Azure Media Services, support for Azure AD authentication (#1940)

* Update api version + update sas token to support 256MB uploads * Add Azure Ad authentication + Remove ACS authentication * Add AzureAD authentication (fixes previous commit) * Added missing configuration settings for AD tests (user credentials and service principal certificate) * Fix integration tests + stabilization * Removed debug info in canUploadLargeBlockBlob test * Fix javadoc * Update streaming endpoint create operation + Add integration test * Fix checkstyle issues * Fixed JavaDoc typo in MediaService class * Fix checkstyle issues #2 * Fix checkstyle issues #3 * Fix checkstyles #4 * Minor refactor in AzureAdTokenProviderTest class * Fix task integration test assert * Add TokenProvider interface * Fix checkstyle errors
Azure · Oct 20, 2017 · 38300c2 · 38300c2
1 parent 5213491
commit 38300c2
Show file tree

Hide file tree

Showing 42 changed files with 1,110 additions and 1,090 deletions.
diff --git a/services/azure-media/pom.xml b/services/azure-media/pom.xml
@@ -62,7 +62,12 @@
       <groupId>${project.groupId}</groupId>
       <artifactId>azure-core</artifactId>
       <version>${project.version}</version>
-    </dependency>
+    </dependency>    
+	<dependency>
+	    <groupId>com.microsoft.azure</groupId>
+	    <artifactId>adal4j</artifactId>
+	    <version>1.2.0</version>
+	</dependency>
     <dependency>
       <groupId>org.apache.httpcomponents</groupId>
       <artifactId>httpclient</artifactId>

diff --git a/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/Exports.java b/services/azure-media/src/main/java/com/microsoft/windowsazure/services/media/Exports.java
@@ -21,14 +21,12 @@
 
 import com.microsoft.windowsazure.core.Builder;
 import com.microsoft.windowsazure.core.UserAgentFilter;
+import com.microsoft.windowsazure.services.media.authentication.AzureAdTokenFactory;
 import com.microsoft.windowsazure.services.media.implementation.BatchMimeMultipartBodyWritter;
 import com.microsoft.windowsazure.services.media.implementation.MediaContentProvider;
 import com.microsoft.windowsazure.services.media.implementation.MediaExceptionProcessor;
 import com.microsoft.windowsazure.services.media.implementation.MediaRestProxy;
-import com.microsoft.windowsazure.services.media.implementation.OAuthContract;
 import com.microsoft.windowsazure.services.media.implementation.OAuthFilter;
-import com.microsoft.windowsazure.services.media.implementation.OAuthRestProxy;
-import com.microsoft.windowsazure.services.media.implementation.OAuthTokenManager;
 import com.microsoft.windowsazure.services.media.implementation.ODataEntityCollectionProvider;
 import com.microsoft.windowsazure.services.media.implementation.ODataEntityProvider;
 import com.microsoft.windowsazure.services.media.implementation.RedirectFilter;
@@ -44,10 +42,9 @@ public class Exports implements Builder.Exports {
      */
     @Override
     public void register(Builder.Registry registry) {
+        registry.add(new AzureAdTokenFactory()); 
         registry.add(MediaContract.class, MediaExceptionProcessor.class);
         registry.add(MediaRestProxy.class);
-        registry.add(OAuthContract.class, OAuthRestProxy.class);
-        registry.add(OAuthTokenManager.class);
         registry.add(OAuthFilter.class);
         registry.add(ResourceLocationManager.class);
         registry.add(RedirectFilter.class);

diff --git a/...ure-media/src/main/java/com/microsoft/windowsazure/services/media/MediaConfiguration.java b/...ure-media/src/main/java/com/microsoft/windowsazure/services/media/MediaConfiguration.java
@@ -1,11 +1,11 @@
 /**
  * Copyright Microsoft Corporation
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  * http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -14,164 +14,57 @@
  */
 package com.microsoft.windowsazure.services.media;
 
+import java.net.URI;
+
 import com.microsoft.windowsazure.Configuration;
+import com.microsoft.windowsazure.services.media.authentication.TokenProvider;
 
 /**
  * Provides functionality to create a media services configuration.
- * 
+ *
  */
 public final class MediaConfiguration {
 
     private MediaConfiguration() {
     }
 
     /**
-     * Defines the media service configuration URI constant.
-     * 
-     */
-    public static final String URI = "media.uri";
-
-    /**
-     * Defines the OAUTH configuration URI constant.
-     * 
-     */
-    public static final String OAUTH_URI = "media.oauth.uri";
-
-    /**
-     * Defines the OAUTH configuration client ID constant.
-     * 
+     * The token provider object
      */
-    public static final String OAUTH_CLIENT_ID = "media.oauth.client.id";
+    public static final String AZURE_AD_TOKEN_PROVIDER = "media.azuread.tokenprovider";
 
     /**
-     * Defines the OAUTH configuration client secret constant.
-     * 
+     * The azure media services account uri
      */
-    public static final String OAUTH_CLIENT_SECRET = "media.oauth.client.secret";
+    public static final String AZURE_AD_API_SERVER = "media.azuread.account_api_uri";
 
     /**
-     * Defines the SCOPE of the media service sent to OAUTH.
+     * Returns the default Configuration provisioned for the specified AMS account and token provider.
+     * @param apiServer the AMS account uri
+     * @param azureAdTokenProvider the token provider
+     * @return a Configuration
      */
-    public static final String OAUTH_SCOPE = "media.oauth.scope";
+    public static Configuration configureWithAzureAdTokenProvider(
+            URI apiServer,
+            TokenProvider azureAdTokenProvider) {
 
-    /**
-     * Creates a media service configuration using the specified media service
-     * base URI, OAUTH URI, client ID, and client secret.
-     * 
-     * @param mediaServiceUri
-     *            A <code>String</code> object that represents the media service
-     *            URI.
-     * 
-     * @param oAuthUri
-     *            A <code>String</code> object that represents the OAUTH URI.
-     * 
-     * @param clientId
-     *            A <code>String</code> object that represents the client ID.
-     * 
-     * @param clientSecret
-     *            A <code>String</code> object that represents the client
-     *            secret.
-     * 
-     * @param scope
-     *            A <code>String</code> object that represents the scope.
-     * 
-     * @return A <code>Configuration</code> object that can be used when
-     *         creating an instance of the <code>MediaService</code> class.
-     * 
-     */
-    public static Configuration configureWithOAuthAuthentication(
-            String mediaServiceUri, String oAuthUri, String clientId,
-            String clientSecret, String scope) {
-        return configureWithOAuthAuthentication(null,
-                Configuration.getInstance(), mediaServiceUri, oAuthUri,
-                clientId, clientSecret, scope);
+        return configureWithAzureAdTokenProvider(Configuration.getInstance(), apiServer, azureAdTokenProvider);
     }
 
     /**
-     * Creates a media service configuration using the specified configuration,
-     * media service base URI, OAuth URI, client ID, and client secret.
-     * 
-     * @param configuration
-     *            A previously instantiated <code>Configuration</code> object.
-     * 
-     * @param mediaServiceUri
-     *            A <code>String</code> object that represents the URI of media
-     *            service.
-     * 
-     * @param oAuthUri
-     *            A <code>String</code> object that represents the URI of OAuth
-     *            service.
-     * 
-     * @param clientId
-     *            A <code>String</code> object that represents the client ID.
-     * 
-     * @param clientSecret
-     *            A <code>String</code> object that represents the client
-     *            secret.
-     * 
-     * @param scope
-     *            A <code>String</code> object that represents the scope.
-     * 
-     * @return A <code>Configuration</code> object that can be used when
-     *         creating an instance of the <code>MediaService</code> class.
-     * 
+     * Setup a Configuration with specified Configuration, AMS account and token provider
+     * @param configuration The target configuration
+     * @param apiServer the AMS account uri
+     * @param azureAdTokenProvider the token provider
+     * @return the target Configuration
      */
-    public static Configuration configureWithOAuthAuthentication(
-            Configuration configuration, String mediaServiceUri,
-            String oAuthUri, String clientId, String clientSecret, String scope) {
-        return configureWithOAuthAuthentication(null, configuration,
-                mediaServiceUri, oAuthUri, clientId, clientSecret, scope);
-    }
-
-    /**
-     * Creates a media service configuration using the specified profile,
-     * configuration, media service base URI, OAuth URI, client ID, and client
-     * secret.
-     * 
-     * @param profile
-     *            A <code>String</code> object that represents the profile.
-     * 
-     * @param configuration
-     *            A previously instantiated <code>Configuration</code> object.
-     * 
-     * @param mediaServiceUri
-     *            A <code>String</code> object that represents the URI of media
-     *            service.
-     * 
-     * @param oAuthUri
-     *            A <code>String</code> object that represents the URI of OAUTH
-     *            service.
-     * 
-     * @param clientId
-     *            A <code>String</code> object that represents the client ID.
-     * 
-     * @param clientSecret
-     *            A <code>String</code> object that represents the client
-     *            secret.
-     * 
-     * @param scope
-     *            A <code>String</code> object that represents the scope.
-     * 
-     * @return A <code>Configuration</code> object that can be used when
-     *         creating an instance of the <code>MediaService</code> class.
-     * 
-     */
-    public static Configuration configureWithOAuthAuthentication(
-            String profile, Configuration configuration,
-            String mediaServiceUri, String oAuthUri, String clientId,
-            String clientSecret, String scope) {
-
-        if (profile == null) {
-            profile = "";
-        } else if (profile.length() != 0 && !profile.endsWith(".")) {
-            profile = profile + ".";
-        }
+    public static Configuration configureWithAzureAdTokenProvider(
+            Configuration configuration,
+            URI apiServer,
+            TokenProvider azureAdTokenProvider) {
 
-        configuration.setProperty(profile + URI, mediaServiceUri);
-        configuration.setProperty(profile + OAUTH_URI, oAuthUri);
-        configuration.setProperty(profile + OAUTH_CLIENT_ID, clientId);
-        configuration.setProperty(profile + OAUTH_CLIENT_SECRET, clientSecret);
-        configuration.setProperty(profile + OAUTH_SCOPE, scope);
+        configuration.setProperty(AZURE_AD_API_SERVER, apiServer.toString());
+        configuration.setProperty(AZURE_AD_TOKEN_PROVIDER, azureAdTokenProvider);
 
         return configuration;
     }

diff --git a/...ces/azure-media/src/main/java/com/microsoft/windowsazure/services/media/MediaService.java b/...ces/azure-media/src/main/java/com/microsoft/windowsazure/services/media/MediaService.java
@@ -40,7 +40,7 @@ public static MediaContract create() {
      * 
      * @param config
      *            A <code>Configuration</code> object that represents the
-     *            configuration for the service bus service.
+     *            configuration for the media service account.
      * 
      */
     public static MediaContract create(Configuration config) {
@@ -61,7 +61,7 @@ public static MediaContract create(String profile) {
      * 
      * @param config
      *            A <code>Configuration</code> object that represents the
-     *            configuration for the service bus service.
+     *            configuration for the media service account.
      * 
      */
     public static MediaContract create(String profile, Configuration config) {

diff --git a/...ain/java/com/microsoft/windowsazure/services/media/authentication/AzureAdAccessToken.java b/...ain/java/com/microsoft/windowsazure/services/media/authentication/AzureAdAccessToken.java
@@ -0,0 +1,48 @@
+package com.microsoft.windowsazure.services.media.authentication;
+
+import java.util.Date;
+
+/**
+ * Represents an access token
+ */
+public class AzureAdAccessToken {
+
+    private final String accessToken;
+
+    private final Date expiresOn;
+
+    /**
+     * Gets the access token
+     * @return the access token
+     */
+    public String getAccessToken() {
+        return this.accessToken;
+    }
+
+    /**
+     * Gets the expiration date
+     * @return the expiration date
+     */
+    public Date getExpiresOnDate() {
+        return this.expiresOn;
+    }
+
+    /**
+     * Instantiate a representation of an access token
+     * @param accessToken the access token
+     * @param expiresOn the expiration date
+     */
+    public AzureAdAccessToken(String accessToken, Date expiresOn) {
+
+        if (accessToken == null || accessToken.trim().isEmpty()) {
+            throw new IllegalArgumentException("accessToken");
+        }
+
+        if (expiresOn == null) {
+            throw new NullPointerException("expiresOn");
+        }
+
+        this.accessToken = accessToken;
+        this.expiresOn = expiresOn;
+    }
+}
diff --git a/...a/com/microsoft/windowsazure/services/media/authentication/AzureAdClientSymmetricKey.java b/...a/com/microsoft/windowsazure/services/media/authentication/AzureAdClientSymmetricKey.java
@@ -0,0 +1,44 @@
+package com.microsoft.windowsazure.services.media.authentication;
+
+/**
+ * Represents a symmetric key pair of ClientId & ClientKey
+ */
+public class AzureAdClientSymmetricKey {
+
+    private final String clientId;
+    private final String clientKey;
+
+    /**
+     * Gets the client ID.
+     * @return the client ID.
+     */
+    public String getClientId() {
+        return this.clientId;
+    }
+
+    /**
+     * Gets the client key.
+     * @return the client key.
+     */
+    public String getClientKey() {
+        return this.clientKey;
+    }
+
+    /**
+     * Initializes a new instance of the AzureAdClientSymmetricKey class.
+     * @param clientId The client ID.
+     * @param clientKey The client key.
+     */
+    public AzureAdClientSymmetricKey(String clientId, String clientKey) {
+        if (clientId == null || clientId.trim().isEmpty()) {
+            throw new IllegalArgumentException("clientId");
+        }
+
+        if (clientKey == null || clientKey.trim().isEmpty()) {
+            throw new IllegalArgumentException("clientKey");
+        }
+
+        this.clientId = clientId;
+        this.clientKey = clientKey;
+    }
+}