AzureADAuthenticator (Apache Hadoop Azure support 3.3.1 API)

java.lang.Object
- org.apache.hadoop.fs.azurebfs.oauth2.AzureADAuthenticator

```
@InterfaceAudience.Private
 @InterfaceStability.Evolving
public final class AzureADAuthenticator
extends Object
```
This class provides convenience methods to obtain AAD tokens. While convenient, it is not necessary to use these methods to obtain the tokens. Customers can use any other method (e.g., using the adal4j client) to obtain tokens.

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`static class`	`AzureADAuthenticator.HttpException` This exception class contains the http error code, requestId and error message, it is thrown when AzureADAuthenticator failed to get the Azure Active Directory token.
`static class`	`AzureADAuthenticator.UnexpectedResponseException` An unexpected HTTP response was raised, such as text coming back from what should be an OAuth endpoint.

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static AzureADToken`	`getTokenFromMsi(String authEndpoint, String tenantGuid, String clientId, String authority, boolean bypassCache)` Gets AAD token from the local virtual machine's VM extension.
`static AzureADToken`	`getTokenUsingClientCreds(String authEndpoint, String clientId, String clientSecret)` gets Azure Active Directory token using the user ID and password of a service principal (that is, Web App in Azure Active Directory).
`static AzureADToken`	`getTokenUsingRefreshToken(String authEndpoint, String clientId, String refreshToken)` Gets Azure Active Directory token using refresh token.
`static void`	`init(AbfsConfiguration abfsConfiguration)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - init
```
public static void init(AbfsConfiguration abfsConfiguration)
```
  - getTokenUsingClientCreds
```
public static AzureADToken getTokenUsingClientCreds(String authEndpoint,
                                                    String clientId,
                                                    String clientSecret)
                                             throws IOException
```
    gets Azure Active Directory token using the user ID and password of a service principal (that is, Web App in Azure Active Directory). Azure Active Directory allows users to set up a web app as a service principal. Users can optionally obtain service principal keys from AAD. This method gets a token using a service principal's client ID and keys. In addition, it needs the token endpoint associated with the user's directory.
    
    Parameters:
    
    authEndpoint - the OAuth 2.0 token endpoint associated with the user's directory (obtain from Active Directory configuration)
    
    clientId - the client ID (GUID) of the client web app btained from Azure Active Directory configuration
    
    clientSecret - the secret key of the client web app
    
    Returns:
    
    AzureADToken obtained using the creds
    
    Throws:
    
    IOException - throws IOException if there is a failure in connecting to Azure AD
  - getTokenFromMsi
```
public static AzureADToken getTokenFromMsi(String authEndpoint,
                                           String tenantGuid,
                                           String clientId,
                                           String authority,
                                           boolean bypassCache)
                                    throws IOException
```
    Gets AAD token from the local virtual machine's VM extension. This only works on an Azure VM with MSI extension enabled.
    
    Parameters:
    
    authEndpoint - the OAuth 2.0 token endpoint associated with the user's directory (obtain from Active Directory configuration)
    
    tenantGuid - (optional) The guid of the AAD tenant. Can be null.
    
    clientId - (optional) The clientId guid of the MSI service principal to use. Can be null.
    
    bypassCache - boolean specifying whether a cached token is acceptable or a fresh token request should me made to AAD
    
    Returns:
    
    AzureADToken obtained using the creds
    
    Throws:
    
    IOException - throws IOException if there is a failure in obtaining the token
  - getTokenUsingRefreshToken
```
public static AzureADToken getTokenUsingRefreshToken(String authEndpoint,
                                                     String clientId,
                                                     String refreshToken)
                                              throws IOException
```
    Gets Azure Active Directory token using refresh token.
    
    Parameters:
    
    authEndpoint - the OAuth 2.0 token endpoint associated with the user's directory (obtain from Active Directory configuration)
    
    clientId - the client ID (GUID) of the client web app obtained from Azure Active Directory configuration
    
    refreshToken - the refresh token
    
    Returns:
    
    AzureADToken obtained using the refresh token
    
    Throws:
    
    IOException - throws IOException if there is a failure in connecting to Azure AD

Class AzureADAuthenticator

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

init

getTokenUsingClientCreds

getTokenFromMsi

getTokenUsingRefreshToken