Package com.graphql_java_generator.client

Class OAuthTokenExtractor

java.lang.Object

com.graphql_java_generator.client.OAuthTokenExtractor

public class OAuthTokenExtractor
extends Object

This class is used to retrieve the OAuth token, when in client mode, for subscription. It is used by the SubscriptionClientReactiveImpl class, when executing a subscription. The reason is that the current websocket implementation doesn't use Spring Security OAuth filters. So we have to manually implement them (for subscription only).
This implementation is based on philsttr idea, as explained on this page. Here is what philsttr proposed:

• Create an ExchangeFunction that has two filters that execute in the following order:
• ServerOAuth2AuthorizedClientExchangeFilterFunction
• a custom ExchangeFilterFunction that:
• if the request is a bogus request (from step 2) capture the request's Authorization header and returns a ClientResponse with an Authorization header (without invoking the downstream ExchangeFunction)
• else invoke the downstream ExchangeFunction (to handle requests created by the ServerOAuth2AuthorizedClientExchangeFilterFunction, such as a request to refresh the token)
• Send a bogus request through the ExchangeFunction created in step 1
• grab the Authorization header from the ClientResponse

Using this stream, I can reuse ExchangeFilterFunctions provided by spring security to generically obtain the Authorization header value for use in places other than a WebClient.

Author:

philsttr, etienne-sf

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OAuthTokenExtractor.GetOAuthTokenClientResponse	An implementation of a spring ClientResponse, that will contain the faked response, which body is the value for the Authorization header (that contains the bearer token)
static class	OAuthTokenExtractor.OAuthTokenFilter	This class filters the dummy request, and respond by the OAuthTokenExtractor.GetOAuthTokenClientResponse when the DUMMY_REQUEST is executed

Field Summary

Fields

Modifier and Type	Field	Description
static final String	AUTHORIZATION_HEADER_NAME	The name of the HTTP header that contains the OAuth token

Constructor Summary

Constructors

Constructor	Description
OAuthTokenExtractor(org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction serverOAuth2AuthorizedClientExchangeFilterFunction)

Method Summary

Modifier and Type	Method	Description
String	getAuthorizationHeaderValue()	Returns the Authorization header value, as it has been returned by the ServerOAuth2AuthorizedClientExchangeFilterFunction, from the OAuth authorization server.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

AUTHORIZATION_HEADER_NAME

public static final String AUTHORIZATION_HEADER_NAME

The name of the HTTP header that contains the OAuth token

See Also:

• Constant Field Values

Constructor Details

OAuthTokenExtractor

public OAuthTokenExtractor(org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction serverOAuth2AuthorizedClientExchangeFilterFunction)

Parameters:

serverOAuth2AuthorizedClientExchangeFilterFunction - The ServerOAuth2AuthorizedClientExchangeFilterFunction is responsible for getting OAuth token from the OAuth authorization server. It is optional, and may be provided by the App's spring config. If it is not provided, then there is no OAuth authentication on client side. If provided, then the client uses it to provide the OAuth2 authorization token, when accessing the GraphQL resource server, for queries/mutations/subscriptions.

Method Details

getAuthorizationHeaderValue

public String getAuthorizationHeaderValue()

Returns the Authorization header value, as it has been returned by the ServerOAuth2AuthorizedClientExchangeFilterFunction, from the OAuth authorization server. The method is synchronized to avoid that the client, when using multi-threading, try to retrieve two token simultaneously.

Returns: