无法使用MSAL4J从Azure AD获取访问令牌

发布于 2025-01-28 13:01:32 字数 3807 浏览 5 评论 0原文

我正在尝试访问图形API。我正在使用msal4j访问Graph apis。但是我得到com.microsoft.aad.msal4j.msalclientException：java.net.sockettimeoutexception：即使我不使用VPN，连接时间也可以连接。

我正在关注教程。我遵循其中提到的所有步骤。

在这里，堆栈跟踪：

线程中的异常“ main” java.util.concurrent.executionException：com.microsoft.aad.msal4j.msalclientException：java.net.sockettimeTimeOutexception：连接在Java.util.concurrent.completabletabletableclecefuture。 reportGet(CompletableFuture.java:357) at java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1895) at ClientCredentialGrant.getAccessTokenByClientCredentialGrant(ClientCredentialGrant.java:78) at ClientCredentialGrant.main(ClientCredentialGrant.java:36) Caused by: com.microsoft.aad.msal4j.msalclientException：java.net.sockettimeoutexception：连接在com.microsoft.aad.mmsal4j.httphelper.execute.execute.execute.execute.httpphelttprequest（httphelper.java：53）at com.micco.a.micsoftroft.excroft.excroft.excroft.micsoftroft.exm.excroft.excute.execute.execute.execute.execute Uterequest （aadinstancediscoveryprovider.java:218）com.microsoft.aad.msal4j.aadinstanceciscoveryprovider.sendinstanceediscoveryrequest（aadinstanceciscoveryrequest） instancediscoveryprovider.java:271）at com.microsoft。 AAD.MSAL4J.AADINSTANCANGISCOVERYPROVIDER.GETMETADATAENTRY（AADINSTANCENCISCOVERYPROVIDER.JAVA:56）com.microsoft.aad.aad.mmsal4j.authenticationalicationalsication resutticalsualtsuresultsuppllier.getauthoritywithoritywithoritywithprefnetworkhost（authtworkhost（authertworkhost） 4j.acquiretokenbyauthorizationgrantsupplier.execute（AccearireTokenByAuthorizationGrantsupplier.java： 59）访问com.microsoft.aad.msal4j.acquiretokenbyclientcredentialsupplier.acquiretokenbyclientcredential（AccelireTokenByClientClientCredentialsupplier.java：63） ier.java：49）atm.microsoft.aad.msal4j.authentication resultsupplier 。 util.concurrent.completablefuture $ asyncsupply.exec（ploteablefuture.java:1582）java.util.util.concurrent.concurrent.forkjertask.doexec.doexec（forkjointask.java.java：289） 1056）in Java.util.concurrent.forkjoinpool.runworker（forkjoinpool.java:1692）java.util.concurrent.forkjoinworkerthread.run（forkjoinworkerthread.java.java：157） .net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl 。在java.net.socket.connect（socket.java：589）上的sun.security.sssl.sssl.sslsocketimpl.connect（sslsocketimpl.java：673）sun.networkclient.doconnect.doconnect.doconnect.doconnect.doconnect.docconnect.docconnect.docconnect（networkclient.java：175） net.www.http.httpclient.openserver（httpclient.java：463）在sun.net.www.http.http.httpclient.openserver（httpclient.java：558） ins＆gt;（httpsclient.java:264）在sun.net.www.protocol.https.https.httpsclient.new（httpsclient.java:367） iection.java:191 ) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www. suolt.https.https.https.https.httpsurlconnection.connect（AbstrackDelegateHttpSurlConnection.java:177） .httpurlConnection.getInputstream（ httpurlconnection.java：1474）在Java.net.httpurlconnection.getResponsecode（httpurlconnection.java:480） ICROSOFT.AAD.MSAL4J 。 defaulthttpclient.java：35 at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequestWithRetries(HttpHelper.java:96) at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:49) ... 16 more

Any help will be感谢。

原文

I'm trying to access graph api. I'm using MSAL4J to access the graph apis. But I'm getting com.microsoft.aad.msal4j.MsalClientException: java.net.SocketTimeoutException: connect timed out even when I'm not using my vpn.

I'm following this tutorial. I've followed all the steps mentioned in there.

Here the stack trace:

Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.aad.msal4j.MsalClientException: java.net.SocketTimeoutException: connect timed out at java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:357) at java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1895) at ClientCredentialGrant.getAccessTokenByClientCredentialGrant(ClientCredentialGrant.java:78) at ClientCredentialGrant.main(ClientCredentialGrant.java:36) Caused by: com.microsoft.aad.msal4j.MsalClientException: java.net.SocketTimeoutException: connect timed out at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:53) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.executeRequest(AadInstanceDiscoveryProvider.java:218) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.sendInstanceDiscoveryRequest(AadInstanceDiscoveryProvider.java:172) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.doInstanceDiscoveryAndCache(AadInstanceDiscoveryProvider.java:271) at com.microsoft.aad.msal4j.AadInstanceDiscoveryProvider.getMetadataEntry(AadInstanceDiscoveryProvider.java:56) at com.microsoft.aad.msal4j.AuthenticationResultSupplier.getAuthorityWithPrefNetworkHost(AuthenticationResultSupplier.java:32) at com.microsoft.aad.msal4j.AcquireTokenByAuthorizationGrantSupplier.execute(AcquireTokenByAuthorizationGrantSupplier.java:59) at com.microsoft.aad.msal4j.AcquireTokenByClientCredentialSupplier.acquireTokenByClientCredential(AcquireTokenByClientCredentialSupplier.java:63) at com.microsoft.aad.msal4j.AcquireTokenByClientCredentialSupplier.execute(AcquireTokenByClientCredentialSupplier.java:49) at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:59) at com.microsoft.aad.msal4j.AuthenticationResultSupplier.get(AuthenticationResultSupplier.java:17) at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1590) at java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1582) at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:289) at java.util.concurrent.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1056) at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1692) at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:157) Caused by: java.net.SocketTimeoutException: connect timed out at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:463) at sun.net.www.http.HttpClient.openServer(HttpClient.java:558) at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:264) at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:367) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpClient(AbstractDelegateHttpsURLConnection.java:191) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:177) at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1546) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338) at com.microsoft.aad.msal4j.DefaultHttpClient.readResponseFromConnection(DefaultHttpClient.java:107) at com.microsoft.aad.msal4j.DefaultHttpClient.executeHttpGet(DefaultHttpClient.java:47) at com.microsoft.aad.msal4j.DefaultHttpClient.send(DefaultHttpClient.java:35) at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequestWithRetries(HttpHelper.java:96) at com.microsoft.aad.msal4j.HttpHelper.executeHttpRequest(HttpHelper.java:49) ... 16 more

Any help will be appreciated.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

南风几经秋 2025-02-04 13:01:32

最后，我弄清楚了。并希望它能帮助某人。 com.microsoft.aad.msal4j.msalclientException：java.net.sockettimeoutexception：Connect time time由于代理问题而发生了此例外。

我的系统位于代理后面，因此无法与microsoftonline服务器连接。

我有两种方法可以从azure ad获得access_token。

第一次方法
使用REST API由Azure AD提供，

public String getAccessToken() throws UnsupportedOperationException, IOException {
        ObjectMapper mapper = new ObjectMapper();
        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("your_proxy_address", your_proxy_port));
        OkHttpClient client = new OkHttpClient.Builder().proxy(proxy).build();

        MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
        RequestBody body = RequestBody.create(
                "grant_type=client_credentials&client_id=your_client_id&scope=https://graph.microsoft.com/.default&client_secret=your_client_secret",
                mediaType);
        Request request = new Request.Builder()
                .url("https://login.microsoftonline.com/your tenent id/oauth2/v2.0/token")
                .method("POST", body).addHeader("Content-Type", "application/x-www-form-urlencoded").build();

        Response response = client.newCall(request).execute();
        // String token = response.body().string();
        return mapper.readTree(response.body().string()).get("access_token").asText();
    }

您可以使用此方法获得access_token。另一种方法是使用msal4j库。
第二种方法

第一个构建客户端对象

private static void BuildConfidentialClientObject() throws Exception {

        Proxy proxy = AuthProvider.getInstance().getProxy();

        app = ConfidentialClientApplication.builder(clientId, ClientCredentialFactory.createFromSecret(secret))
                .proxy(proxy).authority(authority).build();
    }

然后获取access_token

private static IAuthenticationResult getAccessTokenByClientCredentialGrant() throws Exception {

        ClientCredentialParameters clientCredentialParam = ClientCredentialParameters
                .builder(Collections.singleton(scope)).build();

        CompletableFuture<IAuthenticationResult> future = app.acquireToken(clientCredentialParam);
        return future.join();

    }

现在您可以使用此访问Graph apis Access_Token并完成您的任务。

ps：我正在使用demon用于我的任务。有不同的方法可以满足您的要求。

您可以看一下在这里用于认证方法参考。

Finally, I figured it out. And writing this answer with hope that it will help someone. com.microsoft.aad.msal4j.MsalClientException: java.net.SocketTimeoutException: connect timed out This exception was occurring due to the proxy issues.

My system was behind the proxy so it was not able to connect with microsoftonline servers.

I have two approaches to get the access_token from azure AD.

First Approach
Using REST API provided by AZURE AD

public String getAccessToken() throws UnsupportedOperationException, IOException {
        ObjectMapper mapper = new ObjectMapper();
        Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("your_proxy_address", your_proxy_port));
        OkHttpClient client = new OkHttpClient.Builder().proxy(proxy).build();

        MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
        RequestBody body = RequestBody.create(
                "grant_type=client_credentials&client_id=your_client_id&scope=https://graph.microsoft.com/.default&client_secret=your_client_secret",
                mediaType);
        Request request = new Request.Builder()
                .url("https://login.microsoftonline.com/your tenent id/oauth2/v2.0/token")
                .method("POST", body).addHeader("Content-Type", "application/x-www-form-urlencoded").build();

        Response response = client.newCall(request).execute();
        // String token = response.body().string();
        return mapper.readTree(response.body().string()).get("access_token").asText();
    }

You can get the access_token by using this method. Another approach is, by using the MSAL4J library.
Second approach

First build client object

private static void BuildConfidentialClientObject() throws Exception {

        Proxy proxy = AuthProvider.getInstance().getProxy();

        app = ConfidentialClientApplication.builder(clientId, ClientCredentialFactory.createFromSecret(secret))
                .proxy(proxy).authority(authority).build();
    }

Then get the access_token

private static IAuthenticationResult getAccessTokenByClientCredentialGrant() throws Exception {

        ClientCredentialParameters clientCredentialParam = ClientCredentialParameters
                .builder(Collections.singleton(scope)).build();

        CompletableFuture<IAuthenticationResult> future = app.acquireToken(clientCredentialParam);
        return future.join();

    }

Now you can access the graph APIs using this access_token and complete your tasks.

PS: I'm using demon approach for my tasks. There are different approaches to fulfill your requirements.

You can have a look here for authentication approach reference.

回复收藏 0 原文

~没有更多了~