Merge pull request #21 from ozkanpakdil/authorization-tab

Implement authorization settings management with save and load functi…

Author: ozkanpakdil

src/main/java/io/github/ozkanpakdil/swaggerific/data/AuthorizationSettings.java

@@ -0,0 +1,246 @@
+package io.github.ozkanpakdil.swaggerific.data;
+
+import io.github.ozkanpakdil.swaggerific.ui.edit.AuthorizationController;
+import io.github.ozkanpakdil.swaggerific.ui.edit.AuthorizationController.AuthType;
+import io.github.ozkanpakdil.swaggerific.security.CredentialEncryption;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.io.Serial;
+import java.io.Serializable;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Class for storing authorization settings by URL.
+ * This class is serializable and can be saved to a file.
+ */
+public class AuthorizationSettings implements Serializable {
+    private static final org.slf4j.Logger log = org.slf4j.LoggerFactory.getLogger(AuthorizationSettings.class);
+    
+    @Serial
+    private static final long serialVersionUID = -2338626292552177485L;
+
+    // Map of URL to authorization settings
+    private Map<String, AuthSetting> settingsByUrl = new HashMap<>();
+    
+    /**
+     * Inner class to store authorization settings for a specific URL.
+     */
+    public static class AuthSetting implements Serializable {
+        @Serial
+        private static final long serialVersionUID = -1234567890123456789L;
+
+        private AuthType authType;
+        private transient String apiKeyName;
+        private transient String apiKeyValue;
+        private transient String username;
+        private transient String password;
+        private transient String bearerToken;
+
+        // Encrypted versions of sensitive fields for serialization
+        private String encryptedApiKeyValue;
+        private String encryptedUsername;
+        private String encryptedPassword;
+        private String encryptedBearerToken;
+
+        @Serial
+        private void writeObject(ObjectOutputStream out) throws IOException {
+            // Encrypt sensitive data before serialization
+            this.encryptedApiKeyValue = CredentialEncryption.encrypt(apiKeyValue);
+            this.encryptedUsername = CredentialEncryption.encrypt(username);
+            this.encryptedPassword = CredentialEncryption.encrypt(password);
+            this.encryptedBearerToken = CredentialEncryption.encrypt(bearerToken);
+
+            out.defaultWriteObject();
+            out.writeObject(apiKeyName); // apiKeyName is not sensitive, but still needs manual writing due to transient
+        }
+
+        @Serial
+        private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
+            in.defaultReadObject();
+
+            // Read non-sensitive transient field
+            this.apiKeyName = (String) in.readObject();
+
+            // Decrypt sensitive data after deserialization
+            this.apiKeyValue = CredentialEncryption.decrypt(encryptedApiKeyValue);
+            this.username = CredentialEncryption.decrypt(encryptedUsername);
+            this.password = CredentialEncryption.decrypt(encryptedPassword);
+            this.bearerToken = CredentialEncryption.decrypt(encryptedBearerToken);
+        }
+
+        public AuthSetting() {
+            this.authType = AuthType.NO_AUTH;
+        }
+        
+        public AuthSetting(AuthType authType) {
+            this.authType = authType;
+        }
+        
+        public AuthType getAuthType() {
+            return authType;
+        }
+        
+        public void setAuthType(AuthType authType) {
+            this.authType = authType;
+        }
+        
+        public String getApiKeyName() {
+            return apiKeyName;
+        }
+        
+        public void setApiKeyName(String apiKeyName) {
+            this.apiKeyName = apiKeyName;
+        }
+        
+        public String getApiKeyValue() {
+            return apiKeyValue;
+        }
+        
+        public void setApiKeyValue(String apiKeyValue) {
+            this.apiKeyValue = apiKeyValue;
+        }
+        
+        public String getUsername() {
+            return username;
+        }
+        
+        public void setUsername(String username) {
+            this.username = username;
+        }
+        
+        public String getPassword() {
+            return password;
+        }
+        
+        public void setPassword(String password) {
+            this.password = password;
+        }
+        
+        public String getBearerToken() {
+            return bearerToken;
+        }
+        
+        public void setBearerToken(String bearerToken) {
+            this.bearerToken = bearerToken;
+        }
+    }
+    
+    /**
+     * Gets the authorization settings for a specific URL.
+     * 
+     * @param url the URL
+     * @return the authorization settings, or null if not found
+     */
+    public AuthSetting getSettingsForUrl(String url) {
+        return settingsByUrl.get(url);
+    }
+    
+    /**
+     * Saves the authorization settings for a specific URL.
+     * 
+     * @param url the URL
+     * @param authController the authorization controller
+     */
+    public void saveSettingsForUrl(String url, AuthorizationController authController) {
+        if (url == null || url.isEmpty() || authController == null) {
+            return;
+        }
+        
+        AuthSetting setting = new AuthSetting(authController.getCurrentAuthType());
+        
+        // Save settings based on auth type
+        switch (authController.getCurrentAuthType()) {
+            case API_KEY:
+                setting.setApiKeyName(authController.getApiKeyNameField().getText());
+                setting.setApiKeyValue(authController.getApiKeyField().getText());
+                break;
+            case BASIC_AUTH:
+                setting.setUsername(authController.getUsernameField().getText());
+                setting.setPassword(authController.getPasswordField().getText());
+                break;
+            case BEARER_TOKEN:
+                setting.setBearerToken(authController.getTokenField().getText());
+                break;
+            case NO_AUTH:
+            default:
+                // No additional settings needed
+                break;
+        }
+        
+        settingsByUrl.put(url, setting);
+        log.debug("Saved authorization settings for URL: {}", url);
+    }
+    
+    /**
+     * Applies the saved authorization settings to an authorization controller.
+     * 
+     * @param url the URL
+     * @param authController the authorization controller
+     * @return true if settings were applied, false otherwise
+     */
+    public boolean applySettingsToController(String url, AuthorizationController authController) {
+        if (url == null || url.isEmpty() || authController == null) {
+            return false;
+        }
+        
+        AuthSetting setting = settingsByUrl.get(url);
+        if (setting == null) {
+            return false;
+        }
+        
+        // Set auth type first
+        authController.setCurrentAuthType(setting.getAuthType());
+        
+        // Apply settings based on auth type
+        switch (setting.getAuthType()) {
+            case API_KEY:
+                authController.getApiKeyNameField().setText(setting.getApiKeyName());
+                authController.getApiKeyField().setText(setting.getApiKeyValue());
+                break;
+            case BASIC_AUTH:
+                authController.getUsernameField().setText(setting.getUsername());
+                authController.getPasswordField().setText(setting.getPassword());
+                break;
+            case BEARER_TOKEN:
+                authController.getTokenField().setText(setting.getBearerToken());
+                break;
+            case NO_AUTH:
+            default:
+                // No additional settings needed
+                break;
+        }
+        
+        log.info("Applied authorization settings for URL: {}", url);
+        return true;
+    }
+    
+    /**
+     * Clears all authorization settings.
+     */
+    public void clear() {
+        settingsByUrl.clear();
+    }
+    
+    /**
+     * Gets the number of saved authorization settings.
+     * 
+     * @return the number of saved authorization settings
+     */
+    public int size() {
+        return settingsByUrl.size();
+    }
+    
+    @Serial
+    private void writeObject(ObjectOutputStream out) throws IOException {
+        out.defaultWriteObject();
+    }
+    
+    @Serial
+    private void readObject(ObjectInputStream in) throws IOException, ClassNotFoundException {
+        in.defaultReadObject();
+    }
+}
+

src/main/java/io/github/ozkanpakdil/swaggerific/security/CredentialEncryption.java

@@ -0,0 +1,54 @@
+package io.github.ozkanpakdil.swaggerific.security;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.charset.StandardCharsets;
+import java.security.spec.KeySpec;
+import java.util.Base64;
+
+public class CredentialEncryption {
+    private static final String ALGORITHM = "AES";
+    private static final byte[] SALT = "SwaggerificSalt".getBytes(StandardCharsets.UTF_8);
+    private static SecretKey secretKey;
+
+    static {
+        try {
+            // Generate a key based on system-specific properties
+            String systemSpecific = System.getProperty("user.name") +
+                                  System.getProperty("os.name") +
+                                  System.getProperty("user.home");
+
+            SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
+            KeySpec spec = new PBEKeySpec(systemSpecific.toCharArray(), SALT, 65536, 256);
+            SecretKey tmp = factory.generateSecret(spec);
+            secretKey = new SecretKeySpec(tmp.getEncoded(), ALGORITHM);
+        } catch (Exception e) {
+            throw new RuntimeException("Failed to initialize encryption", e);
+        }
+    }
+
+    public static String encrypt(String value) {
+        if (value == null) return null;
+        try {
+            Cipher cipher = Cipher.getInstance(ALGORITHM);
+            cipher.init(Cipher.ENCRYPT_MODE, secretKey);
+            return Base64.getEncoder().encodeToString(cipher.doFinal(value.getBytes()));
+        } catch (Exception e) {
+            throw new RuntimeException("Encryption failed", e);
+        }
+    }
+
+    public static String decrypt(String encrypted) {
+        if (encrypted == null) return null;
+        try {
+            Cipher cipher = Cipher.getInstance(ALGORITHM);
+            cipher.init(Cipher.DECRYPT_MODE, secretKey);
+            return new String(cipher.doFinal(Base64.getDecoder().decode(encrypted)));
+        } catch (Exception e) {
+            throw new RuntimeException("Decryption failed", e);
+        }
+    }
+}

src/main/java/io/github/ozkanpakdil/swaggerific/tools/HttpUtility.java

@@ -162,14 +162,16 @@ public HttpResponse sendRequest(String targetUri, PathItem.HttpMethod httpMethod
         try {
             URI uri = buildUri(targetUri, queryParams, pathParams);
 
+            log.info("Headers before creating request: {}", headers);
+
             HttpRequest request = new HttpRequest.Builder()
                     .uri(uri)
                     .method(httpMethod.name())
                     .headers(headers)
                     .body(body)
                     .build();
 
-            log.info("Sending {} request to {}", httpMethod.name(), uri);
+            log.info("Sending {} request to {} with headers: {}", httpMethod.name(), uri, request.headers());
             return httpService.sendRequest(request);
         } catch (Exception e) {
             log.error("Error preparing request: {}", e.getMessage(), e);

src/main/java/io/github/ozkanpakdil/swaggerific/tools/http/HttpServiceImpl.java

@@ -202,11 +202,14 @@ public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
     @Override
     public HttpResponse sendRequest(HttpRequest request) {
         try {
+            log.info("HttpServiceImpl received request with headers: {}", request.headers());
+
             String[] headerArray = new String[request.headers().size() * 2];
             int i = 0;
             for (Map.Entry<String, String> entry : request.headers().entrySet()) {
                 headerArray[i++] = entry.getKey();
                 headerArray[i++] = entry.getValue();
+                log.info("Adding header: {} = {}", entry.getKey(), entry.getValue());
             }
 
             java.net.http.HttpRequest.Builder requestBuilder = java.net.http.HttpRequest.newBuilder()
@@ -216,6 +219,7 @@ public HttpResponse sendRequest(HttpRequest request) {
 
             if (headerArray.length > 0) {
                 requestBuilder.headers(headerArray);
+                log.info("Added {} headers to the request", headerArray.length / 2);
             }
 
             java.net.http.HttpRequest httpRequest = requestBuilder.build();