Java 从azure登录获取令牌
我正在使用Azure AD登录到spring boot应用程序。虽然我可以登录,但我需要查看用户信息,这些信息将与承载令牌一起提供。当用户从azure登录({{adId}}/oauth2/token)重定向回应用程序时,如何获取此令牌Java 从azure登录获取令牌,java,spring,azure,azure-active-directory,Java,Spring,Azure,Azure Active Directory,我正在使用Azure AD登录到spring boot应用程序。虽然我可以登录,但我需要查看用户信息,这些信息将与承载令牌一起提供。当用户从azure登录({{adId}}/oauth2/token)重定向回应用程序时,如何获取此令牌 @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) public class WebSecurityConfig extends WebSecurityConfigurerAd
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.userInfoEndpoint()
.oidcUserService(oidcUserService);
}
}
@EnableWebSecurity
@EnableGlobalMethodSecurity(Prespenabled=true)
公共类WebSecurityConfig扩展了WebSecurityConfigureAdapter{
@自动连线
专用OAuth2UserService oidcUserService;
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
http
.授权请求()
.anyRequest().authenticated()
.及()
.oauth2Login()
.userInfoEndpoint()
.oidcUserService(OIDCUSERVICE);
}
}
正如Amogh所说,从访问令牌获取用户信息的逻辑在不同语言中是相同的。有一个记录良好的Azure示例,它实现了您试图在Java中实现的功能。请访问并克隆以获取承载令牌
具体看一下本节:
URL url = new URL("https://graph.microsoft.com/v1.0/users");
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Authorization", "Bearer " + accessToken);
conn.setRequestProperty("Accept","application/json");
int httpResponseCode = conn.getResponseCode();
String goodRespStr = HttpClientHelper.getResponseStringFromConn(conn, true);
// logger.info("goodRespStr ->" + goodRespStr);
int responseCode = conn.getResponseCode();
JSONObject response = HttpClientHelper.processGoodRespStr(responseCode, goodRespStr);
JSONArray users;
users = JSONHelper.fetchDirectoryObjectJSONArray(response);
StringBuilder builder = new StringBuilder();
User user;
for (int i = 0; i < users.length(); i++) {
JSONObject thisUserJSONObject = users.optJSONObject(i);
user = new User();
JSONHelper.convertJSONObjectToDirectoryObject(thisUserJSONObject, user);
builder.append(user.getUserPrincipalName() + "<br/>");
}
return builder.toString();
}
URL=新URL(“https://graph.microsoft.com/v1.0/users");
HttpURLConnection conn=(HttpURLConnection)url.openConnection();
conn.setRequestMethod(“GET”);
conn.setRequestProperty(“授权”、“承载人”+accessToken);
conn.setRequestProperty(“接受”、“应用程序/json”);
int httpResponseCode=conn.getResponseCode();
字符串goodRespStr=HttpClientHelper.getResponseStringFromConn(conn,true);
//logger.info(“goodRespStr->”+goodRespStr);
int responseCode=conn.getResponseCode();
JSONObject response=HttpClientHelper.processGoodRespStr(responseCode,goodRespStr);
JSONArray用户;
users=JSONHelper.fetchDirectoryObjectJSONArray(响应);
StringBuilder=新的StringBuilder();
用户;
对于(int i=0;i ”);
}
返回builder.toString();
}
我是用C语言做的,不是用JAVA,我相信从access token获取用户信息的逻辑在所有语言中都是一样的。如果您有访问令牌,则该令牌应包含用户id值。要检索用户信息,必须查询Graph API。关于这一点的完整文档似乎是这样的。我试图用gradle而不是maven来获得这段代码,但遗憾的是,它相当复杂。