[Fix #1064] Adding Digest authentication

Signed-off-by: fjtirado <[email protected]>

Author: fjtirado

impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProvider.java

@@ -18,10 +18,11 @@
 import io.serverlessworkflow.impl.TaskContext;
 import io.serverlessworkflow.impl.WorkflowContext;
 import io.serverlessworkflow.impl.WorkflowModel;
+import java.net.URI;
 
 public interface AuthProvider {
 
-  String authScheme();
+  String scheme();
 
-  String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model);
+  String content(WorkflowContext workflow, TaskContext task, WorkflowModel model, URI uri);
 }

impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthProviderFactory.java

@@ -31,36 +31,40 @@ public static Optional<AuthProvider> getAuth(
       WorkflowDefinition definition, EndpointConfiguration configuration) {
     return configuration == null
         ? Optional.empty()
-        : getAuth(definition, configuration.getAuthentication());
+        : getAuth(definition, configuration.getAuthentication(), "GET");
   }
 
   public static Optional<AuthProvider> getAuth(
-      WorkflowDefinition definition, ReferenceableAuthenticationPolicy auth) {
+      WorkflowDefinition definition, ReferenceableAuthenticationPolicy auth, String method) {
     if (auth == null) {
       return Optional.empty();
     }
     if (auth.getAuthenticationPolicyReference() != null) {
       return buildFromReference(
           definition.application(),
           definition.workflow(),
-          auth.getAuthenticationPolicyReference().getUse());
+          auth.getAuthenticationPolicyReference().getUse(),
+          method);
     } else if (auth.getAuthenticationPolicy() != null) {
       return buildFromPolicy(
-          definition.application(), definition.workflow(), auth.getAuthenticationPolicy());
+          definition.application(), definition.workflow(), auth.getAuthenticationPolicy(), method);
     }
     return Optional.empty();
   }
 
   private static Optional<AuthProvider> buildFromReference(
-      WorkflowApplication app, Workflow workflow, String use) {
+      WorkflowApplication app, Workflow workflow, String use, String method) {
     return workflow.getUse().getAuthentications().getAdditionalProperties().entrySet().stream()
         .filter(s -> s.getKey().equals(use))
         .findAny()
-        .flatMap(e -> buildFromPolicy(app, workflow, e.getValue()));
+        .flatMap(e -> buildFromPolicy(app, workflow, e.getValue(), method));
   }
 
   private static Optional<AuthProvider> buildFromPolicy(
-      WorkflowApplication app, Workflow workflow, AuthenticationPolicyUnion authenticationPolicy) {
+      WorkflowApplication app,
+      Workflow workflow,
+      AuthenticationPolicyUnion authenticationPolicy,
+      String method) {
     if (authenticationPolicy.getBasicAuthenticationPolicy() != null) {
       return Optional.of(
           new BasicAuthProvider(
@@ -70,8 +74,9 @@ private static Optional<AuthProvider> buildFromPolicy(
           new BearerAuthProvider(
               app, workflow, authenticationPolicy.getBearerAuthenticationPolicy()));
     } else if (authenticationPolicy.getDigestAuthenticationPolicy() != null) {
-      // TODO implement digest authentication
-      return Optional.empty();
+      return Optional.of(
+          new DigestAuthProvider(
+              app, workflow, authenticationPolicy.getDigestAuthenticationPolicy(), method));
     } else if (authenticationPolicy.getOAuth2AuthenticationPolicy() != null) {
       return Optional.of(
           new OAuth2AuthProvider(

impl/core/src/main/java/io/serverlessworkflow/impl/auth/AuthUtils.java

@@ -15,6 +15,8 @@
  */
 package io.serverlessworkflow.impl.auth;
 
+import java.util.Random;
+
 public class AuthUtils {
 
   private AuthUtils() {}
@@ -38,7 +40,15 @@ private AuthUtils() {}
 
   private static final String AUTH_HEADER_FORMAT = "%s %s";
 
+  private static class RandomHolder {
+    private static final Random random = new Random();
+  }
+
   public static String authHeaderValue(String scheme, String parameter) {
     return String.format(AUTH_HEADER_FORMAT, scheme, parameter);
   }
+
+  public static String getRandomHexString() {
+    return String.format("%08x", RandomHolder.random.nextInt());
+  }
 }

impl/core/src/main/java/io/serverlessworkflow/impl/auth/BasicAuthProvider.java

@@ -28,6 +28,7 @@
 import io.serverlessworkflow.impl.WorkflowModel;
 import io.serverlessworkflow.impl.WorkflowUtils;
 import io.serverlessworkflow.impl.WorkflowValueResolver;
+import java.net.URI;
 import java.util.Base64;
 
 class BasicAuthProvider implements AuthProvider {
@@ -57,7 +58,7 @@ public BasicAuthProvider(
   }
 
   @Override
-  public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
+  public String content(WorkflowContext workflow, TaskContext task, WorkflowModel model, URI uri) {
     return new String(
         Base64.getEncoder()
             .encode(
@@ -69,7 +70,7 @@ public String authParameter(WorkflowContext workflow, TaskContext task, Workflow
   }
 
   @Override
-  public String authScheme() {
+  public String scheme() {
     return "Basic";
   }
 }

impl/core/src/main/java/io/serverlessworkflow/impl/auth/BearerAuthProvider.java

@@ -28,6 +28,7 @@
 import io.serverlessworkflow.impl.WorkflowModel;
 import io.serverlessworkflow.impl.WorkflowUtils;
 import io.serverlessworkflow.impl.WorkflowValueResolver;
+import java.net.URI;
 
 class BearerAuthProvider implements AuthProvider {
 
@@ -48,12 +49,12 @@ public BearerAuthProvider(
   }
 
   @Override
-  public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
+  public String content(WorkflowContext workflow, TaskContext task, WorkflowModel model, URI uri) {
     return tokenFilter.apply(workflow, task, model);
   }
 
   @Override
-  public String authScheme() {
+  public String scheme() {
     return "Bearer";
   }
 }

impl/core/src/main/java/io/serverlessworkflow/impl/auth/CommonOAuthProvider.java

@@ -25,6 +25,7 @@
 import io.serverlessworkflow.impl.WorkflowContext;
 import io.serverlessworkflow.impl.WorkflowModel;
 import io.serverlessworkflow.impl.WorkflowValueResolver;
+import java.net.URI;
 import java.util.Arrays;
 import java.util.Map;
 import java.util.ServiceLoader;
@@ -48,12 +49,12 @@ protected CommonOAuthProvider(WorkflowValueResolver<AccessTokenProvider> tokenPr
   }
 
   @Override
-  public String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
+  public String content(WorkflowContext workflow, TaskContext task, WorkflowModel model, URI uri) {
     return tokenProvider.apply(workflow, task, model).validateAndGet(workflow, task, model).token();
   }
 
   @Override
-  public String authScheme() {
+  public String scheme() {
     return "Bearer";
   }