[SDK-3864] - Add support for client credential management (#525)

auth0 · Apr 24, 2023 · aba2257 · aba2257
1 parent b11a955
commit aba2257
Show file tree

Hide file tree

Showing 12 changed files with 662 additions and 2 deletions.
diff --git a/src/main/java/com/auth0/client/mgmt/ClientsEntity.java b/src/main/java/com/auth0/client/mgmt/ClientsEntity.java
@@ -4,6 +4,7 @@
 import com.auth0.client.mgmt.filter.FieldsFilter;
 import com.auth0.json.mgmt.client.Client;
 import com.auth0.json.mgmt.client.ClientsPage;
+import com.auth0.json.mgmt.client.Credential;
 import com.auth0.net.EmptyBodyRequest;
 import com.auth0.net.BaseRequest;
 import com.auth0.net.Request;
@@ -182,4 +183,86 @@ public Request<Client> rotateSecret(String clientId) {
         return new EmptyBodyRequest<>(this.client, tokenProvider, url, HttpMethod.POST, new TypeReference<Client>() {
         });
     }
+
+    /**
+     * Creates an Application's client credential. A token with scope {@code create:client_credentials} is required.
+     *
+     * @param clientId the application's client id.
+     * @param credential the credential to create.
+     * @return a Request to execute.
+     */
+    public Request<Credential> createCredential(String clientId, Credential credential) {
+        Asserts.assertNotNull(clientId, "client id");
+
+        String url = baseUrl
+            .newBuilder()
+            .addPathSegments("api/v2/clients")
+            .addPathSegment(clientId)
+            .addPathSegment("credentials")
+            .build()
+            .toString();
+        BaseRequest<Credential> request = new BaseRequest<>(this.client, tokenProvider, url, HttpMethod.POST, new TypeReference<Credential>() {
+        });
+        request.setBody(credential);
+        return request;
+    }
+
+    /**
+     * Get the client credentials associated with this application. A token with scope {@code read:client_credentials} is required.
+     * @param clientId the ID of the application
+     * @return a request to execute.
+     */
+    public Request<List<Credential>> listCredentials(String clientId) {
+        Asserts.assertNotNull(clientId, "client id");
+        String url = baseUrl
+            .newBuilder()
+            .addPathSegments("api/v2/clients")
+            .addPathSegment(clientId)
+            .addPathSegment("credentials").build().toString();
+        return new BaseRequest<>(client, tokenProvider, url, HttpMethod.GET, new TypeReference<List<Credential>>() {
+        });
+    }
+
+    /**
+     * Get a client credentials object. A token with scope {@code read:client_credentials} is required.
+     * @param clientId the ID of the application.
+     * @param credentialId the ID of the credential to retrieve.
+     * @return a request to execute.
+     */
+    public Request<Credential> getCredential(String clientId, String credentialId) {
+        Asserts.assertNotNull(clientId, "client id");
+        Asserts.assertNotNull(credentialId, "credential id");
+
+        String url = baseUrl
+            .newBuilder()
+            .addPathSegments("api/v2/clients")
+            .addPathSegment(clientId)
+            .addPathSegment("credentials")
+            .addPathSegment(credentialId)
+            .build().toString();
+
+        return new BaseRequest<>(client, tokenProvider, url, HttpMethod.GET, new TypeReference<Credential>() {
+        });
+    }
+
+    /**
+     * Deletes a client credential. A token with scope {@code } is required.
+     * @param clientId the ID of the application.
+     * @param credentialId the ID of the credential to delete
+     * @return a request to execute.
+     */
+    public Request<Void> deleteCredential(String clientId, String credentialId) {
+        Asserts.assertNotNull(clientId, "client id");
+        Asserts.assertNotNull(credentialId, "credential id");
+
+        String url = baseUrl
+            .newBuilder()
+            .addPathSegments("api/v2/clients")
+            .addPathSegment(clientId)
+            .addPathSegment("credentials")
+            .addPathSegment(credentialId)
+            .build()
+            .toString();
+        return new VoidRequest(client, tokenProvider,  url, HttpMethod.DELETE);
+    }
 }
diff --git a/src/main/java/com/auth0/json/mgmt/client/Client.java b/src/main/java/com/auth0/json/mgmt/client/Client.java
@@ -90,6 +90,8 @@ public class Client {
     private Boolean crossOriginAuth;
     @JsonProperty("cross_origin_loc")
     private String crossOriginLoc;
+    @JsonProperty("client_authentication_methods")
+    private ClientAuthenticationMethods clientAuthenticationMethods;
 
     /**
      * Getter for the name of the tenant this client belongs to.
@@ -793,5 +795,13 @@ public void setCrossOriginLoc(String crossOriginLoc) {
     public String getCrossOriginLoc() {
         return crossOriginLoc;
     }
+
+    public void setClientAuthenticationMethods(ClientAuthenticationMethods clientAuthenticationMethods) {
+        this.clientAuthenticationMethods = clientAuthenticationMethods;
+    }
+
+    public ClientAuthenticationMethods getClientAuthenticationMethods() {
+        return clientAuthenticationMethods;
+    }
 }
 
diff --git a/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java b/src/main/java/com/auth0/json/mgmt/client/ClientAuthenticationMethods.java
@@ -0,0 +1,28 @@
+package com.auth0.json.mgmt.client;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * Class that represents an Auth0 Application authentication methods. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity.
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class ClientAuthenticationMethods {
+
+    @JsonProperty("private_key_jwt")
+    private PrivateKeyJwt privateKeyJwt;
+
+    public ClientAuthenticationMethods() {
+
+    }
+
+    public ClientAuthenticationMethods(PrivateKeyJwt privateKeyJwt) {
+        this.privateKeyJwt = privateKeyJwt;
+    }
+
+    public PrivateKeyJwt getPrivateKeyJwt() {
+        return privateKeyJwt;
+    }
+}
diff --git a/src/main/java/com/auth0/json/mgmt/client/Credential.java b/src/main/java/com/auth0/json/mgmt/client/Credential.java
@@ -0,0 +1,191 @@
+package com.auth0.json.mgmt.client;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.Date;
+
+/**
+ * Class that represents an Auth0 application credential object. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity.
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class Credential {
+
+    @JsonProperty("credential_type")
+    private String credentialType;
+    @JsonProperty("name")
+    private String name;
+    @JsonProperty("pem")
+    private String pem;
+
+    @JsonProperty("id")
+    private String id;
+    @JsonProperty("kid")
+    private String kid;
+    @JsonProperty("thumbprint")
+    private String thumbprint;
+    @JsonProperty("alg")
+    private String alg;
+    @JsonProperty("parse_expiry_from_cert")
+    private Boolean parseExpiryFromCert;
+    @JsonFormat(shape = JsonFormat.Shape.STRING)
+    @JsonProperty("created_at")
+    private Date createdAt;
+    @JsonFormat(shape = JsonFormat.Shape.STRING)
+    @JsonProperty("updated_at")
+    private Date updatedAt;
+    @JsonFormat(shape = JsonFormat.Shape.STRING)
+    @JsonProperty("expires_at")
+    private Date expiresAt;
+
+    /**
+     * Create a new credential
+     * @param credentialType the credential type
+     * @param pem the PEM
+     */
+    public Credential(String credentialType, String pem) {
+        this.credentialType = credentialType;
+        this.pem = pem;
+    }
+
+    /**
+     * Create a new credential
+     * @param id the ID of the credential
+     */
+    public Credential(String id) {
+        this.id = id;
+    }
+
+    /**
+     * Create a new credential
+     */
+    public Credential() {}
+
+    /**
+     * @return the credential type
+     */
+    public String getCredentialType() {
+        return credentialType;
+    }
+
+    /**
+     * Sets the credential type
+     * @param credentialType the credential type
+     */
+    public void setCredentialType(String credentialType) {
+        this.credentialType = credentialType;
+    }
+
+    /**
+     * @return the credential name
+     */
+    public String getName() {
+        return name;
+    }
+
+    /**
+     * Sets the credential name
+     * @param name the name of the credential
+     */
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    /**
+     * @return the credential's PEM
+     */
+    public String getPem() {
+        return pem;
+    }
+
+    /**
+     * Sets the credential's PEM
+     * @param pem the PEM of the credential
+     */
+    public void setPem(String pem) {
+        this.pem = pem;
+    }
+
+    /**
+     * @return the ID of the credential
+     */
+    public String getId() {
+        return id;
+    }
+
+    /**
+     * @return the KID of the credential
+     */
+    public String getKid() {
+        return kid;
+    }
+
+    /**
+     * @return the thumbprint of the credential
+     */
+    public String getThumbprint() {
+        return thumbprint;
+    }
+
+    /**
+     * @return the date the credential was created at
+     */
+    public Date getCreatedAt() {
+        return createdAt;
+    }
+
+    /**
+     * @return the algorithm of this credential
+     */
+    public String getAlg() {
+        return alg;
+    }
+
+    /**
+     * Set the algorithm
+     * @param alg the algorithm
+     */
+    public void setAlg(String alg) {
+        this.alg = alg;
+    }
+
+    /**
+     * @return the time this credential was last updated
+     */
+    public Date getUpdatedAt() {
+        return updatedAt;
+    }
+
+    /**
+     * @return the expiration time of this credential
+     */
+    public Date getExpiresAt() {
+        return expiresAt;
+    }
+
+    /**
+     * Set the expires_at value for this credential
+     * @param expiresAt the time this credential should expire
+     */
+    public void setExpiresAt(Date expiresAt) {
+        this.expiresAt = expiresAt;
+    }
+
+    /**
+     * @return whether the expiry will be parsed from the x509 certificate
+     */
+    public Boolean getParseExpiryFromCert() {
+        return parseExpiryFromCert;
+    }
+
+    /**
+     * Whether to parse expiry from x509 certificate
+     * @param parseExpiryFromCert true to parse expiry; false otherwise.
+     */
+    public void setParseExpiryFromCert(Boolean parseExpiryFromCert) {
+        this.parseExpiryFromCert = parseExpiryFromCert;
+    }
+}
diff --git a/src/main/java/com/auth0/json/mgmt/client/PrivateKeyJwt.java b/src/main/java/com/auth0/json/mgmt/client/PrivateKeyJwt.java
@@ -0,0 +1,38 @@
+package com.auth0.json.mgmt.client;
+
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.List;
+
+/**
+ * Class that represents an Auth0 Application private key JWT authentication method. Related to the {@link com.auth0.client.mgmt.ClientsEntity} entity.
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+@JsonInclude(JsonInclude.Include.NON_NULL)
+public class PrivateKeyJwt {
+
+    @JsonProperty("credentials")
+    private List<Credential> credentials;
+
+    /**
+     * Create a new instance
+     */
+    public PrivateKeyJwt() {}
+
+    /**
+     * Create a new instance
+     * @param credentials the credentials to use
+     */
+    public PrivateKeyJwt(List<Credential> credentials) {
+        this.credentials = credentials;
+    }
+
+    /**
+     * @return the credentials
+     */
+    public List<Credential> getCredentials() {
+        return credentials;
+    }
+}
diff --git a/src/test/java/com/auth0/client/MockServer.java b/src/test/java/com/auth0/client/MockServer.java
@@ -39,6 +39,8 @@ public class MockServer {
     public static final String MGMT_CLIENTS_LIST = "src/test/resources/mgmt/clients_list.json";
     public static final String MGMT_CLIENTS_PAGED_LIST = "src/test/resources/mgmt/clients_paged_list.json";
     public static final String MGMT_CLIENT = "src/test/resources/mgmt/client.json";
+    public static final String MGMT_CLIENT_CREDENTIAL = "src/test/resources/mgmt/client_credential.json";
+    public static final String MGMT_CLIENT_CREDENTIAL_LIST = "src/test/resources/mgmt/client_credential_list.json";
     public static final String MGMT_CONNECTIONS_LIST = "src/test/resources/mgmt/connections_list.json";
     public static final String MGMT_CONNECTIONS_PAGED_LIST = "src/test/resources/mgmt/connections_paged_list.json";
     public static final String MGMT_CONNECTION = "src/test/resources/mgmt/connection.json";