com.mastercard.developer:oauth1-signer
Advanced tools
Zero dependency library for generating a Mastercard API compliant OAuth signature
Zero dependency library for generating a Mastercard API compliant OAuth signature.
Java 11+
Before using this library, you will need to set up a project in the Mastercard Developers Portal.
As part of this set up, you'll receive credentials for your app:
<dependency>
<groupId>com.mastercard.developer</groupId>
<artifactId>oauth1-signer</artifactId>
<version>${oauth1-signer-version}</version>
</dependency>
dependencies {
implementation "com.mastercard.developer:oauth1-signer:$oauth1SignerVersion"
}
See: https://search.maven.org/artifact/com.mastercard.developer/oauth1-signer
A PrivateKey key object can be created by calling the AuthenticationUtils.loadSigningKey method:
PrivateKey signingKey = AuthenticationUtils.loadSigningKey(
"<insert PKCS#12 key file path>",
"<insert key alias>",
"<insert key password>");
The method that does all the heavy lifting is OAuth.getAuthorizationHeader. You can call into it directly and as long as you provide the correct parameters, it will return a string that you can add into your request's Authorization header.
String consumerKey = "<insert consumer key>";
URI uri = URI.create("https://sandbox.api.mastercard.com/service");
String method = "POST";
String payload = "Hello world!";
Charset charset = StandardCharsets.UTF_8;
String authHeader = OAuth.getAuthorizationHeader(uri, method, payload, charset, consumerKey, signingKey);
Alternatively, you can use helper classes for some of the commonly used HTTP clients.
These classes, provided in the com.mastercard.developer.signers package, will modify the provided request object in-place and will add the correct Authorization header. Once instantiated with a consumer key and private key, these objects can be reused.
Usage briefly described below, but you can also refer to the test package for examples.
Charset charset = StandardCharsets.UTF_8;
URL url = new URL("https://sandbox.api.mastercard.com/service");
String payload = "{\"foo\":\"bar\"}";
HttpsURLConnection con = (HttpsURLConnection)url.openConnection();
con.setRequestMethod("POST");
con.setRequestProperty("Content-Type", "application/json; charset=" + charset.name());
HttpsUrlConnectionSigner signer = new HttpsUrlConnectionSigner(charset, consumerKey, signingKey);
signer.sign(con, payload);
String payload = "{\"foo\":\"bar\"}";
HttpClient httpClient = HttpClientBuilder.create().build();
HttpPost httpPost = new HttpPost("https://sandbox.api.mastercard.com/service");
httpPost.setEntity(new StringEntity(payload, ContentType.APPLICATION_JSON));
ApacheHttpClient4Signer signer = new ApacheHttpClient4Signer(consumerKey, signingKey);
signer.sign(httpPost);
MediaType JSON = MediaType.parse("application/json; charset=utf-8");
String payload = "{\"foo\":\"bar\"}";
OkHttpClient client = new OkHttpClient();
RequestBody body = RequestBody.create(JSON, payload);
Request.Builder request = new Request.Builder()
.url("https://sandbox.api.mastercard.com/service")
.post(body);
OkHttpSigner signer = new OkHttpSigner(consumerKey, signingKey);
signer.sign(request);
OpenAPI Generator generates API client libraries from OpenAPI Specs. It provides generators and library templates for supporting multiple languages and frameworks.
The com.mastercard.developer.interceptors package will provide you with some request interceptor classes you can use when configuring your API client. These classes will take care of adding the correct Authorization header before sending the request.
Library options currently supported for the java generator:
See also:
<configuration>
<inputSpec>${project.basedir}/src/main/resources/openapi-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>okhttp-gson</library>
<!-- ... -->
</configuration>
OkHttp2OAuth1Interceptor (OpenAPI Generator 3.3.x)ApiClient client = new ApiClient();
client.setBasePath("https://sandbox.api.mastercard.com");
List<Interceptor> interceptors = client.getHttpClient().interceptors();
interceptors.add(new OkHttp2OAuth1Interceptor(consumerKey, signingKey));
ServiceApi serviceApi = new ServiceApi(client);
// ...
OkHttpOAuth1Interceptor (OpenAPI Generator 4+)ApiClient client = new ApiClient();
client.setBasePath("https://sandbox.api.mastercard.com");
Proxy proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress("https://proxy-url.com", 8866)); // Optional Proxy Configuration
client.setHttpClient(
client.getHttpClient()
.newBuilder()
.proxy(proxy) // Optional proxy
.addInterceptor(new OkHttpOAuth1Interceptor(consumerKey, signingKey))
.build()
);
ServiceApi serviceApi = new ServiceApi(client);
// ...
<configuration>
<inputSpec>${project.basedir}/src/main/resources/openapi-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>feign</library>
<!-- ... -->
</configuration>
OpenFeignOAuth1InterceptorApiClient client = new ApiClient();
client.setBasePath("https://sandbox.api.mastercard.com");
Feign.Builder feignBuilder = client.getFeignBuilder();
ArrayList<RequestInterceptor> interceptors = new ArrayList<>();
interceptors.add(new OpenFeignOAuth1Interceptor(consumerKey, signingKey, client.getBasePath()));
feignBuilder.requestInterceptors(interceptors);
ServiceApi serviceApi = client.buildClient(ServiceApi.class);
// ...
<configuration>
<inputSpec>${project.basedir}/src/main/resources/openapi-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>retrofit</library>
<!-- ... -->
</configuration>
OkHttp2OAuth1InterceptorApiClient client = new ApiClient();
RestAdapter.Builder adapterBuilder = client.getAdapterBuilder();
adapterBuilder.setEndpoint("https://sandbox.api.mastercard.com");
List<Interceptor> interceptors = client.getOkClient().interceptors();
interceptors.add(new OkHttp2OAuth1Interceptor(consumerKey, signingKey));
ServiceApi serviceApi = client.createService(ServiceApi.class);
// ...
<configuration>
<inputSpec>${project.basedir}/src/main/resources/openapi-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>retrofit2</library>
<!-- ... -->
</configuration>
OkHttpOAuth1InterceptorApiClient client = new ApiClient();
Retrofit.Builder adapterBuilder = client.getAdapterBuilder();
adapterBuilder.baseUrl("https://sandbox.api.mastercard.com");
OkHttpClient.Builder okBuilder = client.getOkBuilder();
okBuilder.addInterceptor(new OkHttpOAuth1Interceptor(consumerKey, signingKey));
ServiceApi serviceApi = client.createService(ServiceApi.class);
// ...
<configuration>
<inputSpec>${project.basedir}/src/main/resources/openapi-spec.yaml</inputSpec>
<generatorName>java</generatorName>
<library>google-api-client</library>
<!-- ... -->
</configuration>
HttpExecuteOAuth1InterceptorHttpRequestInitializer initializer = new HttpRequestInitializer() {
@Override
public void initialize(HttpRequest request) {
request.setInterceptor(new HttpExecuteOAuth1Interceptor(consumerKey, signingKey));
}
};
ApiClient client = new ApiClient("https://sandbox.api.mastercard.com", null, initializer, null);
ServiceApi serviceApi = client.serviceApi();
// ...
FAQs
Zero dependency library for generating a Mastercard API compliant OAuth signature
We found that com.mastercard.developer:oauth1-signer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.