void exportAuthFile(ServicePrincipalImpl servicePrincipal) { if (authFile == null) { return; } RestClient restClient = servicePrincipal.manager().roleInner().restClient(); AzureEnvironment environment = Utils.extractAzureEnvironment(restClient); StringBuilder builder = new StringBuilder("{\n"); builder.append(" ").append(String.format("\"clientId\": \"%s\",", servicePrincipal.applicationId())).append("\n"); builder.append(" ").append(String.format("\"clientSecret\": \"%s\",", value())).append("\n"); builder.append(" ").append(String.format("\"tenantId\": \"%s\",", servicePrincipal.manager().tenantId())).append("\n"); builder.append(" ").append(String.format("\"subscriptionId\": \"%s\",", servicePrincipal.assignedSubscription)).append("\n"); builder.append(" ").append(String.format("\"activeDirectoryEndpointUrl\": \"%s\",", environment.activeDirectoryEndpoint())).append("\n"); builder.append(" ").append(String.format("\"resourceManagerEndpointUrl\": \"%s\",", environment.resourceManagerEndpoint())).append("\n"); builder.append(" ").append(String.format("\"activeDirectoryGraphResourceId\": \"%s\",", environment.graphEndpoint())).append("\n"); builder.append(" ").append(String.format("\"managementEndpointUrl\": \"%s\"", environment.managementEndpoint())).append("\n"); builder.append("}"); try { authFile.write(builder.toString().getBytes()); } catch (IOException e) { throw new RuntimeException(e); } }
private AuthFile() { environment = new AzureEnvironment(new HashMap<String, String>()); environment.endpoints().putAll(AzureEnvironment.AZURE.endpoints()); }
public String getStorageEndpointSuffix() { return CommonSettings.getAdEnvironment().storageEndpointSuffix(); }
authFile = ADAPTER.deserialize(content, AuthFile.class); Map<String, String> endpoints = ADAPTER.deserialize(content, new TypeToken<Map<String, String>>() { }.getType()); authFile.environment.endpoints().putAll(endpoints); } else { authSettings.put(CredentialSettings.AUTH_URL.toString(), AzureEnvironment.AZURE.activeDirectoryEndpoint()); authSettings.put(CredentialSettings.BASE_URL.toString(), AzureEnvironment.AZURE.resourceManagerEndpoint()); authSettings.put(CredentialSettings.MANAGEMENT_URI.toString(), AzureEnvironment.AZURE.managementEndpoint()); authSettings.put(CredentialSettings.GRAPH_URL.toString(), AzureEnvironment.AZURE.graphEndpoint()); authSettings.put(CredentialSettings.VAULT_SUFFIX.toString(), AzureEnvironment.AZURE.keyVaultDnsSuffix()); authFile.clientCertificatePassword = authSettings.getProperty(CredentialSettings.CLIENT_CERT_PASS.toString()); authFile.subscriptionId = authSettings.getProperty(CredentialSettings.SUBSCRIPTION_ID.toString()); authFile.environment.endpoints().put(Endpoint.MANAGEMENT.identifier(), authSettings.getProperty(CredentialSettings.MANAGEMENT_URI.toString())); authFile.environment.endpoints().put(Endpoint.ACTIVE_DIRECTORY.identifier(), authSettings.getProperty(CredentialSettings.AUTH_URL.toString())); authFile.environment.endpoints().put(Endpoint.RESOURCE_MANAGER.identifier(), authSettings.getProperty(CredentialSettings.BASE_URL.toString())); authFile.environment.endpoints().put(Endpoint.GRAPH.identifier(), authSettings.getProperty(CredentialSettings.GRAPH_URL.toString())); authFile.environment.endpoints().put(Endpoint.KEYVAULT.identifier(), authSettings.getProperty(CredentialSettings.VAULT_SUFFIX.toString()));
public ArmRequestFactory(String tenantId) { this.urlPrefix = CommonSettings.getAdEnvironment().resourceManagerEndpoint() + "subscriptions/"; this.tenantId = tenantId; this.resource = CommonSettings.getAdEnvironment().resourceManagerEndpoint(); this.apiVersion = "api-version=2015-07-01"; }
/** * Try to extract the environment the client is authenticated to based * on the information on the rest client. * @param restClient the RestClient instance * @return the non-null AzureEnvironment */ public static AzureEnvironment extractAzureEnvironment(RestClient restClient) { AzureEnvironment environment = null; if (restClient.credentials() instanceof AzureTokenCredentials) { environment = ((AzureTokenCredentials) restClient.credentials()).environment(); } else { String baseUrl = restClient.retrofit().baseUrl().toString(); for (AzureEnvironment env : AzureEnvironment.knownEnvironments()) { if (env.resourceManagerEndpoint().toLowerCase().contains(baseUrl.toLowerCase())) { environment = env; break; } } if (environment == null) { throw new IllegalArgumentException("Unknown resource manager endpoint " + baseUrl); } } return environment; }
result = ac.acquireToken(env.managementEndpoint(), true, null, false, this.webUi, Constants.redirectUri); } else { ac1.acquireToken(env.managementEndpoint(), false, userId, isDisplayable, this.webUi, Constants.redirectUri); } catch (AuthException e) { ac1.acquireToken(env.managementEndpoint(), true, userId, isDisplayable, this.webUi, Constants.redirectUri); ac1.acquireToken(env.resourceManagerEndpoint(), false, userId, isDisplayable, this.webUi, Constants.redirectUri); } catch (AuthException e) { if (CommonSettings.getEnvironment() instanceof ProvidedEnvironment) { LOGGER.warning("Can't get " + env.resourceManagerEndpoint() + " access token from environment " + CommonSettings.getEnvironment().getName()); ac1.acquireToken(env.graphEndpoint(), false, userId, isDisplayable, this.webUi, Constants.redirectUri); } catch (AuthException e) { if (CommonSettings.getEnvironment() instanceof ProvidedEnvironment) { LOGGER.warning("Can't get " + env.graphEndpoint() + " access token from environment " + CommonSettings.getEnvironment().getName()); ac1.acquireToken(env.dataLakeEndpointResourceId(), false, userId, isDisplayable, this.webUi, Constants.redirectUri);
AzureCliToken token = userTokens.get(resource); if (token == null && (resource.equalsIgnoreCase(environment().resourceManagerEndpoint()))) { token = userTokens.get(environment().managementEndpoint());
/** * Initializes a new instance of the MSICredentials. * * @param environment the Azure environment to use */ public MSICredentials(AzureEnvironment environment) { super(environment, null /** retrieving MSI token does not require tenant **/); this.resource = environment.managementEndpoint(); this.tokenSource = MSITokenSource.IMDS_ENDPOINT; }
/** * @return the URL to authenticate through OAuth2 */ public String generateAuthenticationUrl() { return String.format("%s/%s/oauth2/authorize?client_id=%s&response_type=code&redirect_uri=%s&response_mode=query&state=%s", environment().activeDirectoryEndpoint(), domain(), clientId(), this.redirectUrl, UUID.randomUUID()); }
public GraphRequestFactory(String tenantId) { this.tenantId = tenantId; this.urlPrefix = CommonSettings.getAdEnvironment().graphEndpoint() + this.tenantId + "/"; this.resource = CommonSettings.getAdEnvironment().graphEndpoint(); apiVersion = "api-version=1.6"; }
@Override public AzureLocalAuthResponse authenticateAndLogin(AuthorizationSupplier authorizationSupplier) { AuthenticationResult authenticationResult = authenticate(authorizationSupplier, AzureEnvironment.AZURE.dataLakeEndpointResourceId()); if (validatePermissions(authenticationResult)) { UserInfo userInfo = prepareUserInfo(authenticationResult); userInfoDao.saveUserInfo(userInfo); return new AzureLocalAuthResponse(userInfo.getAccessToken(), userInfo.getName(), null); } throw new DlabAuthenticationException("You do not have proper permissions to use DLab. Please contact your " + "administrator"); }
public AzureTestCredentials(final String mockUrl, String mockTenant, boolean isPlaybackMode) { super("", mockTenant, "", new AzureEnvironment(new HashMap<String, String>() {{ put("managementEndpointUrl", mockUrl); put("resourceManagerEndpointUrl", mockUrl); put("sqlManagementEndpointUrl", mockUrl); put("galleryEndpointUrl", mockUrl); put("activeDirectoryEndpointUrl", mockUrl); put("activeDirectoryResourceId", mockUrl); put("activeDirectoryGraphResourceId", mockUrl); }})); this.isPlaybackMode = isPlaybackMode; }
@Override public String getManagementURI() throws IOException { // environments other than global cloud are not supported for interactive login for now return CommonSettings.getAdEnvironment().resourceManagerEndpoint(); }
/** * Try to extract the environment the client is authenticated to based * on the information on the rest client. * @param restClient the RestClient instance * @return the non-null AzureEnvironment */ public static AzureEnvironment extractAzureEnvironment(RestClient restClient) { AzureEnvironment environment = null; if (restClient.credentials() instanceof AzureTokenCredentials) { environment = ((AzureTokenCredentials) restClient.credentials()).environment(); } else { String baseUrl = restClient.retrofit().baseUrl().toString(); for (AzureEnvironment env : AzureEnvironment.knownEnvironments()) { if (env.resourceManagerEndpoint().toLowerCase().contains(baseUrl.toLowerCase())) { environment = env; break; } } if (environment == null) { throw new IllegalArgumentException("Unknown resource manager endpoint " + baseUrl); } } return environment; }
/** * Initializes a new instance of the MSICredentials. * * @param environment the Azure environment to use * @param msiPort the local port to retrieve token from * @deprecated use {@link #MSICredentials()} or {@link #MSICredentials(AzureEnvironment)} instead. */ @Deprecated() public MSICredentials(AzureEnvironment environment, int msiPort) { super(environment, null /** retrieving MSI token does not require tenant **/); this.resource = environment.managementEndpoint(); this.msiPort = msiPort; this.tokenSource = MSITokenSource.MSI_EXTENSION; }
/** * Initializes a new instance of the UserTokenCredentials. * * @param clientId the active directory application client id. * @param domain the domain or tenant id containing this application. * @param username the user name for the Organization Id account. * @param password the password for the Organization Id account. * @param environment the Azure environment to authenticate with. * If null is provided, AzureEnvironment.AZURE will be used. */ public UserTokenCredentials(String clientId, String domain, String username, String password, AzureEnvironment environment) { super(environment, domain); // defer token acquisition this.clientId = clientId; this.username = username; this.password = password; this.tokens = new ConcurrentHashMap<>(); this.refreshTokenClient = new RefreshTokenClient(environment.activeDirectoryEndpoint(), proxy()); }
private GraphRbacManager(RestClient restClient, String tenantId) { String graphEndpoint = AzureEnvironment.AZURE.graphEndpoint(); if (restClient.credentials() instanceof AzureTokenCredentials) { graphEndpoint = ((AzureTokenCredentials) restClient.credentials()).environment().graphEndpoint(); } this.graphRbacManagementClient = new GraphRbacManagementClientImpl( restClient.newBuilder().withBaseUrl(graphEndpoint).build()).withTenantID(tenantId); this.authorizationManagementClient = new AuthorizationManagementClientImpl(restClient); this.tenantId = tenantId; }
void exportAuthFile(ServicePrincipalImpl servicePrincipal) { if (authFile == null) { return; } RestClient restClient = servicePrincipal.manager().roleInner().restClient(); AzureEnvironment environment = Utils.extractAzureEnvironment(restClient); StringBuilder builder = new StringBuilder("{\n"); builder.append(" ").append(String.format("\"clientId\": \"%s\",", servicePrincipal.applicationId())).append("\n"); builder.append(" ").append(String.format("\"clientCertificate\": \"%s\",", privateKeyPath.replace("\\", "\\\\"))).append("\n"); builder.append(" ").append(String.format("\"clientCertificatePassword\": \"%s\",", privateKeyPassword)).append("\n"); builder.append(" ").append(String.format("\"tenantId\": \"%s\",", servicePrincipal.manager().tenantId())).append("\n"); builder.append(" ").append(String.format("\"subscriptionId\": \"%s\",", servicePrincipal.assignedSubscription)).append("\n"); builder.append(" ").append(String.format("\"activeDirectoryEndpointUrl\": \"%s\",", environment.activeDirectoryEndpoint())).append("\n"); builder.append(" ").append(String.format("\"resourceManagerEndpointUrl\": \"%s\",", environment.resourceManagerEndpoint())).append("\n"); builder.append(" ").append(String.format("\"activeDirectoryGraphResourceId\": \"%s\",", environment.graphEndpoint())).append("\n"); builder.append(" ").append(String.format("\"managementEndpointUrl\": \"%s\"", environment.managementEndpoint())).append("\n"); builder.append("}"); try { authFile.write(builder.toString().getBytes()); } catch (IOException e) { throw new RuntimeException(e); } }
public String getAccessToken(String tid) throws IOException { return getAccessToken(tid, env.resourceManagerEndpoint(), PromptBehavior.Auto); }