[JAVA][Feign] Replace Apache oltu with scribejava (#8318)

* - Replace apache oltu with scribejava
- Implement the following authentication methods
  - ApiKey header
  - HTTP basic authentication
  - Oauth client credentials flow
  - Oauth Implicit flow
  - Oauth Pasword (deprecated)

* Create class hierarchy for Oauth flows implementation

* Add instructions of how to use the ApiClient to Readme.md

* Update samples

* Remove support for java 6 and 7

* Remove java 6 and 7 support from gradle

* Format pom.xml

* Remove empty line

* Update samples

* Remove oltu dependency from build.gradle and build.sbt.
Replace oltu with ScribeJava

Update samples

* Update samples

* Update samples

modules/openapi-generator/src/main/java/org/openapitools/codegen/languages/JavaClientCodegen.java

@@ -392,6 +392,10 @@ public class JavaClientCodegen extends AbstractJavaCodegen
             forceSerializationLibrary(SERIALIZATION_LIBRARY_JACKSON);
             supportingFiles.add(new SupportingFile("ParamExpander.mustache", invokerFolder, "ParamExpander.java"));
             supportingFiles.add(new SupportingFile("EncodingUtils.mustache", invokerFolder, "EncodingUtils.java"));
+            supportingFiles.add(new SupportingFile("auth/DefaultApi20Impl.mustache", authFolder, "DefaultApi20Impl.java"));
+            supportingFiles.add(new SupportingFile("auth/OauthPasswordGrant.mustache", authFolder, "OauthPasswordGrant.java"));
+            supportingFiles.add(new SupportingFile("auth/OauthClientCredentialsGrant.mustache", authFolder, "OauthClientCredentialsGrant.java"));
+
         } else if (OKHTTP_GSON.equals(getLibrary()) || StringUtils.isEmpty(getLibrary())) {
             // the "okhttp-gson" library template requires "ApiCallback.mustache" for async call
             supportingFiles.add(new SupportingFile("ApiCallback.mustache", invokerFolder, "ApiCallback.java"));

modules/openapi-generator/src/main/resources/Java/auth/OAuthFlow.mustache

@@ -2,6 +2,10 @@
 
 package {{invokerPackage}}.auth;
 
+{{>generatedAnnotation}}
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

modules/openapi-generator/src/main/resources/Java/libraries/feign/ApiClient.mustache

@@ -2,11 +2,8 @@ package {{invokerPackage}};
 
 import java.util.LinkedHashMap;
 import java.util.Map;
-
+import java.util.logging.Level;
-{{#hasOAuthMethods}}
+import java.util.logging.Logger;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
-{{/hasOAuthMethods}}
 
 {{#threetenbp}}
 import org.threeten.bp.*;
@@ -41,6 +38,8 @@ import {{invokerPackage}}.auth.OAuth.AccessTokenListener;
 
 {{>generatedAnnotation}}
 public class ApiClient {
+  private static final Logger log = Logger.getLogger(ApiClient.class.getName());
+
   public interface Api {}
 
   protected ObjectMapper objectMapper;
@@ -60,6 +59,7 @@ public class ApiClient {
   public ApiClient(String[] authNames) {
     this();
     for(String authName : authNames) {
+      log.log(Level.FINE, "Creating authentication {0}", authName);
       {{#hasAuthMethods}}
       RequestInterceptor auth;
       {{#authMethods}}if ("{{name}}".equals(authName)) {
@@ -75,7 +75,7 @@ public class ApiClient {
         auth = new ApiKeyAuth({{#isKeyInHeader}}"header"{{/isKeyInHeader}}{{#isKeyInQuery}}"query"{{/isKeyInQuery}}{{#isKeyInCookie}}"cookie"{{/isKeyInCookie}}, "{{keyParamName}}");
       {{/isApiKey}}
       {{#isOAuth}}
-        auth = new OAuth(OAuthFlow.{{flow}}, "{{authorizationUrl}}", "{{tokenUrl}}", "{{#scopes}}{{scope}}{{^-last}}, {{/-last}}{{/scopes}}");
+        auth = buildOauthRequestInterceptor(OAuthFlow.{{flow}}, "{{authorizationUrl}}", "{{tokenUrl}}", "{{#scopes}}{{scope}}{{^-last}}, {{/-last}}{{/scopes}}");
       {{/isOAuth}}
       } else {{/authMethods}}{
         throw new RuntimeException("auth name \"" + authName + "\" not found in available auth names");
@@ -106,36 +106,6 @@ public class ApiClient {
     this.setApiKey(apiKey);
   }
 
-  /**
-   * Helper constructor for single basic auth or password oauth2
-   * @param authName
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String username, String password) {
-    this(authName);
-    this.setCredentials(username,  password);
-  }
-
-  {{#hasOAuthMethods}}
-  /**
-   * Helper constructor for single password oauth2
-   * @param authName
-   * @param clientId
-   * @param secret
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String clientId, String secret, String username, String password) {
-    this(authName);
-    this.getTokenEndPoint()
-           .setClientId(clientId)
-           .setClientSecret(secret)
-           .setUsername(username)
-           .setPassword(password);
-  }
-
-  {{/hasOAuthMethods}}
   public String getBasePath() {
     return basePath;
   }
@@ -190,10 +160,25 @@ public class ApiClient {
     return objectMapper;
   }
 
+  private RequestInterceptor buildOauthRequestInterceptor(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+    switch (flow) {
+      case password:
+        return new OauthPasswordGrant(tokenUrl, scopes);
+      case application:
+        return new OauthClientCredentialsGrant(authorizationUrl, tokenUrl, scopes);
+      default:
+        throw new RuntimeException("Oauth flow \"" + flow + "\" is not implemented");
+    }
+  }
+
   public ObjectMapper getObjectMapper(){
     return objectMapper;
   }
 
+  public void setObjectMapper(ObjectMapper objectMapper) {
+        this.objectMapper = objectMapper;
+  }
+
   /**
    * Creates a feign client for given API interface.
    *
@@ -240,19 +225,13 @@ public class ApiClient {
     return contentTypes[0];
   }
 
-
   /**
    * Helper method to configure the bearer token.
    * @param bearerToken the bearer token.
    */
   public void setBearerToken(String bearerToken) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBearerAuth apiAuthorization =  getAuthorization(HttpBearerAuth.class);
-      if (apiAuthorization instanceof HttpBearerAuth) {
+    apiAuthorization.setBearerToken(bearerToken);
-        ((HttpBearerAuth) apiAuthorization).setBearerToken(bearerToken);
-        return;
-      }
-    }
-    throw new RuntimeException("No Bearer authentication configured!");
   }
 
   /**
@@ -260,66 +239,39 @@ public class ApiClient {
    * @param apiKey API key
    */
   public void setApiKey(String apiKey) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    ApiKeyAuth apiAuthorization =  getAuthorization(ApiKeyAuth.class);
-      if (apiAuthorization instanceof ApiKeyAuth) {
+    apiAuthorization.setApiKey(apiKey);
-        ApiKeyAuth keyAuth = (ApiKeyAuth) apiAuthorization;
-        keyAuth.setApiKey(apiKey);
-        return ;
-      }
-    }
-    throw new RuntimeException("No API key authentication configured!");
   }
 
   /**
-   * Helper method to configure the username/password for basic auth or password OAuth
+   * Helper method to configure the username/password for basic auth
    * @param username Username
    * @param password Password
    */
   public void setCredentials(String username, String password) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBasicAuth apiAuthorization = getAuthorization(HttpBasicAuth.class);
-      if (apiAuthorization instanceof HttpBasicAuth) {
+    apiAuthorization.setCredentials(username, password);
-        HttpBasicAuth basicAuth = (HttpBasicAuth) apiAuthorization;
-        basicAuth.setCredentials(username, password);
-        return;
-      }
-      {{#hasOAuthMethods}}
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder().setUsername(username).setPassword(password);
-        return;
-      }
-      {{/hasOAuthMethods}}
-    }
-    throw new RuntimeException("No Basic authentication or OAuth configured!");
   }
 
   {{#hasOAuthMethods}}
   /**
-   * Helper method to configure the token endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the client credentials for Oauth 
-   * @return Token request builder
+   * @param username Username
+   * @param password Password
    */
-  public TokenRequestBuilder getTokenEndPoint() {
+  public void setClientCredentials(String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthClientCredentialsGrant authorization = getAuthorization(OauthClientCredentialsGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    authorization.configure(clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getTokenRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
-   * Helper method to configure authorization endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the username/password for Oauth password grant
-   * @return Authentication request builder
+   * @param username Username
+   * @param password Password
    */
-  public AuthenticationRequestBuilder getAuthorizationEndPoint() {
+  public void setOauthPassword(String username, String password, String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthPasswordGrant apiAuthorization = getAuthorization(OauthPasswordGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.configure(username, password, clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getAuthenticationRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
@@ -327,14 +279,9 @@ public class ApiClient {
    * @param accessToken Access Token
    * @param expiresIn Validity period in seconds
    */
-  public void setAccessToken(String accessToken, Long expiresIn) {
+  public void setAccessToken(String accessToken, Integer expiresIn) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.setAccessToken(accessToken, expiresIn);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.setAccessToken(accessToken, expiresIn);
-        return;
-      }
-    }
   }
 
   /**
@@ -344,19 +291,7 @@ public class ApiClient {
    * @param redirectURI Redirect URI
    */
   public void configureAuthorizationFlow(String clientId, String clientSecret, String redirectURI) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    throw new RuntimeException("Not implemented");
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder()
-                .setClientId(clientId)
-                .setClientSecret(clientSecret)
-                .setRedirectURI(redirectURI);
-        oauth.getAuthenticationRequestBuilder()
-                .setClientId(clientId)
-                .setRedirectURI(redirectURI);
-        return;
-      }
-    }
   }
 
   /**
@@ -364,13 +299,8 @@ public class ApiClient {
    * @param accessTokenListener Acesss token listener
    */
   public void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.registerAccessTokenListener(accessTokenListener);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.registerAccessTokenListener(accessTokenListener);
-        return;
-      }
-    }
   }
 
   {{/hasOAuthMethods}}
@@ -396,4 +326,11 @@ public class ApiClient {
     feignBuilder.requestInterceptor(authorization);
   }
 
+  private <T extends RequestInterceptor> T getAuthorization(Class<T> type) {
+    return (T) apiAuthorizations.values()
+                                .stream()
+                                .filter(requestInterceptor -> type.isAssignableFrom(requestInterceptor.getClass()))
+                                .findFirst()
+                                .orElseThrow(() -> new RuntimeException("No Oauth authentication or OAuth configured!"));
+    }
 }

modules/openapi-generator/src/main/resources/Java/libraries/feign/README.mustache

@@ -32,6 +32,41 @@ After the client library is installed/deployed, you can use it in your Maven pro
 
 ```
 
+And to use the api you can follow the examples bellow:
+
+```java
+
+    //Set bearer token manually
+    ApiClient apiClient = new ApiClient("petstore_auth_client");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setAccessToken("TOKEN", 10000);
+
+    //Use api key
+    ApiClient apiClient = new ApiClient("api_key", "API KEY");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+
+    //Use http basic authentication
+    ApiClient apiClient = new ApiClient("basicAuth");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setCredentials("username", "password");
+
+    //Oauth password
+    ApiClient apiClient = new ApiClient("oauth_password");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setOauthPassword("username", "password", "client_id", "client_secret");
+    
+    //Oauth client credentials flow
+    ApiClient apiClient = new ApiClient("oauth_client_credentials");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setClientCredentials("client_id", "client_secret");
+
+    PetApi petApi = apiClient.buildClient(PetApi.class);
+    Pet petById = petApi.getPetById(12345L);
+    
+    System.out.println(petById);
+  }
+```
+
 ## Recommendation
 
 It's recommended to create an instance of `ApiClient` per thread in a multithreaded environment to avoid any potential issues.
@@ -40,4 +75,3 @@ It's recommended to create an instance of `ApiClient` per thread in a multithrea
 
 {{#apiInfo}}{{#apis}}{{#-last}}{{infoEmail}}
 {{/-last}}{{/apis}}{{/apiInfo}}
-

modules/openapi-generator/src/main/resources/Java/libraries/feign/auth/DefaultApi20Impl.mustache

@@ -0,0 +1,47 @@
+package {{invokerPackage}}.auth;
+
+import com.github.scribejava.core.builder.api.DefaultApi20;
+import com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor;
+import com.github.scribejava.core.extractors.TokenExtractor;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignatureURIQueryParameter;
+import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
+import com.github.scribejava.core.oauth2.clientauthentication.RequestBodyAuthenticationScheme;
+
+{{>generatedAnnotation}}
+public class DefaultApi20Impl extends DefaultApi20 {
+
+    private final String accessTokenEndpoint;
+    private final String authorizationBaseUrl;
+
+    protected DefaultApi20Impl(String authorizationBaseUrl, String accessTokenEndpoint) {
+        this.authorizationBaseUrl = authorizationBaseUrl;
+        this.accessTokenEndpoint = accessTokenEndpoint;
+    }
+
+    @Override
+    public String getAccessTokenEndpoint() {
+        return accessTokenEndpoint;
+    }
+
+    @Override
+    protected String getAuthorizationBaseUrl() {
+        return authorizationBaseUrl;
+    }
+
+    @Override
+    public BearerSignature getBearerSignature() {
+        return BearerSignatureURIQueryParameter.instance();
+    }
+
+    @Override
+    public ClientAuthentication getClientAuthentication() {
+        return RequestBodyAuthenticationScheme.instance();
+    }
+
+    @Override
+    public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
+        return OAuth2AccessTokenJsonExtractor.instance();
+    }
+}

modules/openapi-generator/src/main/resources/Java/libraries/feign/auth/OAuth.mustache

@@ -1,198 +1,81 @@
 package {{invokerPackage}}.auth;
 
-import java.io.IOException;
+import com.github.scribejava.core.model.OAuth2AccessToken;
-import java.util.Collection;
+import com.github.scribejava.core.oauth.OAuth20Service;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import org.apache.oltu.oauth2.client.HttpClient;
-import org.apache.oltu.oauth2.client.OAuthClient;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponse;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory;
-import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
-import org.apache.oltu.oauth2.common.token.BasicOAuthToken;
-
-import feign.Client;
 import feign.Request.HttpMethod;
-import feign.Request.Options;
 import feign.RequestInterceptor;
 import feign.RequestTemplate;
-import feign.Response;
 import feign.RetryableException;
-import feign.Util;
-import {{invokerPackage}}.StringUtil;
 
+{{>generatedAnnotation}}
+public abstract class OAuth implements RequestInterceptor {
 
-public class OAuth implements RequestInterceptor {
+  static final int MILLIS_PER_SECOND = 1000;
 
-    static final int MILLIS_PER_SECOND = 1000;
+  public interface AccessTokenListener {
+    void notify(OAuth2AccessToken token);
+  }
 
-    public interface AccessTokenListener {
+  private volatile String accessToken;
-        void notify(BasicOAuthToken token);
+  private Long expirationTimeMillis;
+  private AccessTokenListener accessTokenListener;
+
+  protected OAuth20Service service;
+  protected String scopes;
+  protected String authorizationUrl;
+  protected String tokenUrl;
+
+  public OAuth(String authorizationUrl, String tokenUrl, String scopes) {
+    this.scopes = scopes;
+    this.authorizationUrl = authorizationUrl;
+    this.tokenUrl = tokenUrl;
+  }
+
+  @Override
+  public void apply(RequestTemplate template) {
+    // If the request already have an authorization (eg. Basic auth), do nothing
+    if (template.headers().containsKey("Authorization")) {
+      return;
     }
-
+    // If first time, get the token
-    private volatile String accessToken;
+    if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-    private Long expirationTimeMillis;
+      updateAccessToken(template);
-    private OAuthClient oauthClient;
-    private TokenRequestBuilder tokenRequestBuilder;
-    private AuthenticationRequestBuilder authenticationRequestBuilder;
-    private AccessTokenListener accessTokenListener;
-
-    public OAuth(Client client, TokenRequestBuilder requestBuilder) {
-        this.oauthClient = new OAuthClient(new OAuthFeignClient(client));
-        this.tokenRequestBuilder = requestBuilder;
     }
-
+    if (getAccessToken() != null) {
-    public OAuth(Client client, OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+      template.header("Authorization", "Bearer " + getAccessToken());
-        this(client, OAuthClientRequest.tokenLocation(tokenUrl).setScope(scopes));
-
-        switch(flow) {
-        case accessCode:
-        case implicit:
-            tokenRequestBuilder.setGrantType(GrantType.AUTHORIZATION_CODE);
-            break;
-        case password:
-            tokenRequestBuilder.setGrantType(GrantType.PASSWORD);
-            break;
-        case application:
-            tokenRequestBuilder.setGrantType(GrantType.CLIENT_CREDENTIALS);
-            break;
-        default:
-            break;
-        }
-        authenticationRequestBuilder = OAuthClientRequest.authorizationLocation(authorizationUrl);
     }
+  }
 
-    public OAuth(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+  private synchronized void updateAccessToken(RequestTemplate template) {
-        this(new Client.Default(null, null), flow, authorizationUrl, tokenUrl, scopes);
+    OAuth2AccessToken accessTokenResponse;
+    try {
+      accessTokenResponse = getOAuth2AccessToken();
+    } catch (Exception e) {
+      throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
     }
-
+    if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-    @Override
+      setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-    public void apply(RequestTemplate template) {
+      if (accessTokenListener != null) {
-        // If the request already have an authorization (eg. Basic auth), do nothing
+        accessTokenListener.notify(accessTokenResponse);
-        if (template.headers().containsKey("Authorization")) {
+      }
-            return;
-        }
-        // If first time, get the token
-        if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-            updateAccessToken(template);
-        }
-        if (getAccessToken() != null) {
-            template.header("Authorization", "Bearer " + getAccessToken());
-        }
     }
+  }
 
-    public synchronized void updateAccessToken(RequestTemplate template) {
+  abstract OAuth2AccessToken getOAuth2AccessToken();
-        OAuthJSONAccessTokenResponse accessTokenResponse;
-        try {
-            accessTokenResponse = oauthClient.accessToken(tokenRequestBuilder.buildBodyMessage());
-        } catch (Exception e) {
-            throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
-        }
-        if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-            setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-            if (accessTokenListener != null) {
-                accessTokenListener.notify((BasicOAuthToken) accessTokenResponse.getOAuthToken());
-            }
-        }
-    }
 
-    public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
+  abstract OAuthFlow getFlow();
-        this.accessTokenListener = accessTokenListener;
-    }
 
-    public synchronized String getAccessToken() {
+  public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-        return accessToken;
+    this.accessTokenListener = accessTokenListener;
-    }
+  }
 
-    public synchronized void setAccessToken(String accessToken, Long expiresIn) {
+  public synchronized String getAccessToken() {
-        this.accessToken = accessToken;
+    return accessToken;
-        this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
-    }
 
-    public TokenRequestBuilder getTokenRequestBuilder() {
+  public synchronized void setAccessToken(String accessToken, Integer expiresIn) {
-        return tokenRequestBuilder;
+    this.accessToken = accessToken;
-    }
+    this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
 
-    public void setTokenRequestBuilder(TokenRequestBuilder tokenRequestBuilder) {
-        this.tokenRequestBuilder = tokenRequestBuilder;
-    }
-
-    public AuthenticationRequestBuilder getAuthenticationRequestBuilder() {
-        return authenticationRequestBuilder;
-    }
-
-    public void setAuthenticationRequestBuilder(AuthenticationRequestBuilder authenticationRequestBuilder) {
-        this.authenticationRequestBuilder = authenticationRequestBuilder;
-    }
-
-    public OAuthClient getOauthClient() {
-        return oauthClient;
-    }
-
-    public void setOauthClient(OAuthClient oauthClient) {
-        this.oauthClient = oauthClient;
-    }
-
-    public void setOauthClient(Client client) {
-        this.oauthClient = new OAuthClient( new OAuthFeignClient(client));
-    }
-
-    public static class OAuthFeignClient implements HttpClient {
-
-        private Client client;
-
-        public OAuthFeignClient() {
-            this.client = new Client.Default(null, null);
-        }
-
-        public OAuthFeignClient(Client client) {
-            this.client = client;
-        }
-
-        public <T extends OAuthClientResponse> T execute(OAuthClientRequest request, Map<String, String> headers,
-                String requestMethod, Class<T> responseClass)
-                        throws OAuthSystemException, OAuthProblemException {
-
-            RequestTemplate req = new RequestTemplate()
-                    .append(request.getLocationUri())
-                    .method(requestMethod)
-                    .body(request.getBody());
-
-            for (Entry<String, String> entry : headers.entrySet()) {
-                req.header(entry.getKey(), entry.getValue());
-            }
-            Response feignResponse;
-            String body = "";
-            try {
-                feignResponse = client.execute(req.request(), new Options());
-                body = Util.toString(feignResponse.body().asReader());
-            } catch (IOException e) {
-                throw new OAuthSystemException(e);
-            }
-
-            String contentType = null;
-            Collection<String> contentTypeHeader =  feignResponse.headers().get("Content-Type");
-            if(contentTypeHeader != null) {
-                contentType = StringUtil.join(contentTypeHeader.toArray(new String[0]), ";");
-            }
-
-            return OAuthClientResponseFactory.createCustomResponse(
-                    body,
-                    contentType,
-                    feignResponse.status(),
-                    responseClass
-            );
-        }
-
-        public void shutdown() {
-            // Nothing to do here
-        }
-    }
 }

modules/openapi-generator/src/main/resources/Java/libraries/feign/auth/OauthClientCredentialsGrant.mustache

@@ -0,0 +1,39 @@
+package {{invokerPackage}}.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+{{>generatedAnnotation}}
+public class OauthClientCredentialsGrant extends OAuth {
+
+  public OauthClientCredentialsGrant(String authorizationUrl, String tokenUrl, String scopes) {
+    super(authorizationUrl, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenClientCredentialsGrant(scopes);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.application;
+  }
+
+  /**
+   * Configures the client credentials flow
+   *
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String clientId, String clientSecret) {
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

modules/openapi-generator/src/main/resources/Java/libraries/feign/auth/OauthPasswordGrant.mustache

@@ -0,0 +1,48 @@
+package {{invokerPackage}}.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+{{>generatedAnnotation}}
+public class OauthPasswordGrant extends OAuth {
+
+  private String username;
+  private String password;
+
+  public OauthPasswordGrant(String tokenUrl, String scopes) {
+    super(null, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenPasswordGrant(username, password);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.password;
+  }
+
+  /**
+   * Configures Oauth password grant flow
+   * Note: this flow is deprecated.
+   *
+   * @param username
+   * @param password
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String username, String password, String clientId, String clientSecret) {
+    this.username = username;
+    this.password = password;
+    //TODO the clientId and secret are optional according with the RFC
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

modules/openapi-generator/src/main/resources/Java/libraries/feign/build.gradle.mustache

@@ -33,20 +33,8 @@ if(hasProperty('target') && target == 'android') {
             targetSdkVersion 25
         }
         compileOptions {
-            {{#supportJava6}}
-            sourceCompatibility JavaVersion.VERSION_1_6
-            targetCompatibility JavaVersion.VERSION_1_6
-            {{/supportJava6}}
-            {{^supportJava6}}
-            {{#java8}}
             sourceCompatibility JavaVersion.VERSION_1_8
             targetCompatibility JavaVersion.VERSION_1_8
-            {{/java8}}
-            {{^java8}}
-            sourceCompatibility JavaVersion.VERSION_1_7
-            targetCompatibility JavaVersion.VERSION_1_7
-            {{/java8}}
-            {{/supportJava6}}
         }
 
         // Rename the aar correctly
@@ -91,20 +79,8 @@ if(hasProperty('target') && target == 'android') {
     apply plugin: 'java'
     apply plugin: 'maven'
 
-    {{#supportJava6}}
-    sourceCompatibility = JavaVersion.VERSION_1_6
-    targetCompatibility = JavaVersion.VERSION_1_6
-    {{/supportJava6}}
-    {{^supportJava6}}
-    {{#java8}}
     sourceCompatibility = JavaVersion.VERSION_1_8
     targetCompatibility = JavaVersion.VERSION_1_8
-    {{/java8}}
-    {{^java8}}
-    sourceCompatibility = JavaVersion.VERSION_1_7
-    targetCompatibility = JavaVersion.VERSION_1_7
-    {{/java8}}
-    {{/supportJava6}}
 
     install {
         repositories.mavenInstaller {
@@ -131,7 +107,7 @@ ext {
     feign_version = "10.11"
     feign_form_version = "3.8.0"
     junit_version = "4.13.1"
-    oltu_version = "1.0.1"
+    scribejava_version = "8.0.0"
 }
 
 dependencies {
@@ -156,7 +132,8 @@ dependencies {
     {{#threetenbp}}
     implementation "com.github.joschi.jackson:jackson-datatype-threetenbp:$jackson_threetenbp_version"
     {{/threetenbp}}
-    implementation "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    implementation "com.brsanthu:migbase64:2.2"
+    implementation "com.github.scribejava:scribejava-core:$scribejava_version"
     implementation "com.brsanthu:migbase64:2.2"
     implementation 'javax.annotation:javax.annotation-api:1.3.2'
     testImplementation "junit:junit:$junit_version"

modules/openapi-generator/src/main/resources/Java/libraries/feign/build.sbt.mustache

@@ -19,7 +19,7 @@ lazy val root = (project in file(".")).
       "com.fasterxml.jackson.core" % "jackson-databind" % "2.10.3" % "compile",
       "com.fasterxml.jackson.datatype" % "jackson-datatype-{{^java8}}joda{{/java8}}{{#java8}}jsr310{{/java8}}" % "2.9.10" % "compile",
       "com.github.joschi.jackson" % "jackson-datatype-threetenbp" % "2.9.10" % "compile",
-      "org.apache.oltu.oauth2" % "org.apache.oltu.oauth2.client" % "1.0.1" % "compile",
+      "com.github.scribejava" % "scribejava-core" % "8.0.0" % "compile",
       "com.brsanthu" % "migbase64" % "2.2" % "compile",
       "javax.annotation" % "javax.annotation-api" % "1.3.2" % "compile",
       "junit" % "junit" % "4.13.1" % "test",

modules/openapi-generator/src/main/resources/Java/libraries/feign/pom.mustache

@@ -161,17 +161,7 @@
                 <version>3.1.1</version>
                 <configuration>
                     <doclint>none</doclint>
-                    {{#supportJava6}}
+                    <source>1.8</source>
-                        <source>1.6</source>
-                    {{/supportJava6}}
-                    {{^supportJava6}}
-                    {{#java8}}
-                        <source>1.8</source>
-                    {{/java8}}
-                    {{^java8}}
-                        <source>1.7</source>
-                    {{/java8}}
-                    {{/supportJava6}}
                 </configuration>
                 <executions>
                     <execution>
@@ -282,40 +272,38 @@
         </dependency>
         {{/openApiNullable}}
         {{#withXml}}
-
+        <!-- XML Support -->
-            <!-- XML Support -->
+        <dependency>
-            <dependency>
+          <groupId>com.fasterxml.jackson.dataformat</groupId>
-                <groupId>com.fasterxml.jackson.dataformat</groupId>
+          <artifactId>jackson-dataformat-xml</artifactId>
-                <artifactId>jackson-dataformat-xml</artifactId>
+          <version>${jackson-version}</version>
-                <version>${jackson-version}</version>
+        </dependency>
-            </dependency>
-
         {{/withXml}}
         {{#joda}}
-            <dependency>
+        <dependency>
-                <groupId>com.fasterxml.jackson.datatype</groupId>
+          <groupId>com.fasterxml.jackson.datatype</groupId>
-                <artifactId>jackson-datatype-joda</artifactId>
+          <artifactId>jackson-datatype-joda</artifactId>
-                <version>${jackson-version}</version>
+          <version>${jackson-version}</version>
-            </dependency>
+        </dependency>
         {{/joda}}
         {{#java8}}
-            <dependency>
+        <dependency>
-                <groupId>com.fasterxml.jackson.datatype</groupId>
+          <groupId>com.fasterxml.jackson.datatype</groupId>
-                <artifactId>jackson-datatype-jsr310</artifactId>
+          <artifactId>jackson-datatype-jsr310</artifactId>
-                <version>${jackson-version}</version>
+          <version>${jackson-version}</version>
-            </dependency>
+        </dependency>
         {{/java8}}
         {{#threetenbp}}
-            <dependency>
+        <dependency>
-                <groupId>com.github.joschi.jackson</groupId>
+          <groupId>com.github.joschi.jackson</groupId>
-                <artifactId>jackson-datatype-threetenbp</artifactId>
+          <artifactId>jackson-datatype-threetenbp</artifactId>
-                <version>${jackson-threetenbp-version}</version>
+          <version>${jackson-threetenbp-version}</version>
-            </dependency>
+        </dependency>
         {{/threetenbp}}
         <dependency>
-            <groupId>org.apache.oltu.oauth2</groupId>
+            <groupId>com.github.scribejava</groupId>
-            <artifactId>org.apache.oltu.oauth2.client</artifactId>
+            <artifactId>scribejava-core</artifactId>
-            <version>${oltu-version}</version>
+            <version>${scribejava-version}</version>
         </dependency>
         <dependency>
             <groupId>javax.annotation</groupId>
@@ -346,7 +334,7 @@
     </dependencies>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <java.version>{{#supportJava6}}1.6{{/supportJava6}}{{^supportJava6}}{{#java8}}1.8{{/java8}}{{^java8}}1.7{{/java8}}{{/supportJava6}}</java.version>
+        <java.version>1.8</java.version>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
         <swagger-annotations-version>1.5.24</swagger-annotations-version>
@@ -363,6 +351,6 @@
         <javax-annotation-version>1.3.2</javax-annotation-version>
         <junit-version>4.13.1</junit-version>
         <maven-plugin-version>1.0.0</maven-plugin-version>
-        <oltu-version>1.0.1</oltu-version>
+        <scribejava-version>8.0.0</scribejava-version>
     </properties>
 </project>

samples/client/petstore/java/feign-no-nullable/.openapi-generator/FILES

@@ -28,10 +28,13 @@ src/main/java/org/openapitools/client/api/PetApi.java
 src/main/java/org/openapitools/client/api/StoreApi.java
 src/main/java/org/openapitools/client/api/UserApi.java
 src/main/java/org/openapitools/client/auth/ApiKeyAuth.java
+src/main/java/org/openapitools/client/auth/DefaultApi20Impl.java
 src/main/java/org/openapitools/client/auth/HttpBasicAuth.java
 src/main/java/org/openapitools/client/auth/HttpBearerAuth.java
 src/main/java/org/openapitools/client/auth/OAuth.java
 src/main/java/org/openapitools/client/auth/OAuthFlow.java
+src/main/java/org/openapitools/client/auth/OauthClientCredentialsGrant.java
+src/main/java/org/openapitools/client/auth/OauthPasswordGrant.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesAnyType.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesArray.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesBoolean.java

samples/client/petstore/java/feign-no-nullable/README.md

@@ -32,6 +32,41 @@ After the client library is installed/deployed, you can use it in your Maven pro
 
 ```
 
+And to use the api you can follow the examples bellow:
+
+```java
+
+    //Set bearer token manually
+    ApiClient apiClient = new ApiClient("petstore_auth_client");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setAccessToken("TOKEN", 10000);
+
+    //Use api key
+    ApiClient apiClient = new ApiClient("api_key", "API KEY");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+
+    //Use http basic authentication
+    ApiClient apiClient = new ApiClient("basicAuth");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setCredentials("username", "password");
+
+    //Oauth password
+    ApiClient apiClient = new ApiClient("oauth_password");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setOauthPassword("username", "password", "client_id", "client_secret");
+    
+    //Oauth client credentials flow
+    ApiClient apiClient = new ApiClient("oauth_client_credentials");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setClientCredentials("client_id", "client_secret");
+
+    PetApi petApi = apiClient.buildClient(PetApi.class);
+    Pet petById = petApi.getPetById(12345L);
+    
+    System.out.println(petById);
+  }
+```
+
 ## Recommendation
 
 It's recommended to create an instance of `ApiClient` per thread in a multithreaded environment to avoid any potential issues.
@@ -40,4 +75,3 @@ It's recommended to create an instance of `ApiClient` per thread in a multithrea
 
 
 
-

samples/client/petstore/java/feign-no-nullable/build.gradle

@@ -33,8 +33,8 @@ if(hasProperty('target') && target == 'android') {
             targetSdkVersion 25
         }
         compileOptions {
-            sourceCompatibility JavaVersion.VERSION_1_7
+            sourceCompatibility JavaVersion.VERSION_1_8
-            targetCompatibility JavaVersion.VERSION_1_7
+            targetCompatibility JavaVersion.VERSION_1_8
         }
 
         // Rename the aar correctly
@@ -79,8 +79,8 @@ if(hasProperty('target') && target == 'android') {
     apply plugin: 'java'
     apply plugin: 'maven'
 
-    sourceCompatibility = JavaVersion.VERSION_1_7
+    sourceCompatibility = JavaVersion.VERSION_1_8
-    targetCompatibility = JavaVersion.VERSION_1_7
+    targetCompatibility = JavaVersion.VERSION_1_8
 
     install {
         repositories.mavenInstaller {
@@ -102,7 +102,7 @@ ext {
     feign_version = "10.11"
     feign_form_version = "3.8.0"
     junit_version = "4.13.1"
-    oltu_version = "1.0.1"
+    scribejava_version = "8.0.0"
 }
 
 dependencies {
@@ -116,7 +116,8 @@ dependencies {
     implementation "com.fasterxml.jackson.core:jackson-annotations:$jackson_version"
     implementation "com.fasterxml.jackson.core:jackson-databind:$jackson_databind_version"
     implementation "com.github.joschi.jackson:jackson-datatype-threetenbp:$jackson_threetenbp_version"
-    implementation "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    implementation "com.brsanthu:migbase64:2.2"
+    implementation "com.github.scribejava:scribejava-core:$scribejava_version"
     implementation "com.brsanthu:migbase64:2.2"
     implementation 'javax.annotation:javax.annotation-api:1.3.2'
     testImplementation "junit:junit:$junit_version"

samples/client/petstore/java/feign-no-nullable/build.sbt

@@ -19,7 +19,7 @@ lazy val root = (project in file(".")).
       "com.fasterxml.jackson.core" % "jackson-databind" % "2.10.3" % "compile",
       "com.fasterxml.jackson.datatype" % "jackson-datatype-joda" % "2.9.10" % "compile",
       "com.github.joschi.jackson" % "jackson-datatype-threetenbp" % "2.9.10" % "compile",
-      "org.apache.oltu.oauth2" % "org.apache.oltu.oauth2.client" % "1.0.1" % "compile",
+      "com.github.scribejava" % "scribejava-core" % "8.0.0" % "compile",
       "com.brsanthu" % "migbase64" % "2.2" % "compile",
       "javax.annotation" % "javax.annotation-api" % "1.3.2" % "compile",
       "junit" % "junit" % "4.13.1" % "test",

samples/client/petstore/java/feign-no-nullable/pom.xml

@@ -154,7 +154,7 @@
                 <version>3.1.1</version>
                 <configuration>
                     <doclint>none</doclint>
-                        <source>1.7</source>
+                    <source>1.8</source>
                 </configuration>
                 <executions>
                     <execution>
@@ -257,15 +257,15 @@
             <artifactId>jackson-databind</artifactId>
             <version>${jackson-databind-version}</version>
         </dependency>
-            <dependency>
-                <groupId>com.github.joschi.jackson</groupId>
-                <artifactId>jackson-datatype-threetenbp</artifactId>
-                <version>${jackson-threetenbp-version}</version>
-            </dependency>
         <dependency>
-            <groupId>org.apache.oltu.oauth2</groupId>
+          <groupId>com.github.joschi.jackson</groupId>
-            <artifactId>org.apache.oltu.oauth2.client</artifactId>
+          <artifactId>jackson-datatype-threetenbp</artifactId>
-            <version>${oltu-version}</version>
+          <version>${jackson-threetenbp-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.github.scribejava</groupId>
+            <artifactId>scribejava-core</artifactId>
+            <version>${scribejava-version}</version>
         </dependency>
         <dependency>
             <groupId>javax.annotation</groupId>
@@ -296,7 +296,7 @@
     </dependencies>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <java.version>1.7</java.version>
+        <java.version>1.8</java.version>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
         <swagger-annotations-version>1.5.24</swagger-annotations-version>
@@ -308,6 +308,6 @@
         <javax-annotation-version>1.3.2</javax-annotation-version>
         <junit-version>4.13.1</junit-version>
         <maven-plugin-version>1.0.0</maven-plugin-version>
-        <oltu-version>1.0.1</oltu-version>
+        <scribejava-version>8.0.0</scribejava-version>
     </properties>
 </project>

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/ApiClient.java

@@ -2,9 +2,8 @@ package org.openapitools.client;
 
 import java.util.LinkedHashMap;
 import java.util.Map;
-
+import java.util.logging.Level;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
+import java.util.logging.Logger;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
 
 import org.threeten.bp.*;
 
@@ -24,6 +23,8 @@ import org.openapitools.client.auth.OAuth.AccessTokenListener;
 
 @javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public class ApiClient {
+  private static final Logger log = Logger.getLogger(ApiClient.class.getName());
+
   public interface Api {}
 
   protected ObjectMapper objectMapper;
@@ -43,6 +44,7 @@ public class ApiClient {
   public ApiClient(String[] authNames) {
     this();
     for(String authName : authNames) {
+      log.log(Level.FINE, "Creating authentication {0}", authName);
       RequestInterceptor auth;
       if ("api_key".equals(authName)) {
         auth = new ApiKeyAuth("header", "api_key");
@@ -51,7 +53,7 @@ public class ApiClient {
       } else if ("http_basic_test".equals(authName)) {
         auth = new HttpBasicAuth();
       } else if ("petstore_auth".equals(authName)) {
-        auth = new OAuth(OAuthFlow.implicit, "http://petstore.swagger.io/api/oauth/dialog", "", "write:pets, read:pets");
+        auth = buildOauthRequestInterceptor(OAuthFlow.implicit, "http://petstore.swagger.io/api/oauth/dialog", "", "write:pets, read:pets");
       } else {
         throw new RuntimeException("auth name \"" + authName + "\" not found in available auth names");
       }
@@ -77,34 +79,6 @@ public class ApiClient {
     this.setApiKey(apiKey);
   }
 
-  /**
-   * Helper constructor for single basic auth or password oauth2
-   * @param authName
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String username, String password) {
-    this(authName);
-    this.setCredentials(username,  password);
-  }
-
-  /**
-   * Helper constructor for single password oauth2
-   * @param authName
-   * @param clientId
-   * @param secret
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String clientId, String secret, String username, String password) {
-    this(authName);
-    this.getTokenEndPoint()
-           .setClientId(clientId)
-           .setClientSecret(secret)
-           .setUsername(username)
-           .setPassword(password);
-  }
-
   public String getBasePath() {
     return basePath;
   }
@@ -147,10 +121,25 @@ public class ApiClient {
     return objectMapper;
   }
 
+  private RequestInterceptor buildOauthRequestInterceptor(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+    switch (flow) {
+      case password:
+        return new OauthPasswordGrant(tokenUrl, scopes);
+      case application:
+        return new OauthClientCredentialsGrant(authorizationUrl, tokenUrl, scopes);
+      default:
+        throw new RuntimeException("Oauth flow \"" + flow + "\" is not implemented");
+    }
+  }
+
   public ObjectMapper getObjectMapper(){
     return objectMapper;
   }
 
+  public void setObjectMapper(ObjectMapper objectMapper) {
+        this.objectMapper = objectMapper;
+  }
+
   /**
    * Creates a feign client for given API interface.
    *
@@ -197,19 +186,13 @@ public class ApiClient {
     return contentTypes[0];
   }
 
-
   /**
    * Helper method to configure the bearer token.
    * @param bearerToken the bearer token.
    */
   public void setBearerToken(String bearerToken) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBearerAuth apiAuthorization =  getAuthorization(HttpBearerAuth.class);
-      if (apiAuthorization instanceof HttpBearerAuth) {
+    apiAuthorization.setBearerToken(bearerToken);
-        ((HttpBearerAuth) apiAuthorization).setBearerToken(bearerToken);
-        return;
-      }
-    }
-    throw new RuntimeException("No Bearer authentication configured!");
   }
 
   /**
@@ -217,63 +200,38 @@ public class ApiClient {
    * @param apiKey API key
    */
   public void setApiKey(String apiKey) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    ApiKeyAuth apiAuthorization =  getAuthorization(ApiKeyAuth.class);
-      if (apiAuthorization instanceof ApiKeyAuth) {
+    apiAuthorization.setApiKey(apiKey);
-        ApiKeyAuth keyAuth = (ApiKeyAuth) apiAuthorization;
-        keyAuth.setApiKey(apiKey);
-        return ;
-      }
-    }
-    throw new RuntimeException("No API key authentication configured!");
   }
 
   /**
-   * Helper method to configure the username/password for basic auth or password OAuth
+   * Helper method to configure the username/password for basic auth
    * @param username Username
    * @param password Password
    */
   public void setCredentials(String username, String password) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBasicAuth apiAuthorization = getAuthorization(HttpBasicAuth.class);
-      if (apiAuthorization instanceof HttpBasicAuth) {
+    apiAuthorization.setCredentials(username, password);
-        HttpBasicAuth basicAuth = (HttpBasicAuth) apiAuthorization;
-        basicAuth.setCredentials(username, password);
-        return;
-      }
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder().setUsername(username).setPassword(password);
-        return;
-      }
-    }
-    throw new RuntimeException("No Basic authentication or OAuth configured!");
   }
 
   /**
-   * Helper method to configure the token endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the client credentials for Oauth 
-   * @return Token request builder
+   * @param username Username
+   * @param password Password
    */
-  public TokenRequestBuilder getTokenEndPoint() {
+  public void setClientCredentials(String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthClientCredentialsGrant authorization = getAuthorization(OauthClientCredentialsGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    authorization.configure(clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getTokenRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
-   * Helper method to configure authorization endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the username/password for Oauth password grant
-   * @return Authentication request builder
+   * @param username Username
+   * @param password Password
    */
-  public AuthenticationRequestBuilder getAuthorizationEndPoint() {
+  public void setOauthPassword(String username, String password, String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthPasswordGrant apiAuthorization = getAuthorization(OauthPasswordGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.configure(username, password, clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getAuthenticationRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
@@ -281,14 +239,9 @@ public class ApiClient {
    * @param accessToken Access Token
    * @param expiresIn Validity period in seconds
    */
-  public void setAccessToken(String accessToken, Long expiresIn) {
+  public void setAccessToken(String accessToken, Integer expiresIn) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.setAccessToken(accessToken, expiresIn);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.setAccessToken(accessToken, expiresIn);
-        return;
-      }
-    }
   }
 
   /**
@@ -298,19 +251,7 @@ public class ApiClient {
    * @param redirectURI Redirect URI
    */
   public void configureAuthorizationFlow(String clientId, String clientSecret, String redirectURI) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    throw new RuntimeException("Not implemented");
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder()
-                .setClientId(clientId)
-                .setClientSecret(clientSecret)
-                .setRedirectURI(redirectURI);
-        oauth.getAuthenticationRequestBuilder()
-                .setClientId(clientId)
-                .setRedirectURI(redirectURI);
-        return;
-      }
-    }
   }
 
   /**
@@ -318,13 +259,8 @@ public class ApiClient {
    * @param accessTokenListener Acesss token listener
    */
   public void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.registerAccessTokenListener(accessTokenListener);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.registerAccessTokenListener(accessTokenListener);
-        return;
-      }
-    }
   }
 
   /**
@@ -349,4 +285,11 @@ public class ApiClient {
     feignBuilder.requestInterceptor(authorization);
   }
 
+  private <T extends RequestInterceptor> T getAuthorization(Class<T> type) {
+    return (T) apiAuthorizations.values()
+                                .stream()
+                                .filter(requestInterceptor -> type.isAssignableFrom(requestInterceptor.getClass()))
+                                .findFirst()
+                                .orElseThrow(() -> new RuntimeException("No Oauth authentication or OAuth configured!"));
+    }
 }

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/auth/DefaultApi20Impl.java

@@ -0,0 +1,47 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.api.DefaultApi20;
+import com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor;
+import com.github.scribejava.core.extractors.TokenExtractor;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignatureURIQueryParameter;
+import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
+import com.github.scribejava.core.oauth2.clientauthentication.RequestBodyAuthenticationScheme;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class DefaultApi20Impl extends DefaultApi20 {
+
+    private final String accessTokenEndpoint;
+    private final String authorizationBaseUrl;
+
+    protected DefaultApi20Impl(String authorizationBaseUrl, String accessTokenEndpoint) {
+        this.authorizationBaseUrl = authorizationBaseUrl;
+        this.accessTokenEndpoint = accessTokenEndpoint;
+    }
+
+    @Override
+    public String getAccessTokenEndpoint() {
+        return accessTokenEndpoint;
+    }
+
+    @Override
+    protected String getAuthorizationBaseUrl() {
+        return authorizationBaseUrl;
+    }
+
+    @Override
+    public BearerSignature getBearerSignature() {
+        return BearerSignatureURIQueryParameter.instance();
+    }
+
+    @Override
+    public ClientAuthentication getClientAuthentication() {
+        return RequestBodyAuthenticationScheme.instance();
+    }
+
+    @Override
+    public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
+        return OAuth2AccessTokenJsonExtractor.instance();
+    }
+}

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/auth/OAuth.java

@@ -1,198 +1,81 @@
 package org.openapitools.client.auth;
 
-import java.io.IOException;
+import com.github.scribejava.core.model.OAuth2AccessToken;
-import java.util.Collection;
+import com.github.scribejava.core.oauth.OAuth20Service;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import org.apache.oltu.oauth2.client.HttpClient;
-import org.apache.oltu.oauth2.client.OAuthClient;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponse;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory;
-import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
-import org.apache.oltu.oauth2.common.token.BasicOAuthToken;
-
-import feign.Client;
 import feign.Request.HttpMethod;
-import feign.Request.Options;
 import feign.RequestInterceptor;
 import feign.RequestTemplate;
-import feign.Response;
 import feign.RetryableException;
-import feign.Util;
-import org.openapitools.client.StringUtil;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public abstract class OAuth implements RequestInterceptor {
 
-public class OAuth implements RequestInterceptor {
+  static final int MILLIS_PER_SECOND = 1000;
 
-    static final int MILLIS_PER_SECOND = 1000;
+  public interface AccessTokenListener {
+    void notify(OAuth2AccessToken token);
+  }
 
-    public interface AccessTokenListener {
+  private volatile String accessToken;
-        void notify(BasicOAuthToken token);
+  private Long expirationTimeMillis;
+  private AccessTokenListener accessTokenListener;
+
+  protected OAuth20Service service;
+  protected String scopes;
+  protected String authorizationUrl;
+  protected String tokenUrl;
+
+  public OAuth(String authorizationUrl, String tokenUrl, String scopes) {
+    this.scopes = scopes;
+    this.authorizationUrl = authorizationUrl;
+    this.tokenUrl = tokenUrl;
+  }
+
+  @Override
+  public void apply(RequestTemplate template) {
+    // If the request already have an authorization (eg. Basic auth), do nothing
+    if (template.headers().containsKey("Authorization")) {
+      return;
     }
-
+    // If first time, get the token
-    private volatile String accessToken;
+    if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-    private Long expirationTimeMillis;
+      updateAccessToken(template);
-    private OAuthClient oauthClient;
-    private TokenRequestBuilder tokenRequestBuilder;
-    private AuthenticationRequestBuilder authenticationRequestBuilder;
-    private AccessTokenListener accessTokenListener;
-
-    public OAuth(Client client, TokenRequestBuilder requestBuilder) {
-        this.oauthClient = new OAuthClient(new OAuthFeignClient(client));
-        this.tokenRequestBuilder = requestBuilder;
     }
-
+    if (getAccessToken() != null) {
-    public OAuth(Client client, OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+      template.header("Authorization", "Bearer " + getAccessToken());
-        this(client, OAuthClientRequest.tokenLocation(tokenUrl).setScope(scopes));
-
-        switch(flow) {
-        case accessCode:
-        case implicit:
-            tokenRequestBuilder.setGrantType(GrantType.AUTHORIZATION_CODE);
-            break;
-        case password:
-            tokenRequestBuilder.setGrantType(GrantType.PASSWORD);
-            break;
-        case application:
-            tokenRequestBuilder.setGrantType(GrantType.CLIENT_CREDENTIALS);
-            break;
-        default:
-            break;
-        }
-        authenticationRequestBuilder = OAuthClientRequest.authorizationLocation(authorizationUrl);
     }
+  }
 
-    public OAuth(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+  private synchronized void updateAccessToken(RequestTemplate template) {
-        this(new Client.Default(null, null), flow, authorizationUrl, tokenUrl, scopes);
+    OAuth2AccessToken accessTokenResponse;
+    try {
+      accessTokenResponse = getOAuth2AccessToken();
+    } catch (Exception e) {
+      throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
     }
-
+    if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-    @Override
+      setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-    public void apply(RequestTemplate template) {
+      if (accessTokenListener != null) {
-        // If the request already have an authorization (eg. Basic auth), do nothing
+        accessTokenListener.notify(accessTokenResponse);
-        if (template.headers().containsKey("Authorization")) {
+      }
-            return;
-        }
-        // If first time, get the token
-        if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-            updateAccessToken(template);
-        }
-        if (getAccessToken() != null) {
-            template.header("Authorization", "Bearer " + getAccessToken());
-        }
     }
+  }
 
-    public synchronized void updateAccessToken(RequestTemplate template) {
+  abstract OAuth2AccessToken getOAuth2AccessToken();
-        OAuthJSONAccessTokenResponse accessTokenResponse;
-        try {
-            accessTokenResponse = oauthClient.accessToken(tokenRequestBuilder.buildBodyMessage());
-        } catch (Exception e) {
-            throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
-        }
-        if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-            setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-            if (accessTokenListener != null) {
-                accessTokenListener.notify((BasicOAuthToken) accessTokenResponse.getOAuthToken());
-            }
-        }
-    }
 
-    public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
+  abstract OAuthFlow getFlow();
-        this.accessTokenListener = accessTokenListener;
-    }
 
-    public synchronized String getAccessToken() {
+  public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-        return accessToken;
+    this.accessTokenListener = accessTokenListener;
-    }
+  }
 
-    public synchronized void setAccessToken(String accessToken, Long expiresIn) {
+  public synchronized String getAccessToken() {
-        this.accessToken = accessToken;
+    return accessToken;
-        this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
-    }
 
-    public TokenRequestBuilder getTokenRequestBuilder() {
+  public synchronized void setAccessToken(String accessToken, Integer expiresIn) {
-        return tokenRequestBuilder;
+    this.accessToken = accessToken;
-    }
+    this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
 
-    public void setTokenRequestBuilder(TokenRequestBuilder tokenRequestBuilder) {
-        this.tokenRequestBuilder = tokenRequestBuilder;
-    }
-
-    public AuthenticationRequestBuilder getAuthenticationRequestBuilder() {
-        return authenticationRequestBuilder;
-    }
-
-    public void setAuthenticationRequestBuilder(AuthenticationRequestBuilder authenticationRequestBuilder) {
-        this.authenticationRequestBuilder = authenticationRequestBuilder;
-    }
-
-    public OAuthClient getOauthClient() {
-        return oauthClient;
-    }
-
-    public void setOauthClient(OAuthClient oauthClient) {
-        this.oauthClient = oauthClient;
-    }
-
-    public void setOauthClient(Client client) {
-        this.oauthClient = new OAuthClient( new OAuthFeignClient(client));
-    }
-
-    public static class OAuthFeignClient implements HttpClient {
-
-        private Client client;
-
-        public OAuthFeignClient() {
-            this.client = new Client.Default(null, null);
-        }
-
-        public OAuthFeignClient(Client client) {
-            this.client = client;
-        }
-
-        public <T extends OAuthClientResponse> T execute(OAuthClientRequest request, Map<String, String> headers,
-                String requestMethod, Class<T> responseClass)
-                        throws OAuthSystemException, OAuthProblemException {
-
-            RequestTemplate req = new RequestTemplate()
-                    .append(request.getLocationUri())
-                    .method(requestMethod)
-                    .body(request.getBody());
-
-            for (Entry<String, String> entry : headers.entrySet()) {
-                req.header(entry.getKey(), entry.getValue());
-            }
-            Response feignResponse;
-            String body = "";
-            try {
-                feignResponse = client.execute(req.request(), new Options());
-                body = Util.toString(feignResponse.body().asReader());
-            } catch (IOException e) {
-                throw new OAuthSystemException(e);
-            }
-
-            String contentType = null;
-            Collection<String> contentTypeHeader =  feignResponse.headers().get("Content-Type");
-            if(contentTypeHeader != null) {
-                contentType = StringUtil.join(contentTypeHeader.toArray(new String[0]), ";");
-            }
-
-            return OAuthClientResponseFactory.createCustomResponse(
-                    body,
-                    contentType,
-                    feignResponse.status(),
-                    responseClass
-            );
-        }
-
-        public void shutdown() {
-            // Nothing to do here
-        }
-    }
 }

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/auth/OauthClientCredentialsGrant.java

@@ -0,0 +1,39 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class OauthClientCredentialsGrant extends OAuth {
+
+  public OauthClientCredentialsGrant(String authorizationUrl, String tokenUrl, String scopes) {
+    super(authorizationUrl, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenClientCredentialsGrant(scopes);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.application;
+  }
+
+  /**
+   * Configures the client credentials flow
+   *
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String clientId, String clientSecret) {
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

samples/client/petstore/java/feign-no-nullable/src/main/java/org/openapitools/client/auth/OauthPasswordGrant.java

@@ -0,0 +1,48 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class OauthPasswordGrant extends OAuth {
+
+  private String username;
+  private String password;
+
+  public OauthPasswordGrant(String tokenUrl, String scopes) {
+    super(null, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenPasswordGrant(username, password);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.password;
+  }
+
+  /**
+   * Configures Oauth password grant flow
+   * Note: this flow is deprecated.
+   *
+   * @param username
+   * @param password
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String username, String password, String clientId, String clientSecret) {
+    this.username = username;
+    this.password = password;
+    //TODO the clientId and secret are optional according with the RFC
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

samples/client/petstore/java/feign/.openapi-generator/FILES

@@ -28,10 +28,13 @@ src/main/java/org/openapitools/client/api/PetApi.java
 src/main/java/org/openapitools/client/api/StoreApi.java
 src/main/java/org/openapitools/client/api/UserApi.java
 src/main/java/org/openapitools/client/auth/ApiKeyAuth.java
+src/main/java/org/openapitools/client/auth/DefaultApi20Impl.java
 src/main/java/org/openapitools/client/auth/HttpBasicAuth.java
 src/main/java/org/openapitools/client/auth/HttpBearerAuth.java
 src/main/java/org/openapitools/client/auth/OAuth.java
 src/main/java/org/openapitools/client/auth/OAuthFlow.java
+src/main/java/org/openapitools/client/auth/OauthClientCredentialsGrant.java
+src/main/java/org/openapitools/client/auth/OauthPasswordGrant.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesAnyType.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesArray.java
 src/main/java/org/openapitools/client/model/AdditionalPropertiesBoolean.java

samples/client/petstore/java/feign/README.md

@@ -32,6 +32,41 @@ After the client library is installed/deployed, you can use it in your Maven pro
 
 ```
 
+And to use the api you can follow the examples bellow:
+
+```java
+
+    //Set bearer token manually
+    ApiClient apiClient = new ApiClient("petstore_auth_client");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setAccessToken("TOKEN", 10000);
+
+    //Use api key
+    ApiClient apiClient = new ApiClient("api_key", "API KEY");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+
+    //Use http basic authentication
+    ApiClient apiClient = new ApiClient("basicAuth");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setCredentials("username", "password");
+
+    //Oauth password
+    ApiClient apiClient = new ApiClient("oauth_password");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setOauthPassword("username", "password", "client_id", "client_secret");
+    
+    //Oauth client credentials flow
+    ApiClient apiClient = new ApiClient("oauth_client_credentials");
+    apiClient.setBasePath("https://localhost:8243/petstore/1/");
+    apiClient.setClientCredentials("client_id", "client_secret");
+
+    PetApi petApi = apiClient.buildClient(PetApi.class);
+    Pet petById = petApi.getPetById(12345L);
+    
+    System.out.println(petById);
+  }
+```
+
 ## Recommendation
 
 It's recommended to create an instance of `ApiClient` per thread in a multithreaded environment to avoid any potential issues.
@@ -40,4 +75,3 @@ It's recommended to create an instance of `ApiClient` per thread in a multithrea
 
 
 
-

samples/client/petstore/java/feign/build.gradle

@@ -33,8 +33,8 @@ if(hasProperty('target') && target == 'android') {
             targetSdkVersion 25
         }
         compileOptions {
-            sourceCompatibility JavaVersion.VERSION_1_7
+            sourceCompatibility JavaVersion.VERSION_1_8
-            targetCompatibility JavaVersion.VERSION_1_7
+            targetCompatibility JavaVersion.VERSION_1_8
         }
 
         // Rename the aar correctly
@@ -79,8 +79,8 @@ if(hasProperty('target') && target == 'android') {
     apply plugin: 'java'
     apply plugin: 'maven'
 
-    sourceCompatibility = JavaVersion.VERSION_1_7
+    sourceCompatibility = JavaVersion.VERSION_1_8
-    targetCompatibility = JavaVersion.VERSION_1_7
+    targetCompatibility = JavaVersion.VERSION_1_8
 
     install {
         repositories.mavenInstaller {
@@ -103,7 +103,7 @@ ext {
     feign_version = "10.11"
     feign_form_version = "3.8.0"
     junit_version = "4.13.1"
-    oltu_version = "1.0.1"
+    scribejava_version = "8.0.0"
 }
 
 dependencies {
@@ -118,7 +118,8 @@ dependencies {
     implementation "com.fasterxml.jackson.core:jackson-databind:$jackson_databind_version"
     implementation "org.openapitools:jackson-databind-nullable:$jackson_databind_nullable_version"
     implementation "com.github.joschi.jackson:jackson-datatype-threetenbp:$jackson_threetenbp_version"
-    implementation "org.apache.oltu.oauth2:org.apache.oltu.oauth2.client:$oltu_version"
+    implementation "com.brsanthu:migbase64:2.2"
+    implementation "com.github.scribejava:scribejava-core:$scribejava_version"
     implementation "com.brsanthu:migbase64:2.2"
     implementation 'javax.annotation:javax.annotation-api:1.3.2'
     testImplementation "junit:junit:$junit_version"

samples/client/petstore/java/feign/build.sbt

@@ -19,7 +19,7 @@ lazy val root = (project in file(".")).
       "com.fasterxml.jackson.core" % "jackson-databind" % "2.10.3" % "compile",
       "com.fasterxml.jackson.datatype" % "jackson-datatype-joda" % "2.9.10" % "compile",
       "com.github.joschi.jackson" % "jackson-datatype-threetenbp" % "2.9.10" % "compile",
-      "org.apache.oltu.oauth2" % "org.apache.oltu.oauth2.client" % "1.0.1" % "compile",
+      "com.github.scribejava" % "scribejava-core" % "8.0.0" % "compile",
       "com.brsanthu" % "migbase64" % "2.2" % "compile",
       "javax.annotation" % "javax.annotation-api" % "1.3.2" % "compile",
       "junit" % "junit" % "4.13.1" % "test",

samples/client/petstore/java/feign/pom.xml

@@ -154,7 +154,7 @@
                 <version>3.1.1</version>
                 <configuration>
                     <doclint>none</doclint>
-                        <source>1.7</source>
+                    <source>1.8</source>
                 </configuration>
                 <executions>
                     <execution>
@@ -262,15 +262,15 @@
             <artifactId>jackson-databind-nullable</artifactId>
             <version>${jackson-databind-nullable-version}</version>
         </dependency>
-            <dependency>
-                <groupId>com.github.joschi.jackson</groupId>
-                <artifactId>jackson-datatype-threetenbp</artifactId>
-                <version>${jackson-threetenbp-version}</version>
-            </dependency>
         <dependency>
-            <groupId>org.apache.oltu.oauth2</groupId>
+          <groupId>com.github.joschi.jackson</groupId>
-            <artifactId>org.apache.oltu.oauth2.client</artifactId>
+          <artifactId>jackson-datatype-threetenbp</artifactId>
-            <version>${oltu-version}</version>
+          <version>${jackson-threetenbp-version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.github.scribejava</groupId>
+            <artifactId>scribejava-core</artifactId>
+            <version>${scribejava-version}</version>
         </dependency>
         <dependency>
             <groupId>javax.annotation</groupId>
@@ -301,7 +301,7 @@
     </dependencies>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <java.version>1.7</java.version>
+        <java.version>1.8</java.version>
         <maven.compiler.source>${java.version}</maven.compiler.source>
         <maven.compiler.target>${java.version}</maven.compiler.target>
         <swagger-annotations-version>1.5.24</swagger-annotations-version>
@@ -314,6 +314,6 @@
         <javax-annotation-version>1.3.2</javax-annotation-version>
         <junit-version>4.13.1</junit-version>
         <maven-plugin-version>1.0.0</maven-plugin-version>
-        <oltu-version>1.0.1</oltu-version>
+        <scribejava-version>8.0.0</scribejava-version>
     </properties>
 </project>

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/ApiClient.java

@@ -2,9 +2,8 @@ package org.openapitools.client;
 
 import java.util.LinkedHashMap;
 import java.util.Map;
-
+import java.util.logging.Level;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
+import java.util.logging.Logger;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
 
 import org.threeten.bp.*;
 
@@ -25,6 +24,8 @@ import org.openapitools.client.auth.OAuth.AccessTokenListener;
 
 @javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public class ApiClient {
+  private static final Logger log = Logger.getLogger(ApiClient.class.getName());
+
   public interface Api {}
 
   protected ObjectMapper objectMapper;
@@ -44,6 +45,7 @@ public class ApiClient {
   public ApiClient(String[] authNames) {
     this();
     for(String authName : authNames) {
+      log.log(Level.FINE, "Creating authentication {0}", authName);
       RequestInterceptor auth;
       if ("api_key".equals(authName)) {
         auth = new ApiKeyAuth("header", "api_key");
@@ -52,7 +54,7 @@ public class ApiClient {
       } else if ("http_basic_test".equals(authName)) {
         auth = new HttpBasicAuth();
       } else if ("petstore_auth".equals(authName)) {
-        auth = new OAuth(OAuthFlow.implicit, "http://petstore.swagger.io/api/oauth/dialog", "", "write:pets, read:pets");
+        auth = buildOauthRequestInterceptor(OAuthFlow.implicit, "http://petstore.swagger.io/api/oauth/dialog", "", "write:pets, read:pets");
       } else {
         throw new RuntimeException("auth name \"" + authName + "\" not found in available auth names");
       }
@@ -78,34 +80,6 @@ public class ApiClient {
     this.setApiKey(apiKey);
   }
 
-  /**
-   * Helper constructor for single basic auth or password oauth2
-   * @param authName
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String username, String password) {
-    this(authName);
-    this.setCredentials(username,  password);
-  }
-
-  /**
-   * Helper constructor for single password oauth2
-   * @param authName
-   * @param clientId
-   * @param secret
-   * @param username
-   * @param password
-   */
-  public ApiClient(String authName, String clientId, String secret, String username, String password) {
-    this(authName);
-    this.getTokenEndPoint()
-           .setClientId(clientId)
-           .setClientSecret(secret)
-           .setUsername(username)
-           .setPassword(password);
-  }
-
   public String getBasePath() {
     return basePath;
   }
@@ -150,10 +124,25 @@ public class ApiClient {
     return objectMapper;
   }
 
+  private RequestInterceptor buildOauthRequestInterceptor(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+    switch (flow) {
+      case password:
+        return new OauthPasswordGrant(tokenUrl, scopes);
+      case application:
+        return new OauthClientCredentialsGrant(authorizationUrl, tokenUrl, scopes);
+      default:
+        throw new RuntimeException("Oauth flow \"" + flow + "\" is not implemented");
+    }
+  }
+
   public ObjectMapper getObjectMapper(){
     return objectMapper;
   }
 
+  public void setObjectMapper(ObjectMapper objectMapper) {
+        this.objectMapper = objectMapper;
+  }
+
   /**
    * Creates a feign client for given API interface.
    *
@@ -200,19 +189,13 @@ public class ApiClient {
     return contentTypes[0];
   }
 
-
   /**
    * Helper method to configure the bearer token.
    * @param bearerToken the bearer token.
    */
   public void setBearerToken(String bearerToken) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBearerAuth apiAuthorization =  getAuthorization(HttpBearerAuth.class);
-      if (apiAuthorization instanceof HttpBearerAuth) {
+    apiAuthorization.setBearerToken(bearerToken);
-        ((HttpBearerAuth) apiAuthorization).setBearerToken(bearerToken);
-        return;
-      }
-    }
-    throw new RuntimeException("No Bearer authentication configured!");
   }
 
   /**
@@ -220,63 +203,38 @@ public class ApiClient {
    * @param apiKey API key
    */
   public void setApiKey(String apiKey) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    ApiKeyAuth apiAuthorization =  getAuthorization(ApiKeyAuth.class);
-      if (apiAuthorization instanceof ApiKeyAuth) {
+    apiAuthorization.setApiKey(apiKey);
-        ApiKeyAuth keyAuth = (ApiKeyAuth) apiAuthorization;
-        keyAuth.setApiKey(apiKey);
-        return ;
-      }
-    }
-    throw new RuntimeException("No API key authentication configured!");
   }
 
   /**
-   * Helper method to configure the username/password for basic auth or password OAuth
+   * Helper method to configure the username/password for basic auth
    * @param username Username
    * @param password Password
    */
   public void setCredentials(String username, String password) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    HttpBasicAuth apiAuthorization = getAuthorization(HttpBasicAuth.class);
-      if (apiAuthorization instanceof HttpBasicAuth) {
+    apiAuthorization.setCredentials(username, password);
-        HttpBasicAuth basicAuth = (HttpBasicAuth) apiAuthorization;
-        basicAuth.setCredentials(username, password);
-        return;
-      }
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder().setUsername(username).setPassword(password);
-        return;
-      }
-    }
-    throw new RuntimeException("No Basic authentication or OAuth configured!");
   }
 
   /**
-   * Helper method to configure the token endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the client credentials for Oauth 
-   * @return Token request builder
+   * @param username Username
+   * @param password Password
    */
-  public TokenRequestBuilder getTokenEndPoint() {
+  public void setClientCredentials(String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthClientCredentialsGrant authorization = getAuthorization(OauthClientCredentialsGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    authorization.configure(clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getTokenRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
-   * Helper method to configure authorization endpoint of the first oauth found in the apiAuthorizations (there should be only one)
+   * Helper method to configure the username/password for Oauth password grant
-   * @return Authentication request builder
+   * @param username Username
+   * @param password Password
    */
-  public AuthenticationRequestBuilder getAuthorizationEndPoint() {
+  public void setOauthPassword(String username, String password, String clientId, String clientSecret) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OauthPasswordGrant apiAuthorization = getAuthorization(OauthPasswordGrant.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.configure(username, password, clientId, clientSecret);
-        OAuth oauth = (OAuth) apiAuthorization;
-        return oauth.getAuthenticationRequestBuilder();
-      }
-    }
-    return null;
   }
 
   /**
@@ -284,14 +242,9 @@ public class ApiClient {
    * @param accessToken Access Token
    * @param expiresIn Validity period in seconds
    */
-  public void setAccessToken(String accessToken, Long expiresIn) {
+  public void setAccessToken(String accessToken, Integer expiresIn) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.setAccessToken(accessToken, expiresIn);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.setAccessToken(accessToken, expiresIn);
-        return;
-      }
-    }
   }
 
   /**
@@ -301,19 +254,7 @@ public class ApiClient {
    * @param redirectURI Redirect URI
    */
   public void configureAuthorizationFlow(String clientId, String clientSecret, String redirectURI) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    throw new RuntimeException("Not implemented");
-      if (apiAuthorization instanceof OAuth) {
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.getTokenRequestBuilder()
-                .setClientId(clientId)
-                .setClientSecret(clientSecret)
-                .setRedirectURI(redirectURI);
-        oauth.getAuthenticationRequestBuilder()
-                .setClientId(clientId)
-                .setRedirectURI(redirectURI);
-        return;
-      }
-    }
   }
 
   /**
@@ -321,13 +262,8 @@ public class ApiClient {
    * @param accessTokenListener Acesss token listener
    */
   public void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-    for(RequestInterceptor apiAuthorization : apiAuthorizations.values()) {
+    OAuth apiAuthorization = getAuthorization(OAuth.class);
-      if (apiAuthorization instanceof OAuth) {
+    apiAuthorization.registerAccessTokenListener(accessTokenListener);
-        OAuth oauth = (OAuth) apiAuthorization;
-        oauth.registerAccessTokenListener(accessTokenListener);
-        return;
-      }
-    }
   }
 
   /**
@@ -352,4 +288,11 @@ public class ApiClient {
     feignBuilder.requestInterceptor(authorization);
   }
 
+  private <T extends RequestInterceptor> T getAuthorization(Class<T> type) {
+    return (T) apiAuthorizations.values()
+                                .stream()
+                                .filter(requestInterceptor -> type.isAssignableFrom(requestInterceptor.getClass()))
+                                .findFirst()
+                                .orElseThrow(() -> new RuntimeException("No Oauth authentication or OAuth configured!"));
+    }
 }

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/auth/DefaultApi20Impl.java

@@ -0,0 +1,47 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.api.DefaultApi20;
+import com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor;
+import com.github.scribejava.core.extractors.TokenExtractor;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
+import com.github.scribejava.core.oauth2.bearersignature.BearerSignatureURIQueryParameter;
+import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
+import com.github.scribejava.core.oauth2.clientauthentication.RequestBodyAuthenticationScheme;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class DefaultApi20Impl extends DefaultApi20 {
+
+    private final String accessTokenEndpoint;
+    private final String authorizationBaseUrl;
+
+    protected DefaultApi20Impl(String authorizationBaseUrl, String accessTokenEndpoint) {
+        this.authorizationBaseUrl = authorizationBaseUrl;
+        this.accessTokenEndpoint = accessTokenEndpoint;
+    }
+
+    @Override
+    public String getAccessTokenEndpoint() {
+        return accessTokenEndpoint;
+    }
+
+    @Override
+    protected String getAuthorizationBaseUrl() {
+        return authorizationBaseUrl;
+    }
+
+    @Override
+    public BearerSignature getBearerSignature() {
+        return BearerSignatureURIQueryParameter.instance();
+    }
+
+    @Override
+    public ClientAuthentication getClientAuthentication() {
+        return RequestBodyAuthenticationScheme.instance();
+    }
+
+    @Override
+    public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
+        return OAuth2AccessTokenJsonExtractor.instance();
+    }
+}

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/auth/OAuth.java

@@ -1,198 +1,81 @@
 package org.openapitools.client.auth;
 
-import java.io.IOException;
+import com.github.scribejava.core.model.OAuth2AccessToken;
-import java.util.Collection;
+import com.github.scribejava.core.oauth.OAuth20Service;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import org.apache.oltu.oauth2.client.HttpClient;
-import org.apache.oltu.oauth2.client.OAuthClient;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.AuthenticationRequestBuilder;
-import org.apache.oltu.oauth2.client.request.OAuthClientRequest.TokenRequestBuilder;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponse;
-import org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory;
-import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
-import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
-import org.apache.oltu.oauth2.common.message.types.GrantType;
-import org.apache.oltu.oauth2.common.token.BasicOAuthToken;
-
-import feign.Client;
 import feign.Request.HttpMethod;
-import feign.Request.Options;
 import feign.RequestInterceptor;
 import feign.RequestTemplate;
-import feign.Response;
 import feign.RetryableException;
-import feign.Util;
-import org.openapitools.client.StringUtil;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public abstract class OAuth implements RequestInterceptor {
 
-public class OAuth implements RequestInterceptor {
+  static final int MILLIS_PER_SECOND = 1000;
 
-    static final int MILLIS_PER_SECOND = 1000;
+  public interface AccessTokenListener {
+    void notify(OAuth2AccessToken token);
+  }
 
-    public interface AccessTokenListener {
+  private volatile String accessToken;
-        void notify(BasicOAuthToken token);
+  private Long expirationTimeMillis;
+  private AccessTokenListener accessTokenListener;
+
+  protected OAuth20Service service;
+  protected String scopes;
+  protected String authorizationUrl;
+  protected String tokenUrl;
+
+  public OAuth(String authorizationUrl, String tokenUrl, String scopes) {
+    this.scopes = scopes;
+    this.authorizationUrl = authorizationUrl;
+    this.tokenUrl = tokenUrl;
+  }
+
+  @Override
+  public void apply(RequestTemplate template) {
+    // If the request already have an authorization (eg. Basic auth), do nothing
+    if (template.headers().containsKey("Authorization")) {
+      return;
     }
-
+    // If first time, get the token
-    private volatile String accessToken;
+    if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-    private Long expirationTimeMillis;
+      updateAccessToken(template);
-    private OAuthClient oauthClient;
-    private TokenRequestBuilder tokenRequestBuilder;
-    private AuthenticationRequestBuilder authenticationRequestBuilder;
-    private AccessTokenListener accessTokenListener;
-
-    public OAuth(Client client, TokenRequestBuilder requestBuilder) {
-        this.oauthClient = new OAuthClient(new OAuthFeignClient(client));
-        this.tokenRequestBuilder = requestBuilder;
     }
-
+    if (getAccessToken() != null) {
-    public OAuth(Client client, OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+      template.header("Authorization", "Bearer " + getAccessToken());
-        this(client, OAuthClientRequest.tokenLocation(tokenUrl).setScope(scopes));
-
-        switch(flow) {
-        case accessCode:
-        case implicit:
-            tokenRequestBuilder.setGrantType(GrantType.AUTHORIZATION_CODE);
-            break;
-        case password:
-            tokenRequestBuilder.setGrantType(GrantType.PASSWORD);
-            break;
-        case application:
-            tokenRequestBuilder.setGrantType(GrantType.CLIENT_CREDENTIALS);
-            break;
-        default:
-            break;
-        }
-        authenticationRequestBuilder = OAuthClientRequest.authorizationLocation(authorizationUrl);
     }
+  }
 
-    public OAuth(OAuthFlow flow, String authorizationUrl, String tokenUrl, String scopes) {
+  private synchronized void updateAccessToken(RequestTemplate template) {
-        this(new Client.Default(null, null), flow, authorizationUrl, tokenUrl, scopes);
+    OAuth2AccessToken accessTokenResponse;
+    try {
+      accessTokenResponse = getOAuth2AccessToken();
+    } catch (Exception e) {
+      throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
     }
-
+    if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-    @Override
+      setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-    public void apply(RequestTemplate template) {
+      if (accessTokenListener != null) {
-        // If the request already have an authorization (eg. Basic auth), do nothing
+        accessTokenListener.notify(accessTokenResponse);
-        if (template.headers().containsKey("Authorization")) {
+      }
-            return;
-        }
-        // If first time, get the token
-        if (expirationTimeMillis == null || System.currentTimeMillis() >= expirationTimeMillis) {
-            updateAccessToken(template);
-        }
-        if (getAccessToken() != null) {
-            template.header("Authorization", "Bearer " + getAccessToken());
-        }
     }
+  }
 
-    public synchronized void updateAccessToken(RequestTemplate template) {
+  abstract OAuth2AccessToken getOAuth2AccessToken();
-        OAuthJSONAccessTokenResponse accessTokenResponse;
-        try {
-            accessTokenResponse = oauthClient.accessToken(tokenRequestBuilder.buildBodyMessage());
-        } catch (Exception e) {
-            throw new RetryableException(0, e.getMessage(), HttpMethod.POST, e, null, template.request());
-        }
-        if (accessTokenResponse != null && accessTokenResponse.getAccessToken() != null) {
-            setAccessToken(accessTokenResponse.getAccessToken(), accessTokenResponse.getExpiresIn());
-            if (accessTokenListener != null) {
-                accessTokenListener.notify((BasicOAuthToken) accessTokenResponse.getOAuthToken());
-            }
-        }
-    }
 
-    public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
+  abstract OAuthFlow getFlow();
-        this.accessTokenListener = accessTokenListener;
-    }
 
-    public synchronized String getAccessToken() {
+  public synchronized void registerAccessTokenListener(AccessTokenListener accessTokenListener) {
-        return accessToken;
+    this.accessTokenListener = accessTokenListener;
-    }
+  }
 
-    public synchronized void setAccessToken(String accessToken, Long expiresIn) {
+  public synchronized String getAccessToken() {
-        this.accessToken = accessToken;
+    return accessToken;
-        this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
-    }
 
-    public TokenRequestBuilder getTokenRequestBuilder() {
+  public synchronized void setAccessToken(String accessToken, Integer expiresIn) {
-        return tokenRequestBuilder;
+    this.accessToken = accessToken;
-    }
+    this.expirationTimeMillis = expiresIn == null ? null : System.currentTimeMillis() + expiresIn * MILLIS_PER_SECOND;
+  }
 
-    public void setTokenRequestBuilder(TokenRequestBuilder tokenRequestBuilder) {
-        this.tokenRequestBuilder = tokenRequestBuilder;
-    }
-
-    public AuthenticationRequestBuilder getAuthenticationRequestBuilder() {
-        return authenticationRequestBuilder;
-    }
-
-    public void setAuthenticationRequestBuilder(AuthenticationRequestBuilder authenticationRequestBuilder) {
-        this.authenticationRequestBuilder = authenticationRequestBuilder;
-    }
-
-    public OAuthClient getOauthClient() {
-        return oauthClient;
-    }
-
-    public void setOauthClient(OAuthClient oauthClient) {
-        this.oauthClient = oauthClient;
-    }
-
-    public void setOauthClient(Client client) {
-        this.oauthClient = new OAuthClient( new OAuthFeignClient(client));
-    }
-
-    public static class OAuthFeignClient implements HttpClient {
-
-        private Client client;
-
-        public OAuthFeignClient() {
-            this.client = new Client.Default(null, null);
-        }
-
-        public OAuthFeignClient(Client client) {
-            this.client = client;
-        }
-
-        public <T extends OAuthClientResponse> T execute(OAuthClientRequest request, Map<String, String> headers,
-                String requestMethod, Class<T> responseClass)
-                        throws OAuthSystemException, OAuthProblemException {
-
-            RequestTemplate req = new RequestTemplate()
-                    .append(request.getLocationUri())
-                    .method(requestMethod)
-                    .body(request.getBody());
-
-            for (Entry<String, String> entry : headers.entrySet()) {
-                req.header(entry.getKey(), entry.getValue());
-            }
-            Response feignResponse;
-            String body = "";
-            try {
-                feignResponse = client.execute(req.request(), new Options());
-                body = Util.toString(feignResponse.body().asReader());
-            } catch (IOException e) {
-                throw new OAuthSystemException(e);
-            }
-
-            String contentType = null;
-            Collection<String> contentTypeHeader =  feignResponse.headers().get("Content-Type");
-            if(contentTypeHeader != null) {
-                contentType = StringUtil.join(contentTypeHeader.toArray(new String[0]), ";");
-            }
-
-            return OAuthClientResponseFactory.createCustomResponse(
-                    body,
-                    contentType,
-                    feignResponse.status(),
-                    responseClass
-            );
-        }
-
-        public void shutdown() {
-            // Nothing to do here
-        }
-    }
 }

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/auth/OauthClientCredentialsGrant.java

@@ -0,0 +1,39 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class OauthClientCredentialsGrant extends OAuth {
+
+  public OauthClientCredentialsGrant(String authorizationUrl, String tokenUrl, String scopes) {
+    super(authorizationUrl, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenClientCredentialsGrant(scopes);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.application;
+  }
+
+  /**
+   * Configures the client credentials flow
+   *
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String clientId, String clientSecret) {
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

samples/client/petstore/java/feign/src/main/java/org/openapitools/client/auth/OauthPasswordGrant.java

@@ -0,0 +1,48 @@
+package org.openapitools.client.auth;
+
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth2AccessToken;
+
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
+public class OauthPasswordGrant extends OAuth {
+
+  private String username;
+  private String password;
+
+  public OauthPasswordGrant(String tokenUrl, String scopes) {
+    super(null, tokenUrl, scopes);
+  }
+
+  @Override
+  protected OAuth2AccessToken getOAuth2AccessToken() {
+    try {
+      return service.getAccessTokenPasswordGrant(username, password);
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to get oauth token", e);
+    }
+  }
+
+  @Override
+  protected OAuthFlow getFlow() {
+    return OAuthFlow.password;
+  }
+
+  /**
+   * Configures Oauth password grant flow
+   * Note: this flow is deprecated.
+   *
+   * @param username
+   * @param password
+   * @param clientId
+   * @param clientSecret
+   */
+  public void configure(String username, String password, String clientId, String clientSecret) {
+    this.username = username;
+    this.password = password;
+    //TODO the clientId and secret are optional according with the RFC
+    service = new ServiceBuilder(clientId)
+            .apiSecret(clientSecret)
+            .defaultScope(scopes)
+            .build(new DefaultApi20Impl(authorizationUrl, tokenUrl));
+  }
+}

samples/client/petstore/java/jersey1/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/okhttp-gson-dynamicOperations/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/okhttp-gson-parcelableModel/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/okhttp-gson/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/resteasy/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/retrofit2/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/retrofit2rx2/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }

samples/client/petstore/java/retrofit2rx3/src/main/java/org/openapitools/client/auth/OAuthFlow.java

@@ -13,6 +13,10 @@
 
 package org.openapitools.client.auth;
 
+@javax.annotation.Generated(value = "org.openapitools.codegen.languages.JavaClientCodegen")
 public enum OAuthFlow {
-    accessCode, implicit, password, application
+    accessCode, //called authorizationCode  in OpenAPI 3.0
+    implicit, 
+    password,
+    application //called clientCredentials in OpenAPI 3.0
 }