問(wèn)題描述

我對(duì)這篇文章有類(lèi)似的問(wèn)題:使用 Azure API 應(yīng)用程序進(jìn)行身份驗(yàn)證ADAL 但在我的情況下，我有一個(gè)客戶(hù)，其 Java 客戶(hù)端托管在 JBoss 中，需要訪(fǎng)問(wèn)我的 API.該服務(wù)被保護(hù)為公共(經(jīng)過(guò)身份驗(yàn)證)"，我從瀏覽器訪(fǎng)問(wèn)它沒(méi)有任何問(wèn)題.我知道我可以在 .net 中創(chuàng)建一個(gè) Azure API 應(yīng)用程序客戶(hù)端，但我找不到任何關(guān)于如何從 Java 進(jìn)行身份驗(yàn)證的示例.這目前是否可行，如果可以，是否有人有任何幫助的示例或建議?

I have a similar issue to this post:Authenticate to Azure API App using ADAL but in my case I have a customer with a Java client hosted in JBoss who needs access to my API. The service is secured as 'Public (authenticated)' and I don't have any issues accessing it from a browser. I know that I can create an Azure API App Client in .net but I can't find any samples on how to authenticate from Java. Is this currently possible and if so does anyone have any samples or advice that would help?

推薦答案

我查看了下面的一些文檔，用 Java 制作了一個(gè)示例，用于從經(jīng)過(guò) AAD 身份驗(yàn)證的客戶(hù)端調(diào)用 Azure API 應(yīng)用程序.

I reviewed some documents below to make a sample in Java for calling an Azure API app from client authenticated by AAD.

作為參考:

1. https://azure.microsoft.com/en-us/documentation/articles/app-service-api-authentication-client-flow/
2. https://azure.microsoft.com/en-us/documentation/articles/app-service-api-dotnet-add-authentication/
3. https://azure.microsoft.com/zh-CN/documentation/articles/app-service-authentication-overview/

對(duì)于示例，我在 Eclipse 中創(chuàng)建了一個(gè) maven 項(xiàng)目并使用了 libs adal4j、common-io &httpclient.下面是 pom.xml 文件中的依賴(lài)配置.

For the sample, I created a maven project in Eclipse and used libs adal4j, common-io & httpclient. Here is the dependencies configuration below in pom.xml file.

<dependencies>
    <dependency>
        <groupId>com.microsoft.azure</groupId>
        <artifactId>adal4j</artifactId>
        <version>1.1.2</version>
    </dependency>
    <dependency>
        <groupId>commons-io</groupId>
        <artifactId>commons-io</artifactId>
        <version>2.4</version>
    </dependency>
    <dependency>
        <groupId>org.apache.httpcomponents</groupId>
        <artifactId>httpclient</artifactId>
        <version>4.5.1</version>
    </dependency>
</dependencies>

Public (authenticated)的服務(wù)保護(hù)示例代碼，請(qǐng)注意代碼中的注釋.

The sample code for service secured as Public (authenticated), please pay attention to comments in code.

    String gateway_url = "https://<GatewayHost>.azurewebsites.net/";
    String app_id_uri = gateway_url + "login/aad";
    String authority = "https://login.microsoftonline.com/<aad-domain>.onmicrosoft.com";
    String clientId = "<clientId>";
    String clientSecret = "<key>";
    String url = "https://<ApiAppHost>.azurewebsites.net/...";
/*
 *  Get Access Token from Gateway Login URL with authentication provider name
 *  Note: Please refer to the aad sample in Java for Native Headless at https://github.com/Azure-Samples/active-directory-java-native-headless
 */
HttpsURLConnection conn = (HttpsURLConnection) new URL(app_id_uri).openConnection();
AuthenticationContext context = null;
    AuthenticationResult result = null;
    ExecutorService service = null;
    try {
        service = Executors.newFixedThreadPool(1);
        context = new AuthenticationContext(authority, false, service);
        ClientCredential credential = new ClientCredential(clientId, clientSecret);
        Future<AuthenticationResult> future = context.acquireToken(app_id_uri, credential, null);
        result = future.get();
    } finally {
        service.shutdown();
    }
    String accessToken = null;
    if (result == null) {
        throw new ServiceUnavailableException(
                "authentication result was null");
    } else {
        accessToken = result.getAccessToken();
        System.out.println("Access Token: " +accessToken);
    }
    /*
     * Using access token to get authentication token
     */
    String data = "{"access_token": ""+accessToken+""}";
    conn.setRequestMethod("POST");
    conn.setDoOutput(true);
    conn.addRequestProperty("Content-Length", data.length()+"");
    new DataOutputStream(conn.getOutputStream()).writeBytes(data);
    String authTokenResp = IOUtils.toString(conn.getInputStream());
    System.out.println("Get Authentication Token Response: " + authTokenResp);
    /*
     * The content of Authentication Token Response is as {"user": {"userId": "sid:xxx...xxx"}, "authenticationToken": "xxxx...xxxxx"}.
     * Need to extract the authenticationToken from Json.
     */
    Gson gson = new Gson();
    Map<String, Object> map = gson.fromJson(authTokenResp, Map.class);
    String authenticationToken = (String) map.get("authenticationToken");
    System.out.println("Authentication Token: "+authenticationToken);
    /*
     * Using authentication token as X-ZUMO-AUTH header to get data from Api App
     * Note: Must using Apache Common HttpClient supported HTTP 30x redirection, Class Http(s)URLConnection not support.
     *          There are three times continuous 302 redirection in accessing Api App with zumo token. 
     */
    HttpGet httpGet = new HttpGet(url);
    httpGet.addHeader("x-zumo-auth", authenticationToken);
    CloseableHttpClient httpclient = HttpClients.createDefault();
    HttpResponse resp = httpclient.execute(httpGet);
    String apiAppData = IOUtils.toString(resp.getEntity().getContent());
    System.out.println(apiAppData);

如有任何疑問(wèn)，請(qǐng)隨時(shí)告訴我.

Any concern, please feel free to let me know.

這篇關(guān)于從 Java 向 Azure API 應(yīng)用程序進(jìn)行身份驗(yàn)證的文章就介紹到這了，希望我們推薦的答案對(duì)大家有所幫助，也希望大家多多支持html5模板網(wǎng)！