add authorizations to retrofit client

added basic auth, api key and oauth support to the service generator using okhttp interceptors

Fix #962

Author: cbornet

modules/swagger-codegen/src/main/java/io/swagger/codegen/languages/RetrofitClientCodegen.java

@@ -52,6 +52,16 @@ public RetrofitClientCodegen() {
         supportingFiles.add(new SupportingFile("pom.mustache", "", "pom.xml"));
         supportingFiles.add(new SupportingFile("service.mustache",
                 (sourceFolder + File.separator + invokerPackage).replace(".", java.io.File.separator), "ServiceGenerator.java"));
+        supportingFiles.add(new SupportingFile("auth/basic.mustache",
+                (sourceFolder + File.separator + invokerPackage + File.separator + "auth").replace(".", java.io.File.separator), "BasicAuthorization.java"));
+        supportingFiles.add(new SupportingFile("auth/apikey.mustache",
+                (sourceFolder + File.separator + invokerPackage + File.separator + "auth").replace(".", java.io.File.separator), "ApiKeyAuthorization.java"));
+        supportingFiles.add(new SupportingFile("auth/oauth.mustache",
+                (sourceFolder + File.separator + invokerPackage + File.separator + "auth").replace(".", java.io.File.separator), "OauthAuthorization.java"));
+        supportingFiles.add(new SupportingFile("auth/oauthflow.mustache",
+                (sourceFolder + File.separator + invokerPackage + File.separator + "auth").replace(".", java.io.File.separator), "OauthFlow.java"));
+        supportingFiles.add(new SupportingFile("auth/oauthokclient.mustache",
+                (sourceFolder + File.separator + invokerPackage + File.separator + "auth").replace(".", java.io.File.separator), "OauthOkHttpClient.java"));
 
         languageSpecificPrimitives = new HashSet<String>(
                 Arrays.asList(

modules/swagger-codegen/src/main/resources/retrofit/api.mustache

@@ -2,6 +2,7 @@ package {{package}};
 
 import {{modelPackage}}.*;
 
+import retrofit.Callback;
 import retrofit.http.*;
 import retrofit.mime.*;
 import java.util.*;
@@ -14,6 +15,7 @@ public interface {{classname}} {
   {{#operation}}
   /**
    * {{summary}}
+   * Sync method
    * {{notes}}
 {{#allParams}}   * @param {{paramName}} {{description}}
 {{/allParams}}   * @return {{#returnType}}{{{returnType}}}{{/returnType}}{{^returnType}}void{{/returnType}}
@@ -22,8 +24,22 @@ public interface {{classname}} {
   {{#isMultipart}}@Multipart{{/isMultipart}}{{^isMultipart}}@FormUrlEncoded{{/isMultipart}}{{/-first}}{{/formParams}}
   @{{httpMethod}}("{{path}}")  
   {{#returnType}}{{{returnType}}}{{/returnType}}{{^returnType}}Object{{/returnType}} {{nickname}}({{^allParams}});{{/allParams}}
-    {{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{>formParams}}{{#hasMore}}, {{/hasMore}}{{^hasMore}}
-  );{{/hasMore}}{{/allParams}}  
+    {{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{>formParams}}{{#hasMore}},{{/hasMore}}{{^hasMore}}
+  );{{/hasMore}}{{/allParams}}
+
+  /**
+   * {{summary}}
+   * Async method
+{{#allParams}}   * @param {{paramName}} {{description}}
+{{/allParams}}   * @param cb callback method   
+   * @return void
+   */
+  {{#formParams}}{{#-first}}
+  {{#isMultipart}}@Multipart{{/isMultipart}}{{^isMultipart}}@FormUrlEncoded{{/isMultipart}}{{/-first}}{{/formParams}}
+  @{{httpMethod}}("{{path}}")  
+  void {{nickname}}(
+    {{#allParams}}{{>queryParams}}{{>pathParams}}{{>headerParams}}{{>bodyParams}}{{>formParams}},{{/allParams}} Callback<{{#returnType}}{{{returnType}}}{{/returnType}}{{^returnType}}Object{{/returnType}}> cb
+  ); 
   {{/operation}}
 }
-{{/operations}}
+{{/operations}}

modules/swagger-codegen/src/main/resources/retrofit/auth/apikey.mustache

@@ -0,0 +1,68 @@
+package {{invokerPackage}}.auth;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import com.squareup.okhttp.Interceptor;
+import com.squareup.okhttp.Request;
+import com.squareup.okhttp.Response;
+
+public class ApiKeyAuthorization implements Interceptor {
+    private final String location;
+    private final String paramName;
+
+    private String apiKey;
+
+    public ApiKeyAuthorization(String location, String paramName) {
+        this.location = location;
+        this.paramName = paramName;
+    }
+
+    public String getLocation() {
+        return location;
+    }
+
+    public String getParamName() {
+        return paramName;
+    }
+
+    public String getApiKey() {
+        return apiKey;
+    }
+
+    public void setApiKey(String apiKey) {
+        this.apiKey = apiKey;
+    }
+
+    @Override
+    public Response intercept(Chain chain) throws IOException {
+        String paramValue;
+        Request request = chain.request();
+
+        if (location == "query") {
+            String newQuery = request.uri().getQuery();
+            paramValue = paramName + "=" + apiKey;
+            if (newQuery == null) {
+                newQuery = paramValue;
+            } else {
+                newQuery += "&" + paramValue;  
+            }
+
+            URI newUri;
+            try {
+                newUri = new URI(request.uri().getScheme(), request.uri().getAuthority(),
+                        request.uri().getPath(), newQuery, request.uri().getFragment());
+            } catch (URISyntaxException e) {
+                throw new IOException(e);
+            }
+
+            request = request.newBuilder().url(newUri.toURL()).build();
+        } else if (location == "header") {
+            request = request.newBuilder()
+                    .addHeader(paramName, apiKey)
+                    .build();
+        }
+        return chain.proceed(request);
+    }
+}

modules/swagger-codegen/src/main/resources/retrofit/auth/basic.mustache

@@ -0,0 +1,49 @@
+package {{invokerPackage}}.auth;
+
+import java.io.IOException;
+
+import com.squareup.okhttp.Credentials;
+import com.squareup.okhttp.Interceptor;
+import com.squareup.okhttp.Request;
+import com.squareup.okhttp.Response;
+
+public class BasicAuthorization implements Interceptor {
+
+    private String username;
+    private String password;
+    
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public void setCredentials(String username, String password) {
+        this.username = username;
+        this.password = password;
+    }
+
+    @Override
+    public Response intercept(Chain chain) throws IOException {
+        Request request = chain.request();
+
+        // If the request already have an authorization (eg. Basic auth), do nothing
+        if (request.header("Authorization") == null) {
+            String credentials = Credentials.basic(username, password);
+            request = request.newBuilder()
+                    .addHeader("Authorization", credentials)
+                    .build();
+        }
+        return chain.proceed(request);
+    }
+}

modules/swagger-codegen/src/main/resources/retrofit/auth/oauth.mustache

@@ -0,0 +1,148 @@
+package {{invokerPackage}}.auth;
+
+import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
+
+import java.io.IOException;
+import java.util.Map;
+
+import org.apache.oltu.oauth2.client.OAuthClient;
+import org.apache.oltu.oauth2.client.request.OAuthBearerClientRequest;
+import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
+import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
+import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
+import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
+import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
+import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
+import org.apache.oltu.oauth2.common.message.types.GrantType;
+
+import com.squareup.okhttp.Interceptor;
+import com.squareup.okhttp.OkHttpClient;
+import com.squareup.okhttp.Request;
+import com.squareup.okhttp.Request.Builder;
+import com.squareup.okhttp.Response;
+
+public class OauthAuthorization implements Interceptor {
+
+    private volatile String accessToken;
+    private OAuthClient oauthClient;
+
+    private TokenRequestBuilder tokenRequestBuilder;
+    private AuthenticationRequestBuilder authenticationRequestBuilder;
+
+    public OauthAuthorization( OkHttpClient client, TokenRequestBuilder requestBuilder ) {
+        this.oauthClient = new OAuthClient(new OauthOkHttpClient(client));
+        this.tokenRequestBuilder = requestBuilder;
+    }
+
+    public OauthAuthorization(TokenRequestBuilder requestBuilder ) {
+        this(new OkHttpClient(), requestBuilder);
+    }
+
+    public OauthAuthorization(OauthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+        this(OAuthClientRequest.tokenLocation(tokenUrl).setScope(scopes));
+        setFlow(flow);
+        authenticationRequestBuilder = OAuthClientRequest.authorizationLocation(authorizationUrl);
+    }
+
+    public void setFlow(OauthFlow flow) {
+        switch(flow) {
+        case accessCode:
+        case implicit:
+            tokenRequestBuilder.setGrantType(GrantType.AUTHORIZATION_CODE);
+            break;
+        case password:
+            tokenRequestBuilder.setGrantType(GrantType.PASSWORD);
+            break;
+        case application:
+            tokenRequestBuilder.setGrantType(GrantType.CLIENT_CREDENTIALS);
+            break;
+        default:
+            break;
+        }            
+    }
+
+    @Override
+    public Response intercept(Chain chain)
+            throws IOException {
+
+        Request request = chain.request();
+
+        // If the request already have an authorization (eg. Basic auth), do nothing
+        if (request.header("Authorization") != null) {
+            return chain.proceed(request);
+        }
+
+        // If first time, get the token
+        OAuthClientRequest oAuthRequest;
+        if (getAccessToken() == null) {
+            updateAccessToken(null);
+        }
+
+        // Build the request
+        Builder rb = request.newBuilder();
+
+        String requestAccessToken = new String(getAccessToken());
+        try {
+            oAuthRequest = new OAuthBearerClientRequest(request.urlString())
+            .setAccessToken(requestAccessToken)
+            .buildHeaderMessage();
+        } catch (OAuthSystemException e) {
+            throw new IOException(e);
+        }
+
+        for ( Map.Entry<String, String> header : oAuthRequest.getHeaders().entrySet() ) {
+            rb.addHeader(header.getKey(), header.getValue());
+        }
+        rb.url( oAuthRequest.getLocationUri());
+
+        //Execute the request
+        Response response = chain.proceed(rb.build());
+
+        // 401 most likely indicates that access token has expired.
+        // Time to refresh and resend the request
+        if ( response.code() == HTTP_UNAUTHORIZED ) {
+            updateAccessToken(requestAccessToken);
+            return intercept( chain );
+        }
+        return response;    
+    }
+
+    public synchronized void updateAccessToken(String requestAccessToken) throws IOException {
+        if (getAccessToken() == null || getAccessToken().equals(requestAccessToken)) {    
+            try {
+                OAuthJSONAccessTokenResponse accessTokenResponse;
+                accessTokenResponse = oauthClient.accessToken(this.tokenRequestBuilder.buildBodyMessage());
+                setAccessToken(accessTokenResponse.getAccessToken());
+            } catch (OAuthSystemException e) {
+                throw new IOException(e);
+            } catch (OAuthProblemException e) {
+                throw new IOException(e);
+            }
+        }
+    }
+
+    public synchronized String getAccessToken() {
+        return accessToken;
+    }
+
+    public synchronized void setAccessToken(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    public TokenRequestBuilder getTokenRequestBuilder() {
+        return tokenRequestBuilder;
+    }
+
+    public void setTokenRequestBuilder(TokenRequestBuilder tokenRequestBuilder) {
+        this.tokenRequestBuilder = tokenRequestBuilder;
+    }
+
+    public AuthenticationRequestBuilder getAuthenticationRequestBuilder() {
+        return authenticationRequestBuilder;
+    }
+
+    public void setAuthenticationRequestBuilder(AuthenticationRequestBuilder authenticationRequestBuilder) {
+        this.authenticationRequestBuilder = authenticationRequestBuilder;
+    }
+
+}

modules/swagger-codegen/src/main/resources/retrofit/auth/oauthflow.mustache

@@ -0,0 +1,5 @@
+package {{invokerPackage}}.auth;
+
+public enum OauthFlow {
+    accessCode, implicit, password, application
+}