Update oauth2-oidc-sdk to 6.5

pom.xml

@@ -68,7 +68,7 @@
 		<dependency>
 			<groupId>com.nimbusds</groupId>
 			<artifactId>oauth2-oidc-sdk</artifactId>
-			<version>5.64.4</version>
+			<version>6.5</version>
 		</dependency>
 		<dependency>
 			<groupId>com.google.code.gson</groupId>

src/main/java/com/microsoft/aad/msal4j/AbstractMsalAuthorizationGrant.java

@@ -23,6 +23,7 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -35,7 +36,7 @@ abstract class AbstractMsalAuthorizationGrant {
      *
      * @return A map contains the HTTP parameters
      */
-    abstract Map<String, String> toParameters();
+    abstract Map<String, List<String>> toParameters();
 
     static final String SCOPE_PARAM_NAME = "scope";
     static final String SCOPES_DELIMITER = " ";

src/main/java/com/microsoft/aad/msal4j/ClientAuthenticationPost.java

@@ -23,7 +23,9 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 import javax.mail.internet.ContentType;
@@ -43,11 +45,11 @@ protected ClientAuthenticationPost(ClientAuthenticationMethod method,
         super(method, clientID);
     }
 
-    Map<String, String> toParameters() {
+    Map<String, List<String>> toParameters() {
 
-        Map<String, String> params = new HashMap<String, String>();
+        Map<String, List<String>> params = new HashMap<>();
 
-        params.put("client_id", getClientID().getValue());
+        params.put("client_id", Collections.singletonList(getClientID().getValue()));
 
         return params;
     }
@@ -68,14 +70,12 @@ public void applyTo(HTTPRequest httpRequest) throws SerializeException {
                     "The HTTP Content-Type header must be "
                             + CommonContentTypes.APPLICATION_URLENCODED);
 
-        Map<String, String> params = httpRequest.getQueryParameters();
+        Map<String, List<String>> params = httpRequest.getQueryParameters();
 
         params.putAll(toParameters());
 
         String queryString = URLUtils.serializeParameters(params);
 
         httpRequest.setQuery(queryString);
-
     }
-
 }

src/main/java/com/microsoft/aad/msal4j/ConfidentialClientApplication.java

@@ -31,7 +31,9 @@
 import com.nimbusds.oauth2.sdk.id.ClientID;
 import org.slf4j.LoggerFactory;
 
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.CompletableFuture;
@@ -116,9 +118,9 @@ private void initClientAuthentication(IClientCredential clientCredential) {
     private ClientAuthentication createClientAuthFromClientAssertion(
             final ClientAssertion clientAssertion) {
         try {
-            final Map<String, String> map = new HashMap<>();
-            map.put("client_assertion_type", clientAssertion.getAssertionType());
-            map.put("client_assertion", clientAssertion.getAssertion());
+            final Map<String, List<String>> map = new HashMap<>();
+            map.put("client_assertion_type", Collections.singletonList(clientAssertion.getAssertionType()));
+            map.put("client_assertion", Collections.singletonList(clientAssertion.getAssertion()));
             return PrivateKeyJWT.parse(map);
         } catch (final ParseException e) {
             throw new AuthenticationException(e);

src/main/java/com/microsoft/aad/msal4j/DeviceCodeAuthorizationGrant.java

@@ -23,7 +23,9 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.Collections;
 import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -53,12 +55,12 @@ class DeviceCodeAuthorizationGrant extends AbstractMsalAuthorizationGrant {
      * @return The map with HTTP parameters.
      */
     @Override
-    public Map<String, String> toParameters() {
-        final Map<String, String> outParams = new LinkedHashMap<>();
-        outParams.put(SCOPE_PARAM_NAME, COMMON_SCOPES_PARAM + SCOPES_DELIMITER + scopes);
-        outParams.put("grant_type", GRANT_TYPE);
-        outParams.put("code", deviceCode.getDeviceCode());
-        outParams.put("client_info", "1");
+    public Map<String, List<String>> toParameters() {
+        final Map<String, List<String>> outParams = new LinkedHashMap<>();
+        outParams.put(SCOPE_PARAM_NAME, Collections.singletonList(COMMON_SCOPES_PARAM + SCOPES_DELIMITER + scopes));
+        outParams.put("grant_type", Collections.singletonList(GRANT_TYPE));
+        outParams.put("code", Collections.singletonList(deviceCode.getDeviceCode()));
+        outParams.put("client_info", Collections.singletonList("1"));
 
         return outParams;
     }

src/main/java/com/microsoft/aad/msal4j/DeviceCodeFlowRequest.java

@@ -30,7 +30,9 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.atomic.AtomicReference;
@@ -82,13 +84,13 @@ void createAuthenticationGrant(DeviceCode deviceCode) {
     }
 
     private String createQueryParamsAndAppendToURL(String url, String clientId) {
-        Map<String, String> queryParameters = new HashMap<>();
-        queryParameters.put("client_id", clientId);
+        Map<String, List<String>> queryParameters = new HashMap<>();
+        queryParameters.put("client_id", Collections.singletonList(clientId));
 
         String scopesParam = AbstractMsalAuthorizationGrant.COMMON_SCOPES_PARAM +
                 AbstractMsalAuthorizationGrant.SCOPES_DELIMITER + scopesStr;
 
-        queryParameters.put("scope", scopesParam);
+        queryParameters.put("scope", Collections.singletonList(scopesParam));
 
         url = url + "?" + URLUtils.serializeParameters(queryParameters);
         return url;

src/main/java/com/microsoft/aad/msal4j/IntegratedWindowsAuthorizationGrant.java

@@ -23,6 +23,7 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
@@ -36,7 +37,7 @@ class IntegratedWindowsAuthorizationGrant extends AbstractMsalAuthorizationGrant
     }
 
     @Override
-    Map<String, String> toParameters() {
+    Map<String, List<String>> toParameters() {
         return null;
     }
 

src/main/java/com/microsoft/aad/msal4j/OAuthAuthorizationGrant.java

@@ -27,21 +27,22 @@
 
 import java.util.Collections;
 import java.util.LinkedHashMap;
+import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 class OAuthAuthorizationGrant extends AbstractMsalAuthorizationGrant {
 
     private AuthorizationGrant grant;
-    private final Map<String, String> params;
+    private final Map<String, List<String>> params;
 
     /**
      * init standard scopes
      */
     private OAuthAuthorizationGrant() {
         params = new LinkedHashMap<>();
 
-        params.put(SCOPE_PARAM_NAME, COMMON_SCOPES_PARAM);
+        params.put(SCOPE_PARAM_NAME, Collections.singletonList(COMMON_SCOPES_PARAM));
     }
 
     OAuthAuthorizationGrant(final AuthorizationGrant grant, Set<String> scopesSet) {
@@ -52,13 +53,15 @@ private OAuthAuthorizationGrant() {
         this();
         this.grant = grant;
 
+
         if (!StringHelper.isBlank(scopes)) {
-            params.put(SCOPE_PARAM_NAME, params.get(SCOPE_PARAM_NAME) + SCOPES_DELIMITER + scopes);
+            params.put(SCOPE_PARAM_NAME,
+                    Collections.singletonList(String.join(" ",params.get(SCOPE_PARAM_NAME)) + SCOPES_DELIMITER + scopes));
         }
     }
 
     OAuthAuthorizationGrant(final AuthorizationGrant grant,
-                                final Map<String, String> params) {
+                                final Map<String, List<String>> params) {
         this();
         this.grant = grant;
         if(params != null){
@@ -67,10 +70,10 @@ private OAuthAuthorizationGrant() {
     }
 
     @Override
-    public Map<String, String> toParameters() {
-        final Map<String, String> outParams = new LinkedHashMap<String, String>();
+    public Map<String, List<String>> toParameters() {
+        final Map<String, List<String>> outParams = new LinkedHashMap<>();
         outParams.putAll(params);
-        outParams.put("client_info", "1");
+        outParams.put("client_info", Collections.singletonList("1"));
         outParams.putAll(grant.toParameters());
 
         return Collections.unmodifiableMap(outParams);
@@ -80,7 +83,7 @@ AuthorizationGrant getAuthorizationGrant() {
         return this.grant;
     }
 
-    Map<String, String> getCustomParameters() {
+    Map<String, List<String>> getCustomParameters() {
         return params;
     }
 }

src/main/java/com/microsoft/aad/msal4j/OnBehalfOfRequest.java

@@ -29,7 +29,9 @@
 import lombok.Getter;
 import lombok.experimental.Accessors;
 
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 @Accessors(fluent = true)
@@ -51,9 +53,9 @@ private static OAuthAuthorizationGrant createAuthenticationGrant(OnBehalfOfParam
             throw new AuthenticationException(e);
         }
 
-        Map<String, String> params = new HashMap<>();
-        params.put("scope", String.join(" ", parameters.scopes()));
-        params.put("requested_token_use", "on_behalf_of");
+        Map<String, List<String>> params = new HashMap<>();
+        params.put("scope", Collections.singletonList(String.join(" ", parameters.scopes())));
+        params.put("requested_token_use", Collections.singletonList("on_behalf_of"));
 
         return new OAuthAuthorizationGrant(jWTBearerGrant, params);
     }

src/main/java/com/microsoft/aad/msal4j/SAML11BearerGrant.java

@@ -23,6 +23,8 @@
 
 package com.microsoft.aad.msal4j;
 
+import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 
 import com.nimbusds.jose.util.Base64URL;
@@ -42,10 +44,10 @@ public SAML11BearerGrant(Base64URL assertion) {
     }
 
     @Override
-    public Map<String, String> toParameters() {
+    public Map<String, List<String>> toParameters() {
 
-        Map<String, String> params = super.toParameters();
-        params.put("grant_type", grantType.getValue());
+        Map<String, List<String>> params = super.toParameters();
+        params.put("grant_type",Collections.singletonList(grantType.getValue()));
         return params;
     }
 }

src/main/java/com/microsoft/aad/msal4j/TokenRequest.java

@@ -28,6 +28,7 @@
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.Date;
+import java.util.List;
 import java.util.Map;
 
 import com.nimbusds.oauth2.sdk.ErrorObject;
@@ -159,18 +160,18 @@ AuthenticationResult executeOauthRequestAndProcessResponse()
     private void addResponseHeadersToHttpEvent(HttpEvent httpEvent, HTTPResponse httpResponse) {
         httpEvent.setHttpResponseStatus(httpResponse.getStatusCode());
 
-        if (!Strings.isNullOrEmpty(httpResponse.getHeader("User-Agent"))) {
-            httpEvent.setUserAgent(httpResponse.getHeader("User-Agent"));
+        if (!Strings.isNullOrEmpty(httpResponse.getHeaderValue("User-Agent"))) {
+            httpEvent.setUserAgent(httpResponse.getHeaderValue("User-Agent"));
         }
 
-        if (!Strings.isNullOrEmpty(httpResponse.getHeader("x-ms-request-id"))) {
-            httpEvent.setRequestIdHeader(httpResponse.getHeader("x-ms-request-id"));
+        if (!Strings.isNullOrEmpty(httpResponse.getHeaderValue("x-ms-request-id"))) {
+            httpEvent.setRequestIdHeader(httpResponse.getHeaderValue("x-ms-request-id"));
         }
 
-        if (!Strings.isNullOrEmpty(httpResponse.getHeader("x-ms-clitelem"))) {
+        if (!Strings.isNullOrEmpty(httpResponse.getHeaderValue("x-ms-clitelem"))) {
             XmsClientTelemetryInfo xmsClientTelemetryInfo =
                     XmsClientTelemetryInfo.parseXmsTelemetryInfo(
-                            httpResponse.getHeader("x-ms-clitelem"));
+                            httpResponse.getHeaderValue("x-ms-clitelem"));
             if (xmsClientTelemetryInfo != null) {
                 httpEvent.setXmsClientTelemetryInfo(xmsClientTelemetryInfo);
             }
@@ -218,7 +219,7 @@ OAuthHttpRequest toOauthHttpRequest() throws SerializeException {
                 this.serviceBundle);
         oauthHttpRequest.setContentType(CommonContentTypes.APPLICATION_URLENCODED);
 
-        final Map<String, String> params = msalRequest.msalAuthorizationGrant().toParameters();
+        final Map<String, List<String>> params = msalRequest.msalAuthorizationGrant().toParameters();
         oauthHttpRequest.setQuery(URLUtils.serializeParameters(params));
 
         if (msalRequest.application().clientAuthentication != null) {

src/test/java/com/microsoft/aad/msal4j/CacheTests.java

@@ -178,7 +178,7 @@ public void tokenCacheEntitiesFormatTest(String folder) throws URISyntaxExceptio
 
         EasyMock.expect(request.toOauthHttpRequest()).andReturn(msalOAuthHttpRequest).times(1);
         EasyMock.expect(msalOAuthHttpRequest.send()).andReturn(httpResponse).times(1);
-        EasyMock.expect(httpResponse.getHeader(EasyMock.isA(String.class))).andReturn(null).times(3);
+        EasyMock.expect(httpResponse.getHeaderValue(EasyMock.isA(String.class))).andReturn(null).times(3);
         EasyMock.expect(httpResponse.getStatusCode()).andReturn(200).times(2);
         EasyMock.expect(httpResponse.getContentAsJSONObject())
                 .andReturn(

src/test/java/com/microsoft/aad/msal4j/MsalOauthAuthorizatonGrantTest.java

@@ -31,6 +31,7 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 /**
@@ -41,7 +42,7 @@ public class MsalOauthAuthorizatonGrantTest {
     @Test
     public void testConstructor() {
         final OAuthAuthorizationGrant grant = new OAuthAuthorizationGrant(null,
-                new HashMap<String, String>());
+                new HashMap<>());
         Assert.assertNotNull(grant);
     }
 
@@ -50,7 +51,7 @@ public void testToParameters() throws URISyntaxException {
         final OAuthAuthorizationGrant grant = new OAuthAuthorizationGrant(
                 new AuthorizationCodeGrant(new AuthorizationCode("grant"),
                         new URI("http://microsoft.com")),
-                (Map<String, String>) null);
+                (Map<String, List<String>>) null);
         Assert.assertNotNull(grant);
         Assert.assertNotNull(grant.toParameters());
     }

src/test/java/com/microsoft/aad/msal4j/TokenRequestTest.java

@@ -249,9 +249,9 @@ public void testExecuteOAuth_Success() throws SerializeException, ParseException
         httpResponse.ensureStatusCode(200);
         EasyMock.expectLastCall();
 
-        EasyMock.expect(httpResponse.getHeader("User-Agent")).andReturn(null);
-        EasyMock.expect(httpResponse.getHeader("x-ms-request-id")).andReturn(null);
-        EasyMock.expect(httpResponse.getHeader("x-ms-clitelem")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("User-Agent")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("x-ms-request-id")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("x-ms-clitelem")).andReturn(null);
         EasyMock.expect(httpResponse.getStatusCode()).andReturn(200).times(1);
 
         PowerMock.replay(request, msalOAuthHttpRequest, httpResponse);
@@ -320,9 +320,9 @@ public void testExecuteOAuth_Failure() throws SerializeException,
         EasyMock.expect(errorResponse.getErrorObject())
                 .andReturn(errorObject).times(1);
 
-        EasyMock.expect(httpResponse.getHeader("User-Agent")).andReturn(null);
-        EasyMock.expect(httpResponse.getHeader("x-ms-request-id")).andReturn(null);
-        EasyMock.expect(httpResponse.getHeader("x-ms-clitelem")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("User-Agent")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("x-ms-request-id")).andReturn(null);
+        EasyMock.expect(httpResponse.getHeaderValue("x-ms-clitelem")).andReturn(null);
         EasyMock.expect(httpResponse.getStatusCode()).andReturn(402).times(1);