Package org.pac4j.oidc.client
Class AzureAdClient
- java.lang.Object
-
- org.pac4j.core.util.InitializableObject
-
- org.pac4j.core.client.BaseClient<C>
-
- org.pac4j.core.client.IndirectClient<OidcCredentials>
-
- org.pac4j.oidc.client.OidcClient<AzureAdOidcConfiguration>
-
- org.pac4j.oidc.client.AzureAdClient
-
- All Implemented Interfaces:
Client<OidcCredentials>
public class AzureAdClient extends OidcClient<AzureAdOidcConfiguration>
A specializedOidcClient
for authenticating againt Microsoft Azure AD. Microsoft Azure AD provides authentication for multiple tenants, or, when the tenant is not known prior to authentication, the speciall common-tenant. For a specific tenant, the following discovery URI must be used:https://login.microsoftonline.com/tenantid/.well-known/openid-configuration
orhttps://login.microsoftonline.com/tenantid/v2.0/.well-known/openid-configuration
for Azure AD v2.0. Replacetenantid
with the ID of the tenant to authenticate against. To find this ID, fill in your tenant's domain name. Your tenant ID is the UUID inauthorization_endpoint
. For authentication against an unknown (or dynamic tenant), usecommon
as ID. Authentication against the common endpoint results in a ID token with aissuer
different from theissuer
mentioned in the discovery data. This class uses to special validator to correctly validate the issuer returned by Azure AD. More information at: https://msdn.microsoft.com/en-us/library/azure/dn645541.aspx- Since:
- 1.8.3
- Author:
- Emond Papegaaij
-
-
Field Summary
-
Fields inherited from class org.pac4j.core.client.IndirectClient
ATTEMPTED_AUTHENTICATION_SUFFIX, callbackUrl, callbackUrlResolver, urlResolver
-
Fields inherited from class org.pac4j.core.client.BaseClient
logger
-
-
Constructor Summary
Constructors Constructor Description AzureAdClient()
AzureAdClient(AzureAdOidcConfiguration configuration)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
clientInit()
String
getAccessTokenFromRefreshToken(AzureAdProfile azureAdProfile)
protected CallbackUrlResolver
newDefaultCallbackUrlResolver()
-
Methods inherited from class org.pac4j.oidc.client.OidcClient
getConfiguration, notifySessionRenewal, renewUserProfile, setConfiguration, toString
-
Methods inherited from class org.pac4j.core.client.IndirectClient
computeFinalCallbackUrl, defaultLogoutActionBuilder, defaultRedirectionActionBuilder, getAjaxRequestResolver, getCallbackUrl, getCallbackUrlResolver, getCodeVerifierSessionAttributeName, getCredentials, getLogoutAction, getLogoutActionBuilder, getNonceSessionAttributeName, getRedirectionAction, getRedirectionActionBuilder, getStateSessionAttributeName, getUrlResolver, internalInit, setAjaxRequestResolver, setCallbackUrl, setCallbackUrlResolver, setLogoutActionBuilder, setRedirectionActionBuilder, setUrlResolver
-
Methods inherited from class org.pac4j.core.client.BaseClient
addAuthorizationGenerator, addAuthorizationGenerators, defaultAuthenticator, defaultCredentialsExtractor, defaultProfileCreator, getAuthenticator, getAuthorizationGenerators, getCredentialsExtractor, getCustomProperties, getName, getProfileCreator, getProfileFactoryWhenNotAuthenticated, getUserProfile, retrieveCredentials, retrieveUserProfile, setAuthenticator, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setCredentialsExtractor, setCustomProperties, setName, setProfileCreator, setProfileFactoryWhenNotAuthenticated
-
Methods inherited from class org.pac4j.core.util.InitializableObject
init, isInitialized
-
-
-
-
Constructor Detail
-
AzureAdClient
public AzureAdClient()
-
AzureAdClient
public AzureAdClient(AzureAdOidcConfiguration configuration)
-
-
Method Detail
-
clientInit
protected void clientInit()
- Overrides:
clientInit
in classOidcClient<AzureAdOidcConfiguration>
-
newDefaultCallbackUrlResolver
protected CallbackUrlResolver newDefaultCallbackUrlResolver()
- Overrides:
newDefaultCallbackUrlResolver
in classIndirectClient<OidcCredentials>
-
getAccessTokenFromRefreshToken
public String getAccessTokenFromRefreshToken(AzureAdProfile azureAdProfile)
-
-