AzureAD
diff --git a/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java‎
Lines changed: 0 additions & 1 deletion b/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AuthorizationCodeIT.java‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TokenCacheIT.java‎
Lines changed: 62 additions & 66 deletions b/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/TokenCacheIT.java‎
Lines changed: 62 additions & 66 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java‎
Lines changed: 35 additions & 36 deletions b/‎msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/UsernamePasswordIT.java‎
Lines changed: 35 additions & 36 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/AppCredentialProvider.java‎
Lines changed: 5 additions & 5 deletions b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/AppCredentialProvider.java‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/AzureEnvironment.java‎
Lines changed: 2 additions & 3 deletions b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/AzureEnvironment.java‎
Lines changed: 2 additions & 3 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/Config.java‎
Lines changed: 5 additions & 9 deletions b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/Config.java‎
Lines changed: 5 additions & 9 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/KeyVaultSecretsProvider.java‎
Lines changed: 10 additions & 10 deletions b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/KeyVaultSecretsProvider.java‎
Lines changed: 10 additions & 10 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/Lab.java‎
Lines changed: 0 additions & 8 deletions b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/Lab.java‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/LabApp.java‎
Lines changed: 0 additions & 1 deletion b/‎msal4j-sdk/src/integrationtest/java/com/microsoft/aad/msal4j/labapi2/LabApp.java‎
Lines changed: 0 additions & 1 deletion
@@ -94,7 +94,6 @@ public void acquireTokenWithAuthorizationCode_CiamCud() throws Exception {
         assertEquals(resultSilent.account().username(), result.account().username());
     }
 
-    //TODO: need to sort out ADFS 2022 configuration
     @Test
     @DisabledIfSystemProperty(named = "adfs.disabled", matches = "true")
     void acquireTokenWithAuthorizationCode_ADFSv2022() {
 
@@ -6,6 +6,7 @@
 import com.microsoft.aad.msal4j.labapi2.*;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.TestInstance;
+import org.junit.jupiter.api.condition.DisabledIfSystemProperty;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
@@ -49,72 +50,67 @@ void singleAccountInCache_RemoveAccountTest() throws Exception {
         assertEquals(pca.getAccounts().join().size(), 0);
     }
 
-    // TODO: labapi2 doesn't have guest user configuration yet - will be pulled from MSAL.NET
-//    @Test
-//    @DisabledIfSystemProperty(named = "adfs.disabled", matches = "true")
-//    void twoAccountsInCache_SameUserDifferentTenants_RemoveAccountTest() throws Exception {
-//
-//        UserQuery query = new UserQuery();
-//        query.setUserType(LabServiceParameters.UserType.GUEST);
-//
-//        LabResponse labResponse = LabUserHelper.getLabUserData(query);
-//        LabUser guestUser = labResponse.getUser();
-//        Lab lab = labResponse.getLab();
-//
-//        String dataToInitCache = TestHelper.readResource(
-//                this.getClass(),
-//                "/cache_data/remove-account-test-cache.json");
-//
-//        // check that cache is empty
-//        assertEquals(dataToInitCache, "");
-//
-//        ITokenCacheAccessAspect persistenceAspect = new TokenPersistence(dataToInitCache);
-//
-//        // acquire tokens for home tenant, and serialize cache
-//        PublicClientApplication pca = PublicClientApplication.builder(
-//                guestUser.getAppId()).
-//                authority(TestConstants.ORGANIZATIONS_AUTHORITY)
-//                .setTokenCacheAccessAspect(persistenceAspect)
-//                .build();
-//
-//        pca.acquireToken(UserNamePasswordParameters.
-//                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
-//                        guestUser.getHomeUPN(),
-//                        guestUser.getPassword().toCharArray())
-//                .build())
-//                .get();
-//
-//        String guestTenantAuthority = TestConstants.MICROSOFT_AUTHORITY_HOST + lab.getTenantId();
-//
-//        // initialize pca with tenant where user is guest, deserialize cache, and acquire second token
-//        PublicClientApplication pca2 = PublicClientApplication.builder(
-//                guestUser.getAppId()).
-//                authority(guestTenantAuthority).
-//                setTokenCacheAccessAspect(persistenceAspect).
-//                build();
-//
-//        pca2.acquireToken(UserNamePasswordParameters.
-//                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
-//                        guestUser.getHomeUPN(),
-//                        guestUser.getPassword().toCharArray())
-//                .build())
-//                .get();
-//
-//        // There should be two tokens in cache, with same accounts except for tenant
-//        assertEquals(pca2.getAccounts().join().iterator().next().getTenantProfiles().size(), 2);
-//
-//        IAccount account = pca2.getAccounts().get().iterator().next();
-//
-//        // RemoveAccount should remove both cache entities
-//        pca2.removeAccount(account).join();
-//
-//        assertEquals(0, pca2.getAccounts().join().size());
-//
-//        //clean up file
-//        TestHelper.deleteFileContent(
-//                this.getClass(),
-//                "/cache_data/remove-account-test-cache.json");
-//    }
+    @Test
+    @DisabledIfSystemProperty(named = "adfs.disabled", matches = "true")
+    void twoAccountsInCache_SameUserDifferentTenants_RemoveAccountTest() throws Exception {
+
+        LabResponse labResponse = LabUserHelper.getDefaultUser();
+        LabUser guestUser = labResponse.getUser();
+
+        String dataToInitCache = TestHelper.readResource(
+                this.getClass(),
+                "/cache_data/remove-account-test-cache.json");
+
+        // check that cache is empty
+        assertEquals(dataToInitCache, "");
+
+        ITokenCacheAccessAspect persistenceAspect = new TokenPersistence(dataToInitCache);
+
+        // acquire tokens for home tenant, and serialize cache
+        PublicClientApplication pca = PublicClientApplication.builder(
+                labResponse.getApp().getAppId()).
+                authority(TestConstants.ORGANIZATIONS_AUTHORITY)
+                .setTokenCacheAccessAspect(persistenceAspect)
+                .build();
+
+        pca.acquireToken(UserNamePasswordParameters.
+                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
+                        guestUser.getHomeUPN(),
+                        guestUser.getPassword().toCharArray())
+                .build())
+                .get();
+
+        String guestTenantAuthority = TestConstants.MICROSOFT_AUTHORITY_HOST + guestUser.getTenantId();
+
+        // initialize pca with tenant where user is guest, deserialize cache, and acquire second token
+        PublicClientApplication pca2 = PublicClientApplication.builder(
+                labResponse.getApp().getAppId()).
+                authority(guestTenantAuthority).
+                setTokenCacheAccessAspect(persistenceAspect).
+                build();
+
+        pca2.acquireToken(UserNamePasswordParameters.
+                builder(Collections.singleton(TestConstants.GRAPH_DEFAULT_SCOPE),
+                        guestUser.getHomeUPN(),
+                        guestUser.getPassword().toCharArray())
+                .build())
+                .get();
+
+        // There should be two tokens in cache, with same accounts except for tenant
+        assertEquals(pca2.getAccounts().join().iterator().next().getTenantProfiles().size(), 2);
+
+        IAccount account = pca2.getAccounts().get().iterator().next();
+
+        // RemoveAccount should remove both cache entities
+        pca2.removeAccount(account).join();
+
+        assertEquals(0, pca2.getAccounts().join().size());
+
+        //clean up file
+        TestHelper.deleteFileContent(
+                this.getClass(),
+                "/cache_data/remove-account-test-cache.json");
+    }
 
     private static class TokenPersistence implements ITokenCacheAccessAspect {
         String data;
 
@@ -13,6 +13,8 @@
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
 import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
 
 @TestInstance(TestInstance.Lifecycle.PER_CLASS)
 class UsernamePasswordIT {
@@ -26,42 +28,39 @@ void acquireTokenWithUsernamePassword_Managed() throws Exception {
         assertAcquireTokenCommon(labResponse.getUser(), cfg.organizationsAuthority(), cfg.graphDefaultScope(), labResponse.getApp().getAppId());
     }
 
-//    @Test
-//    void acquireTokenWithUsernamePassword_AuthorityWithPort() throws Exception {
-//        LabResponse labResponse = LabUserHelper.getDefaultUser();
-//        LabUser user = labResponse.getUser();
-//
-//        assertAcquireTokenCommon(
-//                user,
-//                TestConstants.COMMON_AUTHORITY_WITH_PORT,
-//                TestConstants.GRAPH_DEFAULT_SCOPE,
-//                labResponse.getApp().getAppId());
-//    }
-
-//    @Test
-//    void acquireTokenWithUsernamePassword_Ciam() throws Exception {
-//        Map<String, String> extraQueryParameters = new HashMap<>();
-//
-//        UserQuery query = new UserQuery();
-//        query.setUserType(LabServiceParameters.UserType.CLOUD);
-//        query.setAzureEnvironment(LabServiceParameters.AzureEnvironment.AZURE_CIAM);
-//
-//        LabResponse labResponse = LabUserHelper.getLabUserData(query);
-//
-//        LabUser user = labResponse.getUser();        PublicClientApplication pca = PublicClientApplication.builder(user.getAppId())
-//                .authority("https://" + user.getLabName() + ".ciamlogin.com/")
-//                .build();
-//
-//        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
-//                        builder(Collections.singleton(TestConstants.USER_READ_SCOPE),
-//                                user.getUpn(),
-//                                user.getPassword().toCharArray())
-//                        .extraQueryParameters(extraQueryParameters)
-//                        .build())
-//                .get();
-//
-//        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
-//    }
+    @Test
+    void acquireTokenWithUsernamePassword_AuthorityWithPort() throws Exception {
+        LabResponse labResponse = LabUserHelper.getDefaultUser();
+        LabUser user = labResponse.getUser();
+
+        assertAcquireTokenCommon(
+                user,
+                TestConstants.MICROSOFT_AUTHORITY_HOST_WITH_PORT + user.getTenantId(),
+                TestConstants.GRAPH_DEFAULT_SCOPE,
+                labResponse.getApp().getAppId());
+    }
+
+    @Test
+    void acquireTokenWithUsernamePassword_Ciam() throws Exception {
+        Map<String, String> extraQueryParameters = new HashMap<>();
+
+        LabResponse labResponse = LabUserHelper.getCiamCudUser();
+        LabUser user = labResponse.getUser();
+
+        PublicClientApplication pca = PublicClientApplication.builder(user.getAppId())
+                .authority("https://" + user.getLabName() + ".ciamlogin.com/")
+                .build();
+
+        IAuthenticationResult result = pca.acquireToken(UserNamePasswordParameters.
+                        builder(Collections.singleton(TestConstants.USER_READ_SCOPE),
+                                user.getUpn(),
+                                user.getPassword().toCharArray())
+                        .extraQueryParameters(extraQueryParameters)
+                        .build())
+                .get();
+
+        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
+    }
 
     private void assertAcquireTokenCommon(LabUser user, String authority, String scope, String appId)
             throws Exception {
 
@@ -5,12 +5,12 @@
 
 public class AppCredentialProvider {
 
-    private String clientId;
-    private String oboClientId;
-    private String oboAppPassword;
-    private String oboAppIdURI;
+    private final String clientId;
+    private final String oboClientId;
+    private final String oboAppPassword;
+    private final String oboAppIdURI;
 
-    public AppCredentialProvider() {
+    AppCredentialProvider() {
         KeyVaultSecretsProvider keyVaultSecretsProvider = new KeyVaultSecretsProvider();
 
         clientId = "54a2d933-8bf8-483b-a8f8-0a31924f3c1f";
 
@@ -3,8 +3,7 @@
 
 package com.microsoft.aad.msal4j.labapi2;
 
-public class AzureEnvironment {
+class AzureEnvironment {
 
-    public static final String AZURE = "azurecloud";
-    public static final String AZURE_US_GOVERNMENT = "azureusgovernment";
+    static final String AZURE_US_GOVERNMENT = "azureusgovernment";
 }
@@ -4,11 +4,11 @@
 package com.microsoft.aad.msal4j.labapi2;
 
 public class Config {
-    private String commonAuthority;
-    private String organizationsAuthority;
-    private String graphDefaultScope;
-    private AppCredentialProvider appProvider;
-    private String tenant;
+    private final String commonAuthority;
+    private final String organizationsAuthority;
+    private final String graphDefaultScope;
+    private final AppCredentialProvider appProvider;
+    private final String tenant;
 
     String azureEnvironment;
 
@@ -34,10 +34,6 @@ public String graphDefaultScope() {
         return this.graphDefaultScope;
     }
 
-    public String tenant() {
-        return this.tenant;
-    }
-
     public String tenantSpecificAuthority() {
         return LabConstants.MICROSOFT_AUTHORITY_HOST + tenant;
     }
 
@@ -11,45 +11,45 @@
 import com.microsoft.aad.msal4j.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import reactor.core.publisher.Mono;
 
-import java.security.cert.X509Certificate;
 import java.security.KeyStore;
 import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
 import java.time.OffsetDateTime;
 import java.time.ZoneOffset;
 import java.util.Collections;
-import reactor.core.publisher.Mono;
 
 public class KeyVaultSecretsProvider implements AutoCloseable {
 
     private static final Logger log = LoggerFactory.getLogger(KeyVaultSecretsProvider.class);
 
-    public static class KeyVaultInstance {
+    static class KeyVaultInstance {
         /**
          * The KeyVault maintained by the MSID. It is recommended for use.
          */
-        public static final String MSID_LAB = "https://msidlabs.vault.azure.net";
+        static final String MSID_LAB = "https://msidlabs.vault.azure.net";
 
         /**
          * The KeyVault maintained by the MSAL.NET team and have full control over.
          * Should be used temporarily - secrets should be stored and managed by MSID Lab.
          */
-        public static final String MSAL_TEAM = "https://id4skeyvault.vault.azure.net/";
+        static final String MSAL_TEAM = "https://id4skeyvault.vault.azure.net/";
     }
 
     private final SecretClient secretClient;
 
     /**
      * Initialize the secrets provider with the specified Key Vault address.
-     *
+     * <p>
      * Authentication using client certificate:
-     *     1. Register Azure AD application of "Web app / API" type.
-     *        To set up certificate based access to the application PowerShell should be used.
-     *     2. Add an access policy entry to target Key Vault instance for this application.
+     * 1. Register Azure AD application of "Web app / API" type.
+     * To set up certificate based access to the application PowerShell should be used.
+     * 2. Add an access policy entry to target Key Vault instance for this application.
      *
      * @param keyVaultAddress The Key Vault URI (defaults to MSID_LAB)
      */
-    public KeyVaultSecretsProvider(String keyVaultAddress) {
+    KeyVaultSecretsProvider(String keyVaultAddress) {
         String vaultUrl = keyVaultAddress != null ? keyVaultAddress : KeyVaultInstance.MSID_LAB;
         log.debug("Initializing KeyVault secrets provider for: {}", vaultUrl);
 
 
@@ -73,12 +73,4 @@ public JsonWriter toJson(JsonWriter jsonWriter) throws IOException {
     public String getTenantId() {
         return this.tenantId;
     }
-
-    public String getAuthority() {
-        return this.authority;
-    }
-
-    public String getFederationProvider() {
-        return this.federationProvider;
-    }
 }
@@ -83,5 +83,4 @@ public String getAuthority() {
     public String getAppId() {
         return appId;
     }
-
 }
Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,6 @@ public void acquireTokenWithAuthorizationCode_CiamCud() throws Exception {`
`94`	`94`	`assertEquals(resultSilent.account().username(), result.account().username());`
`95`	`95`	`}`
`96`	`96`
`97`		`- //TODO: need to sort out ADFS 2022 configuration`
`98`	`97`	`@Test`
`99`	`98`	`@DisabledIfSystemProperty(named = "adfs.disabled", matches = "true")`
`100`	`99`	`void acquireTokenWithAuthorizationCode_ADFSv2022() {`
Original file line number	Diff line number	Diff line change
`@@ -3,8 +3,7 @@`
`3`	`3`
`4`	`4`	`package com.microsoft.aad.msal4j.labapi2;`
`5`	`5`
`6`		`-public class AzureEnvironment {`
	`6`	`+class AzureEnvironment {`
`7`	`7`
`8`		`- public static final String AZURE = "azurecloud";`
`9`		`- public static final String AZURE_US_GOVERNMENT = "azureusgovernment";`
	`8`	`+ static final String AZURE_US_GOVERNMENT = "azureusgovernment";`
`10`	`9`	`}`
Original file line number	Diff line number	Diff line change
`@@ -73,12 +73,4 @@ public JsonWriter toJson(JsonWriter jsonWriter) throws IOException {`
`73`	`73`	`public String getTenantId() {`
`74`	`74`	`return this.tenantId;`
`75`	`75`	`}`
`76`		`-`
`77`		`- public String getAuthority() {`
`78`		`- return this.authority;`
`79`		`- }`
`80`		`-`
`81`		`- public String getFederationProvider() {`
`82`		`- return this.federationProvider;`
`83`		`- }`
`84`	`76`	`}`
Original file line number	Diff line number	Diff line change
`@@ -83,5 +83,4 @@ public String getAuthority() {`
`83`	`83`	`public String getAppId() {`
`84`	`84`	`return appId;`
`85`	`85`	`}`
`86`		`-`
`87`	`86`	`}`