我在controller中使用下面的代码。我使用春天的云,下面是我的代码在门户网站控制器
@RequestMapping(method = RequestMethod.GET, value = "/")
@ResponseBody
public void auth(HttpServletRequest request, HttpServletResponse response) throws Exception {
LOG.info("In loop1");
String urlCurrent = request.getRequestURL().toString();
URL url = new URL(urlCurrent);
String urlString = AUTHORISATION_URL + "?response_type=code&client_id=" + CLIENT_ID + "&redirect_uri="
+ REDIRECT_URL;
String query = url.getQuery();
String code = request.getParameter("code");
String sessionState = request.getParameter("session_state");
LOG.info("Values :: query::" + query + " code " + code + "=" + code + " sessionState::" + sessionState);
if (code == null) {
response.sendRedirect(response.encodeRedirectURL(urlString));
} else if (code != null && sessionState != null) {
LOG.info("session ID in method 1: " + request.getSession().getId());
urlRedirectionAfterAuthentication(code, request, response);
} else {
response.sendRedirect(response.encodeRedirectURL(urlString));
}
}
@ResponseBody
public void urlRedirectionAfterAuthentication(String code, HttpServletRequest request, HttpServletResponse response)
throws Exception {
LOG.info("In Redirection Method");
HttpSession session = request.getSession();
session.setAttribute("authorisationCode", code);
ADUser aduser = getAccessTokenAndUserInfo(request);
LOG.info("session ID in method 2: " + request.getSession().getId());
response.sendRedirect(REDIRECT_URL + "/index.html?lastName=" + aduser.getLastName() + "&firstName="
+ aduser.getFirstName() + "&emailId=" + aduser.getEmailId());
//AsymmetricKeyCredential credential =
}
@RequestMapping(value = "getAccessTokenAndUserInfo", method = RequestMethod.GET)
public ADUser getAccessTokenAndUserInfo(HttpServletRequest request) {
LOG.info("Get Access Token");
ExecutorService service = Executors.newFixedThreadPool(1);
AuthenticationContext context = null;
HttpSession session = request.getSession();
LOG.info("session ID in method 3: " + request.getSession().getId());
// String code = session.getAttribute("authorisationCode").toString();
ADUser adUser = new ADUser();
try {
context = new AuthenticationContext(AUTHORITY, false, service);
} catch (MalformedURLException e) {
LOG.error("Malformed URL: ", e);
}
ClientCredential credential = new ClientCredential(CLIENT_ID, CLIENT_SECRET);
Future<AuthenticationResult> authResultFuture = null;
try {
/* authResultFuture = context.acquireTokenByAuthorizationCode(
session.getAttribute("authorisationCode").toString(), new URI(REDIRECT_URL), credential, RESOURCE,
null);*/
authResultFuture = context.acquireToken(
new URI(REDIRECT_URL), credential, RESOURCE,
null);
} catch (URISyntaxException e) {
LOG.error("URISyntaxException: ", e);
}
String userEmail = null;
try {
LOG.info("Access token: " + authResultFuture.get().getAccessToken());
LOG.info("Expiry Time: " + authResultFuture.get().getExpiresAfter());
LOG.info("Refresh Time: " + authResultFuture.get().getRefreshToken());
LOG.info("User Info Display ID: " + authResultFuture.get().getUserInfo().getDisplayableId());
LOG.info("User Info Family ID: " + authResultFuture.get().getUserInfo().getFamilyName());
LOG.info("User Info Given Name: " + authResultFuture.get().getUserInfo().getGivenName());
LOG.info("Getting user info");
userEmail = authResultFuture.get().getUserInfo().getDisplayableId();
LOG.info("User email: " + userEmail);
adUser.setAccessToken(authResultFuture.get().getAccessToken());
adUser.setAuthorisationCode(session.getAttribute("authorisationCode").toString());
adUser.setEmailId(authResultFuture.get().getUserInfo().getDisplayableId());
adUser.setFirstName(authResultFuture.get().getUserInfo().getGivenName());
adUser.setLastName(authResultFuture.get().getUserInfo().getFamilyName());
adUser.setRefreshToken(authResultFuture.get().getRefreshToken());
adUser.setTimeToLive(String.valueOf(authResultFuture.get().getExpiresAfter()));
return adUser;
} catch (InterruptedException | ExecutionException e) {
LOG.error("ExecutionException: ", e);
return null;
}
}
In the method urlRedirection, if i do not use index.html, the loop is infinite:
response.sendRedirect(REDIRECT_URL + "/index.html?lastName=" + aduser.getLastName() + "&firstName="
+ aduser.getFirstName() + "&emailId=" + aduser.getEmailId()
但是当我登录到应用程序与/index.html AD让我在没有身份验证。我在maven中使用以下依赖项:
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>adal4j</artifactId>
</dependency>
ADAL是一个库,它帮助您获得用于调用web服务的令牌。就是这样。它实际上不会帮助你将用户登录到web应用程序(即建立会话),保护你的web应用程序或保护web服务。
在这一点上,我能给你最好的建议是找到一个开源的OpenID连接或OAuth spring库/中间件,并使用它连接到Azure AD。