Merge pull request #19 from quarkiverse/issue-13

Add support to Basic Auth, Bearer and API Key

Author: ricardozanini

README.md

@@ -6,6 +6,8 @@
 
 Quarkus' extension for generation of [Rest Clients](https://quarkus.io/guides/rest-client) based on OpenAPI specification files.
 
+This extension is based on the [OpenAPI Generator Tool](https://openapi-generator.tech/).
+
 ## Getting Started
 
 Add the following dependency to your project's `pom.xml` file:
@@ -47,7 +49,7 @@ Now, create the directory `openapi` under your `src/main/` path and add the Open
 To fine tune the configuration for each spec file, add the following entry to your properties file. In this example, our spec file is in `src/main/openapi/petstore.json`:
 
 ```properties
-quarkus.openapi-generator.spec."petstore.json".base-package=org.acme.openapi
+quarkus.openapi-generator.codegen.spec."petstore.json".base-package=org.acme.openapi
 ```
 
 Note that the file name is used to configure the specific information for each spec.
@@ -96,11 +98,65 @@ public class PetResource {
 
 See the [integration-tests](integration-tests) module for more information of how to use this extension. Please be advised that the extension is on experimental, early development stage.
 
+## Authentication Support
+
+If your OpenAPI specification file has `securitySchemes` [definitions](https://spec.openapis.org/oas/v3.1.0#security-scheme-object), the inner generator will [register `ClientRequestFilter`s providers](https://download.eclipse.org/microprofile/microprofile-rest-client-2.0/microprofile-rest-client-spec-2.0.html#_provider_declaration) for you to implement the given authentication mechanism.
+
+To provide the credentials for your application, you can use the [Quarkus configuration support](https://quarkus.io/guides/config). The configuration key is composed using this pattern: `[base_package].security.auth.[security_scheme_name]/[auth_property_name]`. Where:
+
+- `base_package` is the package name you gave when configuring the code generation using `quarkus.openapi-generator.codegen.spec.[open_api_file].base-package` property.
+- `security_scheme_name` is the name of the [security scheme object definition](https://spec.openapis.org/oas/v3.1.0#security-scheme-object) in the OpenAPI file. Given the following excerpt, we have `api_key` and `basic_auth` security schemes:
+```json
+{
+  "securitySchemes": {
+    "api_key": {
+      "type": "apiKey",
+      "name": "api_key",
+      "in": "header"
+    },
+    "basic_auth": {
+      "type": "http",
+      "scheme": "basic"
+    }
+  }
+}
+```
+- `auth_property_name` varies depending on the authentication provider. For example, for Basic Authentication we have `username` and `password`. See the following sections for more details.
+
+> Tip: on production environments you will likely to use [HashiCorp Vault](https://quarkiverse.github.io/quarkiverse-docs/quarkus-vault/dev/index.html) or [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/) to provide this information for your application.
+
+### Basic HTTP Authentication
+
+For Basic HTTP Authentication, these are the supported configurations:
+
+| Description          | Property Key                                                   | Example                                              |
+| -------------------- | -------------------------------------------------------------- | ---------------------------------------------------- |
+| Username credentials | `[base_package].security.auth.[security_scheme_name]/username` | `org.acme.openapi.security.auth.basic_auth/username` |
+| Password credentials | `[base_package].security.auth.[security_scheme_name]/password` | `org.acme.openapi.security.auth.basic_auth/password` |
+
+### Bearer Token Authentication
+
+For Bearer Token Authentication, these are the supported configurations:
+
+| Description  | Property Key                                                       | Example                                                  |
+| -------------| ------------------------------------------------------------------ | -------------------------------------------------------- |
+| Bearer Token | `[base_package].security.auth.[security_scheme_name]/bearer-token` | `org.acme.openapi.security.auth.bearer/bearer-token` |
+
+### API Key Authentication
+
+Similarly to bearer token, the API Key Authentication also has the token entry key property:
+
+| Description  | Property Key                                                  | Example                                             |
+| -------------| --------------------------------------------------------------| --------------------------------------------------- |
+| API Key      | `[base_package].security.auth.[security_scheme_name]/api-key` | `org.acme.openapi.security.auth.apikey/api-key` |
+
+The API Key scheme has an additional property that requires where to add the API key in the request token: header, cookie or query. The inner provider takes care of that for you. 
+
 ## Known Limitations
 
 These are the known limitations of this pre-release version:
 
-- No authentication support (Basic, Bearer, OAuth2)
+- No OAuth2 support
 - No reactive support
 - Only Jackson support
 

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/OpenApiGeneratorConfiguration.java renamed to deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/OpenApiGeneratorBuildTimeConfig.java

@@ -1,20 +1,24 @@
 package io.quarkiverse.openapi.generator.deployment;
 
+import static io.quarkiverse.openapi.generator.deployment.OpenApiGeneratorBuildTimeConfig.CONFIG_BUILD_NAME;
+
 import java.util.Map;
 
 import io.quarkus.runtime.annotations.ConfigItem;
 import io.quarkus.runtime.annotations.ConfigPhase;
 import io.quarkus.runtime.annotations.ConfigRoot;
 
-@ConfigRoot(phase = ConfigPhase.BUILD_TIME, name = "openapi-generator")
-public class OpenApiGeneratorConfiguration {
-    static final String CONFIG_PREFIX = "quarkus.openapi-generator";
+@ConfigRoot(phase = ConfigPhase.BUILD_TIME, name = CONFIG_BUILD_NAME)
+public class OpenApiGeneratorBuildTimeConfig {
+    public static final String CONFIG_BUILD_NAME = "openapi-generator.codegen";
+
+    static final String BUILD_TIME_CONFIG_PREFIX = "quarkus." + CONFIG_BUILD_NAME;
 
     /**
      * Fine tune the configuration for each OpenAPI spec file in `src/openapi` directory.
      * <p>
      * The file name is used to index this configuration. For example:
-     * `quarkus.openapi-generator.spec."myfilespec.json".base-package=org.acme`.
+     * `quarkus.openapi-generator.codegen.spec."myfilespec.json".base-package=org.acme`.
      **/
     @ConfigItem(name = "spec")
     public Map<String, SpecConfig> specs;

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/OpenApiGeneratorProcessor.java

@@ -11,7 +11,7 @@ class OpenApiGeneratorProcessor {
 
     private static final String FEATURE = "openapi-generator";
 
-    OpenApiGeneratorConfiguration configuration;
+    OpenApiGeneratorBuildTimeConfig configuration;
 
     @BuildStep
     void discoverGeneratedApis(BuildProducer<GeneratedOpenApiRestClientBuildItem> restClients,

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/SpecConfig.java

@@ -1,6 +1,6 @@
 package io.quarkiverse.openapi.generator.deployment;
 
-import static io.quarkiverse.openapi.generator.deployment.OpenApiGeneratorConfiguration.CONFIG_PREFIX;
+import static io.quarkiverse.openapi.generator.deployment.OpenApiGeneratorBuildTimeConfig.BUILD_TIME_CONFIG_PREFIX;
 
 import java.nio.file.Path;
 
@@ -11,7 +11,8 @@
 public class SpecConfig {
     public static final String API_PKG_SUFFIX = ".api";
     public static final String MODEL_PKG_SUFFIX = ".model";
-    static final String BASE_PACKAGE_PROP_FORMAT = CONFIG_PREFIX + ".spec.\"%s\".base-package";
+    public static final String BUILD_TIME_SPEC_PREFIX_FORMAT = BUILD_TIME_CONFIG_PREFIX + ".spec.\"%s\"";
+    private static final String BASE_PACKAGE_PROP_FORMAT = "%s.base-package";
 
     /**
      * Defines the base package name for the generated classes.
@@ -28,8 +29,20 @@ public String getModelPackage() {
     }
 
     public static String getResolvedBasePackageProperty(final Path openApiFilePath) {
+        return String.format(BASE_PACKAGE_PROP_FORMAT, getBuildTimeSpecPropertyPrefix(openApiFilePath));
+    }
+
+    /**
+     * Gets the config prefix for a given OpenAPI file in the path.
+     * For example, given a path like /home/luke/projects/petstore.json, the returned value is
+     * `quarkus.openapi-generator."petstore.json"`.
+     */
+    public static String getBuildTimeSpecPropertyPrefix(final Path openApiFilePath) {
+        return String.format(BUILD_TIME_SPEC_PREFIX_FORMAT, getEscapedFileName(openApiFilePath));
+    }
+
+    private static String getEscapedFileName(final Path openApiFilePath) {
         final String uriFilePath = openApiFilePath.toUri().toString();
-        final String fileName = uriFilePath.substring(uriFilePath.lastIndexOf("/") + 1);
-        return String.format(BASE_PACKAGE_PROP_FORMAT, fileName);
+        return uriFilePath.substring(uriFilePath.lastIndexOf("/") + 1);
     }
 }

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/codegen/OpenApiGeneratorCodeGenBase.java

@@ -48,7 +48,8 @@ public boolean trigger(CodeGenContext context) throws CodeGenException {
                             final OpenApiClientGeneratorWrapper generator = new OpenApiClientGeneratorWrapper(
                                     openApiFilePath.normalize(), outDir)
                                             .withApiPackage(basePackage + API_PKG_SUFFIX)
-                                            .withModelPackage(basePackage + MODEL_PKG_SUFFIX);
+                                            .withModelPackage(basePackage + MODEL_PKG_SUFFIX)
+                                            .withBasePackage(basePackage);
                             generator.generate();
                         });
             } catch (IOException e) {

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/template/QuteTemplatingEngineAdapter.java

@@ -26,7 +26,9 @@ public class QuteTemplatingEngineAdapter extends AbstractTemplatingEngineAdapter
             "headerParams.qute",
             "pathParams.qute",
             "pojo.qute",
-            "queryParams.qute"
+            "queryParams.qute",
+            "auth/compositeAuthenticationProvider.qute",
+            "auth/authConfig.qute"
     };
     public final Engine engine;
 

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/wrapper/OpenApiClientGeneratorWrapper.java

@@ -32,8 +32,7 @@ public OpenApiClientGeneratorWrapper(final Path specFilePath, final Path outputD
         GlobalSettings.setProperty(CodegenConstants.API_TESTS, FALSE.toString());
         GlobalSettings.setProperty(CodegenConstants.MODEL_TESTS, FALSE.toString());
         GlobalSettings.setProperty(CodegenConstants.MODEL_DOCS, FALSE.toString());
-        // generates every Api and Supporting files
-        // TODO: requires more testing to properly filter the generated classes
+        // generates every Api and Models
         GlobalSettings.setProperty(CodegenConstants.APIS, "");
         GlobalSettings.setProperty(CodegenConstants.MODELS, "");
         GlobalSettings.setProperty(CodegenConstants.SUPPORTING_FILES, "");
@@ -58,6 +57,11 @@ public OpenApiClientGeneratorWrapper withModelPackage(final String pkg) {
         return this;
     }
 
+    public OpenApiClientGeneratorWrapper withBasePackage(final String pkg) {
+        this.configurator.setPackageName(pkg);
+        return this;
+    }
+
     public List<File> generate() {
         return generator.opts(configurator.toClientOptInput()).generate();
     }

deployment/src/main/java/io/quarkiverse/openapi/generator/deployment/wrapper/QuarkusJavaClientCodegen.java

@@ -1,18 +1,20 @@
 package io.quarkiverse.openapi.generator.deployment.wrapper;
 
+import java.io.File;
+
+import org.openapitools.codegen.SupportingFile;
 import org.openapitools.codegen.languages.JavaClientCodegen;
+import org.openapitools.codegen.utils.ProcessUtils;
 
 public class QuarkusJavaClientCodegen extends JavaClientCodegen {
 
+    private static final String AUTH_PACKAGE = "auth";
+
     public QuarkusJavaClientCodegen() {
-        // TODO: immutable properties
+        // immutable properties
         this.setDateLibrary(JavaClientCodegen.JAVA8_MODE);
+        this.setSerializationLibrary(SERIALIZATION_LIBRARY_JACKSON);
         this.setTemplateDir("templates");
-        // we are only interested in the main generated classes
-        this.projectFolder = "";
-        this.projectTestFolder = "";
-        this.sourceFolder = "";
-        this.testFolder = "";
     }
 
     @Override
@@ -23,10 +25,42 @@ public String getName() {
     @Override
     public void processOpts() {
         super.processOpts();
+        // we are only interested in the main generated classes
+        this.projectFolder = "";
+        this.projectTestFolder = "";
+        this.sourceFolder = "";
+        this.testFolder = "";
+
+        this.replaceWithQuarkusTemplateFiles();
+    }
+
+    private void replaceWithQuarkusTemplateFiles() {
         supportingFiles.clear();
+
+        // TODO: add others as we go
+        if (ProcessUtils.hasHttpBasicMethods(this.openAPI) ||
+                ProcessUtils.hasApiKeyMethods(this.openAPI) ||
+                ProcessUtils.hasHttpBearerMethods(this.openAPI)) {
+            supportingFiles.add(
+                    new SupportingFile("auth/compositeAuthenticationProvider.qute",
+                            authFileFolder(),
+                            "CompositeAuthenticationProvider.java"));
+            supportingFiles.add(
+                    new SupportingFile("auth/authConfig.qute",
+                            authFileFolder(),
+                            "AuthConfiguration.java"));
+        }
+
         apiTemplateFiles.clear();
         apiTemplateFiles.put("api.qute", ".java");
+
         modelTemplateFiles.clear();
         modelTemplateFiles.put("model.qute", ".java");
     }
+
+    public String authFileFolder() {
+        // we are not using the apiFileFolder since it returns the full path
+        // we are only interested in the package path
+        return apiPackage().replace('.', File.separatorChar) + File.separator + AUTH_PACKAGE;
+    }
 }

deployment/src/main/resources/templates/api.qute

@@ -5,6 +5,10 @@ import {imp.import};
 {/for}
 
 import org.eclipse.microprofile.rest.client.inject.RegisterRestClient;
+{#if hasAuthMethods}
+import org.eclipse.microprofile.rest.client.annotation.RegisterProvider;
+import {package}.auth.CompositeAuthenticationProvider;
+{/if}
 
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -23,6 +27,9 @@ import javax.ws.rs.core.MediaType;
 {/if}
 @Path("{#if useAnnotatedBasePath}{contextPath}{/if}{commonPath}")
 @RegisterRestClient
+{#if hasAuthMethods}
+@RegisterProvider(CompositeAuthenticationProvider.class)
+{/if}
 public interface {classname} {
 
     {#for op in operations.operation}

deployment/src/main/resources/templates/auth/authConfig.qute

@@ -0,0 +1,9 @@
+package {apiPackage}.auth;
+
+import io.quarkiverse.openapi.generator.providers.AuthProvidersConfig;
+import io.smallrye.config.ConfigMapping;
+
+@ConfigMapping(prefix = "{packageName}.security")
+public interface AuthConfiguration extends AuthProvidersConfig {
+
+}