你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
KeyVaultCredentials 类
- java.
lang. Object - ServiceClientCredentials
- com.
microsoft. azure. keyvault. authentication. KeyVaultCredentials
- com.
public class KeyVaultCredentials
支持自动持有者令牌刷新的 ServiceClientCredentials 实现。
方法摘要
修饰符和类型 | 方法和描述 |
---|---|
void | applyCredentialsFilter(OkHttpClient.Builder clientBuilder) |
abstract String |
doAuthenticate(String authorization, String resource, String scope)
要实现的抽象方法。 使用令牌标头回答服务器质询。 实现通常使用 ADAL 来获取令牌,如以下示例中所示:
@Override public String doAuthenticate(String authorization, String resource, String scope) { String clientId = ...; // client GUID as shown in Azure portal. String clientKey = ...; // client key as provided by Azure portal. AuthenticationResult token = getAccessTokenFromClientCredentials(authorization, resource, clientId, clientKey); return token.getAccessToken();; }
private static AuthenticationResult getAccessTokenFromClientCredentials(String authorization, String resource, String clientId, String clientKey) { AuthenticationContext context = null; AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newFixedThreadPool(1); context = new AuthenticationContext(authorization, false, service); ClientCredential credentials = new ClientCredential(clientId, clientKey); Future<AuthenticationResult> future = context.acquireToken(resource, credentials, null); result = future.get(); } catch (Exception e) { throw new RuntimeException(e); } finally { service.shutdown(); }
if (result == null) { throw new RuntimeException("authentication result was null"); } return result; }
注意:必须安全地存储客户端密钥。 建议使用两个客户端应用程序(一个用于开发,另一个用于生产)由单独的各方管理。 |
方法详细信息
applyCredentialsFilter
public void applyCredentialsFilter(OkHttpClient.Builder clientBuilder)
Parameters:
clientBuilder
doAuthenticate
public abstract String doAuthenticate(String authorization, String resource, String scope)
要实现的抽象方法。
使用令牌标头回答服务器质询。
实现通常使用 ADAL 来获取令牌,如以下示例中所示:
@Override public String doAuthenticate(String authorization, String resource, String scope) { String clientId = ...; // client GUID as shown in Azure portal. String clientKey = ...; // client key as provided by Azure portal. AuthenticationResult token = getAccessTokenFromClientCredentials(authorization, resource, clientId, clientKey); return token.getAccessToken();; }
private static AuthenticationResult getAccessTokenFromClientCredentials(String authorization, String resource, String clientId, String clientKey) { AuthenticationContext context = null; AuthenticationResult result = null; ExecutorService service = null; try { service = Executors.newFixedThreadPool(1); context = new AuthenticationContext(authorization, false, service); ClientCredential credentials = new ClientCredential(clientId, clientKey); Future<AuthenticationResult> future = context.acquireToken(resource, credentials, null); result = future.get(); } catch (Exception e) { throw new RuntimeException(e); } finally { service.shutdown(); }
if (result == null) { throw new RuntimeException("authentication result was null"); } return result; }
注意:必须安全地存储客户端密钥。 建议使用两个客户端应用程序(一个用于开发,另一个用于生产)由单独的各方管理。
Parameters:
authorization
- 颁发机构的标识符,URL。
resource
- 作为所请求令牌的接收方的目标资源的标识符(URL)。
scope
- 身份验证请求的范围。
Returns:
访问令牌
适用于
反馈
https://aka.ms/ContentUserFeedback。
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:提交和查看相关反馈