msal4j-token生成错误:未知或无效示例

r8xiu3jd  于 2021-07-06  发布在  Java
关注(0)|答案(1)|浏览(513)

我试图在java应用程序中使用msal4j-1.8jar生成令牌。下面是我使用的代码:

private static IAuthenticationResult getAccessTokenByClientCredentialGrant() throws Exception {

        ConfidentialClientApplication app = ConfidentialClientApplication.builder(
                clientId,
                ClientCredentialFactory.createFromSecret(secret))
                .authority(authority)
                .build();

        // With client credentials flows the scope is ALWAYS of the shape "resource/.default", as the
        // application permissions need to be set statically (in the portal), and then granted by a tenant administrator
        ClientCredentialParameters clientCredentialParam = ClientCredentialParameters.builder(
                Collections.singleton(scope))
                .build();

        CompletableFuture<IAuthenticationResult> future = app.acquireToken(clientCredentialParam);
        return future.get();
    }

我得到一个错误:

Caused by: com.microsoft.aad.msal4j.MsalServiceException: AADSTS50049: Unknown or invalid instance.
Trace ID: c6a936bf-2b0f-489e-ada3-d2311e708500
Correlation ID: f515dd78-7915-43d7-9020-62631f27c955
Timestamp: 2020-12-10 16:14:09Z
      at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.validate(AadInstanceDiscoveryProvider.java:147)
      at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.doInstanceDiscoveryAndCache(AadInstanceDiscoveryProvider.java:138)
      at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.getMetadataEntry(AadInstanceDiscoveryProvider.java:42)
      at com.microsoft.aad.msal4j.AuthenticationResultSupplier.getAuthorityWithPrefNetworkHost(AuthenticationResultSupplier.java:32)
      at com.microsoft.aad.msal4j.AcquireTokenByAuthorizationGrantSupplier.execute(AcquireTokenByAuthorizationGrantSupplier.java:59)
      at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:59)
      at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:17)
      at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1601)
      at java.lang.Thread.run(Thread.java:818)

有什么问题吗?

svmlkihl

svmlkihl1#

正如@juunas所问的,你的生活似乎有问题 authority 设置。请尝试以下代码:

import java.util.Collections;
import java.util.concurrent.CompletableFuture;

import com.microsoft.aad.msal4j.ClientCredentialFactory;
import com.microsoft.aad.msal4j.ClientCredentialParameters;
import com.microsoft.aad.msal4j.ConfidentialClientApplication;
import com.microsoft.aad.msal4j.IAuthenticationResult;

public class AADClientCred {
    public static void main(String[] args) {

        String tenantID = "<your tenant ID or name>";
        String clientID = "<your Azure AD app id>";
        String Secret = "<your azure ad app secret>";
        String authority = "https://login.microsoftonline.com/" + tenantID;
        //I use microsoft graph as resource for demo
        String scope = "https://graph.microsoft.com/.default";

        try {
            String access_token = getAccessTokenByClientCredentialGrant(clientID, Secret, authority, scope)
                    .accessToken();

            System.out.println("access token : " + access_token);

        } catch (Exception e) {

            e.printStackTrace();
        }

    }

    private static IAuthenticationResult getAccessTokenByClientCredentialGrant(String clientID, String Secret,
            String authority, String scope) throws Exception {

        ConfidentialClientApplication app = ConfidentialClientApplication
                .builder(clientID, ClientCredentialFactory.createFromSecret(Secret)).authority(authority).build();

        ClientCredentialParameters clientCredentialParam = ClientCredentialParameters
                .builder(Collections.singleton(scope)).build();

        CompletableFuture<IAuthenticationResult> future = app.acquireToken(clientCredentialParam);
        return future.get();
    }

}

结果:

如果你还有什么问题,请告诉我。

相关问题