I've a Java program using ADAL4J that works great on a non-mobile device but when deployed to any mobile devices via Oracle MAF (which deploys as Cordova, HTML5, CSS), it fails on the AuthenticationContext method.
The error is:
com.microsoft.aad.adal.AuthenticationException: Prompt is not allowed and failed to get token:
Here is the main code:
service = Executors.newFixedThreadPool(1); String url = AUTHORIZATION_ENDPOINT + tenantId + "/oauth2/authorize"; //Next line is where it fails authContext = new AuthenticationContext(url, false, service); Future<AuthenticationResult> future = authContext.acquireToken(ARM_ENDPOINT, clientId, username, credential, null); result = future.get(); System.out.println("Access Token - " + result.getAccessToken()); System.out.println("ID Token - " + result.getIdToken());
Based on the research I've done it appears I may need to use the AcquireTokenSilent method instead, however this method does not exist in the ADAL for Java library (using ADAL4J 1.1.3, most recent as of this post). I did see that there is an <a href="https://github.com/AzureAD/azure-activedirectory-library-for-cordova" rel="nofollow" title="ADAL For Cordova">ADAL for Cordova</a> library that contains this method that may work. However that uses NodeJS and I'd prefer to stick with a Java solution if possible.
Would appreciate any assistance. Thanks.
EDIT: I think the main issue if that the ADAL4J library does not support the AuthenticationContext.tokenCache property nor does it include support for the <a href="https://msdn.microsoft.com/en-us/library/microsoft.identitymodel.clients.activedirectory.promptbehavior.aspx" rel="nofollow">PromptBehavior</a> option that is there in the device specific ADAL implementations.
If true, guess I'll either have to try the ADAL for Cordova or each device ADAL SDK.Answer1:
According to your description, based on my understanding, I think you want to create a mobile application cross platform like iOS/Android/etc using Oracle MAF in Java.
So per my experience, the solution which be suitable for your needs in Java is using OAuth2 REST APIs for authentication via Java HTTP client on Azure AD, please refer to the offical tutorial <a href="https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-v2-protocols-oauth-code" rel="nofollow">OAuth 2.0 Authorization Code Flow</a>.
If just for Android, you can directly use <a href="https://github.com/AzureAD/azure-activedirectory-library-for-android" rel="nofollow">ADAL for Android</a> to do that. Otherwise, it seems that there is not any existing library to directly support for authentication within multi-platform in Java. Hope it helps.