Compare commits

..

73 Commits

Author SHA1 Message Date
637898120a v3.0.3-cxf pom 2025-03-03 09:15:04 -05:00
7f7d7a9004 Merge branch 'stable' into stable-cxf 2025-03-03 09:14:33 -05:00
0820dd7a7c Merge branch 'develop-cxf' into stable-cxf 2025-03-03 09:14:03 -05:00
65eedab7e6 v3.0.3 pom 2025-03-03 09:08:09 -05:00
4d3af40911 Merge branch 'develop' into stable 2025-03-03 09:07:50 -05:00
06b4171141 Merge branch 'develop' into develop-cxf 2025-03-03 09:07:29 -05:00
4353c673db fix HeaderAuthorizationFilter multimap usage 2025-03-03 09:07:15 -05:00
66454c36ef Merge branch 'stable' into stable-cxf 2025-02-28 11:14:34 -05:00
c1621491c8 Merge branch 'develop-cxf' into stable-cxf 2025-02-28 11:12:55 -05:00
eb2bd96ced v3.0.2 pom 2025-02-28 11:12:23 -05:00
c2147e1461 Merge branch 'develop' into stable 2025-02-28 11:12:03 -05:00
4ac69a15cf cxf v4.0.6 2025-02-28 11:11:39 -05:00
8fb4527b90 Merge branch 'develop' into develop-cxf 2025-02-28 11:11:01 -05:00
52cffffa8e upgrade maven plugins 2025-02-28 11:10:17 -05:00
e9bc191945 updated javadocs 2025-02-28 11:07:55 -05:00
d5ef510aeb v3.0.2-cxf pom 2025-02-28 10:25:25 -05:00
24fbe5f5ed Merge branch 'stable' into stable-cxf 2025-02-28 10:25:03 -05:00
6c58263903 v3.0.2 pom 2025-02-28 10:24:22 -05:00
e015ec5a1e Merge branch 'develop' into stable 2025-02-28 10:24:02 -05:00
795c9fef44 added header-based auth filter 2025-02-28 10:21:57 -05:00
e1b3fd9b92 v3.0.1-cxf 2024-10-24 11:18:18 -04:00
b2efbc3f5f Merge branch 'develop-cxf' into stable-cxf 2024-10-24 11:17:46 -04:00
d46d258a65 cxf v4.0.5 2024-10-24 11:17:23 -04:00
f5998ebde6 fix request logging 2024-10-24 11:13:21 -04:00
6b79be8e41 Merge branch 'develop-cxf' into stable-cxf 2024-08-15 11:57:57 -04:00
eb7ac34f5e Merge branch 'develop' into stable 2024-08-15 11:52:02 -04:00
964a55fcc8 cxf v4.x 2024-08-15 11:47:55 -04:00
b7ac0d25c9 v3.x; upgrade to jakarta 2024-08-15 11:44:12 -04:00
5e3e9080a9 v2.0.10-cxf pom 2024-03-05 18:51:25 -05:00
dfb039dc17 Merge branch 'develop-cxf' into stable-cxf 2024-03-05 18:50:39 -05:00
271016dcf9 v2.0.10 pom 2024-03-05 18:49:07 -05:00
00ec8c972d Merge branch 'develop' into stable 2024-03-05 18:47:56 -05:00
bedc424ab5 Merge branch 'develop' into develop-cxf 2024-03-05 18:47:18 -05:00
b4d6c1c72c removing spring annotations to support multiple clients 2024-03-05 18:46:43 -05:00
2cd9cc9484 removing spring annotations to support multiple clients 2024-03-05 18:46:07 -05:00
618d008a37 v2.0.9-cxf pom 2024-01-23 10:45:04 -05:00
303af956cb Merge branch 'develop-cxf' into stable-cxf 2024-01-23 10:44:43 -05:00
ec4ffbee43 Merge branch 'develop' into develop-cxf 2024-01-23 10:43:46 -05:00
d4cd2f248c v2.0.9 pom 2024-01-23 10:42:51 -05:00
ac6f82a7f4 Merge branch 'develop' into stable 2024-01-23 10:41:11 -05:00
eb654c5488 added logging and param trimming 2024-01-23 10:40:37 -05:00
8c9cbecd53 v2.0.8-cxf pom 2023-06-29 10:59:37 -04:00
81198de0fb Merge branch 'develop-cxf' into stable-cxf 2023-06-29 10:59:15 -04:00
0258cfcb9a v2.0.8 pom 2023-06-29 10:46:39 -04:00
6fc43b85f7 Merge branch 'develop' into stable 2023-06-29 10:46:11 -04:00
803d49e53e added CXF-specific configurable connect/received timeout 2023-06-29 10:45:55 -04:00
adad70d884 Merge branch 'develop' into develop-cxf 2023-06-29 10:32:16 -04:00
d29ccbef79 added connect/read timeout configurability 2023-06-29 10:31:42 -04:00
512f118354 v2.0.7 pom 2023-06-12 17:23:23 -04:00
26c37ab737 v2.0.7-cxf pom 2023-06-12 17:17:07 -04:00
4de7968e11 Merge branch 'develop-cxf' into stable-cxf 2023-06-12 17:16:42 -04:00
21255bfb3d Merge branch 'develop' into stable 2023-06-12 17:16:33 -04:00
378563560b Merge branch 'develop' into develop-cxf 2023-06-12 17:16:25 -04:00
f84279a148 better oauth token expiration handling 2023-06-12 17:16:03 -04:00
d23a4249f7 v2.0.6-cxf 2023-06-12 16:13:36 -04:00
8628d2dce8 Merge branch 'develop-cxf' into stable-cxf 2023-06-12 16:13:00 -04:00
f10fd39e97 v2.0.6 pom 2023-06-12 16:10:25 -04:00
eaed628f00 Merge branch 'develop' into stable 2023-06-12 16:08:46 -04:00
e4e393a855 removing javax.annotation conflict 2023-06-12 16:06:54 -04:00
c7ce4e7c57 Merge branch 'develop' into develop-cxf 2023-06-12 16:05:48 -04:00
44e82b3a6b fixed build issue without jersey/cxf 2023-06-12 16:05:37 -04:00
ab920aedd7 added OAuth filter logging 2023-06-12 16:02:33 -04:00
ab6b0d8da7 refacter OAuth filter error handling 2023-06-12 16:02:19 -04:00
458cdad213 v2.0.5-cxf pom 2023-06-05 15:19:50 -04:00
8b03d251e8 Merge branch 'develop-cxf' into stable-cxf 2023-06-05 15:19:22 -04:00
a1acb3f9d9 updated CXF client to reflect the Jersey one 2023-06-05 15:18:18 -04:00
c25988fc8f removing errand enum enablement 2023-05-30 18:23:39 -04:00
cd278bcc81 v2.0.4 pom 2023-05-30 18:00:33 -04:00
b64c408029 Merge branch 'develop' into stable 2023-05-30 18:00:06 -04:00
ec6e7cc15d v2.0.3 pom 2023-05-30 12:44:41 -04:00
2451c634b7 Merge branch 'develop' into stable 2023-05-30 12:44:21 -04:00
ed00346e71 v2.0.2 pom 2023-05-29 10:15:38 -04:00
c001576b65 Merge branch 'develop' into stable 2023-05-29 10:11:16 -04:00
19 changed files with 518 additions and 138 deletions

38
pom.xml
View File

@@ -6,7 +6,7 @@
<groupId>com.inteligr8</groupId> <groupId>com.inteligr8</groupId>
<artifactId>common-rest-client</artifactId> <artifactId>common-rest-client</artifactId>
<version>2.0.4-cxf</version> <version>3.0.3-cxf</version>
<packaging>jar</packaging> <packaging>jar</packaging>
<name>ReST API Client for Java</name> <name>ReST API Client for Java</name>
@@ -40,16 +40,21 @@
<properties> <properties>
<project.build.sourceEncoding>utf-8</project.build.sourceEncoding> <project.build.sourceEncoding>utf-8</project.build.sourceEncoding>
<maven.compiler.source>8</maven.compiler.source> <maven.compiler.source>11</maven.compiler.source>
<maven.compiler.target>8</maven.compiler.target> <maven.compiler.target>11</maven.compiler.target>
<junit.version>5.7.2</junit.version> <junit.version>5.12.0</junit.version>
<spring.version>5.3.27</spring.version> <spring.version>6.0.23</spring.version>
<jackson.version>2.15.1</jackson.version> <jackson.version>2.17.3</jackson.version>
<cxf.version>3.5.6</cxf.version> <cxf.version>4.0.6</cxf.version>
</properties> </properties>
<dependencies> <dependencies>
<dependency>
<groupId>jakarta.annotation</groupId>
<artifactId>jakarta.annotation-api</artifactId>
<version>2.1.1</version>
</dependency>
<dependency> <dependency>
<groupId>org.springframework</groupId> <groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId> <artifactId>spring-context</artifactId>
@@ -61,8 +66,8 @@
<version>${jackson.version}</version> <version>${jackson.version}</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId> <groupId>com.fasterxml.jackson.jakarta.rs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId> <artifactId>jackson-jakarta-rs-json-provider</artifactId>
<version>${jackson.version}</version> <version>${jackson.version}</version>
</dependency> </dependency>
<dependency> <dependency>
@@ -70,15 +75,20 @@
<artifactId>jackson-datatype-jsr310</artifactId> <artifactId>jackson-datatype-jsr310</artifactId>
<version>${jackson.version}</version> <version>${jackson.version}</version>
</dependency> </dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.17.0</version>
</dependency>
<dependency> <dependency>
<groupId>org.slf4j</groupId> <groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId> <artifactId>slf4j-api</artifactId>
<version>1.7.36</version> <version>2.0.17</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>jakarta.ws.rs</groupId> <groupId>jakarta.ws.rs</groupId>
<artifactId>jakarta.ws.rs-api</artifactId> <artifactId>jakarta.ws.rs-api</artifactId>
<version>2.1.6</version> <version>3.1.0</version>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
@@ -136,7 +146,7 @@
</plugin> </plugin>
<plugin> <plugin>
<artifactId>maven-surefire-plugin</artifactId> <artifactId>maven-surefire-plugin</artifactId>
<version>3.1.0</version> <version>3.4.0</version>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
@@ -147,7 +157,7 @@
</plugin> </plugin>
<plugin> <plugin>
<artifactId>maven-failsafe-plugin</artifactId> <artifactId>maven-failsafe-plugin</artifactId>
<version>3.1.0</version> <version>3.4.0</version>
<dependencies> <dependencies>
<dependency> <dependency>
<groupId>org.junit.jupiter</groupId> <groupId>org.junit.jupiter</groupId>
@@ -203,7 +213,7 @@
<plugin> <plugin>
<groupId>org.sonatype.plugins</groupId> <groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId> <artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version> <version>1.6.14</version>
<configuration> <configuration>
<serverId>ossrh</serverId> <serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl> <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>

View File

@@ -14,6 +14,8 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import org.apache.cxf.jaxrs.client.WebClient;
/** /**
* This interface defines additional configurations specific to the Apache CXF * This interface defines additional configurations specific to the Apache CXF
* JAX-RS library and its nuances. * JAX-RS library and its nuances.
@@ -35,4 +37,12 @@ public interface ClientCxfConfiguration extends ClientConfiguration {
return true; return true;
} }
/**
* A Jackson provider, logging filter, and authentication filter are already registered.
*
* @param client A CXF client to configure.
*/
default void configureClient(WebClient client) {
}
} }

View File

@@ -17,19 +17,21 @@ package com.inteligr8.rs;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import javax.annotation.PostConstruct; import jakarta.annotation.PostConstruct;
import javax.ws.rs.ext.RuntimeDelegate; import jakarta.ws.rs.ext.RuntimeDelegate;
import org.apache.cxf.BusFactory; import org.apache.cxf.BusFactory;
import org.apache.cxf.jaxrs.client.JAXRSClientFactory; import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
import org.apache.cxf.jaxrs.client.WebClient; import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.jaxrs.impl.RuntimeDelegateImpl; import org.apache.cxf.jaxrs.impl.RuntimeDelegateImpl;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
/** /**
* A class that provides pre-configured JAX-RS Client &amp; WebTarget &amp; * A class that provides pre-configured JAX-RS Client &amp; WebTarget &amp;
@@ -37,18 +39,18 @@ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
* *
* @author brian@inteligr8.com * @author brian@inteligr8.com
*/ */
@Component("client.cxf")
public class ClientCxfImpl extends Client { public class ClientCxfImpl extends Client {
private final Logger logger = LoggerFactory.getLogger(ClientCxfImpl.class); private final Logger logger = LoggerFactory.getLogger(ClientCxfImpl.class);
private final Object sync = new Object();
private ClientCxfConfiguration config; private ClientCxfConfiguration config;
private WebClient client;
/** /**
* This constructor is for Spring or POJO use. * This constructor is for Spring or POJO use.
* @param config The client configuration. * @param config The client configuration.
*/ */
@Autowired
public ClientCxfImpl(ClientCxfConfiguration config) { public ClientCxfImpl(ClientCxfConfiguration config) {
this.config = config; this.config = config;
} }
@@ -77,16 +79,40 @@ public class ClientCxfImpl extends Client {
* @return A CXF client (not JAX-RS). * @return A CXF client (not JAX-RS).
*/ */
public WebClient getCxfClient() { public WebClient getCxfClient() {
return this.getCxfClient(null); synchronized (this.sync) {
if (this.client == null)
this.client = this.buildCxfClient(null);
}
return this.client;
} }
/**
* @param authFilter A dynamic authorization filter.
* @return A pre-configured CXF client (no URL) with the specified authorization.
*/
public WebClient getCxfClient(AuthorizationFilter authFilter) {
if (authFilter == null) {
return this.getCxfClient();
} else {
return this.buildCxfClient(authFilter);
}
}
/** /**
* @param authFilter A post-configuration authorization filter. * @param authFilter A post-configuration authorization filter.
* @return A CXF client (not JAX-RS). * @return A CXF client (not JAX-RS).
*/ */
public WebClient getCxfClient(AuthorizationFilter authFilter) { public WebClient buildCxfClient(AuthorizationFilter authFilter) {
ObjectMapper om = new ObjectMapper();
om.registerModules(new JavaTimeModule());
this.getConfig().configureJacksonMapper(om);
JacksonJsonProvider jacksonProvider = new JacksonJsonProvider(om, JacksonJsonProvider.BASIC_ANNOTATIONS);
this.getConfig().configureJacksonProvider(jacksonProvider);
List<Object> providersAndFilters = new LinkedList<Object>(); List<Object> providersAndFilters = new LinkedList<Object>();
providersAndFilters.add(new JacksonJaxbJsonProvider()); providersAndFilters.add(jacksonProvider);
providersAndFilters.add(new CxfLoggingFilter()); providersAndFilters.add(new CxfLoggingFilter());
providersAndFilters.add(new CxfMultipartProvider()); providersAndFilters.add(new CxfMultipartProvider());
@@ -101,6 +127,17 @@ public class ClientCxfImpl extends Client {
// so we need to create a CXF client // so we need to create a CXF client
WebClient client = WebClient.create(this.getConfig().getBaseUrl(), providersAndFilters); WebClient client = WebClient.create(this.getConfig().getBaseUrl(), providersAndFilters);
if (this.getConfig().getConnectTimeoutInMillis() != null || this.getConfig().getResponseTimeoutInMillis() != null) {
HTTPConduit conduit = client.getConfiguration().getHttpConduit();
HTTPClientPolicy policy = conduit.getClient();
if (policy == null)
conduit.setClient(policy = new HTTPClientPolicy());
if (this.getConfig().getConnectTimeoutInMillis() != null)
policy.setConnectionTimeout(this.getConfig().getConnectTimeoutInMillis());
if (this.getConfig().getResponseTimeoutInMillis() != null)
policy.setReceiveTimeout(this.getConfig().getResponseTimeoutInMillis());
}
if (!this.getConfig().isDefaultBusEnabled()) { if (!this.getConfig().isDefaultBusEnabled()) {
// Some applications (like ACS) add interceptors to the default bus // Some applications (like ACS) add interceptors to the default bus
// those interceptors may treat all messages as SOAP messages (like ACS), resulting in ClassCastExceptions // those interceptors may treat all messages as SOAP messages (like ACS), resulting in ClassCastExceptions
@@ -109,6 +146,8 @@ public class ClientCxfImpl extends Client {
config.setBus(BusFactory.newInstance().createBus()); config.setBus(BusFactory.newInstance().createBus());
} }
this.config.configureClient(client);
return client; return client;
} }

View File

@@ -18,8 +18,8 @@ import java.io.IOException;
import java.util.LinkedList; import java.util.LinkedList;
import java.util.List; import java.util.List;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.core.MediaType; import jakarta.ws.rs.core.MediaType;
import org.apache.cxf.jaxrs.ext.multipart.Attachment; import org.apache.cxf.jaxrs.ext.multipart.Attachment;
import org.apache.cxf.jaxrs.ext.multipart.MultipartBody; import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
@@ -46,6 +46,8 @@ public class CxfLoggingFilter extends LoggingFilter {
} else { } else {
logger.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri()); logger.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri());
} }
} else {
super.logUnhandledRequest(requestContext, logger);
} }
} }

View File

@@ -17,10 +17,10 @@ package com.inteligr8.rs;
import java.lang.annotation.Annotation; import java.lang.annotation.Annotation;
import java.lang.reflect.Type; import java.lang.reflect.Type;
import javax.ws.rs.Consumes; import jakarta.ws.rs.Consumes;
import javax.ws.rs.Produces; import jakarta.ws.rs.Produces;
import javax.ws.rs.core.MediaType; import jakarta.ws.rs.core.MediaType;
import javax.ws.rs.ext.Provider; import jakarta.ws.rs.ext.Provider;
import org.apache.cxf.jaxrs.ext.multipart.MultipartBody; import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
import org.apache.cxf.jaxrs.provider.MultipartProvider; import org.apache.cxf.jaxrs.provider.MultipartProvider;

View File

@@ -14,7 +14,7 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.client.ClientRequestFilter; import jakarta.ws.rs.client.ClientRequestFilter;
/** /**
* This is a marker that allows the developer to segregate, restrict, or limit * This is a marker that allows the developer to segregate, restrict, or limit

View File

@@ -17,8 +17,10 @@ package com.inteligr8.rs;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.util.Base64; import java.util.Base64;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.HttpHeaders;
import org.apache.commons.lang3.StringUtils;
/** /**
* This class implements a simple 2-credential (username &amp; password) based * This class implements a simple 2-credential (username &amp; password) based
@@ -32,12 +34,14 @@ public class BasicAuthorizationFilter implements AuthorizationFilter {
private final String password; private final String password;
/** /**
* This constructor instantiates the filter with required fields.
*
* @param username A username or access key. * @param username A username or access key.
* @param password A password or secret key. * @param password A password or secret key.
*/ */
public BasicAuthorizationFilter(String username, String password) { public BasicAuthorizationFilter(String username, String password) {
this.username = username; this.username = StringUtils.trimToNull(username);
this.password = password; this.password = StringUtils.trimToNull(password);
} }
/** /**

View File

@@ -14,8 +14,8 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.HttpHeaders;
/** /**
* This class implements a simple long living or proxied token-based * This class implements a simple long living or proxied token-based
@@ -32,6 +32,8 @@ public class BearerTokenAuthorizationFilter implements AuthorizationFilter {
private final String token; private final String token;
/** /**
* This constructor instantiates the filter with required fields.
*
* @param token A 'Bearer' token. * @param token A 'Bearer' token.
*/ */
public BearerTokenAuthorizationFilter(String token) { public BearerTokenAuthorizationFilter(String token) {

View File

@@ -14,34 +14,41 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.client.ClientBuilder; import java.util.concurrent.TimeUnit;
import javax.ws.rs.client.WebTarget;
import jakarta.ws.rs.client.ClientBuilder;
import jakarta.ws.rs.client.WebTarget;
import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature; import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule; import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
/** /**
* A class that provides pre-configured JAX-RS Client &amp; WebTarget objects. * A class that provides pre-configured Jakarta RS Client &amp; WebTarget objects.
* *
* @author brian@inteligr8.com * @author brian@inteligr8.com
*/ */
public abstract class Client { public abstract class Client {
private final Object sync = new Object(); private final Object sync = new Object();
private javax.ws.rs.client.Client client; private jakarta.ws.rs.client.Client client;
/** /**
* This method retrieves the configuration for the client.
*
* @return The client configuration. * @return The client configuration.
*/ */
public abstract ClientConfiguration getConfig(); public abstract ClientConfiguration getConfig();
/** /**
* @return A pre-configured JAX-RS client (no URL) with configured authorization. * This method retrieves an anonymous cached instance of the underlying
* Jakarta RS client.
*
* @return A pre-configured Jakarta RS client (no URL) with configured authorization.
*/ */
public final javax.ws.rs.client.Client getClient() { public final jakarta.ws.rs.client.Client getClient() {
synchronized (this.sync) { synchronized (this.sync) {
if (this.client == null) if (this.client == null)
this.client = this.buildClient((AuthorizationFilter)null); this.client = this.buildClient((AuthorizationFilter)null);
@@ -51,10 +58,13 @@ public abstract class Client {
} }
/** /**
* This method retrieves either an anonymous cached instance or builds an
* authorized instance of the underlying Jakarta RS client.
*
* @param authFilter A dynamic authorization filter. * @param authFilter A dynamic authorization filter.
* @return A pre-configured JAX-RS client (no URL) with the specified authorization. * @return A pre-configured Jakarta RS client (no URL) with the specified authorization.
*/ */
public javax.ws.rs.client.Client getClient(AuthorizationFilter authFilter) { public jakarta.ws.rs.client.Client getClient(AuthorizationFilter authFilter) {
if (authFilter == null) { if (authFilter == null) {
return this.getClient(); return this.getClient();
} else { } else {
@@ -63,18 +73,17 @@ public abstract class Client {
} }
/** /**
* This method builds a new Jakarta RS client with optional authorization.
*
* @param authFilter A dynamic authorization filter. * @param authFilter A dynamic authorization filter.
* @return A pre-configured JAX-RS client (no URL) with the specified authorization. * @return A pre-configured Jakarta RS client (no URL) with the specified authorization.
*/ */
public final javax.ws.rs.client.Client buildClient(AuthorizationFilter authFilter) { public final jakarta.ws.rs.client.Client buildClient(AuthorizationFilter authFilter) {
ObjectMapper om = new ObjectMapper(); ObjectMapper om = new ObjectMapper();
om.registerModules(new JavaTimeModule()); om.registerModules(new JavaTimeModule());
this.getConfig().configureJacksonMapper(om); this.getConfig().configureJacksonMapper(om);
JacksonJaxbJsonProvider provider = new JacksonJaxbJsonProvider(om, JacksonJaxbJsonProvider.DEFAULT_ANNOTATIONS); JacksonJsonProvider provider = new JacksonJsonProvider(om, JacksonJsonProvider.BASIC_ANNOTATIONS);
provider.enable(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_AS_NULL);
provider.disable(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_USING_DEFAULT_VALUE);
this.getConfig().configureJacksonProvider(provider); this.getConfig().configureJacksonProvider(provider);
if (this.getConfig().isWrapRootValueEnabled()) if (this.getConfig().isWrapRootValueEnabled())
@@ -86,26 +95,35 @@ public abstract class Client {
.register(provider) .register(provider)
.register(new LoggingFilter()); .register(new LoggingFilter());
if (this.getConfig().getConnectTimeoutInMillis() != null)
clientBuilder.connectTimeout(this.getConfig().getConnectTimeoutInMillis(), TimeUnit.MILLISECONDS);
if (this.getConfig().getResponseTimeoutInMillis() != null)
clientBuilder.readTimeout(this.getConfig().getResponseTimeoutInMillis(), TimeUnit.MILLISECONDS);
if (authFilter == null) if (authFilter == null)
authFilter = this.getConfig().createAuthorizationFilter(); authFilter = this.getConfig().createAuthorizationFilter();
if (authFilter != null) if (authFilter != null)
clientBuilder.register(authFilter); clientBuilder.register(authFilter);
this.buildClient(clientBuilder); this.buildClient(clientBuilder);
this.getConfig().configureClient(clientBuilder); this.getConfig().configureClient(clientBuilder);
return clientBuilder.build(); return clientBuilder.build();
} }
/** /**
* @param clientBuilder A client builder * This method allows sub-classes to extend the Jakarta RS client builder
* before the client is built.
*
* @param clientBuilder A Jakarta RS client builder.
*/ */
public void buildClient(ClientBuilder clientBuilder) { public void buildClient(ClientBuilder clientBuilder) {
// for extension purposes // for extension purposes
} }
/** /**
* @return A pre-configured JAX-RS target (client w/ base URL) with configured authorization. * This method builds an anonymous Jakarta RS target.
*
* @return A pre-configured Jakarta RS target (client w/ base URL) with configured authorization.
*/ */
public final WebTarget getTarget() { public final WebTarget getTarget() {
return this.getClient() return this.getClient()
@@ -113,8 +131,10 @@ public abstract class Client {
} }
/** /**
* This method builds an authorized Jakarta RS target.
*
* @param authFilter A dynamic authorization filter. * @param authFilter A dynamic authorization filter.
* @return A pre-configured JAX-RS target (client w/ base URL) with the specified authorization. * @return A pre-configured Jakarta RS target (client w/ base URL) with the specified authorization.
*/ */
public WebTarget getTarget(AuthorizationFilter authFilter) { public WebTarget getTarget(AuthorizationFilter authFilter) {
if (authFilter == null) { if (authFilter == null) {
@@ -126,10 +146,10 @@ public abstract class Client {
} }
/** /**
* This method retrieves a JAX-RS implementation of the specified API. * This method retrieves a Jakarta RS implementation of the specified API.
* *
* @param <T> A JAX-RS annotated API class. * @param <T> A Jakarta RS annotated API class.
* @param apiClass A JAX-RS annotated API class. * @param apiClass A Jakarta RS annotated API class.
* @return An instance of the API class. * @return An instance of the API class.
*/ */
public final <T> T getApi(Class<T> apiClass) { public final <T> T getApi(Class<T> apiClass) {
@@ -137,12 +157,12 @@ public abstract class Client {
} }
/** /**
* This method retrieves a JAX-RS implementation of the specified API with * This method retrieves a Jakarta RS implementation of the specified API with
* the specified authorization. * the specified authorization.
* *
* @param <T> A JAX-RS annotated API class. * @param <T> A Jakarta RS annotated API class.
* @param authFilter A dynamic authorization filter. * @param authFilter A dynamic authorization filter.
* @param apiClass A JAX-RS annotated API class. * @param apiClass A Jakarta RS annotated API class.
* @return An instance of the API class. * @return An instance of the API class.
*/ */
public abstract <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass); public abstract <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass);

View File

@@ -16,10 +16,10 @@ package com.inteligr8.rs;
import java.net.URI; import java.net.URI;
import javax.ws.rs.client.ClientBuilder;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
import jakarta.ws.rs.client.ClientBuilder;
/** /**
* This interface defines the configurable parameters of the clients; primarily * This interface defines the configurable parameters of the clients; primarily
@@ -30,89 +30,127 @@ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
public interface ClientConfiguration { public interface ClientConfiguration {
/** /**
* @return The base or root URL of the service. * This method retrieves the base/root URL of the client service.
*
* @return The URL.
*/ */
String getBaseUrl(); String getBaseUrl();
/** /**
* @return The username for BASIC authentication. * This method retrieves the username to use in HTTP BASIC authentication/authorization.
*
* @return A username.
*/ */
default String getBasicAuthUsername() { default String getBasicAuthUsername() {
return null; return null;
} }
/** /**
* @return The corresponding password for the username in BASIC authentication. * This method retrieves the password to use in HTTP BASIC authentication/authorization.
*
* @return The corresponding password for the username.
*/ */
default String getBasicAuthPassword() { default String getBasicAuthPassword() {
return null; return null;
} }
/** /**
* @return The client ID for Client Enforcement authentication. * This method retrieves the client identifier to use in Client Enforcement authorization.
*
* @return A client identifier.
*/ */
default String getClientId() { default String getClientId() {
return null; return null;
} }
/** /**
* @return The corresponding client secret for the client ID in Client Enforcement authentication. * This method retrieves the client secret to use in Client Enforcement authorization.
*
* @return The corresponding client secret for the client identifier.
*/ */
default String getClientSecret() { default String getClientSecret() {
return null; return null;
} }
/** /**
* @return The token for BEARER authorization. * This method retrieves the token to use in HTTP BEARER authorization.
* This is provided in a response to the token URL.
*
* @return An access token.
*/ */
default String getBearerToken() { default String getBearerToken() {
return null; return null;
} }
/** /**
* @return The token URL for OAuth authorization. * This method retrieves the token URL to use for OAuth authorization.
* The value can be pulled from OAuth endpoint well-known meta-data. That
* endpoint or the token URL itself may also be provided OAuth IdP
* administrator.
*
* @return An OAuth token URL.
*/ */
default String getOAuthTokenUrl() { default String getOAuthTokenUrl() {
return null; return null;
} }
/** /**
* @return The client ID provided by the OAuth IdP administrator. * This method retrieves the client identifier to use in OAuth
* authorization. This is provided by the OAuth IdP administrator or
* tooling.
*
* @return A client identifier.
*/ */
default String getOAuthClientId() { default String getOAuthClientId() {
return this.getClientId(); return this.getClientId();
} }
/** /**
* @return The corresponding client secret for the client ID provided by the OAuth IdP administrator. * This method retrieves the client secret to use in OAuth authorization.
* This is provided by the OAuth IdP administrator or tooling.
*
* @return The corresponding client secret for the client identifier.
*/ */
default String getOAuthClientSecret() { default String getOAuthClientSecret() {
return this.getClientSecret(); return this.getClientSecret();
} }
/** /**
* @return The authorization code used in the OAuth Authorization Code flow. * This method retrieves the authorization code to use in OAuth
* Authorization Code flow. This is provided by the OAuth IdP
* administrator or tooling.
*
* @return An authorization code.
*/ */
default String getOAuthAuthCode() { default String getOAuthAuthCode() {
return null; return null;
} }
/** /**
* @return The redirect URL used in the OAuth Authorization Code flow. * This method retrieves the redirect URL to use in OAuth Authorization
* Code flow. This has meaning to the client-side web application.
*
* @return A URL for the OAuth flow to redirect to when complete.
*/ */
default String getOAuthAuthRedirectUri() { default String getOAuthAuthRedirectUri() {
return null; return null;
} }
/** /**
* @return The username used in the OAuth Password Grant flow. * This method retrieves the username to use in OAuth Password Grant flow.
* This is provided by the OAuth IdP administrator or tooling.
*
* @return A username.
*/ */
default String getOAuthUsername() { default String getOAuthUsername() {
return null; return null;
} }
/** /**
* @return The corresponding password for the username used in the OAuth Password Grant flow. * This method retrieves the password to use in OAuth Password Grant flow.
* This is provided by the OAuth IdP administrator or tooling.
*
* @return The corresponding password for the username.
*/ */
default String getOAuthPassword() { default String getOAuthPassword() {
return null; return null;
@@ -121,29 +159,60 @@ public interface ClientConfiguration {
/** /**
* @return true to enable Jackson UNWRAP_ROOT_VALUE feature; false otherwise. * This method retrieves the connection (before request sent) timeout for
* the client.
*
* @return A timeout in milliseconds.
*/
default Integer getConnectTimeoutInMillis() {
return null;
}
/**
* This method retrieves the response (after request sent) timeout for the
* client.
*
* @return A timeout in milliseconds.
*/
default Integer getResponseTimeoutInMillis() {
return null;
}
/**
* This method enables/disables the JackSON UNWRAP_ROOT_VALUE feature.
*
* @return `true` to enable; `false` otherwise.
*/ */
default boolean isUnwrapRootValueEnabled() { default boolean isUnwrapRootValueEnabled() {
return false; return false;
} }
/** /**
* @return true to enable Jackson WRAP_ROOT_VALUE feature; false otherwise. * This method enables/disables the JackSON WRAP_ROOT_VALUE feature.
*
* @return `true` to enable; `false` otherwise.
*/ */
default boolean isWrapRootValueEnabled() { default boolean isWrapRootValueEnabled() {
return false; return false;
} }
/** /**
* @param mapper A Jackson object mapper to configure. * This method allows sub-classes to extend the JackSON mapper
* configuration and behavior.
*
* @param mapper A JackSON object mapper.
*/ */
default void configureJacksonMapper(ObjectMapper mapper) { default void configureJacksonMapper(ObjectMapper mapper) {
} }
/** /**
* @param provider A Jackson JAX-RS provider to configure. * This method allows sub-classes to extend the JackSON JSON provider.
*
* @param provider A JackSON Jakarta RS provider.
*/ */
default void configureJacksonProvider(JacksonJaxbJsonProvider provider) { default void configureJacksonProvider(JacksonJsonProvider provider) {
} }

View File

@@ -14,7 +14,9 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import org.apache.commons.lang3.StringUtils;
/** /**
* This class is the base for implementations of client authorization similar * This class is the base for implementations of client authorization similar
@@ -45,8 +47,8 @@ public class ClientEnforcementAuthorizationFilter implements AuthorizationFilter
* @param clientSecret A secret corresponding to the client ID. * @param clientSecret A secret corresponding to the client ID.
*/ */
public ClientEnforcementAuthorizationFilter(String clientId, String clientSecret) { public ClientEnforcementAuthorizationFilter(String clientId, String clientSecret) {
this.clientId = clientId; this.clientId = StringUtils.trimToNull(clientId);
this.clientSecret = clientSecret; this.clientSecret = StringUtils.trimToNull(clientSecret);
} }
/** /**

View File

@@ -0,0 +1,66 @@
/*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along
* with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package com.inteligr8.rs;
import jakarta.annotation.PostConstruct;
import jakarta.ws.rs.client.ClientBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* A class that provides pre-configured Jakarta RS Client &amp; WebTarget
* objects.
*
* @author brian@inteligr8.com
*/
public class ClientImpl extends Client {
private final Logger logger = LoggerFactory.getLogger(ClientImpl.class);
private ClientConfiguration config;
/**
* This constructor is for Spring or POJO use.
*
* @param config The client configuration.
*/
public ClientImpl(ClientConfiguration config) {
this.config = config;
}
/**
* This method is a placeholder.
*/
@PostConstruct
public void register() {
this.logger.info("API Base URL: {}", this.getConfig().getBaseUrl());
}
@Override
public void buildClient(ClientBuilder clientBuilder) {
}
@Override
public ClientConfiguration getConfig() {
return this.config;
}
@Override
public <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass) {
throw new UnsupportedOperationException();
}
}

View File

@@ -14,8 +14,8 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.HttpHeaders;
/** /**
* This class implements a proxied or forwarded authorization header based * This class implements a proxied or forwarded authorization header based
@@ -32,6 +32,8 @@ public class ForwardingAuthorizationFilter implements AuthorizationFilter {
private final String authorizationHeaderValue; private final String authorizationHeaderValue;
/** /**
* This constructor instantiates the filter with required fields.
*
* @param authorizationHeaderValue A previously used or formulated 'Authorization' header. * @param authorizationHeaderValue A previously used or formulated 'Authorization' header.
*/ */
public ForwardingAuthorizationFilter(String authorizationHeaderValue) { public ForwardingAuthorizationFilter(String authorizationHeaderValue) {

View File

@@ -0,0 +1,68 @@
/*
* This program is free software: you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at your
* option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along
* with this program. If not, see <https://www.gnu.org/licenses/>.
*/
package com.inteligr8.rs;
import java.io.UnsupportedEncodingException;
import java.util.List;
import java.util.Map.Entry;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import jakarta.ws.rs.client.ClientRequestContext;
/**
* This class implements a header-based authorization filter.
*
* @author brian@inteligr8.com
*/
public class HeaderAuthorizationFilter implements AuthorizationFilter {
private final MultiValueMap<String, Object> headers = new LinkedMultiValueMap<>();
/**
* This constructor instantiates the filter with required fields.
*
* @param headerName A header name.
* @param headerValue A header value.
*/
public HeaderAuthorizationFilter(String headerName, Object headerValue) {
this.headers.add(headerName, headerValue);
}
/**
* This method adds another header name/value to outgoing requests.
*
* @param headerName A header name.
* @param headerValue A header value.
* @return This class for fluent chaining.
*/
public HeaderAuthorizationFilter add(String headerName, Object headerValue) {
this.headers.add(headerName, headerValue);
return this;
}
/**
* This method applies the 'Authorization' header to the {@link ClientRequestContext}.
*
* @param requestContext A request context.
*/
@Override
public void filter(ClientRequestContext requestContext) throws UnsupportedEncodingException {
for (Entry<String, List<Object>> header : this.headers.entrySet())
requestContext.getHeaders().put(header.getKey(), header.getValue());
}
}

View File

@@ -16,12 +16,12 @@ package com.inteligr8.rs;
import java.io.IOException; import java.io.IOException;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.ClientRequestFilter; import jakarta.ws.rs.client.ClientRequestFilter;
import javax.ws.rs.client.ClientResponseContext; import jakarta.ws.rs.client.ClientResponseContext;
import javax.ws.rs.client.ClientResponseFilter; import jakarta.ws.rs.client.ClientResponseFilter;
import javax.ws.rs.core.Form; import jakarta.ws.rs.core.Form;
import javax.ws.rs.core.MediaType; import jakarta.ws.rs.core.MediaType;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@@ -58,7 +58,7 @@ public class LoggingFilter implements ClientRequestFilter, ClientResponseFilter
logger.trace("request: {} {}: {}", requestContext.getMethod(), requestContext.getUri(), logger.trace("request: {} {}: {}", requestContext.getMethod(), requestContext.getUri(),
((Form)requestContext.getEntity()).asMap()); ((Form)requestContext.getEntity()).asMap());
} else { } else {
this.loggerRequest.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri()); logger.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri());
} }
} else { } else {
this.logUnhandledRequest(requestContext, logger); this.logUnhandledRequest(requestContext, logger);

View File

@@ -16,7 +16,11 @@ package com.inteligr8.rs;
import java.net.URI; import java.net.URI;
import javax.ws.rs.core.Form; import jakarta.ws.rs.core.Form;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* This class implements the OAuth Authorization Code flow as an authorization * This class implements the OAuth Authorization Code flow as an authorization
@@ -26,6 +30,8 @@ import javax.ws.rs.core.Form;
*/ */
public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizationFilter { public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizationFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final String code; private final String code;
private final URI redirectUri; private final URI redirectUri;
@@ -68,17 +74,22 @@ public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizatio
public OAuthAuthorizationCodeAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String code, URI redirectUri) { public OAuthAuthorizationCodeAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String code, URI redirectUri) {
super(tokenUrl, clientId, clientSecret); super(tokenUrl, clientId, clientSecret);
this.code = code; this.code = StringUtils.trimToNull(code);
this.redirectUri = redirectUri; this.redirectUri = redirectUri;
} }
@Override @Override
protected Form createForm() { protected Form createForm() {
Form form = new Form().param("grant_type", "authorization_code") this.logger.debug("Using OAuth grant_type 'authorization_code'");
.param("code", this.code); Form form = new Form().param("grant_type", "authorization_code");
if (this.redirectUri != null) if (this.redirectUri != null)
form.param("redirect_uri", this.redirectUri.toString()); form.param("redirect_uri", this.redirectUri.toString());
return form; return form;
} }
@Override
protected void extendFormSensitive(Form form) {
form.param("code", this.code);
}
} }

View File

@@ -16,15 +16,22 @@ package com.inteligr8.rs;
import java.util.Map; import java.util.Map;
import javax.ws.rs.WebApplicationException; import jakarta.ws.rs.WebApplicationException;
import javax.ws.rs.client.ClientBuilder; import jakarta.ws.rs.client.Client;
import javax.ws.rs.client.ClientRequestContext; import jakarta.ws.rs.client.ClientBuilder;
import javax.ws.rs.client.Entity; import jakarta.ws.rs.client.ClientRequestContext;
import javax.ws.rs.client.WebTarget; import jakarta.ws.rs.client.Entity;
import javax.ws.rs.core.Form; import jakarta.ws.rs.client.WebTarget;
import javax.ws.rs.core.HttpHeaders; import jakarta.ws.rs.core.Form;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.Response.Status.Family;
import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
/** /**
* This class is the base for implementations of OAuth authorization flows. * This class is the base for implementations of OAuth authorization flows.
@@ -33,6 +40,8 @@ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
*/ */
public abstract class OAuthAuthorizationFilter implements AuthorizationFilter { public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final String tokenUrl; private final String tokenUrl;
private final String clientId; private final String clientId;
private final String clientSecret; private final String clientSecret;
@@ -40,6 +49,7 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
private String accessToken; private String accessToken;
private long expiration; private long expiration;
private String refreshToken; private String refreshToken;
private Long refreshTokenExpiration;
/** /**
* This constructor creates an OAuth-based authorization filter using the * This constructor creates an OAuth-based authorization filter using the
@@ -79,9 +89,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
*/ */
public OAuthAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String scope) { public OAuthAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String scope) {
this.tokenUrl = tokenUrl; this.tokenUrl = tokenUrl;
this.clientId = clientId; this.clientId = StringUtils.trimToNull(clientId);
this.clientSecret = clientSecret; this.clientSecret = StringUtils.trimToNull(clientSecret);
this.scope = scope; this.scope = StringUtils.trimToNull(scope);
} }
/** /**
@@ -91,8 +101,29 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
*/ */
@Override @Override
public void filter(ClientRequestContext requestContext) { public void filter(ClientRequestContext requestContext) {
if (this.accessToken == null || System.currentTimeMillis() > this.expiration) if (this.accessToken == null) {
this.requestToken(); this.requestToken();
} else if (System.currentTimeMillis() >= this.expiration) {
this.logger.trace("Access token expired; retrieving new one with refresh token");
if (this.refreshTokenExpiration != null && System.currentTimeMillis() >= this.refreshTokenExpiration.longValue()) {
this.logger.debug("Refresh token expired; performing full authentication");
this.refreshToken = null;
this.requestToken();
} else {
try {
this.requestToken();
} catch (WebApplicationException wae) {
if (wae.getResponse().getStatusInfo().getFamily() == Family.CLIENT_ERROR) {
this.logger.debug("Received OAuth response {} using refresh token; performing full authentication", wae.getResponse().getStatus());
this.refreshToken = null;
this.requestToken();
} else {
throw wae;
}
}
}
}
requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + this.accessToken); requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + this.accessToken);
} }
@@ -111,29 +142,53 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
} }
form.param("client_id", this.clientId); form.param("client_id", this.clientId);
if (this.clientSecret != null)
form.param("client_secret", this.clientSecret);
if (this.scope != null) if (this.scope != null)
form.param("scope", this.scope); form.param("scope", this.scope);
this.extendRefreshTokenForm(form);
this.logger.trace("Sending OAuth request: {}", form);
if (this.refreshToken != null) {
this.extendRefreshFormSensitive(form);
} else {
this.extendFormSensitive(form);
}
if (this.clientSecret != null)
form.param("client_secret", this.clientSecret);
Entity<Form> entity = Entity.form(form); Entity<Form> entity = Entity.form(form);
WebTarget target = ClientBuilder.newBuilder() Client client = ClientBuilder.newBuilder()
.register(new JacksonJaxbJsonProvider()) .register(new JacksonJsonProvider())
.build() .build();
.target(this.tokenUrl); WebTarget target = client.target(this.tokenUrl);
@SuppressWarnings("unchecked") long requestSendTime = System.currentTimeMillis();
Map<String, Object> response = target.request().post(entity, Map.class);
if (response.containsKey("error")) Response response = target.request().post(entity);
throw new WebApplicationException((String)response.get("error"), 400);
this.accessToken = (String)response.get("access_token"); this.logger.debug("Received OAuth response: {}", response.getStatus());
this.expiration = System.currentTimeMillis() + ((Number)response.get("expires_in")).longValue() * 1000L;
this.refreshToken = (String)response.get("refresh_token"); @SuppressWarnings("unchecked")
this.extendRefreshTokenResponse(response); Map<String, Object> responseMap = response.readEntity(Map.class);
this.logger.trace("Received OAuth response: {}", responseMap);
if (response.getStatusInfo().getFamily() != Family.SUCCESSFUL) {
String code = (String) responseMap.get("error");
if (code != null) {
String description = (String) responseMap.get("error_description");
throw new WebApplicationException(code + ": " + description, response.getStatus());
} else {
throw new WebApplicationException(response);
}
}
this.accessToken = (String)responseMap.get("access_token");
this.expiration = requestSendTime + ((Number)responseMap.get("expires_in")).longValue() * 1000L;
this.refreshToken = (String)responseMap.get("refresh_token");
if (responseMap.containsKey("refresh_token_expires_in"))
this.refreshTokenExpiration = requestSendTime + ((Number)responseMap.get("refresh_token_expires_in")).longValue() * 1000L;
} }
protected Form createRefreshForm() { protected Form createRefreshForm() {
@@ -143,10 +198,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
protected abstract Form createForm(); protected abstract Form createForm();
protected void extendRefreshTokenForm(Form form) { protected void extendRefreshFormSensitive(Form form) {
} }
protected void extendRefreshTokenResponse(Map<String, Object> response) { protected abstract void extendFormSensitive(Form form);
}
} }

View File

@@ -14,7 +14,10 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.core.Form; import jakarta.ws.rs.core.Form;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* This class implements the OAuth Client Credential flow as an authorization * This class implements the OAuth Client Credential flow as an authorization
@@ -24,6 +27,8 @@ import javax.ws.rs.core.Form;
*/ */
public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorizationFilter { public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorizationFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
/** /**
* @param tokenUrl The URL to the OAuth IdP token service. * @param tokenUrl The URL to the OAuth IdP token service.
* @param clientId The ID provided by the OAuth IdP administrator. * @param clientId The ID provided by the OAuth IdP administrator.
@@ -35,7 +40,12 @@ public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorization
@Override @Override
protected Form createForm() { protected Form createForm() {
this.logger.debug("Using OAuth grant_type 'client_credentials'");
return new Form().param("grant_type", "client_credentials"); return new Form().param("grant_type", "client_credentials");
} }
@Override
protected void extendFormSensitive(Form form) {
}
} }

View File

@@ -14,7 +14,11 @@
*/ */
package com.inteligr8.rs; package com.inteligr8.rs;
import javax.ws.rs.core.Form; import jakarta.ws.rs.core.Form;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/** /**
* This class implements the OAuth Password Grant flow as an authorization * This class implements the OAuth Password Grant flow as an authorization
@@ -24,6 +28,8 @@ import javax.ws.rs.core.Form;
*/ */
public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFilter { public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final String username; private final String username;
private final String password; private final String password;
@@ -46,15 +52,20 @@ public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFil
*/ */
public OAuthPasswordGrantAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String username, String password) { public OAuthPasswordGrantAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String username, String password) {
super(tokenUrl, clientId, clientSecret); super(tokenUrl, clientId, clientSecret);
this.username = username; this.username = StringUtils.trimToNull(username);
this.password = password; this.password = StringUtils.trimToNull(password);
} }
@Override @Override
protected Form createForm() { protected Form createForm() {
this.logger.debug("Using OAuth grant_type 'password': {}", this.username);
return new Form().param("grant_type", "password") return new Form().param("grant_type", "password")
.param("username", this.username) .param("username", this.username);
.param("password", this.password); }
@Override
protected void extendFormSensitive(Form form) {
form.param("password", this.password);
} }
} }