#19 - ENH: Add Basic Authentication support - BasicAuthIntercept

Author: rbygrave

client/src/main/java/io/avaje/http/client/BasicAuthIntercept.java

@@ -0,0 +1,38 @@
+package io.avaje.http.client;
+
+import java.net.http.HttpResponse;
+import java.util.Base64;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+
+/**
+ * Adds Basic Authorization header to requests.
+ */
+public class BasicAuthIntercept implements RequestIntercept {
+
+  private final String headerValue;
+
+  /**
+   * Construct with the username and password.
+   */
+  public BasicAuthIntercept(String username, String password) {
+    this.headerValue = "Basic "+encode(username, password);
+  }
+
+  /**
+   * Return Base64 encoding of {@literal username:password}
+   */
+  public static String encode(String username, String password) {
+    return Base64.getEncoder().encodeToString((username + ":" + password).getBytes(UTF_8));
+  }
+
+  @Override
+  public void beforeRequest(HttpClientRequest request) {
+    request.header("Authorization", headerValue);
+  }
+
+  @Override
+  public void afterResponse(HttpResponse<?> response, HttpClientRequest request) {
+    // do nothing
+  }
+}

client/src/main/java/io/avaje/http/client/DHttpClientRequest.java

@@ -91,6 +91,12 @@ public HttpClientRequest header(String name, Object value) {
     return value != null ? header(name, value.toString()) : this;
   }
 
+  @Override
+  public List<String> header(String name) {
+    final List<String> values = headers.get(name);
+    return values == null ? Collections.emptyList() : values;
+  }
+
   @Override
   public HttpClientRequest gzip(boolean gzip) {
     this.gzip = gzip;

client/src/main/java/io/avaje/http/client/HttpClientRequest.java

@@ -5,6 +5,7 @@
 import java.net.http.HttpRequest;
 import java.nio.file.Path;
 import java.time.Duration;
+import java.util.List;
 import java.util.function.Supplier;
 
 /**
@@ -69,6 +70,13 @@ public interface HttpClientRequest {
    */
   HttpClientRequest header(String name, Object value);
 
+  /**
+   * Return the header values that have been set for the given header name.
+   *
+   * @return The headers values or an empty collection if the header has not been specified yet.
+   */
+  List<String> header(String name);
+
   /**
    * Set if body content should be gzip encoded.
    *

client/src/test/java/io/avaje/http/client/BasicAuthInterceptTest.java

@@ -0,0 +1,30 @@
+package io.avaje.http.client;
+
+import org.junit.jupiter.api.Test;
+
+import java.util.List;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class BasicAuthInterceptTest {
+
+  @Test
+  void encode() {
+    final String encode = BasicAuthIntercept.encode("Aladdin", "open sesame");
+    assertThat(encode).isEqualTo("QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+  }
+
+  @Test
+  void beforeRequest() {
+    // setup
+    final BasicAuthIntercept intercept = new BasicAuthIntercept("Aladdin", "open sesame");
+    final HttpClientContext ctx = HttpClientContext.newBuilder().withBaseUrl("junk").build();
+
+    // act
+    final HttpClientRequest request = ctx.request();
+    intercept.beforeRequest(request);
+
+    final List<String> values = request.header("Authorization");
+    assertThat(values).containsExactly("Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==");
+  }
+}

client/src/test/java/io/avaje/http/client/HelloBasicAuthTest.java

@@ -0,0 +1,35 @@
+package io.avaje.http.client;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.junit.jupiter.api.Test;
+
+import java.net.http.HttpResponse;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class HelloBasicAuthTest extends BaseWebTest {
+
+  final HttpClientContext clientContext = client();
+
+  public static HttpClientContext client() {
+    return HttpClientContext.newBuilder()
+      .withBaseUrl(baseUrl)
+      .withRequestListener(new RequestLogger())
+      .withBodyAdapter(new JacksonBodyAdapter(new ObjectMapper()))
+      .withRequestIntercept(new BasicAuthIntercept("rob", "bot"))
+      .build();
+  }
+
+  @Test
+  void basicAuth() {
+
+    final HttpResponse<String> hres = clientContext.request()
+      .path("hello/basicAuth")
+      .GET()
+      .asString();
+
+    assertThat(hres.statusCode()).isEqualTo(200);
+    assertThat(hres.body()).isEqualTo("decoded: rob:bot");
+  }
+
+}

client/src/test/java/org/example/webserver/HelloController$Route.java

@@ -36,6 +36,12 @@ public void registerRoutes() {
       ctx.contentType("text/plain").result(controller.retry());
     });
 
+    ApiBuilder.get("/hello/basicAuth", ctx -> {
+      ctx.status(200);
+      final String authorization = ctx.header("Authorization");
+      ctx.result(controller.basicAuth(authorization));
+    });
+
     ApiBuilder.get("/hello/stream", ctx -> {
       ctx.status(200);
       controller.stream(ctx);

client/src/test/java/org/example/webserver/HelloController.java

@@ -1,20 +1,15 @@
 package org.example.webserver;
 
-import io.avaje.http.api.Controller;
-import io.avaje.http.api.Delete;
-import io.avaje.http.api.Form;
-import io.avaje.http.api.Get;
-import io.avaje.http.api.MediaType;
-import io.avaje.http.api.Path;
-import io.avaje.http.api.Post;
-import io.avaje.http.api.Produces;
+import io.avaje.http.api.*;
 import io.javalin.http.Context;
 
 import javax.validation.Valid;
 import java.time.LocalDate;
 import java.util.ArrayList;
+import java.util.Base64;
 import java.util.List;
 
+import static java.nio.charset.StandardCharsets.UTF_8;
 import static java.util.Objects.requireNonNull;
 
 /**
@@ -47,6 +42,15 @@ String retry() {
     }
   }
 
+  @Get
+  String basicAuth(@Header String authorization) {
+    final String[] split = authorization.split(" ");
+    if (split[0].equals("Basic")) {
+      return "decoded: " + new String(Base64.getDecoder().decode(split[1]), UTF_8);
+    }
+    return "NotExpected: " + authorization;
+  }
+
   @Get("stream")
   void stream(Context context) {
     // simulate x-json-stream response