1

I'm using Adal4j Java library.I already have a refresh token but would like to get access token based on the refresh token.

I have the following code and I couldn't figure out how to define AuthenticationCallback

     ExecutorService service = Executors.newFixedThreadPool(1);
            AuthenticationContext context = new AuthenticationContext(authority, true, service);

context.acquireTokenByRefreshToken(resultFuture.get().getRefreshToken(), new ClientCredential("8a6....4b6", "J5....EU="), ?????? );

How do I define AuthenticationCallback ?

WowBow
  • 7,137
  • 17
  • 65
  • 103

1 Answers1

1

We need to implement the AuthenticationCallback interface. Here is a code sample for your reference:

import com.microsoft.aad.adal4j.AuthenticationCallback;
import com.microsoft.aad.adal4j.AuthenticationResult;

public class MYAuthenticationCallback implements AuthenticationCallback
{
    public void onFailure(Throwable arg0) {
    // TODO Auto-generated method stub  

    }

public void onSuccess(AuthenticationResult arg0) {
    // TODO Auto-generated method stub
    System.out.println(arg0.getAccessToken());
    }
}

Here is a helpful document about integrate Azure AD with Java web application.

Fei Xue
  • 14,369
  • 1
  • 19
  • 27
  • Thank you @Fei. So this means, I should grab the token on success ? – WowBow Dec 28 '16 at 07:17
  • Yes, you were correct. We need to handle the response as we need based on the successful or failed result. – Fei Xue Dec 28 '16 at 07:47
  • This has worked well but I have one confusion. I have 2 AuthenticationResult objects one is acquired by authorization code and the second AuthenticationResult is acquired by refreshToken from the first AuthResult. However when I compare the access token in the two objects. It is different. Even the refresh tokens are different. Is that right ? – WowBow Dec 28 '16 at 21:36
  • 1
    It is expected. First the refresh_token is only used to renew the access_token, it is different with the access token. Second when we using refresh_token to renew the access_token, the Azure Active Directory will issue a new token. You can decode the access_token from [here](https://jwt.io/). You should see the claims `iat`, `nbf`, `exp` are different. Refer [here](https://learn.microsoft.com/en-us/azure/active-directory/active-directory-token-and-claims#access-tokens) about the detailed claims in the token issued from Azure AD. – Fei Xue Dec 29 '16 at 07:49
  • one more question which is out of topic here. I have already built an application that talk to Azure REST API to access emails of indviduals if they have account in our Azure AD (Office 365 ) but now we have a requirement to build the same application but this time users have their own personal outlook account .. i.e they don't exist in our AD. Can you please provide me a link to do such job with REST API ? I couldn't find it easily. Thanks buddy! – WowBow Jan 05 '17 at 19:00
  • I know I can use similar API for accessing emails but I wanted to know how I can authenitcate and have token for this personal outlook accounts that dont exist in our AD. – WowBow Jan 05 '17 at 19:02
  • Right now, our current app references to client id and secret id of our Azure AD App, can I use the same app for personal accounts as well ? I was afraid it would reject my accounts because it doesn't exist in the Azure AD. – WowBow Jan 05 '17 at 19:06
  • 1
    To support the both Microsoft account and the Azure AD accounts, we need to use the Azure AD V2.0 endpoint. Please refer [here](https://learn.microsoft.com/en-us/azure/active-directory/active-directory-appmodel-v2-overview) for the detail. – Fei Xue Jan 09 '17 at 02:25
  • Can you help with this question as well http://stackoverflow.com/questions/41754060/microsoft-office-api-invalidauthenticationtoken-compacttoken-parsing-failed-with ? Thanks. – WowBow Jan 20 '17 at 00:21
  • 1
    @WowBow I have replied that thread, please let me know whether it is helpful. – Fei Xue Jan 20 '17 at 02:22