feat(api-client): implement API for configuration auth strategy

Author: TheMrMilchmann

modules/api-client/api/api-client.api

@@ -1,3 +1,11 @@
+public final class com/gw2tb/gw2api/client/AuthenticationStrategy : java/lang/Enum {
+	public static final field HEADER Lcom/gw2tb/gw2api/client/AuthenticationStrategy;
+	public static final field QUERY Lcom/gw2tb/gw2api/client/AuthenticationStrategy;
+	public static fun getEntries ()Lkotlin/enums/EnumEntries;
+	public static fun valueOf (Ljava/lang/String;)Lcom/gw2tb/gw2api/client/AuthenticationStrategy;
+	public static fun values ()[Lcom/gw2tb/gw2api/client/AuthenticationStrategy;
+}
+
 public abstract interface class com/gw2tb/gw2api/client/CacheAccess {
 	public abstract fun memoize (Lcom/gw2tb/gw2api/client/Gw2ApiResponse;)V
 	public abstract fun query (Lcom/gw2tb/gw2api/client/Gw2ApiRequest;)Lcom/gw2tb/gw2api/client/Gw2ApiResponse;
@@ -54,18 +62,20 @@ public final class com/gw2tb/gw2api/client/DecodingResultKt {
 
 public final class com/gw2tb/gw2api/client/Gw2ApiClient : java/lang/AutoCloseable {
 	public fun <init> (Lcom/gw2tb/gw2api/client/internal/http/IHttpClient;Lcom/gw2tb/gw2api/client/Gw2ApiClientBuilder;)V
-	public fun <init> (Lcom/gw2tb/gw2api/client/internal/http/IHttpClient;Ljava/lang/String;Lcom/gw2tb/gw2api/client/CacheAccess;Lcom/gw2tb/gw2api/client/RateLimiter;Lkotlinx/serialization/json/Json;Ljava/util/List;)V
+	public fun <init> (Lcom/gw2tb/gw2api/client/internal/http/IHttpClient;Ljava/lang/String;Lcom/gw2tb/gw2api/client/AuthenticationStrategy;Lcom/gw2tb/gw2api/client/CacheAccess;Lcom/gw2tb/gw2api/client/RateLimiter;Lkotlinx/serialization/json/Json;Ljava/util/List;)V
 	public fun close ()V
 	public final fun execute (Lcom/gw2tb/gw2api/client/RequestTemplate;)Lcom/gw2tb/gw2api/client/Gw2ApiResponse;
 	public final fun executeAsync (Lcom/gw2tb/gw2api/client/RequestTemplate;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;
 }
 
 public final class com/gw2tb/gw2api/client/Gw2ApiClientBuilder {
 	public final fun configureRequest (Lcom/gw2tb/gw2api/client/RequestConfigurer;)V
+	public final fun getAuthenticationStrategy ()Lcom/gw2tb/gw2api/client/AuthenticationStrategy;
 	public final fun getCacheAccess ()Lcom/gw2tb/gw2api/client/CacheAccess;
 	public final fun getHost ()Ljava/lang/String;
 	public final fun getJson ()Lkotlinx/serialization/json/Json;
 	public final fun getRateLimiter ()Lcom/gw2tb/gw2api/client/RateLimiter;
+	public final fun setAuthenticationStrategy (Lcom/gw2tb/gw2api/client/AuthenticationStrategy;)V
 	public final fun setCacheAccess (Lcom/gw2tb/gw2api/client/CacheAccess;)V
 	public final fun setHost (Ljava/lang/String;)V
 	public final fun setJson (Lkotlinx/serialization/json/Json;)V
@@ -305,6 +315,9 @@ public final class com/gw2tb/gw2api/client/TokenBucketRateLimiter : com/gw2tb/gw
 	public fun penalize (Lkotlin/coroutines/Continuation;)Ljava/lang/Object;
 }
 
+public abstract interface annotation class com/gw2tb/gw2api/client/UnsafeQueryAuthentication : java/lang/annotation/Annotation {
+}
+
 public abstract class com/gw2tb/gw2api/client/exceptions/ClientValidationException : java/lang/Exception {
 	public synthetic fun <init> (Ljava/lang/String;Lkotlin/jvm/internal/DefaultConstructorMarker;)V
 }

modules/api-client/src/commonMain/kotlin/com/gw2tb/gw2api/client/AuthenticationStrategy.kt

@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2018-2024 Leon Linhart
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.gw2tb.gw2api.client
+
+/**
+ * An authentication strategy determines how to authenticate requests to the API.
+ *
+ * @since   0.8.0
+ */
+public enum class AuthenticationStrategy {
+    /**
+     * Authentication is performed via the `Authorization` header.
+     *
+     * @author  0.8.0
+     */
+    HEADER,
+
+    /**
+     * Authentication is performed via the `access_token` query parameter.
+     *
+     * **This method is considered unsafe outside of server environments and should be avoided if possible.**
+     *
+     * @author  0.8.0
+     */
+    @UnsafeQueryAuthentication
+    QUERY
+}

modules/api-client/src/commonMain/kotlin/com/gw2tb/gw2api/client/Gw2ApiClient.kt

@@ -57,6 +57,7 @@ public fun Gw2ApiClient(httpClient: IHttpClient, block: Gw2ApiClientConfigurer):
 public expect class Gw2ApiClient @InternalGw2ApiClientApi constructor(
     httpClient: IHttpClient,
     host: String,
+    authenticationStrategy: AuthenticationStrategy,
     cacheAccess: CacheAccess?,
     rateLimiter: RateLimiter?,
     json: Json,

modules/api-client/src/commonMain/kotlin/com/gw2tb/gw2api/client/Gw2ApiClientBuilder.kt

@@ -39,6 +39,15 @@ public class Gw2ApiClientBuilder internal constructor() {
      */
     public var host: String = Gw2ApiClientDefaults.host
 
+    /**
+     * The strategy to use for authentication.
+     *
+     * The value defaults to [AuthenticationStrategy.HEADER].
+     *
+     * @since   0.8.0
+     */
+    public var authenticationStrategy: AuthenticationStrategy = AuthenticationStrategy.HEADER
+
     /**
      * The cache access object to use for caching API responses.
      *

modules/api-client/src/commonMain/kotlin/com/gw2tb/gw2api/client/UnsafeQueryAuthentication.kt

@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2018-2024 Leon Linhart
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+package com.gw2tb.gw2api.client
+
+/**
+ * A marker class that is used enforce explicit consent for using [AuthenticationStrategy.QUERY].
+ *
+ * @since   0.8.0
+ *
+ * @author  Leon Linhart
+ */
+@RequiresOptIn(message = "Authentication via query parameters is considered unsafe outside of server environments and should be avoided if possible.")
+public annotation class UnsafeQueryAuthentication

modules/api-client/src/jvmMain/kotlin/com/gw2tb/gw2api/client/Gw2ApiClient.kt

@@ -31,6 +31,7 @@ import kotlinx.serialization.json.Json
 public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
     private val httpClient: IHttpClient,
     private val host: String,
+    private val authenticationStrategy: AuthenticationStrategy,
     private val cacheAccess: CacheAccess?,
     private val rateLimiter: RateLimiter?,
     private val json: Json,
@@ -41,6 +42,7 @@ public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
     public actual constructor(httpClient: IHttpClient, builder: Gw2ApiClientBuilder): this(
         httpClient = httpClient,
         host = builder.host,
+        authenticationStrategy = builder.authenticationStrategy,
         cacheAccess = builder.cacheAccess,
         rateLimiter = builder.rateLimiter,
         json = builder.json,
@@ -77,19 +79,32 @@ public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
             res
         }
 
+        val parameters = buildMap {
+            putAll(template.parameters)
+
+            @OptIn(UnsafeQueryAuthentication::class)
+            if (authenticationStrategy == AuthenticationStrategy.QUERY && template.apiKey != null) {
+                put("access_token", template.apiKey)
+            }
+
+            if (template.language != null) {
+                put("lang", template.language.code)
+            }
+        }
+
+        val headers = buildMap {
+            putAll(template.headers)
+
+            if (authenticationStrategy == AuthenticationStrategy.HEADER && template.apiKey != null) {
+                put("Authorization", "Bearer ${template.apiKey}")
+            }
+        }
+
         val request = Gw2ApiRequest(
             baseUrl = host,
             path = template.path,
-            parameters = if (template.language != null) {
-                template.parameters + ("lang" to template.language.code)
-            } else {
-                template.parameters
-            },
-            headers = if (template.apiKey != null) {
-                template.headers + ("Authorization" to "Bearer ${template.apiKey}")
-            } else {
-                template.headers
-            },
+            parameters = parameters,
+            headers = headers,
             apiKey = template.apiKey,
             language = template.language,
             serializer = template.serializer

modules/api-client/src/nonJvmMain/kotlin/com/gw2tb/gw2api/client/Gw2ApiClient.kt

@@ -29,6 +29,7 @@ import kotlinx.serialization.json.Json
 public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
     private val httpClient: IHttpClient,
     private val host: String,
+    private val authenticationStrategy: AuthenticationStrategy,
     private val cacheAccess: CacheAccess?,
     private val rateLimiter: RateLimiter?,
     private val json: Json,
@@ -39,6 +40,7 @@ public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
     public actual constructor(httpClient: IHttpClient, builder: Gw2ApiClientBuilder): this(
         httpClient = httpClient,
         host = builder.host,
+        authenticationStrategy = builder.authenticationStrategy,
         cacheAccess = builder.cacheAccess,
         rateLimiter = builder.rateLimiter,
         json = builder.json,
@@ -56,19 +58,32 @@ public actual class Gw2ApiClient @InternalGw2ApiClientApi actual constructor(
             res
         }
 
+        val parameters = buildMap {
+            putAll(template.parameters)
+
+            @OptIn(UnsafeQueryAuthentication::class)
+            if (authenticationStrategy == AuthenticationStrategy.QUERY && template.apiKey != null) {
+                put("access_token", template.apiKey)
+            }
+
+            if (template.language != null) {
+                put("lang", template.language.code)
+            }
+        }
+
+        val headers = buildMap {
+            putAll(template.headers)
+
+            if (authenticationStrategy == AuthenticationStrategy.HEADER && template.apiKey != null) {
+                put("Authorization", "Bearer ${template.apiKey}")
+            }
+        }
+
         val request = Gw2ApiRequest(
             baseUrl = host,
             path = template.path,
-            parameters = if (template.language != null) {
-                template.parameters + ("lang" to template.language.code)
-            } else {
-                template.parameters
-            },
-            headers = if (template.apiKey != null) {
-                template.headers + ("Authorization" to "Bearer ${template.apiKey}")
-            } else {
-                template.headers
-            },
+            parameters = parameters,
+            headers = headers,
             apiKey = template.apiKey,
             language = template.language,
             serializer = template.serializer