public class AzureADAuthenticator extends Object
Constructor and Description |
---|
AzureADAuthenticator() |
Modifier and Type | Method and Description |
---|---|
static AzureADToken |
getTokenFromMsi(int localPort,
String tenantGuid)
Deprecated.
Deprecated, use the other overloads instead. With the change to the way MSI is done in
Azure Active Directory, the parameters on this call (localPort) are not relevant anymore.
|
static AzureADToken |
getTokenFromMsi(String tenantGuid,
String clientId,
boolean bypassCache)
Gets AAD token from the local virtual machine's VM extension.
|
static AzureADToken |
getTokenUsingClientCreds(String authEndpoint,
String clientId,
String clientSecret)
gets Azure Active Directory token using the user ID and password of a service principal (that is, Web App
in Azure Active Directory).
|
static AzureADToken |
getTokenUsingRefreshToken(String clientId,
String refreshToken)
gets Azure Active Directory token using refresh token
|
static AzureADToken |
getTokenUsingUserCreds(String clientId,
String username,
String password)
Deprecated.
Due to security concerns with user ID and password,this auth method is deprecated. Please use
device code authentication instead for interactive user-based authentication.
|
public static AzureADToken getTokenUsingClientCreds(String authEndpoint, String clientId, String clientSecret) throws IOException
Azure Active Directory allows users to set up a web app as a service principal. Users can optionally obtain service principal keys from AAD. This method gets a token using a service principal's client ID and keys. In addition, it needs the token endpoint associated with the user's directory.
authEndpoint
- the OAuth 2.0 token endpoint associated with the user's directory
(obtain from Active Directory configuration)clientId
- the client ID (GUID) of the client web app obtained from Azure Active Directory configurationclientSecret
- the secret key of the client web appAzureADToken
obtained using the credsIOException
- throws IOException if there is a failure in connecting to Azure AD@Deprecated public static AzureADToken getTokenFromMsi(int localPort, String tenantGuid) throws IOException
localPort
- port at which the MSI extension is running. If 0 or negative number is specified, then assume
default port number of 50342.tenantGuid
- (optional) The guid of the AAD tenant. Can be null
.AzureADToken
obtained using the credsIOException
- throws IOException if there is a failure in obtaining the tokenpublic static AzureADToken getTokenFromMsi(String tenantGuid, String clientId, boolean bypassCache) throws IOException
tenantGuid
- (optional) The guid of the AAD tenant. Can be null
.clientId
- (optional) The clientId guid of the MSI service principal to use. Can be null
.bypassCache
- boolean
specifying whether a cached token is acceptable or a fresh token
request should me made to AADAzureADToken
obtained using the credsIOException
- throws IOException if there is a failure in obtaining the tokenpublic static AzureADToken getTokenUsingRefreshToken(String clientId, String refreshToken) throws IOException
clientId
- the client ID (GUID) of the client web app obtained from Azure Active Directory configurationrefreshToken
- the refresh tokenAzureADToken
obtained using the refresh tokenIOException
- throws IOException if there is a failure in connecting to Azure AD@Deprecated public static AzureADToken getTokenUsingUserCreds(String clientId, String username, String password) throws IOException
clientId
- the client ID (GUID) of the client web app obtained from Azure Active Directory configurationusername
- the user name of the userpassword
- the password of the userAzureADToken
obtained using the user's credsIOException
- throws IOException if there is a failure in connecting to Azure ADCopyright © 2019 Microsoft Corporation. All rights reserved.