use json creds and non empty list

project/Dependencies.scala

@@ -7,7 +7,7 @@ object Dependencies {
   val scalaLoggingV = "3.5.0"
   val scalaTestV    = "3.0.1"
 
-  val workbenchUtilV   = "0.3-cbf4c08-SNAP"
+  val workbenchUtilV   = "0.3-02330fe-SNAP"
   val workbenchModelV  = "0.11-f2a0020"
   val workbenchGoogleV = "0.16-f2a0020"
   val workbenchNotificationsV = "0.1-f2a0020"

src/main/scala/org/broadinstitute/dsde/workbench/sam/Boot.scala

@@ -12,9 +12,10 @@ import com.unboundid.ldap.sdk.{LDAPConnection, LDAPConnectionPool}
 import javax.net.SocketFactory
 import javax.net.ssl.SSLContext
 
+import cats.data.NonEmptyList
 import net.ceedubs.ficus.Ficus._
 import org.broadinstitute.dsde.workbench.dataaccess.PubSubNotificationDAO
-import org.broadinstitute.dsde.workbench.google.GoogleCredentialModes.Pem
+import org.broadinstitute.dsde.workbench.google.GoogleCredentialModes.{Json, Pem}
 import org.broadinstitute.dsde.workbench.google.{GoogleDirectoryDAO, HttpGoogleDirectoryDAO, HttpGoogleIamDAO, HttpGoogleProjectDAO, HttpGooglePubSubDAO, HttpGoogleStorageDAO}
 import org.broadinstitute.dsde.workbench.model.{WorkbenchEmail, WorkbenchException}
 import org.broadinstitute.dsde.workbench.sam.api.{SamRoutes, StandardUserInfoDirectives}
@@ -66,12 +67,11 @@ object Boot extends App with LazyLogging {
       case Some(googleServicesConfig) =>
         val petServiceAccountConfig = config.as[PetServiceAccountConfig]("petServiceAccount")
 
-        val googleDirDaos = (if (googleServicesConfig.adminSdkServiceAccounts.isEmpty) {
-          Seq(ServiceAccountConfig(googleServicesConfig.pemFile, googleServicesConfig.serviceAccountClientId))
-        } else {
-          googleServicesConfig.adminSdkServiceAccounts
-        }).map { serviceAccountConfig =>
-          new HttpGoogleDirectoryDAO(googleServicesConfig.appName, Pem(WorkbenchEmail(serviceAccountConfig.serviceAccountClientId), new File(serviceAccountConfig.pemFile), Option(googleServicesConfig.subEmail)), "google")
+        val googleDirDaos = (googleServicesConfig.adminSdkServiceAccounts match {
+          case None => NonEmptyList.one(Pem(WorkbenchEmail(googleServicesConfig.serviceAccountClientId), new File(googleServicesConfig.pemFile), Option(googleServicesConfig.subEmail)))
+          case Some(accounts) => accounts.map(account => Json(account.json))
+        }).map { credentials =>
+          new HttpGoogleDirectoryDAO(googleServicesConfig.appName, credentials, "google")
         }
 
         val googleDirectoryDAO = DelegatePool[GoogleDirectoryDAO](googleDirDaos)

src/main/scala/org/broadinstitute/dsde/workbench/sam/config/GoogleServicesConfig.scala

@@ -1,5 +1,6 @@
 package org.broadinstitute.dsde.workbench.sam.config
 
+import cats.data.NonEmptyList
 import org.broadinstitute.dsde.workbench.model.WorkbenchEmail
 import org.broadinstitute.dsde.workbench.model.google.GoogleProject
 
@@ -29,7 +30,7 @@ case class GoogleServicesConfig(appName: String,
                                 notificationTopic: String,
                                 googleKeyCacheConfig: GoogleKeyCacheConfig,
                                 resourceNamePrefix: Option[String],
-                                adminSdkServiceAccounts: Seq[ServiceAccountConfig]
+                                adminSdkServiceAccounts: Option[NonEmptyList[ServiceAccountConfig]]
                                )
 
-case class ServiceAccountConfig(pemFile: String, serviceAccountClientId: String)
+case class ServiceAccountConfig(json: String)

src/main/scala/org/broadinstitute/dsde/workbench/sam/config/package.scala

@@ -1,5 +1,6 @@
 package org.broadinstitute.dsde.workbench.sam
 
+import cats.data.NonEmptyList
 import com.google.api.client.json.jackson2.JacksonFactory
 import com.typesafe.config.ConfigException.WrongType
 import com.typesafe.config._
@@ -96,7 +97,17 @@ package object config {
   val jsonFactory = JacksonFactory.getDefaultInstance
 
   implicit val serviceAccountConfigReader: ValueReader[ServiceAccountConfig] = ValueReader.relative { config =>
-    ServiceAccountConfig(config.getString("pathToPem"), config.getString("serviceAccountClientId"))
+    ServiceAccountConfig(config.root().render(ConfigRenderOptions.concise))
+  }
+
+  implicit def nonEmptyListReader[A](implicit valueReader: ValueReader[List[A]]): ValueReader[Option[NonEmptyList[A]]] = new ValueReader[Option[NonEmptyList[A]]] {
+    def read(config: Config, path: String): Option[NonEmptyList[A]] = {
+      if (config.hasPath(path)) {
+        NonEmptyList.fromList(valueReader.read(config, path))
+      } else {
+        None
+      }
+    }
   }
 
   implicit val googleServicesConfigReader: ValueReader[GoogleServicesConfig] = ValueReader.relative { config =>
@@ -122,7 +133,7 @@ package object config {
       config.getString("notifications.topicName"),
       config.as[GoogleKeyCacheConfig]("googleKeyCache"),
       config.as[Option[String]]("resourceNamePrefix"),
-      config.as[Option[Seq[ServiceAccountConfig]]]("adminSdkServiceAccounts").getOrElse(Seq.empty)
+      config.as[Option[NonEmptyList[ServiceAccountConfig]]]("adminSdkServiceAccounts")
     )
   }
 

src/test/scala/org/broadinstitute/dsde/workbench/sam/config/NonEmptyListConfigSpec.scala

@@ -0,0 +1,27 @@
+package org.broadinstitute.dsde.workbench.sam.config
+
+import cats.data.NonEmptyList
+import org.scalatest.{FlatSpec, Matchers}
+import com.typesafe.config._
+import net.ceedubs.ficus.Ficus._
+
+class NonEmptyListConfigReaderSpec extends FlatSpec with Matchers {
+  "NonEmptyListConfigReader" should "read missing list" in {
+    val c = ConfigFactory.empty()
+    val test = c.as[Option[NonEmptyList[String]]]("test")
+    test should equal(None)
+  }
+
+  it should "read empty list" in {
+    val c = ConfigFactory.parseString("test = []")
+    val test = c.as[Option[NonEmptyList[String]]]("test")
+    test should equal(None)
+  }
+
+  it should "read non empty list" in {
+    val c = ConfigFactory.parseString("test = [foo, bar]")
+    val test = c.as[Option[NonEmptyList[String]]]("test")
+    test should equal(Some(NonEmptyList.of("foo", "bar")))
+  }
+
+}