Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[GOBBLIN-813] Make SFDC connector support encrypted Salesforce client id and client secret
 #2677

Closed
wants to merge 1 commit into from
Closed

[GOBBLIN-813] Make SFDC connector support encrypted Salesforce client id and client secret
 #2677

wants to merge 1 commit into from

Conversation

haojiwu
Copy link

@haojiwu haojiwu commented Jun 24, 2019

When reading client id and client secret from state properties,
SalesforceConnector will use PasswordManager.readPassword() to decrypt
it.
readPassword() will check value to see if it is in encrypted pattern.
If not, the original value will be returned.
Therefore this changes can be backward compatible.

Dear Gobblin maintainers,

Please accept this PR. I understand that it will not be reviewed until I have checked off all the steps below!

JIRA

Description

  • Here are some details about my PR, including screenshots (if applicable):

Tests

  • My PR adds the following unit tests OR does not need testing for this extremely good reason:

Commits

  • My commits all reference JIRA issues in their subject lines, and I have squashed multiple commits if they address the same issue. In addition, my commits follow the guidelines from "How to write a good git commit message":
    1. Subject is separated from body by a blank line
    2. Subject is limited to 50 characters
    3. Subject does not end with a period
    4. Subject uses the imperative mood ("add", not "adding")
    5. Body wraps at 72 characters
    6. Body explains "what" and "why", not "how"

yukuai518
yukuai518 suggested changes Jun 25, 2019
View reviewed changes
gobblin-salesforce/src/main/java/org/apache/gobblin/salesforce/SalesforceConnector.java Outdated
@@ -64,8 +64,10 @@ public SalesforceConnector(State state) {
@Override
public HttpEntity getAuthentication() throws RestApiConnectionException {
log.debug("Authenticating salesforce");
String clientId = this.state.getProp(ConfigurationKeys.SOURCE_CONN_CLIENT_ID);
String clientSecret = this.state.getProp(ConfigurationKeys.SOURCE_CONN_CLIENT_SECRET);
String clientId = PasswordManager.getInstance(this.state)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we have this decryption logic configurable? So that not all the case we need this decyption. Today BDE team is also relying on this code base.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Considering to reuse the same returned variable from PasswordManager.getInstance(this.state)

yukuai518
yukuai518 suggested changes Jun 25, 2019
View reviewed changes
gobblin-salesforce/src/main/java/org/apache/gobblin/salesforce/SalesforceConnector.java Outdated
@@ -64,8 +64,10 @@ public SalesforceConnector(State state) {
@Override
public HttpEntity getAuthentication() throws RestApiConnectionException {
log.debug("Authenticating salesforce");
String clientId = this.state.getProp(ConfigurationKeys.SOURCE_CONN_CLIENT_ID);
String clientSecret = this.state.getProp(ConfigurationKeys.SOURCE_CONN_CLIENT_SECRET);
String clientId = PasswordManager.getInstance(this.state)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Considering to reuse the same returned variable from PasswordManager.getInstance(this.state)

@haojiwu haojiwu changed the title Support encrypted Salesforce client id and client secret [GOBBLIN-813] Support encrypted Salesforce client id and client secret Jun 25, 2019
@haojiwu haojiwu force-pushed the support_encrypted_salesforce_client_id_secret branch from b911005 to 22fc2c3 Compare June 25, 2019 00:50
@haojiwu haojiwu changed the title [GOBBLIN-813] Support encrypted Salesforce client id and client secret [GOBBLIN-813] Make SFDC connector support encrypted Salesforce client id and client secret
 Jun 25, 2019
@howu
[GOBBLIN-813] Make SFDC connector support encrypted Salesforce client…
5e4c27b 
… id and client secret

When reading client id and client secret from state properties,
SalesforceConnector will use PasswordManager.readPassword() to decrypt
it.
This feature is controlled by source.conn.decrypt.client.id.secret and default is disabled
@haojiwu haojiwu force-pushed the support_encrypted_salesforce_client_id_secret branch from 22fc2c3 to 5e4c27b Compare June 25, 2019 00:56
@yukuai518
Copy link
Contributor

+1 LGTM

htran1
htran1 approved these changes Jun 25, 2019
View reviewed changes
Copy link
Contributor

@htran1 htran1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@asfgit asfgit closed this in a1893ba Jun 25, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yukuai518 yukuai518 yukuai518 requested changes

@htran1 htran1 htran1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@haojiwu @yukuai518 @htran1 @howu