From 1cab81599068e5863770f1e54b17985fcb9f215a Mon Sep 17 00:00:00 2001 From: Pavel Kotelevsky <38818382+chillleader@users.noreply.github.com> Date: Thu, 2 May 2024 13:26:04 +0200 Subject: [PATCH] fix(saas): apply new operate config (#2402) * fix(saas): apply new operate config * lint * rm old test * add new test --- .../saas/SaaSOperateClientFactory.java | 53 +++++++++---------- .../src/main/resources/application.properties | 5 +- .../saas/TestSpringContextStartup.java | 20 ++++--- 3 files changed, 36 insertions(+), 42 deletions(-) diff --git a/bundle/camunda-saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java b/bundle/camunda-saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java index fccb3ff659..fd46a00fee 100644 --- a/bundle/camunda-saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java +++ b/bundle/camunda-saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java @@ -16,15 +16,16 @@ */ package io.camunda.connector.runtime.saas; -import io.camunda.common.auth.Authentication; +import io.camunda.common.auth.JwtConfig; +import io.camunda.common.auth.JwtCredential; +import io.camunda.common.auth.Product; +import io.camunda.common.auth.SaaSAuthenticationBuilder; +import io.camunda.common.json.JsonMapper; import io.camunda.connector.api.secret.SecretProvider; import io.camunda.operate.CamundaOperateClient; import io.camunda.zeebe.spring.client.properties.OperateClientConfigurationProperties; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.beans.factory.config.BeanPostProcessor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Primary; @@ -32,27 +33,32 @@ @Configuration public class SaaSOperateClientFactory { - private static final Logger LOG = LoggerFactory.getLogger(SaaSOperateClientFactory.class); public static String SECRET_NAME_CLIENT_ID = "M2MClientId"; public static String SECRET_NAME_SECRET = "M2MSecret"; private final SecretProvider internalSecretProvider; + private final OperateClientConfigurationProperties operateProperties; @Value("${camunda.operate.client.url}") private String operateUrl; - public SaaSOperateClientFactory(@Autowired SaaSConfiguration saaSConfiguration) { + public SaaSOperateClientFactory( + @Autowired SaaSConfiguration saaSConfiguration, + @Autowired OperateClientConfigurationProperties operateProperties) { this.internalSecretProvider = saaSConfiguration.getInternalSecretProvider(); - } - - @Bean - public OperatePropertiesPostProcessor operatePropertiesPostProcessor() { - return new OperatePropertiesPostProcessor(); + this.operateProperties = operateProperties; } @Bean @Primary - public CamundaOperateClient camundaOperateClientBundle(Authentication authentication) { + public CamundaOperateClient camundaOperateClientBundle(JsonMapper jsonMapper) { + + var jwtConfig = new JwtConfig(); + jwtConfig.addProduct(Product.OPERATE, configureJwtCredential()); + + var authentication = + new SaaSAuthenticationBuilder().withJwtConfig(jwtConfig).withJsonMapper(jsonMapper).build(); + return CamundaOperateClient.builder() .operateUrl(operateUrl) .authentication(authentication) @@ -60,22 +66,11 @@ public CamundaOperateClient camundaOperateClientBundle(Authentication authentica .build(); } - public class OperatePropertiesPostProcessor implements BeanPostProcessor { - - public OperatePropertiesPostProcessor() { - LOG.info("OperatePropertiesPostProcessor created"); - } - - @Override - public Object postProcessBeforeInitialization(Object bean, String beanName) { - if (bean instanceof OperateClientConfigurationProperties operateProperties) { - String operateClientId = internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID); - String operateClientSecret = internalSecretProvider.getSecret(SECRET_NAME_SECRET); - operateProperties.setClientId(operateClientId); - operateProperties.setClientSecret(operateClientSecret); - return operateProperties; - } - return bean; - } + JwtCredential configureJwtCredential() { + return new JwtCredential( + internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID), + internalSecretProvider.getSecret(SECRET_NAME_SECRET), + operateProperties.getBaseUrl(), + operateProperties.getAuthUrl()); } } diff --git a/bundle/camunda-saas-bundle/src/main/resources/application.properties b/bundle/camunda-saas-bundle/src/main/resources/application.properties index 51614c62dc..b39a529172 100644 --- a/bundle/camunda-saas-bundle/src/main/resources/application.properties +++ b/bundle/camunda-saas-bundle/src/main/resources/application.properties @@ -16,8 +16,9 @@ camunda.connector.secret-provider.console.enabled=false zeebe.client.worker.threads=10 zeebe.client.worker.max-jobs-active=32 -# Enforce local connection, even if cluster-id set (for Operate Auth) +# Enforce local connection, even if cluster-id set zeebe.client.connection-mode=ADDRESS +camunda.client.mode=simple connectors.log.appender=stackdriver @@ -25,4 +26,4 @@ connectors.log.appender=stackdriver camunda.connector.inbound.log.size=10 # Disabling the default Operate client, we are configuring our own -camunda.operate.client.enabled=false +camunda.client.operate.enabled=false diff --git a/bundle/camunda-saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java b/bundle/camunda-saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java index 2862ce5478..a8e8812799 100644 --- a/bundle/camunda-saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java +++ b/bundle/camunda-saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java @@ -16,9 +16,8 @@ */ package io.camunda.connector.runtime.saas; -import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.AssertionsForClassTypes.assertThat; -import io.camunda.zeebe.spring.client.properties.OperateClientConfigurationProperties; import org.junit.jupiter.api.Test; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.context.SpringBootTest; @@ -39,7 +38,7 @@ @ActiveProfiles("test") public class TestSpringContextStartup { - @Autowired private OperateClientConfigurationProperties operateProperties; + @Autowired private SaaSOperateClientFactory operateClientFactory; @Test public void contextLoaded() { @@ -50,15 +49,14 @@ public void contextLoaded() { } @Test - public void operatePropertiesAreSet() { - assertThat(operateProperties.getUrl()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_URL); - assertThat(operateProperties.getAuthUrl()) - .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_AUTH_URL); - assertThat(operateProperties.getBaseUrl()) - .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_BASEURL); - assertThat(operateProperties.getClientId()) + public void jwtCredentialConfigured() { + var jwtCredential = operateClientFactory.configureJwtCredential(); + assertThat(jwtCredential).isNotNull(); + assertThat(jwtCredential.getClientId()) .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_CLIENT_ID); - assertThat(operateProperties.getClientSecret()) + assertThat(jwtCredential.getClientSecret()) .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_SECRET); + assertThat(jwtCredential.getAudience()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_BASEURL); + assertThat(jwtCredential.getAuthUrl()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_AUTH_URL); } }