使用 Java Springboot 从 AZURE AD 获取访问令牌

问题描述 投票:0回答:3

我尝试从 AZURE AD 获取访问令牌,但收到以下代码的错误。 我的要求是获取访问令牌而不将服务凭据传递给 Microsoft 登录弹出窗口。我需要从我的代码传递服务凭据。 我有以下服务详细信息

  1. 客户端ID:clientid-abcd-bcda-xxxx-bbbbc-bbbbsjhk

  2. 客户端秘密:客户端秘密-xxxx-bgdj-jbkjg-dddff

  3. callbackurl:https://somecalbackurl.to.access.receive.an.authorization.code

  4. accesstokenUlr:https://一些 AccessToken Url Url

  5. AuthUrl:https://somAuthUrl

  6. 服务账户用户名和密码

    public static void main(String[] args) throws OAuthProblemException {       

    // TODO Auto-generated method stub

    String clientId = "c64a70a8-7794-44a6-a9b8-4f44f09e17ee";
    String clientSecret = "-DW8Q~JwYM611PR7EchiCU~HKLLqjv1ogLHvAc8O";
    String accessTokenUrl = "https://login.windows.net/f761680c-0582-4825-b245-62c1d05b6b3a/oauth2/token?resource=https://api.businesscentral.dynamics.com";
    String authUrl = "https://login.windows.net/f761680c-0582-4825-b245-62c1d05b6b3a/oauth2/authorize?resource=https://api.businesscentral.dynamics.com";
    String callbackUrl = "https://businesscentral.dynamics.com/";
    //String grant_type = "authorization_code";

    String encodedValue = getBase64Encoded(clientId, clientSecret);

    OAuthClient client = new OAuthClient(new URLConnectionClient());
    try {
        OAuthClientRequest request = 
               OAuthClientRequest.tokenLocation(accessTokenUrl)
               .setGrantType(GrantType.AUTHORIZATION_CODE)                 
               .setRedirectURI(callbackUrl) 
               .setScope("Financials.ReadWrite.All user_impersonation")
               .setCode(authUrl)
               .buildBodyMessage();

        request.addHeader("Authorization", "Basic "+ encodedValue);
        //OAuthClientRequest.authorizationProvider(OAuthProviderType.MICROSOFT);

        OAuthJSONAccessTokenResponse token = client.accessToken(request,OAuth.HttpMethod.POST,OAuthJSONAccessTokenResponse.class);
        String finalToken=token.getAccessToken();

     System.out.println("Token-->"+finalToken);

    } catch (OAuthSystemException e) {
        // TODO Auto-generated catch block

        System.out.println(e);
        //e.printStackTrace();
    }


}
public static String getBase64Encoded(String id,String password) {
     return Base64.getEncoder().encodeToString((id +":"+ password).getBytes(StandardCharsets.UTF_8));
}

低于错误

Exception in thread "main" OAuthProblemException{error='invalid_grant', description='AADSTS9002313: Invalid request. Request is malformed or invalid.

跟踪 ID:01953507-e109-4aa4-90bd-1ead69ff5a00 相关 ID:9f9da815-f9c5-4a15-bcdb-73810c652cfb 时间戳:2023-07-11 09:48:28Z',uri='https://login.windows.net/error?code=9002313',state='null',scope='null',redirectUri='null ',响应状态=400,参数={}}

我正在尝试这种方法,我可以从java代码传递Microsoft服务凭据,以便当调度程序启动时,应按顺序执行以下操作

  1. 获取访问令牌
  2. 使用该令牌在 azure 上调用服务
  3. 从azure服务检索数据并更新到数据库
spring-boot azure java-8 azure-active-directory
3个回答
0
投票

我的要求是获取访问令牌而不将服务凭据传递到 Microsoft 登录弹出窗口

使用以下代码使用 Spring-boot 从 Azure AD 获取访问令牌。

@GetMapping(value = "/gettoken")
public static String getToken() throws Exception {
        String url = "https://login.microsoftonline.com/<Your_Tenant_ID>/oauth2/token";
        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);

        MultiValueMap<String, String> inputMap = new LinkedMultiValueMap<>();

        inputMap.add("grant_type", "client_credentials");
        inputMap.add("client_id", "<your_client_id>");
        inputMap.add("client_secret", "<your_client_secret>");
        inputMap.add("resource", "https://management.core.windows.net/");
        HttpEntity<MultiValueMap<String, String>> entity = new HttpEntity<MultiValueMap<String, String>>(inputMap,
                headers);
        RestTemplate template = new RestTemplate();
        ResponseEntity<String> response = template.postForEntity(url, entity, String.class);
        JSONObject myjson = new JSONObject(response.getBody());
        String data = (String) myjson.get("access_token");
        System.out.println(data);
        String access_token = data;
        return access_token;

    }

打开命令提示符,导航到应用程序的根文件夹并运行 

mvn clean install
:

enter image description here

使用命令运行应用程序 

mvn spring-boot:run
:

enter image description here

在端口 8080 上运行:

enter image description here

回复:

生成代币:

enter image description here

enter image description here

请参阅我的 GitHub 存储库以获取完整代码。

0
投票

下面是我的方法及其完美的工作

String clientId = "<your client-Id>";
String clientSecret = "<your Client- Secret>";
String accessTokenUrl = "https://login.microsoftonline.com/<Your_Tenant_ID>/oauth2/v2.0/token";

String encodedValue = getBase64Encoded(clientId, clientSecret);
OAuthClient client = new OAuthClient(new URLConnectionClient());
    try {
        OAuthClientRequest request = 
               OAuthClientRequest.tokenLocation(accessTokenUrl)                
               .setGrantType(org.apache.oltu.oauth2.common.message.types.GrantType.CLIENT_CREDENTIALS)                 
               .setScope("https://<YOUR DEFAULT SCOPE>/.default")                  
               .buildBodyMessage();         
        request.addHeader("Authorization", "Basic "+ encodedValue);
        //OAuthClientRequest.authorizationProvider(OAuthProviderType.MICROSOFT);
        
        OAuthJSONAccessTokenResponse token = client.accessToken(request,OAuth.HttpMethod.POST,OAuthJSONAccessTokenResponse.class);
        String finalToken=token.getAccessToken();
        
     System.out.println("Token-->"+finalToken);
     
    } catch (OAuthSystemException e) {
        
        
        System.out.println(e);
        //e.printStackTrace();
    }
    
   
}
public static String getBase64Encoded(String id,String password) {
     return Base64.getEncoder().encodeToString((id +":"+ password).getBytes(StandardCharsets.UTF_8));
}
0
投票

@maveric,我有同样的要求,如下所示 从 Azure AD 获取访问令牌并使用该令牌在 azure 上调用服务从 azure 服务检索数据并更新到数据库中 你能帮我提供这个示例代码的 Github url吗

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.