camunda · chillleader · May 2, 2024 · May 2, 2024 · May 2, 2024 · May 2, 2024
@@ -16,23 +16,23 @@
  */
 package io.camunda.connector.runtime.saas;
 
-import io.camunda.common.auth.Authentication;
+import io.camunda.common.auth.JwtConfig;
+import io.camunda.common.auth.JwtCredential;
+import io.camunda.common.auth.Product;
+import io.camunda.common.auth.SaaSAuthenticationBuilder;
+import io.camunda.common.json.JsonMapper;
 import io.camunda.connector.api.secret.SecretProvider;
 import io.camunda.operate.CamundaOperateClient;
 import io.camunda.zeebe.spring.client.properties.OperateClientConfigurationProperties;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.beans.factory.config.BeanPostProcessor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 
 @Configuration
 public class SaaSOperateClientFactory {
 
-  private static final Logger LOG = LoggerFactory.getLogger(SaaSOperateClientFactory.class);
   public static String SECRET_NAME_CLIENT_ID = "M2MClientId";
   public static String SECRET_NAME_SECRET = "M2MSecret";
 
@@ -45,37 +45,27 @@ public SaaSOperateClientFactory(@Autowired SaaSConfiguration saaSConfiguration)
     this.internalSecretProvider = saaSConfiguration.getInternalSecretProvider();
   }
 
-  @Bean
-  public OperatePropertiesPostProcessor operatePropertiesPostProcessor() {
-    return new OperatePropertiesPostProcessor();
-  }
-
   @Bean
   @Primary
-  public CamundaOperateClient camundaOperateClientBundle(Authentication authentication) {
+  public CamundaOperateClient camundaOperateClientBundle(
+      OperateClientConfigurationProperties operateProperties, JsonMapper jsonMapper) {
+
+    var jwtConfig = new JwtConfig();
+    var jwtCredential =
+        new JwtCredential(
+            internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID),
+            internalSecretProvider.getSecret(SECRET_NAME_SECRET),
+            operateProperties.getBaseUrl(),
+            operateProperties.getAuthUrl());
+    jwtConfig.addProduct(Product.OPERATE, jwtCredential);
+
+    var authentication =
+        new SaaSAuthenticationBuilder().withJwtConfig(jwtConfig).withJsonMapper(jsonMapper).build();
+
     return CamundaOperateClient.builder()
         .operateUrl(operateUrl)
         .authentication(authentication)
         .setup()
         .build();
   }
-
-  public class OperatePropertiesPostProcessor implements BeanPostProcessor {
-
-    public OperatePropertiesPostProcessor() {
-      LOG.info("OperatePropertiesPostProcessor created");
-    }
-
-    @Override
-    public Object postProcessBeforeInitialization(Object bean, String beanName) {
-      if (bean instanceof OperateClientConfigurationProperties operateProperties) {
-        String operateClientId = internalSecretProvider.getSecret(SECRET_NAME_CLIENT_ID);
-        String operateClientSecret = internalSecretProvider.getSecret(SECRET_NAME_SECRET);
-        operateProperties.setClientId(operateClientId);
-        operateProperties.setClientSecret(operateClientSecret);
-        return operateProperties;
-      }
-      return bean;
-    }
-  }
 }
@@ -16,13 +16,14 @@ camunda.connector.secret-provider.console.enabled=false
 zeebe.client.worker.threads=10
 zeebe.client.worker.max-jobs-active=32
 
-# Enforce local connection, even if cluster-id set (for Operate Auth)
+# Enforce local connection, even if cluster-id set
 zeebe.client.connection-mode=ADDRESS
+camunda.client.mode=simple
 
 connectors.log.appender=stackdriver
 
 # For specifying the size of inbound connectors activity log
 camunda.connector.inbound.log.size=10
 
 # Disabling the default Operate client, we are configuring our own
-camunda.operate.client.enabled=false
+camunda.client.operate.enabled=false