开源软件名称(OpenSource Name):AzureAD/azure-activedirectory-library-for-android开源软件地址(OpenSource Url):https://github.com/AzureAD/azure-activedirectory-library-for-android开源编程语言(OpenSource Language):Java 99.5%开源软件介绍(OpenSource Introduction):This library, ADAL for Android, will no longer receive new feature improvements. Instead, use the new library MSAL for Android.
Microsoft Azure Active Directory Authentication Library (ADAL) for AndroidADAL for Android gives you the ability to add support for Work Accounts to your application. This SDK gives your application the full functionality of Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two-factor authentication support. Best of all, it’s FOSS (Free and Open Source Software) so that you can participate in the development process as we build these libraries. A Work Account is an identity you use to get work done from your organization or school. Anywhere you need to get access to your work life you'll use a Work Account. The Work Account can be tied to an Active Directory server running in your datacenter or live completely in the cloud like when you use Office 365. A Work Account will be how your users know that they are accessing their important documents and data backed my Microsoft security. ADAL for Android 3.0.0 Released!
Build status
Note: A corpnet account is required to view the VSTS build. VersionsCurrent version - 3.1.2 Minimum recommended version - 1.16.3-hf1 You can find version-to-version differences in the change log. Features
Samples and DocumentationWe provide a full suite of sample applications and documentation on GitHub to help you get started with learning the Azure Identity system. This includes tutorials for native clients such as Windows, Windows Phone, iOS, OSX, Android, and Linux. We also provide full walkthroughs for auth flows, the Microsoft Graph API, other Microsoft APIs, and other Azure AD features. Checkout the ADAL for Android sample app for help getting started. Looking for Xamarin? Community Help and SupportWe leverage Stack Overflow to work with the community on supporting Azure Active Directory and its SDKs, including this one! We highly recommend you ask your questions on Stack Overflow (we're all on there!) Also browse existing issues to see if someone has had your question before. Submit FeedbackWe'd like your thoughts on this library. Please complete this short survey. SSO and Conditional Access SupportThis library allows your application to support our Enterprise Mobility Suite, including Conditional Access, so businesses can use your application in their secure environment. To configure your application to support these scenarios, please read this document: How to enable cross-app SSO on Android using ADAL Security ReportingIf you find a security issue with our libraries or services please report it to secure@microsoft.com with as much detail as possible. Your submission may be eligible for a bounty through the Microsoft Bounty program. Please do not post security issues to GitHub Issues or any other public site. We will contact you shortly upon receiving the information. We encourage you to get notifications of when security incidents occur by visiting this page and subscribing to Security Advisory Alerts. ContributingAll code is licensed under the MIT license and we triage actively on GitHub. We enthusiastically welcome contributions and feedback. For more details about contribution Quick StartTo build with Gradle,
To build with Maven, you can use the pom.xml at top level
Jar packages will be also submitted beside the aar package. DownloadWe've made it easy for you to have multiple options to use this library in your Android project:
Option 1: Source via GitTo get the source code of the SDK via git:
Option 2: Binaries via GradleYou can get the binaries from Maven central repo. AAR package can be included as follows in your project in AndroidStudio: repositories {
mavenCentral()
maven {
// Surface Duo SDK dependency.
url 'https://pkgs.dev.azure.com/MicrosoftDeviceSDK/DuoSDK-Public/_packaging/Duo-SDK-Feed%40Local/maven/v1'
}
}
dependencies {
// your dependencies here...
compile('com.microsoft.aad:adal:3.0.1') {
// if your app includes android support
// libraries, Gson or Surface Duo SDK
// in its dependencies, exclude that
// groupId from ADAL's compile task by
// un-commenting the appropriate line below
// exclude group: 'com.android.support'
// exclude group: 'com.google.code.gson'
// exclude group: 'com.microsoft.device.display'
}
} Option 3: aar via MavenIf you are using the m2e plugin in Eclipse, you can specify the dependency in your pom.xml file: <dependency>
<groupId>com.microsoft.aad</groupId>
<artifactId>adal</artifactId>
<version>3.0.1</version>
<type>aar</type>
</dependency> Option 4: jar package inside libs folderYou can get the jar file from maven the repo and drop into the libs folder in your project. You need to copy the required resources to your project as well since the jar packages don't include them. Prerequisites
How To use this library
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<application
android:allowBackup="true"
android:debuggable="true"
android:icon="@drawable/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme" >
<activity
android:name="com.microsoft.aad.adal.AuthenticationActivity"
android:label="@string/title_login_hello_app" >
</activity>
....
<application/>
mContext.acquireToken(
wrapFragment(MainFragment.this),
resource,
clientId,
redirect,
user_loginhint,
PromptBehavior.Auto,
"",
callback);
private IWindowComponent wrapFragment(final Fragment fragment){
return new IWindowComponent() {
Fragment refFragment = fragment;
@Override
public void startActivityForResult(Intent intent, int requestCode) {
refFragment.startActivityForResult(intent, requestCode);
}
};
} Explanation of the parameters:
Examples can be found at Android Native Client Sample. The Callback receives an object of type AuthenticationResult which has accesstoken, date expired, and idtoken info. acquireTokenSilentSync In order to get token back without prompt, you can call acquireTokenSilentSync which handles caching and token refresh without UI prompt. It provides async version as well. Note: userId required in silent call is the one you get back from the interactive call) as parameter. mContext.acquireTokenSilentSync(String resource, String clientId, String userId); or mContext.acquireTokenSilent(
String resource,
String clientId,
String userId,
final AuthenticationCallback<AuthenticationResult> callback);
Microsoft Intune's Company portal App and Azure Authenticator App will provide the broker component. In order to acquire token via broker, the following requirements have to be met (please check samples\userappwithbroker for authentication via broker):
AuthenticationContext provides API method to get the broker user.
Broker user will be returned if account is valid. Using this walkthrough, you should have what you need to successfully integrate with Azure Active Directory. For more examples of this working, visit the AzureADSamples/ repository on GitHub. Important InformationCustomizationLibrary project resources can be overwritten by your application resources. This happens when your app is building. For this reason, you can customize Authentication Activity layout the way you want. You need to make sure to keep the id of the controls that ADAL uses(Webview). BrokerBroker component will be delivered with Intune's Company portal app. Account will be created in Account Manager. Account type is "com.microsoft.workaccount". It only allows single SSO account. It will create SSO cookie for this user after completing device challenge for one of the apps. Authority Url and ADFSADFS is not recognized as production STS, so you need to turn of instance discovery and pass false at AuthenticationContext constructor. Authority url needs STS instance and tenant name: https://login.windows.net/yourtenant.onmicrosoft.com Federated sign-in failure if additional certificate downloads are requiredFederated sign-in may fail when attempting to authenticate using the Azure Active Directory Authentication Library (ADAL) for Android. See Using ADAL to authenticate from Android devices fails if additional certificate downloads are required for more information. Querying cache itemsADAL provides Default cache in SharedPrefrences with some simple cache query methods. You can get the current cache from AuthenticationContext with: ITokenCacheStore cache = mContext.getCache(); You can also provide your cache implementation, if you want to customize it. mContext = new AuthenticationContext(MainActivity.this, authority, true, yourCache); PromptBehaviorADAL provides option to specify prompt behavior. PromptBehavior.Auto will pop up UI if refresh token is invalid and user credentials are required. PromptBehavior.Always will skip the cache usage and always show UI. Handle Doze and App StandbyStarting Android 6.0, Android introduces the new battery optimization, which will cause no network access when it's in doze and app standby mode. This wiki page contains details for doze mode and how to handle it with ADAL (https://github.com/AzureAD/azure-activedirectory-library-for-android/wiki/Handle-Doze-and-App-Standby). Silent token request from cache and refreshThis method does not use UI pop up and not require an activity. It will return token from cache if available. If token is expired, it will try to refresh it. If refresh token is expired or failed, it will return AuthenticationException. Future<AuthenticationResult> result = mContext.acquireTokenSilent(resource, clientid, userId, callback ); You can also make sync call with this method. You can set null to callback or use acquireTokenSilentSync. ProGuardIf you are using ProGuard, we suggest disabling shrinking and obfuscation of ADAL classes so that our development team may assist you should issues arise. Additionally, portions of our unit and automation test code rely heavily on reflection and may not execute predictably across different versions of ProGuard. To disable obfuscation of ADAL classes:
DiagnosticsThe following are the primary sources of information for diagnosing issues:
Also, note that correlation IDs are central to the diagnostics in the library. You can set your correlation IDs on a per request basis if you want to correlate an ADAL request with other operations in your code. If you don't set a correlations id then ADAL will generate a random one and all log messages and network calls will be stamped with the correlation id. The self generated id changes on each request. ExceptionsThis is obviously the first diagnostic. We try to provide helpful error messages. If you find one that is not helpful please file an issue and let us know. Please also provide device information such as model and SDK#. LogsYou can configure the library to generate log messages that you can use to help diagnose issues. You configure logging by making the following call to configure a callback that ADAL will use to hand off each log message as it is generated. Logger.getInstance().setExternalLogger(new ILogger() {
@Override
public void Log(String tag, String message, String additionalMessage, LogLevel level, ADALError errorCode) {
...
// You can write this to logfile depending on level or errorcode.
writeToLogFile(getApplicationContext(), tag +":" + message + "-" + additionalMessage);
}
} Messages can be written to a custom log file as seen below. Unfortunately, there is no standard way of getting logs from a device. There are some services that can help you with this. You can also invent your own, such as sending the file to a server. 全部评论
专题导读
上一篇:swoole/swoole-src: 发布时间:2022-08-15下一篇:roughike/BottomBar: (Deprecated) A custom view component that mimics the new Mat ...发布时间:2022-08-15热门推荐
热门话题
阅读排行榜
|
请发表评论