azure-sdk-for-java
azure-sdk-for-java copied to clipboard
Azure
Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate
Context
Now all samples about spring-security + AAD are using client-id and client-secret. We need provide samples without client-secret, use certificate instead.
Refs: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-access-token-with-a-certificate-credential
Related issue: #27029
Problem
Customers need this sample.
Solution
Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate
Hello chenrujun,
I am from UPS and we are working with MS (Mahesh Babu Thalla [email protected]) on implementing Azure AD with Spring Boot, but with no client secret. I believe he chatted with you on this. He mentioned you are working on a certificate based solution for Spring boot. Please let me know when the jar is ready to see if I can implement Azure AD. I currently use LDAP Spring Security and need to migrate to Azure AD, but UPS does not allow client-secret. Thanks.
Hi, @mpenabad1961 . Thanks for reaching out.
I am from UPS and we are working with MS (Mahesh Babu Thalla [email protected]) on implementing Azure AD with Spring Boot, but with no client secret. I believe he chatted with you on this.
Yes, I already discussed with him.
He mentioned you are working on a certificate based solution for Spring boot. Please let me know when the jar is ready to see if I can implement Azure AD
In this GitHub Issue, it will not release jar, it's target is to write sample to teach customer how to use spring-security + Azure AD.
I currently use LDAP Spring Security and need to migrate to Azure AD, but UPS does not allow client-secret.
Oh, you are using LDAP, not OAuth2. Mahesh and I are discussing about OAuth 2.
I found 2 links:
- https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/auth-ldap
- https://spring.io/guides/gs/authenticating-ldap/
If your requirement is same to above 2 links. Here is 2 options:
- You can investigate above 2 links by yourself.
- Wait sample tracked in #26456. Let's discuss that issue.
Thanks for responding. I meant to say I am currently using LDAP but I need to migrate to Azure AD. However, I need to use certificate-base , client-secret not allowed at UPS standard. When you have a sample code on how to use certificate without using secret please let me know. thanks. Mercedes
@mpenabad1961
Got it. Then you should still use this issue to track your requirement. I'll @ you here when the sample is ready.
Hi, @mpenabad1961.
I create a PR to write sample about using certificate instead of client-secret to authenticate: https://github.com/Azure-Samples/azure-spring-boot-samples/pull/196. Please take a look.
And which version of Spring Boot are you (UPS) using?
2.3.10.RELEASE
From: Rujun Chen @.> Sent: Monday, February 28, 2022 12:15 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQSM7iDhv$.
I create a PR to write sample about using certificate instead of client-secret to authenticate: Azure-Samples/azure-spring-boot-samples#196 [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/pull/196__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQR6QoEUY$. Please take a look.
And which version of Spring Boot are you (UPS) using?
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1053898845__;Iw!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQRXlTR3b$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F277BCKPQ5JZTT42VQLU5MAGZANCNFSM5LXYEOLQ__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQUUzENsv$. Triage notifications on the go with GitHub Mobile for iOS [apps.apple.com]https://urldefense.com/v3/__https:/apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQT4KD1Ul$ or Android [play.google.com]https://urldefense.com/v3/__https:/play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign*3Dnotification-email*26utm_medium*3Demail*26utm_source*3Dgithub__;JSUlJSU!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQX0lOUKY$. You are receiving this because you were mentioned.Message ID: @.@.>>
Apologies. I did not realized you had a question. I am using 2.3.10 Spring Boot.
-Mercedes
From: Rujun Chen @.> Sent: Monday, February 28, 2022 12:15 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQSM7iDhv$.
I create a PR to write sample about using certificate instead of client-secret to authenticate: Azure-Samples/azure-spring-boot-samples#196 [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/pull/196__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQR6QoEUY$. Please take a look.
And which version of Spring Boot are you (UPS) using?
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1053898845__;Iw!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQRXlTR3b$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F277BCKPQ5JZTT42VQLU5MAGZANCNFSM5LXYEOLQ__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQUUzENsv$. Triage notifications on the go with GitHub Mobile for iOS [apps.apple.com]https://urldefense.com/v3/__https:/apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQT4KD1Ul$ or Android [play.google.com]https://urldefense.com/v3/__https:/play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign*3Dnotification-email*26utm_medium*3Demail*26utm_source*3Dgithub__;JSUlJSU!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQX0lOUKY$. You are receiving this because you were mentioned.Message ID: @.@.>>
Hi, one more question. I am not sure what to look at , at the link provided below. Is there an overview of the steps to use?
From: Rujun Chen @.> Sent: Monday, February 28, 2022 12:15 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQSM7iDhv$.
I create a PR to write sample about using certificate instead of client-secret to authenticate: Azure-Samples/azure-spring-boot-samples#196 [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/pull/196__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQR6QoEUY$. Please take a look.
And which version of Spring Boot are you (UPS) using?
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1053898845__;Iw!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQRXlTR3b$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F277BCKPQ5JZTT42VQLU5MAGZANCNFSM5LXYEOLQ__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQUUzENsv$. Triage notifications on the go with GitHub Mobile for iOS [apps.apple.com]https://urldefense.com/v3/__https:/apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675__;!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQT4KD1Ul$ or Android [play.google.com]https://urldefense.com/v3/__https:/play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign*3Dnotification-email*26utm_medium*3Demail*26utm_source*3Dgithub__;JSUlJSU!!AQegZw!KlIQQ1FvKiIJv1qx-0ihM9vZ7JyyiICotL7WEnDqRWf4z9We3QrTQX0lOUKY$. You are receiving this because you were mentioned.Message ID: @.@.>>
Hi, @mpenabad1961
Please check this link:
https://github.com/Azure-Samples/azure-spring-boot-samples/blob/31b81ff524cf711d950d09e9250534949cd78f7e/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md
I am having trouble implementing your example. I see in the pom file you have a relative path. I tried unzip the whole sample package (all examples) so what ever reference you may be choosing is there, but I am getting filename errors when I am unzipping. Can you tell me what your example is dependent on to make it its own pom file.
Thanks Mercedes
From: Rujun Chen @.> Sent: Thursday, March 31, 2022 8:33 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kJOUVqQ7$
Please check this link:
https://github.com/Azure-Samples/azure-spring-boot-samples/blob/31b81ff524cf711d950d09e9250534949cd78f7e/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/31b81ff524cf711d950d09e9250534949cd78f7e/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kASdsVRI$
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1085266155__;Iw!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kMSpJJf1$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2Z75DFU44LMJFWHR7DVCY73LANCNFSM5LXYEOLQ__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kK1RhsUJ$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
-
Could you please try spring-cloud-azure_v4.0.0 branch? Here is the link to spring-cloud-azure_v4.0.0 branch branch: https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md
-
What type of
filename errorsdid you faced? Could you please share more information?
I do not see a download for this directory, how do I download package. @.*** The only place that allowed download zip was at the https://github.com/Azure-Samples/azure-spring-boot-samples level. I get the following error from Winzip. I get a lot of these. So the by the time I get through all the errors, the files that do get through, your project is missing the long named files.
@.***
If you can let me know what dependencies your project needs that would be helpful, because your pom.xml points to relative pom which points to https://github.com/Azure-Samples/azure-spring-boot-samples <relativePath>../../../../../pom.xml</relativePath>
I am having trouble with which dependencies are needed. I haven not even been able to compile.
If you can help me I would appreciate it.
Thanks Mercedes
From: Rujun Chen @.> Sent: Thursday, April 14, 2022 9:38 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!KjhVCW3uOlwPxXOdndTrsgwM4rAWL9TYipXn4Q3qrZstYV7h9zQhAq_uCwrc$
- Could you please try spring-cloud-azure_v4.0.0 branch? Here is the link to spring-cloud-azure_v4.0.0 branch branch: https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!KjhVCW3uOlwPxXOdndTrsgwM4rAWL9TYipXn4Q3qrZstYV7h9zQhAnGg1aTw$
- What type of filename errors did you faced? Could you please share more information?
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1099774412__;Iw!!AQegZw!KjhVCW3uOlwPxXOdndTrsgwM4rAWL9TYipXn4Q3qrZstYV7h9zQhAkyAltId$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F27G42NJTKD4PIBEJPTVFDB73ANCNFSM5LXYEOLQ__;!!AQegZw!KjhVCW3uOlwPxXOdndTrsgwM4rAWL9TYipXn4Q3qrZstYV7h9zQhAoqTxqxF$. You are receiving this because you were mentioned.Message ID: @.@.>>
Rajun,
I need help. I cannot compile. I am getting errors with OAuth2AuthorizationCodeGrantRequestEntityConverter. I am getting undefined type for addParametersConverter()
Please advise.
-Merdedes
From: Rujun Chen @.> Sent: Thursday, March 31, 2022 8:33 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kJOUVqQ7$
Please check this link:
https://github.com/Azure-Samples/azure-spring-boot-samples/blob/31b81ff524cf711d950d09e9250534949cd78f7e/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/31b81ff524cf711d950d09e9250534949cd78f7e/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kASdsVRI$
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1085266155__;Iw!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kMSpJJf1$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2Z75DFU44LMJFWHR7DVCY73LANCNFSM5LXYEOLQ__;!!AQegZw!I8QYCqY6bSnNP8Ord_u8CRLrKN1abFplYfkuDfqMW1s0CxNmfZa_kK1RhsUJ$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961 Please try these commands:
git clone [email protected]:Azure-Samples/azure-spring-boot-samples.git
cd azure-spring-boot-samples/
mvn clean install -DskipTests
There is no error in my side. If there are some errors in your side, please share related log or screenshot.
Hi, @mpenabad1961
Does this sample solve your problem?
https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md
I haven’t been able to execute it. I have created the certificate and asked the Azure team to add to application registration. I know you closed the case, but can I still ask you questions?
-Mercedes
From: Rujun Chen @.> Sent: Wednesday, April 27, 2022 2:52 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
Hi, @mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!d2_CBRauzDsJJQWLZ_e416vVehVV2vaMmA6U381WOQyYdtEzW5Ya0-_qDN-n9Q3DZvLt2dgNelo92N9pRqriRA$
Does this sample solve your problem?
https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!d2_CBRauzDsJJQWLZ_e416vVehVV2vaMmA6U381WOQyYdtEzW5Ya0-_qDN-n9Q3DZvLt2dgNelo92N_4wMJy_w$
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1110611836__;Iw!!AQegZw!d2_CBRauzDsJJQWLZ_e416vVehVV2vaMmA6U381WOQyYdtEzW5Ya0-_qDN-n9Q3DZvLt2dgNelo92N97X3eQ4A$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F24PXI25KN33AYKEAATVHDPY7ANCNFSM5LXYEOLQ__;!!AQegZw!d2_CBRauzDsJJQWLZ_e416vVehVV2vaMmA6U381WOQyYdtEzW5Ya0-_qDN-n9Q3DZvLt2dgNelo92N8RCOaHcw$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961 This issue is still opened. Ask me if you have any questions.
I am struggling with the flow of the code. Can you provide example data for certificate : client-certificate-path: ${client-1-certificate-path} If I followed your instructions I created a cert file which needs to be uploaded into my Azure App registration. So what is used as a path? Can you outline the steps that happen behind the scene from the SecurityConfiguration class. I know it uses configure(), because that’s how I used LDAP.
-Mercedes
From: Rujun Chen @.> Sent: Wednesday, April 27, 2022 9:47 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!fpzqkTHy600esfWWHBh5TDLx3irwxnjzcb0QaNg-Z-thZKhCfmubvDSv97v3dktPB8O_NO9as0CSDyPXbruBIw$ This issue is still opened. Ask me if you have any questions.
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1111650437__;Iw!!AQegZw!fpzqkTHy600esfWWHBh5TDLx3irwxnjzcb0QaNg-Z-thZKhCfmubvDSv97v3dktPB8O_NO9as0CSDyMeEqUSYw$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F25L6ZDXFQDHA3BAKCDVHHUZPANCNFSM5LXYEOLQ__;!!AQegZw!fpzqkTHy600esfWWHBh5TDLx3irwxnjzcb0QaNg-Z-thZKhCfmubvDSv97v3dktPB8O_NO9as0CSDyPOTb41vA$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
Can you provide example data for certificate : client-certificate-path: ${client-1-certificate-path} If I followed your instructions I created a cert file which needs to be uploaded into my Azure App registration. So what is used as a path?
After you uploaded to Azure App registration, the cert file should not be deleted in your computer, the client-certificate-path should be the path to your cert in your computer. For example: C:\Users\user-name\cert.pfx or /etc/cert.pfx.
Can you outline the steps that happen behind the scene from the SecurityConfiguration class. I know it uses configure(), because that’s how I used LDAP.
Do you mean here? https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt/src/main/java/com/azure/spring/sample/reactive/servlet/oauth2/login/jwt/configuration/WebSecurityConfiguration.java#L54
The main purpose of this configuration is to use client_assertion instead of client_secret when request for an access token. Refer this page for more information: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-access-token-with-a-certificate-credential
The client_assertion is created by the cert.
When you say computer do you mean the web server where spring application resides on?
From: Rujun Chen @.> Sent: Thursday, April 28, 2022 10:30 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!Y85-B5S2bjLYz3XEbH6qhkRwt3d5liXkXGlC6DwaeblTPC5N-cwsHf05iS5Rs7570-b-oPTH0zcOtNVbY-afBA$
Can you provide example data for certificate : client-certificate-path: ${client-1-certificate-path} If I followed your instructions I created a cert file which needs to be uploaded into my Azure App registration. So what is used as a path?
After you uploaded to Azure App registration, the cert file should not be deleted in your computer, the client-certificate-path should be the path to your cert in your computer. For example: C:\Users\user-name\cert.pfx or /etc/cert.pfx.
Can you outline the steps that happen behind the scene from the SecurityConfiguration class. I know it uses configure(), because that’s how I used LDAP.
Do you mean here? https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt/src/main/java/com/azure/spring/sample/reactive/servlet/oauth2/login/jwt/configuration/WebSecurityConfiguration.java#L54 [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt/src/main/java/com/azure/spring/sample/reactive/servlet/oauth2/login/jwt/configuration/WebSecurityConfiguration.java*L54__;Iw!!AQegZw!Y85-B5S2bjLYz3XEbH6qhkRwt3d5liXkXGlC6DwaeblTPC5N-cwsHf05iS5Rs7570-b-oPTH0zcOtNV2m5gmhQ$
The main purpose of this configuration is to use client_assertion instead of client_secret when request for an access token. Refer this page for more information: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow#request-an-access-token-with-a-certificate-credential [docs.microsoft.com]https://urldefense.com/v3/__https:/docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow*request-an-access-token-with-a-certificate-credential__;Iw!!AQegZw!Y85-B5S2bjLYz3XEbH6qhkRwt3d5liXkXGlC6DwaeblTPC5N-cwsHf05iS5Rs7570-b-oPTH0zcOtNVGflTMXA$
The client_assertion is created by the cert.
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1112822928__;Iw!!AQegZw!Y85-B5S2bjLYz3XEbH6qhkRwt3d5liXkXGlC6DwaeblTPC5N-cwsHf05iS5Rs7570-b-oPTH0zcOtNVToce3Mg$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F25OKGUNPCKFOOUMLALVHNCR7ANCNFSM5LXYEOLQ__;!!AQegZw!Y85-B5S2bjLYz3XEbH6qhkRwt3d5liXkXGlC6DwaeblTPC5N-cwsHf05iS5Rs7570-b-oPTH0zcOtNUdtRso6A$. You are receiving this because you were mentioned.Message ID: @.@.>>
I tried the command and I am getting this error. @.***
I also inserts the code into a plain simple Spring Web application and when trying to instantiate securityconfiguration.class I get this error. I need help.
org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'securityConfiguration' defined in file [C:\Users\app4mxp\eclipse-workspace\webAD\target\classes\com\example\webdemo\SecurityConfiguration.class]: Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [org/springframework/boot/autoconfigure/security/oauth2/client/servlet/OAuth2ClientRegistrationRepositoryConfiguration.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository]: Factory method 'clientRegistrationRepository' threw exception; nested exception is java.lang.IllegalArgumentException: authorizationGrantType cannot be null
@.***
From: Rujun Chen @.> Sent: Monday, April 18, 2022 9:19 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!J-K-MgzrIqbFSRGIeEi3TZklXgVlrOJ9yBVSFzuOAuzApQCMQNkTmvbp-IgB$ Please try these commands:
git clone @.@.:Azure-Samples/azure-spring-boot-samples.git>
cd azure-spring-boot-samples/
mvn clean install -DskipTests
There is no error in my side. If there are some errors in your side, please share related log or screenshot.
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1101900438__;Iw!!AQegZw!J-K-MgzrIqbFSRGIeEi3TZklXgVlrOJ9yBVSFzuOAuzApQCMQNkTmpSCdn00$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2ZBY6ZBOVKJL4XXHMTVFYCY3ANCNFSM5LXYEOLQ__;!!AQegZw!J-K-MgzrIqbFSRGIeEi3TZklXgVlrOJ9yBVSFzuOAuzApQCMQNkTmotN5Uo1$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
When you say computer do you mean the web server where spring application resides on?
Yes.
I also inserts the code into a plain simple Spring Web application and when trying to instantiate securityconfiguration.class I get this error.
I guess there is something different between the sample application login-authenticate-using-private-key-jwt.
Here is my suggestion, you can choose one of the follow 2 options:
-
Just run the sample according to the document, do not change the code.
-
If you did some modification in the sample project, try to specify authorization-grant-type by this configuration:
spring:
security:
oauth2:
client:
registration:
microsoft:
client-id:
client-secret:
authorization-grant-type: authorization_code
I have this in place. Right now I have no errors, however, I am not getting the MS login dialog box. What configuration or pom do I need to include to get login box? I get this @.*** What I want is this dialog box @.*** From: Rujun Chen @.> Sent: Thursday, May 5, 2022 5:28 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
I also inserts the code into a plain simple Spring Web application and when trying to instantiate securityconfiguration.class I get this error.
I guess there is something different between the sample application login-authenticate-using-private-key-jwt [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt__;!!AQegZw!YxwhJ_lSxPUyjsIDBz8B19oTTx0_htmEdIIADC85NVZYeoxbQzoMW2jMKcTB1OdbD5PAJDFQySI1vRaIzQ457g$.
Here is my suggestion, you can choose one of the follow 2 options:
- Just run the sample according to the document [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!YxwhJ_lSxPUyjsIDBz8B19oTTx0_htmEdIIADC85NVZYeoxbQzoMW2jMKcTB1OdbD5PAJDFQySI1vRZn9lH_Rg$, do not change the code.
- If you did some modification in the sample project, try to specify authorization-grant-type by this configuration:
spring:
security:
oauth2:
client:
registration:
microsoft:
client-id:
client-secret:
authorization-grant-type: authorization_code
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1118351467__;Iw!!AQegZw!YxwhJ_lSxPUyjsIDBz8B19oTTx0_htmEdIIADC85NVZYeoxbQzoMW2jMKcTB1OdbD5PAJDFQySI1vRbOKHmQZQ$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2ZTELTJQW52GTFW43TVIOIC3ANCNFSM5LXYEOLQ__;!!AQegZw!YxwhJ_lSxPUyjsIDBz8B19oTTx0_htmEdIIADC85NVZYeoxbQzoMW2jMKcTB1OdbD5PAJDFQySI1vRbA7CNQTA$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
Are you using the sample project? The sample project should have the MS login dialog box.
As I noted in another email, I was not able to download from Git. I error out. So I just created a simple Web application and added the code you had under the folder login-authenticate-using-private-key-jwt It has no errors.
I had to tweak a bit to get passed the compilation errors. Also for my Azure App Registration I had to tweek issuer-uri because I run .well-known/openid-configuration I had to update. Should I add a dependency? Should I configure anymore properties?
spring.security.oauth2.client.provider.azure-active-directory.authorization-uri=https://login.microsoftonline.com/e7520e4d-d5a0-488d-9e9f-949faae7dce8/oauth2/v2.0/authorize #spring.security.oauth2.client.provider.azure-active-directory.issuer-uri=https://login.microsoftonline.com/e7520e4d-d5a0-488d-9e9f-949faae7dce8/oauth2/v2.0 spring.security.oauth2.client.provider.azure-active-directory.issuer-uri=https://login.microsoftonline.com/e7520e4d-d5a0-488d-9e9f-949faae7dce8/v2.0 spring.security.oauth2.client.provider.azure-active-directory.token-uri=https://login.microsoftonline.com/e7520e4d-d5a0-488d-9e9f-949faae7dce8/oauth2/v2.0/token
spring.security.oauth2.client.registration.client-1.provider=azure-active-directory spring.security.oauth2.client.registration.client-1.authorization-grant-type=authorization_code spring.security.oauth2.client.registration.client-1.client-id=9145028d-c49e-4794-b009-65c0c4d16028 spring.security.oauth2.client.registration.client-1.client-authentication-method=private_key_jwt
spring.security.oauth2.client.registration.client-1.client-certificate-path=taddmfeazure.pfx spring.security.oauth2.client.registration.client-1.client-certificate-password=taddmfeazure! spring.security.oauth2.client.registration.client-1.scope=openid,profile spring.security.oauth2.client.registration.client-1.redirect-uri=http://localhost:8080/login/oauth2/code/
From: Rujun Chen @.> Sent: Thursday, May 5, 2022 9:09 PM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!eltvwBYG-hJmKTLY8Cujgv5afsngJTPN4kau_0gaPss1dWMqsMVXmY3GFn_qYbsMnC5SOAbJCpBwe2_Kmffgow$
Are you using the sample project [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt__;!!AQegZw!eltvwBYG-hJmKTLY8Cujgv5afsngJTPN4kau_0gaPss1dWMqsMVXmY3GFn_qYbsMnC5SOAbJCpBwe2_aLl-rFw$? The sample project should have the MS login dialog box.
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1119176689__;Iw!!AQegZw!eltvwBYG-hJmKTLY8Cujgv5afsngJTPN4kau_0gaPss1dWMqsMVXmY3GFn_qYbsMnC5SOAbJCpBwe29ZzHYABQ$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F275MCFMBU7GPSEQFHDVIRWMLANCNFSM5LXYEOLQ__;!!AQegZw!eltvwBYG-hJmKTLY8Cujgv5afsngJTPN4kau_0gaPss1dWMqsMVXmY3GFn_qYbsMnC5SOAbJCpBwe29xCgJzdg$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
As I noted in another email, I was not able to download from Git. I error out.
Why can't you download from git? Could you please share the output if you run these commands?
git clone [email protected]:Azure-Samples/azure-spring-boot-samples.git
cd azure-spring-boot-samples/
mvn clean install -DskipTests
So I just created a simple Web application and added the code you had under the folder login-authenticate-using-private-key-jwt It has no errors.
I can not help you if we use different sample project. So I suggest your to clone the repo: https://github.com/Azure-Samples/azure-spring-boot-samples . Read this document: https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md And run the sample: https://github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt,
I have tried 3 different ways to clone, none worked. In general either I don’t have rights or the file name too long. I am unable to clone as you suggested. I run my set proxy before I do this command but still get access rights error. I need help to download your code. This is why I tried copying the code manually one file at a time and only the one JWT folder you created. Please advise.
- Command-line as you suggest
@.***
- Github Desktop – filename too long errors – I get passed access but then it’s the filename too long error as you can see below.
Cloning into 'C:\Users\app4mxp\eclipse-workspace\Temp\azure-spring-boot-samples'... remote: Enumerating objects: 13062, done. remote: Counting objects: 100% (2909/2909), done. remote: Compressing objects: 100% (741/741), done. remote: Total 13062 (delta 2466), reused 2250 (delta 2110), pack-reused 10153 Receiving objects: 100% (13062/13062), 12.11 MiB | 3.51 MiB/s, done. error: RPC failed; curl 56 Failure when receiving data from the peer Resolving deltas: 100% (5031/5031), done. error: unable to create file aad/spring-cloud-azure-starter-active-directory/web-client-access-resource-server/aad-resource-server-obo/src/main/java/com/azure/spring/sample/aad/AadOAuth2ResourceServerOboSampleApplication.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/client/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/client/configuration/ApplicationConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/client/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/client/configuration/SecurityConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/client/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/client/controller/HomeController.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/client/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/client/controller/ResourceServer1Controller.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/client/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/client/controller/ResourceServer2Controller.java: Filename too long warning: unable to access 'aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/gateway/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/gateway/configuration/.gitattributes': Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/gateway/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/gateway/configuration/ApplicationConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/gateway/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/gateway/configuration/SecurityConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-1/src/main/java/com/azure/spring/sample/activedirectory/oauth2/gateway/resourceserver1/ResourceServer1Application.java: Filename too long warning: unable to access 'aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-1/src/main/java/com/azure/spring/sample/activedirectory/oauth2/gateway/resourceserver1/configuration/.gitattributes': Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-1/src/main/java/com/azure/spring/sample/activedirectory/oauth2/gateway/resourceserver1/configuration/ApplicationConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-1/src/main/java/com/azure/spring/sample/activedirectory/oauth2/gateway/resourceserver1/configuration/SecurityConfiguration.java: Filename too long error: unable to create file aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-1/src/main/java/com/azure/spring/sample/activedirectory/oauth2/gateway/resourceserver1/controller/HomeController.java: Filename too long fatal: cannot create directory at 'aad/spring-security/reactive/webflux/oauth2/spring-cloud-gateway/resource-server-2/src/main/java/com/azure/spring/sample/activedirectory/reactive/webflux/oauth2/gateway/resourceserver2': Filename too long warning: Clone succeeded, but checkout failed. You can inspect what was checked out with 'git status' and retry with 'git restore --source=HEAD :/'
- Downloaded as zip file
File names too long error when I try to unzip
From: Rujun Chen @.> Sent: Friday, May 6, 2022 5:49 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbnEaIgNgg$
As I noted in another email, I was not able to download from Git. I error out.
Why can't you download from git? Could you please share the output if you run these commands?
git clone @.@.:Azure-Samples/azure-spring-boot-samples.git>
cd azure-spring-boot-samples/
mvn clean install -DskipTests
So I just created a simple Web application and added the code you had under the folder login-authenticate-using-private-key-jwt It has no errors.
I can not help you if we use different sample project. So I suggest your to clone the repo: https://github.com/Azure-Samples/azure-spring-boot-samples [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbnr0Tcrvw$ . Read this document: https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbk2U4LDqQ$ And run the sample: https://github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbkAdm7twQ$,
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1119444049__;Iw!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbkmMkhG3g$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2Z2F75C5AMDVKB2SCLVITTJTANCNFSM5LXYEOLQ__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbklqODJVg$. You are receiving this because you were mentioned.Message ID: @.@.>>
I was finally able to download the git clone. It was the .gitconfigure I updated proxy credentials. However, I get a clean compile. We use JFrog here at the company. I am getting over 100 compilation errors. There are so many projects in this folder. Can I just work on login-authenticate-using-private-key-jwt project folder?
From: Rujun Chen @.> Sent: Friday, May 6, 2022 5:49 AM To: Azure/azure-sdk-for-java @.> Cc: Mercedes Penabad @.>; Mention @.> Subject: [EXTERNAL] Re: [Azure/azure-sdk-for-java] Write sample about spring-security + Azure AD, authorize OAuth2 client by certificate (Issue #26418)
CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.
@mpenabad1961 [github.com]https://urldefense.com/v3/__https:/github.com/mpenabad1961__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbnEaIgNgg$
As I noted in another email, I was not able to download from Git. I error out.
Why can't you download from git? Could you please share the output if you run these commands?
git clone @.@.:Azure-Samples/azure-spring-boot-samples.git>
cd azure-spring-boot-samples/
mvn clean install -DskipTests
So I just created a simple Web application and added the code you had under the folder login-authenticate-using-private-key-jwt It has no errors.
I can not help you if we use different sample project. So I suggest your to clone the repo: https://github.com/Azure-Samples/azure-spring-boot-samples [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbnr0Tcrvw$ . Read this document: https://github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/blob/spring-cloud-azure_v4.0.0/aad/spring-security/docs/servlet/oauth2/login-authenticate-using-private-key-jwt.md__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbk2U4LDqQ$ And run the sample: https://github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt [github.com]https://urldefense.com/v3/__https:/github.com/Azure-Samples/azure-spring-boot-samples/tree/spring-cloud-azure_v4.0.0/aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbkAdm7twQ$,
— Reply to this email directly, view it on GitHub [github.com]https://urldefense.com/v3/__https:/github.com/Azure/azure-sdk-for-java/issues/26418*issuecomment-1119444049__;Iw!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbkmMkhG3g$, or unsubscribe [github.com]https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AXI3F2Z2F75C5AMDVKB2SCLVITTJTANCNFSM5LXYEOLQ__;!!AQegZw!c4EoweKdZSlXa5O0bCejh2QnXNYi3RHUuQtFCA4inU41t1EzEY1ypKfTBt3v4TRuos38fGglnxhrxbklqODJVg$. You are receiving this because you were mentioned.Message ID: @.@.>>
@mpenabad1961
Can I just work on login-authenticate-using-private-key-jwt project folder?
Please try this:
git clone [email protected]:Azure-Samples/azure-spring-boot-samples.git
cd azure-spring-boot-samples/
mvn clean install -f aad/spring-security/servlet/oauth2/login-authenticate-using-private-key-jwt/