azure-sdk-for-java
azure-sdk-for-java copied to clipboard
[BUG] On behalf of flow. requested_token_use parameter missing after upgrading to version 4.3
Describe the bug After upgrading from 4.2 to 4.3 on behalf of flow with spring-cloud-azure-starter-active-directory is not working.
Exception or Stack Trace org.springframework.security.oauth2.client.ClientAuthorizationException: [invalid_request] AADSTS900144: The request body must contain the following parameter: 'requested_token_use'
To Reproduce Upgrade spring-cloud-azure-starter-active-directory from 4.2 to 4.3
Code Snippet
profiles:
active: local
cloud:
azure:
active-directory:
enabled: true
profile:
tenant-id: cxxx
credential:
client-id: fxxx
client-secret: <Legg til secret her>
authorization-clients:
myclient:
authorization-grant-type: on_behalf_of
scopes:
- 6xxx/.default
Expected behavior Receive correct token
Screenshots
Setup (please complete the following information):
- OS: [e.g. iOS]
- IDE: [e.g. IntelliJ]
- Library/Libraries: com.azure.spring:spring-cloud-azure-starter-active-directory:4.3.0
- Java version: 17
- App Server/Environment: Tomcat
- Frameworks: Spring Boot
Hi @eoskd thanks for reaching out to us via this GitHub issue. @yiliuTo from the Azure Spring
team will follow up with you shortly.
@chenrujun could you help to take a look?
Hi @eoskd , sorry for disturbing your use, I will fix this issue soon.
Here is a temporary solution for your reference:
Add extra configuration to enable the bean OAuth2ClientAuthenticationJwkResolver
, and actually you will not use the client authentication method with private_key_jwt
, then the OBO process will work fine.
profiles:
active: local
cloud:
azure:
active-directory:
enabled: true
profile:
tenant-id: cxxx
credential:
client-id: fxxx
client-secret: <Legg til secret her>
client-certificate-path: <put-the-dummy-certificate-file-path-with-pfx-or-p12-extension, such as, C:/test.txt.p12>
client-certificate-password: <put-the-dummy-password>
authorization-clients:
myclient:
authorization-grant-type: on_behalf_of
scopes:
- 6xxx/.default
Hi, I've the same problem and been forced to downgrade to 4.2 springboot azur starter version ! Wish be fixed in 4.4
@smehdux
Thank you for your check. This problem is targeting to be fixed in 4.4 originally. Please refer to the changelog: https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/spring/CHANGELOG.md
And 4.4.0 is planned to be fixed at the end of this month.