Package com.azure.spring.autoconfigure.aad

Class AzureADGraphClient

java.lang.Object

com.azure.spring.autoconfigure.aad.AzureADGraphClient

public class AzureADGraphClient
extends Object

Microsoft Graph client encapsulation.

Constructor Summary

Constructors

Constructor	Description
AzureADGraphClient(String clientId, String clientSecret, AADAuthenticationProperties aadAuthenticationProperties, AADAuthorizationServerEndpoints endpoints)	Creates a new instance of AzureADGraphClient.

Method Summary

Modifier and Type	Method	Description
com.microsoft.aad.msal4j.IAuthenticationResult	acquireTokenForGraphApi(String idToken, String tenantId)	Acquire access token for calling Graph API.
Set<String>	getGroups(String graphApiToken)
Set<org.springframework.security.core.authority.SimpleGrantedAuthority>	toGrantedAuthoritySet(Set<String> groups)	Converts a set of groups to their granted authority set.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AzureADGraphClient

public AzureADGraphClient(String clientId,
                          String clientSecret,
                          AADAuthenticationProperties aadAuthenticationProperties,
                          AADAuthorizationServerEndpoints endpoints)

Creates a new instance of AzureADGraphClient.

Parameters:

clientId - the client ID

clientSecret - the client secret

aadAuthenticationProperties - the AAD authentication properties

endpoints - the AAF authorization server endpoints

Method Detail

getGroups

public Set<String> getGroups(String graphApiToken)
                      throws IOException

Parameters:

graphApiToken - token used to access graph api.

Returns:

groups in graph api.

Throws:

IOException - throw exception if get groups failed by IOException.

toGrantedAuthoritySet

public Set<org.springframework.security.core.authority.SimpleGrantedAuthority> toGrantedAuthoritySet(Set<String> groups)

Converts a set of groups to their granted authority set.

Parameters:

groups - a set of groups

Returns:

the granted authority set

acquireTokenForGraphApi

public com.microsoft.aad.msal4j.IAuthenticationResult acquireTokenForGraphApi(String idToken,
                                                                              String tenantId)
                                                                       throws ServiceUnavailableException

Acquire access token for calling Graph API.

Parameters:

idToken - The token used to perform an OBO request.

tenantId - The tenant id.

Returns:

The access token for Graph service.

Throws:

ServiceUnavailableException - If fail to acquire the token.

com.microsoft.aad.msal4j.MsalServiceException - If MsalServiceException has occurred.