AzureAD
diff --git a/‎changelog.txt‎
Lines changed: 1 addition & 0 deletions b/‎changelog.txt‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java‎
Lines changed: 11 additions & 1 deletion b/‎common/src/main/java/com/microsoft/identity/common/adal/internal/AuthenticationConstants.java‎
Lines changed: 11 additions & 1 deletion
diff --git a/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivity.java‎
Lines changed: 4 additions & 3 deletions b/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivity.java‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityFactory.java‎
Lines changed: 0 additions & 316 deletions b/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityFactory.java‎
Lines changed: 0 additions & 316 deletions
diff --git a/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityFactory.kt‎
Lines changed: 230 additions & 0 deletions b/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityFactory.kt‎
Lines changed: 230 additions & 0 deletions
diff --git a/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityParameters.kt‎
Lines changed: 54 additions & 0 deletions b/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/AuthorizationActivityParameters.kt‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/BrokerAuthorizationActivity.java‎
Lines changed: 17 additions & 0 deletions b/‎common/src/main/java/com/microsoft/identity/common/internal/providers/oauth2/BrokerAuthorizationActivity.java‎
Lines changed: 17 additions & 0 deletions
@@ -1,5 +1,6 @@
 vNext
 ----------
+- [MINOR] Add handler for resume switch_browser flow on WebViewAuthorizationFragment (#2557)
 - [PATCH] Track MAM flow in telemetry (#2608)
 - [PATCH] Fix multiple prompts issue in cross cloud request (#2599)
 - [PATCH] Corrected error handling in cross cloud scenario (#2602)
 
@@ -535,10 +535,20 @@ public static final class AAD {
     @NoArgsConstructor(access = AccessLevel.PRIVATE)
     public static final class SWITCH_BROWSER {
 
+        /**
+         * Path used on the broker redirect url to indicate the resume of the switch browser flow.
+         */
+        public static final String RESUME_PATH = "switch_browser_resume";
+
+        /**
+         * Path used on the broker redirect url to indicate the start of the switch browser flow.
+         */
+        public static final String REQUEST_PATH = "switch_browser";
+
         /**
          * String Query parameter key to indicate support for SWITCH_BROWSER protocol.
          */
-        public static final String PATH = "switch_browser";
+        public static final String CLIENT_SUPPORTS_FLOW = "switch_browser";
 
         /**
          * String Query parameter key for the purpose token.
 
@@ -43,11 +43,12 @@ public class AuthorizationActivity extends DualScreenActivity {
     @Getter
     @Accessors(prefix = "m")
     private SpanContext mSpanContext;
-
-    @Getter
-    @Accessors(prefix = "m")
     private AuthorizationFragment mFragment;
 
+    public AuthorizationFragment getFragment() {
+        return mFragment;
+    }
+
     @Override
     public void onCreate(@Nullable Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
 
@@ -0,0 +1,230 @@
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+package com.microsoft.identity.common.internal.providers.oauth2
+
+import android.content.Intent
+import androidx.fragment.app.Fragment
+import com.microsoft.identity.common.adal.internal.AuthenticationConstants
+import com.microsoft.identity.common.internal.msafederation.getIdProviderExtraQueryParamForAuthorization
+import com.microsoft.identity.common.internal.msafederation.getIdProviderHeadersForAuthorization
+import com.microsoft.identity.common.internal.msafederation.google.SignInWithGoogleApi.Companion.getInstance
+import com.microsoft.identity.common.internal.msafederation.google.SignInWithGoogleCredential
+import com.microsoft.identity.common.internal.msafederation.google.SignInWithGoogleParameters
+import com.microsoft.identity.common.internal.util.CommonMoshiJsonAdapter
+import com.microsoft.identity.common.internal.util.ProcessUtil
+import com.microsoft.identity.common.java.AuthenticationConstants.SdkPlatformFields.PRODUCT
+import com.microsoft.identity.common.java.AuthenticationConstants.SdkPlatformFields.VERSION
+import com.microsoft.identity.common.java.configuration.LibraryConfiguration
+import com.microsoft.identity.common.java.exception.ClientException
+import com.microsoft.identity.common.java.logging.DiagnosticContext
+import com.microsoft.identity.common.java.opentelemetry.SerializableSpanContext
+import com.microsoft.identity.common.java.opentelemetry.SpanExtension
+import com.microsoft.identity.common.java.ui.AuthorizationAgent
+import com.microsoft.identity.common.java.util.CommonURIBuilder
+import java.net.URISyntaxException
+
+
+/**
+ * Constructs intents and/or fragments for interactive requests based on library configuration and current request.
+ */
+object AuthorizationActivityFactory {
+    /**
+     * Return the correct authorization activity based on library configuration.
+     *
+     * @param parameters The parameters to use to create the intent.
+     * @return An android Intent which will be used by Android to create an AuthorizationActivity
+     */
+    @JvmStatic
+    fun getAuthorizationActivityIntent(parameters: AuthorizationActivityParameters): Intent {
+        val intent: Intent
+        val libraryConfig = LibraryConfiguration.getInstance()
+        if (ProcessUtil.isBrokerProcess(parameters.context)) {
+            intent = Intent(parameters.context, BrokerAuthorizationActivity::class.java)
+            if (parameters.requestUrl.contains(AuthenticationConstants.SWITCH_BROWSER.CLIENT_SUPPORTS_FLOW)) {
+                intent.setFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK or Intent.FLAG_ACTIVITY_NEW_TASK)
+                // In the case of a SwitchBrowser protocol, we need to transition from the browser to the WebView.
+                // These flags ensure that we have a new task stack that allows for this transition.
+            }
+        } else if (libraryConfig.isAuthorizationInCurrentTask && parameters.authorizationAgent != AuthorizationAgent.WEBVIEW) {
+            // We exclude the case when the authorization agent is already selected as WEBVIEW because of confusion
+            // that results from attempting to use the CurrentTaskAuthorizationActivity in that case, because as webview
+            // already uses the current task, attempting to manually simulate that behavior ends up supplying an incorrect
+            // Fragment to the activity.
+            intent = Intent(parameters.context, CurrentTaskAuthorizationActivity::class.java)
+        } else {
+            intent = Intent(parameters.context, AuthorizationActivity::class.java)
+        }
+
+        intent.apply {
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.AUTH_INTENT,
+                parameters.authIntent
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.REQUEST_URL,
+                parameters.requestUrl
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.REDIRECT_URI,
+                parameters.redirectUri
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.REQUEST_HEADERS,
+                parameters.requestHeader
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.AUTHORIZATION_AGENT,
+                parameters.authorizationAgent
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.WEB_VIEW_ZOOM_CONTROLS_ENABLED,
+                parameters.webViewZoomControlsEnabled
+            )
+            putExtra(
+                AuthenticationConstants.AuthorizationIntentKey.WEB_VIEW_ZOOM_ENABLED,
+                parameters.webViewZoomEnabled
+            )
+            putExtra(
+                DiagnosticContext.CORRELATION_ID,
+                DiagnosticContext.INSTANCE.requestContext[DiagnosticContext.CORRELATION_ID]
+            )
+            putExtra(
+                SerializableSpanContext.SERIALIZABLE_SPAN_CONTEXT, CommonMoshiJsonAdapter().toJson(
+                    SerializableSpanContext.builder()
+                        .traceId(SpanExtension.current().spanContext.traceId)
+                        .spanId(SpanExtension.current().spanContext.spanId)
+                        .traceFlags(SpanExtension.current().spanContext.traceFlags.asByte())
+                        .build()
+                )
+            )
+            if (parameters.sourceLibraryName != null) {
+                putExtra(PRODUCT, parameters.sourceLibraryName)
+            }
+            if (parameters.sourceLibraryVersion != null) {
+                putExtra(VERSION, parameters.sourceLibraryVersion)
+            }
+        }
+        return intent
+    }
+
+    /**
+     * Returns the correct authorization fragment for local (non-broker) authorization flows.
+     * Fragments include:
+     * [WebViewAuthorizationFragment]
+     * [BrowserAuthorizationFragment]
+     * [CurrentTaskBrowserAuthorizationFragment]
+     *
+     * @param intent The intent used to start the authorization flow.
+     * @return returns an Fragment that's used as to authorize a token request.
+     */
+    @JvmStatic
+    fun getAuthorizationFragmentFromStartIntent(intent: Intent): Fragment {
+        val fragment: Fragment
+        val authorizationAgent =
+            intent.getSerializableExtra(AuthenticationConstants.AuthorizationIntentKey.AUTHORIZATION_AGENT) as AuthorizationAgent?
+
+        val libraryConfig = LibraryConfiguration.getInstance()
+
+        fragment =
+            if (authorizationAgent == AuthorizationAgent.WEBVIEW) {
+                WebViewAuthorizationFragment()
+            } else {
+                if (libraryConfig.isAuthorizationInCurrentTask) {
+                    CurrentTaskBrowserAuthorizationFragment()
+                } else {
+                    BrowserAuthorizationFragment()
+                }
+            }
+
+        return fragment
+    }
+
+    /**
+     * This method first starts sign in with google flow displaying UX for user add/select a google account
+     * and after success creates intent with result obtained from successful google sign in and other input
+     * parameters.
+     *
+     * @param authorizationActivityParameters Parameters to create the auth intent
+     * @param signInWithGoogleParameters      Parameters to first start sign in with google flow before creating the intent
+     * @return An android Intent which will be used by Android to create an AuthorizationActivity
+     */
+    @JvmStatic
+    fun signInWithGoogleAndGetAuthorizationActivityIntent(
+        authorizationActivityParameters: AuthorizationActivityParameters,
+        signInWithGoogleParameters: SignInWithGoogleParameters
+    ): Intent {
+        return getAuthorizationActivityIntent(
+            authorizationActivityParameters,
+            getInstance().signInSync(signInWithGoogleParameters)
+        )
+    }
+
+    /**
+     * This method first starts sign in with google flow displaying UX for user add/select a google account
+     * and after success creates intent with result obtained from successful google sign in and other input
+     * parameters.
+     *
+     * @param authorizationActivityParameters Parameters to create the auth intent
+     * @return An android Intent which will be used by Android to create an AuthorizationActivity
+     */
+    @JvmStatic
+    @Throws(ClientException::class)
+    fun getAuthorizationActivityIntent(
+        authorizationActivityParameters: AuthorizationActivityParameters,
+        signInWithGoogleCredential: SignInWithGoogleCredential
+    ): Intent {
+
+        // add header
+        val requestHeadersWithGoogleAuthCredential =
+            if (authorizationActivityParameters.requestHeader.isNullOrEmpty()) {
+                HashMap()
+            } else {
+                HashMap(authorizationActivityParameters.requestHeader)
+            }
+        requestHeadersWithGoogleAuthCredential.putAll(signInWithGoogleCredential.getIdProviderHeadersForAuthorization())
+
+        // add id provider query parameter
+        val requestUrlWithIdProvider: String
+        try {
+            val uriBuilder = CommonURIBuilder(authorizationActivityParameters.requestUrl)
+            val extraQueryParamForAuthorization =
+                signInWithGoogleCredential.getIdProviderExtraQueryParamForAuthorization()
+            uriBuilder.addParameterIfAbsent(
+                extraQueryParamForAuthorization.key,
+                extraQueryParamForAuthorization.value
+            )
+            requestUrlWithIdProvider = uriBuilder.build().toString()
+        } catch (e: URISyntaxException) {
+            throw ClientException(
+                ClientException.MALFORMED_URL,
+                "Failed to add id provider query parameter to request URL",
+                e
+            )
+        }
+        val newAuthorizationActivityParameters = authorizationActivityParameters.copy(
+            requestUrl = requestUrlWithIdProvider,
+            requestHeader = requestHeadersWithGoogleAuthCredential
+        )
+        return getAuthorizationActivityIntent(newAuthorizationActivityParameters)
+    }
+}
@@ -0,0 +1,54 @@
+// Copyright (c) Microsoft Corporation.
+// All rights reserved.
+//
+// This code is licensed under the MIT License.
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy
+// of this software and associated documentation files(the "Software"), to deal
+// in the Software without restriction, including without limitation the rights
+// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+// copies of the Software, and to permit persons to whom the Software is
+// furnished to do so, subject to the following conditions :
+//
+// The above copyright notice and this permission notice shall be included in
+// all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+// THE SOFTWARE.
+package com.microsoft.identity.common.internal.providers.oauth2
+
+import android.content.Context
+import android.content.Intent
+import com.microsoft.identity.common.java.ui.AuthorizationAgent
+
+/**
+ * Parameters for the authorization activity.
+ *
+ * @param context                    Android application context
+ * @param authIntent                 Android intent used by the authorization activity to launch the specific implementation of authorization (BROWSER, EMBEDDED)
+ * @param requestUrl                 The authorization request in URL format
+ * @param redirectUri                The expected redirect URI associated with the authorization request
+ * @param requestHeader              Additional HTTP headers included with the authorization request
+ * @param authorizationAgent         The means by which authorization should be performed (EMBEDDED, WEBVIEW) NOTE: This should move to library configuration
+ * @param webViewZoomEnabled         This parameter is specific to embedded and controls whether webview zoom is enabled... NOTE: Needs refactoring
+ * @param webViewZoomControlsEnabled This parameter is specific to embedded and controls whether webview zoom controls are enabled... NOTE: Needs refactoring
+ * @param sourceLibraryName          Product name to be of library making the request
+ * @param sourceLibraryVersion       Product version to be of library making the request
+ */
+data class AuthorizationActivityParameters @JvmOverloads constructor(
+    val context: Context,
+    val authIntent: Intent?,
+    val requestUrl: String,
+    val redirectUri: String,
+    val requestHeader: HashMap<String, String>?,
+    val authorizationAgent: AuthorizationAgent,
+    val webViewZoomEnabled: Boolean = true,
+    val webViewZoomControlsEnabled: Boolean = true,
+    val sourceLibraryName: String? = null,
+    val sourceLibraryVersion: String? = null
+)
@@ -22,9 +22,26 @@
 // THE SOFTWARE.
 package com.microsoft.identity.common.internal.providers.oauth2;
 
+import android.content.Intent;
+
 /**
  * Declares as a separate class so that we can specify attributes exclusively to :auth process
  * in AndroidManifest without overriding MSAL's (In case where MSAL and broker is shipped together).
  */
 public class BrokerAuthorizationActivity extends AuthorizationActivity {
+
+    /**
+     * Refreshes the WebView with new intent data after the user completes authentication in the browser.
+     *
+     * <p>In the Switch browser flow, once the user finishes authentication in the browser, ETS will send a request
+     * to the broker containing a code and an action URI. The broker will then send this request data back to the
+     * WebView authorization activity via an intent. This method is used to refresh the WebView with the new intent
+     * data that includes the code and action URI.
+     * see {@link WebViewAuthorizationFragment#onResume()}
+     */
+    @Override
+    protected void onNewIntent(final Intent intent) {
+        super.onNewIntent(intent);
+        setIntent(intent);
+    }
 }