Authorization Code Grant and Notifies on Microsoft Authenticator

AdriR 0 Reputation points
2023-05-15T15:09:11.92+00:00

Hi,

I want to implement this flow on my code:

  1. When you click on the login button, the web application (registered on Azure) makes a request to the authentication server (Azure AD) with the user's credentials (username and password).
  2. Azure AD verifies the user's credentials and generates a unique authorization code associated with that specific login request.
  3. Azure AD redirects the web application to Microsoft Authenticator, including the authorization code in the redirect.
  4. Microsoft Authenticator displays a notification to the user on the mobile device, requesting approval for login.
  5. User hits the approve button on the Microsoft Authenticator notification (within 60 seconds?)
  6. On the confirmation click, Microsoft Authenticator sends the authorization code to Azure AD.
  7. Azure AD verifies the authorization code and generates a valid access token.
  8. Azure AD sends the access token to the web application

Can Azure AD do these things? If yes, is this code complete?

String loginAndToken(String username, String password) throws Exception {    
User user = null;    PublicClientApplication application = PublicClientApplication.builder(clientID)            .authority("https://login.microsoftonline.com + tenantId).build();    UserNamePasswordParameters parameters = UserNamePasswordParameters.builder(new HashSet<>(Arrays.asList("openid", "profile")),            username, password.toCharArray())            .build();    IAuthenticationResult result = application.acquireToken(parameters).get(60, TimeUnit.SECONDS);    if(result == null) {        throw new BadCredentialsException ("User did not authorize access within 60 seconds");    } else {        return result.accessToken();}

I have this problem wher I try this row:
application.acquireToken(parameters).get(60, TimeUnit.SECONDS);

This is my exception:

2023-05-15 17:15:55.173 ERROR 7708 --- [onPool-worker-1] c.m.aad.msal4j.PublicClientApplication : [Correlation ID: ########-####-####-####-############] Execution of class com.microsoft.aad.msal4j.AcquireTokenByAuthorizationGrantSupplier failed.

com.microsoft.aad.msal4j.MsalClientException: java.net.SocketTimeoutException: connect timed out

What could be the problem?

Thanks a lot

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
3,276 questions
0 comments