public class AzureADGraphClient extends Object
| Modifier and Type | Field and Description |
|---|---|
private static String |
AAD_GRAPH_API_SCOPE |
private AADAuthenticationProperties |
aadAuthenticationProperties |
private boolean |
aadMicrosoftGraphApiBool |
private String |
clientId |
private String |
clientSecret |
private static org.springframework.security.core.authority.SimpleGrantedAuthority |
DEFAULT_AUTHORITY |
private static String |
DEFAULT_ROLE_PREFIX |
private static String |
MICROSOFT_GRAPH_SCOPE |
private ServiceEndpoints |
serviceEndpoints |
private static String |
V2_VERSION_ENV_FLAG |
| Constructor and Description |
|---|
AzureADGraphClient(String clientId,
String clientSecret,
AADAuthenticationProperties aadAuthProps,
ServiceEndpointsProperties serviceEndpointsProps) |
| Modifier and Type | Method and Description |
|---|---|
com.microsoft.aad.msal4j.IAuthenticationResult |
acquireTokenForGraphApi(String idToken,
String tenantId) |
Set<org.springframework.security.core.GrantedAuthority> |
convertGroupsToGrantedAuthorities(List<UserGroup> groups)
Converts UserGroup list to Set of GrantedAuthorities
|
Set<org.springframework.security.core.GrantedAuthority> |
getGrantedAuthorities(String graphApiToken) |
List<UserGroup> |
getGroups(String graphApiToken) |
private static String |
getResponseStringFromConn(HttpURLConnection conn) |
private String |
getUserMembershipsV1(String accessToken) |
private void |
initAADMicrosoftGraphApiBool(String endpointEnv) |
private boolean |
isMatchingUserGroupKey(com.fasterxml.jackson.databind.JsonNode node)
Checks that the JSON Node is a valid User Group to extract User Groups from
|
private boolean |
isValidUserGroupToGrantAuthority(UserGroup group)
Determines if this is a valid
UserGroup to build to a GrantedAuthority. |
private List<UserGroup> |
loadUserGroups(String graphApiToken) |
private static final org.springframework.security.core.authority.SimpleGrantedAuthority DEFAULT_AUTHORITY
private static final String DEFAULT_ROLE_PREFIX
private static final String MICROSOFT_GRAPH_SCOPE
private static final String AAD_GRAPH_API_SCOPE
private final String clientId
private final String clientSecret
private final ServiceEndpoints serviceEndpoints
private final AADAuthenticationProperties aadAuthenticationProperties
private static final String V2_VERSION_ENV_FLAG
private boolean aadMicrosoftGraphApiBool
public AzureADGraphClient(String clientId, String clientSecret, AADAuthenticationProperties aadAuthProps, ServiceEndpointsProperties serviceEndpointsProps)
private void initAADMicrosoftGraphApiBool(String endpointEnv)
private String getUserMembershipsV1(String accessToken) throws IOException
IOExceptionprivate static String getResponseStringFromConn(HttpURLConnection conn) throws IOException
IOExceptionpublic List<UserGroup> getGroups(String graphApiToken) throws IOException
IOExceptionprivate List<UserGroup> loadUserGroups(String graphApiToken) throws IOException
IOExceptionprivate boolean isMatchingUserGroupKey(com.fasterxml.jackson.databind.JsonNode node)
node - - json node to look for a key/value to equate against the
AADAuthenticationProperties.UserGroupPropertiespublic Set<org.springframework.security.core.GrantedAuthority> getGrantedAuthorities(String graphApiToken) throws IOException
IOExceptionpublic Set<org.springframework.security.core.GrantedAuthority> convertGroupsToGrantedAuthorities(List<UserGroup> groups)
groups - private boolean isValidUserGroupToGrantAuthority(UserGroup group)
UserGroup to build to a GrantedAuthority.
If the AADAuthenticationProperties.UserGroupProperties#getAllowedGroups() or the AADAuthenticationProperties.getActiveDirectoryGroups() contains the UserGroup.getDisplayName() return
true.
group - - User Group to check if valid to grant an authority to.public com.microsoft.aad.msal4j.IAuthenticationResult acquireTokenForGraphApi(String idToken, String tenantId) throws ServiceUnavailableException
ServiceUnavailableExceptionCopyright © 2020 Microsoft. All rights reserved.