Merge pull request #141 from auth0/allow-to-update-token

Allow to update the Management API token

Author: lbalmaceda

README.md

@@ -264,10 +264,13 @@ TokenHolder holder = authRequest.execute();
 ManagementAPI mgmt = new ManagementAPI("{YOUR_DOMAIN}", holder.getAccessToken());
 ```
 
-(Note that the simplified should have error handling, and ideally cache the obtained token until it expires instead of requesting one access token for each Management API v2 invocation).
+(Note that the snippet above should have error handling, and ideally cache the obtained token until it expires instead of requesting one access token for each Management API v2 invocation). 
+
+An expired token for an existing `ManagementAPI` instance can be replaced by calling the `setApiToken` method with the new token.
 
 Click [here](https://auth0.com/docs/api/management/v2/tokens) for more information on how to obtain API Tokens.
 
+
 The Management API is divided into different entities. Each of them have the list, create, update, delete and update methods plus a few more if corresponds. The calls are authenticated using the API Token given in the `ManagementAPI` instance creation and must contain the `scope` required by each entity. See the javadoc for details on which `scope` is expected for each call.
 
 * **Blacklists:** See [Docs](https://auth0.com/docs/api/management/v2#!/Blacklists/get_tokens). Access the methods by calling `mgmt.blacklists()`.

src/main/java/com/auth0/client/mgmt/ManagementAPI.java

@@ -15,16 +15,17 @@
 public class ManagementAPI {
 
     private final HttpUrl baseUrl;
-    private final String apiToken;
+    private String apiToken;
     private final OkHttpClient client;
     private final TelemetryInterceptor telemetry;
     private final HttpLoggingInterceptor logging;
 
     /**
      * Create an instance with the given tenant's domain and API token.
+     * See the Management API section in the readme or visit https://auth0.com/docs/api/management/v2/tokens to learn how to obtain a token.
      *
      * @param domain   the tenant's domain.
-     * @param apiToken the token to authenticate the calls with. See the "Getting an API token" section to learn how to obtain a token.
+     * @param apiToken the token to authenticate the calls with.
      */
     public ManagementAPI(String domain, String apiToken) {
         Asserts.assertNotNull(domain, "domain");
@@ -45,6 +46,18 @@ public ManagementAPI(String domain, String apiToken) {
                 .build();
     }
 
+    /**
+     * Update the API token to use on new calls. This is useful when the token is about to expire or already has.
+     * Please note you'll need to obtain the corresponding entity again for this to apply. e.g. call {@link #clients()} again.
+     * See the Management API section in the readme or visit https://auth0.com/docs/api/management/v2/tokens to learn how to obtain a token.
+     *
+     * @param apiToken the token to authenticate the calls with.
+     */
+    public void setApiToken(String apiToken) {
+        Asserts.assertNotNull(apiToken, "api token");
+        this.apiToken = apiToken;
+    }
+
     /**
      * Avoid sending Telemetry data in every request to the Auth0 servers.
      */

src/main/java/com/auth0/client/mgmt/ResourceServerEntity.java

@@ -17,15 +17,10 @@
 /**
  * Class that provides an implementation of the Resource Server methods of the Management API as defined in https://auth0.com/docs/api/management/v2#!/Resource_Servers
  */
-public class ResourceServerEntity {
-    private OkHttpClient client;
-    private HttpUrl baseUrl;
-    private String apiToken;
+public class ResourceServerEntity extends BaseManagementEntity {
 
     ResourceServerEntity(OkHttpClient client, HttpUrl baseUrl, String apiToken) {
-        this.client = client;
-        this.baseUrl = baseUrl;
-        this.apiToken = apiToken;
+        super(client, baseUrl, apiToken);
     }
 
     /**

src/test/java/com/auth0/client/mgmt/ManagementAPITest.java

@@ -75,6 +75,62 @@ public void shouldThrowWhenApiTokenIsNull() throws Exception {
         new ManagementAPI(DOMAIN, null);
     }
 
+    @Test
+    public void shouldThrowOnUpdateWhenApiTokenIsNull() throws Exception {
+        ManagementAPI api = new ManagementAPI(DOMAIN, API_TOKEN);
+
+        exception.expect(IllegalArgumentException.class);
+        exception.expectMessage("'api token' cannot be null!");
+        api.setApiToken(null);
+    }
+
+    @Test
+    public void shouldUpdateApiToken() throws Exception {
+        //Initialize with a token
+        ManagementAPI api = new ManagementAPI(DOMAIN, "first token");
+
+        assertThat(api.blacklists().apiToken, is("first token"));
+        assertThat(api.clientGrants().apiToken, is("first token"));
+        assertThat(api.clients().apiToken, is("first token"));
+        assertThat(api.connections().apiToken, is("first token"));
+        assertThat(api.deviceCredentials().apiToken, is("first token"));
+        assertThat(api.emailProvider().apiToken, is("first token"));
+        assertThat(api.emailTemplates().apiToken, is("first token"));
+        assertThat(api.grants().apiToken, is("first token"));
+        assertThat(api.guardian().apiToken, is("first token"));
+        assertThat(api.jobs().apiToken, is("first token"));
+        assertThat(api.logEvents().apiToken, is("first token"));
+        assertThat(api.resourceServers().apiToken, is("first token"));
+        assertThat(api.rules().apiToken, is("first token"));
+        assertThat(api.stats().apiToken, is("first token"));
+        assertThat(api.tenants().apiToken, is("first token"));
+        assertThat(api.tickets().apiToken, is("first token"));
+        assertThat(api.userBlocks().apiToken, is("first token"));
+        assertThat(api.users().apiToken, is("first token"));
+
+        //Update the token
+        api.setApiToken("new token");
+
+        assertThat(api.blacklists().apiToken, is("new token"));
+        assertThat(api.clientGrants().apiToken, is("new token"));
+        assertThat(api.clients().apiToken, is("new token"));
+        assertThat(api.connections().apiToken, is("new token"));
+        assertThat(api.deviceCredentials().apiToken, is("new token"));
+        assertThat(api.emailProvider().apiToken, is("new token"));
+        assertThat(api.emailTemplates().apiToken, is("new token"));
+        assertThat(api.grants().apiToken, is("new token"));
+        assertThat(api.guardian().apiToken, is("new token"));
+        assertThat(api.jobs().apiToken, is("new token"));
+        assertThat(api.logEvents().apiToken, is("new token"));
+        assertThat(api.resourceServers().apiToken, is("new token"));
+        assertThat(api.rules().apiToken, is("new token"));
+        assertThat(api.stats().apiToken, is("new token"));
+        assertThat(api.tenants().apiToken, is("new token"));
+        assertThat(api.tickets().apiToken, is("new token"));
+        assertThat(api.userBlocks().apiToken, is("new token"));
+        assertThat(api.users().apiToken, is("new token"));
+    }
+
     @Test
     public void shouldAddAndEnableTelemetryInterceptor() throws Exception {
         ManagementAPI api = new ManagementAPI(DOMAIN, API_TOKEN);