From 492877477b4e92093df0b6ac2ddac59f79020dda Mon Sep 17 00:00:00 2001 From: fjtirado Date: Fri, 31 Oct 2025 19:27:48 +0100 Subject: [PATCH] [Fix #930] Adding authorization runtime expression Signed-off-by: fjtirado --- .../impl/AuthorizationDescriptor.java | 18 ++++ .../serverlessworkflow/impl/TaskContext.java | 9 ++ .../impl/WorkflowApplication.java | 3 +- .../impl/WorkflowError.java | 4 + .../impl/WorkflowInstanceData.java | 2 + .../impl/WorkflowMutableInstance.java | 5 + .../additional/ConstantAdditionalObject.java | 6 +- .../additional/SuppliedAdditionalObject.java | 6 +- .../additional/WorkflowAdditionalObject.java | 7 +- .../impl/config/ConfigManager.java | 3 + .../impl/config/ConfigSecretManager.java | 49 ++++++++++ .../impl/config/SecretManager.java | 4 +- .../config/SystemPropertyConfigManager.java | 5 + .../executors/http/AbstractAuthProvider.java | 57 ++++++++++++ .../impl/executors/http/AuthProvider.java | 10 -- .../executors/http/BasicAuthProvider.java | 43 +++++---- .../executors/http/BearerAuthProvider.java | 21 ++--- .../impl/executors/http/HttpExecutor.java | 7 +- .../executors/http/OAuth2AuthProvider.java | 18 +--- .../executors/http/OpenIdAuthProvider.java | 18 +--- .../impl/expressions/jq/JQExpression.java | 30 ++++-- .../impl/test/BasicAuthHttpTest.java | 92 +++++++++++++++++++ .../impl/test/SecretExpressionTest.java | 7 +- .../basic-properties-auth.yaml | 24 +++++ .../workflows-samples/basic-secret-auth.yaml | 23 +++++ ...ntSecretPostClientCredentialsHttpCall.yaml | 2 +- ...etPostClientCredentialsParamsHttpCall.yaml | 2 +- ...ntCredentialsParamsNoEndPointHttpCall.yaml | 2 +- ...ntSecretPostPasswordAllGrantsHttpCall.yaml | 2 +- ...ClientSecretPostPasswordAsArgHttpCall.yaml | 2 +- ...oAuthClientSecretPostPasswordHttpCall.yaml | 2 +- ...SecretPostPasswordNoEndpointsHttpCall.yaml | 2 +- .../oAuthJSONClientCredentialsHttpCall.yaml | 3 +- ...thJSONClientCredentialsParamsHttpCall.yaml | 2 +- ...ntCredentialsParamsNoEndPointHttpCall.yaml | 2 +- .../oAuthJSONPasswordAllGrantsHttpCall.yaml | 2 +- .../oAuthJSONPasswordAsArgHttpCall.yaml | 2 +- .../oAuthJSONPasswordHttpCall.yaml | 2 +- .../oAuthJSONPasswordNoEndpointsHttpCall.yaml | 2 +- ...etPostClientCredentialsParamsHttpCall.yaml | 2 +- ...ntCredentialsParamsNoEndPointHttpCall.yaml | 2 +- ...ntSecretPostPasswordAllGrantsHttpCall.yaml | 2 +- ...ClientSecretPostPasswordAsArgHttpCall.yaml | 2 +- ...enidcClientSecretPostPasswordHttpCall.yaml | 2 +- .../openidcJSONClientCredentialsHttpCall.yaml | 2 +- ...dcJSONClientCredentialsParamsHttpCall.yaml | 2 +- ...ntCredentialsParamsNoEndPointHttpCall.yaml | 2 +- .../openidcJSONPasswordAllGrantsHttpCall.yaml | 2 +- .../openidcJSONPasswordAsArgHttpCall.yaml | 2 +- .../openidcJSONPasswordHttpCall.yaml | 3 +- ...penidcJSONPasswordNoEndpointsHttpCall.yaml | 2 +- .../workflows-samples/secret-expression.yaml | 5 +- 52 files changed, 405 insertions(+), 125 deletions(-) create mode 100644 impl/core/src/main/java/io/serverlessworkflow/impl/AuthorizationDescriptor.java create mode 100644 impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigSecretManager.java create mode 100644 impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java create mode 100644 impl/test/src/test/java/io/serverlessworkflow/impl/test/BasicAuthHttpTest.java create mode 100644 impl/test/src/test/resources/workflows-samples/basic-properties-auth.yaml create mode 100644 impl/test/src/test/resources/workflows-samples/basic-secret-auth.yaml diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/AuthorizationDescriptor.java b/impl/core/src/main/java/io/serverlessworkflow/impl/AuthorizationDescriptor.java new file mode 100644 index 000000000..9c31da1be --- /dev/null +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/AuthorizationDescriptor.java @@ -0,0 +1,18 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl; + +public record AuthorizationDescriptor(String scheme, String parameter) {} diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/TaskContext.java b/impl/core/src/main/java/io/serverlessworkflow/impl/TaskContext.java index 8ef68513f..25d2f2736 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/TaskContext.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/TaskContext.java @@ -38,6 +38,7 @@ public class TaskContext implements TaskContextData { private Instant completedAt; private TransitionInfo transition; private short retryAttempt; + private AuthorizationDescriptor authorization; public TaskContext( WorkflowModel input, @@ -93,6 +94,14 @@ public WorkflowModel rawInput() { return rawInput; } + public AuthorizationDescriptor authorization() { + return authorization; + } + + public void authorization(String scheme, String parameter) { + this.authorization = new AuthorizationDescriptor(scheme, parameter); + } + @Override public TaskBase task() { return task; diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowApplication.java b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowApplication.java index 5fe9b8c4d..9865f72b8 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowApplication.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowApplication.java @@ -21,6 +21,7 @@ import io.serverlessworkflow.api.types.Workflow; import io.serverlessworkflow.impl.additional.WorkflowAdditionalObject; import io.serverlessworkflow.impl.config.ConfigManager; +import io.serverlessworkflow.impl.config.ConfigSecretManager; import io.serverlessworkflow.impl.config.SecretManager; import io.serverlessworkflow.impl.config.SystemPropertyConfigManager; import io.serverlessworkflow.impl.events.EventConsumer; @@ -316,7 +317,7 @@ public WorkflowApplication build() { secretManager = ServiceLoader.load(SecretManager.class) .findFirst() - .orElseGet(() -> s -> configManager.config(s, String.class)); + .orElseGet(() -> new ConfigSecretManager(configManager)); } return new WorkflowApplication(this); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowError.java b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowError.java index d870c0cc2..a23c51dd6 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowError.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowError.java @@ -28,6 +28,10 @@ public static Builder authorization() { return error(Errors.AUTHORIZATION.toString(), Errors.AUTHORIZATION.status()); } + public static Builder expression() { + return error("https://serverlessworkflow.io/spec/1.0.0/errors/expression", 400); + } + public static Builder communication(int status, TaskContext context, Exception ex) { return communication(status, context, ex.getMessage()); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowInstanceData.java b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowInstanceData.java index 846b70fd4..10a2e0b44 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowInstanceData.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowInstanceData.java @@ -30,5 +30,7 @@ public interface WorkflowInstanceData { WorkflowModel output(); + WorkflowModel context(); + T outputAs(Class clazz); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowMutableInstance.java b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowMutableInstance.java index 7409a1db2..6aadf2112 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowMutableInstance.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/WorkflowMutableInstance.java @@ -145,6 +145,11 @@ public WorkflowStatus status() { return status.get(); } + @Override + public WorkflowModel context() { + return workflowContext.context(); + } + @Override public WorkflowModel output() { CompletableFuture future = futureRef.get(); diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/ConstantAdditionalObject.java b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/ConstantAdditionalObject.java index 659af5377..eba50c466 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/ConstantAdditionalObject.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/ConstantAdditionalObject.java @@ -15,8 +15,8 @@ */ package io.serverlessworkflow.impl.additional; -import io.serverlessworkflow.impl.TaskContext; -import io.serverlessworkflow.impl.WorkflowContext; +import io.serverlessworkflow.impl.TaskContextData; +import io.serverlessworkflow.impl.WorkflowContextData; public class ConstantAdditionalObject implements WorkflowAdditionalObject { @@ -27,7 +27,7 @@ public ConstantAdditionalObject(T object) { } @Override - public T apply(WorkflowContext t, TaskContext u) { + public T apply(WorkflowContextData t, TaskContextData u) { return object; } } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/SuppliedAdditionalObject.java b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/SuppliedAdditionalObject.java index d1eb1910e..d0ed415f3 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/SuppliedAdditionalObject.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/SuppliedAdditionalObject.java @@ -15,8 +15,8 @@ */ package io.serverlessworkflow.impl.additional; -import io.serverlessworkflow.impl.TaskContext; -import io.serverlessworkflow.impl.WorkflowContext; +import io.serverlessworkflow.impl.TaskContextData; +import io.serverlessworkflow.impl.WorkflowContextData; import java.util.function.Supplier; public class SuppliedAdditionalObject implements WorkflowAdditionalObject { @@ -28,7 +28,7 @@ public SuppliedAdditionalObject(Supplier supplier) { } @Override - public T apply(WorkflowContext t, TaskContext u) { + public T apply(WorkflowContextData t, TaskContextData u) { return supplier.get(); } } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/WorkflowAdditionalObject.java b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/WorkflowAdditionalObject.java index f45c5edc7..93cfa2dfc 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/additional/WorkflowAdditionalObject.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/additional/WorkflowAdditionalObject.java @@ -15,8 +15,9 @@ */ package io.serverlessworkflow.impl.additional; -import io.serverlessworkflow.impl.TaskContext; -import io.serverlessworkflow.impl.WorkflowContext; +import io.serverlessworkflow.impl.TaskContextData; +import io.serverlessworkflow.impl.WorkflowContextData; import java.util.function.BiFunction; -public interface WorkflowAdditionalObject extends BiFunction {} +public interface WorkflowAdditionalObject + extends BiFunction {} diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigManager.java b/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigManager.java index 9bdab4fe9..08f2fb0ee 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigManager.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigManager.java @@ -19,5 +19,8 @@ import java.util.Optional; public interface ConfigManager extends ServicePriority { + Optional config(String propName, Class propClass); + + Iterable names(); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigSecretManager.java b/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigSecretManager.java new file mode 100644 index 000000000..a720e447a --- /dev/null +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/config/ConfigSecretManager.java @@ -0,0 +1,49 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl.config; + +import java.util.HashMap; +import java.util.Map; +import java.util.concurrent.ConcurrentHashMap; + +public class ConfigSecretManager implements SecretManager { + + private final ConfigManager configManager; + + private Map> secretMap = new ConcurrentHashMap<>(); + + public ConfigSecretManager(ConfigManager configManager) { + this.configManager = configManager; + } + + @Override + public Map secret(String secretName) { + return secretMap.computeIfAbsent(secretName, this::buildMap); + } + + private Map buildMap(String secretName) { + Map map = new HashMap(); + final String prefix = secretName + "."; + for (String name : configManager.names()) { + if (name.startsWith(prefix)) { + configManager + .config(name, String.class) + .ifPresent(v -> map.put(name.substring(prefix.length()), v)); + } + } + return map; + } +} diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/config/SecretManager.java b/impl/core/src/main/java/io/serverlessworkflow/impl/config/SecretManager.java index 04fc1e9cc..aeeabaafc 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/config/SecretManager.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/config/SecretManager.java @@ -16,9 +16,9 @@ package io.serverlessworkflow.impl.config; import io.serverlessworkflow.impl.ServicePriority; -import java.util.Optional; +import java.util.Map; @FunctionalInterface public interface SecretManager extends ServicePriority { - Optional secret(String secretName); + Map secret(String secretName); } diff --git a/impl/core/src/main/java/io/serverlessworkflow/impl/config/SystemPropertyConfigManager.java b/impl/core/src/main/java/io/serverlessworkflow/impl/config/SystemPropertyConfigManager.java index 5804611a3..e66d80f7a 100644 --- a/impl/core/src/main/java/io/serverlessworkflow/impl/config/SystemPropertyConfigManager.java +++ b/impl/core/src/main/java/io/serverlessworkflow/impl/config/SystemPropertyConfigManager.java @@ -27,4 +27,9 @@ protected T convertComplex(String value, Class propClass) { throw new UnsupportedOperationException( "Conversion of property " + value + " to class " + propClass + " is not supported"); } + + @Override + public Iterable names() { + return System.getProperties().keySet().stream().map(Object::toString).toList(); + } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java new file mode 100644 index 000000000..e75961de2 --- /dev/null +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AbstractAuthProvider.java @@ -0,0 +1,57 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl.executors.http; + +import io.serverlessworkflow.api.types.SecretBasedAuthenticationPolicy; +import io.serverlessworkflow.api.types.Workflow; +import io.serverlessworkflow.impl.TaskContext; +import io.serverlessworkflow.impl.WorkflowContext; +import io.serverlessworkflow.impl.WorkflowModel; +import jakarta.ws.rs.client.Invocation.Builder; + +public abstract class AbstractAuthProvider implements AuthProvider { + + private static final String AUTH_HEADER_FORMAT = "%s %s"; + + @Override + public Builder build( + Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { + String scheme = authScheme(); + String parameter = authParameter(workflow, task, model); + task.authorization(scheme, parameter); + builder.header( + AuthProviderFactory.AUTH_HEADER_NAME, String.format(AUTH_HEADER_FORMAT, scheme, parameter)); + return builder; + } + + protected final String checkSecret( + Workflow workflow, SecretBasedAuthenticationPolicy secretPolicy) { + String secretName = secretPolicy.getUse(); + return workflow.getUse().getSecrets().stream() + .filter(s -> s.equals(secretName)) + .findAny() + .orElseThrow(() -> new IllegalStateException("Secret " + secretName + " does not exist")); + } + + protected final String find(WorkflowContext context, String secretName, String prop) { + return context.definition().application().secretManager().secret(secretName).get(prop); + } + + protected abstract String authScheme(); + + protected abstract String authParameter( + WorkflowContext workflow, TaskContext task, WorkflowModel model); +} diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java index ef90301d6..46a0a2d7a 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/AuthProvider.java @@ -21,16 +21,6 @@ import jakarta.ws.rs.client.Invocation; interface AuthProvider { - - default void preRequest( - Invocation.Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - // Default implementation does nothing - } - - default void postRequest(WorkflowContext workflow, TaskContext task, WorkflowModel model) { - // Default implementation does nothing - } - Invocation.Builder build( Invocation.Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model); } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java index 0dbf66eb7..1c824e064 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BasicAuthProvider.java @@ -23,16 +23,14 @@ import io.serverlessworkflow.impl.WorkflowModel; import io.serverlessworkflow.impl.WorkflowUtils; import io.serverlessworkflow.impl.WorkflowValueResolver; -import jakarta.ws.rs.client.Invocation.Builder; import java.util.Base64; -class BasicAuthProvider implements AuthProvider { +class BasicAuthProvider extends AbstractAuthProvider { - private static final String BASIC_TOKEN = "Basic %s"; private static final String USER_PASSWORD = "%s:%s"; - private WorkflowValueResolver userFilter; - private WorkflowValueResolver passwordFilter; + private final WorkflowValueResolver userFilter; + private final WorkflowValueResolver passwordFilter; public BasicAuthProvider( WorkflowApplication app, Workflow workflow, BasicAuthenticationPolicy authPolicy) { @@ -44,24 +42,29 @@ public BasicAuthProvider( WorkflowUtils.buildStringFilter( app, authPolicy.getBasic().getBasicAuthenticationProperties().getPassword()); } else if (authPolicy.getBasic().getBasicAuthenticationPolicySecret() != null) { - throw new UnsupportedOperationException("Secrets are still not supported"); + String secretName = + checkSecret(workflow, authPolicy.getBasic().getBasicAuthenticationPolicySecret()); + userFilter = (w, t, m) -> find(w, secretName, "username"); + passwordFilter = (w, t, m) -> find(w, secretName, "password"); + } else { + throw new IllegalStateException("Both secret and properties are null for authorization"); } } @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - builder.header( - AuthProviderFactory.AUTH_HEADER_NAME, - String.format( - BASIC_TOKEN, - Base64.getEncoder() - .encode( - String.format( - USER_PASSWORD, - userFilter.apply(workflow, task, model), - passwordFilter.apply(workflow, task, model)) - .getBytes()))); - return builder; + protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + return new String( + Base64.getEncoder() + .encode( + String.format( + USER_PASSWORD, + userFilter.apply(workflow, task, model), + passwordFilter.apply(workflow, task, model)) + .getBytes())); + } + + @Override + protected String authScheme() { + return "Basic"; } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java index 79f5584fe..58b673e9e 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/BearerAuthProvider.java @@ -24,11 +24,8 @@ import io.serverlessworkflow.impl.WorkflowModel; import io.serverlessworkflow.impl.WorkflowUtils; import io.serverlessworkflow.impl.WorkflowValueResolver; -import jakarta.ws.rs.client.Invocation.Builder; -class BearerAuthProvider implements AuthProvider { - - private static final String BEARER_TOKEN = "Bearer %s"; +class BearerAuthProvider extends AbstractAuthProvider { private WorkflowValueResolver tokenFilter; @@ -41,16 +38,18 @@ public BearerAuthProvider( String token = config.getBearerAuthenticationProperties().getToken(); tokenFilter = WorkflowUtils.buildStringFilter(app, token); } else if (config.getBearerAuthenticationPolicySecret() != null) { - throw new UnsupportedOperationException("Secrets are still not supported"); + String secretName = checkSecret(workflow, config.getBearerAuthenticationPolicySecret()); + tokenFilter = (w, t, m) -> find(w, secretName, "bearer"); } } @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - builder.header( - AuthProviderFactory.AUTH_HEADER_NAME, - String.format(BEARER_TOKEN, tokenFilter.apply(workflow, task, model))); - return builder; + protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + return tokenFilter.apply(workflow, task, model); + } + + @Override + protected String authScheme() { + return "Bearer"; } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java index 6498dbad7..1bd6428fb 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/HttpExecutor.java @@ -233,16 +233,13 @@ public CompletableFuture apply( queryMap.ifPresent( q -> q.apply(workflow, taskContext, input).forEach((k, v) -> supplier.addQuery(k, v))); Builder request = supplier.get().request(); - authProvider.ifPresent(auth -> auth.build(request, workflow, taskContext, input)); headersMap.ifPresent( h -> h.apply(workflow, taskContext, input).forEach((k, v) -> request.header(k, v))); return CompletableFuture.supplyAsync( () -> { try { - authProvider.ifPresent(auth -> auth.preRequest(request, workflow, taskContext, input)); - WorkflowModel result = requestFunction.apply(request, workflow, taskContext, input); - authProvider.ifPresent(auth -> auth.postRequest(workflow, taskContext, input)); - return result; + authProvider.ifPresent(auth -> auth.build(request, workflow, taskContext, input)); + return requestFunction.apply(request, workflow, taskContext, input); } catch (WebApplicationException exception) { throw new WorkflowException( WorkflowError.communication( diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java index 46bf35797..c36d17ebf 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OAuth2AuthProvider.java @@ -22,18 +22,13 @@ import io.serverlessworkflow.impl.WorkflowApplication; import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.AuthRequestBuilder; import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.OAuthRequestBuilder; -import jakarta.ws.rs.client.Invocation; -import jakarta.ws.rs.client.Invocation.Builder; -public class OAuth2AuthProvider implements AuthProvider { +public class OAuth2AuthProvider extends AbstractAuthProvider { private AuthRequestBuilder requestBuilder; - private static final String BEARER_TOKEN = "Bearer %s"; - public OAuth2AuthProvider( WorkflowApplication application, Workflow workflow, OAuth2AuthenticationPolicy authPolicy) { OAuth2AuthenticationPolicyConfiguration oauth2 = authPolicy.getOauth2(); @@ -46,15 +41,12 @@ public OAuth2AuthProvider( } @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - return builder; + protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + return requestBuilder.build(workflow, task, model).validateAndGet().token(); } @Override - public void preRequest( - Invocation.Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - JWT jwt = requestBuilder.build(workflow, task, model).validateAndGet(); - builder.header(AuthProviderFactory.AUTH_HEADER_NAME, String.format(BEARER_TOKEN, jwt.token())); + protected String authScheme() { + return "Bearer"; } } diff --git a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java index 824f707cf..deaa0e779 100644 --- a/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java +++ b/impl/http/src/main/java/io/serverlessworkflow/impl/executors/http/OpenIdAuthProvider.java @@ -22,18 +22,13 @@ import io.serverlessworkflow.impl.WorkflowApplication; import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowModel; -import io.serverlessworkflow.impl.executors.http.auth.jwt.JWT; import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.AuthRequestBuilder; import io.serverlessworkflow.impl.executors.http.auth.requestbuilder.OpenIdRequestBuilder; -import jakarta.ws.rs.client.Invocation; -import jakarta.ws.rs.client.Invocation.Builder; -public class OpenIdAuthProvider implements AuthProvider { +public class OpenIdAuthProvider extends AbstractAuthProvider { private AuthRequestBuilder requestBuilder; - private static final String BEARER_TOKEN = "Bearer %s"; - public OpenIdAuthProvider( WorkflowApplication application, Workflow workflow, @@ -50,15 +45,12 @@ public OpenIdAuthProvider( } @Override - public Builder build( - Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - return builder; + protected String authParameter(WorkflowContext workflow, TaskContext task, WorkflowModel model) { + return requestBuilder.build(workflow, task, model).validateAndGet().token(); } @Override - public void preRequest( - Invocation.Builder builder, WorkflowContext workflow, TaskContext task, WorkflowModel model) { - JWT jwt = requestBuilder.build(workflow, task, model).validateAndGet(); - builder.header(AuthProviderFactory.AUTH_HEADER_NAME, String.format(BEARER_TOKEN, jwt.token())); + protected String authScheme() { + return "Bearer"; } } diff --git a/impl/jq/src/main/java/io/serverlessworkflow/impl/expressions/jq/JQExpression.java b/impl/jq/src/main/java/io/serverlessworkflow/impl/expressions/jq/JQExpression.java index b32d6b39c..8f95ed066 100644 --- a/impl/jq/src/main/java/io/serverlessworkflow/impl/expressions/jq/JQExpression.java +++ b/impl/jq/src/main/java/io/serverlessworkflow/impl/expressions/jq/JQExpression.java @@ -19,6 +19,7 @@ import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.node.ArrayNode; +import io.serverlessworkflow.impl.AuthorizationDescriptor; import io.serverlessworkflow.impl.TaskContext; import io.serverlessworkflow.impl.WorkflowContext; import io.serverlessworkflow.impl.WorkflowError; @@ -29,6 +30,7 @@ import io.serverlessworkflow.impl.expressions.WorkflowDescriptor; import io.serverlessworkflow.impl.jackson.FunctionJsonNode; import io.serverlessworkflow.impl.jackson.JsonUtils; +import java.util.Map; import java.util.function.Supplier; import net.thisptr.jackson.jq.Output; import net.thisptr.jackson.jq.Scope; @@ -57,8 +59,12 @@ public Object eval(WorkflowContext workflow, TaskContext task, WorkflowModel mod internalExpr.apply(createScope(workflow, task), node, output); return output.getResult(); } catch (JsonQueryException e) { - throw new IllegalArgumentException( - "Unable to evaluate content " + node + " using expr " + expr, e); + throw new WorkflowException( + WorkflowError.expression() + .instance(task.position().jsonPointer()) + .details(e.getMessage()) + .build(), + e); } } @@ -92,19 +98,23 @@ private Scope createScope(WorkflowContext workflow, TaskContext task) { childScope.setValue("output", modelToJson(task.output())); childScope.setValue("task", () -> JsonUtils.fromValue(TaskDescriptor.of(task))); task.variables().forEach((k, v) -> childScope.setValue(k, JsonUtils.fromValue(v))); + AuthorizationDescriptor auth = task.authorization(); + if (auth != null) { + childScope.setValue("authorization", JsonUtils.fromValue(auth)); + } } if (workflow != null) { childScope.setValue( "secret", new FunctionJsonNode( - k -> - workflow - .definition() - .application() - .secretManager() - .secret(k) - .orElseThrow( - () -> new WorkflowException(WorkflowError.authorization().build())))); + k -> { + Map secret = + workflow.definition().application().secretManager().secret(k); + if (secret.isEmpty()) { + throw new WorkflowException(WorkflowError.authorization().build()); + } + return secret; + })); childScope.setValue("context", modelToJson(workflow.context())); childScope.setValue( "runtime", diff --git a/impl/test/src/test/java/io/serverlessworkflow/impl/test/BasicAuthHttpTest.java b/impl/test/src/test/java/io/serverlessworkflow/impl/test/BasicAuthHttpTest.java new file mode 100644 index 000000000..d5dacc3d7 --- /dev/null +++ b/impl/test/src/test/java/io/serverlessworkflow/impl/test/BasicAuthHttpTest.java @@ -0,0 +1,92 @@ +/* + * Copyright 2020-Present The Serverless Workflow Specification Authors + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package io.serverlessworkflow.impl.test; + +import static io.serverlessworkflow.api.WorkflowReader.readWorkflowFromClasspath; +import static org.assertj.core.api.Assertions.assertThat; + +import io.serverlessworkflow.api.types.Workflow; +import io.serverlessworkflow.impl.WorkflowApplication; +import io.serverlessworkflow.impl.WorkflowInstance; +import io.serverlessworkflow.impl.jackson.JsonUtils; +import java.io.IOException; +import java.util.Base64; +import java.util.Map; +import okhttp3.mockwebserver.MockResponse; +import okhttp3.mockwebserver.MockWebServer; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.ValueSource; + +public class BasicAuthHttpTest { + private static WorkflowApplication app; + private MockWebServer apiServer; + + @BeforeAll + static void init() { + app = + WorkflowApplication.builder() + .withSecretManager( + k -> + k.equals("mySecret") + ? Map.of("username", "Javierito", "password", "Vicentito") + : Map.of()) + .build(); + } + + @AfterAll + static void cleanup() { + app.close(); + } + + @BeforeEach + void setup() throws IOException { + apiServer = new MockWebServer(); + apiServer.start(10110); + apiServer.enqueue( + new MockResponse() + .setResponseCode(200) + .setHeader("Content-Type", "application/json") + .setBody(JsonUtils.mapper().createObjectNode().toString())); + } + + @AfterEach + void close() throws IOException { + apiServer.close(); + } + + @ParameterizedTest + @ValueSource( + strings = { + "workflows-samples/basic-properties-auth.yaml", + "workflows-samples/basic-secret-auth.yaml" + }) + void testBasic(String path) throws IOException { + Workflow workflow = readWorkflowFromClasspath(path); + WorkflowInstance instance = app.workflowDefinition(workflow).instance(Map.of("petId", 1)); + instance.start().join(); + assertThat(instance.context()).isNotNull(); + Map authInfo = + (Map) instance.context().asMap().orElseThrow().get("info"); + assertThat(authInfo.get("scheme")).isEqualTo("Basic"); + assertThat( + new String(Base64.getDecoder().decode(((String) authInfo.get("parameter")).getBytes()))) + .isEqualTo("Javierito:Vicentito"); + } +} diff --git a/impl/test/src/test/java/io/serverlessworkflow/impl/test/SecretExpressionTest.java b/impl/test/src/test/java/io/serverlessworkflow/impl/test/SecretExpressionTest.java index 87c7a4b69..fd9f6bb47 100644 --- a/impl/test/src/test/java/io/serverlessworkflow/impl/test/SecretExpressionTest.java +++ b/impl/test/src/test/java/io/serverlessworkflow/impl/test/SecretExpressionTest.java @@ -24,7 +24,6 @@ import io.serverlessworkflow.impl.WorkflowException; import java.io.IOException; import java.util.Map; -import java.util.Optional; import org.junit.jupiter.api.BeforeAll; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.parallel.Execution; @@ -45,7 +44,7 @@ static void init() throws IOException { @Execution(ExecutionMode.SAME_THREAD) @ResourceLock(Resources.SYSTEM_PROPERTIES) void testDefault() { - System.setProperty("whoissuperman", "ClarkKent"); + System.setProperty("superman.name", "ClarkKent"); try (WorkflowApplication appl = WorkflowApplication.builder().build()) { assertThat( appl.workflowDefinition(workflow) @@ -57,7 +56,7 @@ void testDefault() { .get("superSecret")) .isEqualTo("ClarkKent"); } finally { - System.clearProperty("whoissuperman"); + System.clearProperty("superman.name"); } } @@ -79,7 +78,7 @@ void testMissing() { @Test void testCustom() { try (WorkflowApplication appl = - WorkflowApplication.builder().withSecretManager(k -> Optional.of("ClarkKent")).build()) { + WorkflowApplication.builder().withSecretManager(k -> Map.of("name", "ClarkKent")).build()) { assertThat( appl.workflowDefinition(workflow) .instance(Map.of()) diff --git a/impl/test/src/test/resources/workflows-samples/basic-properties-auth.yaml b/impl/test/src/test/resources/workflows-samples/basic-properties-auth.yaml new file mode 100644 index 000000000..66e5f3f64 --- /dev/null +++ b/impl/test/src/test/resources/workflows-samples/basic-properties-auth.yaml @@ -0,0 +1,24 @@ +document: + dsl: 1.0.0-alpha1 + namespace: test + name: basic-properties-auth + version: 1.0.0 +use: + secrets: + - mySecret +do: + - getPet: + call: http + with: + headers: + content-type: application/json + method: get + endpoint: + uri: http://localhost:10110 + authentication: + basic: + username: ${$secret.mySecret.username} + password: ${$secret.mySecret.password} + export: + as: + info: ${$authorization} diff --git a/impl/test/src/test/resources/workflows-samples/basic-secret-auth.yaml b/impl/test/src/test/resources/workflows-samples/basic-secret-auth.yaml new file mode 100644 index 000000000..1247d295b --- /dev/null +++ b/impl/test/src/test/resources/workflows-samples/basic-secret-auth.yaml @@ -0,0 +1,23 @@ +document: + dsl: 1.0.0-alpha1 + namespace: test + name: basic-secret-auth + version: 1.0.0 +use: + secrets: + - mySecret +do: + - getPet: + call: http + with: + headers: + content-type: application/json + method: get + endpoint: + uri: http://localhost:10110 + authentication: + basic: + use: mySecret + export: + as: + info: ${$authorization} diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsHttpCall.yaml index e763bd755..7b33d5099 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-client-credentials version: '0.0.1' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsHttpCall.yaml index a15e27df5..ba2fa974b 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-client-credentials-params-endpoint version: '0.0.2' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml index 22dfa9c06..613aaebd9 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-client-credentials-params version: '0.0.3' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAllGrantsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAllGrantsHttpCall.yaml index 0c7e6183c..804d8932a 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAllGrantsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAllGrantsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-password-grants version: '0.0.4' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAsArgHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAsArgHttpCall.yaml index 09ee1dfe7..59b1db030 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAsArgHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordAsArgHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-password-args version: '0.0.5' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordHttpCall.yaml index ec4210e3d..be57f2000 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-password-endpoint version: '0.0.6' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordNoEndpointsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordNoEndpointsHttpCall.yaml index 6a3f8f561..1b87fe69c 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordNoEndpointsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthClientSecretPostPasswordNoEndpointsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-password version: '0.0.7' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsHttpCall.yaml index 1dbf9d851..6b0cf188e 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsHttpCall.yaml @@ -1,8 +1,9 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-client-credentials version: '0.0.8' + do: - getPet: call: http diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsHttpCall.yaml index e4e4f2833..47af61c7a 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-client-credentials-params-endpoint version: '0.0.9' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsNoEndPointHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsNoEndPointHttpCall.yaml index a441130a2..06bea8913 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsNoEndPointHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONClientCredentialsParamsNoEndPointHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-client-credentials-params version: '0.0.10' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAllGrantsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAllGrantsHttpCall.yaml index 2c2e510cc..d61dd192b 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAllGrantsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAllGrantsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-password-grants version: '0.0.11' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAsArgHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAsArgHttpCall.yaml index f87a3e201..44df8f4db 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAsArgHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordAsArgHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-password-args version: '0.0.12' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordHttpCall.yaml index ebff190a6..7d7b32125 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-password-endpoint version: '0.0.13' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordNoEndpointsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordNoEndpointsHttpCall.yaml index aa427ec59..a40eabf2f 100644 --- a/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordNoEndpointsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/oAuthJSONPasswordNoEndpointsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-password version: '0.0.14' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsHttpCall.yaml index 34c2b25fd..188aa50f0 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-secret-client-credentials-endpoint version: '0.0.1' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml index cac89ace6..09ec5e31a 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostClientCredentialsParamsNoEndPointHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-secret-client-credentials version: '0.0.2' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAllGrantsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAllGrantsHttpCall.yaml index 8e0e5f879..feaed88d4 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAllGrantsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAllGrantsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-secret-password-grants version: '0.0.3' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAsArgHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAsArgHttpCall.yaml index b5c8b9d66..81375bd47 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAsArgHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordAsArgHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-secret-password-args version: '0.0.4' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordHttpCall.yaml index 323cfe280..383e84a5d 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcClientSecretPostPasswordHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: oauth2-authentication + name: oauth2-authentication-secret-password version: '0.0.12' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsHttpCall.yaml index 6ce4868ae..d3aa0c2e9 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-client-credentials version: '0.0.5' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsHttpCall.yaml index a47a8fd17..045310a79 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-client-credentials-params-endpoint version: '0.0.6' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsNoEndPointHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsNoEndPointHttpCall.yaml index 8cbcf10ce..9d269aaa6 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsNoEndPointHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONClientCredentialsParamsNoEndPointHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-client-credentials-params version: '0.0.7' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAllGrantsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAllGrantsHttpCall.yaml index 6e3c3b8a6..475c7e7b7 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAllGrantsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAllGrantsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-password-grants version: '0.0.8' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAsArgHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAsArgHttpCall.yaml index 9c48d1764..07f8bf2f2 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAsArgHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordAsArgHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-password-args version: '0.0.9' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordHttpCall.yaml index b34b4309e..90cac7a32 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-password-endpoint version: '0.0.10' do: - getPet: @@ -23,3 +23,4 @@ do: password: serverless-workflow-test issuers: - http://localhost:8888/realms/test-realm + diff --git a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordNoEndpointsHttpCall.yaml b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordNoEndpointsHttpCall.yaml index d100e2846..c7e9d0a07 100644 --- a/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordNoEndpointsHttpCall.yaml +++ b/impl/test/src/test/resources/workflows-samples/openidcJSONPasswordNoEndpointsHttpCall.yaml @@ -1,7 +1,7 @@ document: dsl: '1.0.0-alpha5' namespace: test - name: openid-authentication + name: openid-authentication-password version: '0.0.11' do: - getPet: diff --git a/impl/test/src/test/resources/workflows-samples/secret-expression.yaml b/impl/test/src/test/resources/workflows-samples/secret-expression.yaml index 95364b594..9abb1390d 100644 --- a/impl/test/src/test/resources/workflows-samples/secret-expression.yaml +++ b/impl/test/src/test/resources/workflows-samples/secret-expression.yaml @@ -3,7 +3,10 @@ document: namespace: test name: secret-expression version: '0.1.0' +use: + secrets: + - mySecret do: - useExpression: set: - superSecret: ${$secret.whoissuperman} \ No newline at end of file + superSecret: ${$secret.superman.name} \ No newline at end of file