Client Core + Core V2 Auth Changes (Azure#44244)

Author: g2vinay

sdk/clientcore/core/spotbugs-exclude.xml

@@ -19,6 +19,7 @@
       <Class name="io.clientcore.core.http.pipeline.HttpPipelineBuilder" />
       <Class name="io.clientcore.core.http.pipeline.HttpPipelineNextPolicy" />
       <Class name="io.clientcore.core.http.pipeline.HttpRetryPolicy" />
+      <Class name="io.clientcore.core.http.pipeline.OAuthBearerTokenAuthenticationPolicy" />
       <Class name="io.clientcore.core.implementation.GenericParameterizedType" />
       <Class name="io.clientcore.core.implementation.ReflectionUtilsMethodHandle" />
       <Class name="io.clientcore.core.implementation.http.HttpPipelineCallState" />
@@ -46,6 +47,7 @@
       <Class name="io.clientcore.core.utils.SharedExecutorService" />
       <Class name="io.clientcore.core.utils.Union" />
       <Class name="io.clientcore.core.utils.configuration.Configuration" />
+      <Class name="io.clientcore.core.credentials.oauth.OAuthTokenRequestContext" />
     </Or>
   </Match>
   <Match>
@@ -87,6 +89,7 @@
     <Bug pattern="DM_CONVERT_CASE" />
     <Or>
       <Class name="io.clientcore.core.http.models.HttpHeaderName" />
+      <Class name="io.clientcore.core.credentials.oauth.AccessTokenType" />
       <Class name="io.clientcore.core.utils.AuthUtils" />
       <Class name="io.clientcore.core.utils.ServerSentEventUtils" />
     </Or>
@@ -278,6 +281,10 @@
     <Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
     <Class name="io.clientcore.core.serialization.xml.XmlReaderCodesnippetsTests" />
   </Match>
+  <Match>
+    <Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
+    <Class name="io.clientcore.core.credentials.oauth.OAuthTokenRequestContext" />
+  </Match>
   <Match>
     <Bug pattern="SERVLET_QUERY_STRING" />
     <Class name="io.clientcore.core.shared.HttpClientTestsServer" />

sdk/clientcore/core/src/main/java/io/clientcore/core/credentials/oauth/AccessToken.java

@@ -0,0 +1,114 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package io.clientcore.core.credentials.oauth;
+
+import java.time.OffsetDateTime;
+
+/**
+ * <p>
+ * Represents an immutable access token with a token string and an expiration time.
+ * </p>
+ *
+ * <p>
+ * Access Tokens are obtained through the authentication process, where the user or application presents valid
+ * credentials (either a secret or a managed identity) to the authentication source.
+ * The authentication source then verifies the credentials and issues an Access Token, which is a time-limited token
+ * that grants access to the requested resource.
+ * </p>
+ *
+ * <p>
+ * Once an Access Token is obtained, it can be included in the Authorization header of HTTP requests to
+ * authenticate and authorize requests.
+ * </p>
+ *
+ * @see io.clientcore.core.credentials
+ */
+public class AccessToken {
+    private final String token;
+    private final OffsetDateTime expiresAt;
+    private final OffsetDateTime refreshAt;
+    private final AccessTokenType tokenType;
+
+    /**
+     * Creates an access token instance.
+     * Defaults to {@link AccessTokenType#BEARER} for {@code tokenType}.
+     *
+     * @param token the token string.
+     * @param expiresAt the expiration time.
+     */
+    public AccessToken(String token, OffsetDateTime expiresAt) {
+        this(token, expiresAt, null, AccessTokenType.BEARER);
+    }
+
+    /**
+     * Creates an access token instance.
+     * Defaults to {@link AccessTokenType#BEARER} for {@code tokenType}.
+     *
+     * @param token the token string.
+     * @param expiresAt the expiration time.
+     * @param refreshAt the next token refresh time.
+     */
+    public AccessToken(String token, OffsetDateTime expiresAt, OffsetDateTime refreshAt) {
+        this(token, expiresAt, refreshAt, AccessTokenType.BEARER);
+    }
+
+    /**
+     * Creates an access token instance.
+     *
+     * @param token the token string.
+     * @param expiresAt the expiration time.
+     * @param refreshAt the next token refresh time.
+     * @param tokenType the type of token.
+     */
+    public AccessToken(String token, OffsetDateTime expiresAt, OffsetDateTime refreshAt, AccessTokenType tokenType) {
+        this.token = token;
+        this.expiresAt = expiresAt;
+        this.refreshAt = refreshAt;
+        this.tokenType = tokenType;
+    }
+
+    /**
+     * Gets the token.
+     *
+     * @return The token.
+     */
+    public String getToken() {
+        return token;
+    }
+
+    /**
+     * Gets the time when the token expires, in UTC.
+     *
+     * @return The time when the token expires, in UTC.
+     */
+    public OffsetDateTime getExpiresAt() {
+        return expiresAt;
+    }
+
+    /**
+     * Gets the time when the token should refresh next, in UTC.
+     * @return The time when the token should refresh next, in UTC.
+     */
+    public OffsetDateTime getRefreshAt() {
+        return refreshAt;
+    }
+
+    /**
+     * Whether the token has expired.
+     *
+     * @return Whether the token has expired.
+     */
+    public boolean isExpired() {
+        return OffsetDateTime.now().isAfter(expiresAt);
+    }
+
+    /**
+     * Gets the token type.
+     *
+     * @return The {@link AccessTokenType} representing the Token Type.
+     */
+    public AccessTokenType getTokenType() {
+        return tokenType;
+    }
+}

sdk/clientcore/core/src/main/java/io/clientcore/core/credentials/oauth/AccessTokenType.java

@@ -0,0 +1,116 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package io.clientcore.core.credentials.oauth;
+
+import io.clientcore.core.utils.ExpandableEnum;
+
+import java.util.Collection;
+import java.util.Map;
+import java.util.Objects;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * Represents Access Token types.
+ */
+public final class AccessTokenType implements ExpandableEnum<String> {
+    private static final Map<String, AccessTokenType> VALUES = new ConcurrentHashMap<>();
+    private final String caseSensitive;
+    private final String caseInsensitive;
+
+    private AccessTokenType(String name) {
+        this.caseSensitive = name;
+        this.caseInsensitive = name.toLowerCase();
+    }
+
+    @Override
+    public String getValue() {
+        return caseSensitive;
+    }
+
+    /**
+     * Gets the {@link AccessTokenType} based on the name passed into {@link #fromString(String)}.
+     *
+     * @return The token type based on the construction of this {@link AccessTokenType}.
+     */
+    public String getCaseSensitiveName() {
+        return toString();
+    }
+
+    /**
+     * Gets the {@link AccessTokenType} lower cased.
+     *
+     * @return The {@link AccessTokenType} lower cased.
+     */
+    public String getCaseInsensitiveName() {
+        return caseInsensitive;
+    }
+
+    /**
+     * Creates or finds a {@link AccessTokenType} for the passed {@code name}.
+     *
+     * <p>{@code null} will be returned if {@code name} is {@code null}.</p>
+     *
+     * @param name A name to look for.
+     *
+     * @return The corresponding {@link AccessTokenType} of the provided name, or {@code null} if {@code name} was
+     * {@code null}.
+     */
+    public static AccessTokenType fromString(String name) {
+        if (name == null) {
+            return null;
+        }
+
+        AccessTokenType accessTokenType = VALUES.get(name);
+
+        if (accessTokenType != null) {
+            return accessTokenType;
+        }
+
+        return VALUES.computeIfAbsent(name, AccessTokenType::new);
+    }
+
+    /**
+     * Gets all known {@link AccessTokenType} values.
+     *
+     * @return The known {@link AccessTokenType} values.
+     */
+    public static Collection<AccessTokenType> values() {
+        return VALUES.values();
+    }
+
+    @Override
+    public String toString() {
+        return caseSensitive;
+    }
+
+    @Override
+    public int hashCode() {
+        return caseInsensitive.hashCode();
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj) {
+            return true;
+        }
+
+        if (!(obj instanceof AccessTokenType)) {
+            return false;
+        }
+
+        AccessTokenType other = (AccessTokenType) obj;
+
+        return Objects.equals(caseInsensitive, other.caseInsensitive);
+    }
+
+    /**
+     * The Bearer token type.
+     */
+    public static final AccessTokenType BEARER = fromString("Bearer");
+
+    /**
+     * The Pop token type.
+     */
+    public static final AccessTokenType POP = fromString("Pop");
+}

sdk/clientcore/core/src/main/java/io/clientcore/core/credentials/oauth/OAuthTokenCredential.java

@@ -0,0 +1,35 @@
+// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+package io.clientcore.core.credentials.oauth;
+
+/**
+ * <p>
+ * OAuth Token Credential interface serves as a fundamental component for managing and providing access tokens.
+ * </p>
+ *
+ * <p>
+ * The {@link OAuthTokenCredential} interface, offers an API to retrieve an access token that can be used for
+ * bearer token authentication. The scopes parameter specified as part of {@link OAuthTokenRequestContext} represents
+ * the resources or permissions required for the token.
+ * </p>
+ *
+ * <p>
+ * By utilizing the OAuth Token Provider interface, you can abstract the authentication logic away from your
+ * application code. This allows for flexibility in choosing authentication mechanisms and simplifies the management
+ * of access tokens, including token caching and refreshing.
+ * </p>
+ *
+ * @see io.clientcore.core.credentials
+ */
+@FunctionalInterface
+public interface OAuthTokenCredential {
+
+    /**
+     * Get a token for a given resource/audience.
+     *
+     * @param request the details of the token request
+     * @return The Access Token
+     */
+    AccessToken getToken(OAuthTokenRequestContext request);
+}