AzureAD · unpluggedk · Jun 26, 2018 · Jun 19, 2018 · Jun 19, 2018 · Jun 26, 2018
@@ -75,6 +75,12 @@
 		96875DEF1E59A39C00D7847F /* MSALAuthorityBaseResolverTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 96875DED1E59A39C00D7847F /* MSALAuthorityBaseResolverTests.m */; };
 		96875DF11E59A3B000D7847F /* MSALAadAuthorityResolverTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 96875DF01E59A3B000D7847F /* MSALAadAuthorityResolverTests.m */; };
 		96875DF21E59A3B000D7847F /* MSALAadAuthorityResolverTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 96875DF01E59A3B000D7847F /* MSALAadAuthorityResolverTests.m */; };
+		96902DF320E1577500200E6F /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DEC20E1574F00200E6F /* WebKit.framework */; };
+		96902DF420E1578700200E6F /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DEC20E1574F00200E6F /* WebKit.framework */; };
+		96902DF620E1579000200E6F /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DF520E1579000200E6F /* WebKit.framework */; };
+		96902DF920E157B400200E6F /* WebKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DF520E1579000200E6F /* WebKit.framework */; };
+		96902DFB20E158E700200E6F /* GSS.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DFA20E158E700200E6F /* GSS.framework */; };
+		96902DFD20E1590200200E6F /* SecurityInterface.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 96902DFC20E1590200200E6F /* SecurityInterface.framework */; };
 		969B86871E776042000AF437 /* MSALPkce.h in Headers */ = {isa = PBXBuildFile; fileRef = 969B86851E776042000AF437 /* MSALPkce.h */; };
 		969B86891E776042000AF437 /* MSALPkce.m in Sources */ = {isa = PBXBuildFile; fileRef = 969B86861E776042000AF437 /* MSALPkce.m */; };
 		969B868B1E7778FF000AF437 /* MSALPkceTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 969B868A1E7778FF000AF437 /* MSALPkceTests.m */; };
@@ -490,6 +496,10 @@
 		9675A14D1E53DFC0002A4741 /* MSALAadAuthorityResolver.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MSALAadAuthorityResolver.m; sourceTree = "<group>"; };
 		96875DED1E59A39C00D7847F /* MSALAuthorityBaseResolverTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MSALAuthorityBaseResolverTests.m; sourceTree = "<group>"; };
 		96875DF01E59A3B000D7847F /* MSALAadAuthorityResolverTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MSALAadAuthorityResolverTests.m; sourceTree = "<group>"; };
+		96902DEC20E1574F00200E6F /* WebKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = WebKit.framework; path = Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.4.sdk/System/Library/Frameworks/WebKit.framework; sourceTree = DEVELOPER_DIR; };
+		96902DF520E1579000200E6F /* WebKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = WebKit.framework; path = System/Library/Frameworks/WebKit.framework; sourceTree = SDKROOT; };
+		96902DFA20E158E700200E6F /* GSS.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = GSS.framework; path = System/Library/Frameworks/GSS.framework; sourceTree = SDKROOT; };
+		96902DFC20E1590200200E6F /* SecurityInterface.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = SecurityInterface.framework; path = System/Library/Frameworks/SecurityInterface.framework; sourceTree = SDKROOT; };
 		969B86851E776042000AF437 /* MSALPkce.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MSALPkce.h; sourceTree = "<group>"; };
 		969B86861E776042000AF437 /* MSALPkce.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MSALPkce.m; sourceTree = "<group>"; };
 		969B868A1E7778FF000AF437 /* MSALPkceTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MSALPkceTests.m; sourceTree = "<group>"; };
@@ -715,6 +725,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				96902DF320E1577500200E6F /* WebKit.framework in Frameworks */,
 				B2C17B071FC8DAC50070A514 /* libIdentityCore.a in Frameworks */,
 				D6A206341FC5109B00755A51 /* SafariServices.framework in Frameworks */,
 				D6A206321FC5108900755A51 /* UIKit.framework in Frameworks */,
@@ -726,6 +737,9 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				96902DFD20E1590200200E6F /* SecurityInterface.framework in Frameworks */,
+				96902DFB20E158E700200E6F /* GSS.framework in Frameworks */,
+				96902DF620E1579000200E6F /* WebKit.framework in Frameworks */,
 				B2C17B081FC8DACC0070A514 /* libIdentityCore.a in Frameworks */,
 				D6A2063C1FC510FB00755A51 /* IOKit.framework in Frameworks */,
 				D6A206381FC510B500755A51 /* Security.framework in Frameworks */,
@@ -737,6 +751,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				96902DF420E1578700200E6F /* WebKit.framework in Frameworks */,
 				231CE9DE1FEC684C00E95D3E /* Security.framework in Frameworks */,
 				231CE9DC1FEC682000E95D3E /* libIdentityTest.a in Frameworks */,
 				D6A206401FC512F400755A51 /* SafariServices.framework in Frameworks */,
@@ -749,6 +764,7 @@
 			isa = PBXFrameworksBuildPhase;
 			buildActionMask = 2147483647;
 			files = (
+				96902DF920E157B400200E6F /* WebKit.framework in Frameworks */,
 				231CE9DF1FEC7E8400E95D3E /* libIdentityTest.a in Frameworks */,
 				D65A6FD51E3FF49C00C69FBA /* MSAL.framework in Frameworks */,
 			);
@@ -1308,6 +1324,10 @@
 		D6A2062E1FC5106F00755A51 /* Frameworks */ = {
 			isa = PBXGroup;
 			children = (
+				96902DFC20E1590200200E6F /* SecurityInterface.framework */,
+				96902DFA20E158E700200E6F /* GSS.framework */,
+				96902DEC20E1574F00200E6F /* WebKit.framework */,
+				96902DF520E1579000200E6F /* WebKit.framework */,
 				231CE9DD1FEC684C00E95D3E /* Security.framework */,
 				D6A2063B1FC510FB00755A51 /* IOKit.framework */,
 				D6A206371FC510B500755A51 /* Security.framework */,

@@ -44,29 +44,35 @@ + (void)initialize
 
     s_errorCodeMapping = @{
                            MSIDErrorDomain:@{
+                                   // General
                                    @(MSIDErrorInternal) : @(MSALErrorInternal),
                                    @(MSIDErrorInvalidInternalParameter) : @(MSALErrorInternal),
                                    @(MSIDErrorInvalidDeveloperParameter) :@(MSALErrorInvalidParameter),
-                                   @(MSIDErrorAmbiguousAuthority) : @(MSALErrorAmbiguousAuthority),
-                                   @(MSIDErrorInteractionRequired) : @(MSALErrorInteractionRequired),
+                                   @(MSIDErrorUnsupportedFunctionality): @(MSALErrorInternal),
+                                   // Cache
                                    @(MSIDErrorCacheMultipleUsers) : @(MSALErrorInternal),
-                                   @(MSIDErrorTokenCacheItemFailure) : @(MSALErrorTokenCacheItemFailure),
-                                   @(MSIDErrorWrapperCacheFailure) : @(MSALErrorWrapperCacheFailure),
                                    @(MSIDErrorCacheBadFormat) : @(MSALErrorWrapperCacheFailure),
-                                   @(MSIDErrorCacheVersionMismatch) : @(MSALErrorInternal),
-                                   @(MSIDErrorServerInvalidResponse) : @(MSALErrorInvalidResponse),
-                                   @(MSIDErrorDeveloperAuthorityValidation) : @(MSALErrorFailedAuthorityValidation),
-                                   @(MSIDErrorServerRefreshTokenRejected) : @(MSALErrorAuthorizationFailed),
-                                   @(MSIDErrorServerOauth) : @(MSALErrorAuthorizationFailed),
-                                   @(MSIDErrorUnsupportedFunctionality): @(MSALErrorInternal)
+                                   // Authority Validation
+                                   @(MSIDErrorAuthorityValidation) : @(MSALErrorFailedAuthorityValidation),
+                                   // Interactive flow
+                                   @(MSIDErrorAuthorizationFailed) : @(MSALErrorAuthorizationFailed),
+                                   @(MSIDErrorUserCancel) : @(MSALErrorUserCanceled),
+                                   @(MSIDErrorSessionCanceledProgrammatically) : @(MSALErrorSessionCanceled),
+                                   @(MSIDErrorInteractiveSessionStartFailure) : @(MSALErrorInternal),
+                                   @(MSIDErrorInteractiveSessionAlreadyRunning) : @(MSALErrorInteractiveSessionAlreadyRunning),
+                                   @(MSIDErrorNoMainViewController) : @(MSALErrorNoViewController),
                                    },
                            MSIDOAuthErrorDomain:@{
-                                   @(MSIDErrorInvalidRequest) :@(MSALErrorInvalidRequest),
-                                   @(MSIDErrorInvalidClient) : @(MSALErrorInvalidClient),
-                                   @(MSIDErrorInvalidGrant) : @(MSALErrorInvalidParameter),
-                                   @(MSIDErrorInvalidParameter) : @(MSALErrorInvalidParameter),
-                                   @(MSIDErrorServerRefreshTokenRejected) : @(MSALErrorAuthorizationFailed),
+                                   @(MSIDErrorInteractionRequired) : @(MSALErrorInteractionRequired),
                                    @(MSIDErrorServerOauth) : @(MSALErrorAuthorizationFailed),
+                                   @(MSIDErrorServerInvalidResponse) : @(MSALErrorInvalidResponse),
+                                   @(MSIDErrorServerRefreshTokenRejected) : @(MSALErrorRefreshTokenRejected),
+                                   @(MSIDErrorServerInvalidRequest) :@(MSALErrorInvalidRequest),
+                                   @(MSIDErrorServerInvalidClient) : @(MSALErrorInvalidClient),
+                                   @(MSIDErrorServerInvalidGrant) : @(MSALErrorInvalidGrant),
+                                   @(MSIDErrorServerInvalidScope) : @(MSALErrorInvalidScope),
+                                   @(MSIDErrorServerInvalidState) : @(MSALErrorInvalidState),
+                                   @(MSIDErrorServerNonHttpsRedirect) : @(MSALErrorNonHttpsRedirect)
                                    }
                            };
 

@@ -89,13 +89,15 @@ typedef NS_ENUM(NSInteger, MSALErrorCode)
 
     MSALErrorInvalidRequest              = -42002,
     MSALErrorInvalidClient               = -42003,
-
+    MSALErrorInvalidGrant               = -42004,
+    MSALErrorInvalidScope               = -42005,
+
     /*! 
         The passed in authority URL does not pass validation.
         If you're trying to use B2C, you must disable authority validation by
         setting validateAuthority of MSALPublicClientApplication to NO.
      */
-    MSALErrorFailedAuthorityValidation = -42004,
+    MSALErrorFailedAuthorityValidation = -42010,
 
     /*!
         Interaction required errors occur because of a wide variety of errors
@@ -182,12 +184,21 @@ typedef NS_ENUM(NSInteger, MSALErrorCode)
 
     /*!
      Response was received in a network call, but the response body was invalid.
-
+     R
      e.g. Response was to be expected a key-value pair with "key1" and
      the json response does not contain "key1" elements
 
      */
     MSALErrorInvalidResponse = -42600,
 
+    /*!
+     Server returned a refresh token reject response
+     */
+    MSALErrorRefreshTokenRejected = -42601,
+
+    /*!
+     Server tried to redirect to non http URL
+     */
+    MSALErrorNonHttpsRedirect = -42602,
 };
 
@@ -290,8 +290,7 @@ - (IBAction)expireAccessToken:(__unused id)sender
         MSIDConfiguration *configuration = [[MSIDConfiguration alloc] initWithAuthority:[[NSURL alloc] initWithString:parameters[MSAL_AUTHORITY_PARAM]]
                                                                             redirectUri:nil
                                                                                clientId:parameters[MSAL_CLIENT_ID_PARAM]
-                                                                                 target:parameters[MSAL_SCOPES_PARAM]
-                                                                          correlationId:nil];
+                                                                                 target:parameters[MSAL_SCOPES_PARAM]];
 
         __auto_type accessToken = [self.defaultAccessor getAccessTokenForAccount:account configuration:configuration context:nil error:nil];
         accessToken.expiresOn = [NSDate dateWithTimeIntervalSinceNow:-1.0];
@@ -320,8 +319,7 @@ - (IBAction)invalidateRefreshToken:(__unused id)sender
         MSIDConfiguration *configuration = [[MSIDConfiguration alloc] initWithAuthority:[[NSURL alloc] initWithString:parameters[MSAL_AUTHORITY_PARAM]]
                                                                             redirectUri:nil
                                                                                clientId:parameters[MSAL_CLIENT_ID_PARAM]
-                                                                                 target:parameters[MSAL_SCOPES_PARAM]
-                                                                          correlationId:nil];
+                                                                                 target:parameters[MSAL_SCOPES_PARAM]];
 
         __auto_type refreshToken = [self.defaultAccessor getRefreshTokenWithAccount:account
                                                                            familyId:nil

@@ -49,7 +49,7 @@
 #import "MSIDTestTokenResponse.h"
 #import "MSIDTestConfiguration.h"
 #import "MSIDAADV2TokenResponse.h"
-#import "MSIDTestCacheIdentifiers.h"
+#import "MSIDTestIdentifiers.h"
 #import "MSALAccount+Internal.h"
 #import "MSIDClientInfo.h"
 #import "MSIDTestIdTokenUtil.h"

@@ -92,7 +92,7 @@ - (void)testErrorConversion_whenBothErrorDomainAndCodeAreMapped_shouldMapBoth {
     NSDictionary *httpHeaders = @{@"fake header key" : @"fake header value"};
     NSString *httpResponseCode = @"-99999";
 
-    NSError *msidError = MSIDCreateError(MSIDErrorDomain,
+    NSError *msidError = MSIDCreateError(MSIDOAuthErrorDomain,
                                          errorCode,
                                          errorDescription,
                                          oauthError,
@@ -126,29 +126,20 @@ - (void)testErrorConversion_whenBothErrorDomainAndCodeAreMapped_shouldMapBoth {
  */
 - (void)testErrorConversion_whenErrorConverterInitialized_shouldMapAllMSIDErrors
 {
-    NSInteger errorCode = MSIDErrorCodeFirst;
+    NSDictionary *domainsAndCodes = MSIDErrorDomainsAndCodes();
 
-    while (errorCode >= MSIDErrorCodeLast)
+    for (NSString *domain in domainsAndCodes)
     {
-        // All error codes in MSIDError.h are of MSIDErrorDomain except that,
-        // the following six are of MSIDOAuthErrorDomain
-        NSString *domain = MSIDErrorDomain;
-        if (errorCode == MSIDErrorServerRefreshTokenRejected ||
-            errorCode == MSIDErrorServerOauth ||
-            errorCode == MSIDErrorInvalidRequest ||
-            errorCode == MSIDErrorInvalidClient ||
-            errorCode == MSIDErrorInvalidGrant ||
-            errorCode == MSIDErrorInvalidParameter)
+        NSArray *codes = domainsAndCodes[domain];
+        for (NSNumber *code in codes)
         {
-            domain = MSIDOAuthErrorDomain;
+            MSIDErrorCode errorCode = [code integerValue];
+            NSError *msidError = MSIDCreateError(domain, errorCode, @"test", nil, nil, nil, nil, nil);
+            NSError *error = [MSALErrorConverter MSALErrorFromMSIDError:msidError];
+
+            XCTAssertNotEqual(error.code, errorCode);
+
         }
-
-        NSError *msidError = MSIDCreateError(domain, errorCode, @"test", nil, nil, nil, nil, nil);
-        NSError *error = [MSALErrorConverter MSALErrorFromMSIDError:msidError];
-
-        XCTAssertNotEqual(error.code, errorCode);
-
-        errorCode--;
     }
 }