Skip to content

Commit

Permalink
backport fix
Browse files Browse the repository at this point in the history
  • Loading branch information
trentjeff committed Sep 12, 2023
1 parent 7a7ac64 commit a149c20
Show file tree
Hide file tree
Showing 4 changed files with 78 additions and 20 deletions.
6 changes: 6 additions & 0 deletions integrations/oci/sdk/runtime/etc/spotbugs/exclude.xml
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,10 @@
<Bug pattern="PATH_TRAVERSAL_IN"/>
</Match>

<Match>
<!-- Path comes from config or code -->
<Class name="io.helidon.integrations.oci.sdk.runtime.OciExtension"/>
<Bug pattern="PATH_TRAVERSAL_IN"/>
</Match>

</FindBugsFilter>
Original file line number Diff line number Diff line change
Expand Up @@ -59,10 +59,10 @@ class OciAuthenticationDetailsProvider implements Provider<AbstractAuthenticatio
static final String VAL_RESOURCE_PRINCIPAL = "resource-principal";

// order is important here - see the tests and the docs
static final List<String> ALL_STRATEGIES = List.of(VAL_INSTANCE_PRINCIPALS,
VAL_RESOURCE_PRINCIPAL,
VAL_CONFIG,
VAL_CONFIG_FILE);
static final List<String> ALL_STRATEGIES = List.of(VAL_CONFIG,
VAL_CONFIG_FILE,
VAL_INSTANCE_PRINCIPALS,
VAL_RESOURCE_PRINCIPAL);

OciAuthenticationDetailsProvider() {
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@

package io.helidon.integrations.oci.sdk.runtime;

import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.Arrays;
import java.util.Objects;
import java.util.function.Supplier;
Expand Down Expand Up @@ -46,6 +49,9 @@
* target="_top">Oracle Cloud Infrastructure Java SDK</a>
*/
public final class OciExtension {
/**
* The name for the OCI bootstrap configuration file (value = {@value}).
*/
static final String DEFAULT_OCI_GLOBAL_CONFIG_FILE = "oci.yaml";
static final System.Logger LOGGER = System.getLogger(OciExtension.class.getName());
static final LazyValue<OciConfig> DEFAULT_OCI_CONFIG_BEAN = LazyValue.create(() -> OciConfig.builder()
Expand All @@ -56,6 +62,7 @@ public final class OciExtension {
.build());
private static String overrideOciConfigFile;
private static volatile Supplier<Config> ociConfigSupplier;
private static volatile Supplier<Config> fallbackConfigSupplier;

private OciExtension() {
}
Expand Down Expand Up @@ -114,32 +121,56 @@ public static Supplier<? extends AbstractAuthenticationDetailsProvider> ociAuthe
* The supplier for the raw config-backed by the OCI config source(s).
*
* @return the supplier for the raw config-backed by the OCI config source(s)
* @see #ociAuthenticationProvider()
* @see #configSupplier(Supplier)
* @see #fallbackConfigSupplier(Supplier)
* @see #ociAuthenticationProvider()
*/
public static Supplier<Config> configSupplier() {
if (ociConfigSupplier == null) {
configSupplier(() -> {
// we do it this way to allow for any system and env vars to be used for the auth-strategy definition
// (not advertised in the javadoc)
String ociConfigFile = ociConfigFilename();
return Config.create(
ConfigSources.classpath(ociConfigFile).optional(),
ConfigSources.file(ociConfigFile).optional());
});
if (ociConfigSupplier != null) {
return ociConfigSupplier;
}

String ociConfigFile = ociConfigFilename();
Path ociConfigFilePath = Paths.get(ociConfigFilename());
boolean ociConfigResourceExists = (OciExtension.class.getClassLoader().getResource(ociConfigFile) != null);
if (fallbackConfigSupplier != null
&& !(ociConfigResourceExists || Files.exists(ociConfigFilePath))) {
return fallbackConfigSupplier;
}

configSupplier(() -> {
// we do it this way to allow for any system and env vars to be used for the auth-strategy definition
// (not advertised in the javadoc)
return Config.create(
ConfigSources.classpath(ociConfigFile).optional(),
ConfigSources.file(ociConfigFilePath).optional());
});

return ociConfigSupplier;
}

/**
* Establishes the supplier for the raw config-backed by the OCI config source(s).
* Establishes the supplier for the raw config-backed by the OCI config source(s). Setting this will override the usage of
* the {@link #DEFAULT_OCI_GLOBAL_CONFIG_FILE} as the backing configuration file.
*
* @param configSupplier the config supplier
* @see #configSupplier()
*/
public static void configSupplier(Supplier<Config> configSupplier) {
ociConfigSupplier = configSupplier;
ociConfigSupplier = Objects.requireNonNull(configSupplier, "configSupplier");
}

/**
* Establishes the fallback config supplier used only when the {@link #DEFAULT_OCI_GLOBAL_CONFIG_FILE} is not physically
* present, and there has been no config supplier explicitly established via {@link #configSupplier(Supplier)}.
* <p>
* This method is typically used when running in CDI in order to allow for the fallback of using microprofile configuration.
*
* @param configSupplier the fallback config supplier
* @see #configSupplier()
*/
public static void fallbackConfigSupplier(Supplier<Config> configSupplier) {
fallbackConfigSupplier = Objects.requireNonNull(configSupplier, "configSupplier");
}

/**
Expand All @@ -159,6 +190,7 @@ static boolean isSufficientlyConfigured(Config config) {
static void ociConfigFileName(String fileName) {
overrideOciConfigFile = fileName;
ociConfigSupplier = null;
fallbackConfigSupplier = null;
}

// in support for testing a variant of oci.yaml
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
import com.oracle.bmc.auth.AbstractAuthenticationDetailsProvider;
import com.oracle.bmc.auth.ConfigFileAuthenticationDetailsProvider;
import com.oracle.bmc.auth.ResourcePrincipalAuthenticationDetailsProvider;
import com.oracle.bmc.auth.SimpleAuthenticationDetailsProvider;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Test;

Expand Down Expand Up @@ -66,19 +67,19 @@ void potentialAuthStrategies() {
.get(OciConfig.CONFIG_KEY);
OciConfig cfg = OciConfig.create(config);
assertThat(cfg.potentialAuthStrategies(),
contains("instance-principals", "resource-principal", "config", "config-file"));
contains("config", "config-file", "instance-principals", "resource-principal"));

config = createTestConfig(ociAuthConfigStrategies("auto"))
.get(OciConfig.CONFIG_KEY);
cfg = OciConfig.create(config);
assertThat(cfg.potentialAuthStrategies(),
contains("instance-principals", "resource-principal", "config", "config-file"));
contains("config", "config-file", "instance-principals", "resource-principal"));

config = createTestConfig(ociAuthConfigStrategies(null, "instance-principals", "auto"))
.get(OciConfig.CONFIG_KEY);
cfg = OciConfig.create(config);
assertThat(cfg.potentialAuthStrategies(),
contains("instance-principals", "resource-principal", "config", "config-file"));
contains("config", "config-file", "instance-principals", "resource-principal"));

config = createTestConfig(ociAuthConfigStrategies(null, "instance-principals", "resource-principal"))
.get(OciConfig.CONFIG_KEY);
Expand Down Expand Up @@ -108,7 +109,7 @@ void potentialAuthStrategies() {
.get(OciConfig.CONFIG_KEY);
cfg = OciConfig.create(config);
assertThat(cfg.potentialAuthStrategies(),
contains("instance-principals", "resource-principal", "config", "config-file"));
contains("config", "config-file", "instance-principals", "resource-principal"));
}

@Test
Expand Down Expand Up @@ -272,6 +273,25 @@ void ociRawConfigShouldBeCached() {
"The oci configuration from the config source should be cached");
}

@Test
void fallbackConfigSupplier() {
Config fallbackCfg = Config.just(
ConfigSources.create(
Map.of("oci.auth", "config"),
"test-fallback-cfg"));
OciExtension.fallbackConfigSupplier(() -> fallbackCfg);

assertThat("when there is no oci.yaml present then we should be looking at the fallback config",
OciExtension.configuredAuthenticationDetailsProvider(false),
equalTo(SimpleAuthenticationDetailsProvider.class));

OciExtension.ociConfigFileName("test-oci-resource-principal.yaml");
OciExtension.fallbackConfigSupplier(() -> fallbackCfg);
assertThat("when there is an oci.yaml present then we should NOT be looking at the fallback config",
OciExtension.configuredAuthenticationDetailsProvider(false),
equalTo(ResourcePrincipalAuthenticationDetailsProvider.class));
}

static Config createTestConfig(MapConfigSource.Builder... builders) {
return Config.builder(builders)
.disableEnvironmentVariablesSource()
Expand Down

0 comments on commit a149c20

Please sign in to comment.