Revert "Merge branch 'dev' into add-beachball-config"

This reverts commit a725470, reversing
changes made to b9626a5.

Author: Prithvi Kanherkar

experimental/msal-react-native-android-poc/package-lock.json

@@ -28,8 +28,7 @@ import {
     SilentFlowClient,
     EndSessionRequest,
     BaseAuthRequest,
-    Logger,
-    ServerAuthorizationCodeResponse
+    Logger
 } from "@azure/msal-common";
 import { buildConfiguration, Configuration } from "../config/Configuration";
 import { BrowserStorage } from "../cache/BrowserStorage";
@@ -38,14 +37,13 @@ import { RedirectHandler } from "../interaction_handler/RedirectHandler";
 import { PopupHandler } from "../interaction_handler/PopupHandler";
 import { SilentHandler } from "../interaction_handler/SilentHandler";
 import { BrowserAuthError } from "../error/BrowserAuthError";
-import { BrowserConstants, TemporaryCacheKeys, DEFAULT_REQUEST, InteractionType } from "../utils/BrowserConstants";
+import { BrowserConstants, TemporaryCacheKeys, DEFAULT_REQUEST } from "../utils/BrowserConstants";
 import { BrowserUtils } from "../utils/BrowserUtils";
 import { version } from "../../package.json";
 import { IPublicClientApplication } from "./IPublicClientApplication";
 import { RedirectRequest } from "../request/RedirectRequest";
 import { PopupRequest } from "../request/PopupRequest";
 import { SilentRequest } from "../request/SilentRequest";
-import { BrowserProtocolUtils, BrowserStateObject } from "../utils/BrowserProtocolUtils";
 
 /**
  * The PublicClientApplication class is the object exposed by the library to perform authentication and authorization functions in Single Page Applications
@@ -134,76 +132,45 @@ export class PublicClientApplication implements IPublicClientApplication {
      * - if true, performs logic to cache and navigate
      * - if false, handles hash string and parses response
      */
-    private async handleRedirectResponse(): Promise<AuthenticationResult | null> {
-        const responseHash = this.getRedirectResponseHash();
-        if (!responseHash) {
-            // Not a recognized server response hash or hash not associated with a redirect request
-            return null;
-        }
-
-        // If navigateToLoginRequestUrl is true, get the url where the redirect request was initiated
+    private async handleRedirectResponse(): Promise<AuthenticationResult> {
+        // Get current location hash from window or cache.
+        const { location: { hash } } = window;
+        const cachedHash = this.browserStorage.getItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH), CacheSchemaType.TEMPORARY) as string;
+        const isResponseHash = UrlString.hashContainsKnownProperties(hash);
         const loginRequestUrl = this.browserStorage.getItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.ORIGIN_URI), CacheSchemaType.TEMPORARY) as string;
-        const loginRequestUrlNormalized = UrlString.removeHashFromUrl(loginRequestUrl || "");
-        const currentUrlNormalized = UrlString.removeHashFromUrl(window.location.href);
 
+        const currentUrlNormalized = UrlString.removeHashFromUrl(window.location.href);
+        const loginRequestUrlNormalized = UrlString.removeHashFromUrl(loginRequestUrl || "");
         if (loginRequestUrlNormalized === currentUrlNormalized && this.config.auth.navigateToLoginRequestUrl) {
-            if (loginRequestUrl.indexOf("#") > -1) {
-                // Replace current hash with non-msal hash, if present
-                BrowserUtils.replaceHash(loginRequestUrl);
-            }
             // We are on the page we need to navigate to - handle hash
-            return this.handleHash(responseHash);
-        } else if (!this.config.auth.navigateToLoginRequestUrl) {
-            return this.handleHash(responseHash);
-        } else if (!BrowserUtils.isInIframe()) {
+            // Replace current hash with non-msal hash, if present
+            BrowserUtils.replaceHash(loginRequestUrl);
+            return this.handleHash(isResponseHash ? hash : cachedHash);
+        }
+
+        if (!this.config.auth.navigateToLoginRequestUrl) {
+            // We don't need to navigate - handle hash
+            BrowserUtils.clearHash();
+            return this.handleHash(isResponseHash ? hash : cachedHash);
+        }
+
+        if (isResponseHash && !BrowserUtils.isInIframe()) {
             // Returned from authority using redirect - need to perform navigation before processing response
-            // Cache the hash to be retrieved after the next redirect
             const hashKey = this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH);
-            this.browserStorage.setItem(hashKey, responseHash, CacheSchemaType.TEMPORARY);
-            if (!loginRequestUrl || loginRequestUrl === "null") {
+            this.browserStorage.setItem(hashKey, hash, CacheSchemaType.TEMPORARY);
+            if (StringUtils.isEmpty(loginRequestUrl) || loginRequestUrl === "null") {
                 // Redirect to home page if login request url is null (real null or the string null)
-                const homepage = BrowserUtils.getHomepage();
-                // Cache the homepage under ORIGIN_URI to ensure cached hash is processed on homepage
-                this.browserStorage.setItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.ORIGIN_URI), homepage, CacheSchemaType.TEMPORARY);
                 this.logger.warning("Unable to get valid login request url from cache, redirecting to home page");
-                BrowserUtils.navigateWindow(homepage, true);
+                BrowserUtils.navigateWindow("/", true);
             } else {
-                // Navigate to page that initiated the redirect request
+                // Navigate to target url
                 BrowserUtils.navigateWindow(loginRequestUrl, true);
             }
         }
 
         return null;
     }
 
-    /**
-     * Gets the response hash for a redirect request
-     * Returns null if interactionType in the state value is not "redirect" or the hash does not contain known properties
-     * @returns {string}
-     */
-    private getRedirectResponseHash(): string {
-        // Get current location hash from window or cache.
-        const { location: { hash } } = window;
-        const isResponseHash = UrlString.hashContainsKnownProperties(hash);
-        const cachedHash = this.browserStorage.getItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH), CacheSchemaType.TEMPORARY) as string;
-        this.browserStorage.removeItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH));
-
-        const responseHash = isResponseHash ? hash : cachedHash;
-        if (responseHash) {
-            // Deserialize hash fragment response parameters.
-            const serverParams: ServerAuthorizationCodeResponse = UrlString.getDeserializedHash(responseHash);
-            const platformStateObj: BrowserStateObject = BrowserProtocolUtils.extractBrowserRequestState(this.browserCrypto, serverParams.state);
-            if (platformStateObj.interactionType !== InteractionType.REDIRECT) {
-                return null;
-            } else {
-                BrowserUtils.clearHash();
-                return responseHash;
-            }
-        }      
-
-        return null;
-    }
-
     /**
 	 * Checks if hash exists and handles in window.
 	 * @param responseHash
@@ -248,7 +215,7 @@ export class PublicClientApplication implements IPublicClientApplication {
     async acquireTokenRedirect(request: RedirectRequest): Promise<void> {
         try {
             // Preflight request
-            const validRequest: AuthorizationUrlRequest = this.preflightInteractiveRequest(request, InteractionType.REDIRECT);
+            const validRequest: AuthorizationUrlRequest = this.preflightInteractiveRequest(request);
 
             // Create auth code request and generate PKCE params
             const authCodeRequest: AuthorizationCodeRequest = await this.initializeAuthorizationCodeRequest(validRequest);
@@ -295,7 +262,7 @@ export class PublicClientApplication implements IPublicClientApplication {
     async acquireTokenPopup(request: PopupRequest): Promise<AuthenticationResult> {
         try {
             // Preflight request
-            const validRequest: AuthorizationUrlRequest = this.preflightInteractiveRequest(request, InteractionType.POPUP);
+            const validRequest: AuthorizationUrlRequest = this.preflightInteractiveRequest(request);
 
             // Create auth code request and generate PKCE params
             const authCodeRequest: AuthorizationCodeRequest = await this.initializeAuthorizationCodeRequest(validRequest);
@@ -366,7 +333,7 @@ export class PublicClientApplication implements IPublicClientApplication {
         const silentRequest: AuthorizationUrlRequest = this.initializeAuthorizationRequest({
             ...request,
             prompt: PromptValue.NONE
-        }, InteractionType.SILENT);
+        });
 
         // Create auth code request and generate PKCE params
         const authCodeRequest: AuthorizationCodeRequest = await this.initializeAuthorizationCodeRequest(silentRequest);
@@ -416,7 +383,7 @@ export class PublicClientApplication implements IPublicClientApplication {
                     ...silentRequest,
                     redirectUri: request.redirectUri,
                     prompt: PromptValue.NONE
-                }, InteractionType.SILENT);
+                });
 
                 // Create auth code request and generate PKCE params
                 const authCodeRequest: AuthorizationCodeRequest = await this.initializeAuthorizationCodeRequest(silentAuthUrlRequest);
@@ -599,7 +566,7 @@ export class PublicClientApplication implements IPublicClientApplication {
     /**
      * Helper to validate app environment before making a request.
      */
-    private preflightInteractiveRequest(request: RedirectRequest|PopupRequest, interactionType: InteractionType): AuthorizationUrlRequest {
+    private preflightInteractiveRequest(request: RedirectRequest|PopupRequest): AuthorizationUrlRequest {
         // block the reload if it occurred inside a hidden iframe
         BrowserUtils.blockReloadInHiddenIframes();
 
@@ -608,7 +575,7 @@ export class PublicClientApplication implements IPublicClientApplication {
             throw BrowserAuthError.createInteractionInProgressError();
         }
 
-        return this.initializeAuthorizationRequest(request, interactionType);
+        return this.initializeAuthorizationRequest(request);
     }
 
     /**
@@ -644,7 +611,7 @@ export class PublicClientApplication implements IPublicClientApplication {
      * Helper to initialize required request parameters for interactive APIs and ssoSilent()
      * @param request
      */
-    private initializeAuthorizationRequest(request: AuthorizationUrlRequest|RedirectRequest|PopupRequest, interactionType: InteractionType): AuthorizationUrlRequest {
+    private initializeAuthorizationRequest(request: AuthorizationUrlRequest|RedirectRequest|PopupRequest): AuthorizationUrlRequest {
         let validatedRequest: AuthorizationUrlRequest = {
             ...request
         };
@@ -664,20 +631,15 @@ export class PublicClientApplication implements IPublicClientApplication {
             }
         }
 
-        const browserState: BrowserStateObject = {
-            interactionType: interactionType
-        };
-
         validatedRequest.state = ProtocolUtils.setRequestState(
-            this.browserCrypto,
             (request && request.state) || "",
-            browserState
+            this.browserCrypto
         );
 
         if (StringUtils.isEmpty(validatedRequest.nonce)) {
             validatedRequest.nonce = this.browserCrypto.createNewGuid();
         }
-
+        
         validatedRequest.responseMode = ResponseMode.FRAGMENT;
 
         validatedRequest = {

lib/msal-browser/src/app/PublicClientApplication.ts

@@ -65,9 +65,11 @@ export class RedirectHandler extends InteractionHandler {
         this.authCodeRequest = this.browserStorage.getCachedRequest(requestState, browserCrypto);
         this.authCodeRequest.code = authCode;
 
+        // Hash was processed successfully - remove from cache
+        this.browserStorage.removeItem(this.browserStorage.generateCacheKey(TemporaryCacheKeys.URL_HASH));
+
         // Acquire token with retrieved code.
         const tokenResponse = await this.authModule.acquireToken(this.authCodeRequest, cachedNonce, requestState);
-
         this.browserStorage.cleanRequest();
         return tokenResponse;
     }

lib/msal-browser/src/interaction_handler/RedirectHandler.ts

@@ -53,15 +53,6 @@ export enum TemporaryCacheKeys {
     SCOPES = "scopes"
 }
 
-/**
- * Interaction type of the API - used for state and telemetry
- */
-export enum InteractionType {
-    REDIRECT = "redirect",
-    POPUP = "popup",
-    SILENT = "silent"
-}
-
 export const DEFAULT_REQUEST: AuthorizationUrlRequest = {
     scopes: [Constants.OPENID_SCOPE, Constants.PROFILE_SCOPE]
 };

lib/msal-browser/src/utils/BrowserConstants.ts

@@ -60,15 +60,6 @@ export class BrowserUtils {
         return window.location.href.split("?")[0].split("#")[0];
     }
 
-    /**
-     * Gets the homepage url for the current window location.
-     */
-    static getHomepage(): string {
-        const currentUrl = new UrlString(window.location.href);
-        const urlComponents = currentUrl.getUrlComponents();
-        return `${urlComponents.Protocol}//${urlComponents.HostNameAndPort}/`;
-    }
-
     /**
      * Returns best compatible network client object. 
      */