v3.0.3-cxf pom

README.md

@@ -1,7 +1,7 @@
 
 # Common ReST Client Library
 
-This project provides a library for Spring and POJO-based REST client instantiation.
+This project provides a library for Spring and POJO-based REST client instantiation.  It includes special classes with classifiers for two popular JAXRS-based client frameworks: Apache CXF and Jersey.
 
 ## Usage
 
@@ -15,6 +15,7 @@ First, you will need to include the library in your project.
         <dependency>
             <groupId>com.inteligr8</groupId>
             <artifactId>common-rest-client</artifactId>
+            <classifier>...</classifier>
             <version>...</version>
         </dependency>
         ...
@@ -23,4 +24,69 @@ First, you will need to include the library in your project.
 </project>
 ```
 
-See the `cxf` and `jersey` branches for examples and more documentation.
+Valid `classifier` values are `cxf` or `jersey`.
+
+### Spring Framework
+
+#### Single Client
+
+If you will only be declaring a single client in your Spring context, this is easy.  You will just need two things.  First, inject the single client into any of your Spring beans.  You may do inject it into more than one.  An example is below:
+
+```java
+@Component
+public class ... {
+    @Autowired
+    @Qualifier("client.cxf")  // may be optional
+    private Client client;
+}
+```
+
+Next, you need to configure that client.  You can do that by providing a single implementation of the `ClientConfiguration` (or `ClientCxfConfiguration`) interface.
+
+```java
+@Configuration
+public class ... implements ClientCxfConfiguration {
+    ...
+}
+```
+
+For Jersey implementations, just use `client.jersey` and `ClientJerseyConfiguration`.  If you want to provide one of each, then follow the instructions for multiple clients below.
+
+#### Multiple Clients
+
+If you will or may have multiple clients in your Spring context, there is an extra step.  You will still need to define a `ClientConfiguration` for each.  On top of that, you will need to create specialized implementations of each client.  That special implementation will reference the configuration directly.  An example is below.
+
+```java
+@Component("my.client")
+public class MyClient extends ClientCxfImpl {
+    @Autowired
+    public MyClient(MyClientConfiguration config) {
+        super(config);
+    }
+}
+```
+
+You can then inject your client(s) into your Spring beans.  Like the example below:
+
+```java
+@Component
+public class ... {
+    @Autowired
+    private MyClient client;
+
+    @PostConstruct
+    public void init() {
+        MyJaxRsApi api = this.client.getApi(MyJaxRsApi.class);
+    }
+}
+
+### POJO
+
+You do not have to use the Spring framework to use these classes.  You can instantiate them directly.  But you wil still need to create a `ClientConfiguration` as mentioned above.
+
+```java
+MyClientConfiguration config = new MyClientConfiguration();
+...
+ClientCxfImpl client = new ClientCxfImpl(config);
+MyJaxRsApi api = client.getApi(MyJaxRsApi.class);
+```

pom.xml

@@ -6,11 +6,11 @@
 	
 	<groupId>com.inteligr8</groupId>
 	<artifactId>common-rest-client</artifactId>
-	<version>2.0-SNAPSHOT</version>
+	<version>3.0.3-cxf</version>
 	<packaging>jar</packaging>
 
 	<name>ReST API Client for Java</name>
-	<description>A common library for building REST API clients</description>
+	<description>A common library for building CXF REST API clients</description>
 	<url>https://bitbucket.org/inteligr8/common-rest-client</url>
 
 	<licenses>
@@ -40,15 +40,21 @@
 
 	<properties>
 		<project.build.sourceEncoding>utf-8</project.build.sourceEncoding>
-		<maven.compiler.source>8</maven.compiler.source>
+		<maven.compiler.source>11</maven.compiler.source>
-		<maven.compiler.target>8</maven.compiler.target>
+		<maven.compiler.target>11</maven.compiler.target>
 
-		<junit.version>5.7.2</junit.version>
+		<junit.version>5.12.0</junit.version>
-		<spring.version>5.3.27</spring.version>
+		<spring.version>6.0.23</spring.version>
-		<jackson.version>2.15.1</jackson.version>
+		<jackson.version>2.17.3</jackson.version>
+		<cxf.version>4.0.6</cxf.version>
 	</properties>
 
 	<dependencies>
+		<dependency>
+			<groupId>jakarta.annotation</groupId>
+			<artifactId>jakarta.annotation-api</artifactId>
+			<version>2.1.1</version>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework</groupId>
 			<artifactId>spring-context</artifactId>
@@ -60,8 +66,8 @@
 			<version>${jackson.version}</version>
 		</dependency>
 		<dependency>
-			<groupId>com.fasterxml.jackson.jaxrs</groupId>
+			<groupId>com.fasterxml.jackson.jakarta.rs</groupId>
-			<artifactId>jackson-jaxrs-json-provider</artifactId>
+			<artifactId>jackson-jakarta-rs-json-provider</artifactId>
 			<version>${jackson.version}</version>
 		</dependency>
 		<dependency>
@@ -69,15 +75,20 @@
 			<artifactId>jackson-datatype-jsr310</artifactId>
 			<version>${jackson.version}</version>
 		</dependency>
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-lang3</artifactId>
+			<version>3.17.0</version>
+		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>
 			<artifactId>slf4j-api</artifactId>
-			<version>1.7.36</version>
+			<version>2.0.17</version>
 		</dependency>
 		<dependency>
 			<groupId>jakarta.ws.rs</groupId>
 			<artifactId>jakarta.ws.rs-api</artifactId>
-			<version>2.1.6</version>
+			<version>3.1.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.junit.jupiter</groupId>
@@ -97,13 +108,45 @@
 			<version>4.5.14</version>
 			<scope>test</scope>
 		</dependency>
+		
+		<!-- Apache CXF libraries -->
+		<dependency>
+			<groupId>org.apache.cxf</groupId>
+			<artifactId>cxf-rt-rs-client</artifactId>
+			<version>${cxf.version}</version>
+		</dependency>
 	</dependencies>
 	
 	<build>
 		<plugins>
+			<plugin>
+				<groupId>org.codehaus.mojo</groupId>
+				<artifactId>build-helper-maven-plugin</artifactId>
+				<version>3.4.0</version>
+				<executions>
+					<execution>
+						<id>add-jaxrs-src</id>
+						<goals><goal>add-source</goal></goals>
+						<configuration>
+							<sources>
+								<source>src/main/cxf</source>
+							</sources>
+						</configuration>
+					</execution>
+					<execution>
+						<id>add-test-src</id>
+						<goals><goal>add-test-source</goal></goals>
+						<configuration>
+							<sources>
+								<source>src/test/cxf</source>
+							</sources>
+						</configuration>
+					</execution>
+				</executions>
+			</plugin>
 			<plugin>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>3.1.0</version>
+				<version>3.4.0</version>
 				<dependencies>
 					<dependency>
 						<groupId>org.junit.jupiter</groupId>
@@ -114,7 +157,7 @@
 			</plugin>
 			<plugin>
 				<artifactId>maven-failsafe-plugin</artifactId>
-				<version>3.1.0</version>
+				<version>3.4.0</version>
 				<dependencies>
 					<dependency>
 						<groupId>org.junit.jupiter</groupId>
@@ -170,7 +213,7 @@
 					<plugin>
 						<groupId>org.sonatype.plugins</groupId>
 						<artifactId>nexus-staging-maven-plugin</artifactId>
-						<version>1.6.13</version>
+						<version>1.6.14</version>
 						<configuration>
 							<serverId>ossrh</serverId>
 							<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>

src/main/cxf/com/inteligr8/rs/ClientCxfConfiguration.java

@@ -0,0 +1,48 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import org.apache.cxf.jaxrs.client.WebClient;
+
+/**
+ * This interface defines additional configurations specific to the Apache CXF
+ * JAX-RS library and its nuances.
+ * 
+ * @author brian@inteligr8.com
+ */
+public interface ClientCxfConfiguration extends ClientConfiguration {
+	
+	/**
+	 * Apache CXF uses a global bus configuration where interceptors could
+	 * wreck havoc on your implementation.  This method allows you to
+	 * explicitly by-pass the default bus.
+	 * 
+	 * See https://cxf.apache.org/docs/bus-configuration.html.
+	 * 
+	 * @return true to use the default bus; false otherwise.
+	 */
+	default boolean isDefaultBusEnabled() {
+		return true;
+	}
+
+    /**
+     * A Jackson provider, logging filter, and authentication filter are already registered.
+     * 
+     * @param client A CXF client to configure.
+     */
+	default void configureClient(WebClient client) {
+	}
+
+}

src/main/cxf/com/inteligr8/rs/ClientCxfImpl.java

@@ -0,0 +1,181 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import java.util.LinkedList;
+import java.util.List;
+
+import jakarta.annotation.PostConstruct;
+import jakarta.ws.rs.ext.RuntimeDelegate;
+
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.jaxrs.client.JAXRSClientFactory;
+import org.apache.cxf.jaxrs.client.WebClient;
+import org.apache.cxf.jaxrs.impl.RuntimeDelegateImpl;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
+import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
+
+/**
+ * A class that provides pre-configured JAX-RS Client &amp; WebTarget &amp;
+ * CXF WebClient objects.
+ * 
+ * @author brian@inteligr8.com
+ */
+public class ClientCxfImpl extends Client {
+	
+	private final Logger logger = LoggerFactory.getLogger(ClientCxfImpl.class);
+
+    private final Object sync = new Object();
+	private ClientCxfConfiguration config;
+    private WebClient client;
+	
+	/**
+	 * This constructor is for Spring or POJO use.
+	 * @param config The client configuration.
+	 */
+	public ClientCxfImpl(ClientCxfConfiguration config) {
+		this.config = config;
+	}
+	
+	/**
+	 * This method registers the Apache CXF library as the default provider for
+	 * the JAX-RS specification.
+	 */
+	@PostConstruct
+	public void register() {
+		if (RuntimeDelegate.getInstance() == null) {
+			this.logger.info("Setting JAX-RS runtime delegate to the CXF library");
+			RuntimeDelegate.setInstance(new RuntimeDelegateImpl());
+		} else if (RuntimeDelegate.getInstance() instanceof RuntimeDelegateImpl) {
+			this.logger.info("JAX-RS runtime delegate already the CXF library");
+		} else {
+			this.logger.warn("Setting JAX-RS runtime delegate to the CXF library; was: " + RuntimeDelegate.getInstance().getClass().getName());
+			RuntimeDelegate.setInstance(new RuntimeDelegateImpl());
+		}
+		
+		if (this.logger.isInfoEnabled())
+			this.logger.info("API Base URL: " + this.getConfig().getBaseUrl());
+	}
+	
+	/**
+	 * @return A CXF client (not JAX-RS).
+	 */
+	public WebClient getCxfClient() {
+        synchronized (this.sync) {
+            if (this.client == null)
+                this.client = this.buildCxfClient(null);
+        }
+
+        return this.client;
+	}
+    
+    /**
+     * @param authFilter A dynamic authorization filter.
+     * @return A pre-configured CXF client (no URL) with the specified authorization.
+     */
+    public WebClient getCxfClient(AuthorizationFilter authFilter) {
+        if (authFilter == null) {
+            return this.getCxfClient();
+        } else {
+            return this.buildCxfClient(authFilter);
+        }
+    }
+	
+	/**
+	 * @param authFilter A post-configuration authorization filter.
+	 * @return A CXF client (not JAX-RS).
+	 */
+	public WebClient buildCxfClient(AuthorizationFilter authFilter) {
+        ObjectMapper om = new ObjectMapper();
+        om.registerModules(new JavaTimeModule());
+        this.getConfig().configureJacksonMapper(om);
+
+        JacksonJsonProvider jacksonProvider = new JacksonJsonProvider(om, JacksonJsonProvider.BASIC_ANNOTATIONS);
+        this.getConfig().configureJacksonProvider(jacksonProvider);
+        
+		List<Object> providersAndFilters = new LinkedList<Object>();
+		providersAndFilters.add(jacksonProvider);
+		providersAndFilters.add(new CxfLoggingFilter());
+		providersAndFilters.add(new CxfMultipartProvider());
+		
+		if (authFilter == null)
+			authFilter = this.getConfig().createAuthorizationFilter();
+		if (authFilter != null)
+			providersAndFilters.add(authFilter);
+		
+		this.addProvidersAndFilters(providersAndFilters);
+
+		// we can't use JAXRSClientFactory with a JAXRS client (duh!)
+		// so we need to create a CXF client
+		WebClient client = WebClient.create(this.getConfig().getBaseUrl(), providersAndFilters);
+
+        if (this.getConfig().getConnectTimeoutInMillis() != null || this.getConfig().getResponseTimeoutInMillis() != null) {
+            HTTPConduit conduit = client.getConfiguration().getHttpConduit();
+    		HTTPClientPolicy policy = conduit.getClient();
+    		if (policy == null)
+    		    conduit.setClient(policy = new HTTPClientPolicy());
+    		if (this.getConfig().getConnectTimeoutInMillis() != null)
+    		    policy.setConnectionTimeout(this.getConfig().getConnectTimeoutInMillis());
+            if (this.getConfig().getResponseTimeoutInMillis() != null)
+                policy.setReceiveTimeout(this.getConfig().getResponseTimeoutInMillis());
+        }
+
+		if (!this.getConfig().isDefaultBusEnabled()) {
+			// Some applications (like ACS) add interceptors to the default bus
+			// those interceptors may treat all messages as SOAP messages (like ACS), resulting in ClassCastExceptions
+			// we need to ignore the default bus
+			org.apache.cxf.jaxrs.client.ClientConfiguration config = WebClient.getConfig(client);
+			config.setBus(BusFactory.newInstance().createBus());
+		}
+		
+		this.config.configureClient(client);
+		
+		return client;
+	}
+	
+	/**
+	 * @param providersAndFilters A list of JAX-RS and CXF providers.
+	 */
+	public void addProvidersAndFilters(List<Object> providersAndFilters) {
+		// for extension purposes
+	}
+	
+	/**
+	 * @return The client configuration.
+	 */
+	public ClientCxfConfiguration getConfig() {
+		return this.config;
+	}
+
+	/**
+	 * This method retrieves a JAX-RS implementation of the specified API with
+	 * the specified authorization.
+	 * 
+	 * @param authFilter A dynamic authorization filter.
+	 * @param apiClass A JAX-RS annotation API class.
+	 * @return An instance of the API class.
+	 */
+	@Override
+	public <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass) {
+		return JAXRSClientFactory.fromClient(this.getCxfClient(authFilter), apiClass);
+	}
+
+}

src/main/cxf/com/inteligr8/rs/CxfLoggingFilter.java

@@ -0,0 +1,54 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import java.io.IOException;
+import java.util.LinkedList;
+import java.util.List;
+
+import jakarta.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.core.MediaType;
+
+import org.apache.cxf.jaxrs.ext.multipart.Attachment;
+import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
+import org.slf4j.Logger;
+
+/**
+ * This is a CXF specific handling of the logging of multipart requests, which
+ * would otherwise be ignored by the base LoggingFilter.  It is meant to be
+ * used for debugging purposes.  When used, it will write to 'jaxrs.request' and
+ * 'jaxrs.response' loggers at the 'trace' level.
+ * 
+ * @author brian@inteligr8.com
+ */
+public class CxfLoggingFilter extends LoggingFilter {
+	
+	@Override
+	protected void logUnhandledRequest(ClientRequestContext requestContext, Logger logger) throws IOException {
+		if (MediaType.MULTIPART_FORM_DATA_TYPE.equals(requestContext.getMediaType())) {
+			if (requestContext.getEntity() instanceof MultipartBody) {
+				List<String> attIds = new LinkedList<>();
+				for (Attachment att : ((MultipartBody)requestContext.getEntity()).getAllAttachments())
+					attIds.add(att.getContentId());
+				logger.trace("request: {} {}: {}", requestContext.getMethod(), requestContext.getUri(), attIds);
+			} else {
+				logger.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri());
+			}
+		} else {
+		    super.logUnhandledRequest(requestContext, logger);
+		}
+	}
+
+}

src/main/cxf/com/inteligr8/rs/CxfMultipartProvider.java

@@ -0,0 +1,49 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import java.lang.annotation.Annotation;
+import java.lang.reflect.Type;
+
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.ext.Provider;
+
+import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
+import org.apache.cxf.jaxrs.provider.MultipartProvider;
+
+/**
+ * This implements a JAX-RS provider that adds support for the handling of CXF
+ * MultipartBody.
+ * 
+ * @author brian@inteligr8.com
+ */
+@Consumes(MediaType.MULTIPART_FORM_DATA)
+@Produces(MediaType.MULTIPART_FORM_DATA)
+@Provider
+public class CxfMultipartProvider extends MultipartProvider {
+	
+	@Override
+	public boolean isReadable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
+		return MultipartBody.class.isAssignableFrom(type) || super.isReadable(type, genericType, annotations, mediaType);
+	}
+	
+	@Override
+	public boolean isWriteable(Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
+		return MultipartBody.class.isAssignableFrom(type) || super.isWriteable(type, genericType, annotations, mediaType);
+	}
+
+}

src/main/java/com/inteligr8/rs/AuthorizationFilter.java

@@ -14,7 +14,7 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.client.ClientRequestFilter;
+import jakarta.ws.rs.client.ClientRequestFilter;
 
 /**
  * This is a marker that allows the developer to segregate, restrict, or limit

src/main/java/com/inteligr8/rs/BasicAuthorizationFilter.java

@@ -17,8 +17,10 @@ package com.inteligr8.rs;
 import java.io.UnsupportedEncodingException;
 import java.util.Base64;
 
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.HttpHeaders;
+
+import org.apache.commons.lang3.StringUtils;
 
 /**
  * This class implements a simple 2-credential (username & password) based
@@ -32,12 +34,14 @@ public class BasicAuthorizationFilter implements AuthorizationFilter {
 	private final String password;
 	
 	/**
+	 * This constructor instantiates the filter with required fields.
+	 * 
 	 * @param username A username or access key.
 	 * @param password A password or secret key.
 	 */
 	public BasicAuthorizationFilter(String username, String password) {
-		this.username = username;
+		this.username = StringUtils.trimToNull(username);
-		this.password = password;
+		this.password = StringUtils.trimToNull(password);
 	}
 	
 	/**

src/main/java/com/inteligr8/rs/BearerTokenAuthorizationFilter.java

@@ -14,8 +14,8 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.HttpHeaders;
 
 /**
  * This class implements a simple long living or proxied token-based
@@ -32,6 +32,8 @@ public class BearerTokenAuthorizationFilter implements AuthorizationFilter {
 	private final String token;
 	
 	/**
+	 * This constructor instantiates the filter with required fields.
+	 * 
 	 * @param token A 'Bearer' token.
 	 */
 	public BearerTokenAuthorizationFilter(String token) {

src/main/java/com/inteligr8/rs/Client.java

@@ -14,34 +14,41 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.client.ClientBuilder;
+import java.util.concurrent.TimeUnit;
-import javax.ws.rs.client.WebTarget;
+
+import jakarta.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.WebTarget;
 
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.SerializationFeature;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
-import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
+import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
 
 /**
- * A class that provides pre-configured JAX-RS Client & WebTarget objects.
+ * A class that provides pre-configured Jakarta RS Client & WebTarget objects.
  * 
  * @author brian@inteligr8.com
  */
 public abstract class Client {
 	
 	private final Object sync = new Object();
-	private javax.ws.rs.client.Client client;
+	private jakarta.ws.rs.client.Client client;
 	
 	/**
+	 * This method retrieves the configuration for the client.
+	 * 
 	 * @return The client configuration.
 	 */
 	public abstract ClientConfiguration getConfig();
 	
 	/**
-	 * @return A pre-configured JAX-RS client (no URL) with configured authorization.
+	 * This method retrieves an anonymous cached instance of the underlying
+	 * Jakarta RS client.
+	 * 
+	 * @return A pre-configured Jakarta RS client (no URL) with configured authorization.
 	 */
-	public final javax.ws.rs.client.Client getClient() {
+	public final jakarta.ws.rs.client.Client getClient() {
 		synchronized (this.sync) {
 			if (this.client == null)
 				this.client = this.buildClient((AuthorizationFilter)null);
@@ -51,10 +58,13 @@ public abstract class Client {
 	}
 	
 	/**
+	 * This method retrieves either an anonymous cached instance or builds an
+	 * authorized instance of the underlying Jakarta RS client.
+	 * 
 	 * @param authFilter A dynamic authorization filter.
-	 * @return A pre-configured JAX-RS client (no URL) with the specified authorization.
+	 * @return A pre-configured Jakarta RS client (no URL) with the specified authorization.
 	 */
-	public javax.ws.rs.client.Client getClient(AuthorizationFilter authFilter) {
+	public jakarta.ws.rs.client.Client getClient(AuthorizationFilter authFilter) {
 		if (authFilter == null) {
 			return this.getClient();
 		} else {
@@ -63,18 +73,17 @@ public abstract class Client {
 	}
 	
 	/**
+	 * This method builds a new Jakarta RS client with optional authorization.
+	 * 
 	 * @param authFilter A dynamic authorization filter.
-	 * @return A pre-configured JAX-RS client (no URL) with the specified authorization.
+	 * @return A pre-configured Jakarta RS client (no URL) with the specified authorization.
 	 */
-	public final javax.ws.rs.client.Client buildClient(AuthorizationFilter authFilter) {
+	public final jakarta.ws.rs.client.Client buildClient(AuthorizationFilter authFilter) {
 	    ObjectMapper om = new ObjectMapper();
 	    om.registerModules(new JavaTimeModule());
 	    this.getConfig().configureJacksonMapper(om);
 	    
-	    JacksonJaxbJsonProvider provider = new JacksonJaxbJsonProvider(om, JacksonJaxbJsonProvider.DEFAULT_ANNOTATIONS);
+	    JacksonJsonProvider provider = new JacksonJsonProvider(om, JacksonJsonProvider.BASIC_ANNOTATIONS);
-        provider.enable(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_AS_NULL);
-	    provider.disable(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_USING_DEFAULT_VALUE);
-	    
 		this.getConfig().configureJacksonProvider(provider);
         
 		if (this.getConfig().isWrapRootValueEnabled())
@@ -85,27 +94,36 @@ public abstract class Client {
 		ClientBuilder clientBuilder = ClientBuilder.newBuilder()
 				.register(provider)
 				.register(new LoggingFilter());
+		
+		if (this.getConfig().getConnectTimeoutInMillis() != null)
+		    clientBuilder.connectTimeout(this.getConfig().getConnectTimeoutInMillis(), TimeUnit.MILLISECONDS);
+        if (this.getConfig().getResponseTimeoutInMillis() != null)
+            clientBuilder.readTimeout(this.getConfig().getResponseTimeoutInMillis(), TimeUnit.MILLISECONDS);
 
 		if (authFilter == null)
 			authFilter = this.getConfig().createAuthorizationFilter();
 		if (authFilter != null)
 			clientBuilder.register(authFilter);
 		this.buildClient(clientBuilder);
-		
 		this.getConfig().configureClient(clientBuilder);
 		
 		return clientBuilder.build();
 	}
     
     /**
-     * @param clientBuilder A client builder
+	 * This method allows sub-classes to extend the Jakarta RS client builder
+	 * before the client is built.
+	 * 
+     * @param clientBuilder A Jakarta RS client builder.
      */
     public void buildClient(ClientBuilder clientBuilder) {
         // for extension purposes
     }
 
 	/**
-	 * @return A pre-configured JAX-RS target (client w/ base URL) with configured authorization.
+	 * This method builds an anonymous Jakarta RS target.
+	 * 
+	 * @return A pre-configured Jakarta RS target (client w/ base URL) with configured authorization.
 	 */
 	public final WebTarget getTarget() {
 		return this.getClient()
@@ -113,8 +131,10 @@ public abstract class Client {
 	}
 
 	/**
+	 * This method builds an authorized Jakarta RS target.
+	 * 
 	 * @param authFilter A dynamic authorization filter.
-	 * @return A pre-configured JAX-RS target (client w/ base URL) with the specified authorization.
+	 * @return A pre-configured Jakarta RS target (client w/ base URL) with the specified authorization.
 	 */
 	public WebTarget getTarget(AuthorizationFilter authFilter) {
 		if (authFilter == null) {
@@ -126,10 +146,10 @@ public abstract class Client {
 	}
 	
 	/**
-	 * This method retrieves a JAX-RS implementation of the specified API.
+	 * This method retrieves a Jakarta RS implementation of the specified API.
 	 * 
-	 * @param <T> A JAX-RS annotated API class.
+	 * @param <T> A Jakarta RS annotated API class.
-	 * @param apiClass A JAX-RS annotated API class.
+	 * @param apiClass A Jakarta RS annotated API class.
 	 * @return An instance of the API class.
 	 */
 	public final <T> T getApi(Class<T> apiClass) {
@@ -137,12 +157,12 @@ public abstract class Client {
 	}
 
 	/**
-	 * This method retrieves a JAX-RS implementation of the specified API with
+	 * This method retrieves a Jakarta RS implementation of the specified API with
 	 * the specified authorization.
 	 * 
-	 * @param <T> A JAX-RS annotated API class.
+	 * @param <T> A Jakarta RS annotated API class.
 	 * @param authFilter A dynamic authorization filter.
-	 * @param apiClass A JAX-RS annotated API class.
+	 * @param apiClass A Jakarta RS annotated API class.
 	 * @return An instance of the API class.
 	 */
 	public abstract <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass);

src/main/java/com/inteligr8/rs/ClientConfiguration.java

@@ -16,10 +16,10 @@ package com.inteligr8.rs;
 
 import java.net.URI;
 
-import javax.ws.rs.client.ClientBuilder;
-
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
+import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
+
+import jakarta.ws.rs.client.ClientBuilder;
 
 /**
  * This interface defines the configurable parameters of the clients; primarily
@@ -30,120 +30,189 @@ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
 public interface ClientConfiguration {
 	
 	/**
-	 * @return The base or root URL of the service.
+	 * This method retrieves the base/root URL of the client service.
+	 * 
+	 * @return The URL.
 	 */
 	String getBaseUrl();
 	
 	/**
-	 * @return The username for BASIC authentication.
+	 * This method retrieves the username to use in HTTP BASIC authentication/authorization.
+	 * 
+	 * @return A username.
 	 */
 	default String getBasicAuthUsername() {
 		return null;
 	}
 
 	/**
-	 * @return The corresponding password for the username in BASIC authentication.
+	 * This method retrieves the password to use in HTTP BASIC authentication/authorization.
+	 * 
+	 * @return The corresponding password for the username.
 	 */
 	default String getBasicAuthPassword() {
 		return null;
 	}
 	
 	/**
-	 * @return The client ID for Client Enforcement authentication.
+	 * This method retrieves the client identifier to use in Client Enforcement authorization.
+	 * 
+	 * @return A client identifier.
 	 */
 	default String getClientId() {
 		return null;
 	}
 
 	/**
-	 * @return The corresponding client secret for the client ID in Client Enforcement authentication.
+	 * This method retrieves the client secret to use in Client Enforcement authorization.
+	 * 
+	 * @return The corresponding client secret for the client identifier.
 	 */
 	default String getClientSecret() {
 		return null;
 	}
 	
 	/**
-	 * @return The token for BEARER authorization.
+	 * This method retrieves the token to use in HTTP BEARER authorization.
+	 * This is provided in a response to the token URL.
+	 * 
+	 * @return An access token.
 	 */
 	default String getBearerToken() {
 		return null;
 	}
 	
 	/**
-	 * @return The token URL for OAuth authorization.
+	 * This method retrieves the token URL to use for OAuth authorization.
+	 * The value can be pulled from OAuth endpoint well-known meta-data.  That
+	 * endpoint or the token URL itself may also be provided OAuth IdP
+	 * administrator.
+	 * 
+	 * @return An OAuth token URL.
 	 */
 	default String getOAuthTokenUrl() {
 		return null;
 	}
 	
 	/**
-	 * @return The client ID provided by the OAuth IdP administrator.
+	 * This method retrieves the client identifier to use in OAuth
+	 * authorization.  This is provided by the OAuth IdP administrator or
+	 * tooling.
+	 * 
+	 * @return A client identifier.
 	 */
 	default String getOAuthClientId() {
 		return this.getClientId();
 	}
 
 	/**
-	 * @return The corresponding client secret for the client ID provided by the OAuth IdP administrator.
+	 * This method retrieves the client secret to use in OAuth authorization.
+	 * This is provided by the OAuth IdP administrator or tooling.
+	 * 
+	 * @return The corresponding client secret for the client identifier.
 	 */
 	default String getOAuthClientSecret() {
 		return this.getClientSecret();
 	}
 	
 	/**
-	 * @return The authorization code used in the OAuth Authorization Code flow.
+	 * This method retrieves the authorization code to use in OAuth
+	 * Authorization Code flow.  This is provided by the OAuth IdP
+	 * administrator or tooling.
+	 * 
+	 * @return An authorization code.
 	 */
 	default String getOAuthAuthCode() {
 		return null;
 	}
 	
 	/**
-	 * @return The redirect URL used in the OAuth Authorization Code flow.
+	 * This method retrieves the redirect URL to use in OAuth Authorization
+	 * Code flow.  This has meaning to the client-side web application.
+	 * 
+	 * @return A URL for the OAuth flow to redirect to when complete.
 	 */
 	default String getOAuthAuthRedirectUri() {
 		return null;
 	}
 	
 	/**
-	 * @return The username used in the OAuth Password Grant flow.
+	 * This method retrieves the username to use in OAuth Password Grant flow.
+	 * This is provided by the OAuth IdP administrator or tooling.
+	 * 
+	 * @return A username.
 	 */
 	default String getOAuthUsername() {
 		return null;
 	}
 	
 	/**
-	 * @return The corresponding password for the username used in the OAuth Password Grant flow.
+	 * This method retrieves the password to use in OAuth Password Grant flow.
+	 * This is provided by the OAuth IdP administrator or tooling.
+	 * 
+	 * @return The corresponding password for the username.
 	 */
 	default String getOAuthPassword() {
 		return null;
 	}
 	
 	
+	
+	/**
+	 * This method retrieves the connection (before request sent) timeout for
+	 * the client.
+	 * 
+	 * @return A timeout in milliseconds.
+	 */
+	default Integer getConnectTimeoutInMillis() {
+	    return null;
+	}
+	
+	/**
+	 * This method retrieves the response (after request sent) timeout for the
+	 * client.
+	 * 
+	 * @return A timeout in milliseconds.
+	 */
+	default Integer getResponseTimeoutInMillis() {
+	    return null;
+	}
+	
+	
 
 	/**
-	 * @return true to enable Jackson UNWRAP_ROOT_VALUE feature; false otherwise.
+	 * This method enables/disables the JackSON UNWRAP_ROOT_VALUE feature.
+	 * 
+	 * @return `true` to enable; `false` otherwise.
 	 */
 	default boolean isUnwrapRootValueEnabled() {
 		return false;
 	}
 
 	/**
-	 * @return true to enable Jackson WRAP_ROOT_VALUE feature; false otherwise.
+	 * This method enables/disables the JackSON WRAP_ROOT_VALUE feature.
+	 * 
+	 * @return `true` to enable; `false` otherwise.
 	 */
 	default boolean isWrapRootValueEnabled() {
 		return false;
 	}
     
     /**
-     * @param mapper A Jackson object mapper to configure.
+	 * This method allows sub-classes to extend the JackSON mapper
+	 * configuration and behavior.
+	 * 
+     * @param mapper A JackSON object mapper.
      */
     default void configureJacksonMapper(ObjectMapper mapper) {
     }
 	
 	/**
-	 * @param provider A Jackson JAX-RS provider to configure.
+	 * This method allows sub-classes to extend the JackSON JSON provider.
+	 * 
+	 * @param provider A JackSON Jakarta RS provider.
 	 */
-	default void configureJacksonProvider(JacksonJaxbJsonProvider provider) {
+	default void configureJacksonProvider(JacksonJsonProvider provider) {
 	}
 	
 	

src/main/java/com/inteligr8/rs/ClientEnforcementAuthorizationFilter.java

@@ -14,7 +14,9 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestContext;
+
+import org.apache.commons.lang3.StringUtils;
 
 /**
  * This class is the base for implementations of client authorization similar
@@ -45,8 +47,8 @@ public class ClientEnforcementAuthorizationFilter implements AuthorizationFilter
 	 * @param clientSecret A secret corresponding to the client ID.
 	 */
 	public ClientEnforcementAuthorizationFilter(String clientId, String clientSecret) {
-		this.clientId = clientId;
+		this.clientId = StringUtils.trimToNull(clientId);
-		this.clientSecret = clientSecret;
+		this.clientSecret = StringUtils.trimToNull(clientSecret);
 	}
 
 	/**

src/main/java/com/inteligr8/rs/ClientImpl.java

@@ -0,0 +1,66 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import jakarta.annotation.PostConstruct;
+import jakarta.ws.rs.client.ClientBuilder;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * A class that provides pre-configured Jakarta RS Client &amp; WebTarget
+ * objects.
+ * 
+ * @author brian@inteligr8.com
+ */
+public class ClientImpl extends Client {
+	
+	private final Logger logger = LoggerFactory.getLogger(ClientImpl.class);
+	
+	private ClientConfiguration config;
+	
+	/**
+	 * This constructor is for Spring or POJO use.
+	 * 
+	 * @param config The client configuration.
+	 */
+	public ClientImpl(ClientConfiguration config) {
+		this.config = config;
+	}
+
+	/**
+	 * This method is a placeholder.
+	 */
+	@PostConstruct
+	public void register() {
+		this.logger.info("API Base URL: {}", this.getConfig().getBaseUrl());
+	}
+	
+	@Override
+	public void buildClient(ClientBuilder clientBuilder) {
+	}
+	
+	@Override
+	public ClientConfiguration getConfig() {
+		return this.config;
+	}
+
+	@Override
+	public <T> T getApi(AuthorizationFilter authFilter, Class<T> apiClass) {
+		throw new UnsupportedOperationException();
+	}
+
+}

src/main/java/com/inteligr8/rs/ForwardingAuthorizationFilter.java

@@ -14,8 +14,8 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.HttpHeaders;
 
 /**
  * This class implements a proxied or forwarded authorization header based
@@ -32,6 +32,8 @@ public class ForwardingAuthorizationFilter implements AuthorizationFilter {
 	private final String authorizationHeaderValue;
 	
 	/**
+	 * This constructor instantiates the filter with required fields.
+	 * 
 	 * @param authorizationHeaderValue A previously used or formulated 'Authorization' header.
 	 */
 	public ForwardingAuthorizationFilter(String authorizationHeaderValue) {

src/main/java/com/inteligr8/rs/HeaderAuthorizationFilter.java

@@ -0,0 +1,68 @@
+/*
+ * This program is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ * 
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+ * more details.
+ * 
+ * You should have received a copy of the GNU General Public License along
+ * with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package com.inteligr8.rs;
+
+import java.io.UnsupportedEncodingException;
+import java.util.List;
+import java.util.Map.Entry;
+
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+
+import jakarta.ws.rs.client.ClientRequestContext;
+
+/**
+ * This class implements a header-based authorization filter.
+ *  
+ * @author brian@inteligr8.com
+ */
+public class HeaderAuthorizationFilter implements AuthorizationFilter {
+	
+	private final MultiValueMap<String, Object> headers = new LinkedMultiValueMap<>();
+	
+	/**
+	 * This constructor instantiates the filter with required fields.
+	 * 
+	 * @param headerName A header name.
+	 * @param headerValue A header value.
+	 */
+    public HeaderAuthorizationFilter(String headerName, Object headerValue) {
+	    this.headers.add(headerName, headerValue);
+	}
+    
+	/**
+	 * This method adds another header name/value to outgoing requests.
+	 * 
+	 * @param headerName A header name.
+	 * @param headerValue A header value.
+	 * @return This class for fluent chaining.
+	 */
+    public HeaderAuthorizationFilter add(String headerName, Object headerValue) {
+        this.headers.add(headerName, headerValue);
+        return this;
+    }
+	
+	/**
+	 * This method applies the 'Authorization' header to the {@link ClientRequestContext}.
+	 * 
+	 * @param requestContext A request context.
+	 */
+	@Override
+	public void filter(ClientRequestContext requestContext) throws UnsupportedEncodingException {
+	    for (Entry<String, List<Object>> header : this.headers.entrySet())
+	        requestContext.getHeaders().put(header.getKey(), header.getValue());
+	}
+
+}

src/main/java/com/inteligr8/rs/LoggingFilter.java

@@ -16,12 +16,12 @@ package com.inteligr8.rs;
 
 import java.io.IOException;
 
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.ClientRequestFilter;
+import jakarta.ws.rs.client.ClientRequestFilter;
-import javax.ws.rs.client.ClientResponseContext;
+import jakarta.ws.rs.client.ClientResponseContext;
-import javax.ws.rs.client.ClientResponseFilter;
+import jakarta.ws.rs.client.ClientResponseFilter;
-import javax.ws.rs.core.Form;
+import jakarta.ws.rs.core.Form;
-import javax.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.MediaType;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -58,7 +58,7 @@ public class LoggingFilter implements ClientRequestFilter, ClientResponseFilter
 				logger.trace("request: {} {}: {}", requestContext.getMethod(), requestContext.getUri(),
 						((Form)requestContext.getEntity()).asMap());
 			} else {
-				this.loggerRequest.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri());
+				logger.trace("request: {} {}: failed to output form", requestContext.getMethod(), requestContext.getUri());
 			}
 		} else {
 			this.logUnhandledRequest(requestContext, logger);

src/main/java/com/inteligr8/rs/OAuthAuthorizationCodeAuthorizationFilter.java

@@ -16,7 +16,11 @@ package com.inteligr8.rs;
 
 import java.net.URI;
 
-import javax.ws.rs.core.Form;
+import jakarta.ws.rs.core.Form;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * This class implements the OAuth Authorization Code flow as an authorization
@@ -25,6 +29,8 @@ import javax.ws.rs.core.Form;
  * @author brian@inteligr8.com
  */
 public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizationFilter {
+    
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
 	
 	private final String code;
 	private final URI redirectUri;
@@ -68,17 +74,22 @@ public class OAuthAuthorizationCodeAuthorizationFilter extends OAuthAuthorizatio
 	public OAuthAuthorizationCodeAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String code, URI redirectUri) {
 		super(tokenUrl, clientId, clientSecret);
 		
-		this.code = code;
+		this.code = StringUtils.trimToNull(code);
 		this.redirectUri = redirectUri;
 	}
 	
 	@Override
 	protected Form createForm() {
-		Form form = new Form().param("grant_type", "authorization_code")
+        this.logger.debug("Using OAuth grant_type 'authorization_code'");
-				.param("code", this.code);
+		Form form = new Form().param("grant_type", "authorization_code");
 		if (this.redirectUri != null)
 			form.param("redirect_uri", this.redirectUri.toString());
 		return form;
 	}
+	
+	@Override
+	protected void extendFormSensitive(Form form) {
+	    form.param("code", this.code);
+	}
 
 }

src/main/java/com/inteligr8/rs/OAuthAuthorizationFilter.java

@@ -16,15 +16,22 @@ package com.inteligr8.rs;
 
 import java.util.Map;
 
-import javax.ws.rs.WebApplicationException;
+import jakarta.ws.rs.WebApplicationException;
-import javax.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.Client;
-import javax.ws.rs.client.ClientRequestContext;
+import jakarta.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.Entity;
+import jakarta.ws.rs.client.ClientRequestContext;
-import javax.ws.rs.client.WebTarget;
+import jakarta.ws.rs.client.Entity;
-import javax.ws.rs.core.Form;
+import jakarta.ws.rs.client.WebTarget;
-import javax.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.HttpHeaders;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status.Family;
 
-import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.fasterxml.jackson.jakarta.rs.json.JacksonJsonProvider;
 
 /**
  * This class is the base for implementations of OAuth authorization flows.
@@ -33,6 +40,8 @@ import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
  */
 public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 	
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
+    
 	private final String tokenUrl;
 	private final String clientId;
 	private final String clientSecret;
@@ -40,6 +49,7 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 	private String accessToken;
 	private long expiration;
 	private String refreshToken;
+	private Long refreshTokenExpiration;
 	
 	/**
 	 * This constructor creates an OAuth-based authorization filter using the
@@ -79,9 +89,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 	 */
 	public OAuthAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String scope) {
 		this.tokenUrl = tokenUrl;
-		this.clientId = clientId;
+		this.clientId = StringUtils.trimToNull(clientId);
-		this.clientSecret = clientSecret;
+		this.clientSecret = StringUtils.trimToNull(clientSecret);
-		this.scope = scope;
+		this.scope = StringUtils.trimToNull(scope);
 	}
 
 	/**
@@ -91,8 +101,29 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 	 */
 	@Override
 	public void filter(ClientRequestContext requestContext) {
-		if (this.accessToken == null || System.currentTimeMillis() > this.expiration)
+		if (this.accessToken == null) {
-			this.requestToken();
+		    this.requestToken();
+		} else if (System.currentTimeMillis() >= this.expiration) {
+            this.logger.trace("Access token expired; retrieving new one with refresh token");
+            
+		    if (this.refreshTokenExpiration != null && System.currentTimeMillis() >= this.refreshTokenExpiration.longValue()) {
+                this.logger.debug("Refresh token expired; performing full authentication");
+                this.refreshToken = null;
+                this.requestToken();
+		    } else {
+    		    try {
+    		        this.requestToken();
+                } catch (WebApplicationException wae) {
+                    if (wae.getResponse().getStatusInfo().getFamily() == Family.CLIENT_ERROR) {
+                        this.logger.debug("Received OAuth response {} using refresh token; performing full authentication", wae.getResponse().getStatus());
+                        this.refreshToken = null;
+                        this.requestToken();
+                    } else {
+                        throw wae;
+                    }
+                }
+		    }
+		}
 		
 		requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, "Bearer " + this.accessToken);
 	}
@@ -111,29 +142,53 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 		}
 
 		form.param("client_id", this.clientId);
-		if (this.clientSecret != null)
-			form.param("client_secret", this.clientSecret);
 		if (this.scope != null)
 			form.param("scope", this.scope);
-		this.extendRefreshTokenForm(form);
+		
+		this.logger.trace("Sending OAuth request: {}", form);
+		
+		if (this.refreshToken != null) {
+		    this.extendRefreshFormSensitive(form);
+		} else {
+            this.extendFormSensitive(form);
+		}
+
+        if (this.clientSecret != null)
+            form.param("client_secret", this.clientSecret);
 		
 		Entity<Form> entity = Entity.form(form);
 		
-		WebTarget target = ClientBuilder.newBuilder()
+		Client client = ClientBuilder.newBuilder()
-				.register(new JacksonJaxbJsonProvider())
+                .register(new JacksonJsonProvider())
-				.build()
+                .build();
-				.target(this.tokenUrl);
+		WebTarget target = client.target(this.tokenUrl);
+		
+		long requestSendTime = System.currentTimeMillis();
 
-		@SuppressWarnings("unchecked")
+		Response response = target.request().post(entity);
-		Map<String, Object> response = target.request().post(entity, Map.class);
 		
-		if (response.containsKey("error"))
+        this.logger.debug("Received OAuth response: {}", response.getStatus());
-			throw new WebApplicationException((String)response.get("error"), 400);
+
+        @SuppressWarnings("unchecked")
+        Map<String, Object> responseMap = response.readEntity(Map.class);
+
+        this.logger.trace("Received OAuth response: {}", responseMap);
 		
-		this.accessToken = (String)response.get("access_token");
+		if (response.getStatusInfo().getFamily() != Family.SUCCESSFUL) {
-		this.expiration = System.currentTimeMillis() + ((Number)response.get("expires_in")).longValue() * 1000L;
+            String code = (String) responseMap.get("error");
-		this.refreshToken = (String)response.get("refresh_token");
+            if (code != null) {
-		this.extendRefreshTokenResponse(response);
+                String description = (String) responseMap.get("error_description");
+    			throw new WebApplicationException(code + ": " + description, response.getStatus());
+            } else {
+                throw new WebApplicationException(response);
+            }
+		}
+		
+		this.accessToken = (String)responseMap.get("access_token");
+		this.expiration = requestSendTime + ((Number)responseMap.get("expires_in")).longValue() * 1000L;
+		this.refreshToken = (String)responseMap.get("refresh_token");
+		if (responseMap.containsKey("refresh_token_expires_in"))
+		    this.refreshTokenExpiration = requestSendTime + ((Number)responseMap.get("refresh_token_expires_in")).longValue() * 1000L;
 	}
 	
 	protected Form createRefreshForm() {
@@ -143,10 +198,9 @@ public abstract class OAuthAuthorizationFilter implements AuthorizationFilter {
 	
 	protected abstract Form createForm();
 	
-	protected void extendRefreshTokenForm(Form form) {
+	protected void extendRefreshFormSensitive(Form form) {
-	}
-	
-	protected void extendRefreshTokenResponse(Map<String, Object> response) {
 	}
 
+    protected abstract void extendFormSensitive(Form form);
+
 }

src/main/java/com/inteligr8/rs/OAuthClientCredentialAuthorizationFilter.java

@@ -14,7 +14,10 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.core.Form;
+import jakarta.ws.rs.core.Form;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * This class implements the OAuth Client Credential flow as an authorization
@@ -23,6 +26,8 @@ import javax.ws.rs.core.Form;
  * @author brian@inteligr8.com
  */
 public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorizationFilter {
+    
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
 
 	/**
 	 * @param tokenUrl The URL to the OAuth IdP token service.
@@ -35,7 +40,12 @@ public class OAuthClientCredentialAuthorizationFilter extends OAuthAuthorization
 	
 	@Override
 	protected Form createForm() {
+        this.logger.debug("Using OAuth grant_type 'client_credentials'");
 		return new Form().param("grant_type", "client_credentials");
 	}
+	
+	@Override
+	protected void extendFormSensitive(Form form) {
+	}
 
 }

src/main/java/com/inteligr8/rs/OAuthPasswordGrantAuthorizationFilter.java

@@ -14,7 +14,11 @@
  */
 package com.inteligr8.rs;
 
-import javax.ws.rs.core.Form;
+import jakarta.ws.rs.core.Form;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * This class implements the OAuth Password Grant flow as an authorization
@@ -23,6 +27,8 @@ import javax.ws.rs.core.Form;
  * @author brian@inteligr8.com
  */
 public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFilter {
+    
+    private final Logger logger = LoggerFactory.getLogger(this.getClass());
 	
 	private final String username;
 	private final String password;
@@ -46,15 +52,20 @@ public class OAuthPasswordGrantAuthorizationFilter extends OAuthAuthorizationFil
 	 */
 	public OAuthPasswordGrantAuthorizationFilter(String tokenUrl, String clientId, String clientSecret, String username, String password) {
 		super(tokenUrl, clientId, clientSecret);
-		this.username = username;
+		this.username = StringUtils.trimToNull(username);
-		this.password = password;
+		this.password = StringUtils.trimToNull(password);
 	}
 	
 	@Override
 	protected Form createForm() {
+        this.logger.debug("Using OAuth grant_type 'password': {}", this.username);
 		return new Form().param("grant_type", "password")
-				.param("username", this.username)
+				.param("username", this.username);
-				.param("password", this.password);
+	}
+	
+	@Override
+	protected void extendFormSensitive(Form form) {
+	    form.param("password", this.password);
 	}
 
 }