Merge pull request #1170 from AzureAD/release/1.7.13

Release - 1.7.13

Author: mipetriu

IdentityCore/IdentityCore.xcodeproj/project.pbxproj

@@ -82,4 +82,8 @@ extern NSString * _Nonnull const MSID_SSO_NONCE_QUERY_PARAM_KEY;
 extern NSString * _Nonnull const MSID_BROKER_MDM_ID_KEY;
 extern NSString * _Nonnull const MSID_ENROLLED_USER_OBJECT_ID_KEY;
 extern NSString * _Nonnull const MSID_EXTRA_DEVICE_INFO_KEY;
-
+extern NSString * _Nonnull const MSID_PRIMARY_REGISTRATION_UPN;
+extern NSString * _Nonnull const MSID_PRIMARY_REGISTRATION_DEVICE_ID;
+extern NSString * _Nonnull const MSID_PRIMARY_REGISTRATION_TENANT_ID;
+extern NSString * _Nonnull const MSID_PRIMARY_REGISTRATION_CLOUD;
+extern NSString * _Nonnull const MSID_PRIMARY_REGISTRATION_CERTIFICATE_THUMBPRINT;

IdentityCore/src/MSIDBrokerConstants.h

@@ -78,3 +78,8 @@
 NSString *const MSID_BROKER_MDM_ID_KEY = @"mdm_id";
 NSString *const MSID_ENROLLED_USER_OBJECT_ID_KEY = @"object_id";
 NSString *const MSID_EXTRA_DEVICE_INFO_KEY = @"extraDeviceInfo";
+NSString *const MSID_PRIMARY_REGISTRATION_UPN = @"primary_registration_metadata_upn";
+NSString *const MSID_PRIMARY_REGISTRATION_DEVICE_ID = @"primary_registration_metadata_device_id";
+NSString *const MSID_PRIMARY_REGISTRATION_TENANT_ID = @"primary_registration_metadata_tenant_id";
+NSString *const MSID_PRIMARY_REGISTRATION_CLOUD = @"primary_registration_metadata_cloud_host";
+NSString *const MSID_PRIMARY_REGISTRATION_CERTIFICATE_THUMBPRINT = @"primary_registration_metadata_certificate_thumbprint";

IdentityCore/src/MSIDBrokerConstants.m

@@ -29,10 +29,7 @@ @implementation MSIDBrokerOperationGetDeviceInfoRequest
 
 + (void)load
 {
-    if (@available(iOS 13.0, *))
-    {
-        [MSIDJsonSerializableFactory registerClass:self forClassType:self.operation];
-    }
+    [MSIDJsonSerializableFactory registerClass:self forClassType:self.operation];
 }
 
 #pragma mark - MSIDBrokerOperationRequest

IdentityCore/src/broker_operation/request/MSIDBrokerOperationGetDeviceInfoRequest.m

@@ -34,7 +34,7 @@ @implementation MSIDBrokerOperationInteractiveTokenRequest
 
 + (void)load
 {
-    if (@available(iOS 13.0, macOS 10.15, *))
+    if (@available(macOS 10.15, *))
     {
         [MSIDJsonSerializableFactory registerClass:self forClassType:self.operation];
     }
@@ -64,7 +64,7 @@ + (instancetype)tokenRequestWithParameters:(MSIDInteractiveTokenRequestParameter
 
 + (NSString *)operation
 {
-    if (@available(iOS 13.0, macOS 10.15, *))
+    if (@available(macOS 10.15, *))
     {
         return ASAuthorizationOperationLogin;
     }

IdentityCore/src/broker_operation/request/interactive_token_request/MSIDBrokerOperationInteractiveTokenRequest.m

@@ -40,7 +40,7 @@ @implementation MSIDBrokerOperationSilentTokenRequest
 
 + (void)load
 {
-    if (@available(iOS 13.0, macOS 10.15, *))
+    if (@available(macOS 10.15, *))
     {
         [MSIDJsonSerializableFactory registerClass:self forClassType:self.operation];
     }
@@ -63,7 +63,7 @@ + (instancetype)tokenRequestWithParameters:(MSIDRequestParameters *)parameters
 
 + (NSString *)operation
 {
-    if (@available(iOS 13.0, macOS 10.15, *))
+    if (@available(macOS 10.15, *))
     {
         return ASAuthorizationOperationRefresh;
     }

IdentityCore/src/broker_operation/request/silent_token_request/MSIDBrokerOperationSilentTokenRequest.m

@@ -26,6 +26,9 @@
 #import "MSIDBrokerOperationResponse.h"
 
 @class MSIDDeviceInfo;
+#if !EXCLUDE_FROM_MSALCPP
+@class MSIDLastRequestTelemetry;
+#endif
 
 extern NSString * _Nonnull const MSID_BROKER_OPERATION_RESPONSE_TYPE_JSON_KEY;
 
@@ -43,11 +46,21 @@ NS_ASSUME_NONNULL_BEGIN
 @property (nonatomic, class, readonly) NSNumber *defaultHttpStatusCode;
 @property (nonatomic, nullable) NSDictionary *httpHeaders;
 @property (nonatomic) NSString *httpVersion;
+@property (nonatomic) NSDate *responseGenerationTimeStamp;
+@property (nonatomic) NSDate *requestReceivedTimeStamp;
 
 - (instancetype)initWithDeviceInfo:(MSIDDeviceInfo *)deviceInfo;
 - (instancetype)init NS_UNAVAILABLE;
 + (instancetype)new NS_UNAVAILABLE;
 
+#if !EXCLUDE_FROM_MSALCPP
+
+- (void)trackPerfTelemetryWithLastRequest:(MSIDLastRequestTelemetry *)telemetry
+                         requestStartDate:(NSDate *)requestStartDate
+                            telemetryType:(NSString *)telemetryType;
+
+#endif
+
 
 @end
 

IdentityCore/src/broker_operation/response/MSIDBrokerNativeAppOperationResponse.h

@@ -35,11 +35,17 @@
 #import "MSIDJsonSerializableTypes.h"
 #import "MSIDJsonSerializableFactory.h"
 #import "MSIDJsonSerializer.h"
+#import "NSDate+MSIDExtensions.h"
+#if !EXCLUDE_FROM_MSALCPP
+#import "MSIDLastRequestTelemetry.h"
+#endif
 
 NSString *const MSID_BROKER_OPERATION_JSON_KEY = @"operation";
 NSString *const MSID_BROKER_OPERATION_RESULT_JSON_KEY = @"success";
 NSString *const MSID_BROKER_OPERATION_RESPONSE_TYPE_JSON_KEY = @"operation_response_type";
 NSString *const MSID_BROKER_APP_VERSION_JSON_KEY = @"client_app_version";
+NSString *const MSID_BROKER_RESPONSE_GENERATION_TIMESTAMP = @"response_gen_timestamp";
+NSString *const MSID_BROKER_REQUEST_RECEIVED_TIMESTAMP = @"request_received_timestamp";
 
 @implementation MSIDBrokerNativeAppOperationResponse
 
@@ -99,6 +105,8 @@ - (instancetype)initWithJSONDictionary:(NSDictionary *)json error:(NSError **)er
         _success = [json[MSID_BROKER_OPERATION_RESULT_JSON_KEY] boolValue];
         _clientAppVersion = [json msidStringObjectForKey:MSID_BROKER_APP_VERSION_JSON_KEY];
         _deviceInfo = [[MSIDDeviceInfo alloc] initWithJSONDictionary:json error:error];
+        _responseGenerationTimeStamp =  [NSDate msidDateFromTimeStamp:json[MSID_BROKER_RESPONSE_GENERATION_TIMESTAMP]];
+        _requestReceivedTimeStamp = [NSDate msidDateFromTimeStamp:json[MSID_BROKER_REQUEST_RECEIVED_TIMESTAMP]];
     }
 
     return self;
@@ -117,12 +125,39 @@ - (NSDictionary *)jsonDictionary
     json[MSID_BROKER_OPERATION_RESULT_JSON_KEY] = [@(self.success) stringValue];
     json[MSID_BROKER_OPERATION_RESPONSE_TYPE_JSON_KEY] = self.class.responseType;
     json[MSID_BROKER_APP_VERSION_JSON_KEY] = self.clientAppVersion;
+    json[MSID_BROKER_RESPONSE_GENERATION_TIMESTAMP] = [self.responseGenerationTimeStamp msidDateToFractionalTimestamp:10];
+    json[MSID_BROKER_REQUEST_RECEIVED_TIMESTAMP] = [self.requestReceivedTimeStamp msidDateToFractionalTimestamp:10];
 
     NSDictionary *deviceInfoJson = [self.deviceInfo jsonDictionary];
     if (deviceInfoJson) [json addEntriesFromDictionary:deviceInfoJson];
 
     return json;
 }
 
+#if !EXCLUDE_FROM_MSALCPP
+
+- (void)trackPerfTelemetryWithLastRequest:(MSIDLastRequestTelemetry *)telemetry
+                         requestStartDate:(NSDate *)requestStartDate
+                            telemetryType:(NSString *)telemetryType
+{
+    if (!requestStartDate)
+    {
+        MSID_LOG_WITH_CTX(MSIDLogLevelError, nil, @"trackPerfTelemetryWithLastRequest called with nil request start date");
+        return;
+    }
+    
+    NSDate *responseDate = [NSDate date];
+    NSTimeInterval totalTime = [responseDate timeIntervalSinceDate:requestStartDate];
+    NSTimeInterval ipcRequestTime = self.requestReceivedTimeStamp ? [self.requestReceivedTimeStamp timeIntervalSinceDate:requestStartDate] : 0;
+    NSTimeInterval ipcResponseTime = self.responseGenerationTimeStamp ? [responseDate timeIntervalSinceDate:self.responseGenerationTimeStamp] : 0;
+    
+    [telemetry trackSSOExtensionPerformanceWithType:telemetryType
+                                    totalPerfNumber:totalTime
+                               ipcRequestPerfNumber:ipcRequestTime
+                              ipcResponsePerfNumber:ipcResponseTime];
+}
+
+#endif
+
 @end
 

IdentityCore/src/broker_operation/response/MSIDBrokerNativeAppOperationResponse.m

@@ -134,46 +134,40 @@ - (MSIDAssymetricKeyPair *)readOrGenerateKeyPairForAttributes:(MSIDAssymetricKey
 - (MSIDAssymetricKeyPair *)readKeyPairForAttributes:(MSIDAssymetricKeyLookupAttributes *)attributes
                                              error:(NSError **)error
 {
-    if (@available(iOS 10.0, macOS 10.12, *))
+    
+    if ([NSString msidIsStringNilOrBlank:attributes.privateKeyIdentifier])
     {
-        if ([NSString msidIsStringNilOrBlank:attributes.privateKeyIdentifier])
-        {
-            [self logAndFillError:@"Invalid key lookup attributes provided" status:kNoStatus error:error];
-            return nil;
-        }
-        
-        NSDictionary *privateKeyDict = [self keyAttributesWithQueryDictionary:[attributes privateKeyAttributes] error:error];
-        if (!privateKeyDict)
-        {
-            return nil;
-        }
-        
-        SecKeyRef privateKeyRef = (__bridge SecKeyRef)privateKeyDict[(__bridge id)kSecValueRef];
-        if (!privateKeyRef)
-        {
-            [self logAndFillError:@"Failed to query private key reference from keychain." status:kNoStatus error:error];
-            return nil;
-        }
-        
-        SecKeyRef publicKeyRef = SecKeyCopyPublicKey(privateKeyRef);
-        if (!publicKeyRef)
-        {
-            [self logAndFillError:@"Failed to copy public key from private key." status:kNoStatus error:error];
-            return nil;
-        }
-        
-        MSIDAssymetricKeyPair *keypair = [[MSIDAssymetricKeyPair alloc] initWithPrivateKey:privateKeyRef
-                                                                                 publicKey:publicKeyRef
-                                                                            privateKeyDict:privateKeyDict];
-
-        CFRelease(publicKeyRef);
-        return keypair;
+        [self logAndFillError:@"Invalid key lookup attributes provided" status:kNoStatus error:error];
+        return nil;
+    }
+    
+    NSDictionary *privateKeyDict = [self keyAttributesWithQueryDictionary:[attributes privateKeyAttributes] error:error];
+    if (!privateKeyDict)
+    {
+        return nil;
     }
-    else
+    
+    SecKeyRef privateKeyRef = (__bridge SecKeyRef)privateKeyDict[(__bridge id)kSecValueRef];
+    if (!privateKeyRef)
     {
-        [self logAndFillError:@"Failed to generate asymmetric key pair due to unsupported iOS/OSX platform." status:kNoStatus error:error];
+        [self logAndFillError:@"Failed to query private key reference from keychain." status:kNoStatus error:error];
         return nil;
     }
+    
+    SecKeyRef publicKeyRef = SecKeyCopyPublicKey(privateKeyRef);
+    if (!publicKeyRef)
+    {
+        [self logAndFillError:@"Failed to copy public key from private key." status:kNoStatus error:error];
+        return nil;
+    }
+    
+    MSIDAssymetricKeyPair *keypair = [[MSIDAssymetricKeyPair alloc] initWithPrivateKey:privateKeyRef
+                                                                             publicKey:publicKeyRef
+                                                                        privateKeyDict:privateKeyDict];
+
+    CFRelease(publicKeyRef);
+    return keypair;
+    
 }
 
 #pragma mark - Cleanup
@@ -237,43 +231,36 @@ - (MSIDAssymetricKeyPair *)generateEphemeralKeyPair:(NSError **)error
 - (MSIDAssymetricKeyPair *)generateKeyPairForKeyDict:(NSDictionary *)attributes
                                                error:(NSError **)error
 {
-    if (@available(iOS 10.0, macOS 10.12, *))
+    CFErrorRef keyGenerationError = NULL;
+    SecKeyRef privateKeyRef = SecKeyCreateRandomKey((__bridge CFDictionaryRef)attributes, &keyGenerationError);
+    
+    if (!privateKeyRef)
     {
-        CFErrorRef keyGenerationError = NULL;
-        SecKeyRef privateKeyRef = SecKeyCreateRandomKey((__bridge CFDictionaryRef)attributes, &keyGenerationError);
-        
-        if (!privateKeyRef)
-        {
-            NSError *keyError = CFBridgingRelease(keyGenerationError);
-            [self logAndFillError:@"Failed to generate private key." status:(int)keyError.code error:error];
-            return nil;
-        }
-        
-        SecKeyRef publicKeyRef = SecKeyCopyPublicKey(privateKeyRef);
-        if (!publicKeyRef)
-        {
-            [self logAndFillError:@"Failed to copy public key from private key." status:kNoStatus error:error];
-            CFRelease(privateKeyRef);
-            return nil;
-        }
-        
-        /*
-         Setting creationDate to nil here intentionally as it is only needed for cpp code.
-         CreationDate will be initialized using lazy loading once it is queried for the first time on key pair object.
-         */
-        
-        MSIDAssymetricKeyPair *keyPair = [[MSIDAssymetricKeyPair alloc] initWithPrivateKey:privateKeyRef publicKey:publicKeyRef privateKeyDict:attributes];
-        
-        if (privateKeyRef) CFRelease(privateKeyRef);
-        if (publicKeyRef) CFRelease(publicKeyRef);
-        
-        return keyPair;
+        NSError *keyError = CFBridgingRelease(keyGenerationError);
+        [self logAndFillError:@"Failed to generate private key." status:(int)keyError.code error:error];
+        return nil;
     }
-    else
+    
+    SecKeyRef publicKeyRef = SecKeyCopyPublicKey(privateKeyRef);
+    if (!publicKeyRef)
     {
-        [self logAndFillError:@"Failed to generate asymmetric key pair due to unsupported iOS/OSX platform." status:kNoStatus error:error];
+        [self logAndFillError:@"Failed to copy public key from private key." status:kNoStatus error:error];
+        CFRelease(privateKeyRef);
         return nil;
     }
+    
+    /*
+     Setting creationDate to nil here intentionally as it is only needed for cpp code.
+     CreationDate will be initialized using lazy loading once it is queried for the first time on key pair object.
+     */
+    
+    MSIDAssymetricKeyPair *keyPair = [[MSIDAssymetricKeyPair alloc] initWithPrivateKey:privateKeyRef publicKey:publicKeyRef privateKeyDict:attributes];
+    
+    if (privateKeyRef) CFRelease(privateKeyRef);
+    if (publicKeyRef) CFRelease(publicKeyRef);
+    
+    return keyPair;
+    
 }
 
 #pragma mark - Platform

IdentityCore/src/cache/crypto/MSIDAssymetricKeyKeychainGenerator.m

@@ -196,20 +196,13 @@ - (NSData *)keyData
     if (!_keyData)
     {
         CFErrorRef keyExtractionError = NULL;
-        if (@available(iOS 10.0, macOS 10.12, *))
-        {
-            _keyData = (NSData *)CFBridgingRelease(SecKeyCopyExternalRepresentation(self.publicKeyRef, &keyExtractionError));
-            
-            if (!_keyData)
-            {
-                NSError *error = CFBridgingRelease(keyExtractionError);
-                MSID_LOG_WITH_CTX(MSIDLogLevelError, nil, @"Failed to read data from key ref %@", error);
-                return nil;
-            }
-        }
-        else
+        _keyData = (NSData *)CFBridgingRelease(SecKeyCopyExternalRepresentation(self.publicKeyRef, &keyExtractionError));
+        
+        if (!_keyData)
         {
-            MSID_LOG_WITH_CTX(MSIDLogLevelError, nil, @"Unable to extract key data from SecKeyRef due to unsupported platform");
+            NSError *error = CFBridgingRelease(keyExtractionError);
+            MSID_LOG_WITH_CTX(MSIDLogLevelError, nil, @"Failed to read data from key ref %@", error);
+            return nil;
         }
     }
 
@@ -226,14 +219,7 @@ - (nullable NSData *)decrypt:(nonnull NSString *)encryptedMessageString
         return nil;
     }
 
-    if (@available(iOS 10.0, macOS 10.12, *))
-    {
-        return [encryptedMessage msidDecryptedDataWithAlgorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA1 privateKey:self.privateKeyRef];
-    }
-    else
-    {
-        return nil;
-    }
+    return [encryptedMessage msidDecryptedDataWithAlgorithm:kSecKeyAlgorithmRSAEncryptionOAEPSHA1 privateKey:self.privateKeyRef];
 }
 
 - (NSString *)signData:(NSString *)message