-
Notifications
You must be signed in to change notification settings - Fork 142
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #807 from AzureAD/avdunn/add-persistence-package
Update extensions package and add to main repo
- Loading branch information
Showing
36 changed files
with
2,597 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Compiled class file | ||
*.class | ||
|
||
# Log file | ||
*.log | ||
|
||
# BlueJ files | ||
*.ctxt | ||
|
||
# Mobile Tools for Java (J2ME) | ||
.mtj.tmp/ | ||
|
||
# Package Files # | ||
*.jar | ||
*.war | ||
*.nar | ||
*.ear | ||
*.zip | ||
*.tar.gz | ||
*.rar | ||
|
||
# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml | ||
hs_err_pid* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,106 @@ | ||
# Microsoft Authentication Extensions for Java | ||
|
||
The Microsoft Authentication Extensions for Java offers secure mechanisms for client applications to perform cross-platform token cache serialization and persistence. It gives additional support to the [Microsoft Authentication Library for Java (MSAL)](https://github.com/AzureAD/microsoft-authentication-library-for-java). | ||
|
||
MSAL Java supports an in-memory cache by default and provides the `ITokenCacheAccessAspect` interface to perform cache serialization. You can read more about this in the MSAL Java [documentation](https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-java-token-cache-serialization). Developers are required to implement their own cache persistance across multiple platforms and Microsoft Authentication Extensions makes this simpler. | ||
The extensions library supports persistence of the cache to disk in encrypted form where the platform supports this. | ||
|
||
This is available for Windows, Mac and Linux. | ||
- Windows - [DPAPI](https://docs.microsoft.com/en-us/dotnet/standard/security/how-to-use-data-protection) is used for encryption. | ||
- MAC - The MAC KeyChain is used and encryption is built in. | ||
- Linux - [LibSecret](https://wiki.gnome.org/Projects/Libsecret) is used for encryption. Any place where libsecret is not available encryption is not supported. | ||
|
||
> Note: It is recommended to use this library for cache persistance support for Public client applications such as Desktop apps only. In web applications, this may lead to scale and performance issues. Web applications are recommended to persist the cache in session. Take a look at this [webapp sample](https://github.com/Azure-Samples/ms-identity-java-webapp). | ||
## Installation | ||
|
||
You can find the latest pacakge in the [Maven repository](https://mvnrepository.com/artifact/com.microsoft.azure/msal4j-persistence-extension). | ||
|
||
Add the dependecy to the pom file. | ||
|
||
``` | ||
<dependency> | ||
<groupId>com.microsoft.azure</groupId> | ||
<artifactId>msal4j-persistence-extension</artifactId> | ||
<version>1.2.0</version> | ||
</dependency> | ||
``` | ||
|
||
## Versions | ||
|
||
This library follows [Semantic Versioning](http://semver.org/). | ||
|
||
## Usage | ||
|
||
[![javadoc](https://javadoc.io/badge2/com.microsoft.azure/msal4j-persistence-extension/javadoc.svg)](https://javadoc.io/doc/com.microsoft.azure/msal4j-persistence-extension) | ||
|
||
The Microsoft Authentication Extensions library provides the `PersistenceTokenCacheAccessAspect` which is an implementation of the `ITokenCacheAccessAspect` interface defined in MSAL Java. After configuring this token cache, it can then be used to instantiate the client application in MSAL Java. | ||
|
||
The token cache includes a file lock, and auto-reload behavior under the hood. | ||
|
||
Here is the usage pattern for multiple platforms: | ||
|
||
1. Configure the `PersistenceSettings`. | ||
|
||
```java | ||
private PersistenceSettings createPersistenceSettings() throws IOException { | ||
|
||
Path path = Paths.get(System.getProperty("user.home"), "MSAL", "testCache"); | ||
|
||
return PersistenceSettings.builder("testCacheFile", path) | ||
.setMacKeychain("MsalTestService", "MsalTestAccount") | ||
.setLinuxKeyring(null, | ||
"MsalTestSchema", | ||
"MsalTestSecretLabel", | ||
"MsalTestAttribute1Key", | ||
"MsalTestAttribute1Value", | ||
"MsalTestAttribute2Key", | ||
"MsalTestAttribute2Value") | ||
.setLockRetry(1000, 50) | ||
.build(); | ||
} | ||
``` | ||
|
||
1. Create the `PersistenceTokenCacheAccessAspect`. | ||
|
||
```java | ||
private ITokenCacheAccessAspect createPersistenceAspect() throws IOException { | ||
return new PersistenceTokenCacheAccessAspect(createPersistenceSettings()); | ||
} | ||
``` | ||
1. Now you can use `PersistenceTokenCacheAccessAspect` to configure Msal client application: | ||
|
||
```java | ||
return PublicClientApplication.builder(PUBLIC_CLIENT_ID) | ||
.authority(AUTHORITY) | ||
.setTokenCacheAccessAspect(createPersistenceAspect()) | ||
.build(); | ||
``` | ||
|
||
## Community Help and Support | ||
|
||
We leverage Stack Overflow to work with the community on supporting Azure Active Directory and its SDKs, including this one! | ||
We highly recommend you ask your questions on Stack Overflow (we're all on there!). | ||
Also browse existing issues to see if someone has had your question before. | ||
We recommend you use the "msal" tag so we can see it! | ||
Here is the latest Q&A on Stack Overflow for MSAL: | ||
[http://stackoverflow.com/questions/tagged/msal](http://stackoverflow.com/questions/tagged/msal) | ||
## Contributing | ||
All code is licensed under the MIT license and we triage actively on GitHub. | ||
This project welcomes contributions and suggestions. Most contributions require you to agree to a | ||
Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us | ||
the rights to use your contribution. For details, visit https://cla.microsoft.com. | ||
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide | ||
a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions | ||
provided by the bot. You will only need to do this once across all repos using our CLA. | ||
## We value and adhere to the Microsoft Open Source Code of Conduct | ||
This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional questions or comments. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,140 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<groupId>com.microsoft.azure</groupId> | ||
<artifactId>msal4j-persistence-extension</artifactId> | ||
<version>1.3.0</version> | ||
<packaging>jar</packaging> | ||
<name>msal4j-persistence-extension</name> | ||
<description> | ||
Implementation of ITokenCacheAccessAspect interface defined in Java MSAL SDK (artifactId - msal4j) | ||
for persistence of token cache in platform specific secret storage: | ||
* Win - file encrypted with DPAPI | ||
* Mac - key chain | ||
* Linux - key ring | ||
</description> | ||
<url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url> | ||
<licenses> | ||
<license> | ||
<name>MIT License</name> | ||
</license> | ||
</licenses> | ||
<scm> | ||
<url>https://github.com/AzureAD/microsoft-authentication-library-for-java</url> | ||
</scm> | ||
<developers> | ||
<developer> | ||
<id>ms</id> | ||
<name>Microsoft Corporation</name> | ||
</developer> | ||
</developers> | ||
<properties> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>com.microsoft.azure</groupId> | ||
<artifactId>msal4j</artifactId> | ||
<version>1.15.0</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>net.java.dev.jna</groupId> | ||
<artifactId>jna</artifactId> | ||
<version>5.13.0</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>net.java.dev.jna</groupId> | ||
<artifactId>jna-platform</artifactId> | ||
<version>5.13.0</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>org.slf4j</groupId> | ||
<artifactId>slf4j-api</artifactId> | ||
<version>1.7.7</version> | ||
</dependency> | ||
|
||
<dependency> | ||
<groupId>junit</groupId> | ||
<artifactId>junit</artifactId> | ||
<version>4.13.1</version> | ||
<scope>test</scope> | ||
</dependency> | ||
</dependencies> | ||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-compiler-plugin</artifactId> | ||
<version>3.7.0</version> | ||
<configuration> | ||
<source>8</source> | ||
<target>8</target> | ||
</configuration> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-jar-plugin</artifactId> | ||
<version>2.5</version> | ||
<configuration> | ||
<archive> | ||
<manifest> | ||
<addDefaultImplementationEntries>true</addDefaultImplementationEntries> | ||
<addDefaultSpecificationEntries>true</addDefaultSpecificationEntries> | ||
</manifest> | ||
</archive> | ||
</configuration> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-surefire-plugin</artifactId> | ||
<version>2.10</version> | ||
<configuration> | ||
<argLine>-noverify</argLine> | ||
</configuration> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-javadoc-plugin</artifactId> | ||
<version>3.1.0</version> | ||
<executions> | ||
<execution> | ||
<id>attach-javadocs</id> | ||
<goals> | ||
<goal>jar</goal> | ||
</goals> | ||
</execution> | ||
</executions> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-source-plugin</artifactId> | ||
<version>2.2.1</version> | ||
<executions> | ||
<execution> | ||
<id>attach-sources</id> | ||
<goals> | ||
<goal>jar</goal> | ||
</goals> | ||
</execution> | ||
</executions> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>com.github.spotbugs</groupId> | ||
<artifactId>spotbugs-maven-plugin</artifactId> | ||
<version>3.1.11</version> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
</project> |
17 changes: 17 additions & 0 deletions
17
...n/src/main/java/com/microsoft/aad/msal4jextensions/CacheFileLockAcquisitionException.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
// Copyright (c) Microsoft Corporation. All rights reserved. | ||
// Licensed under the MIT License. | ||
|
||
package com.microsoft.aad.msal4jextensions; | ||
|
||
/** | ||
* Exception represents failure/error of acquiring cross process cacheFile lock | ||
* */ | ||
public class CacheFileLockAcquisitionException extends RuntimeException { | ||
/** | ||
* Constructor | ||
* @param message Exception details | ||
*/ | ||
public CacheFileLockAcquisitionException(String message) { | ||
super(message); | ||
} | ||
} |
Oops, something went wrong.