Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[JAVA][RestTemplate] How to Configure Authentication in a Generated Java RestTemplate Client? #20360

Open
IfrKonv opened this issue Dec 20, 2024 · 0 comments

Comments

@IfrKonv
Copy link

IfrKonv commented Dec 20, 2024

Hello everyone,

I’m looking for support regarding the generation of a Java client using RestTemplate.

Below, I’ll share the command I used to generate the client:

#!/bin/bash
CURRENT_PRG_NAME=`basename "$PWD"`


GROUP_ID=com.example
VERSION=1.0.0

sudo rm -Rf ${CURRENT_PRG_NAME}


docker run --rm \
  -v ${PWD}:/local openapitools/openapi-generator-cli:v7.10.0 generate \
  -i /local/api.json \
  --api-package ${GROUP_ID}.api \
  --model-package ${GROUP_ID}.model \
  --invoker-package ${GROUP_ID}.invoker \
  --group-id ${GROUP_ID} \
  --artifact-id ${CURRENT_PRG_NAME} \
  --artifact-version ${VERSION} \
  --library resttemplate \
  --import-mappings=DateTime=java.time.LocalDateTime \
  --type-mappings=DateTime=java.time.LocalDateTime \
  --additional-properties=serializationLibrary=jackson \
  --additional-properties=additionalEnumTypeAnnotations=true \
  --additional-properties=generateConstructorWithAllArgs=true \
  --additional-properties=additionalModelTypeAnnotations=true \
  --additional-properties=enumUnknownDefaultCase=true \
  --additional-properties=beanValidations=true \
  --additional-properties=serviceImplementation=true \
  --additional-properties=javaVersion=21 \
  --additional-properties=useJakartaEe=true \
  --additional-properties=testOutput=false \
  -g java \
  --skip-validate-spec \
  --generate-alias-as-model \
  -o /local/${CURRENT_PRG_NAME}

sudo chown $USER: -R ${CURRENT_PRG_NAME}
find ${CURRENT_PRG_NAME} -name AndroidManifest.xml -delete


rm -Rf ${CURRENT_PRG_NAME}/*gradle*
rm -Rf ${CURRENT_PRG_NAME}/.travis.yml
rm -Rf ${CURRENT_PRG_NAME}/.github
rm -Rf ${CURRENT_PRG_NAME}/build*
rm -Rf ${CURRENT_PRG_NAME}/git_push.sh

In my case, I attempted to generate clients for the following APIs:

Now, I have a few questions about handling authentication in the invoker. Specifically, let’s start with the following interface:

public interface Authentication {
    void applyToParams(MultiValueMap<String, String> queryParams, HttpHeaders headers, MultiValueMap<String, String> cookieParams);
}

This interface is extended by several implementations:

  • HttpBasicAuth
  • HttpBearerAuth
  • ApiKeyAuth
  • OAuth

My main question is: "How can I instantiate ApiClient to specify the type of authentication to use?"

The generated client has the following structure:

public class ApiClient extends JavaTimeFormatter {
    // ...

    private Map<String, Authentication> authentications;
    
    public ApiClient() {
        this.restTemplate = this.buildRestTemplate();
        this.init();
    }

    public ApiClient(RestTemplate restTemplate) {
        this.restTemplate = restTemplate;
        this.init();
    }

    protected void init() {
        this.dateFormat = new RFC3339DateFormat();
        this.dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        this.setUserAgent("Java-SDK");
        this.authentications = new HashMap<>();
        this.authentications.put("oauth2-client-credentials", new OAuth());
        this.authentications = Collections.unmodifiableMap(this.authentications);
    }
}

As you can see, in the init method, the authentication map is initialized and locked with Collections.unmodifiableMap.

Since it’s a private field, even extending the class doesn’t allow adding other authentication methods unless I use reflection (which I’d like to avoid, as it defeats the purpose of using this type of tool).

Manually changing the implementation of the generated client doesn’t seem practical either, as it would undermine the whole purpose of client code generation.

Questions:

  1. What is the correct way to use these authentication methods?
  2. What’s the point of making init a protected method, given that it doesn’t seem to provide practical extensibility in this case?

Thank you in advance for your support!

NOTE: openapi-generator version: 7.10.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant