Add HTTP signature authentication support to Java (jersey2-experimental) (#6058)

* add fmt-maven-plugin to jersey2 exp

* update samples

* add http signature auth template

* minor fix

* fix http beaer auth, update sample

* fix http signature auth

* fix http signature auth

* header support

* add query string to path

* undo changes in default codegen

* ignore fake test

* add serialize to string method

* add serialzie to string method

* add get mapper

* auto format java source code

* remove plugin

* update pom.xml

* change back AbstractOpenApiSchema to T

* skip mvn code formatter in bin script

* undo changes to spec

* update samples

* add back HttpSignatureAuth.java

Author: wing328

bin/java-petstore-jersey2-experimental.sh

@@ -27,13 +27,15 @@ fi
 
 # if you've executed sbt assembly previously it will use that instead.
 export JAVA_OPTS="${JAVA_OPTS} -Xmx1024M -DloggerPath=conf/log4j.properties"
-ags="generate -i modules/openapi-generator/src/test/resources/2_0/petstore-with-fake-endpoints-models-for-testing.yaml -g java -c bin/java-petstore-jersey2-experimental.json -o samples/client/petstore/java/jersey2-experimental -t modules/openapi-generator/src/main/resources/Java  --additional-properties hideGenerationTimestamp=true $@"
+ags="generate -i modules/openapi-generator/src/test/resources/3_0/petstore-with-fake-endpoints-models-for-testing.yaml -g java -c bin/java-petstore-jersey2-experimental.json -o samples/client/petstore/java/jersey2-experimental -t modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental  --additional-properties hideGenerationTimestamp=true $@"
 
 echo "Removing files and folders under samples/client/petstore/java/jersey2-experimental/src/main"
 rm -rf samples/client/petstore/java/jersey2-experimental/src/main
 find samples/client/petstore/java/jersey2-experimental -maxdepth 1 -type f ! -name "README.md" -exec rm {} +
 java $JAVA_OPTS -jar $executable $ags
 
+#mvn com.coveo:fmt-maven-plugin:format -f samples/client/petstore/java/jersey2-experimental/pom.xml
+
 # copy additional manually written unit-tests
 #mkdir samples/client/petstore/java/jersey2/src/test/java/org/openapitools/client
 #mkdir samples/client/petstore/java/jersey2/src/test/java/org/openapitools/client/auth

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/JavaClientCodegen.java

@@ -373,6 +373,7 @@ public void processOpts() {
             supportingFiles.add(new SupportingFile("JSON.mustache", invokerFolder, "JSON.java"));
             supportingFiles.add(new SupportingFile("ApiResponse.mustache", invokerFolder, "ApiResponse.java"));
             if (JERSEY2_EXPERIMENTAL.equals(getLibrary())) {
+                supportingFiles.add(new SupportingFile("auth/HttpSignatureAuth.mustache", authFolder, "HttpSignatureAuth.java"));
                 supportingFiles.add(new SupportingFile("AbstractOpenApiSchema.mustache", (sourceFolder + File.separator + modelPackage().replace('.', File.separatorChar)).replace('/', File.separatorChar), "AbstractOpenApiSchema.java"));
             }
             forceSerializationLibrary(SERIALIZATION_LIBRARY_JACKSON);

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/ApiClient.mustache

@@ -23,6 +23,7 @@ import org.glassfish.jersey.media.multipart.MultiPartFeature;
 import java.io.IOException;
 import java.io.InputStream;
 
+import java.net.URI;
 {{^supportJava6}}
 import java.nio.file.Files;
 import java.nio.file.StandardCopyOption;
@@ -56,6 +57,7 @@ import java.util.regex.Pattern;
 import {{invokerPackage}}.auth.Authentication;
 import {{invokerPackage}}.auth.HttpBasicAuth;
 import {{invokerPackage}}.auth.HttpBearerAuth;
+import {{invokerPackage}}.auth.HttpSignatureAuth;
 import {{invokerPackage}}.auth.ApiKeyAuth;
 import {{invokerPackage}}.model.AbstractOpenApiSchema;
 
@@ -159,11 +161,26 @@ public class ApiClient {
     setUserAgent("{{#httpUserAgent}}{{{.}}}{{/httpUserAgent}}{{^httpUserAgent}}OpenAPI-Generator/{{{artifactVersion}}}/java{{/httpUserAgent}}");
 
     // Setup authentications (key: authentication name, value: authentication).
-    authentications = new HashMap<String, Authentication>();{{#authMethods}}{{#isBasic}}{{#isBasicBasic}}
-    authentications.put("{{name}}", new HttpBasicAuth());{{/isBasicBasic}}{{^isBasicBasic}}
-    authentications.put("{{name}}", new HttpBearerAuth("{{scheme}}"));{{/isBasicBasic}}{{/isBasic}}{{#isApiKey}}
-    authentications.put("{{name}}", new ApiKeyAuth({{#isKeyInHeader}}"header"{{/isKeyInHeader}}{{^isKeyInHeader}}"query"{{/isKeyInHeader}}, "{{keyParamName}}"));{{/isApiKey}}{{#isOAuth}}
-    authentications.put("{{name}}", new OAuth());{{/isOAuth}}{{/authMethods}}
+    authentications = new HashMap<String, Authentication>();
+    {{#authMethods}}
+    {{#isBasic}}
+    {{#isBasicBasic}}
+    authentications.put("{{name}}", new HttpBasicAuth());
+    {{/isBasicBasic}}
+    {{#isBasicBearer}}
+    authentications.put("{{name}}", new HttpBearerAuth("{{scheme}}"));
+    {{/isBasicBearer}}
+    {{#isHttpSignature}}
+    authentications.put("{{name}}", new HttpSignatureAuth("{{name}}", null, null));
+    {{/isHttpSignature}}
+    {{/isBasic}}
+    {{#isApiKey}}
+    authentications.put("{{name}}", new ApiKeyAuth({{#isKeyInHeader}}"header"{{/isKeyInHeader}}{{^isKeyInHeader}}"query"{{/isKeyInHeader}}, "{{keyParamName}}"));
+    {{/isApiKey}}
+    {{#isOAuth}}
+    authentications.put("{{name}}", new OAuth());
+    {{/isOAuth}}
+    {{/authMethods}}
     // Prevent the authentications from being modified.
     authentications = Collections.unmodifiableMap(authentications);
 
@@ -701,6 +718,38 @@ public class ApiClient {
     return entity;
   }
 
+  /**
+   * Serialize the given Java object into string according the given
+   * Content-Type (only JSON, HTTP form is supported for now).
+   * @param obj Object
+   * @param formParams Form parameters
+   * @param contentType Context type
+   * @return String
+   * @throws ApiException API exception
+   */
+  public String serializeToString(Object obj, Map<String, Object> formParams, String contentType) throws ApiException {
+    try {
+      if (contentType.startsWith("multipart/form-data")) {
+        throw new ApiException("multipart/form-data not yet supported for serializeToString (http signature authentication)");
+      } else if (contentType.startsWith("application/x-www-form-urlencoded")) {
+        String formString = "";
+        for (Entry<String, Object> param : formParams.entrySet()) {
+          formString = param.getKey() + "=" + URLEncoder.encode(parameterToString(param.getValue()), "UTF-8") + "&";
+        }
+
+        if (formString.length() == 0) { // empty string
+          return formString;
+        } else {
+          return formString.substring(0, formString.length() - 1);
+        }
+      } else {
+        return json.getMapper().writeValueAsString(obj);
+      }
+    } catch (Exception ex) {
+      throw new ApiException("Failed to perform serializeToString: " + ex.toString());
+    }
+  }
+
   public AbstractOpenApiSchema deserializeSchemas(Response response, AbstractOpenApiSchema schema) throws ApiException{
 
     Object result = null;
@@ -862,7 +911,6 @@ public class ApiClient {
    * @throws ApiException API exception
    */
   public <T> ApiResponse<T> invokeAPI(String operation, String path, String method, List<Pair> queryParams, Object body, Map<String, String> headerParams, Map<String, String> cookieParams, Map<String, Object> formParams, String accept, String contentType, String[] authNames, GenericType<T> returnType, AbstractOpenApiSchema schema) throws ApiException {
-    updateParamsForAuth(authNames, queryParams, headerParams, cookieParams);
 
     // Not using `.target(targetURL).path(path)` below,
     // to support (constant) query string in `path`, e.g. "/posts?draft=1"
@@ -935,6 +983,14 @@ public class ApiClient {
 
     Entity<?> entity = serialize(body, formParams, contentType);
 
+    // put all headers in one place
+    Map<String, String> allHeaderParams = new HashMap<>();
+    allHeaderParams.putAll(defaultHeaderMap);
+    allHeaderParams.putAll(headerParams);
+   
+    // update different parameters (e.g. headers) for authentication
+    updateParamsForAuth(authNames, queryParams, allHeaderParams, cookieParams, serializeToString(body, formParams, contentType), method, target.getUri());
+
     Response response = null;
 
     try {
@@ -1061,12 +1117,17 @@ public class ApiClient {
    * @param queryParams List of query parameters
    * @param headerParams Map of header parameters
    * @param cookieParams Map of cookie parameters
+   * @param method HTTP method (e.g. POST)
+   * @param uri HTTP URI
    */
-  protected void updateParamsForAuth(String[] authNames, List<Pair> queryParams, Map<String, String> headerParams, Map<String, String> cookieParams) {
+  protected void updateParamsForAuth(String[] authNames, List<Pair> queryParams, Map<String, String> headerParams,
+                                     Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException {
     for (String authName : authNames) {
       Authentication auth = authentications.get(authName);
-      if (auth == null) throw new RuntimeException("Authentication undefined: " + authName);
-      auth.applyToParams(queryParams, headerParams, cookieParams);
+      if (auth == null) {
+        throw new RuntimeException("Authentication undefined: " + authName);
+      }
+      auth.applyToParams(queryParams, headerParams, cookieParams, payload, method, uri);
     }
   }
 }

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/JSON.mustache

@@ -62,4 +62,6 @@ public class JSON implements ContextResolver<ObjectMapper> {
   public ObjectMapper getContext(Class<?> type) {
     return mapper;
   }
+
+  public ObjectMapper getMapper() { return mapper; }
 }

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/auth/ApiKeyAuth.mustache

@@ -0,0 +1,68 @@
+{{>licenseInfo}}
+
+package {{invokerPackage}}.auth;
+
+import {{invokerPackage}}.Pair;
+import {{invokerPackage}}.ApiException;
+
+import java.net.URI;
+import java.util.Map;
+import java.util.List;
+
+{{>generatedAnnotation}}
+public class ApiKeyAuth implements Authentication {
+  private final String location;
+  private final String paramName;
+
+  private String apiKey;
+  private String apiKeyPrefix;
+
+  public ApiKeyAuth(String location, String paramName) {
+    this.location = location;
+    this.paramName = paramName;
+  }
+
+  public String getLocation() {
+    return location;
+  }
+
+  public String getParamName() {
+    return paramName;
+  }
+
+  public String getApiKey() {
+    return apiKey;
+  }
+
+  public void setApiKey(String apiKey) {
+    this.apiKey = apiKey;
+  }
+
+  public String getApiKeyPrefix() {
+    return apiKeyPrefix;
+  }
+
+  public void setApiKeyPrefix(String apiKeyPrefix) {
+    this.apiKeyPrefix = apiKeyPrefix;
+  }
+
+  @Override
+  public void applyToParams(List<Pair> queryParams, Map<String, String> headerParams, Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException {
+    if (apiKey == null) {
+      return;
+    }
+    String value;
+    if (apiKeyPrefix != null) {
+      value = apiKeyPrefix + " " + apiKey;
+    } else {
+      value = apiKey;
+    }
+    if ("query".equals(location)) {
+      queryParams.add(new Pair(paramName, value));
+    } else if ("header".equals(location)) {
+      headerParams.put(paramName, value);
+    } else if ("cookie".equals(location)) {
+      cookieParams.put(paramName, value);
+    }
+  }
+}

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/auth/Authentication.mustache

@@ -0,0 +1,22 @@
+{{>licenseInfo}}
+
+package {{invokerPackage}}.auth;
+
+import {{invokerPackage}}.Pair;
+import {{invokerPackage}}.ApiException;
+
+import java.net.URI;
+import java.util.Map;
+import java.util.List;
+
+public interface Authentication {
+    /**
+     * Apply authentication settings to header and query params.
+     *
+     * @param queryParams List of query parameters
+     * @param headerParams Map of header parameters
+     * @param cookieParams Map of cookie parameters
+     */
+    void applyToParams(List<Pair> queryParams, Map<String, String> headerParams, Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException;
+
+}

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/auth/HttpBasicAuth.mustache

@@ -0,0 +1,62 @@
+{{>licenseInfo}}
+
+package {{invokerPackage}}.auth;
+
+import {{invokerPackage}}.Pair;
+import {{invokerPackage}}.ApiException;
+
+{{^java8}}
+import com.migcomponents.migbase64.Base64;
+{{/java8}}
+{{#java8}}
+import java.util.Base64;
+import java.nio.charset.StandardCharsets;
+{{/java8}}
+
+import java.net.URI;
+import java.util.Map;
+import java.util.List;
+
+{{^java8}}
+import java.io.UnsupportedEncodingException;
+{{/java8}}
+
+{{>generatedAnnotation}}
+public class HttpBasicAuth implements Authentication {
+  private String username;
+  private String password;
+
+  public String getUsername() {
+    return username;
+  }
+
+  public void setUsername(String username) {
+    this.username = username;
+  }
+
+  public String getPassword() {
+    return password;
+  }
+
+  public void setPassword(String password) {
+    this.password = password;
+  }
+
+  @Override
+  public void applyToParams(List<Pair> queryParams, Map<String, String> headerParams, Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException {
+    if (username == null && password == null) {
+      return;
+    }
+    String str = (username == null ? "" : username) + ":" + (password == null ? "" : password);
+{{^java8}}
+    try {
+      headerParams.put("Authorization", "Basic " + Base64.encodeToString(str.getBytes("UTF-8"), false));
+    } catch (UnsupportedEncodingException e) {
+      throw new RuntimeException(e);
+    }
+{{/java8}}
+{{#java8}}
+    headerParams.put("Authorization", "Basic " + Base64.getEncoder().encodeToString(str.getBytes(StandardCharsets.UTF_8)));
+{{/java8}}
+  }
+}

modules/openapi-generator/src/main/resources/Java/libraries/jersey2-experimental/auth/HttpBearerAuth.mustache

@@ -0,0 +1,51 @@
+{{>licenseInfo}}
+
+package {{invokerPackage}}.auth;
+
+import {{invokerPackage}}.Pair;
+import {{invokerPackage}}.ApiException;
+
+import java.net.URI;
+import java.util.Map;
+import java.util.List;
+
+{{>generatedAnnotation}}
+public class HttpBearerAuth implements Authentication {
+  private final String scheme;
+  private String bearerToken;
+
+  public HttpBearerAuth(String scheme) {
+    this.scheme = scheme;
+  }
+
+  /**
+   * Gets the token, which together with the scheme, will be sent as the value of the Authorization header.
+   *
+   * @return The bearer token
+   */
+  public String getBearerToken() {
+    return bearerToken;
+  }
+
+  /**
+   * Sets the token, which together with the scheme, will be sent as the value of the Authorization header.
+   *
+   * @param bearerToken The bearer token to send in the Authorization header
+   */
+  public void setBearerToken(String bearerToken) {
+    this.bearerToken = bearerToken;
+  }
+
+  @Override
+  public void applyToParams(List<Pair> queryParams, Map<String, String> headerParams, Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException {
+    if(bearerToken == null) {
+      return;
+    }
+
+    headerParams.put("Authorization", (scheme != null ? upperCaseBearer(scheme) + " " : "") + bearerToken);
+  }
+
+  private static String upperCaseBearer(String scheme) {
+    return ("bearer".equalsIgnoreCase(scheme)) ? "Bearer" : scheme;
+  }
+}