#8 - ENH: Add in support for Authorization bearer token - AuthTokenProvider

Author: rbygrave

client/src/main/java/io/avaje/http/client/AuthToken.java

@@ -0,0 +1,55 @@
+package io.avaje.http.client;
+
+import java.time.Instant;
+
+/**
+ * Represents an Authorization Bearer token that can be held on the context.
+ * <p>
+ * Typically the token will be valid for a period and then expire.
+ */
+public interface AuthToken {
+
+  /**
+   * Return the Authorization bearer token.
+   */
+  String token();
+
+  /**
+   * Return true if the token has expired or is no longer valid.
+   */
+  boolean isExpired();
+
+  /**
+   * Create an return a AuthToken with the given token and time it is valid until.
+   */
+  static AuthToken of(String token, Instant validUntil) {
+    return new Basic(token, validUntil);
+  }
+
+  /**
+   * Standard AuthToken implementation.
+   */
+  class Basic implements AuthToken {
+
+    private final String token;
+    private final Instant validUntil;
+
+    /**
+     * Create with token and valid until time.
+     */
+    public Basic(String token, Instant validUntil) {
+      this.token = token;
+      this.validUntil = validUntil;
+    }
+
+    @Override
+    public String token() {
+      return token;
+    }
+
+    @Override
+    public boolean isExpired() {
+      return Instant.now().isAfter(validUntil);
+    }
+  }
+}

client/src/main/java/io/avaje/http/client/AuthTokenProvider.java

@@ -0,0 +1,40 @@
+package io.avaje.http.client;
+
+/**
+ * Use to obtain an Authorization bearer token that is expected to be used.
+ *
+ * <pre>{@code
+ *
+ *   class MyAuthTokenProvider implements AuthTokenProducer {
+ *
+ *     @Override
+ *     public AuthToken obtainToken(HttpClientRequest tokenRequest) {
+ *
+ *       MyTokenResponse tokenResponse = tokenRequest
+ *         .url("https://foo/auth/token")
+ *         .header("content-type", "application/json")
+ *         .body(authRequestAsJson())
+ *         .post()
+ *         .bean(MyTokenResponse.class);
+ *
+ *       String token = tokenResponse.getToken();
+ *       long expiresSecs = tokenResponse.getExpiresInSecs();
+ *
+ *       Instant validUntil = Instant.now().plusSeconds(expiresSecs).minusSeconds(60);
+ *
+ *       return AuthToken.of(token, validUntil);
+ *     }
+ *   }
+ *
+ * }</pre>
+ */
+public interface AuthTokenProvider {
+
+  /**
+   * Obtain a new Authorization token.
+   *
+   * @param tokenRequest A new request to obtain an Authorisation token
+   */
+  AuthToken obtainToken(HttpClientRequest tokenRequest);
+
+}

client/src/main/java/io/avaje/http/client/DHttpClientContext.java

@@ -8,6 +8,7 @@
 import java.time.Duration;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.atomic.AtomicReference;
 
 class DHttpClientContext implements HttpClientContext {
 
@@ -16,13 +17,20 @@ class DHttpClientContext implements HttpClientContext {
   private final Duration requestTimeout;
   private final BodyAdapter bodyAdapter;
   private final RequestListener requestListener;
+  private final RequestIntercept requestIntercept;
+  private final boolean withAuthToken;
+  private final AuthTokenProvider authTokenProvider;
+  private final AtomicReference<AuthToken> tokenRef = new AtomicReference<>();
 
-  DHttpClientContext(HttpClient httpClient, String baseUrl, Duration requestTimeout, BodyAdapter bodyAdapter, RequestListener requestListener) {
+  DHttpClientContext(HttpClient httpClient, String baseUrl, Duration requestTimeout, BodyAdapter bodyAdapter, RequestListener requestListener, AuthTokenProvider authTokenProvider, RequestIntercept intercept) {
     this.httpClient = httpClient;
     this.baseUrl = baseUrl;
     this.requestTimeout = requestTimeout;
     this.bodyAdapter = bodyAdapter;
     this.requestListener = requestListener;
+    this.authTokenProvider = authTokenProvider;
+    this.withAuthToken = authTokenProvider != null;
+    this.requestIntercept = intercept;
   }
 
   @Override
@@ -130,5 +138,27 @@ void afterResponse(DHttpClientRequest request) {
     if (requestListener != null) {
       requestListener.response(request.listenerEvent());
     }
+    if (requestIntercept != null) {
+      requestIntercept.afterResponse(request.response(), request);
+    }
+  }
+
+  void beforeRequest(DHttpClientRequest request) {
+    if (withAuthToken && !request.isSkipAuthToken()) {
+      request.header("Authorization", "Bearer " + authToken());
+    }
+    if (requestIntercept != null) {
+      requestIntercept.beforeRequest(request);
+    }
   }
+
+  private String authToken() {
+    AuthToken authToken = tokenRef.get();
+    if (authToken == null || authToken.isExpired()) {
+      authToken = authTokenProvider.obtainToken(request().skipAuthToken());
+      tokenRef.set(authToken);
+    }
+    return authToken.token();
+  }
+
 }

client/src/main/java/io/avaje/http/client/DHttpClientContextBuilder.java

@@ -4,6 +4,8 @@
 import java.net.CookieManager;
 import java.net.http.HttpClient;
 import java.time.Duration;
+import java.util.ArrayList;
+import java.util.List;
 import java.util.concurrent.Executor;
 
 import static java.util.Objects.requireNonNull;
@@ -27,6 +29,10 @@ class DHttpClientContextBuilder implements HttpClientContext.Builder {
   private HttpClient.Version version;
   private Executor executor;
 
+  private AuthTokenProvider authTokenProvider;
+
+  private final List<RequestIntercept> interceptors = new ArrayList<>();
+
   DHttpClientContextBuilder() {
   }
 
@@ -60,6 +66,18 @@ public HttpClientContext.Builder withRequestListener(RequestListener requestList
     return this;
   }
 
+  @Override
+  public HttpClientContext.Builder withRequestIntercept(RequestIntercept requestIntercept) {
+    this.interceptors.add(requestIntercept);
+    return this;
+  }
+
+  @Override
+  public HttpClientContext.Builder withAuthTokenProvider(AuthTokenProvider authTokenProvider) {
+    this.authTokenProvider = authTokenProvider;
+    return this;
+  }
+
   @Override
   public HttpClientContext.Builder withCookieHandler(CookieHandler cookieHandler) {
     this.cookieHandler = cookieHandler;
@@ -71,11 +89,13 @@ public HttpClientContext.Builder withRedirect(HttpClient.Redirect redirect) {
     this.redirect = redirect;
     return this;
   }
+
   @Override
   public HttpClientContext.Builder withVersion(HttpClient.Version version) {
     this.version = version;
     return this;
   }
+
   @Override
   public HttpClientContext.Builder withExecutor(Executor executor) {
     this.executor = executor;
@@ -89,7 +109,17 @@ public HttpClientContext build() {
     if (client == null) {
       client = defaultClient();
     }
-    return new DHttpClientContext(client, baseUrl, requestTimeout, bodyAdapter, requestListener);
+    return new DHttpClientContext(client, baseUrl, requestTimeout, bodyAdapter, requestListener, authTokenProvider, buildIntercept());
+  }
+
+  private RequestIntercept buildIntercept() {
+    if (interceptors.isEmpty()) {
+      return null;
+    } else if (interceptors.size() == 1) {
+      return interceptors.get(0);
+    } else {
+      return new DRequestInterceptors(interceptors);
+    }
   }
 
   private HttpClient defaultClient() {

client/src/main/java/io/avaje/http/client/DHttpClientRequest.java

@@ -47,13 +47,20 @@ class DHttpClientRequest implements HttpClientRequest, HttpClientResponse {
   private HttpResponse<?> httpResponse;
   private BodyContent encodedResponseBody;
   private boolean loggableResponseBody;
+  private boolean skipAuthToken;
 
   public DHttpClientRequest(DHttpClientContext context, Duration requestTimeout) {
     this.context = context;
     this.requestTimeout = requestTimeout;
     this.url = context.url();
   }
 
+  @Override
+  public HttpClientRequest skipAuthToken() {
+    this.skipAuthToken = true;
+    return this;
+  }
+
   @Override
   public HttpClientRequest requestTimeout(Duration requestTimeout) {
     this.requestTimeout = requestTimeout;
@@ -220,28 +227,24 @@ private void addHeaders() {
 
   public HttpClientResponse get() {
     httpRequest = newGet(url.build());
-    addHeaders();
     return this;
   }
 
   @Override
   public HttpClientResponse delete() {
     httpRequest = newDelete(url.build());
-    addHeaders();
     return this;
   }
 
   @Override
   public HttpClientResponse post() {
     httpRequest = newPost(url.build(), body());
-    addHeaders();
     return this;
   }
 
   @Override
   public HttpClientResponse put() {
     httpRequest = newPut(url.build(), body());
-    addHeaders();
     return this;
   }
 
@@ -278,6 +281,8 @@ public <T> List<T> list(Class<T> cls) {
 
   @Override
   public <T> HttpResponse<T> withResponseHandler(HttpResponse.BodyHandler<T> responseHandler) {
+    context.beforeRequest(this);
+    addHeaders();
     final long startNanos = System.nanoTime();
     final HttpResponse<T> response = context.send(httpRequest, responseHandler);
     requestTimeNanos = System.nanoTime() - startNanos;
@@ -357,6 +362,14 @@ RequestListener.Event listenerEvent() {
     return new ListenerEvent();
   }
 
+  HttpResponse<?> response() {
+    return httpResponse;
+  }
+
+  boolean isSkipAuthToken() {
+    return skipAuthToken;
+  }
+
   private class ListenerEvent implements RequestListener.Event {
 
     @Override

client/src/main/java/io/avaje/http/client/DRequestInterceptors.java

@@ -0,0 +1,37 @@
+package io.avaje.http.client;
+
+import java.net.http.HttpResponse;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * Processing of multiple RequestIntercept.
+ * <p>
+ * Noting that afterResponse interceptors are processed in reverse order.
+ */
+class DRequestInterceptors implements RequestIntercept {
+
+  private final List<RequestIntercept> before;
+  private final List<RequestIntercept> after;
+
+  DRequestInterceptors(List<RequestIntercept> interceptors) {
+    this.before = new ArrayList<>(interceptors);
+    Collections.reverse(interceptors);
+    this.after = new ArrayList<>(interceptors);
+  }
+
+  @Override
+  public void beforeRequest(HttpClientRequest request) {
+    for (RequestIntercept interceptor : before) {
+      interceptor.beforeRequest(request);
+    }
+  }
+
+  @Override
+  public void afterResponse(HttpResponse<?> response, HttpClientRequest request) {
+    for (RequestIntercept interceptor : after) {
+      interceptor.afterResponse(response, request);
+    }
+  }
+}

client/src/main/java/io/avaje/http/client/HttpClientContext.java

@@ -157,6 +157,23 @@ interface Builder {
      */
     Builder withRequestListener(RequestListener requestListener);
 
+    /**
+     * Add a request interceptor.
+     */
+    Builder withRequestIntercept(RequestIntercept requestIntercept);
+
+    /**
+     * Add a Authorization token provider.
+     * <p>
+     * When set all requests are expected to use a Authorization Bearer token
+     * unless they are marked via {@link HttpClientRequest#skipAuthToken()}.
+     * <p>
+     * The AuthTokenProvider obtains a new token typically with an expiry. This
+     * is automatically called as needed and the Authorization Bearer header set
+     * on all requests (not marked with skipAuthToken()).
+     */
+    Builder withAuthTokenProvider(AuthTokenProvider authTokenProvider);
+
     /**
      * Specify a cookie handler to use on the HttpClient. This would override the default cookie handler.
      *

client/src/main/java/io/avaje/http/client/HttpClientRequest.java

@@ -26,6 +26,14 @@
  */
 public interface HttpClientRequest {
 
+  /**
+   * For this request skip using an Authorization token.
+   * <p>
+   * This is automatically set on the request passed to
+   * {@link AuthTokenProvider#obtainToken(HttpClientRequest)}.
+   */
+  HttpClientRequest skipAuthToken();
+
   /**
    * Set the request timeout to use for this request. When not set the default
    * request timeout will be used.