Update key vault jca readme (Azure#19505)

Author: Rujun Chen

sdk/keyvault/azure-security-keyvault-jca/README.md

@@ -28,74 +28,78 @@ Maven dependency for the Azure Key Vault JCA client library. Add it to your proj
 - [Azure Subscription][azure_subscription]
 - An existing [Azure Key Vault][azure_keyvault]. If you need to create a Key Vault, you can use the [Azure Cloud Shell][azure_cloud_shell] to create one with this Azure CLI command. Replace `<your-resource-group-name>` and `<your-key-vault-name>` with your own, unique names:
 
-    ```Bash
-    az keyvault create --resource-group <your-resource-group-name> --name <your-key-vault-name>
-    ```
+```Bash
+az keyvault create --resource-group <your-resource-group-name> --name <your-key-vault-name>
+```
 
 ## Key concepts
 
 ## Examples
 ### Server side SSL
 If you are looking to integrate the JCA provider to create an SSLServerSocket see the example below.
 
+<!-- embedme ./src/samples/java/com/azure/security/keyvault/jca/ServerSSLSample.java#L18-L37 -->
 ```java
 KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
 Security.addProvider(provider);
 
-KeyStore ks = KeyStore.getInstance("AzureKeyVault");
+KeyStore keyStore = KeyStore.getInstance("AzureKeyVault");
 KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
     System.getProperty("azure.keyvault.uri"),
+    System.getProperty("azure.keyvault.aad-authentication-url"),
     System.getProperty("azure.keyvault.tenant-id"),
     System.getProperty("azure.keyvault.client-id"),
     System.getProperty("azure.keyvault.client-secret"));
-ks.load(parameter);
+keyStore.load(parameter);
 
-KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-kmf.init(ks, "".toCharArray());
+KeyManagerFactory managerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+managerFactory.init(keyStore, "".toCharArray());
 
 SSLContext context = SSLContext.getInstance("TLS");
-context.init(kmf.getKeyManagers(), null, null);
+context.init(managerFactory.getKeyManagers(), null, null);
 
-SSLServerSocketFactory factory = context.getServerSocketFactory();
-SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(8765);
+SSLServerSocketFactory socketFactory = context.getServerSocketFactory();
+SSLServerSocket serverSocket = (SSLServerSocket) socketFactory.createServerSocket(8765);
 ```
 
 Note if you want to use Azure Managed Identity, you should set the value of `azure.keyvault.uri`, and the rest of the parameters would be `null`.
 
 ### Client side SSL
 If you are looking to integrate the JCA provider for client side socket connections, see the Apache HTTP client example below.
 
+<!-- embedme ./src/samples/java/com/azure/security/keyvault/jca/ClientSSLSample.java#L28-L71 -->
 ```java
 KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
 Security.addProvider(provider);
 
-KeyStore ks = KeyStore.getInstance("AzureKeyVault");
+KeyStore keyStore = KeyStore.getInstance("AzureKeyVault");
 KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
-        System.getProperty("azure.keyvault.uri"),
-        System.getProperty("azure.keyvault.tenant-id"),
-        System.getProperty("azure.keyvault.client-id"),
-        System.getProperty("azure.keyvault.client-secret"));
-ks.load(parameter);
+    System.getProperty("azure.keyvault.uri"),
+    System.getProperty("azure.keyvault.aad-authentication-url"),
+    System.getProperty("azure.keyvault.tenant-id"),
+    System.getProperty("azure.keyvault.client-id"),
+    System.getProperty("azure.keyvault.client-secret"));
+keyStore.load(parameter);
 
 SSLContext sslContext = SSLContexts
     .custom()
-    .loadTrustMaterial(ks, new TrustSelfSignedStrategy())
+    .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
     .build();
 
-SSLConnectionSocketFactory sslSocketFactory = SSLConnectionSocketFactoryBuilder
+SSLConnectionSocketFactory factory = SSLConnectionSocketFactoryBuilder
     .create()
     .setSslContext(sslContext)
     .setHostnameVerifier((hostname, session) -> true)
     .build();
 
-PoolingHttpClientConnectionManager cm = PoolingHttpClientConnectionManagerBuilder
+PoolingHttpClientConnectionManager manager = PoolingHttpClientConnectionManagerBuilder
     .create()
-    .setSSLSocketFactory(sslSocketFactory)
+    .setSSLSocketFactory(factory)
     .build();
 
 String result = null;
 
-try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build()) {
+try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(manager).build()) {
     HttpGet httpGet = new HttpGet("https://localhost:8766");
     HttpClientResponseHandler<String> responseHandler = (ClassicHttpResponse response) -> {
         int status = response.getCode();

sdk/keyvault/azure-security-keyvault-jca/src/main/java/com/azure/security/keyvault/jca/KeyVaultLoadStoreParameter.java

@@ -10,6 +10,8 @@
  */
 public class KeyVaultLoadStoreParameter implements KeyStore.LoadStoreParameter {
 
+    private static final String DEFAULT_AAD_AUTHENTICATION_URL = "https://login.microsoftonline.com/";
+
     /**
      * Stores the URI.
      */
@@ -73,7 +75,7 @@ public KeyVaultLoadStoreParameter(String uri, String managedIdentity) {
      * @param clientSecret the client secret.
      */
     public KeyVaultLoadStoreParameter(String uri, String tenantId, String clientId, String clientSecret) {
-        this(uri, null, tenantId, clientId, clientSecret);
+        this(uri, DEFAULT_AAD_AUTHENTICATION_URL, tenantId, clientId, clientSecret);
     }
 
 

sdk/keyvault/azure-security-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/ClientSSLSample.java

@@ -23,38 +23,39 @@
  * The ClientSSL sample.
  */
 public class ClientSSLSample {
-    public void clientSSLSample() throws Exception {
+
+    public static void main(String[] args) throws Exception {
         KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
         Security.addProvider(provider);
 
-        KeyStore ks = KeyStore.getInstance("AzureKeyVault");
+        KeyStore keyStore = KeyStore.getInstance("AzureKeyVault");
         KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
             System.getProperty("azure.keyvault.uri"),
             System.getProperty("azure.keyvault.aad-authentication-url"),
             System.getProperty("azure.keyvault.tenant-id"),
             System.getProperty("azure.keyvault.client-id"),
             System.getProperty("azure.keyvault.client-secret"));
-        ks.load(parameter);
+        keyStore.load(parameter);
 
         SSLContext sslContext = SSLContexts
             .custom()
-            .loadTrustMaterial(ks, new TrustSelfSignedStrategy())
+            .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy())
             .build();
 
-        SSLConnectionSocketFactory sslSocketFactory = SSLConnectionSocketFactoryBuilder
+        SSLConnectionSocketFactory factory = SSLConnectionSocketFactoryBuilder
             .create()
             .setSslContext(sslContext)
             .setHostnameVerifier((hostname, session) -> true)
             .build();
 
-        PoolingHttpClientConnectionManager cm = PoolingHttpClientConnectionManagerBuilder
+        PoolingHttpClientConnectionManager manager = PoolingHttpClientConnectionManagerBuilder
             .create()
-            .setSSLSocketFactory(sslSocketFactory)
+            .setSSLSocketFactory(factory)
             .build();
 
         String result = null;
 
-        try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(cm).build()) {
+        try (CloseableHttpClient client = HttpClients.custom().setConnectionManager(manager).build()) {
             HttpGet httpGet = new HttpGet("https://localhost:8766");
             HttpClientResponseHandler<String> responseHandler = (ClassicHttpResponse response) -> {
                 int status = response.getCode();
@@ -69,4 +70,5 @@ public void clientSSLSample() throws Exception {
             ioe.printStackTrace();
         }
     }
+
 }

sdk/keyvault/azure-security-keyvault-jca/src/samples/java/com/azure/security/keyvault/jca/ServerSSLSample.java

@@ -13,26 +13,28 @@
  * The ServerSSL sample.
  */
 public class ServerSSLSample {
-    public void serverSSLSample() throws Exception {
+
+    public static void main(String[] args) throws Exception {
         KeyVaultJcaProvider provider = new KeyVaultJcaProvider();
         Security.addProvider(provider);
 
-        KeyStore ks = KeyStore.getInstance("AzureKeyVault");
+        KeyStore keyStore = KeyStore.getInstance("AzureKeyVault");
         KeyVaultLoadStoreParameter parameter = new KeyVaultLoadStoreParameter(
             System.getProperty("azure.keyvault.uri"),
             System.getProperty("azure.keyvault.aad-authentication-url"),
             System.getProperty("azure.keyvault.tenant-id"),
             System.getProperty("azure.keyvault.client-id"),
             System.getProperty("azure.keyvault.client-secret"));
-        ks.load(parameter);
+        keyStore.load(parameter);
 
-        KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-        kmf.init(ks, "".toCharArray());
+        KeyManagerFactory managerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+        managerFactory.init(keyStore, "".toCharArray());
 
         SSLContext context = SSLContext.getInstance("TLS");
-        context.init(kmf.getKeyManagers(), null, null);
+        context.init(managerFactory.getKeyManagers(), null, null);
 
-        SSLServerSocketFactory factory = context.getServerSocketFactory();
-        SSLServerSocket serverSocket = (SSLServerSocket) factory.createServerSocket(8765);
+        SSLServerSocketFactory socketFactory = context.getServerSocketFactory();
+        SSLServerSocket serverSocket = (SSLServerSocket) socketFactory.createServerSocket(8765);
     }
+
 }