Spring Boot migration -- Azure AD B2C

eng/jacoco-test-coverage/pom.xml

@@ -187,6 +187,11 @@
       <artifactId>azure-sdk-template</artifactId>
       <version>1.0.4-beta.13</version> <!-- {x-version-update;com.azure:azure-sdk-template;current} -->
     </dependency>
+    <dependency>
+      <groupId>com.microsoft.azure</groupId>
+      <artifactId>azure-spring-boot</artifactId>
+      <version>2.2.5-beta.1</version> <!-- {x-version-update;com.microsoft.azure:azure-spring-boot;current} -->
+    </dependency>
   </dependencies>
 
   <build>

eng/versioning/version_client.txt

@@ -42,6 +42,10 @@ com.azure:azure-storage-perf;1.0.0-beta.1;1.0.0-beta.1
 com.azure:azure-storage-queue;12.5.1;12.6.0-beta.1
 com.azure:perf-test-core;1.0.0-beta.1;1.0.0-beta.1
 com.azure:azure-test-watcher;1.0.0-beta.1;1.0.0-beta.1
+com.microsoft.azure:azure-spring-boot;2.2.4;2.2.5-beta.1
+com.microsoft.azure:azure-spring-boot-starter;2.2.4;2.2.5-beta.1
+com.microsoft.azure:azure-active-directory-spring-boot-starter;2.2.4;2.2.5-beta.1
+com.microsoft.azure:azure-active-directory-b2c-spring-boot-starter;2.2.4;2.2.5-beta.1
 
 # Unreleased dependencies: Copy the entry from above, prepend "unreleased_" and remove the current
 # version. Unreleased dependencies are only valid for dependency versions.

eng/versioning/version_data.txt

@@ -40,6 +40,5 @@ com.microsoft.azure.msi_auth_token_provider:azure-authentication-msi-token-provi
 com.microsoft.azure:azure-eventgrid;1.4.0-beta.1;1.4.0-beta.1
 com.microsoft.azure:azure-loganalytics;1.0.0-beta-2;1.0.0-beta.2
 com.microsoft.azure:azure-media;1.0.0-beta.1;1.0.0-beta.1
-com.microsoft.azure:azure-spring-boot;2.2.4;2.2.5-beta.1
-com.microsoft.azure:azure-spring-boot-starter;2.2.4;2.2.5-beta.1
-com.microsoft.azure:azure-active-directory-spring-boot-starter;2.2.4;2.2.5-beta.1
+
+

sdk/spring/azure-spring-boot-starter-active-directory-b2c/README.md

@@ -0,0 +1,220 @@
+# Azure AD B2C Spring Boot Starter client library for Java
+## Overview
+
+Azure Active Directory (Azure AD) B2C is an identity management service that enables you to customize and control how
+customers sign up, sign in, and manage their profiles when using your applications. Azure AD B2C enables these actions
+while protecting the identities of your customers at the same time.
+
+## Prerequisites
+
+The following prerequisites are required in order to complete the steps in this article:
+
+* A supported Java Development Kit (JDK). For more information about the JDKs available for use when developing on Azure, see <https://aka.ms/azure-jdks>.
+* [Apache Maven](http://maven.apache.org/), version 3.0 or later.
+* Azure subscription.
+
+If you don't have an Azure subscription, create a [free account](https://azure.microsoft.com/free/?WT.mc_id=A261C142F) before you begin.
+
+## Getting started
+
+### Create the Active Directory instance
+
+1. Log into <https://portal.azure.com>.
+
+2. Click **+Create a resource**, then **Identity**, and then **Azure Active Directory B2C**.
+
+3. Enter your **Organization name** and your **Initial domain name**, record the **domain name** as your
+`${your-tenant-name}` and click **Create**.
+
+4. Select your account name on the top-right of the Azure portal toolbar, then click **Switch directory**.
+
+5. Select your new Azure Active Directory from the drop-down menu.
+
+6. Search `b2c` and click `Azure AD B2C` service.
+
+### Add an application registration for your Spring Boot app
+
+1. Select **Azure AD B2C** from the portal menu, click **Applications**, and then click **Add**.
+
+2. Specify your application **Name**, add `http://localhost:8080/home` for the **Reply URL**, record the
+**Application ID** as your `${your-client-id}` and then click **Save**.
+
+3. Select **Keys** from your application, click **Generate key** to generate `${your-client-secret}` and then **Save**.
+
+4. Select **User flows** on your left, and then **Click** **New user flow **.
+
+5. Choose **Sign up or in**, **Profile editing** and **Password reset** to create user flows
+respectively. Specify your user flow **Name** and **User attributes and claims**, click **Create**.
+
+## Examples
+### Configure and compile your app
+
+1. Extract the files from the project archive you created and downloaded earlier in this tutorial into a directory.
+
+2. Navigate to the parent folder for your project, and open the `pom.xml` Maven project file in a text editor.
+
+3. Add the dependencies for Spring OAuth2 security to the `pom.xml`:
+
+   ```xml
+   <dependency>
+       <groupId>com.azure</groupId>
+       <artifactId>azure-spring-boot-starter-active-directory-b2c</artifactId>
+   </dependency>
+   <dependency>
+       <groupId>org.springframework.boot</groupId>
+       <artifactId>spring-boot-starter-thymeleaf</artifactId>
+   </dependency>
+   <dependency>
+       <groupId>org.thymeleaf.extras</groupId>
+       <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+   </dependency>
+   ```
+
+4. Save and close the *pom.xml* file.
+
+5. Navigate to the *src/main/resources* folder in your project and open the *application.yml* file in a text editor.
+
+6. Specify the settings for your app registration using the values you created earlier; for example:
+
+   ```yaml
+   azure:
+     activedirectory:
+       b2c:
+         tenant: ${your-tenant-name}
+         client-id: ${your-client-id}
+         client-secret: ${your-client-secret}
+         reply-url: ${your-reply-url-from-aad} # should be absolute url.
+         logout-success-url: ${you-logout-success-url}
+         user-flows:
+           sign-up-or-sign-in: ${your-sign-up-or-in-user-flow}
+           profile-edit: ${your-profile-edit-user-flow}     # optional
+           password-reset: ${your-password-reset-user-flow} # optional
+   ```
+   Where:
+
+   | Parameter | Description |
+   |---|---|
+   | `azure.activedirectory.b2c.tenant` | Contains your AD B2C's `${your-tenant-name` from earlier. |
+   | `azure.activedirectory.b2c.client-id` | Contains the `${your-client-id}` from your application that you completed earlier. |
+   | `azure.activedirectory.b2c.client-secret` | Contains the `${your-client-secret}` from your application that you completed earlier. |
+   | `azure.activedirectory.b2c.reply-url` | Contains one of the **Reply URL** from your application that you completed earlier. |
+   | `azure.activedirectory.b2c.logout-success-url` | Specify the URL when your application logout successfully. |
+   | `azure.activedirectory.b2c.user-flows` | Contains the name of the user flows that you completed earlier.
+
+7. Save and close the *application.yml* file.
+
+8. Create a folder named *controller* in the Java source folder for your application.
+
+9. Create a new Java file named *AADB2CWebController.java* in the *controller* folder and open it in a text editor.
+
+10. Enter the following code, then save and close the file:
+<!-- embedme ../azure-spring-boot/src/samples/java/com/azure/spring/btoc/AADB2CWebController.java#L18-L50 -->
+```java
+@Controller
+public class AADB2CWebController {
+
+    private void initializeModel(Model model, OAuth2AuthenticationToken token) {
+        if (token != null) {
+            final OAuth2User user = token.getPrincipal();
+
+            model.addAttribute("grant_type", user.getAuthorities());
+            model.addAllAttributes(user.getAttributes());
+        }
+    }
+
+    @GetMapping(value = "/")
+    public String index(Model model, OAuth2AuthenticationToken token) {
+        initializeModel(model, token);
+
+        return "home";
+    }
+
+    @GetMapping(value = "/greeting")
+    public String greeting(Model model, OAuth2AuthenticationToken token) {
+        initializeModel(model, token);
+
+        return "greeting";
+    }
+
+    @GetMapping(value = "/home")
+    public String home(Model model, OAuth2AuthenticationToken token) {
+        initializeModel(model, token);
+
+        return "home";
+    }
+}
+```
+
+11. Create a folder named *security* in the Java source folder for your application.
+
+12. Create a new Java file named *AADB2COidcLoginConfigSample.java* in the *security* folder and open it in a text editor.
+
+13. Enter the following code, then save and close the file:
+<!-- embedme ../azure-spring-boot/src/samples/java/com/azure/spring/btoc/AADB2COidcLoginConfigSample.java#L17-L34 -->
+```java
+@EnableWebSecurity
+public class AADB2COidcLoginConfigSample extends WebSecurityConfigurerAdapter {
+
+    private final AADB2COidcLoginConfigurer configurer;
+
+    public AADB2COidcLoginConfigSample(AADB2COidcLoginConfigurer configurer) {
+        this.configurer = configurer;
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .apply(configurer);
+    }
+}
+```
+14. Copy the `greeting.html` and `home.html` from [Azure AD B2C Spring Boot Sample](../azure-spring-boot-samples/azure-spring-boot-sample-active-directory-b2c-oidc/src/main/resources/templates), and replace the
+`${your-profile-edit-user-flow}` and `${your-password-reset-user-flow}` with your user flow name
+respectively that completed earlier.
+
+### Build and test your app
+
+1. Open a command prompt and change directory to the folder where your app's *pom.xml* file is located.
+
+2. Build your Spring Boot application with Maven and run it; for example:
+
+   ```shell
+   mvn clean package
+   mvn spring-boot:run
+   ```
+
+3. After your application is built and started by Maven, open <http://localhost:8080/> in a web browser; 
+you should be redirected to login page.
+
+4. Click linke with name of `${your-sign-up-or-in}` user flow, you should be rediected Azure AD B2C to start the authentication process.
+
+4. After you have logged in successfully, you should see the sample `home page` from the browser.
+
+## Key concepts
+
+## Troubleshooting
+
+## Next steps
+#### Allow telemetry
+
+Microsoft would like to collect data about how users use this Spring boot starter. Microsoft uses this information to improve our tooling experience. Participation is voluntary. If you don't want to participate, just simply disable it by setting below configuration in `application.properties`.
+
+```
+azure.activedirectory.b2c.allow-telemetry=false
+```
+
+When telemetry is enabled, an HTTP request will be sent to URL `https://dc.services.visualstudio.com/v2/track`. So please make sure it's not blocked by your firewall.
+
+Find more information about Azure Service Privacy Statement, please check [Microsoft Online Services Privacy Statement](https://www.microsoft.com/en-us/privacystatement/OnlineServices/Default.aspx).
+
+## Contributing
+
+## Summary
+
+In this documentation, you created a new Java web application using the Azure Active Directory B2C starter,
+configured a new Azure AD B2C tenant and registered a new application in it, and then configured your
+application to use the Spring annotations and classes to protect the web app.
+

sdk/spring/azure-spring-boot-starter-active-directory-b2c/pom.xml

@@ -0,0 +1,119 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>com.azure</groupId>
+    <artifactId>azure-client-sdk-parent</artifactId>
+    <version>1.7.0</version> <!-- {x-version-update;com.azure:azure-client-sdk-parent;current} -->
+    <relativePath>../../parents/azure-client-sdk-parent</relativePath>
+  </parent>
+
+  <groupId>com.microsoft.azure</groupId>
+  <artifactId>azure-active-directory-b2c-spring-boot-starter</artifactId>
+  <version>2.2.5-beta.1</version> <!-- {x-version-update;com.microsoft.azure:azure-active-directory-b2c-spring-boot-starter;current} -->
+
+  <name>Azure AD B2C Spring Security Integration Spring Boot Starter</name>
+  <description>Spring Boot Starter for Azure AD B2C and Spring Security Integration</description>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter</artifactId>
+      <version>2.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.boot:spring-boot-starter;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-validation</artifactId>
+      <version>2.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.boot:spring-boot-starter-validation;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>com.microsoft.azure</groupId>
+      <artifactId>azure-spring-boot</artifactId>
+      <version>2.2.5-beta.1</version> <!-- {x-version-update;com.microsoft.azure:azure-spring-boot;current} -->
+    </dependency>
+
+    <!-- Below poms will be replaced to azure-spring-boot-starter pom when no milestone tag. -->
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-web</artifactId>
+      <version>5.2.5.RELEASE</version> <!-- {x-version-update;org.springframework:spring-web;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>javax.validation</groupId>
+      <artifactId>validation-api</artifactId>
+      <version>2.0.1.Final</version> <!-- {x-version-update;javax.validation:validation-api;external_dependency} -->
+    </dependency>
+
+    <!-- Spring Security Dependency -->
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-core</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-core;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-web</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-web;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-config</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-config;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-oauth2-core</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-oauth2-core;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-oauth2-client</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-oauth2-client;external_dependency} -->
+    </dependency>
+
+    <dependency>
+      <groupId>org.springframework.security</groupId>
+      <artifactId>spring-security-oauth2-jose</artifactId>
+      <version>5.2.0.RELEASE</version> <!-- {x-version-update;org.springframework.security:spring-security-oauth2-jose;external_dependency} -->
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-enforcer-plugin</artifactId>
+        <version>3.0.0-M3</version> <!-- {x-version-update;org.apache.maven.plugins:maven-enforcer-plugin;external_dependency} -->
+        <configuration>
+          <rules>
+            <bannedDependencies>
+              <includes>
+                <include>com.microsoft.azure:*</include>
+                <include>javax.validation:validation-api:[2.0.1.Final]</include> <!-- {x-include-update;javax.validation:validation-api;external_dependency} -->
+                <include>org.springframework:spring-web:[5.2.5.RELEASE]</include> <!-- {x-include-update;org.springframework:spring-web;external_dependency} -->
+                <include>org.springframework.boot:spring-boot-starter:[2.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.boot:spring-boot-starter;external_dependency} -->
+                <include>org.springframework.boot:spring-boot-starter-validation:[2.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.boot:spring-boot-starter-validation;external_dependency} -->
+                <include>org.springframework.security:spring-security-config:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-config;external_dependency} -->
+                <include>org.springframework.security:spring-security-core:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-core;external_dependency} -->
+                <include>org.springframework.security:spring-security-oauth2-client:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-oauth2-client;external_dependency} -->
+                <include>org.springframework.security:spring-security-oauth2-core:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-oauth2-core;external_dependency} -->
+                <include>org.springframework.security:spring-security-oauth2-jose:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-oauth2-jose;external_dependency} -->
+                <include>org.springframework.security:spring-security-web:[5.2.0.RELEASE]</include> <!-- {x-include-update;org.springframework.security:spring-security-web;external_dependency} -->
+              </includes>
+            </bannedDependencies>
+          </rules>
+        </configuration>
+      </plugin>
+    </plugins>
+  </build>
+</project>

sdk/spring/azure-spring-boot-starter-active-directory-b2c/src/main/resources/aadb2c.enable.config

@@ -0,0 +1 @@
+dummy