问题描述
我正在处理一个在 Java 1.6 上运行的 Java 和 JSP 遗留项目。我需要集成一种基于 Azure Active Directory 的新身份验证方法。其他类似项目中使用过的库是adal4j
。遗憾的是,这个项目太老了,它运行的是 Java 1.6,遗憾的是它不能轻易地移植到 Java 7 中。
我正在尝试寻找一个替代库来用于对用户进行身份验证并获取令牌。我找到了 azure-identity
,但它需要 Java 7(实际上是几年前的 Java 8)。
对我可以使用的东西有什么建议吗?
最好的问候
解决方法
遗憾的是,第一方库没有太多选择。您会被弃用的 adal4j
卡住(在维护模式下,将不再获得新的功能改进)。推荐的是 msal4j
,它需要最低 Java 8。
您所指的 azure-identity
是为特定目的而构建的。这提供了跨 Azure SDK 的 Azure Active Directory 令牌身份验证支持。它提供了一组 TokenCredential 实现,可用于构建支持 AAD 令牌身份验证的 Azure SDK 客户端。但无论如何,这也需要 Java 8+。
最后,我按照此处的指南向 Azure POST 请求并获取身份验证令牌,并在 Java 中创建了一个简单的类来发出此请求。
这是验证代码
package mypackage.auth;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.Reader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.LinkedHashMap;
import java.util.Map;
import org.json.JSONException;
import org.json.JSONObject;
public class Auth {
private String authority;
private String resource;
private AuthCredentials credentials;
// **** CONSTRUCTORS ****
public Auth() {
this.authority = null;
this.credentials = new AuthCredentials();
this.resource = null;
}
public Auth(String authority,String clientID,String secret,String resource) {
this.authority = authority;
this.credentials = new Auth(clientID,secret);
this.resource = resource;
}
public Auth(String authority,AuthCredentials credentials,String resource) {
this.authority = authority;
this.credentials = credentials;
this.resource = resource;
}
// **** METHODS ****
public JSONObject authenticate() throws IOException {
Map<String,Object> params = getRequestParams();
byte[] body = buildRequest(params);
JSONObject response = post(body);
return response;
}
// Request Parameters for Microsoft AD Authentication
private Map<String,Object> getRequestParams () {
Map<String,Object> params = new LinkedHashMap<String,Object>();
params.put("client_id",credentials.getClientId());
params.put("scope",resource + "/.default");
params.put("resource",resource);
params.put("client_secret",credentials.getSecret());
params.put("grant_type","client_credentials");
return params;
}
// HTTP Post to Microsoft AD auth API
private JSONObject post(byte[] body) throws IOException {
URL url = new URL(authority);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("POST");
conn.setRequestProperty("Content-Type","application/x-www-form-urlencoded");
conn.setRequestProperty("Content-Length",String.valueOf(body.length));
conn.setDoOutput(true);
conn.getOutputStream().write(body);
Reader in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
StringBuilder sb = new StringBuilder();
for (int c; (c = in.read()) >= 0;)
sb.append((char)c);
String response = sb.toString();
JSONObject json = stringToJSON(response);
return json;
}
// Request builder,builds url encoded request based on the params map
private byte[] buildRequest(Map<String,Object> params) throws UnsupportedEncodingException {
StringBuilder postData = new StringBuilder();
for (Map.Entry<String,Object> param : params.entrySet()) {
if (postData.length() != 0) postData.append('&');
postData.append(URLEncoder.encode(param.getKey(),"UTF-8"));
postData.append('=');
postData.append(URLEncoder.encode(String.valueOf(param.getValue()),"UTF-8"));
}
byte[] postDataBytes = postData.toString().getBytes("UTF-8");
return postDataBytes;
}
private JSONObject stringToJSON (String string) throws JSONException {
JSONObject jsonObject = new JSONObject(string);
return jsonObject;
}
// **** GETTERS SETTERS ****
public String getAuthority() {
return authority;
}
public void setAuthority(String authority) {
this.authority = authority;
}
public String getClientID() {
return credentials.getClientId();
}
public void setClientID(String clientID) {
this.credentials.setClientId(clientID);
}
public String getSecret() {
return credentials.getSecret();
}
public void setSecret(String secret) {
this.credentials.setSecret(secret);
}
public AuthCredentials getCredentials() {
return credentials;
}
public void setCredentials(AuthCredentials credentials) {
this.credentials = credentials;
}
}
在我的 API 客户端上,我得到这样的身份验证令牌:
public String authenticateClient() throws IOException {
JSONObject response = auth.authenticate();
this.token = response.get("access_token").toString();
return this.token;
}