I have been reading about Retrofit and I have reached the point of the Headers and I don't know if I have understood them very well. In the course that I am doing, it uses them to establish an authentication with a user created in the backend and a database and it does it in two different ways:
private WebServiceBA() {
loggingInterceptor = new HttpLoggingInterceptor();
loggingInterceptor.level(HttpLoggingInterceptor.Level.BODY);
httpClientBuilder = new OkHttpClient.Builder().addInterceptor(loggingInterceptor);
httpClientBuilder.addInterceptor(chain -> {
Request original = chain.request();
Request.Builder requestBuild = original
.newBuilder()
.addHeader("Authorization", AUTH_USER)
.method(original.method(), original.body());
Request request = requestBuild.build();
return chain.proceed(request);
});
retrofit = new Retrofit.Builder()
.baseUrl(BASE_URL_BA)
.client(httpClientBuilder.build())
.addConverterFactory(GsonConverterFactory.create())
.build();
}
In this first form I understand that you are passing the Header through code but I don't understand the .method(original.method(), original.body());. And in this one you are passing it through the Retrofit call itself:
@GET("/todos_profesores_admin")
Call<List<ProfesorBA>> listAllProfesorAdmin(@Header("Authorization") String authHeader);
I don't understand if the "Authorization" thing is something that should be like that since it's in the backend or it's a way to call it in the code.
I suppose that by doing it in the call, in this case we have more freedom since we pass the users that we want, but what other things can we send through the Header of a Retrofit call or how far does its usefulness extend? Thank you very much.
This is how retrofit dynamically generates Headers. That value of "
Authorization" will be used by the backend for its security process.