Package it.pagopa.swclient.mil.azureservices.identity.service

Class AzureIdentityReactiveService

java.lang.Object

it.pagopa.swclient.mil.azureservices.identity.service.AzureIdentityReactiveService

@ApplicationScoped
public class AzureIdentityReactiveService
extends Object

Reactive service to get an access token for an Azure resource using a cache to reduce the invocations of Microsoft Entra ID.

Author:

Antonio Tarricone

Field Summary

Fields

Modifier and Type	Field	Description
private Map<String,AccessToken>	cache	Cache of access tokens.
private AzureIdentityClient	identityClient	Reactive client to retrieve an access token from Microsoft Entra ID.

Constructor Summary

Constructors

Constructor	Description
AzureIdentityReactiveService(Optional<String> identityClientId, Optional<String> identityEndpoint, Optional<String> identityHeader, Optional<String> authorityHost, Optional<String> tenantId, Optional<String> clientId, Optional<String> federatedTokenFile, jakarta.enterprise.inject.Instance<AzureIdentityClient> anyIdentityClient)	Constructor.

Method Summary

Modifier and Type	Method	Description
void	clearAccessTokenCache()	Clears the access tokens cache.
io.smallrye.mutiny.Uni<AccessToken>	getAccessToken(String scope)	Retrieves an access token for an Azure resource looking in the cache for a valid one and, in case of cache-miss, invokes Microsoft Entra ID.
AzureIdentityClient	getIdentityClient()	Returns identity client in use.
io.smallrye.mutiny.Uni<AccessToken>	getNewAccessTokenAndCacheIt(String scope)	Retrieves an access token from Microsoft Entra ID and stores it in the cache.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

identityClient

private AzureIdentityClient identityClient

Reactive client to retrieve an access token from Microsoft Entra ID.

cache

private Map<String,AccessToken> cache

Cache of access tokens. The key is the Scope.

Constructor Details

AzureIdentityReactiveService

@Inject
AzureIdentityReactiveService(Optional<String> identityClientId,
 Optional<String> identityEndpoint,
 Optional<String> identityHeader,
 Optional<String> authorityHost,
 Optional<String> tenantId,
 Optional<String> clientId,
 Optional<String> federatedTokenFile,
 @Any
 jakarta.enterprise.inject.Instance<AzureIdentityClient> anyIdentityClient)

Constructor.

Parameters:

identityClientId - Client ID to get access token by means of user managed identity

identityEndpoint - Endpoint to get access token by means of system(user managed identity

identityHeader - Value to use to set x-identity-header

authorityHost - Endpoint to get access token by means of workload identity

tenantId - Tenant ID

clientId - Client ID

federatedTokenFile - Token file with client assertion

anyIdentityClient - Any identity client

Method Details

getNewAccessTokenAndCacheIt

public io.smallrye.mutiny.Uni<AccessToken> getNewAccessTokenAndCacheIt(String scope)

Retrieves an access token from Microsoft Entra ID and stores it in the cache.

Parameters:

scope - Scope

Returns:

AccessToken

getAccessToken

public io.smallrye.mutiny.Uni<AccessToken> getAccessToken(String scope)

Retrieves an access token for an Azure resource looking in the cache for a valid one and, in case of cache-miss, invokes Microsoft Entra ID.

Parameters:

scope - Scope

Returns:

AccessToken

clearAccessTokenCache

public void clearAccessTokenCache()

Clears the access tokens cache.

getIdentityClient

public AzureIdentityClient getIdentityClient()

Returns identity client in use.

Returns:

AzureIdentityClient