访问令牌的ADAL java库不返回组和角色
我正在尝试使用ADAL4J库获取Active Directory的组和角色,我所指的示例项目是 GitHub AzureAD示例项目 我得到的响应是具有以下内容的令牌:访问令牌的ADAL java库不返回组和角色,java,active-directory,token,adal,Java,Active Directory,Token,Adal,我正在尝试使用ADAL4J库获取Active Directory的组和角色,我所指的示例项目是 GitHub AzureAD示例项目 我得到的响应是具有以下内容的令牌: { "aud": "https://graph.windows.net", "iss": "[redacted for stackoverflow post]", "iat": 1474924521, "nbf": 1474924521, "exp": 1474928421, "appid": "MyAp
{
"aud": "https://graph.windows.net",
"iss": "[redacted for stackoverflow post]",
"iat": 1474924521,
"nbf": 1474924521,
"exp": 1474928421,
"appid": "MyApplicationObjectId from AD",
"appidacr": "1",
"e_exp": 10800,
"idp": "[redacted for stack overflow post]",
"oid": "68467740-2af5-43ab-8bfb-362b494956c5",
"roles": [
"Device.ReadWrite.All",
"Directory.Read.All",
"Directory.ReadWrite.All",
"Domain.ReadWrite.All"
],
"sub": "68467740-2af5-43ab-8bfb-362b494956c5",
"tid": "e536c1ed-4822-4b88-8c01-9f14c1c583e3",
"ver": "1.0"
}
但是,我希望访问令牌中也包含以下声明:
"groups": [
"8c335044-b534-4cfa-a816-c62588ca169e",
"68ff7ec2-db1b-45cc-afb4-785723f9a2db",
"a79ed389-c46f-4782-9752-90f4871e4b15",
"657b2f05-15f2-4849-a831-c42ecdf7db13"
],
"roles": [
"add-or-view-org-admin"
],
由于我的用户尝试访问的应用程序是web应用程序,因此我在请求中发送客户端密码,如下所示:
private static AuthenticationResult getAccessTokenFromUserCredentials(
String username, String password) throws Exception
{
AuthenticationContext context = null;
AuthenticationResult result = null;
ExecutorService service = null;
try {
service = Executors.newFixedThreadPool(1);
context = new AuthenticationContext(AUTHORITY, true, service);
ClientCredential clientCred = new ClientCredential(
CLIENT_ID, "Client Key for my Application from Active Directory");
Future<AuthenticationResult> future = context.acquireToken(
"https://graph.windows.net", clientCred, null);
result = future.get();
} finally {
service.shutdown();
}
if (result == null) {
throw new ServiceUnavailableException(
"authentication result was null");
}
return result;
}
私有静态身份验证结果getAccessTokenFromUserCredentials(
字符串用户名、字符串密码)引发异常
{
AuthenticationContext上下文=null;
AuthenticationResult=null;
ExecutorService=null;
试一试{
服务=Executors.newFixedThreadPool(1);
context=新的AuthenticationContext(AUTHORITY、true、service);
ClientCredential clientCred=新的ClientCredential(
客户端ID,“Active Directory中我的应用程序的客户端密钥”);
Future=context.acquireToken(
"https://graph.windows.net,clientCred,null);
结果=future.get();
}最后{
service.shutdown();
}
如果(结果==null){
抛出新ServiceUnavailableException(
“验证结果为空”);
}
返回结果;
}
有没有人能够使用这样的Java客户机做到这一点
我需要让它使用Java,因为我需要为它运行集成测试
非常感谢您的帮助。配置集成测试以获取访问Azure Active Directory中配置的Web应用程序的访问令牌