All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.azure.identity.AzureApplicationCredentialBuilder Maven / Gradle / Ivy

// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

package com.azure.identity;

import com.azure.core.credential.TokenCredential;
import com.azure.core.util.Configuration;
import com.azure.core.util.logging.ClientLogger;

import java.util.ArrayList;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.ForkJoinPool;

/**
 * Fluent credential builder for instantiating a {@link AzureApplicationCredential}.
 *
 * @see AzureApplicationCredential
 */
class AzureApplicationCredentialBuilder extends CredentialBuilderBase {
    private static final ClientLogger LOGGER = new ClientLogger(AzureApplicationCredentialBuilder.class);

    private String managedIdentityClientId;
    private String managedIdentityResourceId;

    /**
     * Creates an instance of a AzureApplicationCredentialBuilder.
     */
    AzureApplicationCredentialBuilder() {
        Configuration configuration = Configuration.getGlobalConfiguration().clone();
        managedIdentityClientId = configuration.get(Configuration.PROPERTY_AZURE_CLIENT_ID);
    }

    /**
     * Specifies the Azure Active Directory endpoint to acquire tokens.
     * @param authorityHost the Azure Active Directory endpoint
     * @return An updated instance of this builder with the authority host set as specified.
     */
    public AzureApplicationCredentialBuilder authorityHost(String authorityHost) {
        this.identityClientOptions.setAuthorityHost(authorityHost);
        return this;
    }


    /**
     * Specifies the client ID of user assigned or system assigned identity, when this credential is running
     * in an environment with managed identities. If unset, the value in the AZURE_CLIENT_ID environment variable
     * will be used. If neither is set, the default value is null and will only work with system assigned
     * managed identities and not user assigned managed identities.
     *
     * @param clientId the client ID
     * @return An updated instance of this builder with the managed identity client id set as specified.
     */
    public AzureApplicationCredentialBuilder managedIdentityClientId(String clientId) {
        this.managedIdentityClientId = clientId;
        return this;
    }

    /**
     * Specifies the resource ID of user assigned or system assigned identity, when this credential is running
     * in an environment with managed identities.
     *
     * @param resourceId the resource ID
     * @return An updated instance of this builder with the managed identity client id set as specified.
     */
    public AzureApplicationCredentialBuilder managedIdentityResourceId(String resourceId) {
        this.managedIdentityResourceId = resourceId;
        return this;
    }

    /**
     * Specifies the ExecutorService to be used to execute the authentication requests.
     * Developer is responsible for maintaining the lifecycle of the ExecutorService.
     *
     * 

* If this is not configured, the {@link ForkJoinPool#commonPool()} will be used which is * also shared with other application tasks. If the common pool is heavily used for other tasks, authentication * requests might starve and setting up this executor service should be considered. *

* *

The executor service and can be safely shutdown if the TokenCredential is no longer being used by the * Azure SDK clients and should be shutdown before the application exits.

* * @param executorService the executor service to use for executing authentication requests. * @return An updated instance of this builder with the executor service set as specified. */ public AzureApplicationCredentialBuilder executorService(ExecutorService executorService) { this.identityClientOptions.setExecutorService(executorService); return this; } /** * Creates new {@link AzureApplicationCredential} with the configured options set. * @return a {@link AzureApplicationCredential} with the current configurations. * @throws IllegalStateException if clientId and resourceId are both set. */ public AzureApplicationCredential build() { if (managedIdentityClientId != null && managedIdentityResourceId != null) { throw LOGGER.logExceptionAsError( new IllegalStateException("Only one of managedIdentityClientId and managedIdentityResourceId can be specified.")); } return new AzureApplicationCredential(getCredentialsChain()); } private ArrayList getCredentialsChain() { ArrayList output = new ArrayList(2); output.add(new EnvironmentCredential(identityClientOptions)); output.add(new ManagedIdentityCredential(managedIdentityClientId, managedIdentityResourceId, identityClientOptions)); return output; } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy