Update auth code URL builder (#52)

Azure-Samples · Jun 30, 2020 · e8b53fa · e8b53fa
1 parent 911ee83
commit e8b53fa
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 18 deletions.
diff --git a/msal-java-webapp-sample/pom.xml b/msal-java-webapp-sample/pom.xml
@@ -23,7 +23,7 @@
 		<dependency>
 			<groupId>com.microsoft.azure</groupId>
 			<artifactId>msal4j</artifactId>
-			<version>1.4.0</version>
+			<version>1.6.1</version>
 		</dependency>
 		<dependency>
 			<groupId>com.nimbusds</groupId>

diff --git a/msal-java-webapp-sample/src/main/java/com/microsoft/azure/msalwebsample/AuthHelper.java b/msal-java-webapp-sample/src/main/java/com/microsoft/azure/msalwebsample/AuthHelper.java
@@ -156,23 +156,22 @@ void sendAuthRedirect(HttpServletRequest httpRequest, HttpServletResponse httpRe
     String getAuthorizationCodeUrl(String claims, String scope, String registeredRedirectURL, String state, String nonce)
             throws UnsupportedEncodingException {
 
-        String urlEncodedScopes = scope == null ?
-                URLEncoder.encode("openid offline_access profile", "UTF-8") :
-                URLEncoder.encode("openid offline_access profile" + " " + scope, "UTF-8");
-
-
-        String authorizationCodeUrl = authority + "oauth2/v2.0/authorize?" +
-                "response_type=code&" +
-                "response_mode=query&" +
-                "redirect_uri=" +  URLEncoder.encode(registeredRedirectURL, "UTF-8") +
-                "&client_id=" + clientId +
-                "&scope=" + urlEncodedScopes +
-                (StringUtils.isEmpty(claims) ? "" : "&claims=" + claims) +
-                "&prompt=select_account" +
-                "&state=" + state
-                + "&nonce=" + nonce;
-
-        return authorizationCodeUrl;
+        String urlEncodedScopes = scope == null ? "" : URLEncoder.encode(scope, "UTF-8");
+
+        PublicClientApplication pca = PublicClientApplication.builder(clientId).build();
+
+        AuthorizationRequestUrlParameters parameters =
+                AuthorizationRequestUrlParameters
+                        .builder(registeredRedirectURL,
+                                Collections.singleton(urlEncodedScopes))
+                        .responseMode(ResponseMode.QUERY)
+                        .prompt(Prompt.SELECT_ACCOUNT)
+                        .state(state)
+                        .nonce(nonce)
+                        .claimsChallenge(claims)
+                        .build();
+
+        return pca.getAuthorizationRequestUrl(parameters).toString();
     }
 
     private IAuthenticationResult getAuthResultByAuthCode(