ADAL4j java - 使用带有用户名和密码的刷新令牌来获取访问令牌
ADAL4j java - use refresh token with username and password to get the access token
我正在使用 java 后端服务器连接到已启用 API 的 Azure AD。我可以通过以下 java 代码获取访问令牌。
String tenantId = "************";
String username = "***************";
String password = "*************";
String clientId = "**********";
String resource = "***********";
String userEmail = "**********";
AuthenticationContext authContext = null;
AuthenticationResult authResult = null;
ExecutorService service = null;
try
{
service = Executors.newFixedThreadPool( 1 );
String url = "https://login.microsoftonline.com/" + tenantId + "/oauth2/authorize";
authContext = new AuthenticationContext( url, false, service );
Future<AuthenticationResult> future = authContext.acquireToken(
resource,
clientId,
userEmail,
password,
null );
authResult = future.get();
}
catch( Exception ex )
{
ex.printStackTrace();
}
请注意,API 提供商目前不支持客户端凭据。
我的问题是,使用上面代码中收到的刷新令牌来获取新的访问令牌。
ADAL4j java 库似乎没有任何方法支持这一点。
A Documentation for java library
但是在 .NET 库中有这样的方法,
public AuthenticationResult AcquireTokenByRefreshToken(
string refreshToken,
string clientId,
string resource
)
用于在不提供任何凭据的情况下刷新访问令牌。
为什么 Java 库中没有提供这些方法?。有什么限制吗?
可能的解决方法是什么?
提前致谢。
据我所知,虽然 Java ADAL4J 库不支持方法
public AuthenticationResult AcquireTokenByRefreshToken(
string refreshToken,
string clientId,
string resource
)
.Net库支持,两种类型的库都是通过HTTP REST API.
实现的
可以参考官方的刷新访问令牌document
// Line breaks for legibility only
POST /{tenant}/oauth2/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
&grant_type=refresh_token
&resource=https%3A%2F%2Fservice.contoso.com%2F
&client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps
我用Postman测试了一个没有凭据的refreshToken获取accessToken的请求,供大家参考:
对应的,我用下面的Java代码实现了请求:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
public class AcquireTokenByRefreshToken {
static String tenantId = "***";
static String username = "***";
static String password = "***";
static String clientId = "***";
static String resource = "https://graph.windows.net";
static String userEmail = "***";
public static void main(String[] args) throws MalformedURLException, IOException {
AuthenticationContext authContext = null;
AuthenticationResult authResult = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
String url = "https://login.microsoftonline.com/" + tenantId + "/oauth2/authorize";
authContext = new AuthenticationContext(url, false, service);
Future<AuthenticationResult> future = authContext.acquireToken(resource, clientId, userEmail, password,
null);
authResult = future.get();
System.out.println("get access token: \n" + authResult.getAccessToken());
System.out.println("get refresh token: \n" + authResult.getRefreshToken());
} catch (Exception ex) {
ex.printStackTrace();
}
// get access token by refresh token
getToken(authResult.getRefreshToken());
}
public static void getToken(String refreshToken) throws IOException {
String encoding = "UTF-8";
String params = "client_id=" + clientId + "&refresh_token=" + refreshToken
+ "&grant_type=refresh_token&resource=https%3A%2F%2Fgraph.windows.net";
String path = "https://login.microsoftonline.com/" + tenantId + "/oauth2/token";
byte[] data = params.getBytes(encoding);
URL url = new URL(path);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestProperty("Content-Length", String.valueOf(data.length));
conn.setConnectTimeout(5 * 1000);
OutputStream outStream = conn.getOutputStream();
outStream.write(data);
outStream.flush();
outStream.close();
System.out.println(conn.getResponseCode());
System.out.println(conn.getResponseMessage());
BufferedReader br = null;
if (conn.getResponseCode() != 200) {
br = new BufferedReader(new InputStreamReader((conn.getErrorStream())));
} else {
br = new BufferedReader(new InputStreamReader((conn.getInputStream())));
}
System.out.println("Response body : " + br.readLine());
}
}
控制台打印结果如下:
希望对你有帮助。
我正在使用 java 后端服务器连接到已启用 API 的 Azure AD。我可以通过以下 java 代码获取访问令牌。
String tenantId = "************";
String username = "***************";
String password = "*************";
String clientId = "**********";
String resource = "***********";
String userEmail = "**********";
AuthenticationContext authContext = null;
AuthenticationResult authResult = null;
ExecutorService service = null;
try
{
service = Executors.newFixedThreadPool( 1 );
String url = "https://login.microsoftonline.com/" + tenantId + "/oauth2/authorize";
authContext = new AuthenticationContext( url, false, service );
Future<AuthenticationResult> future = authContext.acquireToken(
resource,
clientId,
userEmail,
password,
null );
authResult = future.get();
}
catch( Exception ex )
{
ex.printStackTrace();
}
请注意,API 提供商目前不支持客户端凭据。
我的问题是,使用上面代码中收到的刷新令牌来获取新的访问令牌。
ADAL4j java 库似乎没有任何方法支持这一点。 A Documentation for java library
但是在 .NET 库中有这样的方法,
public AuthenticationResult AcquireTokenByRefreshToken(
string refreshToken,
string clientId,
string resource
)
用于在不提供任何凭据的情况下刷新访问令牌。
为什么 Java 库中没有提供这些方法?。有什么限制吗? 可能的解决方法是什么?
提前致谢。
据我所知,虽然 Java ADAL4J 库不支持方法
public AuthenticationResult AcquireTokenByRefreshToken(
string refreshToken,
string clientId,
string resource
)
.Net库支持,两种类型的库都是通过HTTP REST API.
实现的可以参考官方的刷新访问令牌document
// Line breaks for legibility only
POST /{tenant}/oauth2/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
&grant_type=refresh_token
&resource=https%3A%2F%2Fservice.contoso.com%2F
&client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps
我用Postman测试了一个没有凭据的refreshToken获取accessToken的请求,供大家参考:
对应的,我用下面的Java代码实现了请求:
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
public class AcquireTokenByRefreshToken {
static String tenantId = "***";
static String username = "***";
static String password = "***";
static String clientId = "***";
static String resource = "https://graph.windows.net";
static String userEmail = "***";
public static void main(String[] args) throws MalformedURLException, IOException {
AuthenticationContext authContext = null;
AuthenticationResult authResult = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
String url = "https://login.microsoftonline.com/" + tenantId + "/oauth2/authorize";
authContext = new AuthenticationContext(url, false, service);
Future<AuthenticationResult> future = authContext.acquireToken(resource, clientId, userEmail, password,
null);
authResult = future.get();
System.out.println("get access token: \n" + authResult.getAccessToken());
System.out.println("get refresh token: \n" + authResult.getRefreshToken());
} catch (Exception ex) {
ex.printStackTrace();
}
// get access token by refresh token
getToken(authResult.getRefreshToken());
}
public static void getToken(String refreshToken) throws IOException {
String encoding = "UTF-8";
String params = "client_id=" + clientId + "&refresh_token=" + refreshToken
+ "&grant_type=refresh_token&resource=https%3A%2F%2Fgraph.windows.net";
String path = "https://login.microsoftonline.com/" + tenantId + "/oauth2/token";
byte[] data = params.getBytes(encoding);
URL url = new URL(path);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setDoOutput(true);
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setRequestProperty("Content-Length", String.valueOf(data.length));
conn.setConnectTimeout(5 * 1000);
OutputStream outStream = conn.getOutputStream();
outStream.write(data);
outStream.flush();
outStream.close();
System.out.println(conn.getResponseCode());
System.out.println(conn.getResponseMessage());
BufferedReader br = null;
if (conn.getResponseCode() != 200) {
br = new BufferedReader(new InputStreamReader((conn.getErrorStream())));
} else {
br = new BufferedReader(new InputStreamReader((conn.getInputStream())));
}
System.out.println("Response body : " + br.readLine());
}
}
控制台打印结果如下:
希望对你有帮助。