post review

Signed-off-by: Dmitrii Tikhomirov <[email protected]>

Author: treblereel

api/src/test/java/io/serverlessworkflow/api/ApiTest.java

@@ -63,23 +63,6 @@ void testCallHTTPAPI() throws IOException {
     }
   }
 
-  @Test
-  void testCallHttpOauthAPI() throws IOException {
-    Workflow workflow = readWorkflowFromClasspath("features/authentication-oauth2.yaml");
-    assertThat(workflow.getDo()).isNotEmpty();
-    assertThat(workflow.getDo().get(0).getName()).isNotNull();
-    assertThat(workflow.getDo().get(0).getTask()).isNotNull();
-    Task task = workflow.getDo().get(0).getTask();
-    if (task.get() instanceof CallTask) {
-      CallTask callTask = task.getCallTask();
-      assertThat(callTask).isNotNull();
-      assertThat(task.getDoTask()).isNull();
-      CallHTTP httpCall = callTask.getCallHTTP();
-      assertThat(httpCall).isNotNull();
-      assertThat(httpCall.getWith().getMethod()).isEqualTo("get");
-    }
-  }
-
   @Test
   void testCallFunctionAPIWithoutArguments() throws IOException {
     Workflow workflow = readWorkflowFromClasspath("features/callFunction.yaml");

impl/http/pom.xml

@@ -16,6 +16,10 @@
            <groupId>io.serverlessworkflow</groupId>
            <artifactId>serverlessworkflow-impl-core</artifactId>
         </dependency>
+        <dependency>
+            <groupId>io.serverlessworkflow</groupId>
+            <artifactId>serverlessworkflow-jwt</artifactId>
+        </dependency>
         <dependency>
           <groupId>org.glassfish.jersey.media</groupId>
           <artifactId>jersey-media-json-jackson</artifactId>
@@ -24,10 +28,6 @@
             <groupId>org.glassfish.jersey.core</groupId>
             <artifactId>jersey-client</artifactId>
         </dependency>
-        <dependency>
-            <groupId>com.fasterxml.jackson.core</groupId>
-            <artifactId>jackson-databind</artifactId>
-        </dependency>
         <dependency>
             <groupId>io.serverlessworkflow</groupId>
             <artifactId>serverlessworkflow-api</artifactId>
@@ -38,6 +38,11 @@
             <artifactId>serverlessworkflow-impl-jackson</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>io.serverlessworkflow</groupId>
+            <artifactId>serverlessworkflow-impl-jwt</artifactId>
+            <scope>test</scope>
+        </dependency>
         <dependency>
             <groupId>org.junit.jupiter</groupId>
             <artifactId>junit-jupiter-api</artifactId>

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java

@@ -18,11 +18,11 @@
 import io.serverlessworkflow.api.types.OAuth2AuthenticationPolicy;
 import io.serverlessworkflow.api.types.Oauth2;
 import io.serverlessworkflow.api.types.Workflow;
+import io.serverlessworkflow.http.jwt.JWT;
 import io.serverlessworkflow.impl.TaskContext;
 import io.serverlessworkflow.impl.WorkflowApplication;
 import io.serverlessworkflow.impl.WorkflowContext;
 import io.serverlessworkflow.impl.WorkflowModel;
-import io.serverlessworkflow.impl.executors.http.oauth.JWT;
 import io.serverlessworkflow.impl.executors.http.oauth.OAuthRequestBuilder;
 import jakarta.ws.rs.client.Invocation;
 import jakarta.ws.rs.client.Invocation.Builder;

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/AccessTokenProvider.java

@@ -16,33 +16,44 @@
 
 package io.serverlessworkflow.impl.executors.http.oauth;
 
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.JsonNode;
+import io.serverlessworkflow.http.jwt.JWT;
+import io.serverlessworkflow.http.jwt.JWTConverter;
 import io.serverlessworkflow.impl.TaskContext;
-import java.net.http.HttpRequest;
 import java.util.List;
+import java.util.Map;
+import java.util.ServiceLoader;
 
 public class AccessTokenProvider {
 
   private final TokenResponseHandler tokenResponseHandler = new TokenResponseHandler();
 
   private final TaskContext context;
   private final List<String> issuers;
-  private final HttpRequest requestBuilder;
+  private final InvocationHolder invocation;
 
-  public AccessTokenProvider(
-      HttpRequest requestBuilder, TaskContext context, List<String> issuers) {
-    this.requestBuilder = requestBuilder;
+  private final JWTConverter jwtConverter;
+
+  AccessTokenProvider(InvocationHolder invocation, TaskContext context, List<String> issuers) {
+    this.invocation = invocation;
     this.issuers = issuers;
     this.context = context;
+
+    ServiceLoader<JWTConverter> jwtConverters =
+        ServiceLoader.load(JWTConverter.class, AccessTokenProvider.class.getClassLoader());
+
+    if (jwtConverters.iterator().hasNext()) {
+      this.jwtConverter = jwtConverters.iterator().next();
+    } else {
+      throw new RuntimeException("No JWTConverter implementation found");
+    }
   }
 
   public JWT validateAndGet() {
-    JsonNode token = tokenResponseHandler.apply(requestBuilder, context);
+    Map<String, Object> token = tokenResponseHandler.apply(invocation, context);
     JWT jwt;
     try {
-      jwt = JWT.fromString(token.get("access_token").asText());
-    } catch (JsonProcessingException e) {
+      jwt = jwtConverter.fromToken((String) token.get("access_token"));
+    } catch (IllegalArgumentException e) {
       throw new RuntimeException("Failed to parse JWT token: " + e.getMessage(), e);
     }
     if (!(issuers == null || issuers.isEmpty())) {

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/ClientSecretBasic.java

@@ -44,7 +44,8 @@ public void execute(HttpRequestBuilder requestBuilder) {
     }
   }
 
-  private void clientCredentials(HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
+  private void clientCredentials(
+      HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
     if (authenticationData.getClient() == null
         || authenticationData.getClient().getId() == null
         || authenticationData.getClient().getSecret() == null) {
@@ -58,11 +59,12 @@ private void clientCredentials(HttpRequestBuilder requestBuilder, OAuth2Autenthi
 
     requestBuilder
         .addHeader("Authorization", "Basic " + encodedAuth)
-        .withMethod("POST")
-        .addQueryParam("grant_type", "client_credentials");
+        .withRequestContentType(authenticationData.getRequest())
+        .withGrantType(authenticationData.getGrant());
   }
 
-  private void password(HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
+  private void password(
+      HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
     if (authenticationData.getUsername() == null || authenticationData.getPassword() == null) {
       throw new IllegalArgumentException(
           "Username and password must be provided for password grant type");
@@ -79,9 +81,9 @@ private void password(HttpRequestBuilder requestBuilder, OAuth2AutenthicationDat
     String encodedAuth = Base64.getEncoder().encodeToString(idAndSecret.getBytes());
 
     requestBuilder
-        .withMethod("POST")
+        .withGrantType(authenticationData.getGrant())
+        .withRequestContentType(authenticationData.getRequest())
         .addHeader("Authorization", "Basic " + encodedAuth)
-        .addQueryParam("grant_type", "password")
         .addQueryParam("username", authenticationData.getUsername())
         .addQueryParam("password", authenticationData.getPassword());
   }

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/ClientSecretPostStep.java

@@ -43,7 +43,8 @@ public void execute(HttpRequestBuilder requestBuilder) {
     }
   }
 
-  private void clientCredentials(HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
+  private void clientCredentials(
+      HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
     if (authenticationData.getClient() == null
         || authenticationData.getClient().getId() == null
         || authenticationData.getClient().getSecret() == null) {
@@ -52,13 +53,14 @@ private void clientCredentials(HttpRequestBuilder requestBuilder, OAuth2Autenthi
     }
 
     requestBuilder
-        .withMethod("POST")
-        .addQueryParam("grant_type", "client_credentials")
+        .withGrantType(authenticationData.getGrant())
+        .withRequestContentType(authenticationData.getRequest())
         .addQueryParam("client_id", authenticationData.getClient().getId())
         .addQueryParam("client_secret", authenticationData.getClient().getSecret());
   }
 
-  private void password(HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
+  private void password(
+      HttpRequestBuilder requestBuilder, OAuth2AutenthicationData authenticationData) {
     if (authenticationData.getUsername() == null || authenticationData.getPassword() == null) {
       throw new IllegalArgumentException(
           "Username and password must be provided for password grant type");
@@ -71,8 +73,8 @@ private void password(HttpRequestBuilder requestBuilder, OAuth2AutenthicationDat
     }
 
     requestBuilder
-        .withMethod("POST")
-        .addQueryParam("grant_type", "password")
+        .withGrantType(authenticationData.getGrant())
+        .withRequestContentType(authenticationData.getRequest())
         .addQueryParam("client_id", authenticationData.getClient().getId())
         .addQueryParam("client_secret", authenticationData.getClient().getSecret())
         .addQueryParam("username", authenticationData.getUsername())

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/oauth/HttpRequestBuilder.java

@@ -16,23 +16,31 @@
 
 package io.serverlessworkflow.impl.executors.http.oauth;
 
+import static io.serverlessworkflow.api.types.OAuth2TokenRequest.Oauth2TokenRequestEncoding;
+import static io.serverlessworkflow.api.types.OAuth2TokenRequest.Oauth2TokenRequestEncoding.APPLICATION_X_WWW_FORM_URLENCODED;
+
+import io.serverlessworkflow.api.types.OAuth2AutenthicationData;
+import io.serverlessworkflow.api.types.OAuth2TokenRequest;
 import io.serverlessworkflow.impl.TaskContext;
 import io.serverlessworkflow.impl.WorkflowApplication;
 import io.serverlessworkflow.impl.WorkflowContext;
 import io.serverlessworkflow.impl.WorkflowModel;
 import io.serverlessworkflow.impl.WorkflowUtils;
 import io.serverlessworkflow.impl.WorkflowValueResolver;
+import jakarta.ws.rs.client.Client;
+import jakarta.ws.rs.client.ClientBuilder;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.Invocation;
+import jakarta.ws.rs.client.WebTarget;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.MediaType;
 import java.net.URI;
 import java.net.URLEncoder;
-import java.net.http.HttpRequest;
 import java.nio.charset.StandardCharsets;
-import java.time.Duration;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.Objects;
-import java.util.stream.Collectors;
 
-public class HttpRequestBuilder {
+class HttpRequestBuilder {
 
   private final Map<String, WorkflowValueResolver<String>> headers;
 
@@ -42,86 +50,99 @@ public class HttpRequestBuilder {
 
   private URI uri;
 
-  private String method;
+  private OAuth2AutenthicationData.OAuth2AutenthicationDataGrant grantType;
+
+  private Oauth2TokenRequestEncoding requestContentType = APPLICATION_X_WWW_FORM_URLENCODED;
 
-  public HttpRequestBuilder(WorkflowApplication app) {
+  HttpRequestBuilder(WorkflowApplication app) {
     this.app = app;
     headers = new HashMap<>();
     queryParams = new HashMap<>();
   }
 
-  public HttpRequestBuilder addHeader(String key, String token) {
+  HttpRequestBuilder addHeader(String key, String token) {
     headers.put(key, WorkflowUtils.buildStringFilter(app, token));
     return this;
   }
 
-  public HttpRequestBuilder addQueryParam(String key, String token) {
+  HttpRequestBuilder addQueryParam(String key, String token) {
     queryParams.put(key, WorkflowUtils.buildStringFilter(app, token));
     return this;
   }
 
-  public HttpRequestBuilder withUri(URI uri) {
+  HttpRequestBuilder withUri(URI uri) {
     this.uri = uri;
     return this;
   }
 
-  public HttpRequestBuilder withMethod(String method) {
-    this.method = method;
+  HttpRequestBuilder withRequestContentType(OAuth2TokenRequest oAuth2TokenRequest) {
+    if (oAuth2TokenRequest != null) {
+      this.requestContentType = oAuth2TokenRequest.getEncoding();
+    }
+    return this;
+  }
+
+  HttpRequestBuilder withGrantType(
+      OAuth2AutenthicationData.OAuth2AutenthicationDataGrant grantType) {
+    this.grantType = grantType;
     return this;
   }
 
-  public HttpRequest build(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
-    HttpRequest.Builder request = HttpRequest.newBuilder();
+  InvocationHolder build(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
+    validate();
+
+    Client client = ClientBuilder.newClient();
+    WebTarget target = client.target(uri);
+
+    Invocation.Builder builder = target.request(MediaType.APPLICATION_JSON);
+
+    builder.header("grant_type", grantType.name().toLowerCase());
+    builder.header("User-Agent", "OAuth2-Client-Credentials/1.0");
+    builder.header("Accept", MediaType.APPLICATION_JSON);
+    builder.header("Cache-Control", "no-cache");
 
     for (var entry : headers.entrySet()) {
       String headerValue = entry.getValue().apply(workflow, task, model);
       if (headerValue != null) {
-        request = request.header(entry.getKey(), headerValue);
+        builder.header(entry.getKey(), headerValue);
       }
     }
 
-    request.header("Accept", "application/json");
+    Entity<?> entity;
+    if (requestContentType.equals(APPLICATION_X_WWW_FORM_URLENCODED)) {
+      Form form = new Form();
+      form.param("grant_type", grantType.value());
+      queryParams.forEach(
+          (key, value) -> {
+            String v = value.apply(workflow, task, model);
+            String encodedKey = URLEncoder.encode(key, StandardCharsets.UTF_8);
+            String encodedValue = URLEncoder.encode(v, StandardCharsets.UTF_8);
+            form.param(encodedKey, encodedValue);
+          });
+      entity = Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED);
+    } else {
+      Map<String, Object> jsonData = new HashMap<>();
+      jsonData.put("grant_type", grantType.value());
+      queryParams.forEach(
+          (key, value) -> {
+            String v = value.apply(workflow, task, model);
+            String encodedKey = URLEncoder.encode(key, StandardCharsets.UTF_8);
+            String encodedValue = URLEncoder.encode(v, StandardCharsets.UTF_8);
+            jsonData.put(encodedKey, encodedValue);
+          });
+      entity = Entity.entity(jsonData, MediaType.APPLICATION_JSON);
+    }
 
+    return new InvocationHolder(client, () -> builder.post(entity));
+  }
+
+  private void validate() {
     if (uri == null) {
       throw new IllegalStateException("URI must be set before building the request");
     }
 
-    String encoded =
-        queryParams.entrySet().stream()
-            .map(
-                e -> {
-                  String v = e.getValue().apply(workflow, task, model);
-                  if (v == null) return null;
-                  return URLEncoder.encode(e.getKey(), StandardCharsets.UTF_8)
-                      + "="
-                      + URLEncoder.encode(v, StandardCharsets.UTF_8);
-                })
-            .filter(Objects::nonNull)
-            .collect(Collectors.joining("&"));
-
-    if (method != null) {
-      switch (method.toUpperCase()) {
-        case "GET" -> {
-          if (!encoded.isEmpty()) {
-            String sep = (uri.getQuery() == null || uri.getQuery().isEmpty()) ? "?" : "&";
-            uri = URI.create(uri.toString() + sep + encoded);
-          }
-          request.uri(uri).GET();
-        }
-        case "POST" -> {
-          request.uri(uri);
-          HttpRequest.BodyPublisher body =
-              encoded.isEmpty()
-                  ? HttpRequest.BodyPublishers.noBody()
-                  : HttpRequest.BodyPublishers.ofString(encoded);
-          request.POST(body);
-        }
-        default -> throw new IllegalArgumentException("Unsupported HTTP method: " + method);
-      }
-    } else {
-      throw new IllegalStateException("HTTP method must be set before building the request");
+    if (grantType == null) {
+      throw new IllegalStateException("Grant type must be set before building the request");
     }
-    request.timeout(Duration.ofSeconds(15));
-    return request.build();
   }
 }