[CONJ-733] adding credential service implementation

Credential service permits providing user / password just implementing CredentialPlugin interface.
3 default implementations :
- using environment credential
- using java system properties credential
- using IAM authentication

pom.xml

@@ -386,5 +386,13 @@
             <version>1.2.3</version>
             <scope>test</scope>
         </dependency>
+
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-rds</artifactId>
+            <version>1.11.636</version>
+            <optional>true</optional>
+        </dependency>
+
     </dependencies>
 </project>

src/main/java/org/mariadb/jdbc/UrlParser.java

@@ -59,6 +59,8 @@
 import java.util.Properties;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+import org.mariadb.jdbc.credential.CredentialPlugin;
+import org.mariadb.jdbc.credential.CredentialPluginLoader;
 import org.mariadb.jdbc.internal.logging.LoggerFactory;
 import org.mariadb.jdbc.internal.util.constant.HaMode;
 import org.mariadb.jdbc.internal.util.constant.ParameterConstant;
@@ -101,6 +103,7 @@ public class UrlParser implements Cloneable {
   private HaMode haMode;
   private String initialUrl;
   private boolean multiMaster;
+  private CredentialPlugin credentialPlugin;
 
   private UrlParser() {
   }
@@ -112,9 +115,10 @@ private UrlParser() {
    * @param addresses list of hosts
    * @param options connection option
    * @param haMode High availability mode
+   * @throws SQLException if credential plugin cannot be loaded
    */
   public UrlParser(String database, List<HostAddress> addresses, Options options,
-      HaMode haMode) {
+      HaMode haMode) throws SQLException {
     this.options = options;
     this.database = database;
     this.addresses = addresses;
@@ -130,8 +134,8 @@ public UrlParser(String database, List<HostAddress> addresses, Options options,
         }
       }
     }
-
-    DefaultOptions.postOptionProcess(options);
+    this.credentialPlugin = CredentialPluginLoader.get(options.credentialType);
+    DefaultOptions.postOptionProcess(options, credentialPlugin);
     setInitialUrl();
     loadMultiMasterValue();
   }
@@ -234,10 +238,11 @@ private static void parseInternal(UrlParser urlParser, String url, Properties pr
    * @param properties           properties
    * @param hostAddressesString  string that holds all the host addresses
    * @param additionalParameters string that holds all parameters defined for the connection
+   * @throws SQLException if credential plugin cannot be loaded
    */
   private static void defineUrlParserParameters(UrlParser urlParser, Properties properties,
       String hostAddressesString,
-      String additionalParameters) {
+      String additionalParameters) throws SQLException {
 
     if (additionalParameters != null) {
       //noinspection Annotator
@@ -264,7 +269,8 @@ private static void defineUrlParserParameters(UrlParser urlParser, Properties pr
       urlParser.database = null;
       urlParser.options = DefaultOptions.parse(urlParser.haMode, "", properties, urlParser.options);
     }
-    DefaultOptions.postOptionProcess(urlParser.options);
+    urlParser.credentialPlugin = CredentialPluginLoader.get(urlParser.options.credentialType);
+    DefaultOptions.postOptionProcess(urlParser.options, urlParser.credentialPlugin);
 
     LoggerFactory.init(urlParser.options.log
         || urlParser.options.profileSql
@@ -437,6 +443,10 @@ protected void setProperties(String urlParameters) {
     setInitialUrl();
   }
 
+  public CredentialPlugin getCredentialPlugin() {
+    return credentialPlugin;
+  }
+
   /**
    * ToString implementation.
    *

src/main/java/org/mariadb/jdbc/credential/Credential.java

@@ -0,0 +1,44 @@
+/*
+ * MariaDB Client for Java
+ *
+ * Copyright (c) 2012-2014 Monty Program Ab.
+ * Copyright (c) 2015-2019 MariaDB Ab.
+ *
+ * This library is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this library; if not, write to Monty Program Ab info@montyprogram.com.
+ *
+ */
+
+package org.mariadb.jdbc.credential;
+
+public class Credential {
+  private String user;
+  private String password;
+
+  public Credential(String user, String password) {
+    this.user = user;
+    this.password = password;
+  }
+
+  public String getUser() {
+    return user;
+  }
+
+  public String getPassword() {
+    return password;
+  }
+
+  public void setUser(String user) {
+    this.user = user;
+  }
+}

src/main/java/org/mariadb/jdbc/credential/CredentialPlugin.java

@@ -0,0 +1,48 @@
+/*
+ * MariaDB Client for Java
+ *
+ * Copyright (c) 2012-2014 Monty Program Ab.
+ * Copyright (c) 2015-2019 MariaDB Ab.
+ *
+ * This library is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this library; if not, write to Monty Program Ab info@montyprogram.com.
+ *
+ */
+
+package org.mariadb.jdbc.credential;
+
+import java.sql.SQLException;
+import java.util.function.Supplier;
+import org.mariadb.jdbc.HostAddress;
+import org.mariadb.jdbc.util.Options;
+
+public interface CredentialPlugin extends Supplier<Credential> {
+
+  String name();
+
+  String type();
+
+  default boolean mustUseSsl() {
+    return false;
+  }
+
+  default String defaultAuthenticationPluginType() {
+    return null;
+  }
+
+  default CredentialPlugin initialize(Options options, String userName, HostAddress hostAddress)
+      throws SQLException {
+    return this;
+  }
+
+}

src/main/java/org/mariadb/jdbc/credential/CredentialPluginLoader.java

@@ -0,0 +1,54 @@
+/*
+ * MariaDB Client for Java
+ *
+ * Copyright (c) 2012-2014 Monty Program Ab.
+ * Copyright (c) 2015-2017 MariaDB Ab.
+ *
+ * This library is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this library; if not, write to Monty Program Ab info@montyprogram.com.
+ *
+ */
+
+package org.mariadb.jdbc.credential;
+
+import java.sql.SQLException;
+import java.util.ServiceLoader;
+
+/**
+ * Provider to handle plugin authentication. This can allow library users to override our default
+ * Authentication provider.
+ */
+public class CredentialPluginLoader {
+
+  /**
+   * Get current Identity plugin according to option `identityType`.
+   *
+   * @param type identity plugin type
+   * @return identity plugin
+   * @throws SQLException if no identity plugin found with this type is in classpath
+   */
+  public static CredentialPlugin get(String type) throws SQLException {
+    if (type == null || type.isEmpty()) {
+      return null;
+    }
+    ServiceLoader<CredentialPlugin> loader = ServiceLoader.load(CredentialPlugin.class);
+    for (CredentialPlugin implClass : loader) {
+      if (type.equals(implClass.type())) {
+        return implClass;
+      }
+    }
+    throw new SQLException(
+        "No identity plugin registered with the type \"" + type + "\".", "08004", 1251);
+  }
+
+}

src/main/java/org/mariadb/jdbc/credential/aws/AwsCredentialGenerator.java

@@ -0,0 +1,81 @@
+/*
+ * MariaDB Client for Java
+ *
+ * Copyright (c) 2012-2014 Monty Program Ab.
+ * Copyright (c) 2015-2019 MariaDB Ab.
+ *
+ * This library is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the Free
+ * Software Foundation; either version 2.1 of the License, or (at your option)
+ * any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License
+ * for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License along
+ * with this library; if not, write to Monty Program Ab info@montyprogram.com.
+ *
+ */
+
+package org.mariadb.jdbc.credential.aws;
+
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.AWSStaticCredentialsProvider;
+import com.amazonaws.auth.BasicAWSCredentials;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
+import com.amazonaws.regions.DefaultAwsRegionProviderChain;
+import com.amazonaws.services.rds.auth.GetIamAuthTokenRequest;
+import com.amazonaws.services.rds.auth.RdsIamAuthTokenGenerator;
+import java.util.Properties;
+import org.mariadb.jdbc.HostAddress;
+import org.mariadb.jdbc.credential.Credential;
+
+public class AwsCredentialGenerator {
+
+  private RdsIamAuthTokenGenerator generator;
+  private GetIamAuthTokenRequest request;
+  private String userName;
+
+  /**
+   * AWS Generator.
+   *
+   * @param nonMappedOptions non standard options
+   * @param userName user
+   * @param hostAddress current server information
+   */
+  public AwsCredentialGenerator(Properties nonMappedOptions, String userName,
+                                HostAddress hostAddress) {
+    // Build RDS IAM-auth token generator
+    this.userName = userName;
+    AWSCredentialsProvider awsCredentialsProvider;
+    String accessKeyId = nonMappedOptions.getProperty("accessKeyId");
+    String secretKey = nonMappedOptions.getProperty("secretKey");
+    String region = nonMappedOptions.getProperty("region");
+
+    if (accessKeyId != null && secretKey != null) {
+      awsCredentialsProvider =
+          new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKeyId, secretKey));
+    } else {
+      awsCredentialsProvider = new DefaultAWSCredentialsProviderChain();
+    }
+
+    this.generator =
+        RdsIamAuthTokenGenerator.builder()
+            .credentials(awsCredentialsProvider)
+            .region(region != null ? region : new DefaultAwsRegionProviderChain().getRegion())
+            .build();
+    this.request =
+        GetIamAuthTokenRequest.builder()
+            .hostname(hostAddress.host)
+            .port(hostAddress.port)
+            .userName(userName)
+            .build();
+
+  }
+
+  public Credential getToken() {
+    return new Credential(userName, generator.getAuthToken(this.request));
+  }
+}