Make a Jhipster REST client in java

Question

I want to make a client make REST calls to a jhipster generated webapp. And i seem to mis a bit of information to do it.

what i found is in the application.yml i need to enable the cors options. so i uncommented the following:

jhipster:
cors: #By default CORS are not enabled. Uncomment to enable.
    allowed-origins: "*"
    allowed-methods: GET, PUT, POST, DELETE, OPTIONS
    allowed-headers: "*"
    exposed-headers:
    allow-credentials: true
    max-age: 1800

Which should make REST calls possible.

I think i also need to enable this, but i'm not sure:

security:
basic:
    enabled: true

I would expect that i could make a call like this:

import com.fasterxml.jackson.databind.ObjectMapper;
import com.sun.jersey.api.client.Client;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.api.client.filter.HTTPBasicAuthFilter;
....
Client client = Client.create();
client.addFilter(new HTTPBasicAuthFilter("admin", "admin"));
WebResource webResource = client.resource("http://localhost:8080/api/example");

But i get a 401. So Am i missing something?

here my .yo-rc.json file:

{
"generator-jhipster": {
"jhipsterVersion": "3.0.0",
"baseName": "tinybotsWeb",
"packageName": "nl.tinybots.web",
"packageFolder": "nl/tinybots/web",
"serverPort": "8080",
"authenticationType": "session",
"hibernateCache": "ehcache",
"clusteredHttpSession": "no",
"websocket": "no",
"databaseType": "sql",
"devDatabaseType": "mysql",
"prodDatabaseType": "mysql",
"searchEngine": "elasticsearch",
"buildTool": "maven",
"enableSocialSignIn": true,
"rememberMeKey": "6799bca03613c99e29cd3c1bb7ac878157250d87",
"useSass": false,
"applicationType": "monolith",
"testFrameworks": [
  "gatling",
  "cucumber",
  "protractor"
],
"enableTranslation": true,
"nativeLanguage": "nl",
"languages": [
  "nl",
  "en",
  "de"
  ]
 }
}

i added the following to the SecuryConfiguration:

    http
        .csrf()
        .ignoringAntMatchers("/basicAuthApi/**")
...
    .and()
        .authorizeRequests()
        .antMatchers("/basicAuthApi/**")
        .hasAuthority(AuthoritiesConstants.BASIC_AUTH).and().httpBasic()
...

And now i can make the request.

My question now is: is the how i should do it? is this secure? what is this doing?:

security:
  basic:
    enabled: true

it could be that i first have to authenticate against a url like: api/authenticate to get a token. but i'm not getting this to work. — tibi, Jun 14 '16 at 08:05

score 1 · Answer 1 · edited May 23 '17 at 12:00

Here a summarisation of how I implemented the solution in my case, which I think is similar. It’s real swift code, but please take it as pseudocode, as it might be incorrect. Please note, this is a copy of the solution posted here: Jhipster + REST client + authentication

make a call to whatever method you need to call, passing in such method a callback (block, or equivalent) for the success and one for the failure

func action(
    URLString:String,
    method:Method,
    encoding:Encoding = .JSON,
    parameters:[String : AnyObject]?,
    success:(statusCode:Int, responseObject:AnyObject)->Void,
    failure:(statusCode:Int, error:NSError)->Void
)

Inside the method es. /events you handle a particular case of failure, which is when the status code is 401.

 if(r!.statusCode==ResponseCodes.HTTP_UNAUTHORIZED.rawValue){

     loginAndAction(URLString, method: method, encoding: encoding, parameters: parameters, success: success, failure: failure)

 }else{

     failure(statusCode: response.response!.statusCode, error:response.result.error!)

 }

In this particular case, instead of returning back the result and calling the failure callback, you call a login() method which, after the necessary parameters, accept the original success() callback

func loginAndAction(
    URLString:String,
    method:Method,
    encoding: Encoding,
    parameters:[String:AnyObject]?,
    success:(statusCode:Int, responseObject:AnyObject)->Void,
    failure:(statusCode:Int, error:NSError)->Void
    )->Void

if the authentication succeeds

var d:[String:AnyObject] = response.result.value as! [String:AnyObject]
self.authToken = d["access_token"] as! String

action(URLString, method: method,encoding:encoding, parameters: parameters, success: success, failure: failure)

at this point the method action could use a proper working token.

This should happen only once a day (based on the token expiration), and it is a mechanism appliable to the oauth2 refresh_token call.

score 0 · Answer 2 · answered Jun 14 '16 at 10:18

0

Open Your Jhipster application in browser and press F12 for developer option.

check networks, see how your jhipster app behaves which authentication call it send, What it sends in header of those call ect.

Reverse engineer this process in your java app.

answered Jun 14 '16 at 10:18

Abhishek Patil

1,373
3
30
62

Gaël Marziou · Answer 3 · 2016-06-14T18:51:16.380

0

Another solution could be to generate your REST client using generator-jhipster-swagger-cli module

edited Jun 14 '16 at 18:51

answered Jun 14 '16 at 17:26

Gaël Marziou

16,028
4
38
49

Make a Jhipster REST client in java

3 Answers3