|
| 1 | +// |
| 2 | +// Copyright (c) Microsoft Corporation. |
| 3 | +// All rights reserved. |
| 4 | +// |
| 5 | +// This code is licensed under the MIT License. |
| 6 | +// |
| 7 | +// Permission is hereby granted, free of charge, to any person obtaining a copy |
| 8 | +// of this software and associated documentation files(the "Software"), to deal |
| 9 | +// in the Software without restriction, including without limitation the rights |
| 10 | +// to use, copy, modify, merge, publish, distribute, sublicense, and / or sell |
| 11 | +// copies of the Software, and to permit persons to whom the Software is |
| 12 | +// furnished to do so, subject to the following conditions : |
| 13 | +// |
| 14 | +// The above copyright notice and this permission notice shall be included in |
| 15 | +// all copies or substantial portions of the Software. |
| 16 | +// |
| 17 | +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| 18 | +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| 19 | +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| 20 | +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| 21 | +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
| 22 | +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
| 23 | +// THE SOFTWARE. |
| 24 | + |
| 25 | +#import <Foundation/Foundation.h> |
| 26 | +#import "MSIDJsonSerializable.h" |
| 27 | +#import "MSIDConstants.h" |
| 28 | + |
| 29 | +NS_ASSUME_NONNULL_BEGIN |
| 30 | + |
| 31 | +/** |
| 32 | + * MATS Silent Status Enum |
| 33 | + * |
| 34 | + * Represents the outcome of a silent token request attempt. |
| 35 | + * Based on WebTokenRequestStatus values used in Windows WAM. |
| 36 | + */ |
| 37 | +typedef NS_ENUM(NSInteger, MSIDMATSSilentStatus) { |
| 38 | + /** |
| 39 | + * Silent token obtained successfully |
| 40 | + */ |
| 41 | + MSIDMATSSilentStatusSuccess = 0, |
| 42 | + |
| 43 | + /** |
| 44 | + * User cancelled the silent token request |
| 45 | + */ |
| 46 | + MSIDMATSSilentStatusUserCancel = 1, |
| 47 | + |
| 48 | + /** |
| 49 | + * Silent attempt concluded that user interaction is required |
| 50 | + */ |
| 51 | + MSIDMATSSilentStatusUserInteractionRequired = 3, |
| 52 | + |
| 53 | + /** |
| 54 | + * Silent attempt hit a provider error (e.g., refresh token expired) |
| 55 | + */ |
| 56 | + MSIDMATSSilentStatusProviderError = 5 |
| 57 | +}; |
| 58 | + |
| 59 | +typedef NSString *MSIDMATSDeviceJoinStatus NS_TYPED_ENUM; |
| 60 | +extern MSIDMATSDeviceJoinStatus const MSIDMATSDeviceJoinStatusNotJoined; |
| 61 | +extern MSIDMATSDeviceJoinStatus const MSIDMATSDeviceJoinStatusAADJ; |
| 62 | + |
| 63 | +/** |
| 64 | + * Microsoft Authentication Telemetry System (MATS) Report |
| 65 | + * |
| 66 | + * This class represents detailed telemetry information about the token acquisition process |
| 67 | + * that the native broker returns to MSAL.js. MSAL.js will record these fields in its |
| 68 | + * telemetry if the broker provides them. This telemetry helps correlate broker operations |
| 69 | + * (like cache hits, device state, or errors) with MSAL.js events. |
| 70 | + */ |
| 71 | +@interface MSIDBrokerOperationBrowserNativeMessageMATSReport : NSObject <MSIDJsonSerializable> |
| 72 | + |
| 73 | +/** |
| 74 | + * Indicates if the token came from cache. |
| 75 | + * |
| 76 | + * A boolean flag where YES (1) means the broker returned a cached token without a network call, |
| 77 | + * and NO (0) means a network request was made to acquire a new token. This helps measure |
| 78 | + * how often silent SSO worked via cache vs network. |
| 79 | + * |
| 80 | + * Example: YES (token was served from cache), NO (fresh call required) |
| 81 | + */ |
| 82 | +@property (nonatomic) BOOL isCached; |
| 83 | + |
| 84 | +/** |
| 85 | + * Version of the broker handling the request. |
| 86 | + * |
| 87 | + * Example: "3.9.0" |
| 88 | + */ |
| 89 | +@property (nonatomic, nullable) NSString *brokerVersion; |
| 90 | + |
| 91 | +/** |
| 92 | + * Device's AAD join status. |
| 93 | + * |
| 94 | + * Indicates the device's registration state in Entra ID (Azure AD). Possible values: |
| 95 | + * - MSIDMATSDeviceJoinStatusAADJ (@"aadj") - Device is Azure AD joined (managed by org) |
| 96 | + * - MSIDMATSDeviceJoinStatusNotJoined (@"not_joined") - Device is not joined to AAD |
| 97 | + * This field helps identify if device is corporate-managed or personal. |
| 98 | + * |
| 99 | + * Example: MSIDMATSDeviceJoinStatusAADJ (managed device), MSIDMATSDeviceJoinStatusNotJoined (personal device) |
| 100 | + */ |
| 101 | +@property (nonatomic, nullable) MSIDMATSDeviceJoinStatus deviceJoin; |
| 102 | + |
| 103 | +/** |
| 104 | + * Type of prompt that occurred. |
| 105 | + */ |
| 106 | +@property (nonatomic) MSIDPromptType promptBehavior; |
| 107 | + |
| 108 | +/** |
| 109 | + * Broker/IDP error code. |
| 110 | + * |
| 111 | + * A numeric code representing the error if the token request failed. 0 if the operation |
| 112 | + * succeeded or no specific error. |
| 113 | + * |
| 114 | + * Example: 0 (no error, success) |
| 115 | + */ |
| 116 | +@property (nonatomic) NSInteger apiErrorCode; |
| 117 | + |
| 118 | +/** |
| 119 | + * Was UI shown? |
| 120 | + * |
| 121 | + * Boolean flag: YES if the broker showed any UI to the user. NO if the entire flow was silent/invisible. |
| 122 | + * This directly indicates if the user was interrupted with a prompt. |
| 123 | + * |
| 124 | + * Example: YES (user saw sign-in window), NO (completely silent SSO). |
| 125 | + */ |
| 126 | +@property (nonatomic) BOOL uiVisible; |
| 127 | + |
| 128 | +/** |
| 129 | + * Silent attempt error code. |
| 130 | + * |
| 131 | + * If the broker attempted to get a token silently (using cached credentials or refresh |
| 132 | + * token) and that attempt failed, this is the error code from the silent try. 0 if |
| 133 | + * silent succeeded or no error was encountered silently. |
| 134 | + * |
| 135 | + * Example: 0 (silent succeeded or not attempted) |
| 136 | + */ |
| 137 | +@property (nonatomic) NSInteger silentCode; |
| 138 | + |
| 139 | +/** |
| 140 | + * Silent attempt error message. |
| 141 | + * |
| 142 | + * A short text description of why the silent attempt failed, if an error occurred. |
| 143 | + * Including this helps debugging exact silent failure reasons. |
| 144 | + * |
| 145 | + * Example: @"" (silent succeeded), @"The web page and the redirect uri must be on the same origin." |
| 146 | + */ |
| 147 | +@property (nonatomic, nullable) NSString *silentMessage; |
| 148 | + |
| 149 | +/** |
| 150 | + * Outcome of silent request (status code). |
| 151 | + * |
| 152 | + * Corresponds to the broker's internal status enum for a silent token attempt. |
| 153 | + * Values based on WebTokenRequestStatus: |
| 154 | + * - MSIDMATSSilentStatusSuccess (0) - Silent token obtained successfully |
| 155 | + * - MSIDMATSSilentStatusUserCancel (1) - User cancelled the silent token request |
| 156 | + * - MSIDMATSSilentStatusUserInteractionRequired (3) - Silent attempt concluded that user interaction is required |
| 157 | + * - MSIDMATSSilentStatusProviderError (5) - Silent attempt hit a provider error |
| 158 | + * |
| 159 | + * Example: MSIDMATSSilentStatusSuccess (silent success), MSIDMATSSilentStatusUserInteractionRequired (interaction required) |
| 160 | + */ |
| 161 | +@property (nonatomic) MSIDMATSSilentStatus silentStatus; |
| 162 | + |
| 163 | +/** |
| 164 | + * HTTP response code from token endpoint. |
| 165 | + * |
| 166 | + * If the broker made a network request to AAD (for token, device code, etc.), this |
| 167 | + * captures the HTTP status code. 200 for success, 4xx/5xx for various errors. |
| 168 | + * Will be 0 if no network call occurred (e.g., fully cached token). |
| 169 | + * |
| 170 | + * Example: 200 (token obtained successfully), 400 (bad request), 500 (server error) |
| 171 | + */ |
| 172 | +@property (nonatomic) NSInteger httpStatus; |
| 173 | + |
| 174 | +/** |
| 175 | + * JSON string representation of the report. |
| 176 | + * |
| 177 | + * Converts the MATS report into a JSON string format for easy logging or transmission. |
| 178 | + * |
| 179 | + * @return A JSON string representing the MATS report, or nil if serialization fails. |
| 180 | + */ |
| 181 | +- (NSString *)jsonString; |
| 182 | + |
| 183 | +@end |
| 184 | + |
| 185 | +NS_ASSUME_NONNULL_END |
0 commit comments