Merge pull request #1470 from AzureAD/release/2.7.15

Merging release 2.7.15 into master 2.7.x

ADAL.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
   s.name         = "ADAL"
   s.module_name  = "ADAL"
-  s.version      = "2.7.14"
+  s.version      = "2.7.15"
   s.summary      = "The ADAL SDK for iOS gives you the ability to add Azure Identity authentication to your application"
 
   s.description  = <<-DESC

ADAL/resources/ios/Framework/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.7.14</string>
+	<string>2.7.15</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleVersion</key>

ADAL/resources/mac/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.7.13</string>
+	<string>2.7.15</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleVersion</key>

ADAL/src/ADAL_Internal.h

@@ -27,7 +27,7 @@
 // through build script. Don't change its format unless changing build script as well.)
 #define ADAL_VER_HIGH       2
 #define ADAL_VER_LOW        7
-#define ADAL_VER_PATCH      14
+#define ADAL_VER_PATCH      15
 
 #define STR_HELPER(x) #x
 #define STR(x) STR_HELPER(x)

ADAL/src/ADAuthenticationContext.m

@@ -259,6 +259,17 @@ + (ADAuthenticationContext*)authenticationContextWithAuthority:(NSString*)author
                                sharedGroup:sharedGroup
                                      error:error];
 }
+
++ (BOOL)handleADALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication
+{
+    if ([ADAuthenticationContext canHandleResponse:response sourceApplication:sourceApplication])
+    {
+        return [ADAuthenticationContext handleBrokerResponse:response sourceApplication:sourceApplication];
+    }
+
+    return NO;
+}
+
 #endif // TARGET_OS_IPHONE
 
 #define REQUEST_WITH_REDIRECT_STRING(_redirect, _clientId, _resource) \

ADAL/src/public/ADAuthenticationContext.h

@@ -231,6 +231,29 @@ typedef enum
                                                       validateAuthority:(BOOL)validate
                                                             sharedGroup:(nullable NSString*)sharedGroup
                                                                   error:(ADAuthenticationError* __autoreleasing _Nullable * _Nullable)error;
+
+/*!
+ Ask ADAL to handle URL response. You MUST implement this API in following cases:
+ 1. Your application is using brokered authentication (ADCredentialsType is set to AD_CREDENTIALS_AUTO and you have configured your application to use broker), AND
+ 2. You're using iOS 13 multiple window feature and your code implements UISceneDelegate instead of UIApplicationDelegate
+ 
+ You should call this API from your UISceneDelegate implementation, for example:
+ 
+ - (void)scene:(UIScene *)scene openURLContexts:(NSSet<UIOpenURLContext *> *)URLContexts
+ {
+     UIOpenURLContext *context = URLContexts.anyObject;
+     NSURL *url = context.URL;
+     NSString *sourceApplication = context.options.sourceApplication;
+     
+     [ADAuthenticationContext handleADALResponse:url sourceApplication:sourceApplication];
+ }
+ 
+ Calling this API ensures that ADAL can receive tokens from the Microsoft Authenticator application.
+ @return    YES if it is ADAL response and it was handled
+            NO if it is not ADAL response or there was a failure in handling.
+ */
++ (BOOL)handleADALResponse:(nonnull NSURL *)response sourceApplication:(nullable NSString *)sourceApplication;
+
 #endif
 
 /*! Represents the authority used by the context. */

ADAL/src/public/ADAuthenticationSettings.h

@@ -73,7 +73,7 @@
  this value cannot be changed. Doing so will throw an exception.
  */
 - (nonnull NSString*)defaultKeychainGroup;
-- (void)setDefaultKeychainGroup:(nonnull NSString*)keychainGroup;
+- (void)setDefaultKeychainGroup:(nullable NSString*)keychainGroup;
 #endif // TARGET_OS_IPHONE
 
 @end

ADAL/tests/app/resources/ios/Info.plist

@@ -15,7 +15,7 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>2.7.14</string>
+	<string>2.7.15</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleURLTypes</key>

README.md

@@ -11,13 +11,14 @@ We recommend remaining up-to-date with the latest version of ADAL. The best plac
 
 The only approved way to get the latest version is through a tagged release on GitHub, or a tool that relies on that data. Tools like [CocoaPods](https://cocoapods.org) can make it easier to set up your project dependencies and update to the latest release. ADAL follows the [GitFlow branching model](http://danielkummer.github.io/git-flow-cheatsheet/). You should never pull an ADAL version for release from any branch other then master, any other branch is for versions of ADAL still in development or testing, and are subject to change.
 
-NOTE: To work with iOS 10 you must have at least version 2.2.5, or 1.2.9.
+NOTE:
 
-NOTE: To work with iOS 13 you must have at least version 2.7.14 or 4.0.2
+* To work with iOS 10 you must have at least version 2.2.5, or 1.2.9.
+* To work with iOS 11.3-12.4 you must have at least version 2.6.3.
+* To work with iOS 13+ (when built with Xcode 11) you must have at least version 2.7.14 or 4.0.2
 
 =====================================
 
-
 [![Build Status](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-objc.svg?branch=1.2.x)](https://travis-ci.org/AzureAD/azure-activedirectory-library-for-objc)
 
 The ADAL SDK for iOS and Mac OS X gives you the ability to add support for Work Accounts to your application with just a few lines of additional code. This SDK gives your application the full functionality of Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two factor authentication support. Best of all, it’s FOSS (Free and Open Source Software) so that you can participate in the development process as we build these libraries. 
@@ -83,10 +84,17 @@ We recommend only syncing to specific release tags to make sure you're at a know
 
 You can use CocoaPods to remain up to date with ADAL within a specific major version. Include the following line in your podfile:
 
-    pod 'ADAL', '~> 2.7', :submodules => true
+    pod 'ADAL', '~> 2.7'
 
 You then you can run either `pod install` (if it's a new PodFile) or `pod update` (if it's an existing PodFile) to get the latest version of ADAL. Subsequent calls to `pod update` will update to the latest released version of ADAL as well.
 
+ADAL is using submodules, so if you're using a specific branch of ADAL in your Podfile, you need to enable submodules, e.g.
+
+```
+pod 'ADAL', :git => 'https://github.com/AzureAD/azure-activedirectory-library-for-objc', :branch => 'branch-name', :submodules => true
+
+```
+
 See [CocoaPods](https://cocoapods.org) for more information on setting up a PodFile
 
 ### Option 3: Source Zip
@@ -107,11 +115,10 @@ Click on your project in the Navigator pane in Xcode. Click on your application
 then the "Capabilities" tab. Scroll down to "Keychain Sharing" and flip the switch on. Add
 "com.microsoft.adalcache" to that list.
 
-Alternatively you can disable keychain sharing by setting the keychain sharing group to nil.
-your application's bundle id.
+Alternatively you can disable keychain sharing by setting the keychain sharing group to nil or your application's bundle id.
 
 ```Objective-C
-    [[ADAuthenticationSettings sharedInstance] setSharedCacheKeychainGroup:nil];
+    [[ADAuthenticationSettings sharedInstance] setDefaultKeychainGroup:nil];
 ```
 
 ##### Inspecting the Cache
@@ -244,9 +251,26 @@ msauth://code/<broker-redirect-uri-in-url-encoded-form>
 ex: msauth://code/x-msauth-mytestiosapp%3A%2F%2Fcom.microsoft.mytestiosapp
 ```
 
-### Caching
+#### iOS 13 support
+
+**If you adopted UISceneDelegate, you must also add an ADAL callback into the `scene:openURLContexts:` method**.
+
+This is needed so that ADAL can get a response from the Microsoft Authenticator application. 
+
+For example:
+
+```objc
+ - (void)scene:(UIScene *)scene openURLContexts:(NSSet<UIOpenURLContext *> *)URLContexts
+ {
+     UIOpenURLContext *context = URLContexts.anyObject;
+     NSURL *url = context.URL;
+     NSString *sourceApplication = context.options.sourceApplication;
+     
+     [ADAuthenticationContext handleADALResponse:url sourceApplication:sourceApplication];
+ }
+```
 
-####
+If you're not using UISceneDelegate functionality yet, you can ignore this step. 
 
 
 ### Diagnostics
@@ -350,7 +374,7 @@ your application, or disable keychain sharing by passing in your application's b
 in ADAuthenticationSettings:
 
 ```Objective-C
-    [[ADAuthenticationSettings sharedInstance] setSharedCacheKeychainGroup:nil];
+    [[ADAuthenticationSettings sharedInstance] setDefaultKeychainGroup:nil];
 ```
 
 **ADAL keeps returning SSL errors in iOS 9 and later**

changelog.txt

@@ -1,3 +1,9 @@
+Version 2.7.15 (09.17.2019)
+--------
+* Added support brokered authentication with UISceneDelegate on iOS 13
+* Updated readme
+* Fixed nullability for keychainGroup setting
+
 Version 2.7.14 (08.13.2019)
 --------
 * Support new iOS 13 capable broker