FIX EIDSCA.AS04: Authentication Method - SMS - Use for sign-in.

[ThorNicolai]

Description

User Bennell flagged an issue in discord related to multiple groups assigned to the SMS Authentication Method and this EIDSCA.AS04 test. The returned value would be 'False False' if for example 2 groups are assigned to the Authentication method SMS rather than 'False'. Marking the test as failed, where it would actually have passed if logic was set correctly.

Compute failingTargets where isUsableForSignIn != 'false', set tenantValue/testResult accordingly, and fetch directory objects to include display names for failing targets.

Contribution Checklist

Before submitting this PR, please confirm you have completed the following:

• 📖 Read the guidelines for contributing to this repository.
• 🧪 Ensure the build and unit tests pass by running /powershell/tests/pester.ps1 on your local system.

[SamErde]

Thanks, @ThorNicolai!

@Cloud-Architekt, is this something that will need to get fixed in the upstream EIDSCA project and then rebuilt here in Maester?

[Cloud-Architekt]

Thanks for reaching out, @ThorNicolai!

@SamErde, @ThorNicolai: Unfortunately, we can’t support that kind of advanced logic due to the EIDSCA schema and the simplified validation of Graph results. However, I’ve fixed the issue where multiple “false” outcomes caused the test to fail. Now, the check will fail only if at least one assigned group is permitted to use SMS for sign-in.
The fix has already been implemented in EIDSCA, and I’ve opened a PR for Maester: #1584

I hope this improvement helps, even though it doesn’t yet indicate which specific group assignment triggered the failed test.

[merill]

Closing this one since we can now track in #1584

@ThorNicolai thank you so much for raising this and for proposing a fix. Very much appreciated!