org.springframework.web.client.RestOperations Java Examples

/**
 * Perform a read action within a callback that gets access to a session-bound
 * {@link RestOperations} object. {@link HttpStatusCodeException} with
 * {@link HttpStatus#NOT_FOUND} are translated to a {@literal null} response.
 * @param callback must not be {@literal null}.
 * @return can be {@literal null}.
 */
@Nullable
<T> T doRead(Function<RestOperations, ResponseEntity<T>> callback) {

	return this.vaultOperations.doWithSession((restOperations) -> {

		try {
			return callback.apply(restOperations).getBody();
		}
		catch (HttpStatusCodeException e) {

			if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
				return null;
			}

			throw VaultResponses.buildException(e, this.path);
		}
	});
}
 

static Iterable<Function<RestOperations, User>> execute() {
    final ObjectMapper mapper = new ObjectMapper();

    final RequestCallback callback = request -> {
        request.getHeaders().add("Test", "true");
        request.getHeaders().setContentType(MediaType.APPLICATION_JSON);
        mapper.writeValue(request.getBody(), new User("D. Fault", "1984-09-13"));
    };

    final ResponseExtractor<User> extractor = response ->
            mapper.readValue(response.getBody(), User.class);

    return Arrays.asList(
            unit -> unit.execute("/departments/{id}/users", POST, callback, extractor, 1),
            unit -> unit.execute("/departments/{id}/users", POST, callback, extractor, singletonMap("id", 1)),
            unit -> unit.execute(URI.create("/departments/1/users"), POST, callback, extractor)
    );
}
 

public static RestOperations createCommonsHttpRestTemplate(int maxConnPerRoute, int maxConnTotal,
                                                           int connectTimeout, int soTimeout, int retryTimes, RetryPolicyFactory retryPolicyFactory) {
    HttpClient httpClient = HttpClientBuilder.create()
            .setMaxConnPerRoute(maxConnPerRoute)
            .setMaxConnTotal(maxConnTotal)
            .setDefaultSocketConfig(SocketConfig.custom().setSoTimeout(soTimeout).build())
            .setDefaultRequestConfig(RequestConfig.custom().setConnectTimeout(connectTimeout).build())
            .build();
    ClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory(httpClient);
    RestTemplate restTemplate = new RestTemplate(factory);
    //set jackson mapper
    for (HttpMessageConverter<?> hmc : restTemplate.getMessageConverters()) {
        if (hmc instanceof MappingJackson2HttpMessageConverter) {
            ObjectMapper objectMapper = createObjectMapper();
            MappingJackson2HttpMessageConverter mj2hmc = (MappingJackson2HttpMessageConverter) hmc;
            mj2hmc.setObjectMapper(objectMapper);
        }
    }

    return (RestOperations) Proxy.newProxyInstance(RestOperations.class.getClassLoader(),
            new Class[]{RestOperations.class},
            new RetryableRestOperationsHandler(restTemplate, retryTimes, retryPolicyFactory));
}
 

@Test
public void expiredTokenTests() throws Exception {
	JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("one").build();
	JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
			.subject("test-subject")
			.expirationTime(Date.from(Instant.now().minusSeconds(3600)))
			.build();
	SignedJWT signedJWT = signedJwt(keyGeneratorUtils.getPrivateKey(), header, claimsSet);
	List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
	validators.add(new JwtTimestampValidator());
	DelegatingOAuth2TokenValidator<Jwt> validator = new DelegatingOAuth2TokenValidator<Jwt>(validators);
	RestOperations operations = mockRestOperations();
	FirebaseJwtTokenDecoder decoder = new FirebaseJwtTokenDecoder(operations, "https://spring.local", validator);
	assertThatExceptionOfType(JwtException.class)
			.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
			.withMessageStartingWith("An error occurred while attempting to decode the Jwt: Jwt expired at");
}
 

@Override
public VaultHealth doWithRestOperations(RestOperations restOperations) {

	try {
		ResponseEntity<VaultHealthImpl> healthResponse = restOperations.exchange("sys/health", HttpMethod.GET,
				emptyNamespace(null), VaultHealthImpl.class);
		return healthResponse.getBody();
	}
	catch (RestClientResponseException responseError) {

		try {
			ObjectMapper mapper = new ObjectMapper();
			return mapper.readValue(responseError.getResponseBodyAsString(), VaultHealthImpl.class);
		}
		catch (Exception jsonError) {
			throw responseError;
		}
	}
}
 

@Test
public void retryableRestOperationsFailTest() {
	ctx.close();

	int retryTimes = 10;
	RetryPolicyFactory mockedRetryPolicyFactory = Mockito.mock(RetryPolicyFactory.class);
	RetryPolicy mockedRetryPolicy = Mockito.mock(RetryPolicy.class);
	when(mockedRetryPolicyFactory.create()).thenReturn(mockedRetryPolicy);
	when(mockedRetryPolicy.retry(any(Throwable.class))).thenReturn(true);
	RestOperations restOperations = RestTemplateFactory.createCommonsHttpRestTemplate(10, 100, 5000, 5000,
			retryTimes, mockedRetryPolicyFactory);
	try {
		restOperations.getForObject(generateRequestURL("/test"), String.class);
	} catch (Exception e) {
		verify(mockedRetryPolicy, times(retryTimes)).retry(any(Throwable.class));
		// check the type of original exception
		assertTrue(e instanceof ResourceAccessException);
	}

}
 

@Test
public void validTokenTests() throws Exception {
	JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("one").build();
	JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
			.subject("test-subject")
			.audience("123456")
			.expirationTime(Date.from(Instant.now().plusSeconds(36000)))
			.issuer("https://securetoken.google.com/123456")
			.issueTime(Date.from(Instant.now().minusSeconds(3600)))
			.claim("auth_time", Instant.now().minusSeconds(3600).getEpochSecond())
			.build();
	SignedJWT signedJWT = signedJwt(keyGeneratorUtils.getPrivateKey(), header, claimsSet);
	List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
	validators.add(new JwtTimestampValidator());
	validators.add(new JwtIssuerValidator("https://securetoken.google.com/123456"));
	validators.add(new FirebaseTokenValidator("123456"));
	DelegatingOAuth2TokenValidator<Jwt> validator = new DelegatingOAuth2TokenValidator<Jwt>(validators);
	RestOperations operations = mockRestOperations();
	FirebaseJwtTokenDecoder decoder = new FirebaseJwtTokenDecoder(operations, "https://spring.local", validator);
	Jwt jwt = decoder.decode(signedJWT.serialize());
	assertThat(jwt.getClaims()).isNotEmpty();
}
 

@Test
public void invalidIssuedAt() throws Exception {
	JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("one").build();
	JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
			.subject("test-subject")
			.audience("123456")
			.expirationTime(Date.from(Instant.now().plusSeconds(36000)))
			.issuer("https://securetoken.google.com/123456")
			.issueTime(Date.from(Instant.now().plusSeconds(3600)))
			.claim("auth_time", Instant.now().minusSeconds(3600).getEpochSecond())
			.build();
	SignedJWT signedJWT = signedJwt(keyGeneratorUtils.getPrivateKey(), header, claimsSet);
	List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
	validators.add(new JwtTimestampValidator());
	validators.add(new JwtIssuerValidator("https://securetoken.google.com/123456"));
	validators.add(new FirebaseTokenValidator("123456"));
	DelegatingOAuth2TokenValidator<Jwt> validator = new DelegatingOAuth2TokenValidator<Jwt>(validators);
	RestOperations operations = mockRestOperations();
	FirebaseJwtTokenDecoder decoder = new FirebaseJwtTokenDecoder(operations, "https://spring.local", validator);
	assertThatExceptionOfType(JwtException.class)
			.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
			.withMessageStartingWith("An error occurred while attempting to decode the Jwt: iat claim header must be in the past");
}
 

@Test
public void invalidSubject() throws Exception {
	JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.RS256).keyID("one").build();
	JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
			.audience("123456")
			.expirationTime(Date.from(Instant.now().plusSeconds(36000)))
			.issuer("https://securetoken.google.com/123456")
			.issueTime(Date.from(Instant.now().minusSeconds(3600)))
			.claim("auth_time", Instant.now().minusSeconds(3600).getEpochSecond())
			.build();
	SignedJWT signedJWT = signedJwt(keyGeneratorUtils.getPrivateKey(), header, claimsSet);
	List<OAuth2TokenValidator<Jwt>> validators = new ArrayList<>();
	validators.add(new JwtTimestampValidator());
	validators.add(new JwtIssuerValidator("https://securetoken.google.com/123456"));
	validators.add(new FirebaseTokenValidator("123456"));
	DelegatingOAuth2TokenValidator<Jwt> validator = new DelegatingOAuth2TokenValidator<Jwt>(validators);
	RestOperations operations = mockRestOperations();
	FirebaseJwtTokenDecoder decoder = new FirebaseJwtTokenDecoder(operations, "https://spring.local", validator);
	assertThatExceptionOfType(JwtException.class)
			.isThrownBy(() -> decoder.decode(signedJWT.serialize()))
			.withMessageStartingWith("An error occurred while attempting to decode the Jwt: sub claim can not be empty");
}
 

@Test
public void retryableRestOperationsFailAndRetrySuccessTest() throws InterruptedException {
	ctx.close();
	RestOperations restOperations = RestTemplateFactory.createCommonsHttpRestTemplate(10, 100, 5000, 5000, 30,
			RetryPolicyFactories.newRestOperationsRetryPolicyFactory(100));
	Thread appStartThread = new Thread(new Runnable() {
		@Override
		public void run() {
			logger.info(remarkableMessage("New SpringApplication"));
			SpringApplication app2 = new SpringApplication(SimpleTestSpringServer.class);
			app2.setBannerMode(Mode.OFF);
			ctx = app2.run("");
			ctx.start();
		}
	});
	appStartThread.start();
	String response = restOperations.getForObject(generateRequestURL("/test"), String.class);
	assertEquals(targetResponse, response);
	appStartThread.join();
}
 

@SuppressWarnings("unchecked")
@Before
public void setup() throws SQLException {
    restOperations = EasyMock.createNiceMock(RestOperations.class);
    EasyMock.expect(restOperations.postForObject(EasyMock.anyObject(String.class), EasyMock.anyObject(String.class), EasyMock.anyObject(Class.class)))
            .andReturn(VALID_METADATA);
    EasyMock.replay(restOperations);

    //Replace the real restOperations instance with a mock -- otherwise the call for gadget metadata would fail since
    //we don't have a shindig server available to hit.
    ReflectionTestUtils.setField(metadataRepository, "restOperations", restOperations);

    //Setup a mock authenticated user
    final User authUser = new UserImpl(VALID_USER_ID, VALID_USER_NAME);
    AbstractAuthenticationToken auth = EasyMock.createNiceMock(AbstractAuthenticationToken.class);
    EasyMock.expect(auth.getPrincipal()).andReturn(authUser).anyTimes();
    EasyMock.replay(auth);

    SecurityContext context = new SecurityContextImpl();
    context.setAuthentication(auth);
    SecurityContextHolder.setContext(context);
}
 

@ParameterizedTest
@MethodSource("delete")
void shouldDelete(final Consumer<RestOperations> test) {
    driver.addExpectation(onRequestTo("/users/1").withMethod(Method.DELETE),
            giveEmptyResponse());

    test.accept(new HttpOperations(http));
}
 

private RestOperations mockRestOperations() throws Exception {
	Map<String, String> payload = new HashMap<>();
	payload.put("one", keyGeneratorUtils.getPublicKeyCertificate());
	HttpHeaders headers = new HttpHeaders();
	headers.add(HttpHeaders.CACHE_CONTROL, CacheControl.maxAge(3600L, TimeUnit.SECONDS).getHeaderValue());
	ResponseEntity<Map<String, String>> response = new ResponseEntity<>(payload, headers, HttpStatus.OK);
	return mockRestOperations(response);
}
 

private boolean concurrentRequest(RestOperations restTemplate, int threadCnt, int timeoutMillSecond) throws Exception {
    CountDownLatch latch = new CountDownLatch(threadCnt);
    IntStream.range(0, threadCnt).forEach(i -> {
        new Thread(() -> {
            restTemplate.getForEntity("http://127.0.0.1:" + PORT, String.class);
            latch.countDown();
        }).start();
    });
    return latch.await(timeoutMillSecond, TimeUnit.MILLISECONDS);
}
 

/**
 * Create a new {@link AwsIamAuthentication} specifying
 * {@link AwsIamAuthenticationOptions}, a Vault and an AWS-Metadata-specific
 * {@link RestOperations}.
 * @param options must not be {@literal null}.
 * @param vaultRestOperations must not be {@literal null}.
 */
public AwsIamAuthentication(AwsIamAuthenticationOptions options, RestOperations vaultRestOperations) {

	Assert.notNull(options, "AwsIamAuthenticationOptions must not be null");
	Assert.notNull(vaultRestOperations, "Vault RestOperations must not be null");

	this.options = options;
	this.vaultRestOperations = vaultRestOperations;
}
 

@Override
public ClientAuthentication getClientAuthentication(
		VaultEnvironmentProperties vaultProperties,
		RestOperations vaultRestOperations, RestOperations externalRestOperations) {

	AppRoleAuthenticationOptions options = getAppRoleAuthenticationOptions(
			vaultProperties);

	return new AppRoleAuthentication(options, vaultRestOperations);
}
 

@Override
public ClientAuthentication getClientAuthentication(
		VaultEnvironmentProperties vaultProperties,
		RestOperations vaultRestOperations, RestOperations externalRestOperations) {

	VaultEnvironmentProperties.PcfProperties pcfProperties = vaultProperties.getPcf();

	assertClassPresent("org.bouncycastle.crypto.signers.PSSSigner",
			missingClassForAuthMethod("BouncyCastle", "bcpkix-jdk15on",
					AuthenticationMethod.PCF));
	Assert.hasText(pcfProperties.getRole(),
			missingPropertyForAuthMethod("pcf.role", AuthenticationMethod.PCF));

	PcfAuthenticationOptions.PcfAuthenticationOptionsBuilder builder = PcfAuthenticationOptions
			.builder().role(pcfProperties.getRole()).path(pcfProperties.getPcfPath());

	if (pcfProperties.getInstanceCertificate() != null) {
		builder.instanceCertificate(new ResourceCredentialSupplier(
				pcfProperties.getInstanceCertificate()));
	}

	if (pcfProperties.getInstanceKey() != null) {
		builder.instanceKey(
				new ResourceCredentialSupplier(pcfProperties.getInstanceKey()));
	}

	return new PcfAuthentication(builder.build(), vaultRestOperations);
}
 

@Override
public CredentialProvider create(final SocialProperties properties) {
    if (properties instanceof UnconfiguredProperties) {
        return new OAuth2CredentialProvider<>(OAUTH_2);
    }

    if (!(properties instanceof OAuth2ConnectorProperties)) {
        throw new IllegalArgumentException(String.format("Unsupported social properties instance - " +
                "expected properties of type %s, but found %s", OAuth2ConnectorProperties.class, properties.getClass()));
    }

    final OAuth2ConnectorProperties oauth2Properties = (OAuth2ConnectorProperties) properties;

    final String appId = oauth2Properties.getAppId();
    final String appSecret = oauth2Properties.getAppSecret();
    final String authorizationUrl = oauth2Properties.getAuthorizationUrl();
    final String authenticationUrl = oauth2Properties.getAuthenticationUrl();
    final String accessTokenUrl = oauth2Properties.getAccessTokenUrl();
    final boolean useParametersForClientCredentials = oauth2Properties.isUseParametersForClientCredentials();
    final TokenStrategy tokenStrategy = oauth2Properties.getTokenStrategy();
    final String scope = oauth2Properties.getScope();

    final OAuth2ServiceProvider<RestOperations> serviceProvider = new GenericOAuth2ServiceProvider(appId, appSecret, authorizationUrl,
        authenticationUrl, accessTokenUrl, useParametersForClientCredentials, tokenStrategy);

    final OAuth2ConnectionFactory<RestOperations> connectionFactory = new OAuth2ConnectionFactory<>(OAUTH_2, serviceProvider, null);
    connectionFactory.setScope(scope);

    final OAuth2Applicator applicator = new OAuth2Applicator(properties);
    applicator.setAccessTokenProperty("accessToken");
    applicator.setAccessTokenExpiresAtProperty("accessTokenExpiresAt");

    applicator.setRefreshTokenProperty("refreshToken");
    applicator.setClientIdProperty("clientId");
    applicator.setClientSecretProperty("clientSecret");

    return new OAuth2CredentialProvider<>(OAUTH_2, connectionFactory, applicator, oauth2Properties.getAdditionalQueryParameters());
}
 

@Override
public ClientAuthentication getClientAuthentication(
		VaultEnvironmentProperties vaultProperties,
		RestOperations vaultRestOperations, RestOperations externalRestOperations) {

	Assert.hasText(vaultProperties.getToken(),
			missingPropertyForAuthMethod("token", AuthenticationMethod.TOKEN));

	return new TokenAuthentication(vaultProperties.getToken());
}
 

private RestOperations mockRestOperations(ResponseEntity<Map<String, String>> response) {
	RestOperations mock = mock(RestOperations.class);
	when(mock.exchange(eq("https://spring.local"),
			eq(HttpMethod.GET),
			isNull(),
			eq(new ParameterizedTypeReference<Map<String, String>>() { })))
			.thenReturn(response);
	return mock;
}
 

@Test
void shouldExecuteWithoutCallbackOrExtractor() {
    driver.addExpectation(onRequestTo("/departments/1/users")
                    .withMethod(Method.POST),
            giveEmptyResponse());

    final RestOperations unit = new HttpOperations(http);
    @Nullable final User user = unit.execute("/departments/{id}/users", POST, null, null, 1);

    assertNull(user);
}
 

/**
 * Create a new {@link GcpComputeAuthentication} instance given
 * {@link GcpComputeAuthenticationOptions} and {@link RestOperations} for Vault and
 * Google API use.
 * @param options must not be {@literal null}.
 * @param vaultRestOperations must not be {@literal null}.
 * @param googleMetadataRestOperations must not be {@literal null}.
 */
public GcpComputeAuthentication(GcpComputeAuthenticationOptions options, RestOperations vaultRestOperations,
		RestOperations googleMetadataRestOperations) {

	super(vaultRestOperations);

	Assert.notNull(options, "GcpGceAuthenticationOptions must not be null");
	Assert.notNull(googleMetadataRestOperations, "Google Metadata RestOperations must not be null");

	this.options = options;
	this.googleMetadataRestOperations = googleMetadataRestOperations;
}
 

@ParameterizedTest
@MethodSource("postForLocation")
void shouldPostForLocation(final Function<RestOperations, URI> test) {
    driver.addExpectation(onRequestTo("/departments/1/users")
                    .withMethod(Method.POST)
                    .withBody("{\"name\":\"D. Fault\",\"birthday\":\"1984-09-13\"}", "application/json"),
            giveEmptyResponse().withHeader("Location", "/departments/1/users/1"));

    final URI location = test.apply(new HttpOperations(http));

    assertNotNull(location);
    assertEquals("/departments/1/users/1", location.toString());
}
 

/**
 * Create a new {@link CubbyholeAuthentication} given
 * {@link CubbyholeAuthenticationOptions} and {@link RestOperations}.
 * @param options must not be {@literal null}.
 * @param restOperations must not be {@literal null}.
 */
public CubbyholeAuthentication(CubbyholeAuthenticationOptions options, RestOperations restOperations) {

	Assert.notNull(options, "CubbyholeAuthenticationOptions must not be null");
	Assert.notNull(restOperations, "RestOperations must not be null");

	this.options = options;
	this.restOperations = restOperations;
}
 

private ListenableFuture<WebSocketSession> connect(RestOperations restTemplate, ClientHttpResponse... responses)
		throws Exception {

	RestTemplateXhrTransport transport = new RestTemplateXhrTransport(restTemplate);
	transport.setTaskExecutor(new SyncTaskExecutor());

	SockJsUrlInfo urlInfo = new SockJsUrlInfo(new URI("http://example.com"));
	HttpHeaders headers = new HttpHeaders();
	headers.add("h-foo", "h-bar");
	TransportRequest request = new DefaultTransportRequest(urlInfo, headers, headers,
			transport, TransportType.XHR, CODEC);

	return transport.connect(request, this.webSocketHandler);
}
 

private RestOperations buildOAuth2RestTemplate(final String tokenName, final ResponseErrorHandler errorHandler) {
    final RestTemplate restTemplate = new StupsOAuth2RestTemplate(
            new StupsTokensAccessTokenProvider(tokenName, accessTokens),
            new HttpComponentsClientHttpRequestFactory());

    if (errorHandler != null) {
        restTemplate.setErrorHandler(errorHandler);
    }

    return restTemplate;
}
 

@ParameterizedTest
@MethodSource("head")
void shouldHead(final Function<RestOperations, HttpHeaders> test) {
    driver.addExpectation(onRequestTo("/users/1").withMethod(Method.HEAD),
            giveEmptyResponse().withHeader("Test", "true"));

    final HttpHeaders headers = test.apply(new HttpOperations(http));

    assertEquals("true", headers.getFirst("Test"));
}
 

@Test
public void unsignedTokenTests() {
	JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
			.subject("test-subject")
			.expirationTime(Date.from(Instant.now().plusSeconds(60)))
			.build();
	PlainJWT plainJWT = new PlainJWT(claimsSet);

	FirebaseJwtTokenDecoder decoder = new FirebaseJwtTokenDecoder(mock(RestOperations.class), "https://spring.local", mock(OAuth2TokenValidator.class));
	assertThatExceptionOfType(JwtException.class)
			.isThrownBy(() -> decoder.decode(plainJWT.serialize()))
			.withMessageStartingWith("An error occurred while attempting to decode the Jwt");
}
 

@Bean(name = FILE_REST_OPERATIONS)
public RestOperations fileRestOperations() {
    HttpComponentsClientHttpRequestFactory factory = new HttpComponentsClientHttpRequestFactory();
    factory.setConnectTimeout(20000);
    factory.setReadTimeout(20000);
    RestTemplate restTemplate = (RestTemplate) RestTemplateFactory.getRestOperations(factory);
    restTemplate.getMessageConverters().add(new ByteArrayHttpMessageConverter());
    return restTemplate;
}
 

public PagingIterator(RestOperations restOperations, URI uri, Class<E> responseType) {
	Assert.notNull(restOperations, "restOperations should not be null");
	Assert.notNull(uri, "URI should not be null");
	Assert.notNull(responseType, "ResponseType should never be null");
	this.restOperations = restOperations;
	this.uri = uri;
	this.responseType = responseType;
}