A java command line program for Windows, Linux, or OS X that demonstrates non-interactive authentication to Azure AD using a username & password.
There's a newer version of this sample taking advantage of the Microsoft identity platform (formerly Azure AD v2.0)
Check it out: https://github.com/Azure-Samples/ms-identity-java-desktop/tree/master/Username-Password-Flow
If you really need to access this Azure AD v1.0, you can navigate to the master branch, but please know that it's no longer supported.
I would like to develop an app with raw username and password authentication.
But I failed to run this sample, and met with a java.lang.NullPointerException.
I debugged the code and found that this happened at:
if (policy.getVersion() == WSTrustVersion.WSTRUST2005) {
soapAction = "http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue"; // wsTrust2005
// soap
// value
}
policy value is null, thus throws exception.
Please help guide me to run this sample successfully.
The error msg is listed as below:
lambert@lambert-Lenovo-PC:~/active-directory-java-native-headless/target$ java -jar public-client-adal4j-sample-jar-with-dependencies.jar
Enter username: [email protected]
Enter password: Lambert2017
log4j:WARN No appenders could be found for logger (com.microsoft.aad.adal4j.UserDiscoveryRequest).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Exception in thread "main" java.util.concurrent.ExecutionException: java.lang.NullPointerException
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:48)
at PublicClient.main(PublicClient.java:26)
Caused by: java.lang.NullPointerException
at com.microsoft.aad.adal4j.WSTrustRequest.execute(WSTrustRequest.java:62)
at com.microsoft.aad.adal4j.AuthenticationContext.processPasswordGrant(AuthenticationContext.java:841)
at com.microsoft.aad.adal4j.AuthenticationContext.access$000(AuthenticationContext.java:66)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:173)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:163)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Hi,
I am trying to authenticate using username and password to an application i have registered on Azure portal.
But i get the below error.
The request body must contain the following parameter: 'client_secret or client_assertion.
How can i pass the client secret using the method aquiretoken with username and password.
There is no such method in the library.
Thanks,
Hi All,
I am getting a "WsTrust endpoint Not Found" exception. Please help.
Thanks in advance.
com.microsoft.aad.adal4j.AuthenticationException: WsTrust endpoint not found in metadata document
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:50)
at PublicClient.main(PublicClient.java:31)
Caused by: com.microsoft.aad.adal4j.AuthenticationException: WsTrust endpoint not found in metadata document
at com.microsoft.aad.adal4j.WSTrustRequest.execute(WSTrustRequest.java:87)
at com.microsoft.aad.adal4j.AuthenticationContext.processPasswordGrant(AuthenticationContext.java:990)
at com.microsoft.aad.adal4j.AuthenticationContext.access$000(AuthenticationContext.java:69)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:178)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:168)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
When following the instructions provided in the README I'm getting the following exception:
Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID '<MyAppID>'. Send an interactive authorization request for this user and resource.\r\nTrace ID: ----
\r\nCorrelation ID: ----\r\nTimestamp: 2016-10-29 15:11:55Z","error":"invalid_grant"}
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:49)
at PublicClient.main(PublicClient.java:30)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS65001: The user or administrator has not consented to use the application with ID <MyAppID>. Send an interactive authorization request for this user and resource.\r\nTrace ID: ----\r\nCorrelation ID: ----\r\nTimestamp: 2016-10-29 15:11:55Z","error":"invalid_grant"}
at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:107)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:818)
at com.microsoft.aad.adal4j.AuthenticationContext.access$100(AuthenticationContext.java:66)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:174)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:163)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
When I create the Application within the legacy Azure UI (http://manage.windowsazure.com) it is working. When reviewing that application within the new Azure Portal I see that it is also listed as a Enterprise App as well as showing as "Managed Application In Local Directory" when viewing the App Registration
Note that the exception was also mentioned in Issue #1, but #1 focusses on a different issue.
I tried your application on windows and it worked like a charm, I was wondering if this ADAL library can bypass MFA or not.
Our organization has MFA setup, it asks for MFA whenever a user logs in from a different location. When I tried this sample on my Linux box which is at a different location, I got the below error. Please confirm if ADAL library can bypass MFA and give users text only interface to authenticate to the application.
Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error":"interaction_required","error_description":"AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000002-0000-0000-c000-000000000000'.\r\nTrace ID: 7903cd61-659e-4dc6-a8b0-3dac4c672700\r\nCorrelation ID: b541777f-e2cc-4b87-ab7b-8dd83654d445\r\nTimestamp: 2017-04-18 23:02:36Z"}
Hi,
Was wondering if anybody had come across this issue:
Exception in thread "main" java.util.concurrent.ExecutionException: java.net.MalformedURLException: no protocol:
at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:55)
at PublicClient.main(PublicClient.java:27)
Caused by: java.net.MalformedURLException: no protocol:
at java.base/java.net.URL.(URL.java:627)
at java.base/java.net.URL.(URL.java:523)
at java.base/java.net.URL.(URL.java:470)
at com.microsoft.aad.adal4j.HttpHelper.openConnection(HttpHelper.java:119)
at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:48)
at com.microsoft.aad.adal4j.HttpHelper.executeHttpGet(HttpHelper.java:42)
at com.microsoft.aad.adal4j.WSTrustRequest.execute(WSTrustRequest.java:82)
at com.microsoft.aad.adal4j.AuthenticationContext.processPasswordGrant(AuthenticationContext.java:990)
at com.microsoft.aad.adal4j.AuthenticationContext.access$000(AuthenticationContext.java:69)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:178)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:168)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.base/java.lang.Thread.run(Thread.java:844)
I've change the the CLIENT_ID to match the ApplicationId for the service that I registered, provided my username and password when prompted and got the error above.
Do I need to create a special/service account to use the sample ?
Any thoughts ?
Thanks
I get Exception in thread "main" java.util.concurrent.ExecutionException: java.io.IOException: Server returned HTTP response code: 400 for URL: https://sso.godaddy.com/v1/wss/mex/ on interactively entering username and password. The client-id info entered is verified to be correct.
I have azure from godaddy. Any idea what is wrong here?
I followed the quick start instructions but I'm getting the following error. Any help?
Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS90013: Invalid input received from the user.\r\nTrace ID: <ID-HERE>\r\nCorrelation ID: <ID-HERE>\r\nTimestamp: 2018-10-10 16:53:55Z","error":"invalid_request"}
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:56)
at PublicClient.main(PublicClient.java:30)
Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS90013: Invalid input received from the user.\r\nTrace ID: <ID-HERE>\r\nCorrelation ID: <ID-HERE>\r\nTimestamp: 2018-10-10 16:53:55Z","error":"invalid_request"}
at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:120)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:968)
at com.microsoft.aad.adal4j.AuthenticationContext.access$100(AuthenticationContext.java:69)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:179)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:168)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
When using an application id for a username and the application key for the password, are the username and client_id fields the same in the sample code?
Hello,
Using the application https://github.com/Azure-Samples/active-directory-java-native-headless we run into the error :Server returned error in RSTR - ErrorCode: FailedAuthentication : FaultMessage: MSIS7068: Access denied.
The authentication is working fine using the native desktop dot net application with the same properties.
Can anybody provide a feedback?
Thank you,
Bruno.
I got a client secret error while running this.
I want to add client_secret, but there's no clues in README.md.
Below are a full stacktrace of this problem.
Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS90014: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: xxxxx\r\nCorrelation ID: xxxxx\r\nTimestamp: 2016-05-03 12:22:12Z","error":"invalid_request"}
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at PublicClient.getAccessTokenFromUserCredentials(PublicClient.java:41)
at PublicClient.main(PublicClient.java:25)
Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS90014: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: xxxxx\r\nCorrelation ID: xxxxx\r\nTimestamp: 2016-05-03 12:22:12Z","error":"invalid_request"}
at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:107)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:818)
at com.microsoft.aad.adal4j.AuthenticationContext.access$100(AuthenticationContext.java:66)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:174)
at com.microsoft.aad.adal4j.AuthenticationContext$1.call(AuthenticationContext.java:163)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
The AUTHORITY value should be changed to replace the common value for Tenant ID.
i am getting SSLException while trying to execute this code
xception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:987)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1564)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:480)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:347)
at PublicClient.getUserInfoFromGraph(PublicClient.java:146)
at PublicClient.main(PublicClient.java:56)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596)
... 15 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
Hi,
I want to authenticate to Azure AD and get bearer token. I want to do it in JAVA and NON-INTERACTIVELY
This is probably the same thing: https://azure.microsoft.com/en-us/resources/samples/active-directory-dotnet-native-headless/ - but its in dotnet
I followed, https://github.com/Azure-Samples/active-directory-java-native-headless but it it interactive and also does not work for multi factor authentication.
Can someone point me to the correct instructions?
Thanks
When i try to run, it ask for client secret value and i don't see any place holder to pass it. How should i change it from Native to Web App inorder to work with it?
com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: ddaafa2d-fb07-40f2-a1e6-34bc5de64d00\r\nCorrelation ID: ebc9046c-afdb-44e1-be41-69c4e55988a3\r\nTimestamp: 2018-11-16 14:12:53Z","error":"invalid_client"}
at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:128)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:928)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:70)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:38)
at com.microsoft.aad.adal4j.AdalCallable.call(AdalCallable.java:47)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: ddaafa2d-fb07-40f2-a1e6-34bc5de64d00\r\nCorrelation ID: ebc9046c-afdb-44e1-be41-69c4e55988a3\r\nTimestamp: 2018-11-16 14:12:53Z","error":"invalid_client"}
at java.util.concurrent.FutureTask.report(Unknown Source)
at java.util.concurrent.FutureTask.get(Unknown Source)
at com.mize.sharepoint.test.TestSharePointConnection.getAccessTokenFromUserCredentials(TestSharePointConnection.java:55)
at com.mize.sharepoint.test.TestSharePointConnection.main(TestSharePointConnection.java:33)
Caused by: com.microsoft.aad.adal4j.AuthenticationException: {"error_description":"AADSTS70002: The request body must contain the following parameter: 'client_secret or client_assertion'.\r\nTrace ID: ddaafa2d-fb07-40f2-a1e6-34bc5de64d00\r\nCorrelation ID: ebc9046c-afdb-44e1-be41-69c4e55988a3\r\nTimestamp: 2018-11-16 14:12:53Z","error":"invalid_client"}
at com.microsoft.aad.adal4j.AdalTokenRequest.executeOAuthRequestAndProcessResponse(AdalTokenRequest.java:128)
at com.microsoft.aad.adal4j.AuthenticationContext.acquireTokenCommon(AuthenticationContext.java:928)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:70)
at com.microsoft.aad.adal4j.AcquireTokenCallable.execute(AcquireTokenCallable.java:38)
at com.microsoft.aad.adal4j.AdalCallable.call(AdalCallable.java:47)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.