public AzureKeyVaultStore( String keyVaultName, String tenantId, String clientId, String clientSecret) { vaultUrl = String.format(VAULT_ADDRESS, keyVaultName); ApplicationTokenCredentials credentials = new ApplicationTokenCredentials(clientId, tenantId, clientSecret, AzureEnvironment.AZURE); vaultClient = new KeyVaultClient(credentials); }
/** * Creates a new instance of the DelegatedTokenCredentials from an auth file. * * @param authFile The credentials based on the file * @param redirectUrl the URL to redirect to after authentication in Active Directory * @return a new delegated token credentials * @throws IOException exception thrown from file access errors. */ public static DelegatedTokenCredentials fromFile(File authFile, String redirectUrl) throws IOException { return new DelegatedTokenCredentials(ApplicationTokenCredentials.fromFile(authFile), redirectUrl); }
private void initATCIfNeeded() throws IOException { if (atc == null) { atc = ApplicationTokenCredentials.fromFile(credFile); } }
/** * Initializes a new instance of the DelegatedTokenCredentials. * * @param applicationCredentials the credentials representing a service principal * @param redirectUrl the URL to redirect to after authentication in Active Directory */ public DelegatedTokenCredentials(ApplicationTokenCredentials applicationCredentials, String redirectUrl) { super(applicationCredentials.environment(), applicationCredentials.domain()); // defer token acquisition this.applicationCredentials = applicationCredentials; this.tokens = new ConcurrentHashMap<>(); this.redirectUrl = redirectUrl; this.refreshTokenClient = new RefreshTokenClient(applicationCredentials.environment().activeDirectoryEndpoint(), proxy()); }
@Override public synchronized String getToken(String resource) throws IOException { String token = subscriptions.get(defaultSubscriptionId()).credentialInstance().getToken(resource); if (token == null) { System.err.println("Please login in Azure CLI and press any key to continue after you've successfully logged in."); System.in.read(); loadAccessTokens(); token = subscriptions.get(defaultSubscriptionId()).credentialInstance().getToken(resource); } return token; } }
@Override public String getToken(String resource) throws IOException { if (!isPlaybackMode) { super.getToken(resource); } return "https:/asdd.com"; } }
AzureCliSubscription withToken(AzureCliToken token) { if (isServicePrincipal()) { this.servicePrincipalToken = token; } else { if (token.resource() != null) { this.userTokens.put(token.resource(), token); } if (this.clientId == null) { this.clientId = token.clientId(); } } return this; }
private AuthenticationResult acquireAccessTokenFromRefreshToken(String resource, String refreshToken, boolean isMultipleResourceRefreshToken) throws IOException { ExecutorService executor = Executors.newSingleThreadExecutor(); try { return refreshTokenClient.refreshToken(domain(), clientId(), resource, refreshToken, isMultipleResourceRefreshToken); } catch (Exception e) { return null; } finally { executor.shutdown(); } }
AuthenticationResult acquireAccessTokenFromRefreshToken(String resource, String refreshToken, boolean isMultipleResourceRefreshToken) throws IOException { ExecutorService executor = Executors.newSingleThreadExecutor(); try { return refreshTokenClient.refreshToken(domain(), clientId(), resource, refreshToken, isMultipleResourceRefreshToken); } catch (Exception e) { return null; } finally { executor.shutdown(); } } }
/** * @return the active directory application client id */ public String clientId() { return applicationCredentials.clientId(); }
@Override public String getToken(String tokenAudience) throws IOException { if (this.tokenSource == MSITokenSource.MSI_EXTENSION) { return this.getTokenFromMSIExtension(tokenAudience == null ? this.resource : tokenAudience); } else { return this.getTokenFromIMDSEndpoint(tokenAudience == null ? this.resource : tokenAudience); } }
/** * Creates an instance of AzureCliCredentials with custom locations of the token files. * * @param azureProfile the azureProfile.json file created by Azure CLI * @param accessTokens the accessTokens.json file created by Azure CLI * @return an instance of AzureCliCredentials * @throws IOException if the Azure CLI token files are not accessible */ public static AzureCliCredentials create(File azureProfile, File accessTokens) throws IOException { AzureCliCredentials credentials = new AzureCliCredentials(); credentials.azureProfile = azureProfile; credentials.accessTokens = accessTokens; credentials.loadAccessTokens(); return credentials; }
/** * @return the active directory application client id */ public String clientId() { return subscriptions.get(defaultSubscriptionId()).clientId(); }
/** * @return the Azure environment to authenticate with */ public AzureEnvironment environment() { return subscriptions.get(defaultSubscriptionId()).environment(); }
/** * @return the tenant or domain the containing the application */ @Override public String domain() { return subscriptions.get(defaultSubscriptionId()).tenant(); }
String clientId() { if (isServicePrincipal()) { return servicePrincipalId; } else { return clientId; } }
@Override public ApplicationTokenCredentials get() { return new ApplicationTokenCredentials(clientId, tenantId, key, getEnvironment()); }
/** * Creates a new instance of the DelegatedTokenCredentials from an auth file, * with a pre-acquired oauth2 authorization code. * * @param authFile The credentials based on the file * @param redirectUrl the URL to redirect to after authentication in Active Directory * @param authorizationCode the oauth2 authorization code * @return a new delegated token credentials * @throws IOException exception thrown from file access errors. */ public static DelegatedTokenCredentials fromFile(File authFile, String redirectUrl, String authorizationCode) throws IOException { return new DelegatedTokenCredentials(ApplicationTokenCredentials.fromFile(authFile), redirectUrl, authorizationCode); }
String user() { if (isServicePrincipal()) { return servicePrincipalId; } else { return userId; } }
String tenant() { if (isServicePrincipal()) { return servicePrincipalTenant; } else { String[] parts = authority.split("/"); return parts[parts.length - 1]; } }