Add OnboardingBlobBuilder, FieldKeys, and SessionCachePersistence for onboarding telemetry

wzhipan · wzhipan · commit 7c14fbb28fae · 2026-04-10T09:13:47.000-07:00
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/telemetry/OnboardingBlobBuilder.java b/common/src/main/java/com/microsoft/identity/common/internal/telemetry/OnboardingBlobBuilder.java
@@ -0,0 +1,271 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package com.microsoft.identity.common.internal.telemetry;
+
+import android.content.Context;
+import android.content.SharedPreferences;
+
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+
+import com.microsoft.identity.common.java.telemetry.OnboardingBlobFieldKeys;
+
+import org.json.JSONArray;
+import org.json.JSONException;
+import org.json.JSONObject;
+
+import java.time.Instant;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * Android blob builder for onboarding telemetry.
+ * Called by WebView navigation fragments during interactive auth flows.
+ * Operates on an in-memory Java model, converts to JSON at flow end.
+ * On block detection, persists sessionCorrelationId to SharedPreferences
+ * immediately for app-kill resilience.
+ *
+ * Lives in Android common core so both OneAuth (non-brokered) and broker apps
+ * (brokered) use the same class.
+ */
+public class OnboardingBlobBuilder {
+
+    private static final String PREFS_FILE = "com.microsoft.oneauth.session_correlation_cache";
+    private static final String TAG = "OnboardingBlobBuilder";
+
+    // Seed field key constants — must match OnboardingBlobConstants (Djinni-generated).
+    // Duplicated here to avoid a dependency on the Djinni-generated Java class in Common.
+    private static final String FIELD_SCHEMA_VERSION = "schema_version";
+    private static final String FIELD_SESSION_CORRELATION_ID = "sessionCorrelationId";
+    private static final String FIELD_ONBOARDING_MODE = "onboardingMode";
+    private static final String FIELD_STEPS_LIST = "stepsList";
+    private static final String FIELD_STEP_ID = "stepId";
+    private static final String FIELD_TS = "ts";
+
+    // Seed fields (from C++ common core)
+    private final String mSchemaVersion;
+    private final String mSessionCorrelationId;
+    private final String mOnboardingMode;
+
+    // Builder identity for persistence
+    private final String mClientId;
+    private final String mTarget;
+    private final Context mContext;
+
+    // Populated fields
+    private final List<StepEntry> mStepsList = new ArrayList<>();
+    private final List<String> mBlockingErrors = new ArrayList<>();
+    private String mLastLoadedDomain;
+    private boolean mRemediationNeeded;
+    private String mProfile;
+    private final List<String> mUxFlowUsed = new ArrayList<>();
+
+    private static class StepEntry {
+        final String stepId;
+        final String timestamp; // ISO 8601
+
+        StepEntry(String stepId, String timestamp) {
+            this.stepId = stepId;
+            this.timestamp = timestamp;
+        }
+    }
+
+    /**
+     * Construct a builder from the seed JSON provided by C++ InteractiveRequest.
+     *
+     * @param seedJson  The seed blob JSON string from authParameters
+     * @param clientId  Client ID for cache persistence key
+     * @param target    Target (scopes) for cache persistence key
+     * @param context   Android context for SharedPreferences access
+     */
+    public OnboardingBlobBuilder(
+            @NonNull String seedJson,
+            @NonNull String clientId,
+            @NonNull String target,
+            @NonNull Context context) {
+        mClientId = clientId;
+        mTarget = target;
+        mContext = context.getApplicationContext();
+
+        // Deserialize seed JSON
+        String schemaVersion = "";
+        String sessionCorrelationId = "";
+        String onboardingMode = "";
+        try {
+            JSONObject seed = new JSONObject(seedJson);
+            schemaVersion = seed.optString(FIELD_SCHEMA_VERSION, "");
+            sessionCorrelationId = seed.optString(FIELD_SESSION_CORRELATION_ID, "");
+            onboardingMode = seed.optString(FIELD_ONBOARDING_MODE, "");
+        } catch (JSONException e) {
+            // Corrupted seed — use empty values
+        }
+        mSchemaVersion = schemaVersion;
+        mSessionCorrelationId = sessionCorrelationId;
+        mOnboardingMode = onboardingMode;
+    }
+
+    /**
+     * Record a step in the onboarding flow.
+     *
+     * @param stepId    Step ID constant (from OnboardingBlobFieldKeys)
+     * @param timestamp The time when the step occurred
+     */
+    public void addStep(@NonNull String stepId, @NonNull Instant timestamp) {
+        mStepsList.add(new StepEntry(stepId, timestamp.toString()));
+    }
+
+    /**
+     * Record a blocking error code detected during the flow.
+     * Also persists the session correlation entry to SharedPreferences immediately
+     * for app-kill resilience.
+     *
+     * @param errorCode The blocking error code (e.g., "65001", "53000")
+     */
+    public void addBlockingError(@NonNull String errorCode) {
+        mBlockingErrors.add(errorCode);
+        mRemediationNeeded = true;
+
+        // Persist session correlation to SharedPreferences immediately on block
+        persistSessionCorrelation();
+    }
+
+    /**
+     * Set the last loaded domain during WebView navigation.
+     *
+     * @param domain The domain URL (e.g., "login.microsoftonline.com")
+     */
+    public void setLastLoadedDomain(@NonNull String domain) {
+        mLastLoadedDomain = domain;
+    }
+
+    /**
+     * Set whether remediation is needed.
+     *
+     * @param needed True if CA remediation is required
+     */
+    public void setRemediationNeeded(boolean needed) {
+        mRemediationNeeded = needed;
+    }
+
+    /**
+     * Set the Android profile context.
+     *
+     * @param profile One of OnboardingBlobFieldKeys.PROFILE_USER or PROFILE_WORK
+     */
+    public void setProfile(@NonNull String profile) {
+        mProfile = profile;
+    }
+
+    /**
+     * Add a UX flow variant tag.
+     *
+     * @param flowTag Flow variant (e.g., "MobileOnboardingPhase1")
+     */
+    public void addUxFlowUsed(@NonNull String flowTag) {
+        mUxFlowUsed.add(flowTag);
+    }
+
+    /**
+     * Finalize the blob and return the JSON string.
+     * If no blocking errors were recorded, returns empty string (clears seed blob).
+     * Otherwise serializes the populated blob to JSON.
+     *
+     * @return Populated blob JSON string, or empty string if no blocking errors
+     */
+    @NonNull
+    public String finalizeBlob() {
+        if (mBlockingErrors.isEmpty()) {
+            return "";
+        }
+
+        try {
+            JSONObject blob = new JSONObject();
+
+            // Seed fields
+            blob.put(FIELD_SCHEMA_VERSION, mSchemaVersion);
+            blob.put(FIELD_SESSION_CORRELATION_ID, mSessionCorrelationId);
+            blob.put(FIELD_ONBOARDING_MODE, mOnboardingMode);
+
+            // StepsList
+            JSONArray steps = new JSONArray();
+            for (StepEntry entry : mStepsList) {
+                JSONObject step = new JSONObject();
+                step.put(FIELD_STEP_ID, entry.stepId);
+                step.put(FIELD_TS, entry.timestamp);
+                steps.put(step);
+            }
+            blob.put(FIELD_STEPS_LIST, steps);
+
+            // Platform builder fields
+            JSONArray errorsArray = new JSONArray();
+            for (String error : mBlockingErrors) {
+                errorsArray.put(error);
+            }
+            blob.put(OnboardingBlobFieldKeys.BLOCKING_ERRORS, errorsArray);
+            blob.put(OnboardingBlobFieldKeys.LAST_BLOCKING_ERROR,
+                    mBlockingErrors.get(mBlockingErrors.size() - 1));
+            blob.put(OnboardingBlobFieldKeys.REMEDIATION_NEEDED, mRemediationNeeded);
+
+            if (mLastLoadedDomain != null) {
+                blob.put(OnboardingBlobFieldKeys.LAST_LOADED_DOMAIN, mLastLoadedDomain);
+            }
+
+            if (!mStepsList.isEmpty()) {
+                blob.put(OnboardingBlobFieldKeys.LAST_COMPLETED_STEP,
+                        mStepsList.get(mStepsList.size() - 1).stepId);
+            }
+
+            if (mProfile != null) {
+                blob.put(OnboardingBlobFieldKeys.PROFILE, mProfile);
+            }
+
+            if (!mUxFlowUsed.isEmpty()) {
+                JSONArray flows = new JSONArray();
+                for (String flow : mUxFlowUsed) {
+                    flows.put(flow);
+                }
+                blob.put(OnboardingBlobFieldKeys.UX_FLOW_USED, flows);
+            }
+
+            return blob.toString();
+        } catch (JSONException e) {
+            return "";
+        }
+    }
+
+    /**
+     * Returns the session correlation ID from the seed blob.
+     */
+    @NonNull
+    public String getSessionCorrelationId() {
+        return mSessionCorrelationId;
+    }
+
+    /**
+     * Persist session correlation entry to SharedPreferences immediately.
+     * Called on block detection for app-kill resilience.
+     */
+    private void persistSessionCorrelation() {
+        try {
+            SharedPreferences prefs = mContext.getSharedPreferences(PREFS_FILE, Context.MODE_PRIVATE);
+            String existing = prefs.getString(PREFS_FILE, "");
+            JSONObject cache;
+            if (existing != null && !existing.isEmpty()) {
+                cache = new JSONObject(existing);
+            } else {
+                cache = new JSONObject();
+            }
+
+            String key = mClientId + "|" + mTarget;
+            JSONObject entry = new JSONObject();
+            entry.put("id", mSessionCorrelationId);
+            entry.put("ts", System.currentTimeMillis());
+            cache.put(key, entry);
+
+            prefs.edit().putString(PREFS_FILE, cache.toString()).apply();
+        } catch (JSONException e) {
+            // Best-effort persistence — don't crash
+        }
+    }
+}
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/telemetry/OnboardingSessionCachePersistence.java b/common/src/main/java/com/microsoft/identity/common/internal/telemetry/OnboardingSessionCachePersistence.java
@@ -0,0 +1,46 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package com.microsoft.identity.common.internal.telemetry;
+
+import android.content.Context;
+import android.content.SharedPreferences;
+
+import androidx.annotation.NonNull;
+
+/**
+ * SharedPreferences-backed persistence for session correlation IDs.
+ * Used by both OneAuth (via JNI/Djinni) and the broker app directly.
+ * The same SharedPreferences file is written to by OnboardingBlobBuilder
+ * on block detection for app-kill resilience.
+ */
+public class OnboardingSessionCachePersistence {
+
+    private static final String PREFS_FILE = "com.microsoft.oneauth.session_correlation_cache";
+
+    private final Context mContext;
+
+    public OnboardingSessionCachePersistence(@NonNull Context context) {
+        mContext = context.getApplicationContext();
+    }
+
+    /**
+     * Load the persisted session correlation cache JSON string.
+     * @return JSON string, or empty string if nothing is persisted
+     */
+    @NonNull
+    public String load() {
+        SharedPreferences prefs = mContext.getSharedPreferences(PREFS_FILE, Context.MODE_PRIVATE);
+        String value = prefs.getString(PREFS_FILE, "");
+        return value != null ? value : "";
+    }
+
+    /**
+     * Save the session correlation cache JSON string to SharedPreferences.
+     * @param json The JSON string to persist
+     */
+    public void save(@NonNull String json) {
+        SharedPreferences prefs = mContext.getSharedPreferences(PREFS_FILE, Context.MODE_PRIVATE);
+        prefs.edit().putString(PREFS_FILE, json).apply();
+    }
+}
diff --git a/common4j/src/main/com/microsoft/identity/common/java/telemetry/OnboardingBlobFieldKeys.java b/common4j/src/main/com/microsoft/identity/common/java/telemetry/OnboardingBlobFieldKeys.java
@@ -0,0 +1,35 @@
+// Copyright (c) Microsoft Corporation.
+// Licensed under the MIT License.
+
+package com.microsoft.identity.common.java.telemetry;
+
+/**
+ * JSON field keys owned by platform builders. C++ does NOT use these by name —
+ * EntityStore dynamically iterates the blob JSON for fan-out.
+ * Seed creation + aggregation keys come from OnboardingBlobConstants (Djinni-generated).
+ */
+public final class OnboardingBlobFieldKeys {
+    // Field keys for populated blob (written by builder, read by EntityStore dynamically)
+    public static final String BLOCKING_ERRORS = "blockingErrors";
+    public static final String LAST_BLOCKING_ERROR = "lastBlockingError";
+    public static final String LAST_LOADED_DOMAIN = "lastLoadedDomain";
+    public static final String LAST_COMPLETED_STEP = "lastCompletedStep";
+    public static final String REMEDIATION_NEEDED = "remediationNeeded";
+    public static final String PROFILE = "profile";
+    public static final String UX_FLOW_USED = "uxFlowUsed";
+
+    // Step ID values not used in C++ aggregation (no derived duration metric computed from these)
+    public static final String STEP_AUTHENTICATION_STARTED = "AuthenticationStarted";
+    public static final String STEP_CREDENTIAL_ENTRY_COMPLETED = "CredentialEntryCompleted";
+    public static final String STEP_BROKER_INSTALL_PROMPTED = "BrokerInstallPrompted";
+    public static final String STEP_BROKER_INSTALL_PROMPTED_FOR_MDM = "BrokerInstallPromptedForMDM";
+    public static final String STEP_DEVICE_REGISTRATION_STARTED = "DeviceRegistrationStarted";
+    public static final String STEP_DEVICE_REGISTRATION_COMPLETED = "DeviceRegistrationCompleted";
+    public static final String STEP_FLOW_COMPLETED = "FlowCompleted";
+
+    // Platform-specific values
+    public static final String PROFILE_USER = "userProfile";
+    public static final String PROFILE_WORK = "workProfile";
+
+    private OnboardingBlobFieldKeys() {} // non-instantiable
+}
