Fix Token Endpoint Server Telemetry Parsing, Fixes AB#3604499

[fadidurah]

During the acquire token flow, we make a call to /token endpoint to get an access token using PRT. As part of this call, there is a telemetry header returned by ests for telemetry purposes, which we want to send back up to oneauth. it seems that there is an issue in the parsing that i missed, particularly targeting msa accounts. This change fixes that, I validated it manually and Kevin is validating now.

AB#3604499

[github-actions]

✅ Work item link check complete. Description contains link AB#3604499 to an Azure Boards work item.

[Copilot]

Pull request overview

Fixes parsing of the x-ms-clientdata server telemetry header on /token responses so that URL-encoded pipe delimiters (as returned by eSTS, notably for MSA scenarios) are decoded before being parsed into ClientDataInfo. This ensures server telemetry attributes are correctly emitted to OpenTelemetry spans and propagated upstream (e.g., to OneAuth), without breaking token parsing on malformed headers.

Changes:

• URL-decode x-ms-clientdata header values before passing them to ClientDataInfo.fromPipeDelimited().
• Skip clientdata parsing gracefully when URL-decoding fails (malformed percent-encoding) to avoid impacting token parsing.
• Add unit tests covering URL-encoded headers and malformed percent-encoding behavior.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
common4j/src/main/com/microsoft/identity/common/java/providers/microsoft/microsoftsts/AbstractMicrosoftStsTokenResponseHandler.java	Decodes x-ms-clientdata header prior to parsing and emits parsed telemetry to span/result.
common4j/src/test/com/microsoft/identity/common/java/providers/microsoft/microsoftsts/MicrosoftStsTokenResponseHandlerTest.java	Adds coverage for URL-encoded clientdata headers and malformed percent-encoding handling.