Java 即使在刷新令牌之后,InvalidAuthenticationToken仍然有效
我用Java编写了一个桌面应用程序,可以从Microsoft outlook帐户检索信息。我能够登录并获得在指定的1小时内正常工作的访问令牌。我还可以在小时到期之前刷新该令牌,并且新的访问令牌也可以工作。但是如果我在最初的1小时后尝试刷新,新令牌将无法工作。我犯了一个错误 我的代码在下面Java 即使在刷新令牌之后,InvalidAuthenticationToken仍然有效,java,graph,microsoft-graph-api,msal,Java,Graph,Microsoft Graph Api,Msal,我用Java编写了一个桌面应用程序,可以从Microsoft outlook帐户检索信息。我能够登录并获得在指定的1小时内正常工作的访问令牌。我还可以在小时到期之前刷新该令牌,并且新的访问令牌也可以工作。但是如果我在最初的1小时后尝试刷新,新令牌将无法工作。我犯了一个错误 我的代码在下面 import java.net.MalformedURLException; import java.util.Set; import java.util.concurrent.ExecutorService
import java.net.MalformedURLException;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.function.Consumer;
import com.microsoft.aad.msal4j.DeviceCode;
import com.microsoft.aad.msal4j.DeviceCodeFlowParameters;
import com.microsoft.aad.msal4j.IAccount;
import com.microsoft.aad.msal4j.IAuthenticationResult;
import com.microsoft.aad.msal4j.ITokenCacheAccessAspect;
import com.microsoft.aad.msal4j.PublicClientApplication;
import com.microsoft.aad.msal4j.SilentParameters;
import com.microsoft.aad.msal4j.RefreshTokenParameters;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.util.Date;
import java.util.NoSuchElementException;
import java.util.concurrent.RejectedExecutionException;
import java.util.prefs.Preferences;
/**
* Authentication
*/
public class Authentication {
private Preferences prefs = Preferences.userRoot().node("TEST_APP");
private PublicClientApplication app;
private Set<String> scopeSet;
private ExecutorService pool;
private String applicationId;
private String expires = "NO_EXPIRES_SAVED";
//ITokenCacheAccessAspect persistenceAspect;
// Set authority to allow only organizational accounts
// Device code flow only supports organizational accounts
private final String authority = "https://login.microsoftonline.com/common/";
private AuthenticationListener listener;
public void initialize(String applicationId, String[] scopes, AuthenticationListener listener) {
System.out.println("Initializing authentication");
applicationId = applicationId;
scopeSet = Set.of(scopes);
pool = Executors.newFixedThreadPool(1);
// Loads cache from file
//String tokenFile = "./serialized_cache.json";
//String dataToInitCache = readResource(tokenFile);
//persistenceAspect = new TokenPersistence(dataToInitCache, tokenFile);
try {
app = PublicClientApplication.builder(applicationId)
.authority(authority)
.executorService(pool)
.build();
} catch (MalformedURLException e) {
return;
}
this.listener = listener;
}
public Boolean getUserAccessToken(LoginDialog loginDialog) {
Boolean success = false;
System.out.println("getUserAccessToken: scopes is: " + scopeSet.toString());
// Create consumer to receive the DeviceCode object
// This method gets executed during the flow and provides
// the URL the user logs into and the device code to enter
Consumer<DeviceCode> deviceCodeConsumer = (DeviceCode deviceCode) -> {
loginDialog.stillWaiting = false;
loginDialog.setText(deviceCode.message());
};
// Request a token, passing the requested permission scopes
IAuthenticationResult result = null;
try {
result = app.acquireToken(
DeviceCodeFlowParameters
.builder(scopeSet, deviceCodeConsumer)
.build()
).exceptionally(ex -> {
System.out.println("Unable to authenticate - " + ex.getMessage());
return null;
}).join();
} catch (RejectedExecutionException e) {
System.out.println("getUserAccessToken: error getting token: " + e.toString());
}
if (result != null) {
expires = result.expiresOnDate().toString();
listener.saveToken(result);
success = true;
return success;
}
return success;
}
public boolean tokenStillValid() {
Date expiration = new Date(expires);
System.out.println("tokenStillValid: expiration is: " + expiration);
Date today = new Date();
System.out.println("tokenStillValid: today is: " + today);
if (expiration.after(today)){
System.out.println("tokenStillValid: token is still valid");
} else {
System.out.println("tokenStillValid: token is expired");
}
return expiration.after(today);
}
public void refreshToken() {
try {
Set<IAccount> accounts = app.getAccounts().join();
System.out.println("Account username is: " + accounts.iterator().next().username());
SilentParameters parameters = SilentParameters.builder(scopeSet, accounts.iterator().next()).build();
IAuthenticationResult result = (IAuthenticationResult) app.acquireTokenSilently(parameters).join();
expires = result.expiresOnDate().toString();
listener.saveToken(result);
} catch (MalformedURLException | NoSuchElementException e){
System.out.println("Error getting refresh token: " + e.toString() + " " + e.getLocalizedMessage());
return;
}
}
}```
导入java.net.MalformedURLException;
导入java.util.Set;
导入java.util.concurrent.ExecutorService;
导入java.util.concurrent.Executors;
导入java.util.function.Consumer;
导入com.microsoft.aad.msal4j.DeviceCode;
导入com.microsoft.aad.msal4j.DeviceCodeFlowParameters;
导入com.microsoft.aad.msal4j.IAccount;
导入com.microsoft.aad.msal4j.iaAuthenticationResult;
导入com.microsoft.aad.msal4j.ITokenCacheAccessAspect;
导入com.microsoft.aad.msal4j.PublicClientApplication;
导入com.microsoft.aad.msal4j.silent参数;
导入com.microsoft.aad.msal4j.RefreshTokenParameters;
导入java.io.File;
导入java.io.IOException;
导入java.nio.file.Files;
导入java.util.Date;
导入java.util.NoSuchElementException;
导入java.util.concurrent.RejectedExecutionException;
导入java.util.prefs.Preferences;
/**
*认证
*/
公共类身份验证{
private Preferences prefs=Preferences.userRoot().node(“TEST_APP”);
私有公共客户端应用程序;
私有集范围集;
私人服务池;
私有字符串applicationId;
private String expires=“NO\u expires\u SAVED”;
//ITokenCacheAccessAspect持久性Aspect;
//将权限设置为仅允许组织帐户
//设备代码流仅支持组织帐户
私有最终字符串权限=”https://login.microsoftonline.com/common/";
私有身份验证侦听器;
public void initialize(字符串applicationId、字符串[]作用域、AuthenticationListener侦听器){
System.out.println(“初始化身份验证”);
applicationId=applicationId;
scopeSet=一组(范围);
池=执行器。newFixedThreadPool(1);
//从文件加载缓存
//字符串tokenFile=“./serialized_cache.json”;
//字符串dataToInitCache=readResource(令牌文件);
//persistenceAspect=新的令牌持久性(dataToInitCache,令牌文件);
试一试{
app=PublicClientApplication.builder(applicationId)
.授权(授权)
.执行人服务(池)
.build();
}捕获(格式错误){
返回;
}
this.listener=listener;
}
公共布尔getUserAccessToken(LoginDialog LoginDialog){
布尔成功=假;
System.out.println(“getUserAccessToken:scopes为:”+scopeSet.toString());
//创建使用者以接收DeviceCode对象
//此方法在流期间执行,并提供
//用户登录的URL和要输入的设备代码
消费者设备代码消费者=(设备代码设备代码)->{
loginDialog.stillWaiting=false;
loginDialog.setText(deviceCode.message());
};
//请求令牌,传递请求的权限范围
IAAuthenticationResult=null;
试一试{
结果=app.acquireToken(
DeviceCodeFlowParameters
.builder(范围集、设备代码使用者)
.build()
).例外情况(ex->{
System.out.println(“无法验证-”+ex.getMessage());
返回null;
}).join();
}捕获(拒绝执行异常e){
System.out.println(“getUserAccessToken:获取令牌时出错:”+e.toString());
}
如果(结果!=null){
expires=result.expiresOnDate().toString();
saveToken(结果);
成功=真实;
回归成功;
}
回归成功;
}
公共布尔标记仍然有效(){
日期到期=新日期(到期);
System.out.println(“tokenStillValid:expiration为:“+expiration”);
今天日期=新日期();
System.out.println(“tokenStillValid:today是:“+today”);
if(到期后(今天)){
System.out.println(“tokenStillValid:token仍然有效”);
}否则{
System.out.println(“tokenStillValid:token已过期”);
}
返回到期日。在(今天)之后;
}
公共无效刷新令牌(){
试一试{
Set accounts=app.getAccounts().join();
System.out.println(“帐户用户名为:”+accounts.iterator().next().username());
SilentParameters=SilentParameters.builder(scopeSet,accounts.iterator().next()).build();
IAAuthenticationResult=(IAAuthenticationResult)app.AcquireTokenSummiter(参数).join();
expires=result.expiresOnDate().toString();
saveToken(结果);
}捕获(畸形异常|无接触异常e){
System.out.println(“获取刷新令牌时出错:”+e.toString()+“”+e.getLocalizedMessage());
返回;
}
}
}```