Skip to content

Commit

Permalink
Add domain_hint in aad-stater. (Azure#22134)
Browse files Browse the repository at this point in the history
  • Loading branch information
han-gao authored Jun 8, 2021
1 parent 0cebceb commit 2b7514b
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 8 deletions.
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Release History

## 3.6.0-beta.1 (Unreleased)

- Support domain_hint in aad-starter.([#21517](https://github.com/Azure/azure-sdk-for-java/issues/21517))

## 3.5.0 (2021-05-24)
### New Features
Expand Down
2 changes: 1 addition & 1 deletion sdk/spring/azure-spring-boot/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Release History

## 3.6.0-beta.1 (Unreleased)

- Support domain_hint in aad-starter.([#21517](https://github.com/Azure/azure-sdk-for-java/issues/21517))

## 3.5.0 (2021-05-24)
### New Features
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

package com.azure.spring.aad.webapp;

import com.azure.spring.autoconfigure.aad.AADAuthenticationProperties;
import com.azure.spring.autoconfigure.aad.Constants;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
Expand All @@ -21,11 +22,15 @@
public class AADOAuth2AuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {
private final OAuth2AuthorizationRequestResolver defaultResolver;

public AADOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
private final AADAuthenticationProperties properties;

public AADOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository,
AADAuthenticationProperties properties) {
this.defaultResolver = new DefaultOAuth2AuthorizationRequestResolver(
clientRegistrationRepository,
OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI
);
this.properties = properties;
}

@Override
Expand Down Expand Up @@ -56,11 +61,13 @@ private OAuth2AuthorizationRequest addClaims(HttpServletRequest httpServletReque
return claims;
})
.orElse(null);
if (conditionalAccessPolicyClaims == null) {
return oAuth2AuthorizationRequest;
}
final Map<String, Object> additionalParameters = new HashMap<>();
additionalParameters.put(Constants.CLAIMS, conditionalAccessPolicyClaims);
if (conditionalAccessPolicyClaims != null) {
additionalParameters.put(Constants.CLAIMS, conditionalAccessPolicyClaims);
}
Optional.ofNullable(properties)
.map(AADAuthenticationProperties::getAuthenticateAdditionalParameters)
.ifPresent(additionalParameters::putAll);
Optional.of(oAuth2AuthorizationRequest)
.map(OAuth2AuthorizationRequest::getAdditionalParameters)
.ifPresent(additionalParameters::putAll);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,6 @@ protected OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> a
}

protected OAuth2AuthorizationRequestResolver requestResolver() {
return new AADOAuth2AuthorizationRequestResolver(this.repo);
return new AADOAuth2AuthorizationRequestResolver(this.repo, properties);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,11 @@ public class AADAuthenticationProperties implements InitializingBean {
*/
private String appIdUri;

/**
* Add additional parameters to the Authorization URL.
*/
private Map<String, Object> authenticateAdditionalParameters;

/**
* Connection Timeout for the JWKSet Remote URL call.
*/
Expand Down Expand Up @@ -248,6 +253,14 @@ public void setAppIdUri(String appIdUri) {
this.appIdUri = appIdUri;
}

public Map<String, Object> getAuthenticateAdditionalParameters() {
return authenticateAdditionalParameters;
}

public void setAuthenticateAdditionalParameters(Map<String, Object> authenticateAdditionalParameters) {
this.authenticateAdditionalParameters = authenticateAdditionalParameters;
}

public int getJwtConnectTimeout() {
return jwtConnectTimeout;
}
Expand Down

0 comments on commit 2b7514b

Please sign in to comment.