Merge pull request #103 from Venafi/authentication-standardization

Standardize the authentication process for different VCert clients

Author: marcos-albornoz

README.md

@@ -44,36 +44,43 @@ shows snippets for VCert-Java v0.6.2.
 
 ## Usage
 
+
 Instantiate a client for Trust Protection Platform using token authentication with an existing
 access token:
 
 ```java
+//Create an Authentication object with the access token
 final Authentication auth = Authentication.builder()
         .accessToken("9PQwQeiTLhcB8/W3/z2Lbw==")
         .build();
 
+//Create a Config object setting the Authentication object
 final Config config = Config.builder()
         .connectorType(ConnectorType.TPP_TOKEN)
         .baseUrl("https://tpp.venafi.example")
         .credentials(auth)
         .build();
 
+//Create the client with the Config object. The client will be authenticated
 final VCertTknClient client = new VCertTknClient(config);
 ```
 
 Or instantiate a client for Venafi Cloud:
 
 ```java
+//Create an Authentication object with the API Key
 final Authentication auth = Authentication.builder()
         .apiKey("aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee")
         .build();
 
+//Create a Config object setting the Authentication object
 final Config config = Config.builder()
         .connectorType(ConnectorType.CLOUD)
+        .credentials(auth)
         .build();
 
+//Create the client with the Config object. The client will be authenticated
 final VCertClient client = new VCertClient(config);
-client.authenticate(auth);
 ```
 
 Then use your client to request certificates:
@@ -187,21 +194,54 @@ _without_ an existing token by providing a username/password.  Such a token is g
 short-term or temporary use and as such should be revoked upon completion of your tasks:
 
 ```java
+//Create an Authentication object with the user and password
 final Authentication auth = Authentication.builder()
         .user("local:apiuser")
         .password("password")
         .build();
 
+//Create a Config object
 final Config config = Config.builder()
         .connectorType(ConnectorType.TPP_TOKEN)
         .baseUrl("https://tpp.venafi.example")
         .build();
-
+        
+//Create the client with the Config object. The client is not authenticated yet
 final VCertTknClient client = new VCertTknClient(config);
+
+//Get the access token. It will cause the client's authentication
 client.getAccessToken(auth);
 
 ///// REQUEST, RENEW, AND/OR REVOKE CERTIFICATES...
 
+//Revoke the access token
+client.revokeAccessToken();
+```
+
+Or you can try the authentication in constructor way:
+
+```java
+//Create an Authentication object with the user and password
+final Authentication auth = Authentication.builder()
+        .user("local:apiuser")
+        .password("password")
+        .build();
+
+//Create a Config object setting the Authentication object
+final Config config = Config.builder()
+        .connectorType(ConnectorType.TPP_TOKEN)
+        .baseUrl("https://tpp.venafi.example")
+        .credentials(auth)
+        .build();
+        
+//Create the client with the Config object. The client will be authenticated
+//Internally the access token will be gotten and accessible 
+//via the getTokenInfo() method.
+final VCertTknClient client = new VCertTknClient(config);
+
+///// REQUEST, RENEW, AND/OR REVOKE CERTIFICATES...
+
+//Revoke the access token
 client.revokeAccessToken();
 ```
 

pom.xml

@@ -69,7 +69,7 @@
         <junit.version>5.3.1</junit.version>
         <mockito.version>2.25.1</mockito.version>
         <wiremock.version>2.22.0</wiremock.version>
-        <assertj.version>3.12.2</assertj.version>
+        <assertj.version>3.22.0</assertj.version>
         <ini4j.version>0.5.4</ini4j.version>
         <commonslang3.version>3.11</commonslang3.version>
         <jarName>${project.artifactId}-${project.version}</jarName>

src/main/java/com/venafi/vcert/sdk/VCertClient.java

@@ -35,6 +35,10 @@ public VCertClient(Config config) throws VCertException {
     Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
 
     this.connector = createConnector(config);
+    
+    if(config.credentials() != null) {
+    	this.connector.authenticate(config.credentials());
+    }
 
     connector.setVendorAndProductName(isBlank(config.appInfo()) ? VCertConstants.DEFAULT_VENDOR_AND_PRODUCT_NAME :
         config.appInfo());
@@ -64,6 +68,11 @@ protected Connector createConnector(Config config) throws VCertException {
   VCertClient(Connector connector) {
     this.connector = connector;
   }
+  
+  @Override
+  public Authentication getCredentials() {
+	return connector.getCredentials();
+  }
 
   /**
    * {@inheritDoc}
@@ -124,13 +133,33 @@ public void ping() throws VCertException {
    * {@inheritDoc}
    */
   @Override
-  public void authenticate(Authentication auth) throws VCertException {
+  public void authenticate(Authentication credentials) throws VCertException {
     try {
-      connector.authenticate(auth);
+      connector.authenticate(credentials);
     } catch (FeignException e) {
       throw VCertException.fromFeignException(e);
     }
   }
+  
+  /**
+   * {@inheritDoc}
+   */
+  @Override
+  public boolean isEmptyCredentials(Authentication credentials) {
+	  return connector.isEmptyCredentials(credentials);
+  }
+
+  /**
+   * {@inheritDoc}
+   */
+  @Override
+  public void authorize(Authentication credentials) throws VCertException {
+	  try {
+		  connector.authorize(credentials);
+	  } catch (FeignException e) {
+		  throw VCertException.fromFeignException(e);
+	  }
+  }
 
   /**
    * {@inheritDoc}

src/main/java/com/venafi/vcert/sdk/VCertTknClient.java

@@ -23,7 +23,6 @@ protected Connector createConnector(Config config) throws VCertException {
     	switch (config.connectorType()) {
     	case TPP_TOKEN:{
     		connector = new TppTokenConnector(Tpp.connect(config));
-    		((TppTokenConnector) connector).credentials(config.credentials());
     		break;
     	}
     	default: