParameters.kt | Added missing copyright header |
| msal/src/main/java/.../NativeAuthPublicClientApplicationConfiguration.kt | Added capabilities field, serialization, merge, and validation |
| msal/src/main/java/.../CommandParametersAdapter.java | Propagated capabilities into command parameters |
| msal/src/main/java/.../MsalClientException.java | Defined invalid capability error code/message |
| msal/src/main/java/.../PublicClientApplicationConfiguration.java | Added import for ArrayList (no functional change) |
| msal/src/main/java/.../PublicClientApplication.java | Added overload to accept NativeAuthConfigParameters and handle capabilities |
| common | Updated submodule commit |
Comments suppressed due to low confidence (1)
msal/src/main/java/com/microsoft/identity/nativeauth/NativeAuthPublicClientApplicationConfiguration.kt:207
- The comment refers to capabilities but sits in
validateChallengeTypes; it should read "Remove duplicate challenge types".
// Remove duplicate capabilities
| @@ -154,7 +155,7 @@ class SignUpEmailPasswordTest : NativeAuthPublicClientApplicationAbstractTest() | |||
| @Test | |||
| fun testSuccessOTPResend() { | |||
| config = getConfig(defaultConfigType) | |||
| application = setupPCA(config, defaultChallengeTypes) | |||
| application = setupPCA(config, defaultChallengeTypes, defaultChallengeTypes) | |||
There was a problem hiding this comment.
The third argument should be defaultCapabilities instead of defaultChallengeTypes to pass the correct capabilities list.
Suggested change
| application = setupPCA(config, defaultChallengeTypes, defaultChallengeTypes) | |
| application = setupPCA(config, defaultChallengeTypes, defaultCapabilities) |
Copilot uses AI. Check for mistakes.
| @@ -242,7 +243,7 @@ class SignUpEmailPasswordTest : NativeAuthPublicClientApplicationAbstractTest() | |||
| @Test | |||
| fun testErrorInvalidPasswordFormat() { | |||
| config = getConfig(defaultConfigType) | |||
| application = setupPCA(config, defaultChallengeTypes) | |||
| application = setupPCA(config, defaultChallengeTypes, defaultChallengeTypes) | |||
There was a problem hiding this comment.
This call mistakenly uses defaultChallengeTypes for both challenge types and capabilities; replace the last parameter with defaultCapabilities.
Suggested change
| application = setupPCA(config, defaultChallengeTypes, defaultChallengeTypes) | |
| application = setupPCA(config, defaultChallengeTypes, defaultCapabilities) |
Copilot uses AI. Check for mistakes.
nilo-ms
reviewed
Jun 19, 2025
| package com.microsoft.identity.nativeauth.parameters | ||
|
|
||
|
|
||
| class NativeAuthConfigParameters ( |
There was a problem hiding this comment.
What about NativeAuthPublicClientApplicationParameters.
Better to mention the public client application and do not mention the word configuration. This is the parameters to create the native auth public client application, not the configuration
There was a problem hiding this comment.
Done. And make the path under the nativeauth folder.
nilo-ms
reviewed
Jun 19, 2025
| /** | ||
| * The authorityUrl to be used for the authority. | ||
| */ | ||
| var authorityUrl: String, |
nilo-ms
reviewed
Jun 19, 2025
| package com.microsoft.identity.nativeauth.parameters | ||
|
|
||
|
|
||
| class NativeAuthConfigParameters ( |
There was a problem hiding this comment.
Can you add the "public" keyword?
nilo-ms
reviewed
Jun 19, 2025
| @@ -991,17 +995,18 @@ public static INativeAuthPublicClientApplication createNativeAuthPublicClientApp | |||
| */ | |||
| public static INativeAuthPublicClientApplication createNativeAuthPublicClientApplication( | |||
| @NonNull final Context context, | |||
| @NonNull final NativeAuthPublicClientApplicationConfiguration config) throws MsalException { | |||
| @NonNull final NativeAuthConfigParameters configParameters) throws MsalException { | |||
There was a problem hiding this comment.
Similarly to other comments
Suggested change
| @NonNull final NativeAuthConfigParameters configParameters) throws MsalException { | |
| @NonNull final NativeAuthConfigParameters parameters) throws MsalException { |
nilo-ms
reviewed
Jun 19, 2025
| validateNonNullArgument(context, NONNULL_CONSTANTS.CONTEXT); | ||
| validateNonNullArgument(config, NONNULL_CONSTANTS.CONFIG); | ||
| validateNonNullArgument(parameters, NONNULL_CONSTANTS.CONFIG_PARAMETER); |
There was a problem hiding this comment.
Does this constant need to match with the name of the parameter that is "parameters" ?
There was a problem hiding this comment.
Done. Name it as CLIENT_PARAMETER
nilo-ms
approved these changes
Jun 19, 2025
Yuki-YuXin
merged commit 7d5d10a
into
feature/backward-compatibility
7 of 14 checks passed
Yuki-YuXin
added a commit
that referenced
this pull request
Jun 23, 2025
Fixes
[AB#{3287604}](https://dev.azure.com/IdentityDivision/Engineering/_workitems/edit/3287604)
Related common PR:
AzureAD/microsoft-authentication-library-common-for-android#2669
Native Auth Backward Compatibility feature includes:
- [Add capabilities parameter to native auth public client application
initialization, Fixes
AB#3287412](6d55346)
- [Handle redirect across all endpoints and return the redirect reason
to the developers, Fixes
AB#3288191](a121610)
- [Use parameter instead of config when
initialization](#2313)
The main addition to this PR is the testing section
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Context:
Deal with a comment under
#2305