com.microsoft.aad.msal4j

Class ConfidentialClientApplication

java.lang.Object

com.microsoft.aad.msal4j.ConfidentialClientApplication

All Implemented Interfaces:

IClientApplicationBase, IConfidentialClientApplication

public class ConfidentialClientApplication
extends Object
implements IConfidentialClientApplication

Class to be used to acquire tokens for confidential client applications (Web Apps, Web APIs, and daemon applications).

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	ConfidentialClientApplication.Builder

Field Summary

Fields

Modifier and Type	Field and Description
protected com.microsoft.aad.msal4j.Authority	authenticationAuthority
protected com.nimbusds.oauth2.sdk.auth.ClientAuthentication	clientAuthentication
protected org.slf4j.Logger	log
protected TokenCache	tokenCache

Fields inherited from interface com.microsoft.aad.msal4j.IClientApplicationBase

DEFAULT_AUTHORITY

Method Summary

Modifier and Type	Method and Description
CompletableFuture<IAuthenticationResult>	acquireToken(AuthorizationCodeParameters parameters) Acquires security token from the authority using an authorization code previously received.
CompletableFuture<IAuthenticationResult>	acquireToken(ClientCredentialParameters parameters) Acquires tokens from the authority configured in the application, for the confidential client itself
CompletableFuture<IAuthenticationResult>	acquireToken(OnBehalfOfParameters parameters) Acquires an access token for this application (usually a Web API) from the authority configured in the application, in order to access another downstream protected Web API on behalf of a user using the On-Behalf-Of flow.
CompletableFuture<IAuthenticationResult>	acquireToken(RefreshTokenParameters parameters) Acquires a security token from the authority using a refresh token previously received.
CompletableFuture<IAuthenticationResult>	acquireTokenSilently(SilentParameters parameters) Returns tokens from cache if present and not expired or acquires new tokens from the authority by using the refresh token present in cache.
String	authority()
static ConfidentialClientApplication.Builder	builder(String clientId, IClientCredential clientCredential) Creates instance of Builder of ConfidentialClientApplication
protected static String	canonicalizeUrl(String authority)
String	clientId()
String	correlationId()
CompletableFuture<Set<IAccount>>	getAccounts() Returns accounts in the cache
boolean	logPii()
Proxy	proxy()
CompletableFuture	removeAccount(IAccount account) Removes IAccount from the cache
SSLSocketFactory	sslSocketFactory()
Consumer<List<HashMap<String,String>>>	telemetryConsumer()
TokenCache	tokenCache()
boolean	validateAuthority()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.microsoft.aad.msal4j.IClientApplicationBase

acquireToken, acquireToken, acquireTokenSilently, authority, clientId, correlationId, getAccounts, logPii, proxy, removeAccount, sslSocketFactory, telemetryConsumer, tokenCache, validateAuthority

Field Detail

log

protected org.slf4j.Logger log

clientAuthentication

protected com.nimbusds.oauth2.sdk.auth.ClientAuthentication clientAuthentication

authenticationAuthority

protected com.microsoft.aad.msal4j.Authority authenticationAuthority

tokenCache

protected TokenCache tokenCache

Method Detail

acquireToken

public CompletableFuture<IAuthenticationResult> acquireToken(ClientCredentialParameters parameters)

Description copied from interface: IConfidentialClientApplication

Acquires tokens from the authority configured in the application, for the confidential client itself

Specified by:

acquireToken in interface IConfidentialClientApplication

Parameters:

parameters - instance of ClientCredentialParameters

Returns:

CompletableFuture containing an IAuthenticationResult

acquireToken

public CompletableFuture<IAuthenticationResult> acquireToken(OnBehalfOfParameters parameters)

Description copied from interface: IConfidentialClientApplication

Acquires an access token for this application (usually a Web API) from the authority configured in the application, in order to access another downstream protected Web API on behalf of a user using the On-Behalf-Of flow. This confidential client application was itself called with a token which will be provided in the UserAssertion to the OnBehalfOfParameters

Specified by:

acquireToken in interface IConfidentialClientApplication

Parameters:

parameters - instance of OnBehalfOfParameters

Returns:

CompletableFuture containing an IAuthenticationResult

builder

public static ConfidentialClientApplication.Builder builder(String clientId,
                                                            IClientCredential clientCredential)

Creates instance of Builder of ConfidentialClientApplication

Parameters:

clientId - Client ID (Application ID) of the application as registered in the application registration portal (portal.azure.com)

clientCredential - The client credential to use for token acquisition.

Returns:

instance of Builder of ConfidentialClientApplication

proxy

public Proxy proxy()

Specified by:

proxy in interface IClientApplicationBase

Returns:

proxy used by the application for all network communication.

sslSocketFactory

public SSLSocketFactory sslSocketFactory()

Specified by:

sslSocketFactory in interface IClientApplicationBase

Returns:

SSLSocketFactory used by the application for all network communication.

acquireToken

public CompletableFuture<IAuthenticationResult> acquireToken(AuthorizationCodeParameters parameters)

Description copied from interface: IClientApplicationBase

Acquires security token from the authority using an authorization code previously received.

Specified by:

acquireToken in interface IClientApplicationBase

Parameters:

parameters - AuthorizationCodeParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

acquireToken

public CompletableFuture<IAuthenticationResult> acquireToken(RefreshTokenParameters parameters)

Description copied from interface: IClientApplicationBase

Acquires a security token from the authority using a refresh token previously received. Can be used in migration to MSAL from ADAL, and in various integration scenarios where you have a refresh token available.

Specified by:

acquireToken in interface IClientApplicationBase

Parameters:

parameters - RefreshTokenParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

acquireTokenSilently

public CompletableFuture<IAuthenticationResult> acquireTokenSilently(SilentParameters parameters)
                                                              throws MalformedURLException

Description copied from interface: IClientApplicationBase

Returns tokens from cache if present and not expired or acquires new tokens from the authority by using the refresh token present in cache.

Specified by:

acquireTokenSilently in interface IClientApplicationBase

Parameters:

parameters - instance of SilentParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

Throws:

MalformedURLException - if authorityUrl from parameters is malformed URL

getAccounts

public CompletableFuture<Set<IAccount>> getAccounts()

Description copied from interface: IClientApplicationBase

Returns accounts in the cache

Specified by:

getAccounts in interface IClientApplicationBase

Returns:

set of unique accounts from cache which can be used for silent acquire token call

removeAccount

public CompletableFuture removeAccount(IAccount account)

Description copied from interface: IClientApplicationBase

Removes IAccount from the cache

Specified by:

removeAccount in interface IClientApplicationBase

Parameters:

account - instance of Account to be removed from cache

Returns:

CompletableFuture object representing account removal task.

canonicalizeUrl

protected static String canonicalizeUrl(String authority)

clientId

public String clientId()

Specified by:

clientId in interface IClientApplicationBase

Returns:

Client ID (Application ID) of the application as registered in the application registration portal (portal.azure.com) and as passed in the constructor of the application

authority

public String authority()

Specified by:

authority in interface IClientApplicationBase

Returns:

URL of the authority, or security token service (STS) from which MSAL will acquire security tokens. Default value is IClientApplicationBase.DEFAULT_AUTHORITY

validateAuthority

public boolean validateAuthority()

Specified by:

validateAuthority in interface IClientApplicationBase

Returns:

a boolean value which determines whether the authority needs to be verified against a list of known authorities.

correlationId

public String correlationId()

Specified by:

correlationId in interface IClientApplicationBase

Returns:

Correlation Id which is used for diagnostics purposes, is attached to token service requests Default value is random UUID

logPii

public boolean logPii()

Specified by:

logPii in interface IClientApplicationBase

Returns:

a boolean value which determines whether Pii (personally identifiable information) will be logged in

telemetryConsumer

public Consumer<List<HashMap<String,String>>> telemetryConsumer()

Specified by:

telemetryConsumer in interface IClientApplicationBase

Returns:

Telemetry consumer that will receive telemetry events emitted by the library.

tokenCache

public TokenCache tokenCache()

Specified by:

tokenCache in interface IClientApplicationBase

Returns:

Cache holding access tokens, refresh tokens, id tokens. It is maintained and used silently if needed when calling IClientApplicationBase.acquireTokenSilently(SilentParameters)