private static AuthenticationContext createAuthenticationContext(String authorityUrl) throws MalformedURLException { return new AuthenticationContext(authorityUrl, true, ForkJoinPool.commonPool()); } }
@Override public String doAuthenticate(String authorization, String resource, String scope) { try { AuthenticationContext context = new AuthenticationContext(authorization, false, service); return authExecutor.acquireToken(context, resource) .get(TIMEOUT_IN_SECONDS, TimeUnit.SECONDS) .getAccessToken(); } catch (InterruptedException | ExecutionException | TimeoutException | MalformedURLException ex) { throw new IllegalStateException(AUTH_FAILED, ex); } } }
@Override public Map<String, Object> refresh(Map<String, Object> config) { // TODO: Support national clouds! String cloud = "https://login.microsoftonline.com"; String tenantId = (String) config.get(TENANT_ID); String authority = cloud + "/" + tenantId; String clientId = (String) config.get(CLIENT_ID); String refreshToken = (String) config.get(REFRESH_TOKEN); try { AuthenticationContext context = new AuthenticationContext(authority, true, Executors.newSingleThreadExecutor()); Future<AuthenticationResult> resultFuture = context.acquireTokenByRefreshToken(refreshToken, clientId, null); AuthenticationResult result = resultFuture.get(); config.put(ACCESS_TOKEN, result.getAccessToken()); config.put(REFRESH_TOKEN, result.getRefreshToken()); return config; } catch (InterruptedException | MalformedURLException | ExecutionException ex) { throw new RuntimeException(ex); } } }
@Override public Map<String, Object> refresh(Map<String, Object> config) { // TODO: Support national clouds! String cloud = "https://login.microsoftonline.com"; String tenantId = (String) config.get(TENANT_ID); String authority = cloud + "/" + tenantId; String clientId = (String) config.get(CLIENT_ID); String refreshToken = (String) config.get(REFRESH_TOKEN); try { AuthenticationContext context = new AuthenticationContext(authority, true, Executors.newSingleThreadExecutor()); Future<AuthenticationResult> resultFuture = context.acquireTokenByRefreshToken(refreshToken, clientId, null); AuthenticationResult result = resultFuture.get(); config.put(ACCESS_TOKEN, result.getAccessToken()); config.put(REFRESH_TOKEN, result.getRefreshToken()); return config; } catch (InterruptedException | MalformedURLException | ExecutionException ex) { throw new RuntimeException(ex); } } }
@Override public String doAuthenticate(String authorization, String resource, String scope) { AuthenticationContext context = null; AuthenticationResult result = null; String token = ""; final ExecutorService executorService = Executors.newSingleThreadExecutor(); try { context = new AuthenticationContext(authorization, false, executorService); final ClientCredential credential = new ClientCredential(this.clientId, this.clientKey); final Future<AuthenticationResult> future = context.acquireToken(resource, credential, null); result = future.get(timeoutInSeconds, TimeUnit.SECONDS); token = result.getAccessToken(); } catch (MalformedURLException | TimeoutException | InterruptedException | ExecutionException ex) { throw new IllegalStateException("Failed to do authentication.", ex); } finally { executorService.shutdown(); } return token; } }
@Override public String doAuthenticate(String authorization, String resource, String scope) { AuthenticationContext context = null; AuthenticationResult result = null; String token = ""; final ExecutorService executorService = Executors.newSingleThreadExecutor(); try { context = new AuthenticationContext(authorization, false, executorService); final ClientCredential credential = new ClientCredential(this.clientId, this.clientKey); final Future<AuthenticationResult> future = context.acquireToken(resource, credential, null); result = future.get(timeoutInSeconds, TimeUnit.SECONDS); token = result.getAccessToken(); } catch (MalformedURLException | TimeoutException | InterruptedException | ExecutionException ex) { throw new IllegalStateException("Failed to do authentication.", ex); } finally { executorService.shutdown(); } return token; } }
@Override public String doAuthenticate(String authorization, String resource, String scope) { if(clientId == null || clientSecret == null) { throw new AzureCredentialNotSetException("AZURE_CLIENT_ID and AZURE_CLIENT_SECRET environment variables must be set"); } try { if(Objects.isNull(authenticationContext)) { this.authenticationContext = new AuthenticationContext(authorization, false, executorService); } ClientCredential credential = new ClientCredential(clientId,clientSecret); return authenticationContext.acquireToken(resource, credential, null).get().getAccessToken(); } catch (ExecutionException | MalformedURLException ex) { throw new RuntimeException(ex); } catch(InterruptedException ex) { LOGGER.warn("Key vault executor executorService interrupted"); throw new RuntimeException(ex); } }
private AuthenticationResult authenticate(AuthorizationSupplier authorizationSupplier, String resource) { AuthenticationResult result; ExecutorService executorService = Executors.newFixedThreadPool(1); try { AuthenticationContext context = new AuthenticationContext(authority, true, executorService); Future<AuthenticationResult> future = authorizationSupplier.get(context, resource); result = future.get(); } catch (MalformedURLException | InterruptedException e) { log.error("Authentication to {} is failed", resource, e); throw new DlabException(String.format("Cannot get token to %s", resource), e); } catch (ExecutionException e) { if (e.getCause() instanceof RuntimeException) { throw (RuntimeException) e.getCause(); } throw new DlabException(String.format("Cannot get token to %s", resource), e); } finally { executorService.shutdown(); } if (result == null) { throw new DlabException("Authentication result was null"); } return result; }
@Override public String doAuthenticate(String authorization, String resource, String scope) { if(clientId == null || clientSecret == null) { throw new AzureCredentialNotSetException("AZURE_CLIENT_ID and AZURE_CLIENT_SECRET environment variables must be set"); } try { if(Objects.isNull(authenticationContext)) { this.authenticationContext = new AuthenticationContext(authorization, false, executorService); } ClientCredential credential = new ClientCredential(clientId,clientSecret); return authenticationContext.acquireToken(resource, credential, null).get().getAccessToken(); } catch (ExecutionException | MalformedURLException ex) { throw new RuntimeException(ex); } catch(InterruptedException ex) { LOGGER.warn("Key vault executor executorService interrupted"); throw new RuntimeException(ex); } }
private AuthenticationResult acquireAadApplicationAccessToken() throws DataServiceException, DataClientException { AuthenticationContext context; AuthenticationResult result; ExecutorService service = null; try { service = Executors.newSingleThreadExecutor(); context = new AuthenticationContext(aadAuthorityUri, true, service); Future<AuthenticationResult> future = context.acquireToken(clusterUrl, clientCredential, null); result = future.get(); } catch (InterruptedException | ExecutionException | MalformedURLException e) { throw new DataClientException(clusterUrl, "Error in acquiring ApplicationAccessToken", e); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new DataServiceException(clusterUrl, "acquireAadApplicationAccessToken got 'null' authentication result"); } return result; }
private AuthenticationResult acquireAccessTokenUsingDeviceCodeFlow() throws Exception { AuthenticationContext context = null; AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newSingleThreadExecutor(); context = new AuthenticationContext( aadAuthorityUri, true, service); Future<DeviceCode> future = context.acquireDeviceCode(CLIENT_ID, clusterUrl, null); DeviceCode deviceCode = future.get(); System.out.println(deviceCode.getMessage()); if (Desktop.isDesktopSupported()) { Desktop.getDesktop().browse(new URI(deviceCode.getVerificationUrl())); } result = waitAndAcquireTokenByDeviceCode(deviceCode, context); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException("authentication result was null"); } return result; }
private AuthenticationResult acquireAadUserAccessToken() throws DataServiceException, DataClientException { AuthenticationContext context; AuthenticationResult result; ExecutorService service = null; try { service = Executors.newSingleThreadExecutor(); context = new AuthenticationContext(aadAuthorityUri, true, service); Future<AuthenticationResult> future = context.acquireToken( clusterUrl, CLIENT_ID, userUsername, userPassword, null); result = future.get(); } catch (InterruptedException | ExecutionException | MalformedURLException e) { throw new DataClientException(clusterUrl, "Error in acquiring UserAccessToken", e); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new DataServiceException(clusterUrl, "acquireAadUserAccessToken got 'null' authentication result"); } return result; }
AuthenticationResult acquireWithClientCertificate() throws IOException, InterruptedException, ExecutionException, ServiceUnavailableException{ AuthenticationContext context; AuthenticationResult result; ExecutorService service = null; try { service = Executors.newSingleThreadExecutor(); context = new AuthenticationContext(aadAuthorityUri, false, service); AsymmetricKeyCredential asymmetricKeyCredential = AsymmetricKeyCredential.create(clientCredential.getClientId(), privateKey, x509Certificate); // pass null value for optional callback function and acquire access token result = context.acquireToken(clusterUrl, asymmetricKeyCredential, null).get(); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException("authentication result was null"); } return result; }
@Override public String doAuthenticate(String authorization, String resource, String scope) { final String certFileName = certResource.getFilename(); final KeyCertReader certReader = KeyCertReaderFactory.getReader(certFileName); final KeyCert keyCert = certReader.read(certResource, certPassword); try { final AuthenticationContext context = new AuthenticationContext(authorization, false, Executors.newSingleThreadExecutor()); final AsymmetricKeyCredential asymmetricKeyCredential = AsymmetricKeyCredential.create(clientId, keyCert.getKey(), keyCert.getCertificate()); final AuthenticationResult authResult = context.acquireToken(resource, asymmetricKeyCredential, null) .get(timeoutInSeconds, TimeUnit.SECONDS); return authResult.getAccessToken(); } catch (MalformedURLException | InterruptedException | ExecutionException | TimeoutException e) { final String errMsg = String.format("Failed to authenticate with Key Vault using certificate %s", certFileName); log.error(errMsg, e); throw new IllegalStateException(errMsg, e); } } }
@Override public String doAuthenticate(String authorization, String resource, String scope) { final String certFileName = certResource.getFilename(); final KeyCertReader certReader = KeyCertReaderFactory.getReader(certFileName); final KeyCert keyCert = certReader.read(certResource, certPassword); try { final AuthenticationContext context = new AuthenticationContext(authorization, false, Executors.newSingleThreadExecutor()); final AsymmetricKeyCredential asymmetricKeyCredential = AsymmetricKeyCredential.create(clientId, keyCert.getKey(), keyCert.getCertificate()); final AuthenticationResult authResult = context.acquireToken(resource, asymmetricKeyCredential, null) .get(timeoutInSeconds, TimeUnit.SECONDS); return authResult.getAccessToken(); } catch (MalformedURLException | InterruptedException | ExecutionException | TimeoutException e) { final String errMsg = String.format("Failed to authenticate with Key Vault using certificate %s", certFileName); log.error(errMsg, e); throw new IllegalStateException(errMsg, e); } } }
@NotNull public static AuthenticationResult getToken(@NotNull final AuthorizationTokenInputs inputs) throws Exception { final ExecutorService service = Executors.newSingleThreadExecutor(); final AuthenticationContext context = new AuthenticationContext(inputs.getAuthority(), false, service); context.setProxy(getProxy(inputs.getProxyHost(), inputs.getProxyPort(), inputs.getProxyUsername(), inputs.getProxyPassword())); final Future<AuthenticationResult> future = context.acquireToken(inputs.getResource(), inputs.getClientId(), inputs.getUsername(), inputs.getPassword(), null); service.shutdown(); return future.get(); } }
AuthenticationResult acquireNewAccessToken(String resource) throws IOException { String authorityUrl = this.environment().activeDirectoryEndpoint() + this.domain(); ExecutorService executor = Executors.newSingleThreadExecutor(); AuthenticationContext context = new AuthenticationContext(authorityUrl, false, executor); if (proxy() != null) { context.setProxy(proxy()); } try { return context.acquireToken( resource, this.clientId(), this.username(), this.password, null).get(); } catch (Exception e) { throw new IOException(e.getMessage(), e); } finally { executor.shutdown(); } }
public AuthenticationResult acquireTokenForGraphApi(String idToken, String tenantId) throws MalformedURLException, ServiceUnavailableException, InterruptedException, ExecutionException { final ClientCredential credential = new ClientCredential(clientId, clientSecret); final UserAssertion assertion = new UserAssertion(idToken); AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newFixedThreadPool(1); final AuthenticationContext context = new AuthenticationContext( serviceEndpoints.getAadSigninUri() + tenantId + "/", true, service); context.setCorrelationId(getCorrelationId()); final Future<AuthenticationResult> future = context .acquireToken(serviceEndpoints.getAadGraphApiUri(), assertion, credential, null); result = future.get(); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException("unable to acquire on-behalf-of token for client " + clientId); } return result; }
@NotNull public static AuthenticationResult getToken(@NotNull final AuthorizationTokenInputs inputs) throws Exception { final ExecutorService service = Executors.newSingleThreadExecutor(); final AuthenticationContext context = new AuthenticationContext(inputs.getAuthority(), false, service); context.setProxy(getProxy(inputs.getProxyHost(), inputs.getProxyPort(), inputs.getProxyUsername(), inputs.getProxyPassword())); //Verifying if loginType is API to instantiate ClientCredential object if (inputs.getLoginType().equalsIgnoreCase(API)) { final ClientCredential credential = new ClientCredential(inputs.getClientId(), inputs.getClientSecret()); return acquireToken(context, inputs, credential, service); } //Otherwise, the loginType is Native since the verification was already made in the @Action return acquireToken(context, inputs, service); }
public AuthenticationResult acquireTokenForGraphApi(String idToken, String tenantId) throws MalformedURLException, ServiceUnavailableException, InterruptedException, ExecutionException { final ClientCredential credential = new ClientCredential(clientId, clientSecret); final UserAssertion assertion = new UserAssertion(idToken); AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newFixedThreadPool(1); final AuthenticationContext context = new AuthenticationContext( serviceEndpoints.getAadSigninUri() + tenantId + "/", true, service); context.setCorrelationId(getCorrelationId()); final Future<AuthenticationResult> future = context .acquireToken(serviceEndpoints.getAadGraphApiUri(), assertion, credential, null); result = future.get(); } finally { if (service != null) { service.shutdown(); } } if (result == null) { throw new ServiceUnavailableException( "unable to acquire on-behalf-of token for client " + clientId); } return result; }