reinkrul / java-nuts-client Goto Github PK
View Code? Open in Web Editor NEWJava client for Nuts Node APIs
License: The Unlicense
Java client for Nuts Node APIs
License: The Unlicense
It seems that the security
field in the OpenAPI spec causes the generator to require that a jwtBearerAuth
token is set, but the code to set it isn't generated. This causes any call using an AuthApi client (and possibly other clients that have this securitySchema) to throw an exception.
This is where the exception is thrown (in nl.reinkrul.nuts.ApiClient
)
public void updateParamsForAuth(String[] authNames, List<Pair> queryParams, Map<String, String> headerParams,
Map<String, String> cookieParams, String payload, String method, URI uri) throws ApiException {
for (String authName : authNames) {
Authentication auth = authentications.get(authName);
if (auth == null) {
throw new RuntimeException("Authentication undefined: " + authName);
}
auth.applyToParams(queryParams, headerParams, cookieParams, payload, method, uri);
}
}
The part of the OpenAPI spec that defines this securitySchema
securitySchemes:
jwtBearerAuth:
type: http
scheme: bearer
security:
- {}
- jwtBearerAuth: []
The part of AuthApi
that requires this authentication (in nl.reinkrul.nuts.auth.AuthApi
)
String[] localVarAuthNames = new String[] { "jwtBearerAuth" };
return localVarApiClient.buildCall(basePath, localVarPath, "POST", localVarQueryParams, localVarCollectionQueryParams, localVarPostBody, localVarHeaderParams, localVarCookieParams, localVarFormParams, localVarAuthNames, _callback);
You're supposed to be able to set this bearer token in the ApiClient
, but the setter that's supposed to do that isn't generated and the authentications
map that's supposed to contain this jwtBearerAuth
authentication is immediately set to immutable.
In nl.reinkrul.nuts.ApiClient
public ApiClient() {
init();
initHttpClient();
// Setup authentications (key: authentication name, value: authentication).
// Prevent the authentications from being modified.
authentications = Collections.unmodifiableMap(authentications);
}
I worked around this issue by deleting the securitySchema
and security
fields of the OpenAPI specs
The library is currently generated with two different classes for VCs, namely nl.reinkrul.nuts.auth.VerifiableCredential
and nl.reinkrul.nuts.vcr.v2.VerifiableCredential
. This causes issues when you want to share VC objects between APIs.
This is probably because the spec has this type defined separately in https://github.com/nuts-foundation/nuts-node/blob/master/docs/_static/auth/v1.yaml and https://github.com/nuts-foundation/nuts-node/blob/master/docs/_static/vcr/v2.yaml. Both of those refer to the same common type though ($ref: '../common/ssi_types.yaml#/components/schemas/VerifiableCredential'
).
Would it be an option to delete the schema definitions for these two types from the spec and just directly refer to the common type where it's used? I'm assuming this happens with more schemas than just VerifiableCredentials.
We're currently trying to see if an ObjectMapper might work as a workaround.
Since version 5.2.0-rc.1, the introspectAccessToken
function in the AuthApi
class no longer works. The introspection always returns
{
"active": false
}
According to the nuts node logs, this is caused by Missing token for introspection
. After checking the generated AuthApi
class, it turns out that the token is indeed not added to the request as form data. Further investigation showed that this was caused by changing the library
in the configOptions
of the OpenAPI generator to native
.
I tried changing this back to default (which uses okhttp3) and regenerate the client but this caused problems with missing dependencies.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.