com.microsoft.azure.spring.autoconfigure.aad

Class UserPrincipalManager

java.lang.Object

com.microsoft.azure.spring.autoconfigure.aad.UserPrincipalManager

public class UserPrincipalManager
extends Object

A user principal manager to load user info from JWT.

Constructor Summary

Constructors

Constructor and Description
UserPrincipalManager(com.nimbusds.jose.jwk.source.JWKSource<com.nimbusds.jose.proc.SecurityContext> keySource) ø Creates a new UserPrincipalManager with a predefined JWKSource.
UserPrincipalManager(ServiceEndpointsProperties serviceEndpointsProps, AADAuthenticationProperties aadAuthProps, com.nimbusds.jose.util.ResourceRetriever resourceRetriever, boolean explicitAudienceCheck) Create a new UserPrincipalManager based of the ServiceEndpoints.getAadKeyDiscoveryUri() and AADAuthenticationProperties.getEnvironment().
UserPrincipalManager(ServiceEndpointsProperties serviceEndpointsProps, AADAuthenticationProperties aadAuthProps, com.nimbusds.jose.util.ResourceRetriever resourceRetriever, boolean explicitAudienceCheck, com.nimbusds.jose.jwk.source.JWKSetCache jwkSetCache) Create a new UserPrincipalManager based of the ServiceEndpoints.getAadKeyDiscoveryUri() and AADAuthenticationProperties.getEnvironment().

Method Summary

Modifier and Type	Method and Description
UserPrincipal	buildUserPrincipal(String idToken)
boolean	isTokenIssuedByAAD(String token)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

UserPrincipalManager

public UserPrincipalManager(com.nimbusds.jose.jwk.source.JWKSource<com.nimbusds.jose.proc.SecurityContext> keySource)

ø Creates a new UserPrincipalManager with a predefined JWKSource.

This is helpful in cases the JWK is not a remote JWKSet or for unit testing.

Parameters:

keySource - - JWKSource containing at least one key

UserPrincipalManager

public UserPrincipalManager(ServiceEndpointsProperties serviceEndpointsProps,
                            AADAuthenticationProperties aadAuthProps,
                            com.nimbusds.jose.util.ResourceRetriever resourceRetriever,
                            boolean explicitAudienceCheck)

Create a new UserPrincipalManager based of the ServiceEndpoints.getAadKeyDiscoveryUri() and AADAuthenticationProperties.getEnvironment().

Parameters:

serviceEndpointsProps - - used to retrieve the JWKS URL

aadAuthProps - - used to retrieve the environment.

resourceRetriever - - configures the RemoteJWKSet call.

explicitAudienceCheck - - explicit audience check

UserPrincipalManager

public UserPrincipalManager(ServiceEndpointsProperties serviceEndpointsProps,
                            AADAuthenticationProperties aadAuthProps,
                            com.nimbusds.jose.util.ResourceRetriever resourceRetriever,
                            boolean explicitAudienceCheck,
                            com.nimbusds.jose.jwk.source.JWKSetCache jwkSetCache)

Create a new UserPrincipalManager based of the ServiceEndpoints.getAadKeyDiscoveryUri() and AADAuthenticationProperties.getEnvironment().

Parameters:

serviceEndpointsProps - - used to retrieve the JWKS URL

aadAuthProps - - used to retrieve the environment.

resourceRetriever - - configures the RemoteJWKSet call.

jwkSetCache - - used to cache the JWK set for a finite time, default set to 5 minutes which matches constructor above if no jwkSetCache is passed in

explicitAudienceCheck - - explicit audience check

Method Detail

buildUserPrincipal

public UserPrincipal buildUserPrincipal(String idToken)
                                 throws ParseException,
                                        com.nimbusds.jose.JOSEException,
                                        com.nimbusds.jose.proc.BadJOSEException

Throws:

ParseException

com.nimbusds.jose.JOSEException

com.nimbusds.jose.proc.BadJOSEException

isTokenIssuedByAAD

public boolean isTokenIssuedByAAD(String token)