Merge branch '252-sync-client-add-new-jwt-and-multiple-credentials' into dev

Author: greenrobot

objectbox-java/src/main/java/io/objectbox/sync/CredentialsType.java

@@ -54,5 +54,21 @@ private CredentialsType() { }
    * Generic credential type suitable for ObjectBox admin (and possibly others in the future)
    */
   public static final int UserPassword = 6;
+  /**
+   * JSON Web Token (JWT): an ID token that typically provides identity information about the authenticated user.
+   */
+  public static final int JwtId = 7;
+  /**
+   * JSON Web Token (JWT): an access token that is used to access resources.
+   */
+  public static final int JwtAccess = 8;
+  /**
+   * JSON Web Token (JWT): a refresh token that is used to obtain a new access token.
+   */
+  public static final int JwtRefresh = 9;
+  /**
+   * JSON Web Token (JWT): a token that is neither an ID, access, nor refresh token.
+   */
+  public static final int JwtCustom = 10;
 }
 

objectbox-java/src/main/java/io/objectbox/sync/Sync.java

@@ -63,6 +63,19 @@ public static SyncBuilder client(BoxStore boxStore, String url, SyncCredentials
         return new SyncBuilder(boxStore, url, credentials);
     }
 
+    /**
+     * Starts building a {@link SyncClient}. Once done, complete with {@link SyncBuilder#build() build()}.
+     *
+     * @param boxStore The {@link BoxStore} the client should use.
+     * @param url The URL of the Sync server on which the Sync protocol is exposed. This is typically a WebSockets URL
+     * starting with {@code ws://} or {@code wss://} (for encrypted connections), for example
+     * {@code ws://127.0.0.1:9999}.
+     * @param multipleCredentials An array of {@link SyncCredentials} to be used to authenticate the user.
+     */
+    public static SyncBuilder client(BoxStore boxStore, String url, SyncCredentials[] multipleCredentials) {
+        return new SyncBuilder(boxStore, url, multipleCredentials);
+    }
+
     /**
      * Starts building a {@link SyncServer}. Once done, complete with {@link SyncServerBuilder#build() build()}.
      * <p>
@@ -80,6 +93,23 @@ public static SyncServerBuilder server(BoxStore boxStore, String url, SyncCreden
         return new SyncServerBuilder(boxStore, url, authenticatorCredentials);
     }
 
+    /**
+     * Starts building a {@link SyncServer}. Once done, complete with {@link SyncServerBuilder#build() build()}.
+     * <p>
+     * Note: when also using Admin, make sure it is started before the server.
+     *
+     * @param boxStore The {@link BoxStore} the server should use.
+     * @param url The URL of the Sync server on which the Sync protocol is exposed. This is typically a WebSockets URL
+     * starting with {@code ws://} or {@code wss://} (for encrypted connections), for example
+     * {@code ws://0.0.0.0:9999}.
+     * @param multipleAuthenticatorCredentials An authentication method available to Sync clients and peers. Additional
+     * authenticator credentials can be supplied using the returned builder. For the embedded server, currently only
+     * {@link SyncCredentials#sharedSecret} and {@link SyncCredentials#none} are supported.
+     */
+    public static SyncServerBuilder server(BoxStore boxStore, String url, SyncCredentials[] multipleAuthenticatorCredentials) {
+        return new SyncServerBuilder(boxStore, url, multipleAuthenticatorCredentials);
+    }
+
     /**
      * Starts building a {@link SyncHybrid}, a client/server hybrid typically used for embedded cluster setups.
      * <p>

objectbox-java/src/main/java/io/objectbox/sync/SyncBuilder.java

@@ -17,11 +17,14 @@
 package io.objectbox.sync;
 
 import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
 
 import javax.annotation.Nullable;
 
 import io.objectbox.BoxStore;
 import io.objectbox.annotation.apihint.Internal;
+import io.objectbox.exception.FeatureNotAvailableException;
 import io.objectbox.sync.internal.Platform;
 import io.objectbox.sync.listener.SyncChangeListener;
 import io.objectbox.sync.listener.SyncCompletedListener;
@@ -40,7 +43,7 @@ public final class SyncBuilder {
     final Platform platform;
     final BoxStore boxStore;
     String url;
-    final SyncCredentials credentials;
+    final List<SyncCredentials> credentials;
 
     @Nullable SyncLoginListener loginListener;
     @Nullable SyncCompletedListener completedListener;
@@ -83,18 +86,35 @@ public enum RequestUpdatesMode {
         AUTO_NO_PUSHES
     }
 
+    private static void checkSyncFeatureAvailable() {
+        if (!BoxStore.isSyncAvailable()) {
+            throw new FeatureNotAvailableException(
+                    "This library does not include ObjectBox Sync. " +
+                            "Please visit https://objectbox.io/sync/ for options.");
+        }
+    }
+
+
     @Internal
     public SyncBuilder(BoxStore boxStore, SyncCredentials credentials) {
         checkNotNull(boxStore, "BoxStore is required.");
         checkNotNull(credentials, "Sync credentials are required.");
-        if (!BoxStore.isSyncAvailable()) {
-            throw new IllegalStateException(
-                    "This library does not include ObjectBox Sync. " +
-                            "Please visit https://objectbox.io/sync/ for options.");
+        checkSyncFeatureAvailable();
+        this.platform = Platform.findPlatform();
+        this.boxStore = boxStore;
+        this.credentials = Collections.singletonList(credentials);
+    }
+
+    @Internal
+    public SyncBuilder(BoxStore boxStore, SyncCredentials[] multipleCredentials) {
+        checkNotNull(boxStore, "BoxStore is required.");
+        if (multipleCredentials.length == 0) {
+            throw new IllegalArgumentException("At least one Sync credential is required.");
         }
+        checkSyncFeatureAvailable();
         this.platform = Platform.findPlatform();
         this.boxStore = boxStore;
-        this.credentials = credentials;
+        this.credentials = Arrays.asList(multipleCredentials);
     }
 
     @Internal
@@ -104,6 +124,13 @@ public SyncBuilder(BoxStore boxStore, String url, SyncCredentials credentials) {
         this.url = url;
     }
 
+    @Internal
+    public SyncBuilder(BoxStore boxStore, String url, SyncCredentials[] multipleCredentials) {
+        this(boxStore, multipleCredentials);
+        checkNotNull(url, "Sync server URL is required.");
+        this.url = url;
+    }
+
     /**
      * Allows internal code to set the Sync server URL after creating this builder.
      */

objectbox-java/src/main/java/io/objectbox/sync/SyncClient.java

@@ -133,6 +133,12 @@ public interface SyncClient extends Closeable {
      */
     void setLoginCredentials(SyncCredentials credentials);
 
+    /**
+     * Updates the login credentials. This should not be required during regular use.
+     * It allows passing login credentials that the client can use to authenticate with the server.
+     */
+    void setLoginCredentials(SyncCredentials[] multipleCredentials);
+
     /**
      * Waits until the sync client receives a response to its first (connection and) login attempt
      * or until the given time has expired.

objectbox-java/src/main/java/io/objectbox/sync/SyncClientImpl.java

@@ -96,7 +96,13 @@ public final class SyncClientImpl implements SyncClient {
         this.internalListener = new InternalSyncClientListener();
         nativeSetListener(handle, internalListener);
 
-        setLoginCredentials(builder.credentials);
+        if (builder.credentials.size() == 1) {
+            setLoginCredentials(builder.credentials.get(0));
+        } else if (builder.credentials.size() > 1) {
+            setLoginCredentials(builder.credentials.toArray(new SyncCredentials[0]));
+        } else {
+            throw new IllegalArgumentException("No credentials provided");
+        }
 
         // If created successfully, let store keep a reference so the caller does not have to.
         InternalAccess.setSyncClient(builder.boxStore, this);
@@ -196,6 +202,26 @@ public void setLoginCredentials(SyncCredentials credentials) {
         }
     }
 
+    @Override
+    public void setLoginCredentials(SyncCredentials[] multipleCredentials) {
+        for (int i = 0; i < multipleCredentials.length; i++) {
+            SyncCredentials credentials = multipleCredentials[i];
+            boolean isLast = i == (multipleCredentials.length - 1);
+            if (credentials instanceof SyncCredentialsToken) {
+                SyncCredentialsToken credToken = (SyncCredentialsToken) credentials;
+                nativeAddLoginCredentials(getHandle(), credToken.getTypeId(), credToken.getTokenBytes(), isLast);
+                credToken.clear(); // Clear immediately, not needed anymore.
+            } else if (credentials instanceof SyncCredentialsUserPassword) {
+                SyncCredentialsUserPassword credUserPassword = (SyncCredentialsUserPassword) credentials;
+                nativeAddLoginCredentialsUserPassword(getHandle(), credUserPassword.getTypeId(), credUserPassword.getUsername(),
+                        credUserPassword.getPassword(), isLast);
+            } else {
+                throw new IllegalArgumentException("credentials is not a supported type");
+            }
+        }
+    }
+
+
     @Override
     public boolean awaitFirstLogin(long millisToWait) {
         if (!started) {
@@ -322,6 +348,10 @@ public ObjectsMessageBuilder startObjectsMessage(long flags, @Nullable String to
 
     private native void nativeSetLoginInfoUserPassword(long handle, long credentialsType, String username, String password);
 
+    private native void nativeAddLoginCredentials(long handle, long credentialsType, @Nullable byte[] credentials, boolean complete);
+
+    private native void nativeAddLoginCredentialsUserPassword(long handle, long credentialsType, String username, String password, boolean complete);
+
     private native void nativeSetListener(long handle, @Nullable InternalSyncClientListener listener);
 
     private native void nativeSetSyncChangesListener(long handle, @Nullable SyncChangeListener advancedListener);

objectbox-java/src/main/java/io/objectbox/sync/SyncCredentials.java

@@ -48,8 +48,46 @@ public static SyncCredentials google(String idToken) {
         return new SyncCredentialsToken(CredentialsType.GOOGLE, idToken);
     }
 
+    /**
+     * ObjectBox admin users (username/password)
+     */
+    public static SyncCredentials obxAdminUser(String user, String password) {
+        return new SyncCredentialsUserPassword(CredentialsType.OBX_ADMIN_USER, user, password);
+    }
+
+    /**
+     * Generic credential type suitable for ObjectBox admin (and possibly others in the future)
+     */
     public static SyncCredentials userAndPassword(String user, String password) {
-        return new SyncCredentialsUserPassword(user, password);
+        return new SyncCredentialsUserPassword(CredentialsType.USER_PASSWORD, user, password);
+    }
+
+    /**
+     * JSON Web Token (JWT): an ID token that typically provides identity information about the authenticated user.
+     */
+    public static SyncCredentials jwtIdToken(String jwtIdToken) {
+        return new SyncCredentialsToken(CredentialsType.JWT_ID_TOKEN, jwtIdToken);
+    }
+
+    /**
+     * JSON Web Token (JWT): an access token that is used to access resources.
+     */
+    public static SyncCredentials jwtAccessToken(String jwtAccessToken) {
+        return new SyncCredentialsToken(CredentialsType.JWT_ACCESS_TOKEN, jwtAccessToken);
+    }
+
+    /**
+     * JSON Web Token (JWT): a refresh token that is used to obtain a new access token.
+     */
+    public static SyncCredentials jwtRefreshToken(String jwtRefreshToken) {
+        return new SyncCredentialsToken(CredentialsType.JWT_REFRESH_TOKEN, jwtRefreshToken);
+    }
+
+    /**
+     * JSON Web Token (JWT): a token that is neither an ID, access, nor refresh token.
+     */
+    public static SyncCredentials jwtCustomToken(String jwtCustomToken) {
+        return new SyncCredentialsToken(CredentialsType.JWT_CUSTOM_TOKEN, jwtCustomToken);
     }
 
     /**
@@ -65,7 +103,11 @@ public enum CredentialsType {
         GOOGLE(io.objectbox.sync.CredentialsType.GoogleAuth),
         SHARED_SECRET_SIPPED(io.objectbox.sync.CredentialsType.SharedSecretSipped),
         OBX_ADMIN_USER(io.objectbox.sync.CredentialsType.ObxAdminUser),
-        USER_PASSWORD(io.objectbox.sync.CredentialsType.UserPassword);
+        USER_PASSWORD(io.objectbox.sync.CredentialsType.UserPassword),
+        JWT_ID_TOKEN(io.objectbox.sync.CredentialsType.JwtId),
+        JWT_ACCESS_TOKEN(io.objectbox.sync.CredentialsType.JwtAccess),
+        JWT_REFRESH_TOKEN(io.objectbox.sync.CredentialsType.JwtRefresh),
+        JWT_CUSTOM_TOKEN(io.objectbox.sync.CredentialsType.JwtCustom);
 
         public final long id;
 

objectbox-java/src/main/java/io/objectbox/sync/SyncCredentialsUserPassword.java

@@ -28,8 +28,8 @@ public final class SyncCredentialsUserPassword extends SyncCredentials {
     private final String username;
     private final String password;
 
-    SyncCredentialsUserPassword(String username, String password) {
-        super(CredentialsType.USER_PASSWORD);
+    SyncCredentialsUserPassword(CredentialsType type, String username, String password) {
+        super(type);
         this.username = username;
         this.password = password;
     }
@@ -44,6 +44,6 @@ public String getPassword() {
 
     @Override
     SyncCredentials createClone() {
-        return new SyncCredentialsUserPassword(this.username, this.password);
+        return new SyncCredentialsUserPassword(getType(), this.username, this.password);
     }
 }