From 09c16c2ed339f6dd9877adecbc3b5cc48250b9c1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20Strau=C3=9F?= <jan@over9000.eu>
Date: Mon, 13 Jul 2015 14:12:35 +0200
Subject: [PATCH] remove password based auth in favor of api key auth

---
 README.md                                     |   5 +-
 .../redtrack/rest/RestRequestWrapper.java     | 114 +++++++++---------
 2 files changed, 56 insertions(+), 63 deletions(-)

diff --git a/README.md b/README.md
index aaf2f59..bff1092 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,6 @@ small time tracking javafx app for redmine
 config file @ ~/.redtrack/config.properties must contain:
 ```
 base_url=https\://my.url.com/path/to/redmine/
-username=foo
-password=bar
+api_key=foobar
 ```
-auth via API token pending
+The API key can be found at ```base_url/my/account``` on the right column
\ No newline at end of file
diff --git a/src/main/java/eu/over9000/redtrack/rest/RestRequestWrapper.java b/src/main/java/eu/over9000/redtrack/rest/RestRequestWrapper.java
index 662e345..691e84b 100644
--- a/src/main/java/eu/over9000/redtrack/rest/RestRequestWrapper.java
+++ b/src/main/java/eu/over9000/redtrack/rest/RestRequestWrapper.java
@@ -1,5 +1,12 @@
 package eu.over9000.redtrack.rest;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.PropertyNamingStrategy;
+import com.fasterxml.jackson.datatype.jsr310.JSR310Module;
+import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
+import eu.over9000.redtrack.persistence.Configuration;
+import org.glassfish.jersey.client.ClientConfig;
+
 import javax.ws.rs.client.Client;
 import javax.ws.rs.client.ClientBuilder;
 import javax.ws.rs.client.Entity;
@@ -7,68 +14,55 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
-import org.glassfish.jersey.client.ClientConfig;
-import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
-
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.PropertyNamingStrategy;
-import com.fasterxml.jackson.datatype.jsr310.JSR310Module;
-import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
-
-import eu.over9000.redtrack.persistence.Configuration;
-
 /**
  * Created by Jan on 12.07.2015.
  */
 public class RestRequestWrapper {
-	private final Client client;
-
-	public RestRequestWrapper() {
-		this.client = initClient();
-	}
-	
-	private Client initClient() {
-		final ObjectMapper mapper = new ObjectMapper();
-		mapper.registerModule(new JSR310Module());
-		mapper.setPropertyNamingStrategy(PropertyNamingStrategy.CAMEL_CASE_TO_LOWER_CASE_WITH_UNDERSCORES);
-		
-		final JacksonJaxbJsonProvider provider = new JacksonJaxbJsonProvider();
-		provider.setMapper(mapper);
-		
-		final ClientConfig clientConfig = new ClientConfig();
-		clientConfig.register(HttpAuthenticationFeature.basicBuilder().nonPreemptive().credentials(Configuration.getValue("username"), Configuration.getValue("password")).build());
-		clientConfig.register(provider);
-		
-		return ClientBuilder.newClient(clientConfig);
-	}
-	
-	public <returnType> returnType performGet(final Class<returnType> returnType, final String resource) throws RestException {
-		final WebTarget webTarget = buildTarget(resource);
-
-		final Response response = webTarget.request(MediaType.APPLICATION_JSON_TYPE).get();
-
-		if (response.getStatus() != 200) {
-			throw new RestException(response.getStatus(), response.getStatusInfo(), response.readEntity(String.class));
-		}
-
-		return response.readEntity(returnType);
-	}
-
-	public <returnType> returnType performPost(final Class<returnType> returnType, final String resource, final Object toPost) throws RestException {
-		final WebTarget webTarget = buildTarget(resource);
-
-		final Response response = webTarget.request(MediaType.APPLICATION_JSON_TYPE).post(Entity.json(toPost));
-
-		if (response.getStatus() != 201) {
-			throw new RestException(response.getStatus(), response.getStatusInfo(), response.readEntity(String.class));
-		}
-
-		return response.readEntity(returnType);
-	}
-
-	private WebTarget buildTarget(final String resource) {
-		final String targetURL = Configuration.getValue("base_url") + resource;
-		System.out.println("TARGET=" + targetURL);
-		return client.target(targetURL);
-	}
+    private final Client client;
+
+    public RestRequestWrapper() {
+        this.client = initClient();
+    }
+
+    private Client initClient() {
+        final ObjectMapper mapper = new ObjectMapper();
+        mapper.registerModule(new JSR310Module());
+        mapper.setPropertyNamingStrategy(PropertyNamingStrategy.CAMEL_CASE_TO_LOWER_CASE_WITH_UNDERSCORES);
+
+        final JacksonJaxbJsonProvider provider = new JacksonJaxbJsonProvider();
+        provider.setMapper(mapper);
+
+        final ClientConfig clientConfig = new ClientConfig();
+        clientConfig.register(provider);
+
+        return ClientBuilder.newClient(clientConfig);
+    }
+
+    public <returnType> returnType performGet(final Class<returnType> returnType, final String resource) throws RestException {
+
+        final Response response = buildTarget(resource).request(MediaType.APPLICATION_JSON_TYPE).header("X-Redmine-API-Key", Configuration.getValue("api_key")).get();
+
+        if (response.getStatus() != 200) {
+            throw new RestException(response.getStatus(), response.getStatusInfo(), response.readEntity(String.class));
+        }
+
+        return response.readEntity(returnType);
+    }
+
+    public <returnType> returnType performPost(final Class<returnType> returnType, final String resource, final Object toPost) throws RestException {
+
+        final Response response = buildTarget(resource).request(MediaType.APPLICATION_JSON_TYPE).header("X-Redmine-API-Key", Configuration.getValue("api_key")).post(Entity.json(toPost));
+
+        if (response.getStatus() != 201) {
+            throw new RestException(response.getStatus(), response.getStatusInfo(), response.readEntity(String.class));
+        }
+
+        return response.readEntity(returnType);
+    }
+
+    private WebTarget buildTarget(final String resource) {
+        final String targetURL = Configuration.getValue("base_url") + resource;
+        System.out.println("TARGET=" + targetURL);
+        return client.target(targetURL);
+    }
 }