Package org.ametys.plugins.extrausermgt.authentication.msal

Class EntraIDCredentialProvider

java.lang.Object

org.ametys.runtime.plugin.component.AbstractLogEnabled

org.ametys.core.authentication.AbstractCredentialProvider

org.ametys.plugins.extrausermgt.authentication.msal.AbstractMSALCredentialProvider

org.ametys.plugins.extrausermgt.authentication.msal.EntraIDCredentialProvider

All Implemented Interfaces:

BlockingCredentialProvider, CredentialProvider, NonBlockingCredentialProvider, OIDCBasedCredentialProvider, LogEnabled, Component, Contextualizable, Serviceable

public class EntraIDCredentialProvider
extends AbstractMSALCredentialProvider
implements Serviceable

Sign in through Entra ID, using the OpenId Connect protocol.

Field Summary

Fields inherited from class org.ametys.plugins.extrausermgt.authentication.msal.AbstractMSALCredentialProvider

_clientID, _clientSecret, _prompt, _silent, ACCESS_TOKEN_SESSION_ATTRIBUTE

Constructor Summary

Constructors

Constructor	Description
EntraIDCredentialProvider()

Method Summary

Modifier and Type	Method	Description
protected String	getAuthority()	Returns the URL to send authorization and token requests to.
String	getIssuer()	Returns the OIDC issuer.
URL	getJwkSetURL()	Returns the JWK Set URL for validating OIDC tokens.
protected String	getLogin(com.microsoft.aad.msal4j.IAuthenticationResult result)	Retrieves the login from the given authentication result
protected Set<String>	getScopes()	Returns all needed OIDC scopes.
void	init(String id, String cpModelId, Map<String,Object> paramValues, String label)	Initialize the credential provider with given parameters' values.
void	service(ServiceManager manager)

Methods inherited from class org.ametys.plugins.extrausermgt.authentication.msal.AbstractMSALCredentialProvider

blockingGetUserIdentity, blockingGrantAnonymousRequest, blockingIsStillConnected, blockingUserAllowed, blockingUserNotAllowed, contextualize, getClientId, init, nonBlockingGetUserIdentity, nonBlockingGrantAnonymousRequest, nonBlockingIsStillConnected, nonBlockingUserAllowed, nonBlockingUserNotAllowed, refreshTokenIfNeeded, requiresNewWindow

Methods inherited from class org.ametys.core.authentication.AbstractCredentialProvider

equals, getCredentialProviderModelId, getId, getLabel, getParameterValues, hashCode

Methods inherited from class org.ametys.runtime.plugin.component.AbstractLogEnabled

getLogger, setLogger

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.ametys.core.authentication.CredentialProvider

getCredentialProviderModelId, getId, getLabel, getParameterValues, getUserIdentity, grantAnonymousRequest, isStillConnected, userAllowed, userNotAllowed

Constructor Details

EntraIDCredentialProvider

public EntraIDCredentialProvider()

Method Details

service

public void service(ServiceManager manager)
             throws ServiceException

Specified by:

service in interface Serviceable

Throws:

ServiceException

init

public void init(String id,
 String cpModelId,
 Map<String,Object> paramValues,
 String label)
          throws Exception

Description copied from interface: CredentialProvider

Initialize the credential provider with given parameters' values.

Specified by:

init in interface CredentialProvider

Overrides:

init in class AbstractCredentialProvider

Parameters:

id - The unique identifier

cpModelId - The id of credential provider extension point

paramValues - The parameters' values

label - The specific label of this instance. Can be null

Throws:

Exception - If an error occurred

getAuthority

protected String getAuthority()

Description copied from class: AbstractMSALCredentialProvider

Returns the URL to send authorization and token requests to.

Specified by:

getAuthority in class AbstractMSALCredentialProvider

Returns:

the OIDC authority URL

getIssuer

public String getIssuer()

Description copied from interface: OIDCBasedCredentialProvider

Returns the OIDC issuer.

Specified by:

getIssuer in interface OIDCBasedCredentialProvider

Returns:

the OIDC issuer

getJwkSetURL

public URL getJwkSetURL()

Description copied from interface: OIDCBasedCredentialProvider

Returns the JWK Set URL for validating OIDC tokens.

Specified by:

getJwkSetURL in interface OIDCBasedCredentialProvider

Returns:

the JWK Set URL

getScopes

protected Set<String> getScopes()

Description copied from class: AbstractMSALCredentialProvider

Returns all needed OIDC scopes. Defaults to ["openid"]

Overrides:

getScopes in class AbstractMSALCredentialProvider

Returns:

all needed OIDC scopes

getLogin

protected String getLogin(com.microsoft.aad.msal4j.IAuthenticationResult result)

Description copied from class: AbstractMSALCredentialProvider

Retrieves the login from the given authentication result

Overrides:

getLogin in class AbstractMSALCredentialProvider

Parameters:

result - the authentication result

Returns:

the login