Source code

001/*
002 *  Copyright 2021 Anyware Services
003 *
004 *  Licensed under the Apache License, Version 2.0 (the "License");
005 *  you may not use this file except in compliance with the License.
006 *  You may obtain a copy of the License at
007 *
008 *      http://www.apache.org/licenses/LICENSE-2.0
009 *
010 *  Unless required by applicable law or agreed to in writing, software
011 *  distributed under the License is distributed on an "AS IS" BASIS,
012 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 *  See the License for the specific language governing permissions and
014 *  limitations under the License.
015 */
016package org.ametys.plugins.extrausermgt.authentication.msal;
017
018import java.util.Map;
019import java.util.Set;
020
021import org.apache.avalon.framework.service.ServiceException;
022import org.apache.avalon.framework.service.ServiceManager;
023import org.apache.avalon.framework.service.Serviceable;
024
025/**
026 * Sign in through Entra ID, using the OpenId Connect protocol.
027 */
028public class EntraIDCredentialProvider extends AbstractMSALCredentialProvider implements Serviceable
029{
030    private String _tenant;
031    
032    private OIDCScopesExtensionPoint _scopesExtensionPoint;
033    
034    public void service(ServiceManager manager) throws ServiceException
035    {
036        _scopesExtensionPoint = (OIDCScopesExtensionPoint) manager.lookup(OIDCScopesExtensionPoint.ROLE);
037    }
038    
039    @Override
040    public void init(String id, String cpModelId, Map<String, Object> paramValues, String label) throws Exception
041    {
042        super.init(id, cpModelId, paramValues, label);
043        
044        _tenant = (String) paramValues.get("authentication.aad.tenant");
045
046        String clientID = (String) paramValues.get("authentication.aad.appid");
047        String clientSecret = (String) paramValues.get("authentication.aad.clientsecret");
048        boolean silent = (boolean) paramValues.get("authentication.aad.silent");
049        boolean prompt = (boolean) paramValues.get("authentication.aad.prompt");
050
051        init(clientID, clientSecret, prompt, silent);
052    }
053    
054    @Override
055    protected String getAuthority()
056    {
057        return "https://login.microsoftonline.com/" + _tenant;
058    }
059    
060    @Override
061    protected Set<String> getScopes()
062    {
063        return _scopesExtensionPoint.getScopes();
064    }
065}