CWMS-2055 - Updates to allow for a token provider with a discovered token url that the client implements

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/CwbiAuthTokenProvider.java

@@ -1,7 +1,7 @@
 /*
  * MIT License
  *
- * Copyright (c) 2024 Hydrologic Engineering Center
+ * Copyright (c) 2025 Hydrologic Engineering Center
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -23,18 +23,17 @@
  */
 package hec.army.usace.hec.cwbi.auth.http.client;
 
-import java.io.IOException;
+import hec.army.usace.hec.cwbi.auth.http.client.trustmanagers.CwbiAuthTrustManager;
 import java.util.Objects;
 import javax.net.ssl.SSLSocketFactory;
-import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
-import mil.army.usace.hec.cwms.http.client.auth.OAuth2TokenProvider;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
+import mil.army.usace.hec.cwms.http.client.SslSocketData;
 
-public final class CwbiAuthTokenProvider implements OAuth2TokenProvider {
+public final class CwbiAuthTokenProvider extends CwbiAuthTokenProviderBase {
 
-    private OAuth2Token oauth2Token;
-    private final String url;
-    private final String clientId;
     private final SSLSocketFactory sslSocketFactory;
+    private final String url;
 
     /**
      * Provider for OAuth2Tokens.
@@ -44,52 +43,16 @@ public final class CwbiAuthTokenProvider implements OAuth2TokenProvider {
      * @param sslSocketFactory - ssl socket factory
      */
     public CwbiAuthTokenProvider(String tokenUrl, String clientId, SSLSocketFactory sslSocketFactory) {
+        super(clientId);
+        this.sslSocketFactory = Objects.requireNonNull(sslSocketFactory, "Missing required sslSocketFactory");
         this.url = Objects.requireNonNull(tokenUrl, "Missing required tokenUrl");
-        this.clientId = Objects.requireNonNull(clientId, "Missing required clientId");
-        this.sslSocketFactory =Objects.requireNonNull(sslSocketFactory, "Missing required KeyManager");
-    }
-
-    @Override
-    public synchronized void clear() {
-        oauth2Token = null;
-    }
-
-    @Override
-    public synchronized OAuth2Token getToken() throws IOException {
-        if (oauth2Token == null) {
-            oauth2Token = newToken();
-        }
-        return oauth2Token;
-    }
-
-    @Override
-    public OAuth2Token newToken() throws IOException {
-        return new DirectGrantX509TokenRequestBuilder()
-            .withSSlSocketFactory(sslSocketFactory)
-            .withUrl(url)
-            .withClientId(clientId)
-            .fetchToken();
     }
 
     @Override
-    public synchronized OAuth2Token refreshToken() throws IOException {
-        OAuth2Token token = new RefreshTokenRequestBuilder()
-            .withSSlSocketFactory(sslSocketFactory)
-            .withRefreshToken(oauth2Token.getRefreshToken())
-            .withUrl(url)
-            .withClientId(clientId)
-            .fetchToken();
-        oauth2Token = token;
-        return token;
+    ApiConnectionInfo getUrl() {
+        return new ApiConnectionInfoBuilder(url)
+                .withSslSocketData(new SslSocketData(sslSocketFactory, CwbiAuthTrustManager.getTrustManager()))
+                .build();
     }
 
-    //package scoped for testing
-    String getUrl() {
-        return url;
-    }
-
-    //package scoped for testing
-    String getClientId() {
-        return clientId;
-    }
 }

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/CwbiAuthTokenProviderBase.java

@@ -0,0 +1,78 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2025 Hydrologic Engineering Center
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package hec.army.usace.hec.cwbi.auth.http.client;
+
+import java.io.IOException;
+import java.util.Objects;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
+import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
+import mil.army.usace.hec.cwms.http.client.auth.OAuth2TokenProvider;
+
+abstract class CwbiAuthTokenProviderBase implements OAuth2TokenProvider {
+    protected OAuth2Token oauth2Token;
+    protected final String clientId;
+
+    protected CwbiAuthTokenProviderBase(String clientId) {
+        this.clientId = Objects.requireNonNull(clientId, "Missing required clientId");
+    }
+
+    abstract ApiConnectionInfo getUrl();
+
+    @Override
+    public synchronized void clear() {
+        oauth2Token = null;
+    }
+
+    @Override
+    public synchronized OAuth2Token getToken() throws IOException {
+        if (oauth2Token == null) {
+            oauth2Token = newToken();
+        }
+        return oauth2Token;
+    }
+
+    @Override
+    public OAuth2Token newToken() throws IOException {
+        return new DirectGrantX509TokenRequestBuilder()
+                .withUrl(getUrl())
+                .withClientId(clientId)
+                .fetchToken();
+    }
+
+    @Override
+    public synchronized OAuth2Token refreshToken() throws IOException {
+        OAuth2Token token = new RefreshTokenRequestBuilder()
+                .withRefreshToken(oauth2Token.getRefreshToken())
+                .withUrl(getUrl())
+                .withClientId(clientId)
+                .fetchToken();
+        oauth2Token = token;
+        return token;
+    }
+
+    //package scoped for testing
+    String getClientId() {
+        return clientId;
+    }
+}

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/DirectGrantX509TokenRequestBuilder.java

@@ -23,54 +23,36 @@
  */
 package hec.army.usace.hec.cwbi.auth.http.client;
 
-import hec.army.usace.hec.cwbi.auth.http.client.trustmanagers.CwbiAuthTrustManager;
-import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
 import mil.army.usace.hec.cwms.http.client.HttpRequestBuilderImpl;
 import mil.army.usace.hec.cwms.http.client.HttpRequestResponse;
-import mil.army.usace.hec.cwms.http.client.SslSocketData;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
 import mil.army.usace.hec.cwms.http.client.request.HttpRequestExecutor;
 
-import javax.net.ssl.SSLSocketFactory;
 import java.io.IOException;
-import java.util.Objects;
 
-public final class DirectGrantX509TokenRequestBuilder implements DirectGrantX509TokenRequestFluentBuilder {
-
-    private SslSocketData sslSocketData;
+public final class DirectGrantX509TokenRequestBuilder extends TokenRequestBuilder {
 
     @Override
-    public TokenRequestFluentBuilder withSSlSocketFactory(SSLSocketFactory sslSocketFactory) {
-        this.sslSocketData = new SslSocketData(Objects.requireNonNull(sslSocketFactory, "Missing required SSLSocketFactory"),
-            CwbiAuthTrustManager.getTrustManager());
-        return new TokenRequestBuilderImpl();
-    }
-
-    private class TokenRequestBuilderImpl extends TokenRequestBuilder {
-
-        @Override
-        OAuth2Token retrieveToken() throws IOException {
-            OAuth2Token retVal = null;
-            String formBody = new UrlEncodedFormData()
+    OAuth2Token retrieveToken() throws IOException {
+        OAuth2Token retVal = null;
+        String formBody = new UrlEncodedFormData()
                 .addPassword("")
                 .addGrantType("password")
                 .addScopes("openid", "profile")
                 .addClientId(getClientId())
                 .addUsername("")
                 .buildEncodedString();
-            HttpRequestExecutor executor =
-                new HttpRequestBuilderImpl(new ApiConnectionInfoBuilder(getUrl())
-                    .withSslSocketData(sslSocketData).build())
-                    .post()
-                    .withBody(formBody)
-                    .withMediaType(MEDIA_TYPE);
-            try (HttpRequestResponse response = executor.execute()) {
-                String body = response.getBody();
-                if (body != null) {
-                    retVal = OAuth2ObjectMapper.mapJsonToObject(body, OAuth2Token.class);
-                }
+        HttpRequestExecutor executor =
+                new HttpRequestBuilderImpl(getUrl())
+                        .post()
+                        .withBody(formBody)
+                        .withMediaType(MEDIA_TYPE);
+        try (HttpRequestResponse response = executor.execute()) {
+            String body = response.getBody();
+            if (body != null) {
+                retVal = OAuth2ObjectMapper.mapJsonToObject(body, OAuth2Token.class);
             }
-            return retVal;
         }
+        return retVal;
     }
 }

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/DiscoveredCwbiAuthTokenProvider.java

@@ -0,0 +1,49 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2025 Hydrologic Engineering Center
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package hec.army.usace.hec.cwbi.auth.http.client;
+
+import java.util.Objects;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
+
+public final class DiscoveredCwbiAuthTokenProvider extends CwbiAuthTokenProviderBase
+{
+    private final TokenUrlDiscoveryService tokenUrlDiscoveryService;
+    private ApiConnectionInfo url;
+
+    public DiscoveredCwbiAuthTokenProvider(String clientId, TokenUrlDiscoveryService tokenUrlDiscoveryService)
+    {
+        super(clientId);
+        this.tokenUrlDiscoveryService = Objects.requireNonNull(tokenUrlDiscoveryService, "Missing required tokenUrlDiscoveryService");
+    }
+
+    @Override
+    synchronized ApiConnectionInfo getUrl()
+    {
+        if(url == null)
+        {
+            url = tokenUrlDiscoveryService.discoverTokenUrl();
+        }
+        return url;
+    }
+}

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/RefreshTokenRequestBuilder.java

@@ -1,12 +1,8 @@
 package hec.army.usace.hec.cwbi.auth.http.client;
 
-import hec.army.usace.hec.cwbi.auth.http.client.trustmanagers.CwbiAuthTrustManager;
-import java.util.Optional;
-import javax.net.ssl.SSLSocketFactory;
-import mil.army.usace.hec.cwms.http.client.ApiConnectionInfoBuilder;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.HttpRequestBuilderImpl;
 import mil.army.usace.hec.cwms.http.client.HttpRequestResponse;
-import mil.army.usace.hec.cwms.http.client.SslSocketData;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
 import mil.army.usace.hec.cwms.http.client.request.HttpRequestExecutor;
 
@@ -16,7 +12,6 @@
 public final class RefreshTokenRequestBuilder implements RefreshTokenRequestFluentBuilder {
 
     private String refreshToken;
-    private SSLSocketFactory sslSocketFactory;
 
     /**
      * Retrieved token via a refresh token.
@@ -29,32 +24,13 @@ public TokenRequestFluentBuilder withRefreshToken(String refreshToken) {
         return new RefreshTokenRequestExecutor();
     }
 
-    /**
-     * Set the SSLSocketFactory for the refresh request should it be needed.
-     * @param sslSocketFactory - SSLSocketFactory to use
-     * @return Builder for http request
-     */
-    @Override
-    public RefreshTokenRequestBuilder withSSlSocketFactory(SSLSocketFactory sslSocketFactory) {
-        this.sslSocketFactory = sslSocketFactory;
-        return this;
-    }
-
-    //package scoped for testing
-    Optional<SSLSocketFactory> getSslSocketFactory() {
-        return Optional.ofNullable(sslSocketFactory);
-    }
-
-    private class RefreshTokenRequestExecutor extends TokenRequestBuilder {
+    class RefreshTokenRequestExecutor extends TokenRequestBuilder {
 
         @Override
         OAuth2Token retrieveToken() throws IOException {
             OAuth2Token retVal = null;
-            SslSocketData sslSocketData = getSslSocketFactory().map(sf -> new SslSocketData(sf, CwbiAuthTrustManager.getTrustManager()))
-                    .orElse(null);
             HttpRequestExecutor executor =
-                new HttpRequestBuilderImpl(new ApiConnectionInfoBuilder(getUrl())
-                        .withSslSocketData(sslSocketData).build())
+                new HttpRequestBuilderImpl(getUrl())
                     .post()
                     .withBody(new UrlEncodedFormData()
                         .addRefreshToken(refreshToken)

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/RefreshTokenRequestFluentBuilder.java

@@ -1,8 +1,5 @@
 package hec.army.usace.hec.cwbi.auth.http.client;
 
-import javax.net.ssl.SSLSocketFactory;
-
 public interface RefreshTokenRequestFluentBuilder {
     TokenRequestFluentBuilder withRefreshToken(String refreshToken);
-    RefreshTokenRequestBuilder withSSlSocketFactory(SSLSocketFactory sslSocketFactory);
 }

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/TokenRequestBuilder.java

@@ -25,17 +25,18 @@
 
 import java.io.IOException;
 import java.util.Objects;
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
 import mil.army.usace.hec.cwms.http.client.auth.OAuth2Token;
 
 abstract class TokenRequestBuilder implements TokenRequestFluentBuilder {
 
     static final String MEDIA_TYPE = "application/x-www-form-urlencoded";
-    private String url;
+    private ApiConnectionInfo url;
     private String clientId;
 
     abstract OAuth2Token retrieveToken() throws IOException;
 
-    String getUrl() {
+    ApiConnectionInfo getUrl() {
         return url;
     }
 
@@ -44,7 +45,7 @@ String getClientId() {
     }
 
     @Override
-    public RequestClientId withUrl(String url) {
+    public RequestClientId withUrl(ApiConnectionInfo url) {
         this.url = Objects.requireNonNull(url, "Missing required URL");
         return new RequestClientIdImpl();
     }

cwbi-auth-http-client/src/main/java/hec/army/usace/hec/cwbi/auth/http/client/TokenRequestFluentBuilder.java

@@ -23,7 +23,9 @@
  */
 package hec.army.usace.hec.cwbi.auth.http.client;
 
+import mil.army.usace.hec.cwms.http.client.ApiConnectionInfo;
+
 public interface TokenRequestFluentBuilder {
 
-    RequestClientId withUrl(String url);
+    RequestClientId withUrl(ApiConnectionInfo url);
 }