Broker IPC plumbing for onboarding telemetry blob, Fixes AB#3568357#3111
Merged
Conversation
|
✅ Work item link check complete. Description contains link AB#3462876 to an Azure Boards work item. |
Contributor
There was a problem hiding this comment.
Pull request overview
Adds optional IPC fields to pass an onboarding telemetry seed (client → broker) and a populated onboarding telemetry blob (broker → client) through the existing broker request/result plumbing, enabling downstream OneAuth/broker implementations to correlate and emit onboarding telemetry.
Changes:
- Add
onboarding_seed_jsontoBrokerRequestand plumb it fromInteractiveTokenCommandParametersviaMsalBrokerRequestAdapter. - Add
onboarding_blobtoBrokerResultand plumb it intoAcquireTokenResultviaMsalBrokerResultAdapter. - Document the change in
changelog.txtas a MINOR addition.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| common4j/src/main/com/microsoft/identity/common/java/result/AcquireTokenResult.java | Adds onboardingBlob field + getter/setter to carry broker-returned blob downstream. |
| common4j/src/main/com/microsoft/identity/common/java/commands/parameters/InteractiveTokenCommandParameters.java | Adds onboardingSeedJson to interactive command parameters for request-side plumbing. |
| common/src/main/java/com/microsoft/identity/common/internal/result/MsalBrokerResultAdapter.java | Extracts onboarding_blob from BrokerResult and sets it on AcquireTokenResult. |
| common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java | Serializes onboardingSeedJson from parameters into BrokerRequest. |
| common/src/main/java/com/microsoft/identity/common/internal/broker/BrokerResult.java | Adds onboarding_blob field + builder + getter for broker → client transport. |
| common/src/main/java/com/microsoft/identity/common/internal/broker/BrokerRequest.java | Adds onboarding_seed_json field for client → broker transport. |
| changelog.txt | Adds vNext entry documenting the new IPC fields. |
wzhipan
force-pushed
the
zhipan/onboarding-telemetry-ipc-v2
branch
from
f8d6126 to
978eb83
Compare
shahzaibj
reviewed
May 13, 2026
shahzaibj
reviewed
May 13, 2026
shahzaibj
reviewed
May 13, 2026
shahzaibj
approved these changes
May 14, 2026
…lt, and command parameters - BrokerRequest: add onboarding_seed_json field (client → broker) - BrokerResult: add onboarding_blob field + builder + getter (broker → client) - InteractiveTokenCommandParameters: add onboardingSeedJson field - AcquireTokenResult: add onboardingBlob field for carrying blob through result chain - MsalBrokerRequestAdapter: serialize onboardingSeedJson from command parameters - MsalBrokerResultAdapter: extract onboardingBlob from BrokerResult into AcquireTokenResult
- MsalBrokerRequestAdapterTests: verify onboardingSeedJson propagates from InteractiveTokenCommandParameters into BrokerRequest, and is null when not set - MsalBrokerResultAdapterTests: verify onboardingBlob round-trips through the Bundle (BrokerResult -> bundle -> BrokerResult), and is null when not set
…xception handling - BrokerRequest.mOnboardingSeedJson: clarify direction is client -> broker only; the broker returns the populated blob via BrokerResult.getOnboardingBlob(), not by mutating this seed field. - MsalBrokerResultAdapter.getAcquireTokenResultFromResultBundle: catch ClientException specifically (the only declared exception from brokerResultFromBundle) instead of swallowing all Exception, log at warn level so IPC/regression issues remain diagnosable, and remove the redundant null check (brokerResultFromBundle is non-null or throws). Blob contents are not logged (may carry sessionCorrelationId).
The Common Code Coverage Compare PR-vs-Dev pipeline only counts coverage contributed by tests in the same module as the production code. Our existing adapter round-trip tests live in common (Robolectric) and exercise the common4j fields indirectly through Gson/Lombok-generated getters/setters, but those calls don't show up in the common4j JaCoCo report. Adds two small common4j-local unit test classes that directly exercise the new fields, restoring full coverage on the changed lines: - AcquireTokenResultTest: getOnboardingBlob/setOnboardingBlob with default, set, and clear cases. - InteractiveTokenCommandParametersTest: getOnboardingSeedJson default and round-trip through the Lombok builder.
…ricsFromBundle pattern The previous inline try/catch in getAcquireTokenResultFromResultBundle was visually inconsistent with neighboring extractors (setBrokerPerformanceMetrics, setBrokerAppVersion, setBrokerAppPackageName). Extracts the deserialization + exception handling into a dedicated getOnboardingBlobFromBundle helper that mirrors the BrokerPerformanceMetrics pattern, leaving the call site as a clean two-line if-non-null guard.
…lability nit - MsalBrokerResultAdapter.getAcquireTokenResultFromResultBundle: deserialize BrokerResult once at the top of the success branch instead of letting authenticationResultFromBundle and getOnboardingBlobFromBundle each deserialize the same bundle. Reuse the BrokerResult for both consumers. - Add authenticationResultFromBrokerResult(BrokerResult) overload that builds ILocalAuthenticationResult from a pre-deserialized BrokerResult; the existing authenticationResultFromBundle now delegates to it (no behavior change for other callers). - Add getOnboardingBlobFromBundle(BrokerResult) overload that returns the blob from a pre-deserialized BrokerResult without doing I/O. The original Bundle-taking overload is preserved for callers that don't already have a BrokerResult. - BrokerResult.Builder.onboardingBlob: add 'final' to the parameter and '@nullable' annotation, matching the surrounding builder method style.
wzhipan
force-pushed
the
zhipan/onboarding-telemetry-ipc-v2
branch
from
db1b0e0 to
2f9fe59
Compare
Veena11
approved these changes
May 15, 2026
wzhipan
added a commit
that referenced
this pull request
May 16, 2026
…, Fixes AB#3462876 (#3119) Cherry-picks the onboarding telemetry feature into the 24.2.1 hotfix release branch. Cherry-picked from `dev` (in order): | PR | Commit | Description | |---|---|---| | #3088 | `543578aa4` | Add onboarding telemetry recorder, field keys, and session correlation store | | #3111 | `0965c25ca` | Add onboarding telemetry blob fields to BrokerRequest/BrokerResult and command parameters for client↔broker IPC transport | | #3117 | `1fe87aaa5` | Add additional step ID and blocking error constants for full onboarding telemetry coverage | All three are part of the same feature (mobile onboarding telemetry, [AB#3462876](https://identitydivision.visualstudio.com/fac9d424-53d2-45c0-91b5-ef6ba7a6bf26/_workitems/edit/3462876) / [AB#3568357](https://identitydivision.visualstudio.com/fac9d424-53d2-45c0-91b5-ef6ba7a6bf26/_workitems/edit/3568357)) and are bundled here so OneAuth can take a single hotfix dependency. **Conflicts resolved:** `changelog.txt` only — entries moved from `vNext` to `Version 24.2.1-RC1`. No code conflicts. Fixes [AB#3462876](https://identitydivision.visualstudio.com/fac9d424-53d2-45c0-91b5-ef6ba7a6bf26/_workitems/edit/3462876)
fadidurah
added a commit
that referenced
this pull request
May 16, 2026
…, Fixes AB#3604499 (#3118) Cherry-picks #3109 (squash commit `26de108`) onto `working/release/24.2.1` for the 24.2.1 hotfix. Propagates the parsed `x-ms-clientdata` (token endpoint) and `clientdata` query parameter (authorize endpoint) data from the response handlers through `TokenResult`, `MicrosoftStsAuthorizationResult`, and ultimately onto `AcquireTokenResult` so callers can access server-side telemetry (error, sub-error, account type, cloud instance, data boundary). All propagation is gated behind the `ENABLE_SERVER_CLIENT_DATA_TELEMETRY` flight. ### Conflict resolution notes The hotfix branch does not contain the onboarding-blob feature (PR #3088 / #3111) that landed on `dev` alongside #3109. To keep this hotfix scoped to ClientDataInfo only, the following PR-side additions were dropped during cherry-pick: - `BrokerResult.ONBOARDING_BLOB` constant (kept only `CLIENT_DATA_INFO`) - `MsalBrokerResultAdapterTests.testOnboardingBlob_*` tests - `AcquireTokenResultTest.onboardingBlob_*` tests - Other `vNext` changelog entries unrelated to #3109 All `ClientDataInfo` plumbing from #3109 is preserved unchanged. [AB#3604499](https://identitydivision.visualstudio.com/fac9d424-53d2-45c0-91b5-ef6ba7a6bf26/_workitems/edit/3604499) --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the IPC plumbing for the onboarding telemetry blob to flow client↔broker. Independent of PR #3088 (which adds the recorder/store/constants); both are needed together for end-to-end brokered onboarding telemetry.
Linked Feature: AB#3462876
Linked PBI: AB#3568357
Changes
BrokerRequest.javaonboarding_seed_jsonfield (client → broker)BrokerResult.javaonboarding_blobfield + builder + getter (broker → client)InteractiveTokenCommandParameters.javaonboardingSeedJsonfield on the params builderAcquireTokenResult.javaonboardingBlobfield for carrying the populated blob through the result chainMsalBrokerRequestAdapter.javaonboardingSeedJsonfrom command parameters intoBrokerRequestMsalBrokerResultAdapter.javaonboardingBlobfromBrokerResultintoAcquireTokenResultAll additions are pure data fields + adapter wiring. No behavior change for existing callers (fields default to empty/null when not set).
Design
client → broker: OneAuth/MSAL builds the seed JSON (containingsessionCorrelationId,onboardingMode,schema_version) and attaches it to the interactive request. The broker reads it via the new field onBrokerInteractiveTokenCommandParameters, constructs its ownOnboardingTelemetryRecorderfrom the seed, and uses the same correlation ID for its onboarding telemetry events.broker → client: When the broker emits the populated onboarding blob (afterfinalizeBlob()), it places it intoBrokerResult.onboarding_blob. The client extracts it intoAcquireTokenResult.onboardingBlob, where downstream OneAuth code reads it and emits the blob through MATS.See full design: Mobile Onboarding Telemetry Design §6.6 (persistence and propagation) and §11.2 (broker → OneAuth blob delivery).
Dependencies
OnboardingTelemetryRecorder+OnboardingTelemetryConstants+OnboardingSessionCorrelationStore). The recorder consumes the seed JSON read out of these IPC fields.shared/mobile-onboarding-android-fixesupdatesBrokerRequestConverter/BrokerResultConverterto read/write these fields.ad-accounts-for-android):MsalAndroidBrokerCommandParameterAdapterreadsonboardingSeedJson; broker error handler / SSO controller will writeonboarding_blobonce the recorder lifecycle is wired (separate PBI, AB#3568359).Testing
BrokerRequest/BrokerResulttests (Gson + Bundle); new fields default to empty/null when not set, so no existing test should regress.local-only-onboarding-telemetrybranch + a combined Common build (mavenLocal0.0.0-zhipan-mot-7): seed JSON flows OneAuth → BrokerRequest → broker → BrokerResult → OneAuth.