box / box-java-sdk-gen / #15

Committed 17 Mar 2025 04:26PM UTC coverage: 35.213%. First build

Build # #15

Build Type

push

github

Committed by

web-flow

Commit Message

feat: Expose token storage for authentication classes (box/box-codegen#682) (#250)

Run Details

0 of 4 new or added lines in 4 files covered. (0.0%)

15237 of 43271 relevant lines covered (35.21%)

0.35 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.63

/src/main/java/com/box/sdkgen/box/jwtauth/BoxJWTAuth.java

package com.box.sdkgen.box.jwtauth;

import static com.box.sdkgen.internal.utils.UtilsManager.createJwtAssertion;
import static com.box.sdkgen.internal.utils.UtilsManager.entryOf;
import static com.box.sdkgen.internal.utils.UtilsManager.getEpochTimeInSeconds;
import static com.box.sdkgen.internal.utils.UtilsManager.getUuid;
import static com.box.sdkgen.internal.utils.UtilsManager.isBrowser;
import static com.box.sdkgen.internal.utils.UtilsManager.mapOf;

import com.box.sdkgen.box.errors.BoxSDKError;
import com.box.sdkgen.box.tokenstorage.InMemoryTokenStorage;
import com.box.sdkgen.box.tokenstorage.TokenStorage;
import com.box.sdkgen.internal.utils.JwtKey;
import com.box.sdkgen.internal.utils.JwtSignOptions;
import com.box.sdkgen.managers.authorization.AuthorizationManager;
import com.box.sdkgen.networking.auth.Authentication;
import com.box.sdkgen.networking.network.NetworkSession;
import com.box.sdkgen.schemas.accesstoken.AccessToken;
import com.box.sdkgen.schemas.postoauth2revoke.PostOAuth2Revoke;
import com.box.sdkgen.schemas.postoauth2token.PostOAuth2Token;
import com.box.sdkgen.schemas.postoauth2token.PostOAuth2TokenGrantTypeField;
import com.box.sdkgen.schemas.postoauth2token.PostOAuth2TokenSubjectTokenTypeField;
import java.util.List;
import java.util.Map;

public class BoxJWTAuth implements Authentication {

  public final JWTConfig config;

  public final TokenStorage tokenStorage;

  public String subjectId;

  public String subjectType;

  public BoxJWTAuth(JWTConfig config) {
    this.config = config;
    this.tokenStorage = this.config.getTokenStorage();
    this.subjectId =
        (!(this.config.getEnterpriseId() == null)
            ? this.config.getEnterpriseId()
            : this.config.getUserId());
    this.subjectType = (!(this.config.getEnterpriseId() == null) ? "enterprise" : "user");
  }

  public AccessToken refreshToken() {
    return refreshToken(null);
  }

  @Override
  public AccessToken refreshToken(NetworkSession networkSession) {
    if (isBrowser()) {
      throw new BoxSDKError("JWT auth is not supported in browser environment.");
    }
    Map<String, Object> claims =
        mapOf(
            entryOf("exp", getEpochTimeInSeconds() + 30),
            entryOf("box_sub_type", this.subjectType));
    JwtSignOptions jwtOptions =
        new JwtSignOptions(
            this.config.getAlgorithm(),
            "https://api.box.com/oauth2/token",
            this.config.getClientId(),
            this.subjectId,
            getUuid(),
            this.config.getJwtKeyId());
    JwtKey jwtKey = new JwtKey(this.config.getPrivateKey(), this.config.getPrivateKeyPassphrase());
    String assertion = createJwtAssertion(claims, jwtKey, jwtOptions);
    AuthorizationManager authManager = new AuthorizationManager();
    AccessToken token =
        authManager.requestAccessToken(
            new PostOAuth2Token.PostOAuth2TokenBuilder(
                    PostOAuth2TokenGrantTypeField.URN_IETF_PARAMS_OAUTH_GRANT_TYPE_JWT_BEARER)
                .assertion(assertion)
                .clientId(this.config.getClientId())
                .clientSecret(this.config.getClientSecret())
                .build());
    this.tokenStorage.store(token);
    return token;
  }

  public AccessToken retrieveToken() {
    return retrieveToken(null);
  }

  @Override
  public AccessToken retrieveToken(NetworkSession networkSession) {
    AccessToken oldToken = this.tokenStorage.get();
    if (oldToken == null) {
      AccessToken newToken = this.refreshToken(networkSession);
      return newToken;
    }
    return oldToken;
  }

  public String retrieveAuthorizationHeader() {
    return retrieveAuthorizationHeader(null);
  }

  @Override
  public String retrieveAuthorizationHeader(NetworkSession networkSession) {
    AccessToken token = this.retrieveToken(networkSession);
    return String.join("", "Bearer ", token.getAccessToken());
  }

  public BoxJWTAuth withUserSubject(String userId) {
    return withUserSubject(userId, new InMemoryTokenStorage());
  }

  public BoxJWTAuth withUserSubject(String userId, TokenStorage tokenStorage) {
    JWTConfig newConfig =
        new JWTConfig.JWTConfigBuilder(
                this.config.getClientId(),
                this.config.getClientSecret(),
                this.config.getJwtKeyId(),
                this.config.getPrivateKey(),
                this.config.getPrivateKeyPassphrase())
            .enterpriseId(null)
            .userId(userId)
            .tokenStorage(tokenStorage)
            .build();
    BoxJWTAuth newAuth = new BoxJWTAuth(newConfig);
    return newAuth;
  }

  public BoxJWTAuth withEnterpriseSubject(String enterpriseId) {
    return withEnterpriseSubject(enterpriseId, new InMemoryTokenStorage());
  }

  public BoxJWTAuth withEnterpriseSubject(String enterpriseId, TokenStorage tokenStorage) {
    JWTConfig newConfig =
        new JWTConfig.JWTConfigBuilder(
                this.config.getClientId(),
                this.config.getClientSecret(),
                this.config.getJwtKeyId(),
                this.config.getPrivateKey(),
                this.config.getPrivateKeyPassphrase())
            .enterpriseId(enterpriseId)
            .userId(null)
            .tokenStorage(tokenStorage)
            .build();
    BoxJWTAuth newAuth = new BoxJWTAuth(newConfig);
    return newAuth;
  }

  @Override
  public AccessToken downscopeToken(
      List<String> scopes, String resource, String sharedLink, NetworkSession networkSession) {
    AccessToken token = this.tokenStorage.get();
    if (token == null) {
      throw new BoxSDKError(
          "No access token is available. Make an API call to retrieve a token before calling this method.");
    }
    AuthorizationManager authManager = new AuthorizationManager();
    AccessToken downscopedToken =
        authManager.requestAccessToken(
            new PostOAuth2Token.PostOAuth2TokenBuilder(
                    PostOAuth2TokenGrantTypeField.URN_IETF_PARAMS_OAUTH_GRANT_TYPE_TOKEN_EXCHANGE)
                .subjectToken(token.getAccessToken())
                .subjectTokenType(
                    PostOAuth2TokenSubjectTokenTypeField
                        .URN_IETF_PARAMS_OAUTH_TOKEN_TYPE_ACCESS_TOKEN)
                .resource(resource)
                .scope(String.join(" ", scopes))
                .boxSharedLink(sharedLink)
                .build());
    return downscopedToken;
  }

  public void revokeToken() {
    revokeToken(null);
  }

  @Override
  public void revokeToken(NetworkSession networkSession) {
    AccessToken oldToken = this.tokenStorage.get();
    if (oldToken == null) {
      return;
    }
    AuthorizationManager authManager = new AuthorizationManager();
    authManager.revokeAccessToken(
        new PostOAuth2Revoke.PostOAuth2RevokeBuilder()
            .clientId(this.config.getClientId())
            .clientSecret(this.config.getClientSecret())
            .token(oldToken.getAccessToken())
            .build());
    this.tokenStorage.clear();
  }

  public JWTConfig getConfig() {
    return config;
  }

  public TokenStorage getTokenStorage() {
    return tokenStorage;
  }
}

1	package com.box.sdkgen.box.jwtauth;
2
3	import static com.box.sdkgen.internal.utils.UtilsManager.createJwtAssertion;
4	import static com.box.sdkgen.internal.utils.UtilsManager.entryOf;
5	import static com.box.sdkgen.internal.utils.UtilsManager.getEpochTimeInSeconds;
6	import static com.box.sdkgen.internal.utils.UtilsManager.getUuid;
7	import static com.box.sdkgen.internal.utils.UtilsManager.isBrowser;
8	import static com.box.sdkgen.internal.utils.UtilsManager.mapOf;
9
10	import com.box.sdkgen.box.errors.BoxSDKError;
11	import com.box.sdkgen.box.tokenstorage.InMemoryTokenStorage;
12	import com.box.sdkgen.box.tokenstorage.TokenStorage;
13	import com.box.sdkgen.internal.utils.JwtKey;
14	import com.box.sdkgen.internal.utils.JwtSignOptions;
15	import com.box.sdkgen.managers.authorization.AuthorizationManager;
16	import com.box.sdkgen.networking.auth.Authentication;
17	import com.box.sdkgen.networking.network.NetworkSession;
18	import com.box.sdkgen.schemas.accesstoken.AccessToken;
19	import com.box.sdkgen.schemas.postoauth2revoke.PostOAuth2Revoke;
20	import com.box.sdkgen.schemas.postoauth2token.PostOAuth2Token;
21	import com.box.sdkgen.schemas.postoauth2token.PostOAuth2TokenGrantTypeField;
22	import com.box.sdkgen.schemas.postoauth2token.PostOAuth2TokenSubjectTokenTypeField;
23	import java.util.List;
24	import java.util.Map;
25
26	public class BoxJWTAuth implements Authentication {
27
28	public final JWTConfig config;
29
30	public final TokenStorage tokenStorage;
31
32	public String subjectId;
33
34	public String subjectType;
35
36	public BoxJWTAuth(JWTConfig config) {	1✔
37	this.config = config;	1✔
38	this.tokenStorage = this.config.getTokenStorage();	1✔
39	this.subjectId =	1✔
40	(!(this.config.getEnterpriseId() == null)	1✔
41	? this.config.getEnterpriseId()	1✔
42	: this.config.getUserId());	1✔
43	this.subjectType = (!(this.config.getEnterpriseId() == null) ? "enterprise" : "user");	1✔
44	}	1✔
45
46	public AccessToken refreshToken() {
47	return refreshToken(null);	×
48	}
49
50	@Override
51	public AccessToken refreshToken(NetworkSession networkSession) {
52	if (isBrowser()) {	1✔
53	throw new BoxSDKError("JWT auth is not supported in browser environment.");	×
54	}
55	Map<String, Object> claims =	1✔
56	mapOf(	1✔
57	entryOf("exp", getEpochTimeInSeconds() + 30),	1✔
58	entryOf("box_sub_type", this.subjectType));	1✔
59	JwtSignOptions jwtOptions =	1✔
60	new JwtSignOptions(
61	this.config.getAlgorithm(),	1✔
62	"https://api.box.com/oauth2/token",
63	this.config.getClientId(),	1✔
64	this.subjectId,
65	getUuid(),	1✔
66	this.config.getJwtKeyId());	1✔
67	JwtKey jwtKey = new JwtKey(this.config.getPrivateKey(), this.config.getPrivateKeyPassphrase());	1✔
68	String assertion = createJwtAssertion(claims, jwtKey, jwtOptions);	1✔
69	AuthorizationManager authManager = new AuthorizationManager();	1✔
70	AccessToken token =	1✔
71	authManager.requestAccessToken(	1✔
72	new PostOAuth2Token.PostOAuth2TokenBuilder(
73	PostOAuth2TokenGrantTypeField.URN_IETF_PARAMS_OAUTH_GRANT_TYPE_JWT_BEARER)
74	.assertion(assertion)	1✔
75	.clientId(this.config.getClientId())	1✔
76	.clientSecret(this.config.getClientSecret())	1✔
77	.build());	1✔
78	this.tokenStorage.store(token);	1✔
79	return token;	1✔
80	}
81
82	public AccessToken retrieveToken() {
83	return retrieveToken(null);	1✔
84	}
85
86	@Override
87	public AccessToken retrieveToken(NetworkSession networkSession) {
88	AccessToken oldToken = this.tokenStorage.get();	1✔
89	if (oldToken == null) {	1✔
90	AccessToken newToken = this.refreshToken(networkSession);	1✔
91	return newToken;	1✔
92	}
93	return oldToken;	1✔
94	}
95
96	public String retrieveAuthorizationHeader() {
97	return retrieveAuthorizationHeader(null);	×
98	}
99
100	@Override
101	public String retrieveAuthorizationHeader(NetworkSession networkSession) {
102	AccessToken token = this.retrieveToken(networkSession);	1✔
103	return String.join("", "Bearer ", token.getAccessToken());	1✔
104	}
105
106	public BoxJWTAuth withUserSubject(String userId) {
107	return withUserSubject(userId, new InMemoryTokenStorage());	1✔
108	}
109
110	public BoxJWTAuth withUserSubject(String userId, TokenStorage tokenStorage) {
111	JWTConfig newConfig =	1✔
112	new JWTConfig.JWTConfigBuilder(
113	this.config.getClientId(),	1✔
114	this.config.getClientSecret(),	1✔
115	this.config.getJwtKeyId(),	1✔
116	this.config.getPrivateKey(),	1✔
117	this.config.getPrivateKeyPassphrase())	1✔
118	.enterpriseId(null)	1✔
119	.userId(userId)	1✔
120	.tokenStorage(tokenStorage)	1✔
121	.build();	1✔
122	BoxJWTAuth newAuth = new BoxJWTAuth(newConfig);	1✔
123	return newAuth;	1✔
124	}
125
126	public BoxJWTAuth withEnterpriseSubject(String enterpriseId) {
127	return withEnterpriseSubject(enterpriseId, new InMemoryTokenStorage());	1✔
128	}
129
130	public BoxJWTAuth withEnterpriseSubject(String enterpriseId, TokenStorage tokenStorage) {
131	JWTConfig newConfig =	1✔
132	new JWTConfig.JWTConfigBuilder(
133	this.config.getClientId(),	1✔
134	this.config.getClientSecret(),	1✔
135	this.config.getJwtKeyId(),	1✔
136	this.config.getPrivateKey(),	1✔
137	this.config.getPrivateKeyPassphrase())	1✔
138	.enterpriseId(enterpriseId)	1✔
139	.userId(null)	1✔
140	.tokenStorage(tokenStorage)	1✔
141	.build();	1✔
142	BoxJWTAuth newAuth = new BoxJWTAuth(newConfig);	1✔
143	return newAuth;	1✔
144	}
145
146	@Override
147	public AccessToken downscopeToken(
148	List<String> scopes, String resource, String sharedLink, NetworkSession networkSession) {
149	AccessToken token = this.tokenStorage.get();	1✔
150	if (token == null) {	1✔
151	throw new BoxSDKError(	×
152	"No access token is available. Make an API call to retrieve a token before calling this method.");
153	}
154	AuthorizationManager authManager = new AuthorizationManager();	1✔
155	AccessToken downscopedToken =	1✔
156	authManager.requestAccessToken(	1✔
157	new PostOAuth2Token.PostOAuth2TokenBuilder(
158	PostOAuth2TokenGrantTypeField.URN_IETF_PARAMS_OAUTH_GRANT_TYPE_TOKEN_EXCHANGE)
159	.subjectToken(token.getAccessToken())	1✔
160	.subjectTokenType(	1✔
161	PostOAuth2TokenSubjectTokenTypeField
162	.URN_IETF_PARAMS_OAUTH_TOKEN_TYPE_ACCESS_TOKEN)
163	.resource(resource)	1✔
164	.scope(String.join(" ", scopes))	1✔
165	.boxSharedLink(sharedLink)	1✔
166	.build());	1✔
167	return downscopedToken;	1✔
168	}
169
170	public void revokeToken() {
171	revokeToken(null);	1✔
172	}	1✔
173
174	@Override
175	public void revokeToken(NetworkSession networkSession) {
176	AccessToken oldToken = this.tokenStorage.get();	1✔
177	if (oldToken == null) {	1✔
178	return;	×
179	}
180	AuthorizationManager authManager = new AuthorizationManager();	1✔
181	authManager.revokeAccessToken(	1✔
182	new PostOAuth2Revoke.PostOAuth2RevokeBuilder()
183	.clientId(this.config.getClientId())	1✔
184	.clientSecret(this.config.getClientSecret())	1✔
185	.token(oldToken.getAccessToken())	1✔
186	.build());	1✔
187	this.tokenStorage.clear();	1✔
188	}	1✔
189
190	public JWTConfig getConfig() {
191	return config;	×
192	}
193
194	public TokenStorage getTokenStorage() {
NEW 195	return tokenStorage;	×
196	}
197	}

box / box-java-sdk-gen / #15

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous