@Override public String doAuthenticate(String authorization, String resource, String scope) { AuthenticationContext context = null; AuthenticationResult result = null; String token = ""; final ExecutorService executorService = Executors.newSingleThreadExecutor(); try { context = new AuthenticationContext(authorization, false, executorService); final ClientCredential credential = new ClientCredential(this.clientId, this.clientKey); final Future<AuthenticationResult> future = context.acquireToken(resource, credential, null); result = future.get(timeoutInSeconds, TimeUnit.SECONDS); token = result.getAccessToken(); } catch (MalformedURLException | TimeoutException | InterruptedException | ExecutionException ex) { throw new IllegalStateException("Failed to do authentication.", ex); } finally { executorService.shutdown(); } return token; } }
/** * Acquires security token from the authority using an authorization code * previously received. * * @param authorizationCode * The authorization code received from service authorization * endpoint. * @param redirectUri * The redirect address used for obtaining authorization code. * @param credential * The client credential to use for token acquisition. * @param callback * optional callback object for non-blocking execution. * @return A {@link Future} object representing the * {@link AuthenticationResult} of the call. It contains Access * Token, Refresh Token and the Access Token's expiration time. */ public Future<AuthenticationResult> acquireTokenByAuthorizationCode( final String authorizationCode, final URI redirectUri, final ClientCredential credential, final AuthenticationCallback callback) { this.validateAuthCodeRequestInput(authorizationCode, redirectUri, credential, null); return this.acquireTokenByAuthorizationCode(authorizationCode, redirectUri, credential, null, callback); }
@Override public Map<String, Object> refresh(Map<String, Object> config) { // TODO: Support national clouds! String cloud = "https://login.microsoftonline.com"; String tenantId = (String) config.get(TENANT_ID); String authority = cloud + "/" + tenantId; String clientId = (String) config.get(CLIENT_ID); String refreshToken = (String) config.get(REFRESH_TOKEN); try { AuthenticationContext context = new AuthenticationContext(authority, true, Executors.newSingleThreadExecutor()); Future<AuthenticationResult> resultFuture = context.acquireTokenByRefreshToken(refreshToken, clientId, null); AuthenticationResult result = resultFuture.get(); config.put(ACCESS_TOKEN, result.getAccessToken()); config.put(REFRESH_TOKEN, result.getRefreshToken()); return config; } catch (InterruptedException | MalformedURLException | ExecutionException ex) { throw new RuntimeException(ex); } } }
@Override public Future<AuthenticationResult> acquireToken(AuthenticationContext context, String resource) { return context.acquireToken(resource, credential, null); } }
private AuthenticationResult acquireAccessToken(String resource) throws IOException { String authorityUrl = this.environment().activeDirectoryEndpoint() + this.domain(); ExecutorService executor = Executors.newSingleThreadExecutor(); AuthenticationContext context = new AuthenticationContext(authorityUrl, false, executor); if (proxy() != null) { context.setProxy(proxy()); context.setSslSocketFactory(sslSocketFactory()); return context.acquireToken( resource, new ClientCredential(this.clientId(), clientSecret), null).get(); } else if (clientCertificate != null && clientCertificatePassword != null) { return context.acquireToken( resource, AsymmetricKeyCredential.create(clientId, new ByteArrayInputStream(clientCertificate), clientCertificatePassword), null).get(); } else if (clientCertificate != null) { return context.acquireToken( resource, AsymmetricKeyCredential.create(clientId(), privateKeyFromPem(new String(clientCertificate)), publicKeyFromPem(new String(clientCertificate))),
@NotNull public static AuthenticationResult getToken(@NotNull final AuthorizationTokenInputs inputs) throws Exception { final ExecutorService service = Executors.newSingleThreadExecutor(); final AuthenticationContext context = new AuthenticationContext(inputs.getAuthority(), false, service); context.setProxy(getProxy(inputs.getProxyHost(), inputs.getProxyPort(), inputs.getProxyUsername(), inputs.getProxyPassword())); final Future<AuthenticationResult> future = context.acquireToken(inputs.getResource(), inputs.getClientId(), inputs.getUsername(), inputs.getPassword(), null); service.shutdown(); return future.get(); } }
public AuthenticationResult acquireTokenForGraphApi(String idToken, String tenantId) throws MalformedURLException, ServiceUnavailableException, InterruptedException, ExecutionException { final ClientCredential credential = new ClientCredential(clientId, clientSecret); final UserAssertion assertion = new UserAssertion(idToken); AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newFixedThreadPool(1); final AuthenticationContext context = new AuthenticationContext( serviceEndpoints.getAadSigninUri() + tenantId + "/", true, service); context.setCorrelationId(getCorrelationId()); final Future<AuthenticationResult> future = context .acquireToken(serviceEndpoints.getAadGraphApiUri(), assertion, credential, null); result = future.get(); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException("unable to acquire on-behalf-of token for client " + clientId); } return result; }
ClientAuthenticationMethod.NONE, new ClientID(clientId)); this.validateAuthCodeRequestInput(authorizationCode, redirectUri, clientAuth, resource); final AdalOAuthAuthorizationGrant authGrant = new AdalOAuthAuthorizationGrant( new AuthorizationCodeGrant(new AuthorizationCode( authorizationCode), redirectUri), resource); return this.acquireToken(authGrant, clientAuth, callback);
/** * Acquires security token from the authority. * * @param resource * Identifier of the target resource that is the recipient of the * requested token. * @param clientAssertion * The client assertion to use for client authentication. * @param callback * optional callback object for non-blocking execution. * @return A {@link Future} object representing the * {@link AuthenticationResult} of the call. It contains Access * Token and the Access Token's expiration time. Refresh Token * property will be null for this overload. */ public Future<AuthenticationResult> acquireToken(final String resource, final ClientAssertion clientAssertion, final AuthenticationCallback callback) { this.validateInput(resource, clientAssertion, true); final ClientAuthentication clientAuth = createClientAuthFromClientAssertion(clientAssertion); final AdalOAuthAuthorizationGrant authGrant = new AdalOAuthAuthorizationGrant( new ClientCredentialsGrant(), resource); return this.acquireToken(authGrant, clientAuth, callback); }
final AuthenticationCallback callback) { this.validateAuthCodeRequestInput(authorizationCode, redirectUri, clientAssertion, resource); final ClientAuthentication clientAuth = createClientAuthFromClientAssertion(clientAssertion); final AdalOAuthAuthorizationGrant authGrant = new AdalOAuthAuthorizationGrant( new AuthorizationCodeGrant(new AuthorizationCode( authorizationCode), redirectUri), resource); return this.acquireToken(authGrant, clientAuth, callback);
final ClientAssertion clientAssertion, final String resource, final AuthenticationCallback callback) { this.validateRefreshTokenRequestInput(refreshToken, clientId, clientAssertion); final ClientAuthentication clientAuth = createClientAuthFromClientAssertion(clientAssertion); final AdalOAuthAuthorizationGrant authGrant = new AdalOAuthAuthorizationGrant( new RefreshTokenGrant(new RefreshToken(refreshToken)), resource); return this.acquireToken(authGrant, clientAuth, callback);
AuthenticationContext context = new AuthenticationContext(authorityUrl, false, executor); if (proxy() != null) { context.setProxy(proxy()); return context.acquireTokenByAuthorizationCode( authorizationCode, new URI(redirectUrl), resource, null).get(); } else if (applicationCredentials.clientCertificate() != null && applicationCredentials.clientCertificatePassword() != null) { return context.acquireTokenByAuthorizationCode( authorizationCode, new URI(redirectUrl), null).get(); } else if (applicationCredentials.clientCertificate() != null) { return context.acquireTokenByAuthorizationCode( authorizationCode, new URI(redirectUrl),
/** * Acquires security token from the authority. * * @param resource * Identifier of the target resource that is the recipient of the * requested token. * @param credential * The client credential to use for token acquisition. * @param callback * optional callback object for non-blocking execution. * @return A {@link Future} object representing the * {@link AuthenticationResult} of the call. It contains Access * Token and the Access Token's expiration time. Refresh Token * property will be null for this overload. */ public Future<AuthenticationResult> acquireToken(final String resource, final ClientCredential credential, final AuthenticationCallback callback) { this.validateInput(resource, credential, true); final ClientAuthentication clientAuth = new ClientSecretPost( new ClientID(credential.getClientId()), new Secret( credential.getClientSecret())); final AdalOAuthAuthorizationGrant authGrant = new AdalOAuthAuthorizationGrant( new ClientCredentialsGrant(), resource); return this.acquireToken(authGrant, clientAuth, callback); }
private static AuthenticationContext createAuthenticationContext(String authorityUrl) throws MalformedURLException { return new AuthenticationContext(authorityUrl, true, ForkJoinPool.commonPool()); } }
@NotNull public static AuthenticationResult getToken(@NotNull final AuthorizationTokenInputs inputs) throws Exception { final ExecutorService service = Executors.newSingleThreadExecutor(); final AuthenticationContext context = new AuthenticationContext(inputs.getAuthority(), false, service); context.setProxy(getProxy(inputs.getProxyHost(), inputs.getProxyPort(), inputs.getProxyUsername(), inputs.getProxyPassword())); //Verifying if loginType is API to instantiate ClientCredential object if (inputs.getLoginType().equalsIgnoreCase(API)) { final ClientCredential credential = new ClientCredential(inputs.getClientId(), inputs.getClientSecret()); return acquireToken(context, inputs, credential, service); } //Otherwise, the loginType is Native since the verification was already made in the @Action return acquireToken(context, inputs, service); }
private AuthenticationResult acquireAccessTokenUsingDeviceCodeFlow() throws Exception { AuthenticationContext context = null; AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newSingleThreadExecutor(); context = new AuthenticationContext( aadAuthorityUri, true, service); Future<DeviceCode> future = context.acquireDeviceCode(CLIENT_ID, clusterUrl, null); DeviceCode deviceCode = future.get(); System.out.println(deviceCode.getMessage()); if (Desktop.isDesktopSupported()) { Desktop.getDesktop().browse(new URI(deviceCode.getVerificationUrl())); } result = waitAndAcquireTokenByDeviceCode(deviceCode, context); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException("authentication result was null"); } return result; }
try { service = Executors.newFixedThreadPool(1); authContext = new AuthenticationContext(settings.authorityUrl(), false, service); URI url = new URI(context.getCallbackUrl()); ClientCredential clientCredt = new ClientCredential(settings.clientId(), settings.clientSecret()); Future<AuthenticationResult> future = authContext.acquireTokenByAuthorizationCode( oAuthVerifier, url, clientCredt, settings.getGraphURL(), null); result = future.get();
/** * Acquires security token from the authority using an device code previously received. * * @param deviceCode The device code result received from calling acquireDeviceCode. * @param callback optional callback object for non-blocking execution. * @return A {@link Future} object representing the {@link AuthenticationResult} of the call. * It contains AccessToken, Refresh Token and the Access Token's expiration time. * @throws AuthenticationException thrown if authorization is pending or another error occurred. * If the errorCode of the exception is AdalErrorCode.AUTHORIZATION_PENDING, * the call needs to be retried until the AccessToken is returned. * DeviceCode.interval - The minimum amount of time in seconds that the client * SHOULD wait between polling requests to the token endpoin */ public Future<AuthenticationResult> acquireTokenByDeviceCode( final DeviceCode deviceCode, final AuthenticationCallback callback) throws AuthenticationException { final ClientAuthentication clientAuth = new ClientAuthenticationPost( ClientAuthenticationMethod.NONE, new ClientID(deviceCode.getClientId())); this.validateDeviceCodeRequestInput(deviceCode, clientAuth, deviceCode.getResource()); final AdalDeviceCodeAuthorizationGrant deviceCodeGrant = new AdalDeviceCodeAuthorizationGrant(deviceCode, deviceCode.getResource()); return this.acquireToken(deviceCodeGrant, clientAuth, callback); }
/** * Acquires security token from the authority using an authorization code * previously received. * * @param authorizationCode * The authorization code received from service authorization * endpoint. * @param redirectUri * The redirect address used for obtaining authorization code. * @param credential * The client assertion to use for token acquisition. * @param callback * optional callback object for non-blocking execution. * @return A {@link Future} object representing the * {@link AuthenticationResult} of the call. It contains Access * Token, Refresh Token and the Access Token's expiration time. */ public Future<AuthenticationResult> acquireTokenByAuthorizationCode( final String authorizationCode, final URI redirectUri, final ClientAssertion credential, final AuthenticationCallback callback) { return acquireTokenByAuthorizationCode(authorizationCode, redirectUri, credential, (String) null, callback); }
/** * Acquires a security token from the authority using a Refresh Token * previously received. * * @param refreshToken * Refresh Token to use in the refresh flow. * @param credential * The client credential used for token acquisition. * @param callback * optional callback object for non-blocking execution. * @return A {@link Future} object representing the * {@link AuthenticationResult} of the call. It contains Access * Token, Refresh Token and the Access Token's expiration time. */ public Future<AuthenticationResult> acquireTokenByRefreshToken( final String refreshToken, final ClientCredential credential, final AuthenticationCallback callback) { return acquireTokenByRefreshToken(refreshToken, credential, (String) null, callback); }