Allow caller to determine auth callback methods.

Author: MikeNeilson

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/AuthCodePkceTokenRequestBuilder.java

@@ -82,6 +82,7 @@ public void handle(HttpExchange exchange) throws IOException {
 
                     code.set(parameters.get("code").get(0));
                     state.set(parameters.get("state").get(0));
+                    exchange.sendResponseHeaders(201, 0);
                     System.out.println("Got code");
                     server.stop(0);
                     future.complete(null);
@@ -99,11 +100,8 @@ public void handle(HttpExchange exchange) throws IOException {
             String urlStr= String.format("%s?%s", getAuthUrl().getApiRoot(), authParameters.encode());
             // start server to listen
             server.start();
-            if (Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Action.BROWSE)) {
-                Desktop.getDesktop().browse(URI.create(urlStr));
-            } else {
-                System.out.println(String.format("Paste the following into a browser to continue login: %s", urlStr));
-            }
+            this.authCallBack.accept(URI.create(urlStr));
+            
 
             future.join();
             System.out.println("Next steps.");

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/CwbiAuthTokenProviderBase.java

@@ -25,6 +25,7 @@
 
 import java.io.IOException;
 import java.util.Objects;
+
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2TokenProvider;

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/OidcAuthTokenProvider.java

@@ -1,8 +1,10 @@
 package hec.army.usace.hec.cwbi.auth.http.client;
 
 import java.io.IOException;
+import java.net.URI;
 import java.util.Objects;
 import java.util.concurrent.CompletionException;
+import java.util.function.Consumer;
 
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
@@ -23,6 +25,9 @@ public final class OidcAuthTokenProvider implements OAuth2TokenProvider {
     private final ApiConnectionInfo tokenUrl;
     private final ApiConnectionInfo authUrl;
     private OAuth2Token token = null;
+    // Default to open browser or print to console for usage, but allow overriding for testing and
+    // other usages.
+    private Consumer<URI> authCallback = TokenRequestBuilder.BROWSER_OR_CONSOLE_AUTH_CALLBACK;
 
     public OidcAuthTokenProvider(String clientId, String wellKnownUrl) {
         this.clientId = Objects.requireNonNull(clientId, "Missing required client id.");
@@ -55,6 +60,16 @@ public void clear() {
         }
     }
 
+    @Override
+    public Consumer<URI> getAuthCallback() {
+        return authCallback;
+    }
+
+    @Override
+    public void setAuthCallback(Consumer<URI> authCallback) {
+        this.authCallback = authCallback;
+    }
+
     @Override
     public OAuth2Token getToken() throws IOException {
         synchronized(this) {
@@ -89,6 +104,7 @@ public OAuth2Token newToken() throws IOException {
             token = new AuthCodePkceTokenRequestBuilder()
                     .withAuthUrl(authUrl)
                     .withTokenUrl(tokenUrl)
+                    .withAuthCallback(authCallback)
                     .buildRequest()
                     .withClientId(clientId)
                     .fetchToken();

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/TokenRequestBuilder.java

@@ -23,18 +23,35 @@
  */
 package hec.army.usace.hec.cwbi.auth.http.client;
 
+import java.awt.Desktop;
+import java.awt.Desktop.Action;
 import java.io.IOException;
+import java.net.URI;
 import java.util.Objects;
+import java.util.function.Consumer;
+
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
 
 abstract class TokenRequestBuilder<T> implements TokenRequestFluentBuilder<TokenRequestBuilder<T>> {
+    public static final Consumer<URI> BROWSER_OR_CONSOLE_AUTH_CALLBACK = u -> {
+        if (Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Action.BROWSE)) {
+                try {
+                    Desktop.getDesktop().browse(u);
+                } catch (IOException ex) {
+                    throw new RuntimeException("Unable to open browser", ex);
+                }
+            } else {
+                System.out.println(String.format("Paste the following into a browser to continue login: %s", u.toString()));
+            }
+        };
 
     static final String MEDIA_TYPE = "application/x-www-form-urlencoded";
     private ApiConnectionInfo url;
     private ApiConnectionInfo authUrl;
     private ApiConnectionInfo tokenUrl;
     private String clientId;
+    protected Consumer<URI> authCallBack = (u) -> {}; // by default do nothing.
 
     abstract OAuth2Token retrieveToken() throws IOException;
 
@@ -64,6 +81,12 @@ ApiConnectionInfo getTokenUrl() {
         return tokenUrl;
     }
 
+    @Override
+    public TokenRequestBuilder<T> withAuthCallback(Consumer<URI> authCallback) {
+        this.authCallBack = authCallback;
+        return this;
+    }
+
     String getClientId() {
         return clientId;
     }

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/TokenRequestFluentBuilder.java

@@ -23,6 +23,9 @@
  */
 package hec.army.usace.hec.cwbi.auth.http.client;
 
+import java.net.URI;
+import java.util.function.Consumer;
+
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 
 public interface TokenRequestFluentBuilder<T> {
@@ -57,4 +60,12 @@ public interface TokenRequestFluentBuilder<T> {
      * @return
      */
     TokenRequestFluentBuilder<T> withTokenUrl(ApiConnectionInfo url);
+
+    /**
+     * For methods where an external step is required to finish authentication
+     * pass in desired operation
+     * @param authCallback
+     * @return
+     */
+    TokenRequestFluentBuilder<T> withAuthCallback(Consumer<URI> authCallback);
 }

cwbi-auth-http-client/src/test/java/hec/army/usace/hec/cwbi/auth/http/client/TestOidcTokenProvider.java

@@ -30,6 +30,8 @@
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 
+import java.awt.Desktop;
+import java.awt.Desktop.Action;
 import java.io.File;
 import java.io.IOException;
 import java.net.InetAddress;
@@ -39,11 +41,17 @@
 import java.nio.file.Path;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
+import java.util.concurrent.Future;
+import java.util.concurrent.TimeUnit;
+
 import javax.net.ssl.SSLSocketFactory;
 import mil.army.usace.hec.cwms.http.client.MockHttpServer;
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
+import mil.army.usace.hec.cwms.http.client.HttpRequestBuilderImpl;
+import mil.army.usace.hec.cwms.http.client.HttpRequestResponse;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
+import mil.army.usace.hec.cwms.http.client.request.HttpRequestExecutor;
 import mil.army.usace.hec.cwms.http.client.request.QueryParameters;
 import okhttp3.HttpUrl;
 import okhttp3.mockwebserver.Dispatcher;
@@ -107,7 +115,7 @@ protected String getResource(String resource) throws IOException {
     }
 
     @Test
-    void testBuildTokenProvider() throws IOException {
+    void testBuildTokenProvider() throws Exception {
         mockAuthServer.getMockServer().setDispatcher(new Dispatcher() {
 
             @Override
@@ -141,7 +149,24 @@ else if (path.endsWith("/token")) {
 
         String wellKnown = "http://localhost:"+mockAuthServer.getPort()+"/auth/realms/cwbi/.well-known/openid-configuration";
         OidcAuthTokenProvider tokenProvider = new OidcAuthTokenProvider("test", wellKnown);
-        OAuth2Token token = tokenProvider.getToken();
+        tokenProvider.setAuthCallback(u -> {
+            try {
+                HttpRequestExecutor executor =
+                    new HttpRequestBuilderImpl(new ApiConnectionInfoBuilder(u.toString()).build())
+                        .get()
+                        .withMediaType("text/plain");
+                
+                try (HttpRequestResponse response = executor.execute()) {
+                    // redirect should be automatically followed. If changes 
+                    // made that fail this section either enable redirect or handle it.
+                }
+                
+            } catch (IOException ex) {
+                fail("Unable to perform client side of authorization procedure.", ex);
+            }
+            
+        });
+        final OAuth2Token token = tokenProvider.getToken();
         assertNotNull(token);        
     }    
 }

cwms-http-client/src/main/java/mil/army/usace/hec/cwms/http/client/auth/OAuth2TokenProvider.java

@@ -25,6 +25,8 @@
 package mil.army.usace.hec.cwms.http.client.auth;
 
 import java.io.IOException;
+import java.net.URI;
+import java.util.function.Consumer;
 
 /**
  * 
@@ -41,4 +43,16 @@ public interface OAuth2TokenProvider {
 
     OAuth2Token newToken() throws IOException;
 
+    /**
+     * Return auth callback that will be used for this provider.
+     * By default do nothing.
+     * @return
+     */
+    default Consumer<URI> getAuthCallback() {
+        return u -> {}; 
+    }
+
+    default void setAuthCallback(Consumer<URI> authCallback) {
+        /** default do nothing... for now */
+    }
 }