com.identityx.clientSDK.base.BaseRepoFactory Maven / Gradle / Ivy
/*
* Copyright Daon.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.identityx.clientSDK.base;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import com.daon.identityx.rest.model.pojo.Token;
import com.identityx.auth.client.HttpClientRequestExecutor;
import com.identityx.auth.def.IApiKey;
import com.identityx.auth.impl.AuthenticationScheme;
import com.identityx.auth.impl.Proxy;
import com.identityx.auth.impl.keys.ADCredentialsKey;
import com.identityx.auth.impl.keys.SharedSecretApiKey;
import com.identityx.clientSDK.def.ICredentialsProvider;
import com.identityx.clientSDK.exceptions.IdxRestException;
import com.identityx.clientSDK.repositories.SessionTokenRepository;
/**
* Base class for the {@link com.identityx.clientSDK.SystemRepoFactory} and {link com.identityx.clientSDK.TenantRepoFactory}
*
*
*/
public abstract class BaseRepoFactory {
private String cookie = null;
protected SessionTokenRepository sessionTokenRepo = new SessionTokenRepository();
protected String defaultCn = "daon.com";
private RestClient restClient = new RestClient();
/**
* Use this to configure the RestClient
* @return
*/
public RestClient getRestClient() {
return restClient;
}
/**
* A RestClient object is created by default, you should not need to call this method.
* @param restClient
*/
public void setRestClient(RestClient restClient) {
this.restClient = restClient;
}
/**
* Gets a session token
* @return a session token in the form of {@link SharedSecretApiKey}
* @throws IdxRestException
*/
protected SharedSecretApiKey getSessionKey() throws IdxRestException {
KeyHelper keyHelper;
SharedSecretApiKey newApiKey = null;
try {
keyHelper = new KeyHelper();
Token newToken = new Token();
newToken.setPublicKey(keyHelper.getPublicKeyForTokenRequest(defaultCn));
newToken = sessionTokenRepo.create(newToken);
newApiKey = keyHelper.createFromToken(newToken);
setCookie("idx=" + newToken.getCookie());
} catch (NoSuchAlgorithmException | InvalidKeyException | NoSuchPaddingException | IllegalBlockSizeException | BadPaddingException | IOException e) {
throw new IdxRestException("Failed to get a session key", e);
}
return newApiKey;
}
public String getCookie() {
return cookie;
}
public void setCookie(String cookie) {
this.cookie = cookie;
}
public SessionTokenRepository getSessionTokenRepo() {
return sessionTokenRepo;
}
protected abstract void initRepos(RestClient restClient, String baseUrl);
protected SharedSecretApiKey initSessionAccessToken(IApiKey apiKey, String baseUrl, Proxy proxy, SSLConnectionSocketFactory sslCSF) throws IdxRestException {
SharedSecretApiKey ssKey = null;
if (apiKey instanceof ADCredentialsKey) {
getSessionTokenRepo().getRestClient().setProxy(proxy);
getSessionTokenRepo().init(apiKey, true, baseUrl, getCookie(), sslCSF);
ssKey = getSessionKey(); // this will create the cookie
}
else if (apiKey instanceof SharedSecretApiKey) {
ssKey = (SharedSecretApiKey)apiKey;
}
else {
throw new IllegalArgumentException("apiKey");
}
return ssKey;
}
protected void init(IApiKey apiKey, IApiKey responseApiKey, String baseUrl, Proxy proxy, SSLConnectionSocketFactory sslCSF, boolean ignoreCookies) throws IdxRestException {
IApiKey ssKey = apiKey;
if (apiKey instanceof ADCredentialsKey) {
ssKey = initSessionAccessToken(apiKey, baseUrl, proxy, sslCSF);
}
initRestClient(ssKey, responseApiKey, proxy, sslCSF, ignoreCookies);
initRepos(getRestClient(), baseUrl);
}
protected RestClient initRestClient(IApiKey apiKey, IApiKey responseApiKey, Proxy proxy, SSLConnectionSocketFactory sslCSF, boolean ignoreCookies) {
restClient.setProxy(proxy);
restClient.init(apiKey, responseApiKey, sslCSF, ignoreCookies);
restClient.setCookie(getCookie());
return restClient;
}
public static abstract class RepoFactoryBuilder {
private String baseUrl;
private RestClient restClient;
private boolean createBrowserSession = false;
private ICredentialsProvider credentialProvider;
private boolean ignoreCookies = true;
public RepoFactoryBuilder() {
}
public RepoFactoryBuilder setRestClient(RestClient restClient) {
this.restClient = restClient;
return this;
}
public RepoFactoryBuilder setCredentialsProvider(ICredentialsProvider credentialProvider) {
this.credentialProvider = credentialProvider;
return this;
}
public RepoFactoryBuilder setCreateBrowserSession(boolean createBrowserSession) {
this.createBrowserSession = createBrowserSession;
return this;
}
public RepoFactoryBuilder setIgnoreCookies(boolean ignoreCookies) {
this.ignoreCookies = ignoreCookies;
return this;
}
public RepoFactoryBuilder setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
return this;
}
protected abstract BaseRepoFactory build() throws IdxRestException;
protected BaseRepoFactory build(BaseRepoFactory repoFactory) throws IdxRestException {
if (createBrowserSession && !ignoreCookies) {
throw new IllegalArgumentException("Cannot support cookies if managing a browser session");
}
if (credentialProvider == null && restClient == null) {
throw new IllegalArgumentException("Credentials or a fully initialized rest client are required");
}
if (!createBrowserSession && credentialProvider != null && restClient != null) {
throw new IllegalArgumentException("Both credentials and restClient are provided. Please initialize the restClient with the apiKey and provide just the restClient and the baseUrl");
}
if (credentialProvider != null && baseUrl != null && !baseUrl.isEmpty()) {
throw new IllegalArgumentException("Providing both a credentialProvider and a baseUrl will cause confusion");
}
if (credentialProvider != null) {
this.baseUrl = credentialProvider.getBaseUrl();
IApiKey apiKey = credentialProvider.getApiKey();
if (restClient != null) {
if (createBrowserSession) {
return buildWithBrowserSession(repoFactory, apiKey, this.baseUrl, restClient);
}
else {
// this will never be called
repoFactory.initRepos(restClient, baseUrl);
}
return repoFactory;
}
else { /* we have a restClient*/
RestClient newRestClient;
if (createBrowserSession) {
return buildWithBrowserSession(repoFactory, apiKey, this.baseUrl, null);
}
else {
if (apiKey instanceof ADCredentialsKey) {
HttpClientRequestExecutor requestExecutor = new HttpClientRequestExecutor.HttpClientRequestExecutorBuilder()
.setApiKey(apiKey)
.setAuthenticationScheme(AuthenticationScheme.BASIC)
.setResponseApiKey(apiKey)
.build();
newRestClient = new RestClient.RestClientBuilder()
.setIgnoreCookies(ignoreCookies)
.setRequestExecutor(requestExecutor)
.build();
repoFactory.initRepos(newRestClient, baseUrl);
}
else {
repoFactory.initRepos(restClient, baseUrl);
}
}
return repoFactory;
}
}
else {
if (restClient == null || restClient.getRequestExecutor() == null) {
throw new IllegalStateException("Cannot build without a restClient or restClient.requestExecutor");
}
if (baseUrl == null) {
throw new IllegalStateException("Cannot build without a baseUrl");
}
if (createBrowserSession) {
return buildWithBrowserSession(repoFactory, restClient.getApiKey(), baseUrl, restClient);
}
repoFactory.initRepos(restClient, baseUrl);
return repoFactory;
}
}
protected BaseRepoFactory buildWithBrowserSession(BaseRepoFactory pRepoFactory, IApiKey pApiKey, String pBaseUrl, RestClient pRestClient) throws IdxRestException {
// if we can get an apiKey we use it to build a restClient
// if we can get an apiKey and a pRestClient we re-initialise the pRestClient with the sharedApiKey we got from the sessionToken endpoint
// if we get no apiKey we will use the pRestClient (we assume is pre-configured) to get a sharedApiKey then we we re-initialise the pRestClient with the sharedApiKey
RestClient newRestClient = null;
RestClient sessionTokenRestClient = null;
if (pRestClient == null) {
sessionTokenRestClient = new RestClient.RestClientBuilder().setApiKey(pApiKey).setResponseApiKey(pApiKey).setBasicIDX(true).build();
}
else {
sessionTokenRestClient = pRestClient;
}
SharedSecretApiKey newSSKey = null;
if (pApiKey instanceof ADCredentialsKey) {
pRepoFactory.getSessionTokenRepo().init(sessionTokenRestClient, pBaseUrl);
newSSKey = pRepoFactory.getSessionKey(); // this will create the cookie
}
else {
// assume you have some other header (saml?) that will authenticate you
pRepoFactory.getSessionTokenRepo().init(pRestClient, pBaseUrl);
newSSKey = pRepoFactory.getSessionKey(); // this will create the cookie
}
if (pRestClient == null) {
newRestClient = new RestClient.RestClientBuilder().setApiKey(newSSKey).setCookie(pRepoFactory.getCookie()).build();
}
else {
newRestClient = new RestClient.RestClientBuilder().setApiKey(newSSKey)
.setCookie(pRepoFactory.getCookie())
.setObjectMapper(pRestClient.getObjectMapper())
.setProxy(pRestClient.getProxy())
.setSSLConnectionSocketFactory(pRestClient.getSSLConnectionSocketFactory())
.setHeaders(pRestClient.getHeaders() != null ? pRestClient.getHeaders().clone() : null)
.build();
}
pRepoFactory.initRepos(newRestClient, pBaseUrl);
return pRepoFactory;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy