search

AzureAD / microsoft-authentication-library-common-for-android

Common code used by both the Active Directory Authentication Library (ADAL) and the Microsoft Authentication Library (MSAL)
MIT License
41 stars 35 forks source link

Changes needed for token binding CA policy error handling #2453

Closed iamgusain closed 1 month ago

iamgusain commented 3 months ago

Adding logic to handle token binding CA policy errors.

Corresponding STS side PR for iOS and mac (Android will come later)- https://msazure.visualstudio.com/DefaultCollection/One/_git/ESTS-Main/pullrequest/10445085?_a=files&path=/src/Product/Microsoft.AzureAD.Common/Configuration/ICloudStsSettings.cs

Description of errors/redirect uri returned from server for upgrading to or performing strong device registration Silent Token Request (when device is registered)--> error: invalid_grant, suberror: insufficient_device_registration Silent Token Request (when device is not registered)--> error: device_authentication_failed

Interactive Token Request (when device is registered) --> redirect uri- msauth://upgradeReg?username=<>&client_info=<>&token_protection_required=true Interactive Token Request (when device is not registered) --> msauth://wpj?username=<>&client_info=<>&token_protection_required=true

mohitc1 commented 2 months ago

Consider adding UTs for new code

p3dr0rv commented 2 months ago

LGTM, just add more UT to validate the new cases