Flighting webcp in webview, Fixes AB#3307594

[somalaya]

1. Flighting for webcp in webview is divided into 3 parts

• Not flighting this feature for brokerless scenarios. The flight will be off by default for brokerless scenarios as Intune team is ok to only target brokered flows since this is the majority case.
• Now coming to brokered scenarios, we have below

  •  Simple flighting with ENABLE_WEB_CP_IN_WEBVIEW which will be used for rollout starting October.
    

  •  Using tenantId list TENANT_LIST_TO_ENABLE_WEB_CP_IN_WEBVIEW. This flight will be used first in the months of August and September. This will be 100% rolled out in the beginning itself. This flight will hold upto 25 tenantIds. See below snapshot 
    

2. I intentionally added a global variable to keep the flight value instead of calling isWebCpInWebviewFeatureEnabled method because I do not want to invoke code to get tenantId multiple times. Also, this value must remain the same once the webcp url is loaded in webview.

3. Apart from this, I have added a special method to handle google enrollment URL which has extra intent flags needed for this scenario.

Related PR : https://github.com/AzureAD/ad-accounts-for-android/pull/3140

Fixes AB#3307594

[github-actions]

❌ Work item link check failed. Description does not contain AB#{ID}.

Click here to Learn more.

[Copilot]

Pull Request Overview

This PR implements flighting support for the WebCP feature in WebView for brokered flows by introducing new flight flags and tenant information interfaces while also refining URL handling for special enrollment scenarios.

• Introduces ITenantInfoProvider and its broker implementation to obtain tenant IDs.
• Extends flight configuration with TENANT_LIST_TO_ENABLE_WEB_CP_IN_WEBVIEW for targeted rollout.
• Updates AzureActiveDirectoryWebViewClient to conditionally process WebCP URLs and use a dedicated Google enrollment URL handler.

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File	Description
common4j/src/main/com/microsoft/identity/common/java/interfaces/ITenantInfoProvider.kt	Adds a new interface for retrieving tenant IDs.
common4j/src/main/com/microsoft/identity/common/java/flighting/CommonFlight.java	Adds a new flight flag to manage tenant-based feature rollout.
common4j/src/main/com/microsoft/identity/common/java/broker/CommonTenantInfoProvider.kt	Provides a broker-specific implementation for tenant info retrieval.
common/src/main/java/com/microsoft/identity/common/internal/ui/webview/AzureActiveDirectoryWebViewClient.java	Updates URL handling logic with feature flag checks and a dedicated Google enrollment URL method.

Comments suppressed due to low confidence (1)

common/src/main/java/com/microsoft/identity/common/internal/ui/webview/AzureActiveDirectoryWebViewClient.java:614

• [nitpick] Consider aligning the naming convention between the method isWebCpInWebviewFeatureEnabled and the field mIsWebCpInWebViewFeatureEnabled (e.g., using consistent casing for 'WebView') for clarity.

    private boolean isWebCpInWebviewFeatureEnabled(@NonNull final String originalUrl) {

[github-actions]

✅ Work item link check complete. Description contains link AB#3135912 to an Azure Boards work item.

[github-actions]

❌ Work item link check failed. Description contains AB#3307594 but the Bot could not link it to an Azure Boards work item.

Click here to learn more.

[github-actions]

✅ Work item link check complete. Description contains link AB#3307594 to an Azure Boards work item.

[mohitc1]

final String username = StringExtensions.getUrlParameters(url).get(AuthenticationConstants.AAD.LOGIN_HINT);

Is it guaranteed that, login hint will always be there in this URL?

[somalaya]

I am seeing this code in eSTS url has login hint param which always adds the device ca param (ismdmurl=1) and upn.