[GitHub] [hadoop] mukund-thakur commented on a change in pull request #2445: HADOOP-17363. ABFS: Fix Oauth 2.0 username-password authentication issues

Sun, 20 Jun 2021 22:58:11 -0700 


mukund-thakur commented on a change in pull request #2445:
URL: https://github.com/apache/hadoop/pull/2445#discussion_r655093731



##########
File path: 
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/oauth2/AzureADAuthenticator.java
##########
@@ -154,6 +154,53 @@ public static AzureADToken getTokenFromMsi(final String 
authEndpoint,
     return getTokenCall(authEndpoint, qp.serialize(), headers, "GET", true);
   }
 
+
+  /**
+   * gets Azure Active Directory token using the user's username and password. 
This only
+   * works if the identity can be authenticated directly by 
microsoftonline.com. It will likely
+   * not work if the domain is federated and/or multi-factor authentication or 
other form of
+   * strong authentication is configured for the user.
+   *
+   * @param authEndpoint the OAuth 2.0 token endpoint associated
+   *                     with the user's directory (obtain from
+   *                     Active Directory configuration)
+   * @param username     the user name of the user
+   * @param password     the password of the user
+   * @param clientId     the client ID (GUID) of the client web app
+   *                     obtained from Azure Active Directory configuration
+   * @param clientSecret (optional) the secret key of the client web app
+   *                     If the app is a confidential client, then it must be 
included
+   * @return {@link AzureADToken} obtained using the creds
+   * @throws IOException throws IOException if there is a failure in 
connecting to Azure AD
+   */
+  public static AzureADToken getTokenUsingUserCreds(String authEndpoint,
+      String username, String password, String clientId,
+      String clientSecret) throws IOException {

Review comment:
       Seems like clientSecret is not required. Why are we still passing this?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to