public class UserPrincipalManager extends Object
| Constructor and Description |
|---|
UserPrincipalManager(AADAuthorizationServerEndpoints endpoints,
AADAuthenticationProperties aadAuthenticationProperties,
com.nimbusds.jose.util.ResourceRetriever resourceRetriever,
boolean explicitAudienceCheck)
Create a new
UserPrincipalManager based of the
AADAuthorizationServerEndpoints.jwkSetEndpoint() |
UserPrincipalManager(AADAuthorizationServerEndpoints endpoints,
AADAuthenticationProperties aadAuthenticationProperties,
com.nimbusds.jose.util.ResourceRetriever resourceRetriever,
boolean explicitAudienceCheck,
com.nimbusds.jose.jwk.source.JWKSetCache jwkSetCache)
Create a new
UserPrincipalManager based of the
AADAuthorizationServerEndpoints.jwkSetEndpoint()
()} |
UserPrincipalManager(com.nimbusds.jose.jwk.source.JWKSource<com.nimbusds.jose.proc.SecurityContext> keySource)
ø Creates a new
UserPrincipalManager with a predefined JWKSource. |
| Modifier and Type | Method and Description |
|---|---|
UserPrincipal |
buildUserPrincipal(String aadIssuedBearerToken)
Parse the id token to
UserPrincipal. |
boolean |
isTokenIssuedByAAD(String token) |
public UserPrincipalManager(com.nimbusds.jose.jwk.source.JWKSource<com.nimbusds.jose.proc.SecurityContext> keySource)
UserPrincipalManager with a predefined JWKSource.
This is helpful in cases the JWK is not a remote JWKSet or for unit testing.
keySource - - JWKSource containing at least one keypublic UserPrincipalManager(AADAuthorizationServerEndpoints endpoints, AADAuthenticationProperties aadAuthenticationProperties, com.nimbusds.jose.util.ResourceRetriever resourceRetriever, boolean explicitAudienceCheck)
UserPrincipalManager based of the
AADAuthorizationServerEndpoints.jwkSetEndpoint()endpoints - - used to retrieve the JWKS URLaadAuthenticationProperties - - used to retrieve the environment.resourceRetriever - - configures the RemoteJWKSet call.explicitAudienceCheck - Whether explicitly check the audience.IllegalArgumentException - If AAD key discovery URI is malformed.public UserPrincipalManager(AADAuthorizationServerEndpoints endpoints, AADAuthenticationProperties aadAuthenticationProperties, com.nimbusds.jose.util.ResourceRetriever resourceRetriever, boolean explicitAudienceCheck, com.nimbusds.jose.jwk.source.JWKSetCache jwkSetCache)
UserPrincipalManager based of the
AADAuthorizationServerEndpoints.jwkSetEndpoint()
()}endpoints - - used to retrieve the JWKS URLaadAuthenticationProperties - - used to retrieve the environment.resourceRetriever - - configures the RemoteJWKSet call.jwkSetCache - - used to cache the JWK set for a finite time, default set to 5 minutes which matches
constructor above if no jwkSetCache is passed inexplicitAudienceCheck - Whether explicitly check the audience.IllegalArgumentException - If AAD key discovery URI is malformed.public UserPrincipal buildUserPrincipal(String aadIssuedBearerToken) throws ParseException, com.nimbusds.jose.JOSEException, com.nimbusds.jose.proc.BadJOSEException
UserPrincipal.aadIssuedBearerToken - The token issued by AAD.UserPrincipal.ParseException - If the token couldn't be parsed to a valid JWS object.com.nimbusds.jose.JOSEException - If an internal processing exception is encountered.com.nimbusds.jose.proc.BadJOSEException - If the JWT is rejected.public boolean isTokenIssuedByAAD(String token)
Copyright © 2021 Microsoft Corporation. All rights reserved.