google-oauth-java-client - 使用适用于 java 的谷歌 OAuth2 客户端库访问 AzureAD API
问题描述
我的项目需要与 G-Suite 和 AzureAD 目录集成。它们都支持 OAuth2,如此处和此处所述。
我想使用 Google OAuth2 客户端访问 G-Suite 和 AzueAD API。我有几个相同的问题
是否可以使用 google-oauth-api-client 访问 AzureAD API?
有没有可以与 G-Suite SDK 和 AzureAD 一起使用的库?
我不想为我集成的每个提供者分离库。无论是 G-Suite、AzureAD 还是 SalesForce 或其他支持 OAuth2 的东西。
解决方案
通过添加以下两个类,Google OAuth2 客户端库可用于针对任何 OAuth2 提供者进行身份验证:
public class ClientUsernamePasswordTokenRequest extends TokenRequest {
/**
* @param transport HTTP transport
* @param jsonFactory JSON factory
* @param tokenServerUrl token server URL
* @param grantType grant type ({@code "authorization_code"}, {@code "password"},
* {@code "client_credentials"}, {@code "refresh_token"} or absolute URI of the extension
*/
public ClientUsernamePasswordTokenRequest(HttpTransport transport, JsonFactory jsonFactory, GenericUrl tokenServerUrl, String grantType) {
super(transport, jsonFactory, tokenServerUrl, grantType);
}
@Override
public TokenResponse execute() throws IOException {
return convertStringToObject(executeUnparsed().parseAs(Map.class));
}
private TokenResponse convertStringToObject(Map content) {
TokenResponse tokenResponse = new TokenResponse();
String tokenType = (String) content.get("token_type");
tokenResponse.setTokenType(tokenType);
String scope = (String) content.get("scope");
tokenResponse.setScope(scope);
String accessToken = (String) content.get("access_token");
tokenResponse.setAccessToken(accessToken);
String refreshToken = (String) content.get("refresh_token");
tokenResponse.setRefreshToken(refreshToken);
return tokenResponse;
}
}
和
package com.identityforge.idfserver.backend.rest.auth;
import com.google.api.client.http.HttpExecuteInterceptor;
import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.UrlEncodedContent;
import com.google.api.client.util.Data;
import com.google.api.client.util.Preconditions;
import java.util.Map;
public class ClientParametersAuthentication implements HttpRequestInitializer, HttpExecuteInterceptor {
/**
* Client identifier issued to the client during the registration process.
*/
private final String clientId;
/**
* Client password or {@code null} for none.
*/
private final String password;
/**
* Client username
*/
private final String username;
/**
* Resource for which access is requested
*/
private final String resource;
private final String clientSecret;
/**
* @param clientId client identifier issued to the client during the registration process
* @param password password or {@code null} for none
* @param username
* @param resource
* @param clientSecret
*/
public ClientParametersAuthentication(String clientId, String password, String username, String resource, String clientSecret) {
this.clientId = Preconditions.checkNotNull(clientId);
this.password = Preconditions.checkNotNull(password);
this.username = Preconditions.checkNotNull(username);
this.resource = resource;
this.clientSecret = clientSecret;
}
public void initialize(HttpRequest request) {
request.setInterceptor(this);
}
public void intercept(HttpRequest request) {
Map<String, Object> data = Data.mapOf(UrlEncodedContent.getContent(request).getData());
data.put("client_id", clientId);
data.put("password", password);
data.put("username", username);
if (resource != null)
data.put("resource", resource);
if (clientSecret != null) {
data.put("client_secret", clientSecret);
}
}
}
现在可以通过在以下代码中提供凭据值来请求访问令牌
private void fetchToken() throws IOException {
TokenResponse tokenResponse;
if (genericUrl == null) {
genericUrl = new GenericUrl(tokenUrl);
}
if (authentication == null) {
authentication = new ClientParametersAuthentication(clientId, passwd, username, resource, clientSecret);
}
if (tokenRequest == null) {
tokenRequest = new ClientUsernamePasswordTokenRequest(new ApacheHttpTransport(), JacksonFactory.getDefaultInstance(), genericUrl, grantType);
tokenRequest.setClientAuthentication(authentication);
}
tokenResponse = tokenRequest.execute();
String accessToken = tokenResponse.getAccessToken();
}
这tokenUrl
是身份验证端点。
推荐阅读
- python - 如何使用具有不同类型数据的 3 列作为训练神经网络的输入并将输出作为向量?
- python - 在 DRF 序列化程序中访问 serializer.data 时出现 AttributeError
- amazon-web-services - Quicksight:对单个用户进行身份验证
- sql - 具有不同元素的 SQL 表中的累积和查询
- python - pybacktest 库 hello world 错误:builtins.AttributeError:“系列”对象没有属性“ix”
- r - R studio cloud 找不到函数“Anova”
- html - 如何使我们的网页响应我的移动视图
- docker - Docker:Portainer 服务器与仅代理部署
- node.js - 在 Windows 10 中安装节点后,npm 命令失败并出现错误找不到模块“lru_cache”
- c++ - 错误:抱歉,未实现:函数模板签名中的字符串文字,而在函数模板中使用 decltype