#70 support for Bearer HTTP authorization

Author: allmightyspiff

src/main/java/com/softlayer/api/ApiClient.java

@@ -1,5 +1,7 @@
 package com.softlayer.api;
 
+import com.softlayer.api.http.HttpCredentials;
+
 /** Common interface for all API clients. {@link RestApiClient} is the preferred implementation */
 public interface ApiClient {
 
@@ -9,7 +11,28 @@ public interface ApiClient {
      * @return This instance
      */
     ApiClient withCredentials(String username, String apiKey);
-    
+
+    /**
+     * Uses a HTTP Bearer token for authentication instead of API key.
+     *
+     * @return This instance
+     */
+    ApiClient withBearerToken(String token);
+
+    /**
+    * Enables logging for client API calls
+    *
+    * @return This instance
+    */
+    ApiClient withLoggingEnabled();
+
+    /**
+    * Returns the HTTP Authorization header
+    *
+    * @return This instance
+    */
+    HttpCredentials getCredentials();
+
     /**
      * Get a service for the given sets of classes and optional ID. It is not recommended to call this
      * directly, but rather invoke the service method on the type class.

src/main/java/com/softlayer/api/RestApiClient.java

@@ -18,7 +18,9 @@
 
 import com.softlayer.api.annotation.ApiMethod;
 import com.softlayer.api.annotation.ApiService;
+import com.softlayer.api.http.HttpCredentials;
 import com.softlayer.api.http.HttpBasicAuthCredentials;
+import com.softlayer.api.http.HttpBearerCredentials;
 import com.softlayer.api.http.HttpClient;
 import com.softlayer.api.http.HttpClientFactory;
 import com.softlayer.api.http.HttpResponse;
@@ -64,7 +66,7 @@ public class RestApiClient implements ApiClient {
     private HttpClientFactory httpClientFactory;
     private JsonMarshallerFactory jsonMarshallerFactory;
     private boolean loggingEnabled = false;
-    private HttpBasicAuthCredentials credentials;
+    private HttpCredentials credentials;
 
     /**
      * Create a Rest client that uses the publically available API.
@@ -114,6 +116,7 @@ public void setLoggingEnabled(boolean loggingEnabled) {
         this.loggingEnabled = loggingEnabled;
     }
 
+    @Override
     public RestApiClient withLoggingEnabled() {
         this.loggingEnabled = true;
         return this;
@@ -141,7 +144,14 @@ public RestApiClient withCredentials(String username, String apiKey) {
         return this;
     }
 
-    public HttpBasicAuthCredentials getCredentials() {
+    @Override
+    public RestApiClient withBearerToken(String token) {
+        credentials = new HttpBearerCredentials(token);
+        return this;
+    }
+
+    @Override
+    public HttpCredentials getCredentials() {
         return credentials;
     }
 

src/main/java/com/softlayer/api/http/BuiltInHttpClientFactory.java

@@ -89,7 +89,7 @@ public void setThreadPool(ExecutorService threadPool) {
 
     class BuiltInHttpClient implements HttpClient, HttpResponse {
 
-        final HttpBasicAuthCredentials credentials;
+        final HttpCredentials credentials;
         final String method;
         final String fullUrl;
         final Map<String, List<String>> headers;
@@ -101,11 +101,7 @@ public BuiltInHttpClient(
             String fullUrl,
             Map<String, List<String>> headers
         ) {
-            // We only support basic auth
-            if (credentials != null && !(credentials instanceof HttpBasicAuthCredentials)) {
-                throw new UnsupportedOperationException("Only basic auth is supported, not " + credentials.getClass());
-            }
-            this.credentials = (HttpBasicAuthCredentials) credentials;
+            this.credentials = credentials;
             this.method = method;
             this.fullUrl = fullUrl;
             this.headers = headers;

src/main/java/com/softlayer/api/http/HttpBearerCredentials.java

@@ -0,0 +1,20 @@
+package com.softlayer.api.http;
+
+/** HTTP bearer authorization support for bearer token fromhttps://iam.cloud.ibm.com/identity/token */
+public class HttpBearerCredentials implements HttpCredentials {
+
+    public final String token;
+    
+    public HttpBearerCredentials(String token) {
+        this.token = token;
+    }
+
+    /**
+     * Formats the token into a HTTP Authorization header.
+     *
+     * @return String
+     */
+    public String getHeader() {
+        return "Bearer " + token;
+    }
+}

src/main/java/com/softlayer/api/http/HttpCredentials.java

@@ -2,4 +2,5 @@
 
 /** Base interface for all accepted HTTP credentials */
 public interface HttpCredentials {
+    public String getHeader();
 }

src/test/java/com/softlayer/api/http/BuiltInHttpClientFactoryTest.java

@@ -15,21 +15,6 @@
 
 public class BuiltInHttpClientFactoryTest {
 
-    @Test
-    public void testGetHttpClientWithoutBasicAuth() {
-        try {
-            new BuiltInHttpClientFactory().getHttpClient(
-                new HttpCredentials() { },
-                "GET",
-                "http://example.com",
-                Collections.emptyMap()
-            );
-            fail();
-        } catch (UnsupportedOperationException e) {
-            assertTrue(e.getMessage().contains("basic auth"));
-        }
-    }
-    
     @Test
     public void testGetThreadPoolDefaultsToDaemonThreads() throws Exception {
         boolean daemon = new BuiltInHttpClientFactory().getThreadPool().submit(

src/test/java/com/softlayer/api/http/HttpBearerCredentialsTest.java

@@ -0,0 +1,22 @@
+package com.softlayer.api.http;
+
+import static org.junit.Assert.*;
+
+import org.junit.Test;
+
+public class HttpBearerCredentialsTest {
+
+    public final String bearerToken = "qqqqwwwweeerrttyyuuiiooppasddfgfgjghjkjklZXxcvcvbvbnnbm";
+    @Test
+    public void testConstructor() {
+        HttpBearerCredentials authCredentials = new HttpBearerCredentials(bearerToken);
+        assertEquals(bearerToken, authCredentials.token);
+    }
+
+    @Test
+    public void testGetHeader() {
+        HttpBearerCredentials authCredentials = new HttpBearerCredentials(bearerToken);
+        String header = "Bearer " + bearerToken;
+        assertEquals(header, authCredentials.getHeader());
+    }
+}