Search code examples
javamicrosoft-graph-apiazure-ad-msalmicrosoft-graph-sdksmicrosoft-graph-calendar

How to obtain refresh token in Microsoft Authorization Code flow - java sdk

I am implementing "Login with Microsoft button" and I need to store the refresh token in my database so that I can use that to obtain new access tokens in future. I am trying to do this with Java sdk for microsoft graph.

Edit 1: I actually want to create calendar events using my web application. So, the goal is for the web app to access Graph API without having a signed in user present.

This is what the code looks like:

AuthorizationCode authorizationCode = new AuthorizationCode(httpServletRequest.getParameter("code"));
        String currentUri = httpServletRequest.getRequestURL().toString();
        
        IAuthenticationResult result;
        ConfidentialClientApplication app;
        try {
            app = createClientApplication();

            String authCode = authorizationCode.getValue();
            Set<String> scopes = new HashSet<String>();
            scopes.add("Calendars.ReadWrite");
            
            AuthorizationCodeParameters parameters = AuthorizationCodeParameters.builder(authCode, new URI(currentUri)).scopes(scopes)
                    .build();
            
            Future<IAuthenticationResult> future = app.acquireToken(parameters);
            result = future.get();
        
        } catch (ExecutionException e) {
            throw e.getCause();
        }
String accessToken = result.accessToken();

/*
IAuthenticationResult does not contain any method to get the refresh token - how do I get the refresh token??

I want to do something like: result.refreshToken();
*/

IAuthenticationResult is implemented by AuthenticationResult -- but, AuthenticationResult is declared in another class and is not public. AuthenticationResult exposes a method to obtain refreshToken but, I am not able to access it.

Can someone help me access the refresh token?

Thanks!

Solution

  • I got the answer from this link: https://github.com/AzureAD/microsoft-authentication-library-for-java/issues/228

    Short Answer: Use reflection

    try {
            //see com.microsoft.aad.msal4j.AuthenticationResult#refreshToken
            final Field refreshTokenField = result.getClass()
                .getDeclaredField("refreshToken");
            refreshTokenField.setAccessible(true);
            return refreshTokenField.get(result).toString();
        } catch (IllegalAccessException | NoSuchFieldException e) {
            throw new RuntimeException(e);
        }