react-native-msal2 1.0.8 → 1.0.9

package/android/build.gradle

@@ -1,38 +1,20 @@
-buildscript {
-  repositories {
-    google()
-    mavenCentral()
-  }
-
-  dependencies {
-    classpath 'com.android.tools.build:gradle:4.0.2'
-  }
-}
-
-apply plugin: 'com.android.library'
+apply plugin: "com.android.library"
+apply plugin: "org.jetbrains.kotlin.android"
 
 def safeExtGet(prop, fallback) {
   rootProject.ext.has(prop) ? rootProject.ext.get(prop) : fallback
 }
 
 android {
-  namespace 'com.reactnativemsal'
-  compileSdkVersion safeExtGet('compileSdkVersion', 33)
+  namespace "com.reactnativemsal"
+
+  compileSdkVersion safeExtGet("compileSdkVersion", 34)
+
   defaultConfig {
-    minSdkVersion safeExtGet('minSdkVersion', 21)
-    targetSdkVersion safeExtGet('targetSdkVersion', 33)
-    versionCode 1
-    versionName "1.0"
+    minSdkVersion safeExtGet("minSdkVersion", 21)
+    targetSdkVersion safeExtGet("targetSdkVersion", 34)
   }
 
-  buildTypes {
-    release {
-      minifyEnabled false
-    }
-  }
-  lintOptions {
-    disable 'GradleCompatible'
-  }
   compileOptions {
     sourceCompatibility JavaVersion.VERSION_1_8
     targetCompatibility JavaVersion.VERSION_1_8
@@ -40,19 +22,13 @@ android {
 }
 
 repositories {
-  mavenLocal()
-  maven {
-    // All of React Native (JS, Obj-C sources, Android binaries) is installed from npm
-    url("$rootDir/../node_modules/react-native/android")
-  }
   google()
   mavenCentral()
 }
 
 dependencies {
-  // noinspection GradleDynamicVersion
-  implementation 'com.facebook.react:react-native:+' // From node_modules
-  implementation('com.microsoft.identity.client:msal:5.1.0') {
-    exclude group: 'com.microsoft.device.display' // This group is obsolete nowadays
-  }
+  //noinspection UseTomlInstead
+  compileOnly "com.facebook.react:react-android"
+  //noinspection UseTomlInstead
+  implementation "com.microsoft.identity.client:msal:8.2.1"
 }

package/android/src/main/java/com/reactnativemsal/RNMSALModule.kt

@@ -0,0 +1,511 @@
+package com.reactnativemsal
+
+import android.content.pm.PackageManager
+import android.net.Uri
+import android.util.Base64
+import android.util.Log
+import com.facebook.react.bridge.Arguments.createArray
+import com.facebook.react.bridge.Arguments.createMap
+import com.facebook.react.bridge.Arguments.fromArray
+import com.facebook.react.bridge.Promise
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.bridge.ReactContextBaseJavaModule
+import com.facebook.react.bridge.ReactMethod
+import com.facebook.react.bridge.ReadableArray
+import com.facebook.react.bridge.ReadableMap
+import com.facebook.react.bridge.WritableArray
+import com.facebook.react.bridge.WritableMap
+import com.microsoft.identity.client.AcquireTokenParameters
+import com.microsoft.identity.client.AcquireTokenSilentParameters
+import com.microsoft.identity.client.AuthenticationCallback
+import com.microsoft.identity.client.IAccount
+import com.microsoft.identity.client.IAuthenticationResult
+import com.microsoft.identity.client.IMultiTenantAccount
+import com.microsoft.identity.client.IMultipleAccountPublicClientApplication
+import com.microsoft.identity.client.IMultipleAccountPublicClientApplication.RemoveAccountCallback
+import com.microsoft.identity.client.Prompt
+import com.microsoft.identity.client.PublicClientApplication
+import com.microsoft.identity.client.SilentAuthenticationCallback
+import com.microsoft.identity.client.exception.MsalException
+import org.json.JSONArray
+import org.json.JSONException
+import org.json.JSONObject
+import java.io.File
+import java.io.FileWriter
+import java.security.MessageDigest
+import java.util.AbstractMap
+import java.util.regex.Matcher
+import java.util.regex.Pattern
+
+class RNMSALModule(reactContext: ReactApplicationContext?) :
+    ReactContextBaseJavaModule(reactContext) {
+    private var publicClientApplication: IMultipleAccountPublicClientApplication? = null
+
+    override fun getName(): String {
+        return NAME
+    }
+
+    @ReactMethod
+    fun createPublicClientApplication(params: ReadableMap, promise: Promise) {
+        val context = reactApplicationContext
+        try {
+            // We have to make a JSON file containing the MSAL configuration, then use that file to
+            // create the PublicClientApplication
+            // We first need to create the JSON model using the passed in parameters
+
+            val config =
+                if (params.hasKey("androidConfigOptions")) params.getMap("androidConfigOptions") else null
+
+            val msalConfigJsonObj =
+                if (config != null) ReadableMapUtils.toJsonObject(config) else JSONObject()
+
+            // Account mode. Required to be MULTIPLE for this library
+            msalConfigJsonObj.put("account_mode", "MULTIPLE")
+
+            // If broker_redirect_uri_registered is not provided in androidConfigOptions,
+            // default it to false
+            if (!msalConfigJsonObj.has("broker_redirect_uri_registered")) {
+                msalConfigJsonObj.put("broker_redirect_uri_registered", false)
+            }
+
+            val auth = params.getMap("auth")
+
+            // Authority
+            val authority = ReadableMapUtils.getStringOrDefault(
+                auth,
+                "authority",
+                "https://login.microsoftonline.com/common"
+            )
+            msalConfigJsonObj.put("authority", authority)
+
+            // Client id
+            msalConfigJsonObj.put("client_id", ReadableMapUtils.getStringOrThrow(auth, "clientId"))
+
+            // Redirect URI
+            msalConfigJsonObj.put(
+                "redirect_uri",
+                if (auth!!.hasKey("redirectUri")) auth.getString("redirectUri") else makeRedirectUri(
+                    context
+                ).toString()
+            )
+
+            // Authorities
+            val knownAuthorities = auth.getArray("knownAuthorities")
+            // List WILL be instantiated and empty if `knownAuthorities` is null
+            val authoritiesList = readableArrayToStringList(knownAuthorities)
+            // Make sure the `authority` makes it in the authority list
+            if (!authoritiesList.contains(authority)) {
+                authoritiesList.add(authority)
+            }
+            // The authoritiesList is just a list of urls (strings), but the native android MSAL
+            // library expects an array of objects, so we have to parse the urls
+            val authoritiesJsonArr = makeAuthoritiesJsonArray(authoritiesList, authority)
+            msalConfigJsonObj.put("authorities", authoritiesJsonArr)
+
+            // Serialize the JSON config to a string
+            val serializedMsalConfig = msalConfigJsonObj.toString()
+            Log.d("RNMSALModule", serializedMsalConfig)
+
+            // Create a temporary file and write the serialized config to it
+            val file = File.createTempFile("RNMSAL_msal_config", ".tmp")
+            file.deleteOnExit()
+            val writer = FileWriter(file)
+            writer.write(serializedMsalConfig)
+            writer.close()
+
+            // Finally, create the PCA with the temporary config file we created
+            publicClientApplication =
+                PublicClientApplication.createMultipleAccountPublicClientApplication(
+                    context, file
+                )
+            promise.resolve(null)
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    @Throws(JSONException::class, IllegalArgumentException::class)
+    private fun makeAuthoritiesJsonArray(
+        authorityUrls: MutableList<String>,
+        authority: String?
+    ): JSONArray {
+        val authoritiesJsonArr = JSONArray()
+        var foundDefaultAuthority = false
+
+        for (authorityUrl in authorityUrls) {
+            val authorityJsonObj = JSONObject()
+
+            // Authority is set as the default if one is not set yet, and it matches `authority`
+            if (!foundDefaultAuthority && authorityUrl == authority) {
+                authorityJsonObj.put("default", true)
+                foundDefaultAuthority = true
+            }
+
+            val aadAuthorityMatcher: Matcher = aadAuthorityPattern.matcher(authorityUrl)
+            val b2cAuthorityMatcher: Matcher = b2cAuthorityPattern.matcher(authorityUrl)
+
+            if (aadAuthorityMatcher.find()) {
+                val group = aadAuthorityMatcher.group(1)
+                requireNotNull(group) { "Could not match group 1 for regex https://login.microsoftonline.com/([^/]+) in authority \"$authorityUrl\"" }
+
+                val audience = when (group) {
+                    "common" -> JSONObject().put("type", "AzureADandPersonalMicrosoftAccount")
+                    "organizations" -> JSONObject().put("type", "AzureADMultipleOrgs")
+                    "consumers" -> JSONObject().put("type", "PersonalMicrosoftAccount")
+                    else ->  // assume `group` is a tenant id
+                        JSONObject().put("type", "AzureADMyOrg").put("tenant_id", group)
+                }
+                authorityJsonObj.put("type", AUTHORITY_TYPE_AAD)
+                authorityJsonObj.put("audience", audience)
+            } else if (b2cAuthorityMatcher.find()) {
+                authorityJsonObj.put("type", AUTHORITY_TYPE_B2C)
+                authorityJsonObj.put("authority_url", authorityUrl)
+            } else {
+                throw IllegalArgumentException("Authority \"$authorityUrl\" doesn't match AAD regex https://login.microsoftonline.com/([^/]+) or B2C regex https://([^/]+)/tfp/([^/]+)/.+")
+            }
+
+            authoritiesJsonArr.put(authorityJsonObj)
+        }
+
+        // If a default authority was not found, we set the first authority as the default
+        if (!foundDefaultAuthority && authoritiesJsonArr.length() > 0) {
+            authoritiesJsonArr.getJSONObject(0).put("default", true)
+        }
+
+        return authoritiesJsonArr
+    }
+
+    @Throws(Exception::class)
+    private fun makeRedirectUri(context: ReactApplicationContext): Uri? {
+        try {
+            val packageName = context.packageName
+            val info = context.packageManager
+                .getPackageInfo(packageName, PackageManager.GET_SIGNATURES)
+            if (info.signatures?.size != 1) {
+                throw RuntimeException("RNMSAL expected there to be exactly one signature for package $packageName")
+            }
+            val signature = info.signatures?.first()
+            val messageDigest = MessageDigest.getInstance("SHA")
+            messageDigest.update(signature!!.toByteArray())
+            val signatureHash = Base64.encodeToString(messageDigest.digest(), Base64.NO_WRAP)
+            Log.d("RNMSALModule", signatureHash)
+
+            return Uri.Builder().scheme("msauth")
+                .authority(packageName)
+                .appendPath(signatureHash)
+                .build()
+        } catch (ex: Exception) {
+            throw Exception(
+                "Could not create redirect uri from package name and signature hash",
+                ex
+            )
+        }
+    }
+
+    @ReactMethod
+    fun acquireToken(params: ReadableMap, promise: Promise) {
+        try {
+            val acquireTokenParameters =
+                AcquireTokenParameters.Builder()
+                    .startAuthorizationFromActivity(this.reactApplicationContext.currentActivity)
+
+            // Required parameters
+            val scopes = readableArrayToStringList(params.getArray("scopes"))
+            acquireTokenParameters.withScopes(scopes)
+
+            // Optional parameters
+            if (params.hasKey("authority")) {
+                acquireTokenParameters.fromAuthority(params.getString("authority"))
+            }
+
+            if (params.hasKey("promptType")) {
+                acquireTokenParameters.withPrompt(Prompt.entries[params.getInt("promptType")])
+            }
+
+            if (params.hasKey("loginHint")) {
+                acquireTokenParameters.withLoginHint(params.getString("loginHint"))
+            }
+
+            if (params.hasKey("extraScopesToConsent")) {
+                acquireTokenParameters.withOtherScopesToAuthorize(
+                    readableArrayToStringList(params.getArray("extraScopesToConsent"))
+                )
+            }
+
+            if (params.hasKey("extraQueryParameters")) {
+                val parameters: MutableList<MutableMap.MutableEntry<String?, String?>?> =
+                    ArrayList()
+                params.getMap("extraQueryParameters")?.toHashMap()?.entries?.let {
+                    for (entry in it) {
+                        parameters.add(
+                            AbstractMap.SimpleEntry<String?, String?>(
+                                entry.key,
+                                entry.value.toString()
+                            )
+                        )
+                    }
+                }
+                acquireTokenParameters.withAuthorizationQueryStringParameters(parameters)
+            }
+
+            acquireTokenParameters.withCallback(getAuthInteractiveCallback(promise))
+            publicClientApplication!!.acquireToken(acquireTokenParameters.build())
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    private fun getAuthInteractiveCallback(promise: Promise): AuthenticationCallback {
+        return object : AuthenticationCallback {
+            override fun onCancel() {
+                promise.reject("userCancel", "userCancel")
+            }
+
+            override fun onSuccess(authenticationResult: IAuthenticationResult?) {
+                if (authenticationResult != null) {
+                    promise.resolve(msalResultToDictionary(authenticationResult))
+                } else {
+                    promise.resolve(null)
+                }
+            }
+
+            override fun onError(exception: MsalException) {
+                promise.reject(exception)
+            }
+        }
+    }
+
+    @ReactMethod
+    fun acquireTokenSilent(params: ReadableMap, promise: Promise) {
+        try {
+            val acquireTokenSilentParameters =
+                AcquireTokenSilentParameters.Builder()
+
+            // Required parameters
+            val scopes = readableArrayToStringList(params.getArray("scopes"))
+            acquireTokenSilentParameters.withScopes(scopes)
+
+            val accountIn = params.getMap("account")
+            val accountIdentifier = accountIn?.getString("identifier")
+            val account = publicClientApplication!!.getAccount(
+                accountIdentifier!!
+            )
+            acquireTokenSilentParameters.forAccount(account)
+
+            // Optional parameters
+            var authority: String? =
+                publicClientApplication!!
+                    .configuration
+                    .defaultAuthority
+                    .authorityURL
+                    .toString()
+            if (params.hasKey("authority")) {
+                authority = params.getString("authority")
+            }
+            acquireTokenSilentParameters.fromAuthority(authority)
+
+            if (params.hasKey("forceRefresh")) {
+                acquireTokenSilentParameters.forceRefresh(params.getBoolean("forceRefresh"))
+            }
+
+            acquireTokenSilentParameters.withCallback(getAuthSilentCallback(promise))
+            publicClientApplication!!.acquireTokenSilentAsync(acquireTokenSilentParameters.build())
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    private fun getAuthSilentCallback(promise: Promise): SilentAuthenticationCallback {
+        return object : SilentAuthenticationCallback {
+            override fun onSuccess(authenticationResult: IAuthenticationResult?) {
+                if (authenticationResult != null) {
+                    promise.resolve(msalResultToDictionary(authenticationResult))
+                } else {
+                    promise.resolve(null)
+                }
+            }
+
+            override fun onError(exception: MsalException) {
+                promise.reject(exception)
+            }
+        }
+    }
+
+    @ReactMethod
+    fun getAccounts(promise: Promise) {
+        try {
+            val accounts = publicClientApplication!!.accounts
+            val array = createArray()
+            if (accounts != null) {
+                for (account in accounts) {
+                    array.pushMap(accountToMap(account))
+                }
+            }
+            promise.resolve(array)
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    @ReactMethod
+    fun getAccount(accountIdentifier: String, promise: Promise) {
+        try {
+            val account = publicClientApplication!!.getAccount(accountIdentifier)
+            if (account != null) {
+                promise.resolve(accountToMap(account))
+            } else {
+                promise.resolve(null)
+            }
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    @ReactMethod
+    fun removeAccount(accountIn: ReadableMap, promise: Promise) {
+        try {
+            // Required parameters
+            publicClientApplication?.let { app ->
+                accountIn.getString(("identifier"))?.let {
+                    val account = app.getAccount(it)
+
+                    app.removeAccount(
+                        account,
+                        object : RemoveAccountCallback {
+                            override fun onRemoved() {
+                                promise.resolve(true)
+                            }
+
+                            override fun onError(exception: MsalException) {
+                                promise.reject(exception)
+                            }
+                        })
+                }
+            }
+        } catch (e: Exception) {
+            promise.reject(e)
+        }
+    }
+
+    private fun msalResultToDictionary(result: IAuthenticationResult): WritableMap {
+        val map = createMap()
+        map.putString("accessToken", result.accessToken)
+        map.putString("expiresOn", String.format("%s", result.expiresOn.time / 1000))
+        var idToken = result.account.idToken
+        if (idToken == null) {
+            idToken =
+                (result.account as IMultiTenantAccount).tenantProfiles[result.tenantId]?.idToken
+        }
+        map.putString("idToken", idToken)
+        map.putArray("scopes", fromArray(result.scope))
+        map.putString("tenantId", result.tenantId)
+        map.putMap("account", accountToMap(result.account))
+        return map
+    }
+
+    private fun accountToMap(account: IAccount): WritableMap {
+        val map = createMap()
+        map.putString("identifier", account.id)
+        map.putString("username", account.username)
+        map.putString("tenantId", account.tenantId)
+        val claims = account.claims
+        if (claims != null) {
+            map.putMap("claims", toWritableMap(claims))
+        }
+        return map
+    }
+
+
+    private fun readableArrayToStringList(readableArray: ReadableArray?): MutableList<String> {
+        val list: MutableList<String> = ArrayList()
+        if (readableArray != null) {
+            for (item in readableArray.toArrayList()) {
+                list.add(item.toString())
+            }
+        }
+        return list
+    }
+
+    private fun toWritableMap(map: MutableMap<String?, *>): WritableMap {
+        val writableMap = createMap()
+        for (entry in map.entries) {
+            val key: String = entry.key!!
+            when (val value: Any? = entry.value) {
+                null -> {
+                    writableMap.putNull(key)
+                }
+
+                is Boolean -> {
+                    writableMap.putBoolean(key, value)
+                }
+
+                is Double -> {
+                    writableMap.putDouble(key, value)
+                }
+
+                is Int -> {
+                    writableMap.putInt(key, value)
+                }
+
+                is String -> {
+                    writableMap.putString(key, value)
+                }
+
+                is MutableMap<*, *> -> {
+                    writableMap.putMap(key, toWritableMap(value as MutableMap<String?, *>))
+                }
+
+                is MutableList<*> -> {
+                    writableMap.putArray(key, toWritableArray(value))
+                }
+            }
+        }
+        return writableMap
+    }
+
+    private fun toWritableArray(list: MutableList<*>): WritableArray {
+        val writableArray = createArray()
+        for (value in list.toTypedArray()) {
+            when (value) {
+                null -> {
+                    writableArray.pushNull()
+                }
+
+                is Boolean -> {
+                    writableArray.pushBoolean(value)
+                }
+
+                is Double -> {
+                    writableArray.pushDouble(value)
+                }
+
+                is Int -> {
+                    writableArray.pushInt(value)
+                }
+
+                is String -> {
+                    writableArray.pushString(value)
+                }
+
+                is MutableMap<*, *> -> {
+                    writableArray.pushMap(toWritableMap(value as MutableMap<String?, *>))
+                }
+
+                is MutableList<*> -> {
+                    writableArray.pushArray(toWritableArray(value))
+                }
+            }
+        }
+        return writableArray
+    }
+
+    companion object {
+        const val NAME = "RNMSAL"
+        private const val AUTHORITY_TYPE_B2C = "B2C"
+        private const val AUTHORITY_TYPE_AAD = "AAD"
+
+        private val aadAuthorityPattern: Pattern =
+            Pattern.compile("https://login\\.microsoftonline\\.com/([^/]+)")
+        private val b2cAuthorityPattern: Pattern = Pattern.compile("https://([^/]+)/([^/]+)/.+")
+    }
+}

package/android/src/main/java/com/reactnativemsal/RNMSALPackage.kt

@@ -0,0 +1,28 @@
+package com.reactnativemsal
+
+import com.facebook.react.BaseReactPackage
+import com.facebook.react.bridge.NativeModule
+import com.facebook.react.bridge.ReactApplicationContext
+import com.facebook.react.module.model.ReactModuleInfo
+import com.facebook.react.module.model.ReactModuleInfoProvider
+
+class RNMSALPackage : BaseReactPackage() {
+    override fun getModule(name: String, reactContext: ReactApplicationContext): NativeModule? {
+        return RNMSALModule(reactContext)
+    }
+
+    override fun getReactModuleInfoProvider(): ReactModuleInfoProvider {
+        return ReactModuleInfoProvider {
+            mapOf(
+                RNMSALModule.NAME to ReactModuleInfo(
+                    RNMSALModule.NAME,
+                    RNMSALModule::class.java.name,
+                    canOverrideExistingModule = false,
+                    needsEagerInit = false,
+                    isCxxModule = false,
+                    isTurboModule = false
+                )
+            )
+        }
+    }
+}

package/android/src/main/java/com/reactnativemsal/ReadableMapUtils.kt

@@ -0,0 +1,82 @@
+package com.reactnativemsal
+
+import com.facebook.react.bridge.ReadableArray
+import com.facebook.react.bridge.ReadableMap
+import com.facebook.react.bridge.ReadableType
+import org.json.JSONArray
+import org.json.JSONException
+import org.json.JSONObject
+
+object ReadableMapUtils {
+    @Throws(JSONException::class)
+    fun toJsonObject(readableMap: ReadableMap): JSONObject {
+        val jsonObject = JSONObject()
+
+        val iterator = readableMap.keySetIterator()
+
+        while (iterator.hasNextKey()) {
+            val key = iterator.nextKey()
+            val type = readableMap.getType(key)
+
+            when (type) {
+                ReadableType.Null -> jsonObject.put(key, null)
+                ReadableType.Boolean -> jsonObject.put(key, readableMap.getBoolean(key))
+                ReadableType.Number -> jsonObject.put(key, readableMap.getDouble(key))
+                ReadableType.String -> jsonObject.put(key, readableMap.getString(key))
+                ReadableType.Map -> jsonObject.put(
+                    key,
+                    toJsonObject(
+                        readableMap.getMap(key)!!
+                    )
+                )
+
+                ReadableType.Array -> jsonObject.put(
+                    key, toJsonArray(readableMap.getArray(key)!!)
+                )
+            }
+        }
+
+        return jsonObject
+    }
+
+    @Throws(JSONException::class)
+    fun toJsonArray(readableArray: ReadableArray): JSONArray {
+        val jsonArray = JSONArray()
+
+        for (i in 0..<readableArray.size()) {
+            val type = readableArray.getType(i)
+
+            when (type) {
+                ReadableType.Null -> jsonArray.put(i, null)
+                ReadableType.Boolean -> jsonArray.put(i, readableArray.getBoolean(i))
+                ReadableType.Number -> jsonArray.put(i, readableArray.getDouble(i))
+                ReadableType.String -> jsonArray.put(i, readableArray.getString(i))
+                ReadableType.Map -> jsonArray.put(
+                    i,
+                    toJsonObject(readableArray.getMap(i)!!)
+                )
+
+                ReadableType.Array -> jsonArray.put(
+                    i, toJsonArray(readableArray.getArray(i)!!)
+                )
+            }
+        }
+
+        return jsonArray
+    }
+
+    fun getStringOrDefault(map: ReadableMap?, key: String, defaultValue: String): String {
+        return try {
+            getStringOrThrow(map, key)
+        } catch (_: Exception) {
+            defaultValue
+        }
+    }
+
+    fun getStringOrThrow(map: ReadableMap?, key: String): String {
+        requireNotNull(map) { "Map is null" }
+
+        return map.getString(key)
+            ?: throw NoSuchElementException("$key doesn't exist on map or is null")
+    }
+}