問題描述

我對這篇文章有類似的問題:使用 Azure API 應用程序進行身份驗證ADAL 但在我的情況下，我有一個客戶，其 Java 客戶端托管在 JBoss 中，需要訪問我的 API.該服務被保護為公共(經過身份驗證)"，我從瀏覽器訪問它沒有任何問題.我知道我可以在 .net 中創建一個 Azure API 應用程序客戶端，但我找不到任何關于如何從 Java 進行身份驗證的示例.這目前是否可行，如果可以，是否有人有任何幫助的示例或建議?

I have a similar issue to this post:Authenticate to Azure API App using ADAL but in my case I have a customer with a Java client hosted in JBoss who needs access to my API. The service is secured as 'Public (authenticated)' and I don't have any issues accessing it from a browser. I know that I can create an Azure API App Client in .net but I can't find any samples on how to authenticate from Java. Is this currently possible and if so does anyone have any samples or advice that would help?

推薦答案

我查看了下面的一些文檔，用 Java 制作了一個示例，用于從經過 AAD 身份驗證的客戶端調用 Azure API 應用程序.

I reviewed some documents below to make a sample in Java for calling an Azure API app from client authenticated by AAD.

作為參考:

1. https://azure.microsoft.com/en-us/documentation/articles/app-service-api-authentication-client-flow/
2. https://azure.microsoft.com/en-us/documentation/articles/app-service-api-dotnet-add-authentication/
3. https://azure.microsoft.com/zh-CN/documentation/articles/app-service-authentication-overview/

對于示例，我在 Eclipse 中創建了一個 maven 項目并使用了 libs adal4j、common-io &httpclient.下面是 pom.xml 文件中的依賴配置.

For the sample, I created a maven project in Eclipse and used libs adal4j, common-io & httpclient. Here is the dependencies configuration below in pom.xml file.

<dependencies>
    <dependency>
        <groupId>com.microsoft.azure</groupId>
        <artifactId>adal4j</artifactId>
        <version>1.1.2</version>
    </dependency>
    <dependency>
        <groupId>commons-io</groupId>
        <artifactId>commons-io</artifactId>
        <version>2.4</version>
    </dependency>
    <dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.5.1</version>
    </dependency>
</dependencies>

Public (authenticated)的服務保護示例代碼，請注意代碼中的注釋.

The sample code for service secured as Public (authenticated), please pay attention to comments in code.

    String gateway_url = "https://<GatewayHost>.azurewebsites.net/";
    String app_id_uri = gateway_url + "login/aad";
    String authority = "https://login.microsoftonline.com/<aad-domain>.onmicrosoft.com";
    String clientId = "<clientId>";
    String clientSecret = "<key>";
    String url = "https://<ApiAppHost>.azurewebsites.net/...";
/*
 *  Get Access Token from Gateway Login URL with authentication provider name
 *  Note: Please refer to the aad sample in Java for Native Headless at https://github.com/Azure-Samples/active-directory-java-native-headless
 */
HttpsURLConnection conn = (HttpsURLConnection) new URL(app_id_uri).openConnection();
AuthenticationContext context = null;
    AuthenticationResult result = null;
    ExecutorService service = null;
    try {
        service = Executors.newFixedThreadPool(1);
        context = new AuthenticationContext(authority, false, service);
        ClientCredential credential = new ClientCredential(clientId, clientSecret);
        Future<AuthenticationResult> future = context.acquireToken(app_id_uri, credential, null);
        result = future.get();
    } finally {
        service.shutdown();
    }
    String accessToken = null;
    if (result == null) {
        throw new ServiceUnavailableException(
                "authentication result was null");
    } else {
        accessToken = result.getAccessToken();
        System.out.println("Access Token: " +accessToken);
    }
    /*
     * Using access token to get authentication token
     */
    String data = "{"access_token": ""+accessToken+""}";
    conn.setRequestMethod("POST");
    conn.setDoOutput(true);
    conn.addRequestProperty("Content-Length", data.length()+"");
    new DataOutputStream(conn.getOutputStream()).writeBytes(data);
    String authTokenResp = IOUtils.toString(conn.getInputStream());
    System.out.println("Get Authentication Token Response: " + authTokenResp);
    /*
     * The content of Authentication Token Response is as {"user": {"userId": "sid:xxx...xxx"}, "authenticationToken": "xxxx...xxxxx"}.
     * Need to extract the authenticationToken from Json.
     */
    Gson gson = new Gson();
    Map<String, Object> map = gson.fromJson(authTokenResp, Map.class);
    String authenticationToken = (String) map.get("authenticationToken");
    System.out.println("Authentication Token: "+authenticationToken);
    /*
     * Using authentication token as X-ZUMO-AUTH header to get data from Api App
     * Note: Must using Apache Common HttpClient supported HTTP 30x redirection, Class Http(s)URLConnection not support.
     *          There are three times continuous 302 redirection in accessing Api App with zumo token. 
     */
    HttpGet httpGet = new HttpGet(url);
    httpGet.addHeader("x-zumo-auth", authenticationToken);
    CloseableHttpClient httpclient = HttpClients.createDefault();
    HttpResponse resp = httpclient.execute(httpGet);
    String apiAppData = IOUtils.toString(resp.getEntity().getContent());
    System.out.println(apiAppData);

如有任何疑問，請隨時告訴我.

Any concern, please feel free to let me know.

這篇關于從 Java 向 Azure API 應用程序進行身份驗證的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！