Add PreferredAuthMethod to interactive token flow (#2245)

## Why
With the introduction of the QR + PIN Auth method a new query string
parameter was added.
Preferred authorization method = pc.
This parameter will be passed to the authorization endpoint to indicate
the preferred authorization method for a request. (for QR + PIN Auth the
code is 18)
If this parameter is present ESTS will read the code and will return a
UX according to the specified pc.
If this parameter is not present the behavior will be the same, we have
now.

## Changes

* Add PreferredAuthMethod to InteractiveTokenCommandParameters,
MicrosoftAuthorizationRequest and BrokerRequest to be transported
through the flow.
* Pass the data on the controllers.


## Related PR's
AzureAD/ad-accounts-for-android#2630

AzureAD/microsoft-authentication-library-for-android#1964

changelog.txt

@@ -1,5 +1,6 @@
 V.Next
 ---------
+- [MINOR] Add PreferredAuthMethod to interactive token flow (#2245)
 - [MINOR] Implement updates of the native auth web API (#2261)
 
 V.17.0.0

common/src/main/java/com/microsoft/identity/common/internal/broker/BrokerRequest.java

@@ -31,6 +31,7 @@
 import com.microsoft.identity.common.java.providers.oauth2.OpenIdConnectPromptParameter;
 import com.microsoft.identity.common.java.request.SdkType;
 import com.microsoft.identity.common.java.ui.BrowserDescriptor;
+import com.microsoft.identity.common.java.ui.PreferredAuthMethod;
 
 import java.io.Serializable;
 
@@ -75,6 +76,8 @@ private static final class SerializedNames {
         final static String POWER_OPT_CHECK_ENABLED = "power_opt_check_enabled";
         final static String SPAN_CONTEXT = "span_context";
         final static String PREFERRED_BROWSER = "preferred_browser";
+
+        final static String PREFERRED_AUTH_METHOD = "preferred_auth_method";
     }
 
     /**
@@ -247,4 +250,7 @@ private static final class SerializedNames {
     @SerializedName(SerializedNames.PREFERRED_BROWSER)
     private BrowserDescriptor mPreferredBrowser;
 
+    @Nullable
+    @SerializedName(SerializedNames.PREFERRED_AUTH_METHOD)
+    private PreferredAuthMethod mPreferredAuthMethod;
 }

common/src/main/java/com/microsoft/identity/common/internal/request/MsalBrokerRequestAdapter.java

@@ -128,6 +128,7 @@ public BrokerRequest brokerRequestFromAcquireTokenParameters(@NonNull final Inte
                         .build()
                 )
                 .preferredBrowser(parameters.getPreferredBrowser())
+                .preferredAuthMethod(parameters.getPreferredAuthMethod())
                 .build();
 
         return brokerRequest;

common4j/src/main/com/microsoft/identity/common/java/commands/parameters/InteractiveTokenCommandParameters.java

@@ -26,6 +26,7 @@
 import com.microsoft.identity.common.java.providers.oauth2.OpenIdConnectPromptParameter;
 import com.microsoft.identity.common.java.ui.AuthorizationAgent;
 import com.microsoft.identity.common.java.ui.BrowserDescriptor;
+import com.microsoft.identity.common.java.ui.PreferredAuthMethod;
 
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -45,6 +46,8 @@ public class InteractiveTokenCommandParameters extends TokenCommandParameters {
 
     private final transient BrowserDescriptor preferredBrowser;
 
+    private final PreferredAuthMethod preferredAuthMethod;
+
     private final transient HashMap<String, String> requestHeaders;
 
     private final boolean brokerBrowserSupportEnabled;

common4j/src/main/com/microsoft/identity/common/java/controllers/BaseController.java

@@ -358,12 +358,10 @@ private void setBuilderProperties(@SuppressWarnings(WarningType.rawtype_warning)
 
         if (builder instanceof MicrosoftStsAuthorizationRequest.Builder) {
             final MicrosoftStsAuthorizationRequest.Builder msBuilder = (MicrosoftStsAuthorizationRequest.Builder) builder;
-            msBuilder.setLoginHint(
-                    interactiveTokenCommandParameters.getLoginHint()
-            ).setPrompt(
-                    interactiveTokenCommandParameters.getPrompt().toString()
-            );
-
+            msBuilder
+                    .setLoginHint(interactiveTokenCommandParameters.getLoginHint())
+                    .setPrompt(interactiveTokenCommandParameters.getPrompt().toString())
+                    .setPreferredAuthMethod(interactiveTokenCommandParameters.getPreferredAuthMethod());
             final String installedCompanyPortalVersion =
                     parameters.getPlatformComponents().getPlatformUtil().getInstalledCompanyPortalVersion();
 

common4j/src/main/com/microsoft/identity/common/java/providers/microsoft/MicrosoftAuthorizationRequest.java

@@ -29,11 +29,14 @@
 import com.microsoft.identity.common.java.providers.oauth2.AuthorizationRequest;
 import com.microsoft.identity.common.java.providers.oauth2.DefaultStateGenerator;
 import com.microsoft.identity.common.java.providers.oauth2.PkceChallenge;
+import com.microsoft.identity.common.java.ui.PreferredAuthMethod;
 import com.microsoft.identity.common.java.util.StringUtil;
 
 import java.net.URL;
 import java.util.UUID;
 
+import javax.annotation.Nullable;
+
 import cz.msebera.android.httpclient.extras.Base64;
 import lombok.Getter;
 import lombok.NonNull;
@@ -128,6 +131,13 @@ public abstract class MicrosoftAuthorizationRequest<T extends MicrosoftAuthoriza
     @SerializedName(INSTANCE_AWARE)
     private final Boolean mMultipleCloudAware;
 
+    @Expose()
+    @Getter
+    @Accessors(prefix = "m")
+    @SerializedName("pc")
+    private final String mPreferredAuthMethodCode;
+
+
     /**
      * Constructor of MicrosoftAuthorizationRequest.
      */
@@ -147,6 +157,9 @@ protected MicrosoftAuthorizationRequest(@SuppressWarnings(WarningType.rawtype_wa
         mMultipleCloudAware = builder.mMultipleCloudAware;
         mLibraryVersion = builder.mLibraryVersion;
         mLibraryName = builder.mLibraryName;
+        mPreferredAuthMethodCode = builder.mPreferredAuthMethod == null ?
+                null :
+                String.valueOf(builder.mPreferredAuthMethod.code);
 
         mDiagnosticOS = Device.getOsForEsts();
         mDiagnosticDM = Device.getModel();
@@ -170,6 +183,7 @@ public abstract static class Builder<B extends MicrosoftAuthorizationRequest.Bui
         private UUID mCorrelationId;
         private String mLoginHint;
         private PkceChallenge mPkceChallenge;
+        private PreferredAuthMethod mPreferredAuthMethod;
 
         public Builder() {
             setState(new DefaultStateGenerator().generate());
@@ -205,6 +219,11 @@ public B setLoginHint(String loginHint) {
             return self();
         }
 
+        public B setPreferredAuthMethod(@Nullable final PreferredAuthMethod preferredAuthMethod) {
+            mPreferredAuthMethod = preferredAuthMethod;
+            return self();
+        }
+
         /**
          * Used to secure authorization code grants via Proof Key for Code Exchange (PKCE) from a native client.
          */

common4j/src/main/com/microsoft/identity/common/java/ui/PreferredAuthMethod.kt

@@ -0,0 +1,35 @@
+//  Copyright (c) Microsoft Corporation.
+//  All rights reserved.
+//
+//  This code is licensed under the MIT License.
+//
+//  Permission is hereby granted, free of charge, to any person obtaining a copy
+//  of this software and associated documentation files(the "Software"), to deal
+//  in the Software without restriction, including without limitation the rights
+//  to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
+//  copies of the Software, and to permit persons to whom the Software is
+//  furnished to do so, subject to the following conditions :
+//
+//  The above copyright notice and this permission notice shall be included in
+//  all copies or substantial portions of the Software.
+//
+//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+//  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+//  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+//  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+//  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+//  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+//  THE SOFTWARE.
+package com.microsoft.identity.common.java.ui
+
+/**
+ * Preferred authentication method for the user.
+ * This code will be sent to eSTS as a hint to what authentication method the user prefers.
+ * If not specified, eSTS will use the default authentication method.
+ */
+enum class PreferredAuthMethod(@JvmField val code: Int) {
+    /**
+     * QR code + PIN authentication.
+     */
+    QR(18)
+}

common4j/src/test/com/microsoft/identity/common/java/providers/microsoft/MicrosoftAuthorizationRequestTest.java

@@ -26,6 +26,7 @@
 import com.microsoft.identity.common.java.platform.Device;
 import com.microsoft.identity.common.java.platform.MockDeviceMetadata;
 import com.microsoft.identity.common.java.providers.oauth2.MockAuthorizationRequest;
+import com.microsoft.identity.common.java.ui.PreferredAuthMethod;
 import com.microsoft.identity.common.java.util.StringUtil;
 
 import org.junit.After;
@@ -118,4 +119,19 @@ public void testDeviceMetadataGenerated(){
         Assert.assertEquals(MockDeviceMetadata.TEST_CPU, request.getDiagnosticCPU());
         Assert.assertEquals(MockDeviceMetadata.TEST_DEVICE_MODEL, request.getDiagnosticDM());
     }
+
+    @Test
+    public void testMicrosoftAuthorizationRequestWithPreferredAuthMethod(){
+        final MockMicrosoftAuthorizationRequest request = new MockMicrosoftAuthorizationRequest.Builder()
+                .setPreferredAuthMethod(PreferredAuthMethod.QR)
+                .build();
+        Assert.assertEquals(String.valueOf(PreferredAuthMethod.QR.code), request.getPreferredAuthMethodCode());
+    }
+
+    @Test
+    public void testMicrosoftAuthorizationRequestWithNoPreferredAuthMethod(){
+        final MockMicrosoftAuthorizationRequest request = new MockMicrosoftAuthorizationRequest.Builder()
+                .build();
+        Assert.assertNull(request.getPreferredAuthMethodCode());
+    }
 }