emeraldpay
diff --git a/‎emerald-api/build.gradle‎
Lines changed: 1 addition & 0 deletions b/‎emerald-api/build.gradle‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎emerald-api/src/main/java/io/emeraldpay/api/EmeraldConnection.java‎
Lines changed: 66 additions & 1 deletion b/‎emerald-api/src/main/java/io/emeraldpay/api/EmeraldConnection.java‎
Lines changed: 66 additions & 1 deletion
diff --git a/‎emerald-api/src/main/java/io/emeraldpay/api/blockchain/BlockchainApi.java‎
Lines changed: 5 additions & 1 deletion b/‎emerald-api/src/main/java/io/emeraldpay/api/blockchain/BlockchainApi.java‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthHolder.java‎
Lines changed: 97 additions & 0 deletions b/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthHolder.java‎
Lines changed: 97 additions & 0 deletions
diff --git a/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthInterceptor.java‎
Lines changed: 30 additions & 0 deletions b/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthInterceptor.java‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthenticatedClientCall.java‎
Lines changed: 53 additions & 0 deletions b/‎emerald-api/src/main/java/io/emeraldpay/impl/AuthenticatedClientCall.java‎
Lines changed: 53 additions & 0 deletions
@@ -47,6 +47,7 @@ dependencies {
     implementation 'io.emeraldpay.etherjar:etherjar-domain:0.11.0'
 
     testImplementation "org.codehaus.groovy:groovy:${groovyVersion}"
+    testImplementation 'net.bytebuddy:byte-buddy:1.14.17'
     testImplementation "org.spockframework:spock-core:${spockVersion}"
     testImplementation "io.grpc:grpc-testing:${grpcVersion}"
     testImplementation "com.salesforce.servicelibs:reactor-grpc-test:${reactiveGrpcVersion}"
 
@@ -1,10 +1,16 @@
 package io.emeraldpay.api;
 
+import io.emeraldpay.api.proto.AuthGrpc;
+import io.emeraldpay.impl.AuthHolder;
+import io.emeraldpay.impl.AuthInterceptor;
+import io.emeraldpay.impl.TokenCredentials;
 import io.grpc.Channel;
+import io.grpc.ClientInterceptor;
 import io.grpc.ManagedChannelBuilder;
 import io.grpc.netty.NettyChannelBuilder;
 
 import java.net.InetAddress;
+import java.net.URI;
 import java.util.function.Function;
 
 /**
@@ -13,9 +19,16 @@
 public class EmeraldConnection {
 
     private final Channel channel;
+    private final ClientInterceptor credentials;
 
     public EmeraldConnection(Channel channel) {
         this.channel = channel;
+        this.credentials = null;
+    }
+
+    public EmeraldConnection(Channel channel, ClientInterceptor credentials) {
+        this.channel = channel;
+        this.credentials = credentials;
     }
 
     /**
@@ -38,6 +51,22 @@ public Channel getChannel() {
         return channel;
     }
 
+    /**
+     * Credentials used to authenticate on Emerald API calls
+     * @return credentials
+     */
+    public ClientInterceptor getCredentials() {
+        return credentials;
+    }
+
+    /**
+     * Check if the connection has credentials
+     * @return true if credentials are set
+     */
+    public boolean hasCredentials() {
+        return credentials != null;
+    }
+
     public static class Builder {
         private String host;
         private Integer port;
@@ -51,6 +80,8 @@ public static class Builder {
 
         private Function<NettyChannelBuilder, ManagedChannelBuilder<?>> customChannel = null;
 
+        private String secretToken;
+
         /**
          * Set target address as a host and port pair
          *
@@ -80,6 +111,18 @@ public Builder connectTo(String host) {
             return this;
         }
 
+        public Builder connectTo(URI url) {
+            boolean isSecure = "https".equals(url.getScheme());
+            if (isSecure) {
+                this.usePlaintext = false;
+            }
+            int port = url.getPort();
+            if (port == -1) {
+                port = isSecure ? 443 : 80;
+            }
+            return this.connectTo(url.getHost(), port);
+        }
+
         public Builder connectTo(InetAddress host, int port) {
             this.port = port;
             return this.connectTo(host);
@@ -111,6 +154,17 @@ public Builder maxMessageSize(Integer value) {
             return this;
         }
 
+        /**
+         * Authenticate on Emerald API using the provided secret token
+         *
+         * @param secret a token like `emrld_y40SYbbZclSZPX4r6nL9hNKUGaknAwqyv2qslI`
+         * @return builder
+         */
+        public Builder withAuthToken(String secret) {
+            this.secretToken = secret;
+            return this;
+        }
+
         /**
          * Customize Channel Builder by applying any custom options not covered by this Builder
          *
@@ -162,7 +216,18 @@ public EmeraldConnection build() {
                 channelBuilder.defaultLoadBalancingPolicy("round_robin");
             }
 
-            return new EmeraldConnection(channelBuilder.build());
+            Channel channel = channelBuilder.build();
+
+            AuthInterceptor authInterceptor = null;
+            if (secretToken != null) {
+                if (usePlaintext) {
+                    System.err.println("WARNING: Authentication with a secret token over an unsecure plaintext connection.");
+                }
+                AuthHolder holder = new AuthHolder(new TokenCredentials(secretToken, AuthGrpc.newBlockingStub(channel)));
+                authInterceptor = new AuthInterceptor(holder);
+            }
+
+            return new EmeraldConnection(channel, authInterceptor);
         }
 
 
 
@@ -10,7 +10,11 @@ public class BlockchainApi {
 
     public BlockchainApi(EmeraldConnection connection) {
         this.connection = connection;
-        this.blockchainStub = ReactorBlockchainGrpc.newReactorStub(connection.getChannel());
+        ReactorBlockchainGrpc.ReactorBlockchainStub stub = ReactorBlockchainGrpc.newReactorStub(connection.getChannel());
+        if (connection.hasCredentials()) {
+            stub = stub.withInterceptors(connection.getCredentials());
+        }
+        this.blockchainStub = stub;
     }
 
     /**
 
@@ -0,0 +1,97 @@
+package io.emeraldpay.impl;
+
+import java.time.Instant;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+import java.util.function.Consumer;
+
+/**
+ * Holds the authentication handler
+ */
+public class AuthHolder {
+
+    private final ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
+    private final List<Consumer<MetadataHandler>> authQueue = new ArrayList<>();
+
+    private MetadataHandler auth;
+    private Instant requestedAt;
+
+    /**
+     * Create an instance of the handler.
+     *
+     * @param auth current auth, can be null
+     */
+    public AuthHolder(MetadataHandler auth) {
+        this.auth = auth;
+    }
+
+    /**
+     * Wait for the authentication to be set and ready.
+     * If it's already set and ready, the listener will be called immediately.
+     *
+     * @param listener a listener to be called when the authentication is ready
+     */
+    public void awaitAuth(Consumer<MetadataHandler> listener) {
+        lock.writeLock().lock();
+        try {
+            if (auth != null && auth.isReady()) {
+                listener.accept(auth);
+            } else {
+                authQueue.add(listener);
+            }
+        } finally {
+            lock.writeLock().unlock();
+        }
+    }
+
+    /**
+     * Get current auth handler, if it's set and ready. If it's set but is not ready, it will automatically request a refresh.
+     * If returns `null` subscribe for a callback with `awaitAuth`
+     *
+     * @return current auth handler, or null if it's not ready
+     * @see #awaitAuth(Consumer)
+     */
+    public MetadataHandler getAuth() {
+        lock.readLock().lock();
+        try {
+            MetadataHandler auth = this.auth;
+            if (auth != null && auth.isReady()) {
+                return auth;
+            }
+        } finally {
+            lock.readLock().unlock();
+        }
+        lock.writeLock().lock();
+        try {
+            // simultaneous calls may trigger multiple refreshes, so check if it's already requested
+            if (auth == null || requestedAt == null || requestedAt.isBefore(Instant.now().minusSeconds(60))) {
+                requestedAt = Instant.now();
+                auth.request(this);
+            }
+        } finally {
+            lock.writeLock().unlock();
+        }
+        return null;
+    }
+
+    /**
+     * Set the authentication handler and fire all listeners
+     *
+     * @param auth new auth handler
+     */
+    public void setAuth(MetadataHandler auth) {
+        lock.writeLock().lock();
+        try {
+            this.auth = auth;
+            if (auth.isReady()) {
+                for (Consumer<MetadataHandler> listener : authQueue) {
+                    listener.accept(auth);
+                }
+                authQueue.clear();
+            }
+        } finally {
+            lock.writeLock().unlock();
+        }
+    }
+}
@@ -0,0 +1,30 @@
+package io.emeraldpay.impl;
+
+import io.grpc.*;
+
+public class AuthInterceptor implements ClientInterceptor {
+
+    private final AuthHolder authHolder;
+
+    public AuthInterceptor(AuthHolder authHolder) {
+        this.authHolder = authHolder;
+    }
+
+    @Override
+    public <ReqT, RespT> ClientCall<ReqT, RespT> interceptCall(MethodDescriptor<ReqT, RespT> method, CallOptions callOptions, Channel next) {
+        MetadataHandler auth = authHolder.getAuth();
+        if (auth != null) {
+            // if auth is ready, just use it as is
+            return new AuthenticatedClientCall<>(next.newCall(method, callOptions), auth);
+        } else {
+            // has to wait for auth to be ready
+            DeferredClientCall<ReqT, RespT> deferred = new DeferredClientCall<>();
+            authHolder.awaitAuth(metadataConsumer -> {
+                AuthenticatedClientCall<ReqT, RespT> authenticated = new AuthenticatedClientCall<>(next.newCall(method, callOptions), metadataConsumer);
+                deferred.accept(authenticated);
+            });
+            return deferred;
+        }
+    }
+
+}
@@ -0,0 +1,53 @@
+package io.emeraldpay.impl;
+
+import io.grpc.ClientCall;
+import io.grpc.Metadata;
+
+import java.util.function.Consumer;
+
+/**
+ * A wrapper around a ClientCall that adds authentication headers from provided MetadataHandler.
+ * Used by an interceptor when the client is already authenticated. Otherwise, see `DeferredClientCall`
+ *
+ * @see DeferredClientCall
+ */
+public class AuthenticatedClientCall<ReqT, RespT> extends ClientCall<ReqT, RespT> {
+
+    private final ClientCall<ReqT, RespT> delegate;
+    private MetadataHandler auth;
+
+    public AuthenticatedClientCall(ClientCall<ReqT, RespT> delegate, MetadataHandler auth) {
+        this.delegate = delegate;
+        this.auth = auth;
+    }
+
+    public void setAuth(MetadataHandler auth) {
+        this.auth = auth;
+    }
+
+    @Override
+    public void start(Listener<RespT> responseListener, Metadata headers) {
+        auth.accept(headers);
+        delegate.start(responseListener, headers);
+    }
+
+    @Override
+    public void request(int numMessages) {
+        delegate.request(numMessages);
+    }
+
+    @Override
+    public void cancel(String message, Throwable cause) {
+        delegate.cancel(message, cause);
+    }
+
+    @Override
+    public void halfClose() {
+        delegate.halfClose();
+    }
+
+    @Override
+    public void sendMessage(ReqT message) {
+        delegate.sendMessage(message);
+    }
+}