Replace fromJson with fromPipeDelimited in token handler; remove fromJson and related tests

Agent-Logs-Url: https://github.com/AzureAD/microsoft-authentication-library-common-for-android/sessions/b86d2241-7b2c-4028-8a88-419ebf6b00ae

Co-authored-by: fadidurah <88730756+fadidurah@users.noreply.github.com>

Author: Copilot

common4j/src/main/com/microsoft/identity/common/java/providers/microsoft/microsoftsts/AbstractMicrosoftStsTokenResponseHandler.java

@@ -109,7 +109,7 @@ public TokenResult handleTokenResponse(@NonNull final HttpResponse response) thr
             }
 
             final String clientDataHeader = response.getHeaderValue(X_MS_CLIENTDATA, 0);
-            final ClientDataInfo clientDataInfo = ClientDataInfo.fromJson(clientDataHeader);
+            final ClientDataInfo clientDataInfo = ClientDataInfo.fromPipeDelimited(clientDataHeader);
             if (null != clientDataInfo) {
                 clientDataInfo.emitToSpan();
             }

common4j/src/main/com/microsoft/identity/common/java/telemetry/ClientDataInfo.java

@@ -27,16 +27,16 @@
 import com.microsoft.identity.common.java.opentelemetry.SpanExtension;
 import com.microsoft.identity.common.java.util.StringUtil;
 
-import org.json.JSONObject;
-
 import edu.umd.cs.findbugs.annotations.Nullable;
+import io.opentelemetry.api.trace.Span;
 import lombok.Getter;
 import lombok.Setter;
 import lombok.experimental.Accessors;
 
 /**
- * Model representing the x-ms-clientdata server telemetry header (from /token responses)
- * and the clientdata query parameter (from /authorize redirect URLs).
+ * Model representing server telemetry data from the x-ms-clientdata response header
+ * (/token responses) and the clientdata query parameter (/authorize redirect URLs).
+ * Both use a pipe-delimited format: account_type|error|sub_error|caller_data_boundary|cloud_instance.
  * Contains server-side error codes, account type, cloud instance, and data boundary info.
  */
 @Getter
@@ -49,21 +49,6 @@ public class ClientDataInfo {
     /** Maximum length for any individual field when emitting to a span. */
     private static final int MAX_FIELD_LENGTH = 256;
 
-    /** JSON key for server error code. */
-    private static final String JSON_KEY_ERROR = "Error";
-
-    /** JSON key for server sub-error code. */
-    private static final String JSON_KEY_SUB_ERROR = "SubError";
-
-    /** JSON key for account type. */
-    private static final String JSON_KEY_ACCOUNT_TYPE = "AccountType";
-
-    /** JSON key for cloud instance. */
-    private static final String JSON_KEY_CLOUD_INSTANCE = "cloud_instance";
-
-    /** JSON key for caller data boundary. */
-    private static final String JSON_KEY_CALLER_DATA_BOUNDARY = "caller_data_boundary";
-
     /** Account type value for MSA accounts. */
     private static final String ACCOUNT_TYPE_MSA_RAW = "m";
 
@@ -93,35 +78,6 @@ public class ClientDataInfo {
     private String mCloudInstance;
     private String mCallerDataBoundary;
 
-    /**
-     * Parses a URL-encoded JSON x-ms-clientdata value.
-     * Keys: Error, SubError, AccountType, cloud_instance, caller_data_boundary.
-     *
-     * @param urlEncodedJson URL-encoded JSON string, may be null.
-     * @return parsed {@link ClientDataInfo}, or null on failure/empty input.
-     */
-    @Nullable
-    public static ClientDataInfo fromJson(@Nullable final String urlEncodedJson) {
-        if (StringUtil.isNullOrEmpty(urlEncodedJson)) {
-            return null;
-        }
-        try {
-            final String decoded = StringUtil.urlFormDecode(urlEncodedJson);
-            final JSONObject json = new JSONObject(decoded);
-
-            final ClientDataInfo info = new ClientDataInfo();
-            info.mError = optString(json, JSON_KEY_ERROR);
-            info.mSubError = optString(json, JSON_KEY_SUB_ERROR);
-            info.mAccountType = optString(json, JSON_KEY_ACCOUNT_TYPE);
-            info.mCloudInstance = optString(json, JSON_KEY_CLOUD_INSTANCE);
-            info.mCallerDataBoundary = optString(json, JSON_KEY_CALLER_DATA_BOUNDARY);
-            return info;
-        } catch (final Exception e) {
-            Logger.warn(TAG, "Failed to parse x-ms-clientdata JSON: " + e.getMessage());
-            return null;
-        }
-    }
-
     /**
      * Parses an already-decoded pipe-delimited clientdata query parameter value.
      * The caller is responsible for URL-decoding before passing (e.g. values from
@@ -167,27 +123,23 @@ public static ClientDataInfo fromPipeDelimited(@Nullable final String decodedVal
      * Each field is truncated to {@value #MAX_FIELD_LENGTH} characters.
      */
     public void emitToSpan() {
+        final Span span = SpanExtension.current();
         if (mError != null) {
-            SpanExtension.current().setAttribute(
-                    AttributeName.server_error.name(), truncate(mError));
+            span.setAttribute(AttributeName.server_error.name(), truncate(mError));
         }
         if (mSubError != null) {
-            SpanExtension.current().setAttribute(
-                    AttributeName.server_sub_error.name(), truncate(mSubError));
+            span.setAttribute(AttributeName.server_sub_error.name(), truncate(mSubError));
         }
         if (mAccountType != null) {
             // account_type is an existing AttributeName; reuse it (m -> MSA, e -> AAD).
             final String mappedAccountType = mapAccountType(mAccountType);
-            SpanExtension.current().setAttribute(
-                    AttributeName.account_type.name(), truncate(mappedAccountType));
+            span.setAttribute(AttributeName.account_type.name(), truncate(mappedAccountType));
         }
         if (mCloudInstance != null) {
-            SpanExtension.current().setAttribute(
-                    AttributeName.server_cloud_instance.name(), truncate(mCloudInstance));
+            span.setAttribute(AttributeName.server_cloud_instance.name(), truncate(mCloudInstance));
         }
         if (mCallerDataBoundary != null) {
-            SpanExtension.current().setAttribute(
-                    AttributeName.server_caller_data_boundary.name(), truncate(mCallerDataBoundary));
+            span.setAttribute(AttributeName.server_caller_data_boundary.name(), truncate(mCallerDataBoundary));
         }
     }
 
@@ -208,15 +160,6 @@ private static String truncate(final String value) {
         return value.substring(0, MAX_FIELD_LENGTH);
     }
 
-    @Nullable
-    private static String optString(final JSONObject json, final String key) {
-        if (json.isNull(key)) {
-            return null;
-        }
-        final String value = json.optString(key, null);
-        return StringUtil.isNullOrEmpty(value) ? null : value;
-    }
-
     @Nullable
     private static String emptyToNull(final String value) {
         return StringUtil.isNullOrEmpty(value) ? null : value;

common4j/src/test/com/microsoft/identity/common/java/providers/microsoft/microsoftsts/MicrosoftStsTokenResponseHandlerTest.java

@@ -29,16 +29,13 @@
 import com.microsoft.identity.common.java.providers.microsoft.MicrosoftTokenErrorResponse;
 import com.microsoft.identity.common.java.providers.oauth2.TokenResult;
 
-import org.junit.After;
 import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.JUnit4;
 import org.mockito.MockedStatic;
 import org.mockito.Mockito;
 
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -106,17 +103,13 @@ public void testHandleTokenResponse_Error() {
     @SneakyThrows
     @Test
     public void testHandleTokenResponse_withClientDataHeader_attributesEmitted() {
-        final String rawJson = "{\"Error\":\"AADSTS50058\","
-                + "\"SubError\":\"login_required\","
-                + "\"AccountType\":\"e\","
-                + "\"cloud_instance\":\"public\","
-                + "\"caller_data_boundary\":\"us\"}";
-        final String encodedHeader = URLEncoder.encode(rawJson, StandardCharsets.UTF_8.name());
+        // Header value is a pipe-delimited string: account_type|error|sub_error|caller_data_boundary|cloud_instance
+        final String clientDataHeader = "e|AADSTS50058|login_required|us|public";
 
         final HashMap<String, List<String>> headers = new HashMap<>();
         headers.put("Content-Type", Collections.singletonList("application/json; charset=utf-8"));
         headers.put(HttpConstants.HeaderField.X_MS_CLIENTDATA,
-                Collections.singletonList(encodedHeader));
+                Collections.singletonList(clientDataHeader));
 
         final HttpResponse response = new HttpResponse(200, MOCK_TOKEN_SUCCESS_RESPONSE, headers);
         final MicrosoftStsTokenResponseHandler handler = new MicrosoftStsTokenResponseHandler();

common4j/src/test/com/microsoft/identity/common/java/telemetry/ClientDataInfoTest.java

@@ -31,9 +31,6 @@
 import org.mockito.MockedStatic;
 import org.mockito.Mockito;
 
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
-
 import io.opentelemetry.api.trace.Span;
 
 import static org.junit.Assert.assertEquals;
@@ -50,60 +47,6 @@
 @RunWith(JUnit4.class)
 public class ClientDataInfoTest {
 
-    // -------------------------------------------------------------------------
-    // fromJson() tests
-    // -------------------------------------------------------------------------
-
-    @Test
-    public void fromJson_validInput_allFieldsParsed() throws Exception {
-        final String raw = "{\"Error\":\"AADSTS50058\","
-                + "\"SubError\":\"login_required\","
-                + "\"AccountType\":\"m\","
-                + "\"cloud_instance\":\"public\","
-                + "\"caller_data_boundary\":\"us\"}";
-        final String encoded = URLEncoder.encode(raw, StandardCharsets.UTF_8.name());
-
-        final ClientDataInfo info = ClientDataInfo.fromJson(encoded);
-
-        assertNotNull(info);
-        assertEquals("AADSTS50058", info.getError());
-        assertEquals("login_required", info.getSubError());
-        assertEquals("m", info.getAccountType());
-        assertEquals("public", info.getCloudInstance());
-        assertEquals("us", info.getCallerDataBoundary());
-    }
-
-    @Test
-    public void fromJson_partialInput_onlyPresentFieldsSet() throws Exception {
-        final String raw = "{\"Error\":\"AADSTS65001\",\"AccountType\":\"e\"}";
-        final String encoded = URLEncoder.encode(raw, StandardCharsets.UTF_8.name());
-
-        final ClientDataInfo info = ClientDataInfo.fromJson(encoded);
-
-        assertNotNull(info);
-        assertEquals("AADSTS65001", info.getError());
-        assertEquals("e", info.getAccountType());
-        assertNull(info.getSubError());
-        assertNull(info.getCloudInstance());
-        assertNull(info.getCallerDataBoundary());
-    }
-
-    @Test
-    public void fromJson_malformedJson_returnsNull() throws Exception {
-        final String malformed = URLEncoder.encode("{not valid json}", StandardCharsets.UTF_8.name());
-        assertNull(ClientDataInfo.fromJson(malformed));
-    }
-
-    @Test
-    public void fromJson_nullInput_returnsNull() {
-        assertNull(ClientDataInfo.fromJson(null));
-    }
-
-    @Test
-    public void fromJson_emptyString_returnsNull() {
-        assertNull(ClientDataInfo.fromJson(""));
-    }
-
     // -------------------------------------------------------------------------
     // fromPipeDelimited() tests
     // -------------------------------------------------------------------------