Ability to renew aws credentials without application restart #4

cuba-platform · Feb 5, 2020 · 2a82265 · 2a82265
1 parent 7a2f841
commit 2a82265
Show file tree

Hide file tree

Showing 3 changed files with 89 additions and 14 deletions.
diff --git a/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3FileStorage.java b/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3FileStorage.java
@@ -39,6 +39,7 @@
 import java.io.InputStream;
 import java.net.URI;
 import java.util.*;
+import java.util.concurrent.atomic.AtomicReference;
 import java.util.stream.Collectors;
 
 import static com.haulmont.bali.util.Preconditions.checkNotNullArgument;
@@ -47,31 +48,35 @@ public class AmazonS3FileStorage implements FileStorageAPI {
     @Inject
     protected AmazonS3Config amazonS3Config;
 
-    protected S3Client s3Client;
+    protected AtomicReference<S3Client> s3ClientReference = new AtomicReference<>();
 
     @EventListener
     protected void initS3Client(AppContextStartedEvent event) {
+        refreshS3Client();
+    }
+
+    protected AwsCredentialsProvider getAwsCredentialsProvider() {
+        if (getAccessKey() != null && getSecretAccessKey() != null) {
+            AwsCredentials awsCredentials = AwsBasicCredentials.create(getAccessKey(), getSecretAccessKey());
+            return StaticCredentialsProvider.create(awsCredentials);
+        } else {
+            return DefaultCredentialsProvider.builder().build();
+        }
+    }
+
+    public void refreshS3Client() {
         AwsCredentialsProvider awsCredentialsProvider = getAwsCredentialsProvider();
         if (Strings.isNullOrEmpty(amazonS3Config.getEndpointUrl())) {
-            s3Client = S3Client.builder()
+            s3ClientReference.set(S3Client.builder()
                     .credentialsProvider(awsCredentialsProvider)
                     .region(Region.of(getRegionName()))
-                    .build();
+                    .build());
         } else {
-            s3Client = S3Client.builder()
+            s3ClientReference.set(S3Client.builder()
                     .credentialsProvider(awsCredentialsProvider)
                     .endpointOverride(URI.create(amazonS3Config.getEndpointUrl()))
                     .region(Region.of(getRegionName()))
-                    .build();
-        }
-    }
-
-    protected AwsCredentialsProvider getAwsCredentialsProvider() {
-        if (getAccessKey() != null && getSecretAccessKey() != null) {
-            AwsCredentials awsCredentials = AwsBasicCredentials.create(getAccessKey(), getSecretAccessKey());
-            return StaticCredentialsProvider.create(awsCredentials);
-        } else {
-            return DefaultCredentialsProvider.create();
+                    .build());
         }
     }
 
@@ -92,6 +97,7 @@ public long saveStream(FileDescriptor fileDescr, InputStream inputStream) throws
     public void saveFile(FileDescriptor fileDescr, byte[] data) throws FileStorageException {
         checkNotNullArgument(data, "File content is null");
         try {
+            S3Client s3Client = s3ClientReference.get();
             int chunkSize = amazonS3Config.getChunkSize() * 1024;
 
             CreateMultipartUploadRequest createMultipartUploadRequest = CreateMultipartUploadRequest.builder()
@@ -141,6 +147,7 @@ protected byte[] getChunkBytes(byte[] data, int start, int end) {
     @Override
     public void removeFile(FileDescriptor fileDescr) throws FileStorageException {
         try {
+            S3Client s3Client = s3ClientReference.get();
             DeleteObjectRequest deleteObjectRequest = DeleteObjectRequest.builder()
                     .bucket(getBucket())
                     .key(resolveFileName(fileDescr))
@@ -156,6 +163,7 @@ public void removeFile(FileDescriptor fileDescr) throws FileStorageException {
     public InputStream openStream(FileDescriptor fileDescr) throws FileStorageException {
         InputStream is;
         try {
+            S3Client s3Client = s3ClientReference.get();
             GetObjectRequest getObjectRequest = GetObjectRequest.builder()
                     .bucket(getBucket())
                     .key(resolveFileName(fileDescr))
@@ -179,6 +187,7 @@ public byte[] loadFile(FileDescriptor fileDescr) throws FileStorageException {
 
     @Override
     public boolean fileExists(FileDescriptor fileDescr) {
+        S3Client s3Client = s3ClientReference.get();
         ListObjectsV2Request listObjectsReqManual = ListObjectsV2Request.builder()
                 .bucket(getBucket())
                 .prefix(resolveFileName(fileDescr))

diff --git a/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3Manager.java b/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3Manager.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2008-2020 Haulmont.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.haulmont.addon.cubaaws.s3;
+
+import com.haulmont.cuba.core.app.FileStorageAPI;
+import org.springframework.stereotype.Component;
+
+import javax.inject.Inject;
+
+@Component("cuba_AmazonS3ManagerMBean")
+public class AmazonS3Manager implements AmazonS3ManagerMBean {
+    @Inject
+    private FileStorageAPI fileStorageAPI;
+
+    @Override
+    public String refreshS3Client() {
+        if (fileStorageAPI instanceof AmazonS3FileStorage) {
+            ((AmazonS3FileStorage) fileStorageAPI).refreshS3Client();
+            return "Refreshed successfully";
+        }
+        return "Not an Amazon S3 file storage - refresh attempt ignored";
+    }
+}
diff --git a/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3ManagerMBean.java b/modules/core/src/com/haulmont/addon/cubaaws/s3/AmazonS3ManagerMBean.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright (c) 2008-2020 Haulmont.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.haulmont.addon.cubaaws.s3;
+
+import com.haulmont.cuba.core.sys.jmx.JmxBean;
+import org.springframework.jmx.export.annotation.ManagedOperation;
+import org.springframework.jmx.export.annotation.ManagedResource;
+
+@JmxBean(module = "cubaaws", alias = "AmazonS3Manager")
+@ManagedResource(description = "JMX interface for managing Amazon S3 storage")
+public interface AmazonS3ManagerMBean {
+
+    @ManagedOperation(description = "Refreshes Amazon S3 client")
+    String refreshS3Client();
+}