FusionAuth Java Client

Java Client Library

The Java client library allows you to integrate FusionAuth with your Java application.

Source Code:

https://github.com/FusionAuth/fusionauth-java-client

Maven Dependency

<dependency>
  <groupId>io.fusionauth</groupId>
  <artifactId>fusionauth-java-client</artifactId>
  <version>1.7.0</version>
</dependency>

When building your application, utilize the version that corresponds to the version of FusionAuth your running. View all available versions on https://search.maven.org

Using the FusionAuth and consuming the ClientResponse

The Java client has two styles of use, the first return a ClientResponse object. This object contains everything that occurred while communicating with the FusionAuth server. If the communication with the server encountered a network issue, the ClientResponse.exception might contain an IOException.

The following code assumes FusionAuth is running on http://localhost:9011 and uses an API key 6b87a398-39f2-4692-927b-13188a81a9a3, you will need to supply your own API key, and if you are not running FusionAuth locally, your host parameter may be different.

Here is an example of using the retrieveUserByEmail method to retrieve a User by an email address.

import com.inversoft.error.Errors;
import io.fusionauth.client.FusionAuthClient;
import io.fusionauth.domain.User;
import io.fusionauth.domain.api.UserResponse;
import com.inversoft.rest.ClientResponse;

public class Example {
  private final FusionAuthClient client;

  public Example() {
    client = new FusionAuthClient("6b87a398-39f2-4692-927b-13188a81a9a3", "http://localhost:9011");
  }

  public User getUserByEmail(String email) {
    ClientResponse<UserResponse, Errors> response = client.retrieveUserByEmail(email);
    if (response.wasSuccessful()) {
      return response.successResponse.user;
    } else if (response.errorResponse != null) {
      // Error Handling
      Errors errors = response.errorResponse;
    } else if (response.exception != null) {
      // Exception Handling
      Exception exception = response.exception;
    }

    return null;
  }
}

Using the Lambda Delegate

The Java Client may also be used along with our Lambda delegate that provides exception handling and allows you to write code assuming a happy path. Here is the same example from above using the lambda delegate:

import com.inversoft.error.Errors;
import io.fusionauth.client.LambdaDelegate;
import io.fusionauth.client.FusionAuthClient;
import io.fusionauth.domain.User;
import com.inversoft.rest.ClientResponse;

public class Example {
  private final String apiKey = "6b87a398-39f2-4692-927b-13188a81a9a3";

  private final String fusionauthURL = "http://localhost:9011";

  private final FusionAuthClient client;

  private final LambdaDelegate delegate;

  public Example(String apiKey, String fusionauthURL) {
    this.client = new FusionAuthClient(apiKey, fusionauthURL);
    this.delegate = new LambdaDelegate(this.client, (r) -> r.successResponse, this::handleError);
  }

  public User getUserByEmail(String email) {
    return delegate.execute(c -> c.retrieveUserByEmail("user@example.com")).user;
  }

  private <T, U> void handleError(ClientResponse<T, U> clientResponse) {
    if (clientResponse.exception != null) {
      // Handle the exception
      ...
    } else if (clientResponse.errorResponse != null && clientResponse.errorResponse instanceof Errors) {
      // Handle errors
      ...
    }
  }
}

As you can see, using the lambda delegate requires less code to handle the success response and the error handling code can be re-used.

PATCH requests

Available Since Version 1.14.0

PATCH requests are handled differently than you might expect. PATCH operations allow you to modify only parts of an object in FusionAuth.

In client libraries with static typing, such as this one for Java, there are no strongly typed objects set as part of a PATCH request. Instead, a hash, dictionary or map object is used. Ensure that you are using multi level dictionaries that create JSON with nested keys, otherwise the PATCH request will fail. This allows use of key value pairs to build a PATCH request.

For example, if you want to change only the name of an application using PATCH, you would want the JSON that is sent across the wire to look like this:

Example PATCH Application JSON

{
  "application": {
     "name": "hooli-bought-us"
   }
}

If you built a typed application request object and then serialized it, it would contain empty arrays or other default values. This would modify the object you were changing in ways you didn’t expect. This would likely cause the system behave in ways you don’t want.

By requiring you to build nested key value pairs, the JSON serialization works correctly. This is essentially a limitation of the current implementation in Java and FusionAuth PATCH support.

For this behavior to work correctly with typed objects, FusionAuth would need to ensure the domain object had no default values, and then instruct the serializer to omit empty objects, empty arrays and other values from the resulting JSON. This would ensure that the PATCH was performed correctly with no unwanted side effects.

Once support for RFC 7396 lands in FusionAuth, there may be some additional options for configuring a JSON serializer to allow use of typed domain objects for PATCH.

An alternative that allows you to use typed objects immediately is to perform a retrieve operation, modify the object in memory, and then execute an update operation. These are functionally equivalent to a single PATCH operation.

Using Java to manage FusionAuth

Example apps

Java jwt - JWT creation and decoding examples with the fusionauth-jwt library
Password encryptors - Example of custom password encryptors to help with user migration
Spring security - Uses Spring Security and OIDC to authenticate users
User and application management - Using the FusionAuth client library to add and remove users and applications

Feedback

How helpful was this page?

See a problem?

File an issue in our docs repo