fix(saas): apply new operate config (#2402)

* fix(saas): apply new operate config * lint * rm old test * add new test (cherry picked from commit 1cab815)
camunda · May 2, 2024 · 87748be · 87748be
1 parent 7a1b425
commit 87748be
Show file tree

Hide file tree

Showing 3 changed files with 36 additions and 42 deletions.
diff --git a/...saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java b/...saas-bundle/src/main/java/io/camunda/connector/runtime/saas/SaaSOperateClientFactory.java
@@ -16,66 +16,61 @@
  */
 package io.camunda.connector.runtime.saas;
 
-import io.camunda.common.auth.Authentication;
+import io.camunda.common.auth.JwtConfig;
+import io.camunda.common.auth.JwtCredential;
+import io.camunda.common.auth.Product;
+import io.camunda.common.auth.SaaSAuthenticationBuilder;
+import io.camunda.common.json.JsonMapper;
 import io.camunda.connector.api.secret.SecretProvider;
 import io.camunda.operate.CamundaOperateClient;
 import io.camunda.zeebe.spring.client.properties.OperateClientConfigurationProperties;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.beans.factory.config.BeanPostProcessor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 
 @Configuration
 public class SaaSOperateClientFactory {
 
-  private static final Logger LOG = LoggerFactory.getLogger(SaaSOperateClientFactory.class);
   public static String SECRET_NAME_CLIENT_ID = "M2MClientId";
   public static String SECRET_NAME_SECRET = "M2MSecret";
 
   private final SecretProvider internalSecretProvider;
+  private final OperateClientConfigurationProperties operateProperties;
 
   @Value("${camunda.operate.client.url}")
   private String operateUrl;
 
-  public SaaSOperateClientFactory(@Autowired SaaSConfiguration saaSConfiguration) {
+  public SaaSOperateClientFactory(
+      @Autowired SaaSConfiguration saaSConfiguration,
+      @Autowired OperateClientConfigurationProperties operateProperties) {
     this.internalSecretProvider = saaSConfiguration.getInternalSecretProvider();
-  }
-
-  @Bean
-  public OperatePropertiesPostProcessor operatePropertiesPostProcessor() {
-    return new OperatePropertiesPostProcessor();
+    this.operateProperties = operateProperties;
   }
 
   @Bean
   @Primary
-  public CamundaOperateClient camundaOperateClientBundle(Authentication authentication) {
+  public CamundaOperateClient camundaOperateClientBundle(JsonMapper jsonMapper) {
+
+    var jwtConfig = new JwtConfig();
+    jwtConfig.addProduct(Product.OPERATE, configureJwtCredential());
+
+    var authentication =
+        new SaaSAuthenticationBuilder().withJwtConfig(jwtConfig).withJsonMapper(jsonMapper).build();
+
     return CamundaOperateClient.builder()
         .operateUrl(operateUrl)
         .authentication(authentication)
         .setup()
         .build();
   }
 
-  public class OperatePropertiesPostProcessor implements BeanPostProcessor {
-
-    public OperatePropertiesPostProcessor() {
-      LOG.info("OperatePropertiesPostProcessor created");
-    }
-
-    @Override
-    public Object postProcessBeforeInitialization(Object bean, String beanName) {
-      if (bean instanceof OperateClientConfigurationProperties operateProperties) {
-        String operateClientId = internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID);
-        String operateClientSecret = internalSecretProvider.getSecret(SECRET_NAME_SECRET);
-        operateProperties.setClientId(operateClientId);
-        operateProperties.setClientSecret(operateClientSecret);
-        return operateProperties;
-      }
-      return bean;
-    }
+  JwtCredential configureJwtCredential() {
+    return new JwtCredential(
+        internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID),
+        internalSecretProvider.getSecret(SECRET_NAME_SECRET),
+        operateProperties.getBaseUrl(),
+        operateProperties.getAuthUrl());
   }
 }
diff --git a/bundle/camunda-saas-bundle/src/main/resources/application.properties b/bundle/camunda-saas-bundle/src/main/resources/application.properties
@@ -16,13 +16,14 @@ camunda.connector.secret-provider.console.enabled=false
 zeebe.client.worker.threads=10
 zeebe.client.worker.max-jobs-active=32
 
-# Enforce local connection, even if cluster-id set (for Operate Auth)
+# Enforce local connection, even if cluster-id set
 zeebe.client.connection-mode=ADDRESS
+camunda.client.mode=simple
 
 connectors.log.appender=stackdriver
 
 # For specifying the size of inbound connectors activity log
 camunda.connector.inbound.log.size=10
 
 # Disabling the default Operate client, we are configuring our own
-camunda.operate.client.enabled=false
+camunda.client.operate.enabled=false
diff --git a/...saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java b/...saas-bundle/src/test/java/io/camunda/connector/runtime/saas/TestSpringContextStartup.java
@@ -16,9 +16,8 @@
  */
 package io.camunda.connector.runtime.saas;
 
-import static org.assertj.core.api.Assertions.assertThat;
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
 
-import io.camunda.zeebe.spring.client.properties.OperateClientConfigurationProperties;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.context.SpringBootTest;
@@ -39,7 +38,7 @@
 @ActiveProfiles("test")
 public class TestSpringContextStartup {
 
-  @Autowired private OperateClientConfigurationProperties operateProperties;
+  @Autowired private SaaSOperateClientFactory operateClientFactory;
 
   @Test
   public void contextLoaded() {
@@ -50,15 +49,14 @@ public void contextLoaded() {
   }
 
   @Test
-  public void operatePropertiesAreSet() {
-    assertThat(operateProperties.getUrl()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_URL);
-    assertThat(operateProperties.getAuthUrl())
-        .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_AUTH_URL);
-    assertThat(operateProperties.getBaseUrl())
-        .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_BASEURL);
-    assertThat(operateProperties.getClientId())
+  public void jwtCredentialConfigured() {
+    var jwtCredential = operateClientFactory.configureJwtCredential();
+    assertThat(jwtCredential).isNotNull();
+    assertThat(jwtCredential.getClientId())
         .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_CLIENT_ID);
-    assertThat(operateProperties.getClientSecret())
+    assertThat(jwtCredential.getClientSecret())
         .isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_SECRET);
+    assertThat(jwtCredential.getAudience()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_BASEURL);
+    assertThat(jwtCredential.getAuthUrl()).isEqualTo(MockSaaSConfiguration.OPERATE_CLIENT_AUTH_URL);
   }
 }