GroundWork FoxHttp Interceptors & Authorization - viascom/FoxHttp GitHub Wiki

Authorization

What is an authorization?

Authorizations are used to authorize a client to a server. Every authorization has a scope in which it will be executed. A scope is defined by the url and request type. If you use the DefaultAuthorizationStrategy you can also use placeholders (*) in your url. One scope can have none, one or many authorizations.

Where will an authorization be executed?

An authorization gets executed after the url has been processed an the headers and query parameters are set (right after the RequestHeaderInterceptor).

What authorizations do already exist?

  • BasicAuthAuthorization (example of BasicAuth)
  • BearerTokenAuthorization

When should I use an interceptor instead of an authorization?

Because an authorization gets executed after the url, headers and query parameters has been set it is not possible to change the query parameters based on the FoxHttpRequestQuery. So if you want to change thr url or query parameters it is recommended to use the RequestInterceptor.

Interceptors

What are interceptors?

Interceptors are used to execute code at a specific point during a request.
FoxHttp knows 6 different interceptors:

  • RequestInterceptor
  • RequestHeaderInterceptor
  • RequestBodyInterceptor
  • ResponseCodeInterceptor
  • ResponseBodyInterceptor
  • ResponseInterceptor

Where are these points?

Interceptor-Image

How do I use an interceptor?

Every interceptor has a public void onIntercept(InterceptorContext context) throws FoxHttpException; method. The InterceptorContext depends on the used interceptor. The context is used to read and write from the request/response.

All interceptors are stored in the FoxHttpClient. They can be added easily by the registerFoxHttpInterceptor method in the FoxHttpClientBuilder.
Every interceptor has a weight property which is used to define the order of the execution. The lowest number is executed first.

Which interceptor should I use for what?

The following list should give you an idea which interceptor is used for what.

RequestInterceptor

  • Set a global query parameter.
  • Change the url based on a rule.

RequestHeaderInterceptor

  • Set a product specific header.
  • Change already set headers.

RequestBodyInterceptor

  • Encrypt the serialized body (an example of a simple XOR-Interceptor).
  • Calculate a checksum of the serialized body.

ResponseCodeInterceptor

  • Throw an exception if the response code is 500.

ResponseBodyInterceptor

  • Decrypt the serialized body.

ResponseInterceptor

  • Change request meta data.
  • Log the response.
  • Save the response to a database.
⚠️ **GitHub.com Fallback** ⚠️