• Home
• com.azure
• azure-identity
• 1.14.2
• source code
• AzureApplicationCredentialBuilder.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.azure.identity.AzureApplicationCredentialBuilder Maven / Gradle / Ivy

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package com.azure.identity;

import com.azure.core.credential.TokenCredential;
import com.azure.core.util.Configuration;
import com.azure.core.util.logging.ClientLogger;

import java.util.ArrayList;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.ForkJoinPool;

/**
 * Fluent credential builder for instantiating a {@link AzureApplicationCredential}.
 *
 * @see AzureApplicationCredential
 */
class AzureApplicationCredentialBuilder extends CredentialBuilderBase {
    private static final ClientLogger LOGGER = new ClientLogger(AzureApplicationCredentialBuilder.class);

    private String managedIdentityClientId;
    private String managedIdentityResourceId;

    /**
     * Creates an instance of a AzureApplicationCredentialBuilder.
     */
    AzureApplicationCredentialBuilder() {
        Configuration configuration = Configuration.getGlobalConfiguration().clone();
        managedIdentityClientId = configuration.get(Configuration.PROPERTY_AZURE_CLIENT_ID);
    }

    /**
     * Specifies the Azure Active Directory endpoint to acquire tokens.
     * @param authorityHost the Azure Active Directory endpoint
     * @return An updated instance of this builder with the authority host set as specified.
     */
    public AzureApplicationCredentialBuilder authorityHost(String authorityHost) {
        this.identityClientOptions.setAuthorityHost(authorityHost);
        return this;
    }

    /**
     * Specifies the client ID of user assigned or system assigned identity, when this credential is running
     * in an environment with managed identities. If unset, the value in the AZURE_CLIENT_ID environment variable
     * will be used. If neither is set, the default value is null and will only work with system assigned
     * managed identities and not user assigned managed identities.
     *
     * @param clientId the client ID
     * @return An updated instance of this builder with the managed identity client id set as specified.
     */
    public AzureApplicationCredentialBuilder managedIdentityClientId(String clientId) {
        this.managedIdentityClientId = clientId;
        return this;
    }

    /**
     * Specifies the resource ID of user assigned or system assigned identity, when this credential is running
     * in an environment with managed identities.
     *
     * @param resourceId the resource ID
     * @return An updated instance of this builder with the managed identity client id set as specified.
     */
    public AzureApplicationCredentialBuilder managedIdentityResourceId(String resourceId) {
        this.managedIdentityResourceId = resourceId;
        return this;
    }

    /**
     * Specifies the ExecutorService to be used to execute the authentication requests.
     * Developer is responsible for maintaining the lifecycle of the ExecutorService.
     *
     * 

     * If this is not configured, the {@link ForkJoinPool#commonPool()} will be used which is
     * also shared with other application tasks. If the common pool is heavily used for other tasks, authentication
     * requests might starve and setting up this executor service should be considered.
     * 
     *
     * 
 The executor service and can be safely shutdown if the TokenCredential is no longer being used by the
     * Azure SDK clients and should be shutdown before the application exits. 
     *
     * @param executorService the executor service to use for executing authentication requests.
     * @return An updated instance of this builder with the executor service set as specified.
     */
    public AzureApplicationCredentialBuilder executorService(ExecutorService executorService) {
        this.identityClientOptions.setExecutorService(executorService);
        return this;
    }

    /**
     * Creates new {@link AzureApplicationCredential} with the configured options set.
     * @return a {@link AzureApplicationCredential} with the current configurations.
     * @throws IllegalStateException if clientId and resourceId are both set.
     */
    public AzureApplicationCredential build() {
        if (managedIdentityClientId != null && managedIdentityResourceId != null) {
            throw LOGGER.logExceptionAsError(new IllegalStateException(
                "Only one of managedIdentityClientId and managedIdentityResourceId can be specified."));
        }

        return new AzureApplicationCredential(getCredentialsChain());
    }

    private ArrayList getCredentialsChain() {
        ArrayList output = new ArrayList(2);
        output.add(new EnvironmentCredential(identityClientOptions));
        output.add(new ManagedIdentityCredential(managedIdentityClientId, managedIdentityResourceId, null,
            identityClientOptions));
        return output;
    }
}