是否可以通过天蓝色图表获取访问令牌并使用它来访问天蓝色存储帐户?

时间:2019-09-25 06:21:44

标签: java azure azure-storage-account

例如,我可以使用getaccesstokencredentials(用户名,密码)通过图形API进行身份验证 我可以使用此令牌访问Azure吗? 当前,我们可以使用管理库中的usertokencredentials和applicationtokencredentials,一旦完成,就可以创建azure类的实例。 Azure天蓝色= Azure.authenticate(凭据)。具有默认订阅。 我想知道是否可以使用getaccesstokencredentials中的令牌代替usertokentcredentials和applicationtokencredentials

1 个答案:

答案 0 :(得分:0)

我们不能使用相同的访问令牌来调用图api和调用api来管理Azure资源。因为图形api的资源URL是https://graph.microsoft.com/,但是Azure管理rest api的资源URL是https://management.azure.com/。有关更多详细信息,请参阅https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-api-authentication

此外,有关如何使用Azure AD访问Azure存储的信息,请参考以下步骤:

  1. 将角色分配添加到您的校长。

enter image description here

  1. 获取令牌。

    public static String getToken() throws Exception {
    String TENANT_ID = "your tenant id or name, e4c9*-*-*-*-*57fb";
    String AUTHORITY = "https://login.microsoftonline.com/" + TENANT_ID;
    String CLIENT_ID = "your application id, dc17*-*-*-*a5e7";
    String CLIENT_SECRET = "the secret, /pG*32";
    String RESOURCE = "https://storage.azure.com/";
    String ACCESS_TOKEN = null;
    ExecutorService service = Executors.newFixedThreadPool(1);
    AuthenticationContext context = null;
    try {
        context = new AuthenticationContext(AUTHORITY, false, service);
        ClientCredential credential = new ClientCredential(CLIENT_ID, CLIENT_SECRET);
        Future<AuthenticationResult> future = context.acquireToken(RESOURCE, credential, null);
        ACCESS_TOKEN = future.get().getAccessToken();
    } catch (InterruptedException e) {
        e.printStackTrace();
    } catch (ExecutionException e) {
        e.printStackTrace();
    } catch (MalformedURLException e) {
        e.printStackTrace();
    } finally {
        service.shutdown();
    }
    return ACCESS_TOKEN;
}

  2. 访问Blob。

    public static void main(String[] args) throws Exception {
    String token = getToken();
    StorageCredentialsToken credentialsToken = new StorageCredentialsToken("storagetest789", token);
    CloudBlobClient blobClient = new CloudBlobClient(new URI("https://storagetest789.blob.core.windows.net/"), credentialsToken);
    CloudBlobContainer blobContainer = blobClient.getContainerReference("pub");
    CloudBlockBlob blockBlob = blobContainer.getBlockBlobReference("test1.txt");
    blockBlob.uploadText("mytest");
}

有关更多详细信息,请参阅https://docs.microsoft.com/en-us/azure/storage/common/storage-auth-aad

相关问题
最新问题