'Azure Active Directory Spring Boot @AuthenticationPrincipal

Following this sample: https://github.com/Azure-Samples/ms-identity-java-spring-tutorial/tree/main/1-Authentication/sign-in

To extract token details, we need to use AuthenticationPrincipal and OidcUser object in a request mapping. See the Sample Controller for an example of this app making use of ID Token claims.

import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
//...
@GetMapping(path = "/some_path")
public String tokenDetails(@AuthenticationPrincipal OidcUser principal) {
    Map<String, Object> claims = principal.getIdToken().getClaims();
}

In the sample, there´s a button "Id Token Details" that calls "/some_path" Screen

How to do this without call a button? Is there a way to do this under the covers?

Any help would be greatly appreciated

javaspring-bootazure-active-directoryopenid-connect


Solution 1:[1]

• I tried to follow the github documentation link as mentioned by you in your question and successfully created the application as below screenshots display: -

Application.yml file: -

Springboot app-application.yml

Application build execution: -

Application code in VS

Application execution opening in browser: -

App opening in browser App Azure AD Login page App after logging in to Azure AD

Thus, as you can see, it executes successfully and runs the springboot java application successfully. But if you want the ‘ID Token Details’ button to be not there and in its place, you want to display the ID token details to be shown directly, you would want to change the ‘href’ button class with the below probable HTML classes and scripts extensions, so that the redirection after logging in to the application will directly display the ‘https://jwt.ms’ page and it will capture the token and decode it accordingly showing the claims held by the token. Kindly refer to the below link for more detailed information: -

How to create an HTML button that acts like a link

  ' <form action="https://google.com">
     <input type="submit" value="Go to Google" />
      </form> '

The above modifications in the ‘.html’ pages of the application should display you the required token details without the button class in HTML pages.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 KartikBhiwapurkar-MT

Related Questions