com.microsoft.aad.msal4j

Interface IPublicClientApplication

All Known Implementing Classes:

PublicClientApplication

public interface IPublicClientApplication

Interface representing a public client application (Desktop, Mobile). Public client application are not trusted to safely store application secrets, and therefore can only request tokens in the name of an user. For details see https://aka.ms/msal4jclientapplications

Field Summary

Fields

Modifier and Type	Field and Description
static String	DEFAULT_AUTHORITY

Method Summary

Modifier and Type	Method and Description
CompletableFuture<IAuthenticationResult>	acquireToken(AuthorizationCodeParameters parameters) Acquires security token from the authority using an authorization code previously received.
CompletableFuture<IAuthenticationResult>	acquireToken(DeviceCodeFlowParameters parameters) Acquires security token from the authority using an device code flow.
CompletableFuture<IAuthenticationResult>	acquireToken(IntegratedWindowsAuthenticationParameters parameters) Acquires tokens from the authority configured in the application via Integrated Windows Authentication.
CompletableFuture<IAuthenticationResult>	acquireToken(InteractiveRequestParameters parameters) Acquires tokens from the authority using authorization code grant.
CompletableFuture<IAuthenticationResult>	acquireToken(RefreshTokenParameters parameters) Acquires a security token from the authority using a refresh token previously received.
CompletableFuture<IAuthenticationResult>	acquireToken(UserNamePasswordParameters parameters) Acquires tokens from the authority configured in the application via Username/Password authentication.
CompletableFuture<IAuthenticationResult>	acquireTokenSilently(SilentParameters parameters) Returns tokens from cache if present and not expired or acquires new tokens from the authority by using the refresh token present in cache.
String	authority()
String	clientId()
String	correlationId()
CompletableFuture<Set<IAccount>>	getAccounts() Returns accounts in the cache
URL	getAuthorizationRequestUrl(AuthorizationRequestUrlParameters parameters) Computes the URL of the authorization request letting the user sign-in and consent to the application.
boolean	logPii()
Proxy	proxy()
CompletableFuture	removeAccount(IAccount account) Removes IAccount from the cache
SSLSocketFactory	sslSocketFactory()
ITokenCache	tokenCache()
boolean	validateAuthority()

Field Detail

DEFAULT_AUTHORITY

static final String DEFAULT_AUTHORITY

See Also:

Constant Field Values

Method Detail

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(UserNamePasswordParameters parameters)

Acquires tokens from the authority configured in the application via Username/Password authentication.

Parameters:

parameters - instance of UserNamePasswordParameters

Returns:

CompletableFuture containing an IAuthenticationResult

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(IntegratedWindowsAuthenticationParameters parameters)

Acquires tokens from the authority configured in the application via Integrated Windows Authentication.

Parameters:

parameters - instance of IntegratedWindowsAuthenticationParameters

Returns:

CompletableFuture containing an IAuthenticationResult

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(DeviceCodeFlowParameters parameters)

Acquires security token from the authority using an device code flow. Flow is designed for devices that do not have access to a browser or have input constraints. The authorization server issues DeviceCode object with verification code, an end-user code and the end-user verification URI. DeviceCode is provided through deviceCodeConsumer callback. End-user should be instructed to use another device to connect to the authorization server to approve the access request. Since the client cannot receive incoming requests, it polls the authorization server repeatedly until the end-user completes the approval process.

Parameters:

parameters - instance of DeviceCodeFlowParameters

Returns:

CompletableFuture containing an IAuthenticationResult

Throws:

MsalException - thrown if authorization is pending or another error occurred. If the errorCode of the exception is AuthenticationErrorCode.AUTHORIZATION_PENDING, the call needs to be retried until the AccessToken is returned. DeviceCode.interval - The minimum amount of time in seconds that the client SHOULD wait between polling requests to the token endpoint

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(InteractiveRequestParameters parameters)

Acquires tokens from the authority using authorization code grant. Will attempt to open the default system browser where the user can input the credentials interactively, consent to scopes, and do multi-factor authentication if such a policy is enabled on the Azure AD tenant. System browser can behavior can be customized via InteractiveRequestParameters.systemBrowserOptions. For more information, see https://aka.ms/msal4j-interactive-request

Parameters:

parameters - instance of InteractiveRequestParameters

Returns:

CompletableFuture containing an IAuthenticationResult

clientId

String clientId()

Returns:

Client ID (Application ID) of the application as registered in the application registration portal (portal.azure.com) and as passed in the constructor of the application

authority

String authority()

Returns:

URL of the authority, or security token service (STS) from which MSAL will acquire security tokens. Default value is IClientApplicationBase.DEFAULT_AUTHORITY

validateAuthority

boolean validateAuthority()

Returns:

a boolean value which determines whether the authority needs to be verified against a list of known authorities.

correlationId

String correlationId()

Returns:

Correlation Id which is used for diagnostics purposes, is attached to token service requests Default value is random UUID

logPii

boolean logPii()

Returns:

a boolean value which determines whether Pii (personally identifiable information) will be logged in

proxy

Proxy proxy()

Returns:

proxy used by the application for all network communication.

sslSocketFactory

SSLSocketFactory sslSocketFactory()

Returns:

SSLSocketFactory used by the application for all network communication.

tokenCache

ITokenCache tokenCache()

Returns:

Cache holding access tokens, refresh tokens, id tokens. It is maintained and used silently if needed when calling IClientApplicationBase.acquireTokenSilently(SilentParameters)

getAuthorizationRequestUrl

URL getAuthorizationRequestUrl(AuthorizationRequestUrlParameters parameters)

Computes the URL of the authorization request letting the user sign-in and consent to the application. The URL target the /authorize endpoint of the authority configured in the application object.

Once the user successfully authenticates, the response should contain an authorization code, which can then be passed in toAbstractClientApplicationBase.acquireToken(AuthorizationCodeParameters) to be exchanged for a token

Parameters:

parameters - AuthorizationRequestUrlParameters

Returns:

url of the authorization endpoint where the user can sign-in and consent to the application.

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(AuthorizationCodeParameters parameters)

Acquires security token from the authority using an authorization code previously received.

Parameters:

parameters - AuthorizationCodeParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

acquireToken

CompletableFuture<IAuthenticationResult> acquireToken(RefreshTokenParameters parameters)

Acquires a security token from the authority using a refresh token previously received. Can be used in migration to MSAL from ADAL, and in various integration scenarios where you have a refresh token available.

Parameters:

parameters - RefreshTokenParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

acquireTokenSilently

CompletableFuture<IAuthenticationResult> acquireTokenSilently(SilentParameters parameters)
                                                       throws MalformedURLException

Returns tokens from cache if present and not expired or acquires new tokens from the authority by using the refresh token present in cache.

Parameters:

parameters - instance of SilentParameters

Returns:

A CompletableFuture object representing the IAuthenticationResult of the call.

Throws:

MalformedURLException - if authorityUrl from parameters is malformed URL

getAccounts

CompletableFuture<Set<IAccount>> getAccounts()

Returns accounts in the cache

Returns:

set of unique accounts from cache which can be used for silent acquire token call

removeAccount

CompletableFuture removeAccount(IAccount account)

Removes IAccount from the cache

Parameters:

account - instance of Account to be removed from cache

Returns:

CompletableFuture object representing account removal task.