fix: Improve redis configuration for users (#1589)

* WIP fields changed for config

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* WIP parse sentinel uri

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Finish credentials parsing

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Cleanup config

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Update example config

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Fix application.yml back to inMemory by default

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Fix unit tests

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Cleanup config file

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Use new configuration structure in github actions

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Cleanup old params in cs application.yml

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Set ssl to enabled by default

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Update github workflow for ssl defaulting to enabled

Signed-off-by: Carson Cook <carson.cook@ibm.com>

* Clean redis configuration unit test

Signed-off-by: Carson Cook <carson.cook@ibm.com>

Author: CarsonCook

.github/workflows/containers.yml

@@ -452,15 +452,8 @@ jobs:
                 image: ghcr.io/balhar-jakub/caching-service:${{ github.event.pull_request.number || 'latest' }}
                 env:
                     ZWE_CACHING_SERVICE_PERSISTENT: 'redis'
-                    CACHING_STORAGE_REDIS_HOST: 'localhost'
-                    CACHING_STORAGE_REDIS_PORT: 6379
-                    CACHING_STORAGE_REDIS_USERNAME: 'default'
-                    CACHING_STORAGE_REDIS_PASSWORD: 'heslo'
+                    CACHING_STORAGE_REDIS_MASTERNODEURI: 'default:heslo@localhost:6379'
                     CACHING_STORAGE_REDIS_SSL_ENABLED: true
-                    CACHING_STORAGE_REDIS_SSL_KEYSTORE: keystore/localhost/localhost.keystore.p12
-                    CACHING_STORAGE_REDIS_SSL_KEYSTOREPASSWORD: password
-                    CACHING_STORAGE_REDIS_SSL_TRUSTSTORE: keystore/localhost/localhost.truststore.p12
-                    CACHING_STORAGE_REDIS_SSL_TRUSTSTOREPASSWORD: password
             discoverable-client:
                 image: ghcr.io/balhar-jakub/discoverable-client:${{ github.event.pull_request.number || 'latest' }}
             discovery-service:
@@ -545,10 +538,8 @@ jobs:
                 image: ghcr.io/balhar-jakub/caching-service:${{ github.event.pull_request.number || 'latest' }}
                 env:
                     ZWE_CACHING_SERVICE_PERSISTENT: 'redis'
-                    CACHING_STORAGE_REDIS_HOST: 'localhost'
-                    CACHING_STORAGE_REDIS_PORT: 6379
-                    CACHING_STORAGE_REDIS_USERNAME: 'default'
-                    CACHING_STORAGE_REDIS_PASSWORD: 'heslo'
+                    CACHING_STORAGE_REDIS_MASTERNODEURI: 'default:heslo@localhost:6379'
+                    CACHING_STORAGE_REDIS_SSL_ENABLED: false
                     VERIFY_CERTIFICATES: false
             discoverable-client:
                 image: ghcr.io/balhar-jakub/discoverable-client:${{ github.event.pull_request.number || 'latest' }}

caching-service/src/main/java/org/zowe/apiml/caching/service/redis/config/RedisConfig.java

@@ -15,24 +15,43 @@
 import org.springframework.context.annotation.Configuration;
 import org.zowe.apiml.caching.config.GeneralConfig;
 
+import javax.annotation.PostConstruct;
 import java.util.List;
 
 @Data
 @Configuration
 @ConfigurationProperties(value = "caching.storage.redis")
 @RequiredArgsConstructor
 public class RedisConfig {
-    private final GeneralConfig generalConfig;
+    private static final int DEFAULT_PORT = 6379;
+    private static final String DEFAULT_USER = "default";
+    private static final String DEFAULT_PASSWORD = "";
+
+    private static final String AUTHENTICATION_SEPARATOR = "@";
+    private static final String PORT_SEPARATOR = ":";
+    private static final String CREDENTIALS_SEPARATOR = ":";
 
-    private String host;
-    private Integer port = 6379;
     private Integer timeout = 60;
-    private String username = "default";
-    private String password = "";
+    private String masterNodeUri;
 
+    private final GeneralConfig generalConfig;
+    private String host;
+    private Integer port = DEFAULT_PORT;
+    private String username = DEFAULT_USER;
+    private String password = DEFAULT_PASSWORD;
     private Sentinel sentinel;
     private SslConfig ssl;
 
+    @PostConstruct
+    public void init() {
+        NodeUriCredentials credentials = parseCredentialsFromUri(masterNodeUri);
+
+        username = credentials.getUsername();
+        password = credentials.getPassword();
+        port = parsePortFromUri(masterNodeUri);
+        host = parseHostFromUri(masterNodeUri);
+    }
+
     public boolean usesSentinel() {
         return sentinel != null;
     }
@@ -43,23 +62,99 @@ public boolean usesSsl() {
 
     @Data
     public static class Sentinel {
-        private String master;
+        private String masterInstance;
         private List<SentinelNode> nodes;
 
         @Data
         public static class SentinelNode {
             private String host;
             private Integer port;
             private String password;
+
+            public SentinelNode(String nodeUri) {
+                NodeUriCredentials credentials = parseCredentialsFromUri(nodeUri);
+                password = credentials.getPassword();
+
+                host = parseHostFromUri(nodeUri);
+                port = parsePortFromUri(nodeUri);
+            }
         }
     }
 
     @Data
     public static class SslConfig {
-        private Boolean enabled = false;
+        private Boolean enabled = true;
         private String keyStore;
         private String keyStorePassword;
         private String trustStore;
         private String trustStorePassword;
     }
+
+    private static boolean uriContainsCredentials(String nodeUri) {
+        return nodeUri.contains(AUTHENTICATION_SEPARATOR);
+    }
+
+    private static boolean uriContainsPort(String nodeUri) {
+        if (uriContainsCredentials(nodeUri)) {
+            return nodeUri.substring(nodeUri.indexOf(AUTHENTICATION_SEPARATOR) + 1).contains(PORT_SEPARATOR);
+        } else {
+            return nodeUri.contains(PORT_SEPARATOR);
+        }
+    }
+
+    private static NodeUriCredentials parseCredentialsFromUri(String nodeUri) {
+        if (!uriContainsCredentials(nodeUri)) {
+            return new NodeUriCredentials(DEFAULT_USER, DEFAULT_PASSWORD);
+        }
+
+        String credentials = nodeUri.substring(0, nodeUri.indexOf(AUTHENTICATION_SEPARATOR));
+
+        if (credentials.contains(CREDENTIALS_SEPARATOR)) {
+            // password and username provided
+            String[] splitCredentials = credentials.split(CREDENTIALS_SEPARATOR);
+            return new NodeUriCredentials(splitCredentials[0], splitCredentials[1]);
+        } else {
+            // only password provided
+            return new NodeUriCredentials(DEFAULT_USER, credentials);
+        }
+    }
+
+    private static String parseHostFromUri(String nodeUri) {
+        if (uriContainsCredentials(nodeUri)) {
+            if (uriContainsPort(nodeUri)) {
+                String hostAndPort = nodeUri.substring(nodeUri.indexOf(AUTHENTICATION_SEPARATOR) + 1);
+                return hostAndPort.substring(0, hostAndPort.indexOf(PORT_SEPARATOR));
+            } else {
+                return nodeUri.substring(nodeUri.indexOf(AUTHENTICATION_SEPARATOR) + 1);
+            }
+        } else if (uriContainsPort(nodeUri)) {
+            return nodeUri.substring(0, nodeUri.indexOf(PORT_SEPARATOR));
+        } else {
+            return nodeUri;
+        }
+    }
+
+    private static int parsePortFromUri(String nodeUri) {
+        if (!uriContainsPort(nodeUri)) {
+            return DEFAULT_PORT;
+        }
+
+        if (uriContainsCredentials(nodeUri)) {
+            String hostAndPort = nodeUri.substring(nodeUri.indexOf(AUTHENTICATION_SEPARATOR) + 1);
+            return Integer.parseInt(hostAndPort.substring(hostAndPort.indexOf(PORT_SEPARATOR) + 1));
+        } else {
+            return Integer.parseInt(nodeUri.substring(nodeUri.indexOf(PORT_SEPARATOR) + 1));
+        }
+    }
+
+    @Data
+    private static class NodeUriCredentials {
+        private String username;
+        private String password;
+
+        public NodeUriCredentials(String username, String password) {
+            this.username = username;
+            this.password = password;
+        }
+    }
 }

caching-service/src/main/java/org/zowe/apiml/caching/service/redis/config/RedisConfiguration.java

@@ -55,7 +55,7 @@ RedisURI createRedisUri() {
 
         if (redisConfig.usesSentinel()) {
             RedisConfig.Sentinel sentinelConfig = redisConfig.getSentinel();
-            uriBuilder.withSentinelMasterId(sentinelConfig.getMaster());
+            uriBuilder.withSentinelMasterId(sentinelConfig.getMasterInstance());
 
             for (RedisConfig.Sentinel.SentinelNode sentinelNode : sentinelConfig.getNodes()) {
                 uriBuilder.withSentinel(sentinelNode.getHost(), sentinelNode.getPort(), sentinelNode.getPassword());

caching-service/src/main/resources/application.yml

@@ -1,3 +1,22 @@
+caching:
+    storage:
+        mode: inMemory
+        redis:
+            timeout: 60
+            masterNodeUri: default:heslo@localhost:6379
+            ssl:
+                enabled: true
+                keyStore: ${server.ssl.keyStore}
+                keyStorePassword: ${server.ssl.keyStorePassword}
+                trustStore: ${server.ssl.trustStore}
+                trustStorePassword: ${server.ssl.trustStorePassword}
+            sentinel:
+                masterInstance: redismaster
+                nodes:
+                    - sentinelpassword@localhost:26379
+                    - sentinelpassword@localhost:26380
+                    - sentinelpassword@localhost:26381
+
 logging:
     level:
         ROOT: WARN

caching-service/src/test/java/org/zowe/apiml/caching/service/redis/config/RedisConfigTest.java

@@ -14,11 +14,15 @@
 import org.junit.jupiter.api.Test;
 import org.zowe.apiml.caching.config.GeneralConfig;
 
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
+import static org.junit.jupiter.api.Assertions.*;
 import static org.mockito.Mockito.mock;
 
 class RedisConfigTest {
+    private static final int PORT = 1234;
+    private static final String HOST = "host";
+    private static final String USER = "user";
+    private static final String PASSWORD = "pass";
+
     private RedisConfig underTest;
 
     @BeforeEach
@@ -41,6 +45,104 @@ void givenValidSentinel_thenReturnTrue() {
         }
     }
 
+    @Nested
+    class WhenParseUri {
+        @Nested
+        class WhenParseMasterUriCredentials {
+            @Test
+            void givenUsernameAndPassword_thenUseBoth() {
+                String uri = String.format("%s:%s@%s", USER, PASSWORD, HOST);
+                underTest.setMasterNodeUri(uri);
+                underTest.init();
+
+                assertEquals(USER, underTest.getUsername());
+                assertEquals(PASSWORD, underTest.getPassword());
+            }
+
+            @Test
+            void givenOnlyPassword_thenUseGivenPasswordAndDefaultUsername() {
+                String uri = String.format("%s@%s", PASSWORD, HOST);
+                underTest.setMasterNodeUri(uri);
+                underTest.init();
+
+                assertEquals("default", underTest.getUsername());
+                assertEquals(PASSWORD, underTest.getPassword());
+            }
+
+            @Test
+            void givenNoUsernameOrPassword_thenUseDefaultUsernameAndNoPassword() {
+                underTest.setMasterNodeUri(HOST);
+                underTest.init();
+
+                assertEquals("default", underTest.getUsername());
+                assertEquals("", underTest.getPassword());
+            }
+        }
+
+        @Nested
+        class WhenParseSentinelUriCredentials {
+            @Test
+            void givenPassword_thenSetPassword() {
+                String uri = String.format("%s@%s", PASSWORD, HOST);
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(uri);
+                assertEquals(PASSWORD, node.getPassword());
+            }
+
+            @Test
+            void givenNoPassword_thenNoPassword() {
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(HOST);
+                assertEquals("", node.getPassword());
+            }
+        }
+
+        @Nested
+        class WhenParsePort {
+            @Test
+            void givenPort_thenSetPort() {
+                String uri = String.format("%s:%d", HOST, PORT);
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(uri);
+                assertEquals(PORT, node.getPort());
+            }
+
+            @Test
+            void givenNoPort_thenUseDefaultPort() {
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(HOST);
+                assertEquals(6379, node.getPort());
+            }
+        }
+
+        @Nested
+        class WhenParseHost_ThenSetHost {
+
+            @Test
+            void givenUsernameAndPasswordAndNoPort() {
+                String uri = String.format("%s:%s@%s", USER, PASSWORD, HOST);
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(uri);
+                assertEquals(HOST, node.getHost());
+            }
+
+            @Test
+            void givenUsernameAndPasswordAndPort() {
+                String uri = String.format("%s:%s@%s:%d", USER, PASSWORD, HOST, PORT);
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(uri);
+                assertEquals(HOST, node.getHost());
+            }
+
+            @Test
+            void givenNoCredentialsAndPort() {
+                String uri = String.format("%s:%d", HOST, PORT);
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(uri);
+                assertEquals(HOST, node.getHost());
+            }
+
+            @Test
+            void givenNoCredentialsAndNoPort() {
+                RedisConfig.Sentinel.SentinelNode node = new RedisConfig.Sentinel.SentinelNode(HOST);
+                assertEquals(HOST, node.getHost());
+            }
+        }
+    }
+
     @Nested
     class WhenCheckForSsl {
         @Test
@@ -50,16 +152,16 @@ void givenNullSslConfig_thenReturnFalse() {
 
         @Test
         void givenSslNotEnabled_thenReturnFalse() {
-            underTest.setSsl(new RedisConfig.SslConfig());
+            RedisConfig.SslConfig sslConfig = new RedisConfig.SslConfig();
+            sslConfig.setEnabled(false);
+            underTest.setSsl(sslConfig);
+
             assertFalse(underTest.usesSsl());
         }
 
         @Test
         void givenEnabledSsl_thenReturnTrue() {
-            RedisConfig.SslConfig sslConfig = new RedisConfig.SslConfig();
-            sslConfig.setEnabled(true);
-            underTest.setSsl(sslConfig);
-
+            underTest.setSsl(new RedisConfig.SslConfig());
             assertTrue(underTest.usesSsl());
         }
     }

caching-service/src/test/java/org/zowe/apiml/caching/service/redis/config/RedisConfigurationTest.java

@@ -82,7 +82,7 @@ class WhenCreatingUriWithSentinel {
         @BeforeEach
         void useSentinel() {
             sentinelConfig = mock(RedisConfig.Sentinel.class);
-            when(sentinelConfig.getMaster()).thenReturn(MASTER);
+            when(sentinelConfig.getMasterInstance()).thenReturn(MASTER);
 
             when(redisConfig.usesSentinel()).thenReturn(true);
             when(redisConfig.getSentinel()).thenReturn(sentinelConfig);
@@ -103,14 +103,15 @@ void givenSentinelNodes_thenReturnRedisUri() {
             String password1 = "password1";
             String password2 = "password2";
 
-            RedisConfig.Sentinel.SentinelNode node1 = new RedisConfig.Sentinel.SentinelNode();
-            node1.setHost(ip1);
-            node1.setPort(port1);
-            node1.setPassword(password1);
-            RedisConfig.Sentinel.SentinelNode node2 = new RedisConfig.Sentinel.SentinelNode();
-            node2.setHost(ip2);
-            node2.setPort(port2);
-            node2.setPassword(password2);
+            RedisConfig.Sentinel.SentinelNode node1 = mock(RedisConfig.Sentinel.SentinelNode.class);
+            when(node1.getHost()).thenReturn(ip1);
+            when(node1.getPort()).thenReturn(port1);
+            when(node1.getPassword()).thenReturn(password1);
+
+            RedisConfig.Sentinel.SentinelNode node2 = mock(RedisConfig.Sentinel.SentinelNode.class);
+            when(node2.getHost()).thenReturn(ip2);
+            when(node2.getPort()).thenReturn(port2);
+            when(node2.getPassword()).thenReturn(password2);
 
             List<RedisConfig.Sentinel.SentinelNode> nodesList = new ArrayList<>();
             nodesList.add(node1);