Merge pull request #982 from AzureAD/avdunn/release-1.30.0-beta

Remove third-party dependencies from msal4j package

Author: Avery-Dunn

README.md

@@ -16,7 +16,7 @@ Quick links:
 The library supports the following Java environments:
 - Java 8 (or higher)
 
-Current version - 1.22.0
+Current version - 1.30.0-beta
 
 You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/main/msal4j-sdk/changelog.txt).
 
@@ -28,13 +28,13 @@ Find [the latest package in the Maven repository](https://mvnrepository.com/arti
 <dependency>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j</artifactId>
-    <version>1.22.0</version>
+    <version>1.30.0-beta</version>
 </dependency>
 ```
 ### Gradle
 
 ```gradle
-implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.22.0'
+implementation group: 'com.microsoft.azure', name: 'com.microsoft.aad.msal4j', version: '1.30.0-beta'
 ```
 
 ## Usage

changelog.txt

@@ -1,3 +1,9 @@
+Version 1.30.0-beta
+=============
+- Replace org.projectlombok dependencies with implementations of generated code (#946)
+- Replace com.nimbusds dependencies with implementations of OAuth behavior (#926, #927, #928, #941, #945)
+- Replace com.fasterxml.jackson with com.azure.json for JSON behavior (#947, #948)
+
 Version 1.22.0
 =============
 - Validate issuer from OIDC endpoint when using the oidcAuthority() API (#970)
@@ -11,7 +17,7 @@ Version 1.21.0
 - Fix query parameter issue in IMDS scenarios (#954)
 - Update dependencies used in tests to avoid CVE warnings (#962)
 
-Version 1.20.1
+ 1.20.1
 =============
 - Fix Base64URL decoding bug (#938)
 

msal4j-sdk/README.md

@@ -16,7 +16,7 @@ Quick links:
 The library supports the following Java environments:
 - Java 8 (or higher)
 
-Current version - 1.22.0
+Current version - 1.30.0-beta
 
 You can find the changes for each version in the [change log](https://github.com/AzureAD/microsoft-authentication-library-for-java/blob/master/changelog.txt).
 
@@ -28,13 +28,13 @@ Find [the latest package in the Maven repository](https://mvnrepository.com/arti
 <dependency>
     <groupId>com.microsoft.azure</groupId>
     <artifactId>msal4j</artifactId>
-    <version>1.22.0</version>
+    <version>1.30.0-beta</version>
 </dependency>
 ```
 ### Gradle
 
 ```gradle
-compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.22.0'
+compile group: 'com.microsoft.azure', name: 'msal4j', version: '1.30.0-beta'
 ```
 
 ## Usage

msal4j-sdk/bnd.bnd

@@ -1,2 +1,2 @@
-Export-Package: com.microsoft.aad.msal4j;version="1.22.0"
+Export-Package: com.microsoft.aad.msal4j;version="1.30.0-beta"
 Automatic-Module-Name: com.microsoft.aad.msal4j

msal4j-sdk/pom.xml

@@ -1,32 +1,32 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <groupId>com.microsoft.azure</groupId>
-    <artifactId>msal4j</artifactId>
-    <version>1.22.0</version>
-    <packaging>jar</packaging>
-    <name>msal4j</name>
-    <description>
-        Microsoft Authentication Library for Java gives you the ability to obtain tokens from Microsoft Entra (work and
-        school accounts, MSA) and Azure AD B2C, gaining access to Microsoft Cloud API and any other API secured by Microsoft
-        identities
-    </description>
-    <url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url>
-    <developers>
-        <developer>
-            <id>msopentech</id>
-            <name>Microsoft Open Technologies, Inc.</name>
-        </developer>
-    </developers>
-    <licenses>
-        <license>
-            <name>MIT License</name>
-        </license>
-    </licenses>
-    <inceptionYear>2013</inceptionYear>
-    <scm>
-        <url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url>
-    </scm>
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>com.microsoft.azure</groupId>
+	<artifactId>msal4j</artifactId>
+	<version>1.30.0-beta</version>
+	<packaging>jar</packaging>
+	<name>msal4j</name>
+	<description>
+    Microsoft Authentication Library for Java gives you the ability to obtain tokens from Azure AD v2 (work and school
+		accounts, MSA) and Azure AD B2C, gaining access to Microsoft Cloud API and any other API secured by Microsoft
+		identities
+  </description>
+	<url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url>
+	<developers>
+		<developer>
+			<id>msopentech</id>
+			<name>Microsoft Open Technologies, Inc.</name>
+		</developer>
+	</developers>
+	<licenses>
+		<license>
+			<name>MIT License</name>
+		</license>
+	</licenses>
+	<inceptionYear>2013</inceptionYear>
+	<scm>
+		<url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url>
+	</scm>
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -39,45 +39,30 @@
     </properties>
 
     <dependencies>
-        <dependency>
-            <groupId>com.nimbusds</groupId>
-            <artifactId>oauth2-oidc-sdk</artifactId>
-            <version>11.23.1</version>
-        </dependency>
-        <dependency>
-            <groupId>net.minidev</groupId>
-            <artifactId>json-smart</artifactId>
-            <version>2.5.2</version>
-        </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
             <artifactId>slf4j-api</artifactId>
             <version>1.7.36</version>
         </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-simple</artifactId>
-            <version>1.6.2</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.projectlombok</groupId>
-            <artifactId>lombok</artifactId>
-            <version>1.18.36</version>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>com.azure</groupId>
             <artifactId>azure-json</artifactId>
             <version>1.4.0</version>
         </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-            <version>2.18.1</version>
-        </dependency>
 
         <!-- test dependencies -->
+        <dependency>
+            <groupId>com.nimbusds</groupId>
+            <artifactId>oauth2-oidc-sdk</artifactId>
+            <version>11.23</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+            <version>1.6.2</version>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>
@@ -167,7 +152,7 @@
     </pluginRepositories>
 
     <build>
-        <sourceDirectory>${project.build.directory}/delombok</sourceDirectory>
+        <sourceDirectory>src/main/java</sourceDirectory>
         <plugins>
             <plugin>
                 <groupId>org.revapi</groupId>
@@ -198,30 +183,7 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.projectlombok</groupId>
-                <artifactId>lombok-maven-plugin</artifactId>
-                <version>1.18.20.0</version>
-                <dependencies>
-                    <dependency>
-                        <groupId>org.projectlombok</groupId>
-                        <artifactId>lombok</artifactId>
-                        <version>1.18.36</version>
-                    </dependency>
-                </dependencies>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>delombok</goal>
-                        </goals>
-                    </execution>
-                </executions>
-                <configuration>
-                    <sourceDirectory>src/main/java</sourceDirectory>
-                    <outputDirectory>${project.build.directory}/delombok</outputDirectory>
-                    <addOutputDirectory>false</addOutputDirectory>
-                </configuration>
-            </plugin>
+
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-jar-plugin</artifactId>
@@ -250,7 +212,7 @@
                 <artifactId>maven-javadoc-plugin</artifactId>
                 <version>3.1.0</version>
                 <configuration>
-                    <sourcepath>${project.build.directory}/delombok</sourcepath>
+                    <sourcepath>src/main/java</sourcepath>
                 </configuration>
                 <executions>
                     <execution>

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/AcquireTokenInteractiveIT.java

@@ -212,42 +212,6 @@ private IAuthenticationResult acquireTokenSilently(IPublicClientApplication pca,
                 .get();
     }
 
-    public void acquireTokensInHomeAndGuestClouds(String homeCloud) throws MalformedURLException {
-
-        User user = labUserProvider.getUserByGuestHomeAzureEnvironments
-                (AzureEnvironment.AZURE, homeCloud);
-
-        // use user`s upn from home cloud
-        user.setUpn(user.getHomeUPN());
-
-        ITokenCacheAccessAspect persistenceAspect = new ITokenCacheAccessAspect() {
-            String data;
-
-            @Override
-            public void beforeCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext) {
-                iTokenCacheAccessContext.tokenCache().deserialize(data);
-            }
-
-            @Override
-            public void afterCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext) {
-                data = iTokenCacheAccessContext.tokenCache().serialize();
-            }
-        };
-
-        PublicClientApplication publicCloudPca = PublicClientApplication.builder(
-                user.getAppId()).
-                authority(TestConstants.AUTHORITY_PUBLIC_TENANT_SPECIFIC).setTokenCacheAccessAspect(persistenceAspect).
-                build();
-
-        IAuthenticationResult result = acquireTokenInteractive(user, publicCloudPca, TestConstants.USER_READ_SCOPE);
-        IntegrationTestHelper.assertAccessAndIdTokensNotNull(result);
-        assertEquals(user.getHomeUPN(), result.account().username());
-
-        publicCloudPca.removeAccount(publicCloudPca.getAccounts().join().iterator().next()).join();
-
-        assertEquals(publicCloudPca.getAccounts().join().size(), 0);
-    }
-
     private IAuthenticationResult acquireTokenInteractive(
             User user,
             PublicClientApplication pca,

msal4j-sdk/src/integrationtest/java/com.microsoft.aad.msal4j/CachePersistenceIT.java

@@ -2,16 +2,10 @@
 // Licensed under the MIT License.
 package com.microsoft.aad.msal4j;
 
-import com.nimbusds.jwt.JWTClaimsSet;
-import com.nimbusds.jwt.PlainJWT;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.TestInstance;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 
-import java.io.IOException;
-import java.net.URISyntaxException;
-import java.util.Collections;
-
 @TestInstance(TestInstance.Lifecycle.PER_CLASS)
 class CachePersistenceIT {
 
@@ -34,59 +28,50 @@ public void afterCacheAccess(ITokenCacheAccessContext iTokenCacheAccessContext)
     }
 
     @Test
-    void cacheDeserializationSerializationTest() throws IOException, URISyntaxException {
+    void cacheDeserializationSerializationTest() {
         String dataToInitCache = TestHelper.readResource(this.getClass(), "/cache_data/serialized_cache.json");
-
-        String ID_TOKEN_PLACEHOLDER = "<idToken_placeholder>";
-        JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
-                .audience(Collections.singletonList("jwtAudience"))
-                .issuer("issuer")
-                .subject("subject")
-                .build();
-        PlainJWT jwt = new PlainJWT(claimsSet);
-
-        dataToInitCache = dataToInitCache.replace(ID_TOKEN_PLACEHOLDER, jwt.serialize());
+        dataToInitCache = dataToInitCache.replace("<idToken_placeholder>", TestHelper.ENCODED_JWT);
 
         ITokenCacheAccessAspect persistenceAspect = new TokenPersistence(dataToInitCache);
 
         PublicClientApplication app = PublicClientApplication.builder("my_client_id")
                 .setTokenCacheAccessAspect(persistenceAspect).build();
 
-        assertEquals(app.getAccounts().join().size(), 1);
-        assertEquals(app.tokenCache.accounts.size(), 1);
-        assertEquals(app.tokenCache.accessTokens.size(), 2);
-        assertEquals(app.tokenCache.refreshTokens.size(), 1);
-        assertEquals(app.tokenCache.idTokens.size(), 1);
-        assertEquals(app.tokenCache.appMetadata.size(), 1);
+        assertEquals(1, app.getAccounts().join().size());
+        assertEquals(1, app.tokenCache.accounts.size());
+        assertEquals(1, app.tokenCache.accessTokens.size());
+        assertEquals(1, app.tokenCache.refreshTokens.size());
+        assertEquals(1, app.tokenCache.idTokens.size());
+        assertEquals(1, app.tokenCache.appMetadata.size());
 
         // create new instance of app to make sure in memory cache cleared
         app = PublicClientApplication.builder("my_client_id")
                 .setTokenCacheAccessAspect(persistenceAspect).build();
 
-        assertEquals(app.getAccounts().join().size(), 1);
-        assertEquals(app.tokenCache.accounts.size(), 1);
-        assertEquals(app.tokenCache.accessTokens.size(), 2);
-        assertEquals(app.tokenCache.refreshTokens.size(), 1);
-        assertEquals(app.tokenCache.idTokens.size(), 1);
-        assertEquals(app.tokenCache.appMetadata.size(), 1);
+        assertEquals(1, app.getAccounts().join().size());
+        assertEquals(1, app.tokenCache.accounts.size());
+        assertEquals(1, app.tokenCache.accessTokens.size());
+        assertEquals(1, app.tokenCache.refreshTokens.size());
+        assertEquals(1, app.tokenCache.idTokens.size());
+        assertEquals(1, app.tokenCache.appMetadata.size());
 
         app.removeAccount(app.getAccounts().join().iterator().next()).join();
 
-        assertEquals(app.getAccounts().join().size(), 0);
-        assertEquals(app.tokenCache.accounts.size(), 0);
-        assertEquals(app.tokenCache.accessTokens.size(), 1);
-        assertEquals(app.tokenCache.refreshTokens.size(), 0);
-        assertEquals(app.tokenCache.idTokens.size(), 0);
-        assertEquals(app.tokenCache.appMetadata.size(), 1);
+        assertEquals(0, app.getAccounts().join().size());
+        assertEquals(0, app.tokenCache.accounts.size());
+        assertEquals(0, app.tokenCache.accessTokens.size());
+        assertEquals(0, app.tokenCache.refreshTokens.size());
+        assertEquals(0, app.tokenCache.idTokens.size());
+        assertEquals(1, app.tokenCache.appMetadata.size());
 
         app = PublicClientApplication.builder("my_client_id")
                 .setTokenCacheAccessAspect(persistenceAspect).build();
 
-        assertEquals(app.getAccounts().join().size(), 0);
-        assertEquals(app.tokenCache.accounts.size(), 0);
-        assertEquals(app.tokenCache.accessTokens.size(), 1);
-        assertEquals(app.tokenCache.refreshTokens.size(), 0);
-        assertEquals(app.tokenCache.idTokens.size(), 0);
-        assertEquals(app.tokenCache.appMetadata.size(), 1);
+        assertEquals(0, app.getAccounts().join().size());
+        assertEquals(0, app.tokenCache.accounts.size());
+        assertEquals(0, app.tokenCache.accessTokens.size());
+        assertEquals(0, app.tokenCache.refreshTokens.size());
+        assertEquals(0, app.tokenCache.idTokens.size());
+        assertEquals(1, app.tokenCache.appMetadata.size());
     }
 }