我尝试从 AZURE AD 获取访问令牌,但收到以下代码的错误。 我的要求是获取访问令牌而不将服务凭据传递给 Microsoft 登录弹出窗口。我需要从我的代码传递服务凭据。 我有以下服务详细信息
客户端ID:clientid-abcd-bcda-xxxx-bbbbc-bbbbsjhk
客户端秘密:客户端秘密-xxxx-bgdj-jbkjg-dddff
callbackurl:https://somecalbackurl.to.access.receive.an.authorization.code
accesstokenUlr:https://一些 AccessToken Url Url
AuthUrl:https://somAuthUrl
服务账户用户名和密码
public static void main(String[] args) throws OAuthProblemException {
// TODO Auto-generated method stub
String clientId = "c64a70a8-7794-44a6-a9b8-4f44f09e17ee";
String clientSecret = "-DW8Q~JwYM611PR7EchiCU~HKLLqjv1ogLHvAc8O";
String accessTokenUrl = "https://login.windows.net/f761680c-0582-4825-b245-62c1d05b6b3a/oauth2/token?resource=https://api.businesscentral.dynamics.com";
String authUrl = "https://login.windows.net/f761680c-0582-4825-b245-62c1d05b6b3a/oauth2/authorize?resource=https://api.businesscentral.dynamics.com";
String callbackUrl = "https://businesscentral.dynamics.com/";
//String grant_type = "authorization_code";
String encodedValue = getBase64Encoded(clientId, clientSecret);
OAuthClient client = new OAuthClient(new URLConnectionClient());
try {
OAuthClientRequest request =
OAuthClientRequest.tokenLocation(accessTokenUrl)
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setRedirectURI(callbackUrl)
.setScope("Financials.ReadWrite.All user_impersonation")
.setCode(authUrl)
.buildBodyMessage();
request.addHeader("Authorization", "Basic "+ encodedValue);
//OAuthClientRequest.authorizationProvider(OAuthProviderType.MICROSOFT);
OAuthJSONAccessTokenResponse token = client.accessToken(request,OAuth.HttpMethod.POST,OAuthJSONAccessTokenResponse.class);
String finalToken=token.getAccessToken();
System.out.println("Token-->"+finalToken);
} catch (OAuthSystemException e) {
// TODO Auto-generated catch block
System.out.println(e);
//e.printStackTrace();
}
}
public static String getBase64Encoded(String id,String password) {
return Base64.getEncoder().encodeToString((id +":"+ password).getBytes(StandardCharsets.UTF_8));
}
低于错误
Exception in thread "main" OAuthProblemException{error='invalid_grant', description='AADSTS9002313: Invalid request. Request is malformed or invalid.
跟踪 ID:01953507-e109-4aa4-90bd-1ead69ff5a00 相关 ID:9f9da815-f9c5-4a15-bcdb-73810c652cfb 时间戳:2023-07-11 09:48:28Z',uri='https://login.windows.net/error?code=9002313',state='null',scope='null',redirectUri='null ',响应状态=400,参数={}}
我正在尝试这种方法,我可以从java代码传递Microsoft服务凭据,以便当调度程序启动时,应按顺序执行以下操作
我的要求是获取访问令牌而不将服务凭据传递到 Microsoft 登录弹出窗口
使用以下代码使用 Spring-boot 从 Azure AD 获取访问令牌。
@GetMapping(value = "/gettoken")
public static String getToken() throws Exception {
String url = "https://login.microsoftonline.com/<Your_Tenant_ID>/oauth2/token";
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
MultiValueMap<String, String> inputMap = new LinkedMultiValueMap<>();
inputMap.add("grant_type", "client_credentials");
inputMap.add("client_id", "<your_client_id>");
inputMap.add("client_secret", "<your_client_secret>");
inputMap.add("resource", "https://management.core.windows.net/");
HttpEntity<MultiValueMap<String, String>> entity = new HttpEntity<MultiValueMap<String, String>>(inputMap,
headers);
RestTemplate template = new RestTemplate();
ResponseEntity<String> response = template.postForEntity(url, entity, String.class);
JSONObject myjson = new JSONObject(response.getBody());
String data = (String) myjson.get("access_token");
System.out.println(data);
String access_token = data;
return access_token;
}
打开命令提示符,导航到应用程序的根文件夹并运行
mvn clean install
:
使用命令运行应用程序
mvn spring-boot:run
:
在端口 8080 上运行:
回复:
生成代币:
请参阅我的 GitHub 存储库以获取完整代码。
下面是我的方法及其完美的工作
String clientId = "<your client-Id>";
String clientSecret = "<your Client- Secret>";
String accessTokenUrl = "https://login.microsoftonline.com/<Your_Tenant_ID>/oauth2/v2.0/token";
String encodedValue = getBase64Encoded(clientId, clientSecret);
OAuthClient client = new OAuthClient(new URLConnectionClient());
try {
OAuthClientRequest request =
OAuthClientRequest.tokenLocation(accessTokenUrl)
.setGrantType(org.apache.oltu.oauth2.common.message.types.GrantType.CLIENT_CREDENTIALS)
.setScope("https://<YOUR DEFAULT SCOPE>/.default")
.buildBodyMessage();
request.addHeader("Authorization", "Basic "+ encodedValue);
//OAuthClientRequest.authorizationProvider(OAuthProviderType.MICROSOFT);
OAuthJSONAccessTokenResponse token = client.accessToken(request,OAuth.HttpMethod.POST,OAuthJSONAccessTokenResponse.class);
String finalToken=token.getAccessToken();
System.out.println("Token-->"+finalToken);
} catch (OAuthSystemException e) {
System.out.println(e);
//e.printStackTrace();
}
}
public static String getBase64Encoded(String id,String password) {
return Base64.getEncoder().encodeToString((id +":"+ password).getBytes(StandardCharsets.UTF_8));
}
@maveric,我有同样的要求,如下所示 从 Azure AD 获取访问令牌并使用该令牌在 azure 上调用服务从 azure 服务检索数据并更新到数据库中 你能帮我提供这个示例代码的 Github url吗