Updating to latest version (#21)

Author: Isaiah Williams

README.md

@@ -1,15 +1,15 @@
-# Partner Center Java SDK Samples
+# Partner Center SDK for Java Samples
 
-[![Build Status](https://dev.azure.com/isaiahwilliams/community/_apis/build/status/partner-center-java-samples/partner-center-java-samples%20CI?branchName=master)](https://dev.azure.com/isaiahwilliams/community/_build/latest?definitionId=15&branchName=master)
+[![Build Status](https://dev.azure.com/isaiahwilliams/public/_apis/build/status/partner-center-java-samples?branchName=master)](https://dev.azure.com/isaiahwilliams/public/_build/latest?definitionId=27&branchName=master)
 
-This repository contains samples for the Partner Center Java SDK.
+This repository contains samples for the Partner Center SDK for Java.
 
 ## Samples List
 
 | Sample Name | Description |
 |-------------|-------------|
 | [SDK Samples](sdk/README.md) | Console application that demonstrates each scenario the Partner Center Java SDK is capable of performing.|
-| [Secure App Model](secure-app-model/README.md) | A set of projects that demonstrate how a Control Panel Vendor (CPV) and a Cloud Solution Provider (CSP) should implement the Secure App Model. |
+| [Secure Application Model](secure-app-model/README.md) | A set of projects that demonstrate how a Control Panel Vendor (CPV) and a Cloud Solution Provider (CSP) should implement the Secure Application Model. |
 
 ## Reporting Security Issues
 

SECURITY.md

@@ -0,0 +1,31 @@
+# Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](https://docs.microsoft.com/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.** Instead, please report them to the Microsoft Security Response Center at [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://technet.microsoft.com/security/dn606155).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+* Full paths of source file(s) related to the manifestation of the issue
+* The location of the affected source code (tag/branch/commit or direct URL)
+* Any special configuration required to reproduce the issue
+* Step-by-step instructions to reproduce the issue
+* Proof-of-concept or exploit code (if possible)
+* Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/msrc/cvd).

azure-pipelines.yml

@@ -1,51 +1,63 @@
+strategy:
+  matrix:
+    linux:
+      imageName: 'ubuntu-latest'
+    mac:
+      imageName: 'macOS-latest'
+    windows:
+      imageName: 'windows-latest'
+
+pool:
+  vmImage: $(imageName)
+
 trigger:
 - master
 
-pool:
-  vmImage: 'ubuntu-latest'
+variables:
+  LoggingOptions: '-Dorg.slf4j.simpleLogger.defaultLogLevel=error -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn'
 
 steps:
 - task: Maven@3
+  displayName: 'Build SDK samples'
   inputs:
     mavenPomFile: 'sdk/pom.xml'
-    mavenOptions: '-Xmx3072m'
-    javaHomeOption: 'JDKVersion'
-    jdkVersionOption: '1.8'
-    jdkArchitectureOption: 'x64'
-    publishJUnitResults: true
-    testResultsFiles: '**/surefire-reports/TEST-*.xml'
     goals: 'package'
+    options: '-DpackageOutputDirectory=$(Build.ArtifactStagingDirectory)" -am'
+    mavenOptions: '$(LoggingOptions)'
+    publishJUnitResults: true 
+    testResultsFiles: '**/surefire-reports/TEST-*.xml'
+    findBugsRunAnalysis: true
 
 - task: Maven@3
+  displayName: 'Build secure application model CPV sample'
   inputs:
     mavenPomFile: 'secure-app-model/keyvault/cpvsample/pom.xml'
-    mavenOptions: '-Xmx3072m'
-    javaHomeOption: 'JDKVersion'
-    jdkVersionOption: '1.8'
-    jdkArchitectureOption: 'x64'
-    publishJUnitResults: true
-    testResultsFiles: '**/surefire-reports/TEST-*.xml'
     goals: 'package'
+    options: '-DpackageOutputDirectory=$(Build.ArtifactStagingDirectory)" -am'
+    mavenOptions: '$(LoggingOptions)'
+    publishJUnitResults: true 
+    testResultsFiles: '**/surefire-reports/TEST-*.xml'
+    findBugsRunAnalysis: true
 
 - task: Maven@3
+  displayName: 'Build secure application model CSP sample'
   inputs:
     mavenPomFile: 'secure-app-model/keyvault/cspsample/pom.xml'
-    mavenOptions: '-Xmx3072m'
-    javaHomeOption: 'JDKVersion'
-    jdkVersionOption: '1.8'
-    jdkArchitectureOption: 'x64'
-    publishJUnitResults: true
-    testResultsFiles: '**/surefire-reports/TEST-*.xml'
     goals: 'package'
+    options: '-DpackageOutputDirectory=$(Build.ArtifactStagingDirectory)" -am'
+    mavenOptions: '$(LoggingOptions)'
+    publishJUnitResults: true 
+    testResultsFiles: '**/surefire-reports/TEST-*.xml'
+    findBugsRunAnalysis: true
 
 - task: Maven@3
+  displayName: 'Build secure application model partner consent sample'
   inputs:
     mavenPomFile: 'secure-app-model/keyvault/partnerconsent/pom.xml'
-    mavenOptions: '-Xmx3072m'
-    javaHomeOption: 'JDKVersion'
-    jdkVersionOption: '1.8'
-    jdkArchitectureOption: 'x64'
-    publishJUnitResults: true
-    testResultsFiles: '**/surefire-reports/TEST-*.xml'
     goals: 'package'
-    
+    options: '-DpackageOutputDirectory=$(Build.ArtifactStagingDirectory)" -am'
+    mavenOptions: '$(LoggingOptions)'
+    publishJUnitResults: true 
+    testResultsFiles: '**/surefire-reports/TEST-*.xml'
+    findBugsRunAnalysis: true
+        

sdk/pom.xml

@@ -3,7 +3,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>com.microsoft.store</groupId>
 	<artifactId>partnercenter-samples</artifactId>
-	<version>1.13.6</version>
+	<version>1.14.1</version>
 	<packaging>jar</packaging>
 	<name>Samples</name>
 	<url>http://maven.apache.org</url>
@@ -14,7 +14,7 @@
 		<dependency>
 			<groupId>com.microsoft.store</groupId>
 			<artifactId>partnercenter</artifactId>
-			<version>1.13.6</version>
+			<version>1.14.1</version>
 		</dependency>
 	</dependencies>
 	<build>
@@ -29,8 +29,8 @@
 				<artifactId>maven-compiler-plugin</artifactId>
 				<version>3.8.0</version>
 				<configuration>
-					<source>1.7</source>
-					<target>1.7</target>
+					<source>1.8</source>
+					<target>1.8</target>
 				</configuration>
 			</plugin>
 		</plugins>

sdk/src/main/java/com/microsoft/store/partnercenter/samples/AadUserLoginHandler.java

@@ -1,27 +1,19 @@
-// -----------------------------------------------------------------------
-// <copyright file="AadUserLoginHandler.java" company="Microsoft">
-//      Copyright (c) Microsoft Corporation. All rights reserved.
-// </copyright>
-// -----------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license. See the LICENSE file in the project root for full license information.
 
 package com.microsoft.store.partnercenter.samples;
 
 import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.time.Instant;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-
-import com.microsoft.aad.adal4j.AdalErrorCode;
-import com.microsoft.aad.adal4j.AuthenticationContext;
-import com.microsoft.aad.adal4j.AuthenticationException;
-import com.microsoft.aad.adal4j.AuthenticationResult;
-import com.microsoft.aad.adal4j.DeviceCode;
+import java.util.Collections;
+import java.util.concurrent.CompletableFuture;
+import java.util.function.Consumer;
+
+import com.microsoft.aad.msal4j.DeviceCode;
+import com.microsoft.aad.msal4j.DeviceCodeFlowParameters;
+import com.microsoft.aad.msal4j.IAuthenticationResult;
+import com.microsoft.aad.msal4j.PublicClientApplication;
 import com.microsoft.store.partnercenter.AuthenticationToken;
 import com.microsoft.store.partnercenter.IAadLoginHandler;
-import com.microsoft.store.partnercenter.exception.PartnerException;
 import com.microsoft.store.partnercenter.samples.configuration.ConfigurationHolder;
 
 import org.joda.time.DateTime;
@@ -37,122 +29,69 @@ public class AadUserLoginHandler
     @Override
     public AuthenticationToken authenticate()
     {
-        AuthenticationContext context = null;
-        AuthenticationResult result = null;
-        Instant expiresOn; 
-        DeviceCode deviceCode;
-        ExecutorService service = null;
-
-        // read AAD configuration
-        String authority =
-            ConfigurationHolder.getInstance().getConfiguration().getPartnerServiceSettings().get( "AuthenticationAuthorityEndpoint" );
-        String commonDomain =
-            ConfigurationHolder.getInstance().getConfiguration().getPartnerServiceSettings().get( "CommonDomain" );
-        String resourceUrl =
-            ConfigurationHolder.getInstance().getConfiguration().getUserAuthentication().get( "ResourceUrl" );
-        String clientId =
-            ConfigurationHolder.getInstance().getConfiguration().getUserAuthentication().get( "ClientId" );
+        CompletableFuture<IAuthenticationResult> future;
+        Consumer<DeviceCode> deviceCodeConsumer;
+        IAuthenticationResult authResult = null;
+        PublicClientApplication app;
+        String authority; 
+        String clientId;
+        String scope;
 
         try
         {
-            URI addAuthority = new URI( authority ).resolve( new URI( commonDomain ) );
-
-            service = Executors.newFixedThreadPool( 1 );
-            context = new AuthenticationContext( addAuthority.toString(), false, service );
-         
-            deviceCode = context.acquireDeviceCode(clientId, resourceUrl, null).get(); 
-            expiresOn = Instant.now().plusSeconds(deviceCode.getExpiresIn());
-
-            System.out.println(deviceCode.getMessage());
-      
-            result = SendTokenRequest(context, deviceCode, expiresOn);
-        }
-        catch (ExecutionException ex)
-        {
-            ex.printStackTrace();
-        }
-        catch(IOException e)
-        {
-            e.printStackTrace();
-        }
-        catch ( URISyntaxException e )
-        {
-            e.printStackTrace();
-        }
-        catch ( InterruptedException e )
-        {
-            e.printStackTrace();
-        }
-
-        finally
-        {
-            service.shutdown();
-        }
-
-        if ( result == null )
-        {
-            throw new NullPointerException( "authentication result was null" );
-        }
-
-        return new AuthenticationToken( result.getAccessToken(), new DateTime( result.getExpiresOnDate() ) );
-    }
-
-    private AuthenticationResult SendTokenRequest(AuthenticationContext context, DeviceCode deviceCode, Instant expiresOn)
-    {
-        AuthenticationResult result = null;
-        long duration; 
-
-        duration = expiresOn.getEpochSecond() - Instant.now().getEpochSecond();
-
-        while(duration > 0)
-        {
-            try
-            {
-                result = context.acquireTokenByDeviceCode(deviceCode, null).get();
-                break;
-            }
-            catch(AuthenticationException ex)
-            {
-                if(ex.getErrorCode() != AdalErrorCode.AUTHORIZATION_PENDING)
-                {
-                    throw ex; 
-                }
-            }
-            catch (ExecutionException ex)
-            {
-                if(ex.getCause() instanceof AuthenticationException)
-                {
-                    if(((AuthenticationException)ex.getCause()).getErrorCode() != AdalErrorCode.AUTHORIZATION_PENDING)
-                    {
-                        ex.printStackTrace();
-                    }
-                }
-                else 
+            authority = ConfigurationHolder
+                .getInstance()
+                .getConfiguration()
+                .getPartnerServiceSettings()
+                .get("AuthenticationAuthorityEndpoint");
+
+            clientId = ConfigurationHolder
+                .getInstance()
+                .getConfiguration()
+                .getUserAuthentication()
+                .get("ClientId");
+            
+            scope = ConfigurationHolder
+                .getInstance()
+                .getConfiguration()
+                .getUserAuthentication()
+                .get("Scope");
+
+            app = PublicClientApplication.builder(clientId)
+                .authority(authority + "/common")
+                .build();
+
+            deviceCodeConsumer = (DeviceCode deviceCode) -> {
+                System.out.println(deviceCode.message());
+            };    
+            
+            future = app.acquireToken(
+                DeviceCodeFlowParameters.builder(
+                    Collections.singleton(scope),
+                    deviceCodeConsumer)
+                .build());
+
+            future.handle((result, ex) -> {
+                if(ex != null) 
                 {
                     ex.printStackTrace();
                 }
-            }
-            catch (InterruptedException ex)
-            {
-                ex.printStackTrace();
-            }
-            
-            try
-            {
-                Thread.sleep(deviceCode.getInterval() * 1000);
-            }
-            catch(InterruptedException ex)
+
+                return result;
+            });
+
+            authResult = future.join();
+
+            if ( authResult == null )
             {
+                throw new NullPointerException( "authentication result was null" );
             }
-
-            duration = expiresOn.getEpochSecond() - Instant.now().getEpochSecond();
         }
-
-        if(result == null)
+        catch(IOException ex)
         {
-            throw new PartnerException("Verification code expired before contacting the server.");
+            ex.printStackTrace();
         }
 
-        return result;
+        return new AuthenticationToken(authResult.accessToken(), new DateTime(authResult.expiresOnDate()));
     }
 }

sdk/src/main/java/com/microsoft/store/partnercenter/samples/AggregatePartnerScenario.java

@@ -1,8 +1,5 @@
-// -----------------------------------------------------------------------
-// <copyright file="AggregatePartnerScenario.java" company="Microsoft">
-//      Copyright (c) Microsoft Corporation. All rights reserved.
-// </copyright>
-// -----------------------------------------------------------------------
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT license. See the LICENSE file in the project root for full license information.
 
 package com.microsoft.store.partnercenter.samples;