Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License. See License.txt in the project root for license information.
/** * Copyright (c) Microsoft Corporation. All rights reserved. * Licensed under the MIT License. See License.txt in the project root for * license information. */
package com.microsoft.azure.credentials; import com.microsoft.azure.AzureEnvironment; import com.microsoft.azure.AzureEnvironment.Endpoint; import com.microsoft.rest.credentials.TokenCredentials; import okhttp3.Authenticator; import okhttp3.OkHttpClient; import okhttp3.Request; import okhttp3.Response; import okhttp3.Route; import javax.net.ssl.SSLSocketFactory; import java.io.IOException; import java.net.Proxy; import java.util.Map; import java.util.regex.Matcher; import java.util.regex.Pattern;
AzureTokenCredentials represents a credentials object with access to Azure Resource management.
/** * AzureTokenCredentials represents a credentials object with access to Azure * Resource management. */
public abstract class AzureTokenCredentials extends TokenCredentials { private final AzureEnvironment environment; private final String domain; private String defaultSubscription; private Proxy proxy; private SSLSocketFactory sslSocketFactory;
Initializes a new instance of the AzureTokenCredentials.
Params:
  • environment – the Azure environment to use
  • domain – the tenant or domain the credential is authorized to
/** * Initializes a new instance of the AzureTokenCredentials. * * @param environment the Azure environment to use * @param domain the tenant or domain the credential is authorized to */
public AzureTokenCredentials(AzureEnvironment environment, String domain) { super("Bearer", null); this.environment = (environment == null) ? AzureEnvironment.AZURE : environment; this.domain = domain; } @Override protected final String getToken(Request request) throws IOException { String host = request.url().toString().toLowerCase(); String resource = environment().managementEndpoint(); for (Map.Entry<String, String> endpoint : environment().endpoints().entrySet()) { if (host.contains(endpoint.getValue())) { if (endpoint.getKey().equals(Endpoint.KEYVAULT.identifier())) { resource = String.format("https://%s", endpoint.getValue().replaceAll("^\\.*", "")); break; } else if (endpoint.getKey().equals(Endpoint.GRAPH.identifier())) { resource = environment().graphEndpoint(); break; } else if (endpoint.getKey().equals(Endpoint.LOG_ANALYTICS.identifier())) { resource = environment().logAnalyticsEndpoint(); break; } else if (endpoint.getKey().equals(Endpoint.APPLICATION_INSIGHTS.identifier())) { resource = environment().applicationInsightsEndpoint(); break; } else if (endpoint.getKey().equals(Endpoint.DATA_LAKE_STORE.identifier()) || endpoint.getKey().equals(Endpoint.DATA_LAKE_ANALYTICS.identifier())) { resource = environment().dataLakeEndpointResourceId(); break; } } } return getToken(resource); }
Override this method to provide the mechanism to get a token.
Params:
  • resource – the resource the access token is for
Throws:
Returns:the token to access the resource
/** * Override this method to provide the mechanism to get a token. * * @param resource the resource the access token is for * @return the token to access the resource * @throws IOException exceptions from IO */
public abstract String getToken(String resource) throws IOException;
Override this method to provide the domain or tenant ID the token is valid in.
Returns:the domain or tenant ID string
/** * Override this method to provide the domain or tenant ID the token is valid in. * * @return the domain or tenant ID string */
public String domain() { return domain; }
Returns:the environment details the credential has access to.
/** * @return the environment details the credential has access to. */
public AzureEnvironment environment() { return environment; }
Returns:The default subscription ID, if any
/** * @return The default subscription ID, if any */
public String defaultSubscriptionId() { return defaultSubscription; }
Set default subscription ID.
Params:
  • subscriptionId – the default subscription ID.
Returns:the credentials object itself.
/** * Set default subscription ID. * * @param subscriptionId the default subscription ID. * @return the credentials object itself. */
public AzureTokenCredentials withDefaultSubscriptionId(String subscriptionId) { this.defaultSubscription = subscriptionId; return this; }
Returns:the proxy being used for accessing Active Directory.
/** * @return the proxy being used for accessing Active Directory. */
public Proxy proxy() { return proxy; }
Returns:the ssl socket factory.
/** * @return the ssl socket factory. */
public SSLSocketFactory sslSocketFactory() { return sslSocketFactory; }
Params:
  • proxy – the proxy being used for accessing Active Directory
Returns:the credential itself
/** * @param proxy the proxy being used for accessing Active Directory * @return the credential itself */
public AzureTokenCredentials withProxy(Proxy proxy) { this.proxy = proxy; return this; }
Params:
  • sslSocketFactory – the ssl socket factory
Returns:the credential itself
/** * @param sslSocketFactory the ssl socket factory * @return the credential itself */
public AzureTokenCredentials withSslSocketFactory(SSLSocketFactory sslSocketFactory) { this.sslSocketFactory = sslSocketFactory; return this; } @Override public void applyCredentialsFilter(OkHttpClient.Builder clientBuilder) { clientBuilder.interceptors().add(new AzureTokenCredentialsInterceptor(this)); clientBuilder.authenticator(new Authenticator() { @Override public Request authenticate(Route route, Response response) throws IOException { String authenticateHeader = response.header("WWW-Authenticate"); if (authenticateHeader != null && !authenticateHeader.isEmpty()) { Pattern pattern = Pattern.compile("resource=\"([a-zA-Z0-9.:/-_]+)\""); Matcher matcher = pattern.matcher(authenticateHeader); if (matcher.find()) { String resource = matcher.group(1); return response.request().newBuilder() .header("Authorization", "Bearer " + getToken(resource)) .build(); } } // Otherwise cannot satisfy the challenge return null; } }); } }