Using externalized configuration files

Instead of programmatically setting up the configuration values, you can store them in external files. Use the parseYaml() or parseJson() methods to decrypt the externally configured values or fetch them from a more secure location.

The following example illustrates the usage of the CredentialSupplier map that the builder accepts during the build to get the individual credentials from the selected provider. These values remain set in this configuration object, and the secrets are kept encrypted.

Config config = Config.parseYaml(configString)
  .credentialSupplier(directoryCredSupplier)
  .build()

Defining the configuration parameters in a YAML file

The following example shows an external YAML file that stores the parameters of the OAuth authentication object. The credentialSupplierSupplierClass property provides the name of a custom supplier class example.restclient.PBECipherSupplier:

---
basePath: "http://localhost:49947"
auth:
  method: "OAuth"
  flow: "password"
  tokenUrl: "http://localhost:49947/api/v1/token"
  scopes: "openid"
  credentials:
    clientId: "0oarlaum9pzLAAzFK0h7"
    username: "username"
    password: "6jp4DQ5+2AnasaX10aWykg=="
credentialSupplierSupplierClass: "example.restclient.PBECipherSupplier"
properties:
  salt: "0oarlaum9pzLAAzFK0h7"
eventHandlers:
- type: "retry"
  name: "IO"
  maxAttempts: 4
  backoff:
    type: "random"
  retryOnExceptionPredicateClass: "example.restclient.faulttolerance.IOExceptionRetryPredicate"
- type: "retry"
  name: "Auth"
  maxAttempts: 1
  retryOnExceptionPredicateClass: "example.restclient.faulttolerance.AuthExceptionRetryPredicate"
  intervalFunctionClass: "example.restclient.faulttolerance.ImmediateInterval"
- type: "retry"
  name: "Default"
  backoff:
    type: "exponential"
  retryOnExceptionPredicateClass: "example.restclient.faulttolerance.DefaultRetryPredicate"
- type: "fallback"
  exceptionTypes:
  - "java.io.IOException"
  - "feign.FeignException"
  exceptionHandlerClass: "example.restclient.faulttolerance.SuspendFallback"
- type: "circuitBeaker"

Implementing the credential supplier class

The following example shows the implementation of example.restclient.PBECipherSupplier class:

package example.restclient;

import gw.restclient.config.Config;
import gw.restclient.config.CredentialSupplierSupplier;
import gw.restclient.util.PBECipher;

import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Map;

public class PBECipherSupplier implements CredentialSupplierSupplier {
public static final String PASS_PHRASE = "some string of characters used as a passPhrase";
public static final String SALT = "salt";

@Override
  public Config.CredentialSupplier apply(Map<String, String> properties) {  
     String passPhrase = System.getProperty("restClient.PBE.passPhrase", PASS_PHRASE);  
     PBECipher cipher = new PBECipher(passPhrase, 
                                      properties.get(SALT).getBytes(StandardCharsets.ISO_8859_1));
       return (key, value) -> {
           if (value == null) {
              return null;
           }
           switch(key) {
            case "username":
            case "clientId":
              return value;
            case "password":
            case "clientSecret":
            case "BearerToken":
            default: // for ApiKeyAuth.paramName and HttpBearerAuth.scheme
              return cipher.decrypt(Base64.getDecoder().decode(value));
          }
     };
  }
}