001/*
002 * Licensed under the Apache License, Version 2.0 (the "License");
003 * you may not use this file except in compliance with the License.
004 * You may obtain a copy of the License at
005 *
006 *     http://www.apache.org/licenses/LICENSE-2.0
007 *
008 * Unless required by applicable law or agreed to in writing, software
009 * distributed under the License is distributed on an "AS IS" BASIS,
010 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
011 * See the License for the specific language governing permissions and
012 * limitations under the License.
013 */
014package org.gbif.ws.remoteauth;
015
016import org.gbif.api.model.common.GbifUser;
017import org.gbif.api.service.common.IdentityAccessService;
018import org.gbif.ws.client.ClientBuilder;
019import org.gbif.ws.json.JacksonJsonObjectMapperProvider;
020
021import java.nio.charset.StandardCharsets;
022
023import org.springframework.http.HttpHeaders;
024import org.springframework.http.MediaType;
025import org.springframework.web.bind.annotation.GetMapping;
026import org.springframework.web.bind.annotation.PathVariable;
027import org.springframework.web.bind.annotation.PostMapping;
028import org.springframework.web.bind.annotation.RequestHeader;
029import org.springframework.web.bind.annotation.ResponseBody;
030
031/**
032 * Client to perform remote authentication using Basic and JWT Authentication.
033 */
034public interface IdentityServiceClient extends IdentityAccessService {
035
036  @GetMapping(value = "admin/user/{userName}", produces = MediaType.APPLICATION_JSON_VALUE)
037  @ResponseBody
038  @Override
039  GbifUser get(@PathVariable("userName") String userName);
040
041  @Override
042  default GbifUser authenticate(String userName, String password) {
043    return login("Basic " + HttpHeaders.encodeBasicAuth(userName, password, StandardCharsets.UTF_8))
044        .toGbifUser();
045  }
046
047  @PostMapping(value = "user/login", produces = MediaType.APPLICATION_JSON_VALUE)
048  @ResponseBody
049  LoggedUser login(@RequestHeader(HttpHeaders.AUTHORIZATION) String credentials);
050
051  /**
052   * Creates an instance suitable to be used by a registered application.
053   */
054  static IdentityServiceClient getInstance(
055      String apiUrl, String userName, String appKey, String secretKey) {
056    return new ClientBuilder()
057        .withUrl(apiUrl)
058        .withObjectMapper(JacksonJsonObjectMapperProvider.getObjectMapperWithBuilderSupport())
059        .withAppKeyCredentials(userName, appKey, secretKey)
060        .build(IdentityServiceClient.class);
061  }
062
063  /**
064   * Creates an instance suitable to be used by an admin user.
065   */
066  static IdentityServiceClient getInstance(String apiUrl, String userName, String password) {
067    return new ClientBuilder()
068        .withUrl(apiUrl)
069        .withObjectMapper(JacksonJsonObjectMapperProvider.getObjectMapperWithBuilderSupport())
070        .withCredentials(userName, password)
071        .build(IdentityServiceClient.class);
072  }
073}