我有类似的问题到这个职位:Authenticate to Azure API App using ADAL但在我的情况下,我有一个客户在JBoss中托管的Java客户端需要访问我的API。该服务的安全性为“公开(已验证)”,我从浏览器访问它时没有任何问题。我知道我可以在.NET中创建一个Azure API应用程序客户端,但是我找不到有关如何从Java进行身份验证的示例。目前这是可能的吗?如果有的话,是否有人有任何样本或建议可以帮助?从Java验证Azure API应用程序
我回顾了下面的一些文档,用Java调用Azure API应用程序,从AAD认证的客户端调用Azure API应用程序。
作为参考:
对于样品,我创建在Eclipse中Maven项目和使用库adal4j,common-io & httpclient。以下是pom.xml文件中的依赖关系配置。
<dependencies>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>adal4j</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.5.1</version>
</dependency>
</dependencies>
服务示例代码安全为Public (authenticated),请注意代码中的注释。
String gateway_url = "https://<GatewayHost>.azurewebsites.net/";
String app_id_uri = gateway_url + "login/aad";
String authority = "https://login.microsoftonline.com/<aad-domain>.onmicrosoft.com";
String clientId = "<clientId>";
String clientSecret = "<key>";
String url = "https://<ApiAppHost>.azurewebsites.net/...";
/*
* Get Access Token from Gateway Login URL with authentication provider name
* Note: Please refer to the aad sample in Java for Native Headless at https://github.com/Azure-Samples/active-directory-java-native-headless
*/
HttpsURLConnection conn = (HttpsURLConnection) new URL(app_id_uri).openConnection();
AuthenticationContext context = null;
AuthenticationResult result = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
context = new AuthenticationContext(authority, false, service);
ClientCredential credential = new ClientCredential(clientId, clientSecret);
Future<AuthenticationResult> future = context.acquireToken(app_id_uri, credential, null);
result = future.get();
} finally {
service.shutdown();
}
String accessToken = null;
if (result == null) {
throw new ServiceUnavailableException(
"authentication result was null");
} else {
accessToken = result.getAccessToken();
System.out.println("Access Token: " +accessToken);
}
/*
* Using access token to get authentication token
*/
String data = "{\"access_token\": \""+accessToken+"\"}";
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.addRequestProperty("Content-Length", data.length()+"");
new DataOutputStream(conn.getOutputStream()).writeBytes(data);
String authTokenResp = IOUtils.toString(conn.getInputStream());
System.out.println("Get Authentication Token Response: " + authTokenResp);
/*
* The content of Authentication Token Response is as {"user": {"userId": "sid:xxx...xxx"}, "authenticationToken": "xxxx...xxxxx"}.
* Need to extract the authenticationToken from Json.
*/
Gson gson = new Gson();
Map<String, Object> map = gson.fromJson(authTokenResp, Map.class);
String authenticationToken = (String) map.get("authenticationToken");
System.out.println("Authentication Token: "+authenticationToken);
/*
* Using authentication token as X-ZUMO-AUTH header to get data from Api App
* Note: Must using Apache Common HttpClient supported HTTP 30x redirection, Class Http(s)URLConnection not support.
* There are three times continuous 302 redirection in accessing Api App with zumo token.
*/
HttpGet httpGet = new HttpGet(url);
httpGet.addHeader("x-zumo-auth", authenticationToken);
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpResponse resp = httpclient.execute(httpGet);
String apiAppData = IOUtils.toString(resp.getEntity().getContent());
System.out.println(apiAppData);
任何问题,请随时让我知道。
@ peter-pan-msft这是比我所希望的更完整的答案。谢谢!我所缺少的是如何从认证令牌响应中提取认证令牌。 –