Fix #1088 - Add support for custom credentials provider in runtime (#1104)

Signed-off-by: Ricardo Zanini <[email protected]>

Author: ricardozanini

client/deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/GeneratorProcessor.java

@@ -34,6 +34,7 @@
 import io.quarkiverse.openapi.generator.providers.ApiKeyIn;
 import io.quarkiverse.openapi.generator.providers.AuthProvider;
 import io.quarkiverse.openapi.generator.providers.BaseCompositeAuthenticationProvider;
+import io.quarkiverse.openapi.generator.providers.CredentialsProvider;
 import io.quarkiverse.openapi.generator.providers.OperationAuthInfo;
 import io.quarkus.arc.deployment.AdditionalBeanBuildItem;
 import io.quarkus.arc.deployment.SyntheticBeanBuildItem;
@@ -201,6 +202,7 @@ void produceBasicAuthentication(CombinedIndexBuildItem beanArchiveBuildItem,
                     .annotation(OpenApiSpec.class)
                     .addValue("openApiSpecId", openApiSpecId)
                     .done()
+                    .addInjectionPoint(ClassType.create(DotName.createSimple(CredentialsProvider.class)))
                     .createWith(recorder.recordBasicAuthProvider(sanitizeAuthName(name), openApiSpecId, operations))
                     .unremovable()
                     .done());
@@ -240,6 +242,7 @@ void produceBearerAuthentication(CombinedIndexBuildItem beanArchiveBuildItem,
                     .annotation(OpenApiSpec.class)
                     .addValue("openApiSpecId", openApiSpecId)
                     .done()
+                    .addInjectionPoint(ClassType.create(DotName.createSimple(CredentialsProvider.class)))
                     .createWith(recorder.recordBearerAuthProvider(sanitizeAuthName(name), scheme, openApiSpecId, operations))
                     .unremovable()
                     .done());
@@ -282,6 +285,7 @@ void produceApiKeyAuthentication(CombinedIndexBuildItem beanArchiveBuildItem,
                     .annotation(OpenApiSpec.class)
                     .addValue("openApiSpecId", openApiSpecId)
                     .done()
+                    .addInjectionPoint(ClassType.create(DotName.createSimple(CredentialsProvider.class)))
                     .createWith(recorder.recordApiKeyAuthProvider(sanitizeAuthName(name), openApiSpecId, apiKeyIn, apiKeyName,
                             operations))
                     .unremovable()

client/deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/template/QuteTemplatingEngineAdapter.java

@@ -1,6 +1,5 @@
 package io.quarkiverse.openapi.generator.deployment.template;
 
-import java.io.IOException;
 import java.util.Map;
 
 import org.openapitools.codegen.api.AbstractTemplatingEngineAdapter;
@@ -12,8 +11,8 @@
 
 public class QuteTemplatingEngineAdapter extends AbstractTemplatingEngineAdapter {
 
-    public static final String IDENTIFIER = "qute";
-    public static final String[] INCLUDE_TEMPLATES = {
+    private static final String IDENTIFIER = "qute";
+    private static final String[] DEFAULT_TEMPLATES = {
             "additionalEnumTypeAnnotations.qute",
             "additionalEnumTypeUnexpectedMember.qute",
             "additionalModelTypeAnnotations.qute",
@@ -60,8 +59,7 @@ public String[] getFileExtensions() {
     }
 
     @Override
-    public String compileTemplate(TemplatingExecutor executor, Map<String, Object> bundle, String templateFile)
-            throws IOException {
+    public String compileTemplate(TemplatingExecutor executor, Map<String, Object> bundle, String templateFile) {
         this.cacheTemplates(executor);
         Template template = engine.getTemplate(templateFile);
         if (template == null) {
@@ -72,7 +70,7 @@ public String compileTemplate(TemplatingExecutor executor, Map<String, Object> b
     }
 
     public void cacheTemplates(TemplatingExecutor executor) {
-        for (String templateId : INCLUDE_TEMPLATES) {
+        for (String templateId : DEFAULT_TEMPLATES) {
             Template incTemplate = engine.getTemplate(templateId);
             if (incTemplate == null) {
                 incTemplate = engine.parse(executor.getFullTemplateContents(templateId));

client/oidc/src/main/java/io/quarkiverse/openapi/generator/oidc/providers/OAuth2AuthenticationProvider.java

@@ -12,6 +12,7 @@
 import org.slf4j.LoggerFactory;
 
 import io.quarkiverse.openapi.generator.providers.AbstractAuthProvider;
+import io.quarkiverse.openapi.generator.providers.ConfigCredentialsProvider;
 import io.quarkiverse.openapi.generator.providers.OperationAuthInfo;
 import io.quarkus.oidc.common.runtime.OidcConstants;
 
@@ -23,7 +24,7 @@ public class OAuth2AuthenticationProvider extends AbstractAuthProvider {
 
     public OAuth2AuthenticationProvider(String name,
             String openApiSpecId, OidcClientRequestFilterDelegate delegate, List<OperationAuthInfo> operations) {
-        super(name, openApiSpecId, operations);
+        super(name, openApiSpecId, operations, new ConfigCredentialsProvider());
         this.delegate = delegate;
         validateConfig();
     }

client/runtime/src/main/java/io/quarkiverse/openapi/generator/AuthenticationRecorder.java

@@ -13,6 +13,7 @@
 import io.quarkiverse.openapi.generator.providers.BaseCompositeAuthenticationProvider;
 import io.quarkiverse.openapi.generator.providers.BasicAuthenticationProvider;
 import io.quarkiverse.openapi.generator.providers.BearerAuthenticationProvider;
+import io.quarkiverse.openapi.generator.providers.CredentialsProvider;
 import io.quarkiverse.openapi.generator.providers.OperationAuthInfo;
 import io.quarkus.arc.SyntheticCreationalContext;
 import io.quarkus.runtime.annotations.Recorder;
@@ -35,22 +36,27 @@ public Function<SyntheticCreationalContext<AuthProvider>, AuthProvider> recordAp
             ApiKeyIn apiKeyIn,
             String apiKeyName,
             List<OperationAuthInfo> operations) {
-        return context -> new ApiKeyAuthenticationProvider(openApiSpecId, name, apiKeyIn, apiKeyName, operations);
+        return context -> new ApiKeyAuthenticationProvider(openApiSpecId, name, apiKeyIn,
+                apiKeyName, operations, context.getInjectedReference(CredentialsProvider.class));
     }
 
     public Function<SyntheticCreationalContext<AuthProvider>, AuthProvider> recordBearerAuthProvider(
             String name,
             String scheme,
             String openApiSpecId,
             List<OperationAuthInfo> operations) {
-        return context -> new BearerAuthenticationProvider(openApiSpecId, name, scheme, operations);
+        return context -> new BearerAuthenticationProvider(openApiSpecId, name, scheme,
+                operations, context.getInjectedReference(CredentialsProvider.class));
     }
 
     public Function<SyntheticCreationalContext<AuthProvider>, AuthProvider> recordBasicAuthProvider(
             String name,
             String openApiSpecId,
             List<OperationAuthInfo> operations) {
-        return context -> new BasicAuthenticationProvider(openApiSpecId, name, operations);
+
+        return context -> new BasicAuthenticationProvider(openApiSpecId, name,
+                operations, context.getInjectedReference(CredentialsProvider.class));
+
     }
 
 }

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/AbstractAuthProvider.java

@@ -16,6 +16,8 @@
 
 public abstract class AbstractAuthProvider implements AuthProvider {
 
+    CredentialsProvider credentialsProvider;
+
     private static final String BEARER_WITH_SPACE = "Bearer ";
     private static final String CANONICAL_AUTH_CONFIG_PROPERTY_NAME = "quarkus." + RUNTIME_TIME_CONFIG_PREFIX
             + ".%s.auth.%s.%s";
@@ -24,10 +26,12 @@ public abstract class AbstractAuthProvider implements AuthProvider {
     private final String name;
     private final List<OperationAuthInfo> applyToOperations = new ArrayList<>();
 
-    protected AbstractAuthProvider(String name, String openApiSpecId, List<OperationAuthInfo> operations) {
+    protected AbstractAuthProvider(String name, String openApiSpecId, List<OperationAuthInfo> operations,
+            CredentialsProvider credentialsProvider) {
         this.name = name;
         this.openApiSpecId = openApiSpecId;
         this.applyToOperations.addAll(operations);
+        this.credentialsProvider = credentialsProvider;
     }
 
     protected static String sanitizeBearerToken(String token) {
@@ -69,6 +73,10 @@ public List<OperationAuthInfo> operationsToFilter() {
     }
 
     public final String getCanonicalAuthConfigPropertyName(String authPropertyName) {
-        return String.format(CANONICAL_AUTH_CONFIG_PROPERTY_NAME, getOpenApiSpecId(), getName(), authPropertyName);
+        return getCanonicalAuthConfigPropertyName(authPropertyName, getOpenApiSpecId(), getName());
+    }
+
+    public static String getCanonicalAuthConfigPropertyName(String authPropertyName, String openApiSpecId, String authName) {
+        return String.format(CANONICAL_AUTH_CONFIG_PROPERTY_NAME, openApiSpecId, authName, authPropertyName);
     }
 }

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/ApiKeyAuthenticationProvider.java

@@ -11,8 +11,6 @@
 import jakarta.ws.rs.core.UriBuilder;
 
 import org.eclipse.microprofile.config.ConfigProvider;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import io.quarkiverse.openapi.generator.OpenApiGeneratorException;
 
@@ -21,50 +19,47 @@
  */
 public class ApiKeyAuthenticationProvider extends AbstractAuthProvider {
 
-    private static final Logger LOGGER = LoggerFactory.getLogger(ApiKeyAuthenticationProvider.class);
-
-    static final String API_KEY = "api-key";
     static final String USE_AUTHORIZATION_HEADER_VALUE = "use-authorization-header-value";
-
     private final ApiKeyIn apiKeyIn;
     private final String apiKeyName;
 
     public ApiKeyAuthenticationProvider(final String openApiSpecId, final String name, final ApiKeyIn apiKeyIn,
-            final String apiKeyName, List<OperationAuthInfo> operations) {
-        super(name, openApiSpecId, operations);
+            final String apiKeyName, List<OperationAuthInfo> operations, CredentialsProvider credentialsProvider) {
+        super(name, openApiSpecId, operations, credentialsProvider);
         this.apiKeyIn = apiKeyIn;
         this.apiKeyName = apiKeyName;
         validateConfig();
     }
 
+    public ApiKeyAuthenticationProvider(final String openApiSpecId, final String name, final ApiKeyIn apiKeyIn,
+            final String apiKeyName, List<OperationAuthInfo> operations) {
+        this(openApiSpecId, name, apiKeyIn, apiKeyName, operations, new ConfigCredentialsProvider());
+    }
+
     @Override
     public void filter(ClientRequestContext requestContext) throws IOException {
         switch (apiKeyIn) {
             case query:
-                requestContext.setUri(UriBuilder.fromUri(requestContext.getUri()).queryParam(apiKeyName, getApiKey()).build());
+                requestContext.setUri(
+                        UriBuilder.fromUri(requestContext.getUri()).queryParam(apiKeyName, getApiKey(requestContext)).build());
                 break;
             case cookie:
-                requestContext.getHeaders().add(HttpHeaders.COOKIE, new Cookie.Builder(apiKeyName).value(getApiKey()).build());
+                requestContext.getHeaders().add(HttpHeaders.COOKIE,
+                        new Cookie.Builder(apiKeyName).value(getApiKey(requestContext)).build());
                 break;
             case header:
                 if (requestContext.getHeaderString("Authorization") != null
                         && !requestContext.getHeaderString("Authorization").isEmpty()
                         && isUseAuthorizationHeaderValue()) {
                     requestContext.getHeaders().putSingle(apiKeyName, requestContext.getHeaderString("Authorization"));
                 } else
-                    requestContext.getHeaders().putSingle(apiKeyName, getApiKey());
+                    requestContext.getHeaders().putSingle(apiKeyName, getApiKey(requestContext));
                 break;
         }
     }
 
-    private String getApiKey() {
-        final String key = ConfigProvider.getConfig()
-                .getOptionalValue(getCanonicalAuthConfigPropertyName(API_KEY), String.class).orElse("");
-        if (key.isEmpty()) {
-            LOGGER.warn("configured {} property (see application.properties) is empty. hint: configure it.",
-                    getCanonicalAuthConfigPropertyName(API_KEY));
-        }
-        return key;
+    private String getApiKey(ClientRequestContext requestContext) {
+        return credentialsProvider.getApiKey(requestContext, getOpenApiSpecId(), getName());
     }
 
     private boolean isUseAuthorizationHeaderValue() {

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/BasicAuthenticationProvider.java

@@ -8,8 +8,6 @@
 import jakarta.ws.rs.client.ClientRequestContext;
 import jakarta.ws.rs.core.HttpHeaders;
 
-import org.eclipse.microprofile.config.ConfigProvider;
-
 import io.quarkiverse.openapi.generator.OpenApiGeneratorException;
 
 /**
@@ -19,28 +17,28 @@
  */
 public class BasicAuthenticationProvider extends AbstractAuthProvider {
 
-    static final String USER_NAME = "username";
-    static final String PASSWORD = "password";
+    public BasicAuthenticationProvider(final String openApiSpecId, String name, List<OperationAuthInfo> operations,
+            CredentialsProvider credentialsProvider) {
+        super(name, openApiSpecId, operations, credentialsProvider);
+        validateConfig();
+    }
 
     public BasicAuthenticationProvider(final String openApiSpecId, String name, List<OperationAuthInfo> operations) {
-        super(name, openApiSpecId, operations);
-        validateConfig();
+        this(openApiSpecId, name, operations, new ConfigCredentialsProvider());
     }
 
-    private String getUsername() {
-        return ConfigProvider.getConfig().getOptionalValue(getCanonicalAuthConfigPropertyName(USER_NAME), String.class)
-                .orElse("");
+    private String getUsername(ClientRequestContext requestContext) {
+        return credentialsProvider.getBasicUsername(requestContext, getOpenApiSpecId(), getName());
     }
 
-    private String getPassword() {
-        return ConfigProvider.getConfig().getOptionalValue(getCanonicalAuthConfigPropertyName(PASSWORD), String.class)
-                .orElse("");
+    private String getPassword(ClientRequestContext requestContext) {
+        return credentialsProvider.getBasicPassword(requestContext, getOpenApiSpecId(), getName());
     }
 
     @Override
     public void filter(ClientRequestContext requestContext) throws IOException {
         requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION,
-                AuthUtils.basicAuthAccessToken(getUsername(), getPassword()));
+                AuthUtils.basicAuthAccessToken(getUsername(requestContext), getPassword(requestContext)));
     }
 
     private void validateConfig() {

client/runtime/src/main/java/io/quarkiverse/openapi/generator/providers/BearerAuthenticationProvider.java

@@ -6,42 +6,41 @@
 import jakarta.ws.rs.client.ClientRequestContext;
 import jakarta.ws.rs.core.HttpHeaders;
 
-import org.eclipse.microprofile.config.ConfigProvider;
-
 /**
  * Provides bearer token authentication or any other valid scheme.
  *
  * @see <a href="https://swagger.io/docs/specification/authentication/bearer-authentication/">Bearer Authentication</a>
  */
 public class BearerAuthenticationProvider extends AbstractAuthProvider {
 
-    static final String BEARER_TOKEN = "bearer-token";
-
     private final String scheme;
 
     public BearerAuthenticationProvider(final String openApiSpecId, final String name, final String scheme,
-            List<OperationAuthInfo> operations) {
-        super(name, openApiSpecId, operations);
+            List<OperationAuthInfo> operations, CredentialsProvider credentialsProvider) {
+        super(name, openApiSpecId, operations, credentialsProvider);
         this.scheme = scheme;
     }
 
+    public BearerAuthenticationProvider(final String openApiSpecId, final String name, final String scheme,
+            List<OperationAuthInfo> operations) {
+        this(openApiSpecId, name, scheme, operations, new ConfigCredentialsProvider());
+    }
+
     @Override
     public void filter(ClientRequestContext requestContext) throws IOException {
         String bearerToken;
         if (isTokenPropagation()) {
             bearerToken = getTokenForPropagation(requestContext.getHeaders());
             bearerToken = sanitizeBearerToken(bearerToken);
         } else {
-            bearerToken = getBearerToken();
+            bearerToken = getBearerToken(requestContext);
         }
         if (!bearerToken.isBlank()) {
-            requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION,
-                    AuthUtils.authTokenOrBearer(this.scheme, bearerToken));
+            requestContext.getHeaders().add(HttpHeaders.AUTHORIZATION, AuthUtils.authTokenOrBearer(this.scheme, bearerToken));
         }
     }
 
-    private String getBearerToken() {
-        return ConfigProvider.getConfig().getOptionalValue(getCanonicalAuthConfigPropertyName(BEARER_TOKEN), String.class)
-                .orElse("");
+    private String getBearerToken(ClientRequestContext requestContext) {
+        return credentialsProvider.getBearerToken(requestContext, getOpenApiSpecId(), getName());
     }
 }