[Fix #952] More refactor

Signed-off-by: fjtirado <ftirados@redhat.com>

Author: fjtirado

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java

@@ -17,6 +17,8 @@
 
 import static io.serverlessworkflow.impl.WorkflowUtils.checkSecret;
 import static io.serverlessworkflow.impl.WorkflowUtils.secretProp;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.PASSWORD;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.USER;
 
 import io.serverlessworkflow.api.types.BasicAuthenticationPolicy;
 import io.serverlessworkflow.api.types.Workflow;
@@ -47,8 +49,8 @@ public BasicAuthProvider(
     } else if (authPolicy.getBasic().getBasicAuthenticationPolicySecret() != null) {
       String secretName =
           checkSecret(workflow, authPolicy.getBasic().getBasicAuthenticationPolicySecret());
-      userFilter = (w, t, m) -> secretProp(w, secretName, "username");
-      passwordFilter = (w, t, m) -> secretProp(w, secretName, "password");
+      userFilter = (w, t, m) -> secretProp(w, secretName, USER);
+      passwordFilter = (w, t, m) -> secretProp(w, secretName, PASSWORD);
     } else {
       throw new IllegalStateException("Both secret and properties are null for authorization");
     }

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java

@@ -17,6 +17,7 @@
 
 import static io.serverlessworkflow.impl.WorkflowUtils.checkSecret;
 import static io.serverlessworkflow.impl.WorkflowUtils.secretProp;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.TOKEN;
 
 import io.serverlessworkflow.api.types.BearerAuthenticationPolicy;
 import io.serverlessworkflow.api.types.BearerAuthenticationPolicyConfiguration;
@@ -42,7 +43,7 @@ public BearerAuthProvider(
       tokenFilter = WorkflowUtils.buildStringFilter(app, token);
     } else if (config.getBearerAuthenticationPolicySecret() != null) {
       String secretName = checkSecret(workflow, config.getBearerAuthenticationPolicySecret());
-      tokenFilter = (w, t, m) -> secretProp(w, secretName, "token");
+      tokenFilter = (w, t, m) -> secretProp(w, secretName, TOKEN);
     }
   }
 

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/SecretKeys.java

@@ -0,0 +1,37 @@
+/*
+ * Copyright 2020-Present The Serverless Workflow Specification Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package io.serverlessworkflow.impl.executors.http;
+
+public class SecretKeys {
+
+  private SecretKeys() {}
+
+  public static final String GRANT = "grant";
+  public static final String USER = "username";
+  public static final String CLIENT = "client";
+  public static final String PASSWORD = "password";
+  public static final String ID = "id";
+  public static final String SECRET = "secret";
+  public static final String ISSUERS = "issuers";
+  public static final String AUDIENCES = "audiences";
+  public static final String ENDPOINTS = "endpoints";
+  public static final String TOKEN = "token";
+  public static final String AUTHORITY = "authority";
+  public static final String SCOPES = "scopes";
+  public static final String REQUEST = "request";
+  public static final String ENCODING = "encoding";
+  public static final String AUTHENTICATION = "authentication";
+}

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AbstractAuthRequestBuilder.java

@@ -17,12 +17,12 @@
 
 import static io.serverlessworkflow.api.types.OAuth2AuthenticationDataClient.ClientAuthentication.CLIENT_SECRET_POST;
 import static io.serverlessworkflow.impl.WorkflowUtils.isValid;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.AUDIENCES;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.AUTHENTICATION;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.CLIENT;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.ENCODING;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.REQUEST;
-import static io.serverlessworkflow.impl.executors.http.auth.requestbuilder.SecretKeys.SCOPES;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUDIENCES;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.AUTHENTICATION;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.CLIENT;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.ENCODING;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.REQUEST;
+import static io.serverlessworkflow.impl.executors.http.SecretKeys.SCOPES;
 
 import io.serverlessworkflow.api.types.OAuth2AuthenticationData;
 import io.serverlessworkflow.api.types.OAuth2AuthenticationDataClient;
@@ -37,84 +37,85 @@
 abstract class AbstractAuthRequestBuilder<T extends OAuth2AuthenticationData>
     implements AuthRequestBuilder<T> {
 
-  private static final String DEFAULT_ENCODING = "application/x-www-form-urlencoded; charset=UTF-8";
-
   protected final WorkflowApplication application;
+  protected final HttpRequestInfoBuilder requestBuilder = new HttpRequestInfoBuilder();
 
   public AbstractAuthRequestBuilder(WorkflowApplication application) {
     this.application = application;
   }
 
-  public void accept(HttpRequestBuilder requestBuilder, T authenticationData) {
-    requestEncoding(requestBuilder, authenticationData);
-    authenticationURI(requestBuilder, authenticationData);
-    audience(requestBuilder, authenticationData);
-    scope(requestBuilder, authenticationData);
-    authenticationMethod(requestBuilder, authenticationData);
+  @Override
+  public HttpRequestInfo apply(T authenticationData) {
+    requestEncoding(authenticationData);
+    authenticationURI(authenticationData);
+    audience(authenticationData);
+    scope(authenticationData);
+    authenticationMethod(authenticationData);
+    return requestBuilder.build();
   }
 
   @Override
-  public void accept(HttpRequestBuilder requestBuilder, Map<String, Object> secret) {
-    requestEncoding(requestBuilder, secret);
-    authenticationURI(requestBuilder, secret);
-    audience(requestBuilder, secret);
-    scope(requestBuilder, secret);
-    authenticationMethod(requestBuilder, secret);
+  public HttpRequestInfo apply(Map<String, Object> secret) {
+    requestEncoding(secret);
+    authenticationURI(secret);
+    audience(secret);
+    scope(secret);
+    authenticationMethod(secret);
+    return requestBuilder.build();
   }
 
-  protected void audience(HttpRequestBuilder requestBuilder, T authenticationData) {
+  protected void audience(T authenticationData) {
     if (authenticationData.getAudiences() != null && !authenticationData.getAudiences().isEmpty()) {
       String audiences = String.join(" ", authenticationData.getAudiences());
       requestBuilder.addQueryParam(
           "audience", WorkflowUtils.buildStringFilter(application, audiences));
     }
   }
 
-  protected void audience(HttpRequestBuilder requestBuilder, Map<String, Object> secret) {
+  protected void audience(Map<String, Object> secret) {
     String audiences = (String) secret.get(AUDIENCES);
     if (isValid(audiences)) {
-      requestBuilder.addQueryParam("audience", (w, t, m) -> audiences);
+      requestBuilder.addQueryParam("audience", audiences);
     }
   }
 
-  protected void authenticationMethod(HttpRequestBuilder requestBuilder, T authenticationData) {
+  protected void authenticationMethod(T authenticationData) {
     ClientSecretHandler secretHandler;
     switch (getClientAuthentication(authenticationData)) {
       case CLIENT_SECRET_BASIC:
-        secretHandler = new ClientSecretBasic(application);
+        secretHandler = new ClientSecretBasic(application, requestBuilder);
       case CLIENT_SECRET_JWT:
         throw new UnsupportedOperationException("Client Secret JWT is not supported yet");
       case PRIVATE_KEY_JWT:
         throw new UnsupportedOperationException("Private Key JWT is not supported yet");
       default:
-        secretHandler = new ClientSecretPost(application);
+        secretHandler = new ClientSecretPost(application, requestBuilder);
     }
-    secretHandler.accept(requestBuilder, authenticationData);
+    secretHandler.accept(authenticationData);
   }
 
-  protected void authenticationMethod(
-      HttpRequestBuilder requestBuilder, Map<String, Object> secret) {
+  protected void authenticationMethod(Map<String, Object> secret) {
     Map<String, Object> client = (Map<String, Object>) secret.get(CLIENT);
     ClientSecretHandler secretHandler;
     String auth = (String) client.get(AUTHENTICATION);
     if (auth == null) {
-      secretHandler = new ClientSecretPost(application);
+      secretHandler = new ClientSecretPost(application, requestBuilder);
     } else {
       switch (auth) {
         case "client_secret_basic":
-          secretHandler = new ClientSecretBasic(application);
+          secretHandler = new ClientSecretBasic(application, requestBuilder);
           break;
         default:
         case "client_secret_post":
-          secretHandler = new ClientSecretPost(application);
+          secretHandler = new ClientSecretPost(application, requestBuilder);
           break;
         case "private_key_jwt":
           throw new UnsupportedOperationException("Private Key JWT is not supported yet");
         case "client_secret_jwt":
           throw new UnsupportedOperationException("Client Secret JWT is not supported yet");
       }
     }
-    secretHandler.accept(requestBuilder, secret);
+    secretHandler.accept(secret);
   }
 
   private OAuth2AuthenticationDataClient.ClientAuthentication getClientAuthentication(
@@ -125,11 +126,11 @@ private OAuth2AuthenticationDataClient.ClientAuthentication getClientAuthenticat
         : authenticationData.getClient().getAuthentication();
   }
 
-  protected void scope(HttpRequestBuilder requestBuilder, T authenticationData) {
-    scope(requestBuilder, authenticationData.getScopes());
+  protected void scope(T authenticationData) {
+    scope(authenticationData.getScopes());
   }
 
-  protected void scope(HttpRequestBuilder requestBuilder, List<String> scopesList) {
+  protected void scope(List<String> scopesList) {
     if (scopesList == null || scopesList.isEmpty()) {
       return;
     }
@@ -147,28 +148,26 @@ protected void scope(HttpRequestBuilder requestBuilder, List<String> scopesList)
     }
   }
 
-  protected void scope(HttpRequestBuilder requestBuilder, Map<String, Object> secret) {
+  protected void scope(Map<String, Object> secret) {
     String scopes = (String) secret.get(SCOPES);
     if (isValid(scopes)) {
-      requestBuilder.addQueryParam("scope", (w, t, m) -> scopes);
+      requestBuilder.addQueryParam("scope", scopes);
     }
   }
 
-  void requestEncoding(HttpRequestBuilder requestBuilder, T authenticationData) {
-    requestBuilder.withRequestContentType(authenticationData.getRequest());
+  void requestEncoding(T authenticationData) {
+    requestBuilder.withContentType(authenticationData.getRequest());
   }
 
-  void requestEncoding(HttpRequestBuilder requestBuilder, Map<String, Object> secret) {
+  void requestEncoding(Map<String, Object> secret) {
     Map<String, Object> request = (Map<String, Object>) secret.get(REQUEST);
     String encoding = (String) request.get(ENCODING);
     if (isValid(encoding)) {
-      requestBuilder.addHeader("Content-Type", (w, t, m) -> encoding);
+      requestBuilder.addHeader("Content-Type", encoding);
     }
   }
 
-  protected abstract void authenticationURI(
-      HttpRequestBuilder requestBuilder, T authenticationData);
+  protected abstract void authenticationURI(T authenticationData);
 
-  protected abstract void authenticationURI(
-      HttpRequestBuilder requestBuilder, Map<String, Object> secret);
+  protected abstract void authenticationURI(Map<String, Object> secret);
 }

impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/auth/requestbuilder/AccessTokenProvider.java

@@ -15,36 +15,44 @@
  */
 package io.serverlessworkflow.impl.executors.http.auth.requestbuilder;
 
+import static io.serverlessworkflow.api.types.OAuth2TokenRequest.Oauth2TokenRequestEncoding.APPLICATION_X_WWW_FORM_URLENCODED;
+
 import io.serverlessworkflow.impl.TaskContext;
 import io.serverlessworkflow.impl.WorkflowContext;
+import io.serverlessworkflow.impl.WorkflowError;
+import io.serverlessworkflow.impl.WorkflowException;
 import io.serverlessworkflow.impl.WorkflowModel;
+import io.serverlessworkflow.impl.executors.http.HttpClientResolver;
 import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT;
 import io.serverlessworkflow.impl.executors.http.auth.jwt.JWTConverter;
+import jakarta.ws.rs.ProcessingException;
+import jakarta.ws.rs.client.Client;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.client.Invocation;
+import jakarta.ws.rs.client.ResponseProcessingException;
+import jakarta.ws.rs.client.WebTarget;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.GenericType;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.ServiceLoader;
 
 public class AccessTokenProvider {
 
-  private final TokenResponseHandler tokenResponseHandler = new TokenResponseHandler();
-
   private final List<String> issuers;
-  private final HttpRequestBuilder requestBuilder;
-
+  private final HttpRequestInfo requestInfo;
   private final JWTConverter jwtConverter;
 
-  AccessTokenProvider(HttpRequestBuilder requestBuilder, List<String> issuers) {
-    this.requestBuilder = requestBuilder;
+  AccessTokenProvider(HttpRequestInfo requestInfo, List<String> issuers, JWTConverter converter) {
+    this.requestInfo = requestInfo;
     this.issuers = issuers;
-    this.jwtConverter =
-        ServiceLoader.load(JWTConverter.class)
-            .findFirst()
-            .orElseThrow(() -> new IllegalStateException("No JWTConverter implementation found"));
+    this.jwtConverter = converter;
   }
 
   public JWT validateAndGet(WorkflowContext workflow, TaskContext context, WorkflowModel model) {
-    Map<String, Object> token =
-        tokenResponseHandler.apply(requestBuilder.build(workflow, context, model), context);
+    Map<String, Object> token = invoke(workflow, context, model);
     JWT jwt = jwtConverter.fromToken((String) token.get("access_token"));
     if (issuers != null && !issuers.isEmpty()) {
       jwt.issuer()
@@ -57,4 +65,77 @@ public JWT validateAndGet(WorkflowContext workflow, TaskContext context, Workflo
     }
     return jwt;
   }
+
+  private Map<String, Object> invoke(
+      WorkflowContext workflowContext, TaskContext taskContext, WorkflowModel model) {
+    try {
+      Response response = executeRequest(workflowContext, taskContext, model);
+
+      if (response.getStatus() < 200 || response.getStatus() >= 300) {
+        throw new WorkflowException(
+            WorkflowError.communication(
+                    response.getStatus(),
+                    taskContext,
+                    "Failed to obtain token: HTTP "
+                        + response.getStatus()
+                        + " — "
+                        + response.getEntity())
+                .build());
+      }
+      return response.readEntity(new GenericType<>() {});
+    } catch (ResponseProcessingException e) {
+      throw new WorkflowException(
+          WorkflowError.communication(
+                  e.getResponse().getStatus(),
+                  taskContext,
+                  "Failed to process response: " + e.getMessage())
+              .build(),
+          e);
+    } catch (ProcessingException e) {
+      throw new WorkflowException(
+          WorkflowError.communication(
+                  -1, taskContext, "Failed to connect or process request: " + e.getMessage())
+              .build(),
+          e);
+    }
+  }
+
+  private Response executeRequest(WorkflowContext workflow, TaskContext task, WorkflowModel model) {
+
+    Client client = HttpClientResolver.client(workflow, task);
+    WebTarget target = client.target(requestInfo.uri().apply(workflow, task, model));
+
+    Invocation.Builder builder = target.request(MediaType.APPLICATION_JSON);
+
+    builder.header("grant_type", requestInfo.grantType());
+    builder.header("User-Agent", "OAuth2-Client-Credentials/1.0");
+    builder.header("Accept", MediaType.APPLICATION_JSON);
+    builder.header("Cache-Control", "no-cache");
+
+    for (var entry : requestInfo.headers().entrySet()) {
+      String headerValue = entry.getValue().apply(workflow, task, model);
+      if (headerValue != null) {
+        builder.header(entry.getKey(), headerValue);
+      }
+    }
+
+    Entity<?> entity;
+    if (requestInfo.contentType().equals(APPLICATION_X_WWW_FORM_URLENCODED.value())) {
+      Form form = new Form();
+      form.param("grant_type", requestInfo.grantType());
+      requestInfo
+          .queryParams()
+          .forEach((key, value) -> form.param(key, value.apply(workflow, task, model)));
+      entity = Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED);
+    } else {
+      Map<String, Object> jsonData = new HashMap<>();
+      jsonData.put("grant_type", requestInfo.grantType());
+      requestInfo
+          .queryParams()
+          .forEach((key, value) -> jsonData.put(key, value.apply(workflow, task, model)));
+      entity = Entity.entity(jsonData, MediaType.APPLICATION_JSON);
+    }
+
+    return builder.post(entity);
+  }
 }