From c886ffb685014fbcbe232fdb67367de66d2946c8 Mon Sep 17 00:00:00 2001 From: Jens Schulze Date: Mon, 23 Oct 2023 12:42:30 +0200 Subject: [PATCH] add docs to authentication configuration --- build.gradle | 2 +- .../docs/meta/Authentication.java | 70 +++++++++++++++++++ src/main/javadoc/overview.html | 7 +- 3 files changed, 77 insertions(+), 2 deletions(-) create mode 100644 commercetools/internal-docs/src/main/java/com/commercetools/docs/meta/Authentication.java diff --git a/build.gradle b/build.gradle index 7782250bcc8..772863bb780 100644 --- a/build.gradle +++ b/build.gradle @@ -68,7 +68,7 @@ allprojects { } dependencies { - taglet 'com.commercetools.build.taglets:commercetools-taglets:3.6.1' + taglet 'com.commercetools.build.taglets:commercetools-taglets:3.6.2' taglet 'org.jdrupes.taglets:plantuml-taglet:2.1.0' } } diff --git a/commercetools/internal-docs/src/main/java/com/commercetools/docs/meta/Authentication.java b/commercetools/internal-docs/src/main/java/com/commercetools/docs/meta/Authentication.java new file mode 100644 index 00000000000..90716ac2244 --- /dev/null +++ b/commercetools/internal-docs/src/main/java/com/commercetools/docs/meta/Authentication.java @@ -0,0 +1,70 @@ + +package com.commercetools.docs.meta; + +import java.net.URI; + +import com.commercetools.api.defaultconfig.ApiRootBuilder; +import com.commercetools.api.defaultconfig.ServiceRegion; + +import io.vrap.rmf.base.client.AuthenticationToken; +import io.vrap.rmf.base.client.ClientBuilder; +import io.vrap.rmf.base.client.ServiceRegionConfig; +import io.vrap.rmf.base.client.oauth2.AnonymousFlowTokenSupplier; +import io.vrap.rmf.base.client.oauth2.AnonymousSessionTokenSupplier; +import io.vrap.rmf.base.client.oauth2.ClientCredentials; +import io.vrap.rmf.base.client.oauth2.GlobalCustomerPasswordTokenSupplier; +import io.vrap.rmf.base.client.oauth2.RefreshFlowTokenSupplier; +import io.vrap.rmf.base.client.oauth2.TokenStorage; + +/** + * {@include.toc} + *

Authentication

+ * + *

Client credentials flow

+ * + *

The {@link ApiRootBuilder#defaultClient(ClientCredentials, ServiceRegionConfig)} and the {@link ClientBuilder#defaultClient(ClientCredentials, ServiceRegionConfig)} methods + * will configure the client to use client credentials flow for authenthication. To explicitly configure this flow use the + * {@link ApiRootBuilder#withClientCredentialsFlow(ClientCredentials, URI)} methods

+ * + *

Static token

+ * + *

When you want to use a static token e.g. provided by an external oauth service you can use the {@link ApiRootBuilder#withStaticTokenFlow(AuthenticationToken)} + * method to configure the client with the existing token.

+ * + *

Anonymous and RefreshToken flow

+ * + *

The {@link ApiRootBuilder#withAnonymousRefreshFlow(ClientCredentials, ServiceRegion, TokenStorage)} + * methods configure a stack of TokenProviders which first try to get a token from the TokenStorage. If there is no token + * it will request a token using {@link AnonymousFlowTokenSupplier anonymous token flow}. + * If the token is invalid the {@link RefreshFlowTokenSupplier} will try to refresh the token.

+ * + *

This method can be combined with th {@link GlobalCustomerPasswordTokenSupplier} to request + * a customer bound token and save it in the {@link TokenStorage}.

+ * + *

Standalone anonymous session flow

+ * + *

The {@link AnonymousSessionTokenSupplier} requests an anonymous token only without + * fallback to a refresh token flow. This supplier can be configured with {@link ApiRootBuilder#withAnonymousSessionFlow(ClientCredentials, String)}

+ * + *

Password flow

+ * + *

The {@link ApiRootBuilder#withGlobalCustomerPasswordFlow(ClientCredentials, String, String, String)} method can be used + * to configure a client with a token issued to a specific customer. It will configure the client to use the {@link GlobalCustomerPasswordTokenSupplier} + * for authentication.

+ * + *

Introspection

+ * + *

The token introspection provided by the API can't be used directly with the SDK clients. You will have to call + * the introspection endpoint with the token to check separately.

+ * + * {@include.example commercetools.AuthEndpointsTest#introspection()} + * + *

Token revocation

+ * + *

The token revocation provided by the API can't be used directly with the SDK client. You will have to call + * the endpoint with the token to be revoked separately.

+ * + * {@include.example commercetools.AuthEndpointsTest#revoke()} + */ +public class Authentication { +} diff --git a/src/main/javadoc/overview.html b/src/main/javadoc/overview.html index a82486c0a39..f00d0c83b99 100644 --- a/src/main/javadoc/overview.html +++ b/src/main/javadoc/overview.html @@ -16,7 +16,12 @@

First steps

  • {@link com.commercetools.history.client.ByProjectKeyRequestBuilder Audit log API}
  • -
  • {@link com.commercetools.docs.meta.Configuration Configuration}
  • +
  • + {@link com.commercetools.docs.meta.Configuration Configuration} + +
  • {@link com.commercetools.docs.meta.Querying Querying}
  • {@link com.commercetools.docs.meta.Middlewares Middlewares}
  • {@link com.commercetools.docs.meta.GraphQL GraphQL}