[Common] Update Broker ATS for Resource Accounts, Fixes AB#3230426 #2704
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
✅ Work item link check complete. Description contains link AB#3230426 to an Azure Boards work item. |
github-actions
bot
changed the title
There was a problem hiding this comment.
Pull Request Overview
This PR enhances the Broker ATS flow to support Resource Accounts by introducing a new flag on silent token parameters and updating how token errors are adapted, plus new tests, a JWT constant, and changelog entry.
- Add
isRequestForResourceAccounttoBrokerSilentTokenCommandParametersto signal Resource Account requests. - Extend
ExceptionAdapterwith a boolean flag to conditionally convert toUiRequiredExceptionand wire it through silent- and non-silent-token flows. - Update tests to cover the new flag and error-conversion behavior, add a JWT “use” constant, and bump the changelog.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| common4j/src/test/com/microsoft/identity/common/java/controllers/ExceptionAdapterTests.java | Convert JUnit asserts to static imports and add tests for resource-account and policy-required flows |
| common4j/src/main/com/microsoft/identity/common/java/jwt/JwtKeyUseTypes.kt | Introduce RESOURCE_ACCOUNT constant with KDoc |
| common4j/src/main/com/microsoft/identity/common/java/controllers/ExceptionAdapter.java | Add overload with allowConvertToUiRequiredException, handle silent-resource-account logic, adjust visibility |
| common4j/src/main/com/microsoft/identity/common/java/commands/parameters/BrokerSilentTokenCommandParameters.java | Add isRequestForResourceAccount flag and documentation |
| changelog.txt | Document “Update Broker ATS flow for Resource Account” |
Comments suppressed due to low confidence (5)
common4j/src/main/com/microsoft/identity/common/java/controllers/ExceptionAdapter.java:225
- Changing this method from public to package-private may break existing public API consumers. Consider restoring its public visibility or marking it deprecated before removal.
static ServiceException getExceptionFromTokenErrorResponse(@NonNull final TokenErrorResponse errorResponse) {
common4j/src/test/com/microsoft/identity/common/java/controllers/ExceptionAdapterTests.java:108
- The assertion message mentions UiRequiredException, but you’re checking for ServiceException. Update the message to reference ServiceException for clarity.
assertTrue("Expected exception of UiRequiredException type", e instanceof ServiceException);
common4j/src/test/com/microsoft/identity/common/java/controllers/ExceptionAdapterTests.java:85
- [nitpick] Method names mix camelCase and underscores. Consider renaming to
testMfaTokenErrorResponseAllowUiRequiredExceptionTruefor consistency with other test names.
public void testMFATokenErrorResponse_allowUiRequiredException_True() {
common4j/src/main/com/microsoft/identity/common/java/controllers/ExceptionAdapter.java:293
- There’s no test covering the path where
commandParametersis aBrokerInteractiveTokenCommandParametersandallowConvertToUiRequiredExceptionis true. Add a test to validate that branch.
if (isBrokerTokenCommandParameters(commandParameters)) {
common4j/src/main/com/microsoft/identity/common/java/jwt/JwtKeyUseTypes.kt:26
- [nitpick] The comment has a redundant phrase “to be used with for.” Consider rephrasing to something like: “Constants for JWT key use types for the
useclaim in the JWT header.”
* Constants for JWT key use types to be used with for "use" claim in JWT header.
| @RunWith(JUnit4.class) | ||
| public class ExceptionAdapterTests { | ||
|
|
||
| @Test | ||
| public void testBaseExceptionFromException_TerminalException() throws Exception{ | ||
| TerminalException t = new TerminalException("errorMsg", ClientException.KEY_RING_WRITE_FAILURE); | ||
| BaseException e = ExceptionAdapter.baseExceptionFromException(t); | ||
| Assert.assertEquals(e.getErrorCode(), t.getErrorCode()); | ||
| Assert.assertEquals(e.getCause(), t); | ||
| assertEquals(e.getErrorCode(), t.getErrorCode()); |
There was a problem hiding this comment.
JUnit’s assertEquals(expected, actual) order is reversed here. Swap parameters to assertEquals(t.getErrorCode(), e.getErrorCode()) for clearer failure messages.
Suggested change
| assertEquals(e.getErrorCode(), t.getErrorCode()); | |
| assertEquals(t.getErrorCode(), e.getErrorCode()); |
Copilot uses AI. Check for mistakes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Main PR:
https://github.com/AzureAD/ad-accounts-for-android/pull/3138
Fixes AB#3230426