diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AbstractAuthRequestBuilder.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AbstractAuthRequestBuilder.java similarity index 91% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AbstractAuthRequestBuilder.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AbstractAuthRequestBuilder.java index 64031402e..b145d9906 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AbstractAuthRequestBuilder.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AbstractAuthRequestBuilder.java @@ -13,16 +13,16 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.api.types.OAuth2AuthenticationDataClient.ClientAuthentication.CLIENT_SECRET_POST; import static io.serverlessworkflow.impl.WorkflowUtils.isValid; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUDIENCES; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUTHENTICATION; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.CLIENT; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.ENCODING; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.REQUEST; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.SCOPES; +import static io.serverlessworkflow.impl.auth.AuthUtils.AUDIENCES; +import static io.serverlessworkflow.impl.auth.AuthUtils.AUTHENTICATION; +import static io.serverlessworkflow.impl.auth.AuthUtils.CLIENT; +import static io.serverlessworkflow.impl.auth.AuthUtils.ENCODING; +import static io.serverlessworkflow.impl.auth.AuthUtils.REQUEST; +import static io.serverlessworkflow.impl.auth.AuthUtils.SCOPES; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import io.serverlessworkflow.api.types.OAuth2AuthenticationDataClient; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/DigestAuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProvider.java similarity index 52% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/DigestAuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProvider.java index 27a961b9b..6ff1a4b81 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/DigestAuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProvider.java @@ -13,27 +13,12 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; -import io.serverlessworkflow.api.types.DigestAuthenticationPolicy; -import io.serverlessworkflow.api.types.Workflow; import io.serverlessworkflow.impl.TaskContext; -import io.serverlessworkflow.impl.WorkflowApplication; import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; -import jakarta.ws.rs.client.Invocation.Builder; -public class DigestAuthProvider implements AuthProvider { - - public DigestAuthProvider( - WorkflowApplication app, Workflow workflow, DigestAuthenticationPolicy authPolicy) { - throw new UnsupportedOperationException("Digest auth not supported yet"); - } - - @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - // TODO Auto-generated method stub - return builder; - } +public interface AccessTokenProvider { + JWT validateAndGet(WorkflowContext workflow, TaskContext context, WorkflowModel model); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProviderFactory.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProviderFactory.java new file mode 100644 index 000000000..4aed1fa2c --- /dev/null +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AccessTokenProviderFactory.java @@ -0,0 +1,24 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl.auth; + +import java.util.List; + +public interface AccessTokenProviderFactory { + + AccessTokenProvider build( + HttpRequestInfo requestInfo, List issuers, JWTConverter converter); +} diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProvider.java similarity index 76% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProvider.java index 46a0a2d7a..638d04280 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProvider.java @@ -13,14 +13,15 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.impl.TaskContext; import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; -import jakarta.ws.rs.client.Invocation; -interface AuthProvider { - Invocation.Builder build( - Invocation.Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model); +public interface AuthProvider { + + String authScheme(); + + String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model); } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProviderFactory.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProviderFactory.java similarity index 87% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProviderFactory.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProviderFactory.java index b63891f97..fb28f43bb 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProviderFactory.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProviderFactory.java @@ -13,20 +13,26 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.api.types.AuthenticationPolicyUnion; +import io.serverlessworkflow.api.types.EndpointConfiguration; import io.serverlessworkflow.api.types.ReferenceableAuthenticationPolicy; import io.serverlessworkflow.api.types.Workflow; import io.serverlessworkflow.impl.WorkflowApplication; import io.serverlessworkflow.impl.WorkflowDefinition; import java.util.Optional; -class AuthProviderFactory { +public class AuthProviderFactory { private AuthProviderFactory() {} - static final String AUTH_HEADER_NAME = "Authorization"; + public static Optional getAuth( + WorkflowDefinition definition, EndpointConfiguration configuration) { + return configuration == null + ? Optional.empty() + : getAuth(definition, configuration.getAuthentication()); + } public static Optional getAuth( WorkflowDefinition definition, ReferenceableAuthenticationPolicy auth) { @@ -64,9 +70,8 @@ private static Optional buildFromPolicy( new BearerAuthProvider( app, workflow, authenticationPolicy.getBearerAuthenticationPolicy())); } else if (authenticationPolicy.getDigestAuthenticationPolicy() != null) { - return Optional.of( - new DigestAuthProvider( - app, workflow, authenticationPolicy.getDigestAuthenticationPolicy())); + // TODO implement digest authentication + return Optional.empty(); } else if (authenticationPolicy.getOAuth2AuthenticationPolicy() != null) { return Optional.of( new OAuth2AuthProvider( diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AuthRequestBuilder.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthRequestBuilder.java similarity index 92% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AuthRequestBuilder.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthRequestBuilder.java index 833c5ef9e..03940ba21 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AuthRequestBuilder.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthRequestBuilder.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import java.util.Map; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/SecretKeys.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthUtils.java similarity index 79% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/SecretKeys.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthUtils.java index 8f34268ba..7dc388827 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/SecretKeys.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthUtils.java @@ -13,12 +13,13 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; -public class SecretKeys { +public class AuthUtils { - private SecretKeys() {} + private AuthUtils() {} + public static final String AUTH_HEADER_NAME = "Authorization"; public static final String GRANT = "grant"; public static final String USER = "username"; public static final String CLIENT = "client"; @@ -34,4 +35,10 @@ private SecretKeys() {} public static final String REQUEST = "request"; public static final String ENCODING = "encoding"; public static final String AUTHENTICATION = "authentication"; + + private static final String AUTH_HEADER_FORMAT = "%s %s"; + + public static String authHeaderValue(String scheme, String parameter) { + return String.format(AUTH_HEADER_FORMAT, scheme, parameter); + } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/BasicAuthProvider.java similarity index 87% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/BasicAuthProvider.java index f390d4b2e..b866b181b 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/BasicAuthProvider.java @@ -13,12 +13,12 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.impl.WorkflowUtils.checkSecret; import static io.serverlessworkflow.impl.WorkflowUtils.secretProp; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.PASSWORD; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.USER; +import static io.serverlessworkflow.impl.auth.AuthUtils.PASSWORD; +import static io.serverlessworkflow.impl.auth.AuthUtils.USER; import io.serverlessworkflow.api.types.BasicAuthenticationPolicy; import io.serverlessworkflow.api.types.Workflow; @@ -30,7 +30,7 @@ import io.serverlessworkflow.impl.WorkflowValueResolver; import java.util.Base64; -class BasicAuthProvider extends AbstractAuthProvider { +class BasicAuthProvider implements AuthProvider { private static final String USER_PASSWORD = "%s:%s"; @@ -57,7 +57,7 @@ public BasicAuthProvider( } @Override - protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { return new String( Base64.getEncoder() .encode( @@ -69,7 +69,7 @@ protected String authParameter(WorkflowContext workflow, TaskContext task, Workf } @Override - protected String authScheme() { + public String authScheme() { return "Basic"; } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/BearerAuthProvider.java similarity index 87% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/BearerAuthProvider.java index e1a6bb200..c77cf63df 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/BearerAuthProvider.java @@ -13,11 +13,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.impl.WorkflowUtils.checkSecret; import static io.serverlessworkflow.impl.WorkflowUtils.secretProp; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.TOKEN; +import static io.serverlessworkflow.impl.auth.AuthUtils.TOKEN; import io.serverlessworkflow.api.types.BearerAuthenticationPolicy; import io.serverlessworkflow.api.types.BearerAuthenticationPolicyConfiguration; @@ -29,7 +29,7 @@ import io.serverlessworkflow.impl.WorkflowUtils; import io.serverlessworkflow.impl.WorkflowValueResolver; -class BearerAuthProvider extends AbstractAuthProvider { +class BearerAuthProvider implements AuthProvider { private WorkflowValueResolver tokenFilter; @@ -48,12 +48,12 @@ public BearerAuthProvider( } @Override - protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { return tokenFilter.apply(workflow, task, model); } @Override - protected String authScheme() { + public String authScheme() { return "Bearer"; } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretBasic.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretBasic.java similarity index 84% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretBasic.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretBasic.java index 542272242..9d8aca036 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretBasic.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretBasic.java @@ -13,14 +13,14 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.CLIENT; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.GRANT; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.ID; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.PASSWORD; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.SECRET; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.USER; +import static io.serverlessworkflow.impl.auth.AuthUtils.CLIENT; +import static io.serverlessworkflow.impl.auth.AuthUtils.GRANT; +import static io.serverlessworkflow.impl.auth.AuthUtils.ID; +import static io.serverlessworkflow.impl.auth.AuthUtils.PASSWORD; +import static io.serverlessworkflow.impl.auth.AuthUtils.SECRET; +import static io.serverlessworkflow.impl.auth.AuthUtils.USER; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import io.serverlessworkflow.impl.WorkflowApplication; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretHandler.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretHandler.java similarity index 97% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretHandler.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretHandler.java index 4f8ae73a6..b4be0f885 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretHandler.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretHandler.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.api.types.OAuth2AuthenticationData.OAuth2AuthenticationDataGrant.CLIENT_CREDENTIALS; import static io.serverlessworkflow.api.types.OAuth2AuthenticationData.OAuth2AuthenticationDataGrant.PASSWORD; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretPost.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretPost.java similarity index 83% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretPost.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretPost.java index f0d3cbffd..6440f869f 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/ClientSecretPost.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/ClientSecretPost.java @@ -13,14 +13,14 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.CLIENT; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.GRANT; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.ID; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.PASSWORD; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.SECRET; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.USER; +import static io.serverlessworkflow.impl.auth.AuthUtils.CLIENT; +import static io.serverlessworkflow.impl.auth.AuthUtils.GRANT; +import static io.serverlessworkflow.impl.auth.AuthUtils.ID; +import static io.serverlessworkflow.impl.auth.AuthUtils.PASSWORD; +import static io.serverlessworkflow.impl.auth.AuthUtils.SECRET; +import static io.serverlessworkflow.impl.auth.AuthUtils.USER; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import io.serverlessworkflow.impl.WorkflowApplication; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/CommonOAuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/CommonOAuthProvider.java similarity index 53% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/CommonOAuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/CommonOAuthProvider.java index 6280c5f6b..bb97c8df9 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/CommonOAuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/CommonOAuthProvider.java @@ -13,9 +13,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.impl.WorkflowUtils.checkSecret; +import static io.serverlessworkflow.impl.WorkflowUtils.secret; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import io.serverlessworkflow.api.types.SecretBasedAuthenticationPolicy; @@ -24,26 +25,35 @@ import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; import io.serverlessworkflow.impl.WorkflowValueResolver; -import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.AccessTokenProvider; -import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.AccessTokenProviderFactory; -import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.AuthRequestBuilder; +import java.util.Arrays; import java.util.Map; +import java.util.ServiceLoader; -abstract class CommonOAuthProvider extends AbstractAuthProvider { +abstract class CommonOAuthProvider implements AuthProvider { private final WorkflowValueResolver tokenProvider; + private static JWTConverter jwtConverter = + ServiceLoader.load(JWTConverter.class) + .findFirst() + .orElseThrow(() -> new IllegalStateException("No JWTConverter implementation found")); + + private static AccessTokenProviderFactory accessTokenProviderFactory = + ServiceLoader.load(AccessTokenProviderFactory.class) + .findFirst() + .orElseThrow(() -> new IllegalStateException("No JWTConverter implementation found")); + protected CommonOAuthProvider(WorkflowValueResolver tokenProvider) { this.tokenProvider = tokenProvider; } @Override - protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { return tokenProvider.apply(workflow, task, model).validateAndGet(workflow, task, model).token(); } @Override - protected String authScheme() { + public String authScheme() { return "Bearer"; } @@ -58,10 +68,30 @@ protected static WorkflowValueResolver accessToken( SecretBasedAuthenticationPolicy secret, AuthRequestBuilder builder) { if (authenticationData != null) { - return AccessTokenProviderFactory.build(authenticationData, builder); + return build(authenticationData, builder); } else if (secret != null) { - return AccessTokenProviderFactory.build(checkSecret(workflow, secret), builder); + return build(checkSecret(workflow, secret), builder); } throw new IllegalStateException("Both policy and secret are null"); } + + private static WorkflowValueResolver build( + OAuth2AuthenticationData authenticationData, AuthRequestBuilder authBuilder) { + AccessTokenProvider tokenProvider = + accessTokenProviderFactory.build( + authBuilder.apply(authenticationData), authenticationData.getIssuers(), jwtConverter); + return (w, t, m) -> tokenProvider; + } + + private static WorkflowValueResolver build( + String secretName, AuthRequestBuilder authBuilder) { + return (w, t, m) -> { + Map secret = secret(w, secretName); + String issuers = (String) secret.get("issuers"); + return accessTokenProviderFactory.build( + authBuilder.apply(secret), + issuers != null ? Arrays.asList(issuers.split(",")) : null, + jwtConverter); + }; + } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfo.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfo.java similarity index 90% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfo.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfo.java index b2ef5c3fa..c7a754079 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfo.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfo.java @@ -13,13 +13,13 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.impl.WorkflowValueResolver; import java.net.URI; import java.util.Map; -record HttpRequestInfo( +public record HttpRequestInfo( Map> headers, Map> queryParams, WorkflowValueResolver uri, diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfoBuilder.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfoBuilder.java similarity index 97% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfoBuilder.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfoBuilder.java index a9d9f0bdb..c948ad3a1 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/HttpRequestInfoBuilder.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/HttpRequestInfoBuilder.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.api.types.OAuth2TokenRequest.Oauth2TokenRequestEncoding.APPLICATION_X_WWW_FORM_URLENCODED; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWT.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWT.java similarity index 94% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWT.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWT.java index b16664f36..78c679bff 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWT.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWT.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.jwt; +package io.serverlessworkflow.impl.auth; import java.time.Instant; import java.util.List; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWTConverter.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWTConverter.java similarity index 93% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWTConverter.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWTConverter.java index c0a6cf276..85338e5fc 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/jwt/JWTConverter.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/JWTConverter.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.jwt; +package io.serverlessworkflow.impl.auth; public interface JWTConverter { diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuth2AuthProvider.java similarity index 89% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuth2AuthProvider.java index b3de11de1..9831051df 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuth2AuthProvider.java @@ -13,12 +13,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.api.types.OAuth2AuthenticationPolicy; import io.serverlessworkflow.api.types.Workflow; import io.serverlessworkflow.impl.WorkflowApplication; -import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.OAuthRequestBuilder; class OAuth2AuthProvider extends CommonOAuthProvider { diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OAuthRequestBuilder.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuthRequestBuilder.java similarity index 93% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OAuthRequestBuilder.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuthRequestBuilder.java index df93b95d9..a4766e335 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OAuthRequestBuilder.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OAuthRequestBuilder.java @@ -13,10 +13,10 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; import static io.serverlessworkflow.impl.WorkflowUtils.concatURI; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUTHORITY; +import static io.serverlessworkflow.impl.auth.AuthUtils.AUTHORITY; import io.serverlessworkflow.api.types.OAuth2AuthenticationPropertiesEndpoints; import io.serverlessworkflow.api.types.OAuth2ConnectAuthenticationProperties; @@ -26,7 +26,7 @@ import java.net.URI; import java.util.Map; -public class OAuthRequestBuilder +class OAuthRequestBuilder extends AbstractAuthRequestBuilder { private static String DEFAULT_TOKEN_PATH = "oauth2/token"; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdAuthProvider.java similarity index 90% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdAuthProvider.java index 649708ad1..dc7db0548 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdAuthProvider.java @@ -13,12 +13,11 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http; +package io.serverlessworkflow.impl.auth; import io.serverlessworkflow.api.types.OpenIdConnectAuthenticationPolicy; import io.serverlessworkflow.api.types.Workflow; import io.serverlessworkflow.impl.WorkflowApplication; -import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.OpenIdRequestBuilder; class OpenIdAuthProvider extends CommonOAuthProvider { diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OpenIdRequestBuilder.java b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdRequestBuilder.java similarity index 86% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OpenIdRequestBuilder.java rename to impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdRequestBuilder.java index 6059228ab..4194df1c8 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/OpenIdRequestBuilder.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/auth/OpenIdRequestBuilder.java @@ -13,9 +13,9 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.auth; -import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUTHORITY; +import static io.serverlessworkflow.impl.auth.AuthUtils.AUTHORITY; import io.serverlessworkflow.api.types.OAuth2AuthenticationData; import io.serverlessworkflow.impl.WorkflowApplication; @@ -25,7 +25,7 @@ import java.util.List; import java.util.Map; -public class OpenIdRequestBuilder extends AbstractAuthRequestBuilder { +class OpenIdRequestBuilder extends AbstractAuthRequestBuilder { public OpenIdRequestBuilder(WorkflowApplication application) { super(application); diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/DefaultResourceLoader.java b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/DefaultResourceLoader.java index cdadf8fb5..c69373aa4 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/DefaultResourceLoader.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/DefaultResourceLoader.java @@ -37,8 +37,9 @@ protected DefaultResourceLoader(WorkflowApplication application, Path workflowPa } @Override - public T loadURI(URI uri, Function function) { - ExternalResourceHandler resourceHandler = buildFromURI(uri); + public T loadURI( + URI uri, Function function, Optional auth) { + ExternalResourceHandler resourceHandler = buildFromURI(uri, auth); return (T) resourceCache .compute( @@ -61,13 +62,13 @@ private ExternalResourceHandler fileResource(String pathStr) { } } - private ExternalResourceHandler buildFromURI(URI uri) { + private ExternalResourceHandler buildFromURI(URI uri, Optional auth) { String scheme = uri.getScheme(); if (scheme == null || scheme.equalsIgnoreCase("file")) { return fileResource(uri.getPath()); } else if (scheme.equalsIgnoreCase("http") || scheme.equalsIgnoreCase("https")) { try { - return new HttpResource(uri.toURL()); + return new HttpResource(uri.toURL(), auth); } catch (MalformedURLException e) { throw new IllegalArgumentException(e); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/HttpResource.java b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/HttpResource.java index c312b58b1..e7a2d160a 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/HttpResource.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/HttpResource.java @@ -15,26 +15,33 @@ */ package io.serverlessworkflow.impl.resources; +import io.serverlessworkflow.impl.auth.AuthUtils; import java.io.IOException; import java.io.InputStream; import java.io.UncheckedIOException; import java.net.HttpURLConnection; import java.net.URL; +import java.net.URLConnection; import java.time.Instant; import java.util.Objects; +import java.util.Optional; public class HttpResource implements ExternalResourceHandler { - private URL url; + private final URL url; + private final Optional auth; - public HttpResource(URL url) { + public HttpResource(URL url, Optional auth) { this.url = GitHubHelper.handleURL(url); + this.auth = auth; } @Override public InputStream open() { try { - return url.openStream(); + URLConnection connection = url.openConnection(); + auth.ifPresent(s -> connection.setRequestProperty(AuthUtils.AUTH_HEADER_NAME, s)); + return connection.getInputStream(); } catch (IOException e) { throw new UncheckedIOException(e); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/ResourceLoader.java b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/ResourceLoader.java index 86eb66784..e3854e127 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/resources/ResourceLoader.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/resources/ResourceLoader.java @@ -26,8 +26,11 @@ import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; import io.serverlessworkflow.impl.WorkflowValueResolver; +import io.serverlessworkflow.impl.auth.AuthProviderFactory; +import io.serverlessworkflow.impl.auth.AuthUtils; import io.serverlessworkflow.impl.expressions.ExpressionDescriptor; import java.net.URI; +import java.util.Optional; import java.util.function.Function; public abstract class ResourceLoader implements AutoCloseable { @@ -102,10 +105,22 @@ public T load( workflowContext, taskContext, model == null ? application.modelFactory().fromNull() : model), - function); + function, + AuthProviderFactory.getAuth( + workflowContext.definition(), endPoint.getEndpointConfiguration()) + .map( + auth -> + AuthUtils.authHeaderValue( + auth.authScheme(), + auth.authParameter(workflowContext, taskContext, model)))); } - public abstract T loadURI(URI uri, Function function); + public T loadURI(URI uri, Function function) { + return loadURI(uri, function, Optional.empty()); + } + + protected abstract T loadURI( + URI uri, Function function, Optional auth); private class ExpressionURISupplier implements WorkflowValueResolver { private WorkflowValueResolver expr; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java deleted file mode 100644 index ab5eb7ac3..000000000 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright 2020-Present The Serverless Workflow Specification Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package io.serverlessworkflow.impl.executors.http; - -import io.serverlessworkflow.impl.TaskContext; -import io.serverlessworkflow.impl.WorkflowContext; -import io.serverlessworkflow.impl.WorkflowModel; -import jakarta.ws.rs.client.Invocation.Builder; - -abstract class AbstractAuthProvider implements AuthProvider { - - private static final String AUTH_HEADER_FORMAT = "%s %s"; - - @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - String scheme = authScheme(); - String parameter = authParameter(workflow, task, model); - task.authorization(scheme, parameter); - builder.header( - AuthProviderFactory.AUTH_HEADER_NAME, String.format(AUTH_HEADER_FORMAT, scheme, parameter)); - return builder; - } - - protected abstract String authScheme(); - - protected abstract String authParameter( - WorkflowContext workflow, TaskContext task, WorkflowModel model); -} diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java index 184ff1832..825a61f72 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java @@ -19,6 +19,8 @@ import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; import io.serverlessworkflow.impl.WorkflowValueResolver; +import io.serverlessworkflow.impl.auth.AuthProvider; +import io.serverlessworkflow.impl.auth.AuthUtils; import io.serverlessworkflow.impl.executors.CallableTask; import jakarta.ws.rs.client.Invocation.Builder; import jakarta.ws.rs.client.WebTarget; @@ -76,9 +78,22 @@ public CompletableFuture apply( h -> h.apply(workflow, taskContext, input).forEach((k, v) -> request.header(k, v))); return CompletableFuture.supplyAsync( () -> { - authProvider.ifPresent(auth -> auth.build(request, workflow, taskContext, input)); + authProvider.ifPresent( + auth -> addAuthHeader(auth, request, workflow, taskContext, input)); return requestFunction.apply(request, workflow, taskContext, input); }, workflow.definition().application().executorService()); } + + private void addAuthHeader( + AuthProvider auth, + Builder request, + WorkflowContext workflow, + TaskContext task, + WorkflowModel model) { + String scheme = auth.authScheme(); + String parameter = auth.authParameter(workflow, task, model); + task.authorization(scheme, parameter); + request.header(AuthUtils.AUTH_HEADER_NAME, AuthUtils.authHeaderValue(scheme, parameter)); + } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutorBuilder.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutorBuilder.java index ecebf13ed..05b5898a2 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutorBuilder.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutorBuilder.java @@ -19,6 +19,8 @@ import io.serverlessworkflow.impl.WorkflowDefinition; import io.serverlessworkflow.impl.WorkflowUtils; import io.serverlessworkflow.impl.WorkflowValueResolver; +import io.serverlessworkflow.impl.auth.AuthProvider; +import io.serverlessworkflow.impl.auth.AuthProviderFactory; import jakarta.ws.rs.HttpMethod; import jakarta.ws.rs.client.Invocation; import jakarta.ws.rs.client.WebTarget; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProvider.java similarity index 92% rename from impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProvider.java rename to impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProvider.java index 7989f3a68..9e9a652e3 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProvider.java @@ -13,7 +13,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; +package io.serverlessworkflow.impl.executors.http.auth; import static io.serverlessworkflow.api.types.OAuth2TokenRequest.Oauth2TokenRequestEncoding.APPLICATION_X_WWW_FORM_URLENCODED; @@ -22,9 +22,11 @@ import io.serverlessworkflow.impl.WorkflowError; import io.serverlessworkflow.impl.WorkflowException; import io.serverlessworkflow.impl.WorkflowModel; +import io.serverlessworkflow.impl.auth.AccessTokenProvider; +import io.serverlessworkflow.impl.auth.HttpRequestInfo; +import io.serverlessworkflow.impl.auth.JWT; +import io.serverlessworkflow.impl.auth.JWTConverter; import io.serverlessworkflow.impl.executors.http.HttpClientResolver; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter; import jakarta.ws.rs.ProcessingException; import jakarta.ws.rs.client.Client; import jakarta.ws.rs.client.Entity; @@ -39,13 +41,14 @@ import java.util.List; import java.util.Map; -public class AccessTokenProvider { +class JaxRSAccessTokenProvider implements AccessTokenProvider { private final List issuers; private final HttpRequestInfo requestInfo; private final JWTConverter jwtConverter; - AccessTokenProvider(HttpRequestInfo requestInfo, List issuers, JWTConverter converter) { + JaxRSAccessTokenProvider( + HttpRequestInfo requestInfo, List issuers, JWTConverter converter) { this.requestInfo = requestInfo; this.issuers = issuers; this.jwtConverter = converter; diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProviderFactory.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProviderFactory.java new file mode 100644 index 000000000..22e31f9b7 --- /dev/null +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/JaxRSAccessTokenProviderFactory.java @@ -0,0 +1,31 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl.executors.http.auth; + +import io.serverlessworkflow.impl.auth.AccessTokenProvider; +import io.serverlessworkflow.impl.auth.AccessTokenProviderFactory; +import io.serverlessworkflow.impl.auth.HttpRequestInfo; +import io.serverlessworkflow.impl.auth.JWTConverter; +import java.util.List; + +public class JaxRSAccessTokenProviderFactory implements AccessTokenProviderFactory { + + @Override + public AccessTokenProvider build( + HttpRequestInfo requestInfo, List issuers, JWTConverter converter) { + return new JaxRSAccessTokenProvider(requestInfo, issuers, converter); + } +} diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProviderFactory.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProviderFactory.java deleted file mode 100644 index 73d1defe9..000000000 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProviderFactory.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright 2020-Present The Serverless Workflow Specification Authors - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package io.serverlessworkflow.impl.executors.http.auth.requestbuilder; - -import static io.serverlessworkflow.impl.WorkflowUtils.secret; - -import io.serverlessworkflow.api.types.OAuth2AuthenticationData; -import io.serverlessworkflow.impl.WorkflowValueResolver; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter; -import java.util.Arrays; -import java.util.Map; -import java.util.ServiceLoader; - -public class AccessTokenProviderFactory { - - private AccessTokenProviderFactory() {} - - private static JWTConverter jwtConverter = - ServiceLoader.load(JWTConverter.class) - .findFirst() - .orElseThrow(() -> new IllegalStateException("No JWTConverter implementation found")); - - public static WorkflowValueResolver build( - OAuth2AuthenticationData authenticationData, AuthRequestBuilder authBuilder) { - AccessTokenProvider tokenProvider = - new AccessTokenProvider( - authBuilder.apply(authenticationData), authenticationData.getIssuers(), jwtConverter); - return (w, t, m) -> tokenProvider; - } - - public static WorkflowValueResolver build( - String secretName, AuthRequestBuilder authBuilder) { - return (w, t, m) -> { - Map secret = secret(w, secretName); - String issuers = (String) secret.get("issuers"); - return new AccessTokenProvider( - authBuilder.apply(secret), - issuers != null ? Arrays.asList(issuers.split(",")) : null, - jwtConverter); - }; - } -} diff --git a/impl/http/src/main/resources/META-INF/services/io.serverlessworkflow.impl.auth.AccessTokenProviderFactory b/impl/http/src/main/resources/META-INF/services/io.serverlessworkflow.impl.auth.AccessTokenProviderFactory new file mode 100644 index 000000000..a11e9357e --- /dev/null +++ b/impl/http/src/main/resources/META-INF/services/io.serverlessworkflow.impl.auth.AccessTokenProviderFactory @@ -0,0 +1 @@ +io.serverlessworkflow.impl.executors.http.auth.JaxRSAccessTokenProviderFactory \ No newline at end of file diff --git a/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTConverter.java b/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTConverter.java index c8aa5dde5..f1e608f2f 100644 --- a/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTConverter.java +++ b/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTConverter.java @@ -16,8 +16,8 @@ package io.serverlessworkflow.impl.executors.http.oauth.jackson; import com.fasterxml.jackson.core.type.TypeReference; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter; +import io.serverlessworkflow.impl.auth.JWT; +import io.serverlessworkflow.impl.auth.JWTConverter; import io.serverlessworkflow.impl.jackson.JsonUtils; import java.io.IOException; import java.nio.charset.StandardCharsets; diff --git a/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTImpl.java b/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTImpl.java index 33b772bda..88fb7f762 100644 --- a/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTImpl.java +++ b/impl/jwt-impl/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/jackson/JacksonJWTImpl.java @@ -15,7 +15,7 @@ */ package io.serverlessworkflow.impl.executors.http.oauth.jackson; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; +import io.serverlessworkflow.impl.auth.JWT; import java.time.Instant; import java.util.Arrays; import java.util.Collection; diff --git a/impl/jwt-impl/src/main/resources/META-INF/services/io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter b/impl/jwt-impl/src/main/resources/META-INF/services/io.serverlessworkflow.impl.auth.JWTConverter similarity index 100% rename from impl/jwt-impl/src/main/resources/META-INF/services/io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter rename to impl/jwt-impl/src/main/resources/META-INF/services/io.serverlessworkflow.impl.auth.JWTConverter diff --git a/impl/jwt-impl/src/test/java/io/serverlessworkflow/impl/http/jwt/JacksonJWTImplTest.java b/impl/jwt-impl/src/test/java/io/serverlessworkflow/impl/http/jwt/JacksonJWTImplTest.java index 6d485cdaa..bbd870d6f 100644 --- a/impl/jwt-impl/src/test/java/io/serverlessworkflow/impl/http/jwt/JacksonJWTImplTest.java +++ b/impl/jwt-impl/src/test/java/io/serverlessworkflow/impl/http/jwt/JacksonJWTImplTest.java @@ -19,7 +19,7 @@ import static org.junit.jupiter.api.Assertions.assertThrows; import static org.junit.jupiter.api.Assertions.assertTrue; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; +import io.serverlessworkflow.impl.auth.JWT; import io.serverlessworkflow.impl.executors.http.oauth.jackson.JacksonJWTConverter; import java.time.Instant; import java.util.List;