From d561a222ad0a3a9833a6e1a7a488f737656cd365 Mon Sep 17 00:00:00 2001
From: Rucha Deshpande <deshruch@amazon.com>
Date: Tue, 17 Nov 2020 15:44:53 -0600
Subject: [PATCH] Update os-core-lib-aws version

---
 provider/notification-aws/pom.xml             |  2 +-
 .../impl/ServiceAccountJwtAwsClientImpl.java  | 57 ++++++++++++++++++-
 testing/notification-test-aws/pom.xml         |  2 +-
 3 files changed, 57 insertions(+), 4 deletions(-)

diff --git a/provider/notification-aws/pom.xml b/provider/notification-aws/pom.xml
index 119ab9cb9..7b84df54c 100644
--- a/provider/notification-aws/pom.xml
+++ b/provider/notification-aws/pom.xml
@@ -50,7 +50,7 @@
         <dependency>
             <groupId>org.opengroup.osdu.core.aws</groupId>
             <artifactId>os-core-lib-aws</artifactId>
-            <version>0.3.12</version>
+            <version>0.3.13-SNAPSHOT</version>
         </dependency>
 
         <!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->
diff --git a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
index 04a2bd2dc..02e2b91e7 100644
--- a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
+++ b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
@@ -13,15 +13,25 @@
 package org.opengroup.osdu.notification.provider.aws.impl;
 
 
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagement;
+import com.amazonaws.services.simplesystemsmanagement.AWSSimpleSystemsManagementClientBuilder;
+import com.amazonaws.services.simplesystemsmanagement.model.GetParameterRequest;
+import com.amazonaws.services.simplesystemsmanagement.model.GetParameterResult;
+import com.amazonaws.services.simplesystemsmanagement.model.Parameter;
 import lombok.AccessLevel;
 import lombok.Getter;
 import lombok.Setter;
 
 import org.opengroup.osdu.core.aws.entitlements.ServicePrincipal;
+import org.opengroup.osdu.core.aws.iam.IAMConfig;
+import org.opengroup.osdu.core.aws.secrets.SecretsManager;
 import org.opengroup.osdu.core.common.util.IServiceAccountJwtClient;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 
+import javax.annotation.PostConstruct;
+
 
 @Component
 public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient {
@@ -46,12 +56,55 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
     public String environment;
 
 
+    @Value("${aws.tokenUrl}")
+    @Getter()
+    public String tokenUrl;
+
+    @Value("${aws.oauth.custom.scope}")
+    @Getter()
+    private String awsOauthCustomScope;
+
+
+
+    String client_credentials_secret;
+    String client_credentials_clientid;
+    ServicePrincipal sp;
+
 
+    private AWSCredentialsProvider amazonAWSCredentials;
+    private AWSSimpleSystemsManagement ssmManager;
+
+    @PostConstruct
+    public void init() {
+        if (ssmEnabled) {
+
+            SecretsManager sm = new SecretsManager();
+            sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
+
+            String client_credentials_client_id = "/osdu/" + environment + "/client-credentials-client-id";
+            String client_secret_key = "client_credentials_client_secret";
+            String client_secret_secretName = "/osdu/" + environment + "/client_credentials_secret";
+
+            amazonAWSCredentials = IAMConfig.amazonAWSCredentials();
+            ssmManager = AWSSimpleSystemsManagementClientBuilder.standard()
+                    .withCredentials(amazonAWSCredentials)
+                    .withRegion(amazonRegion)
+                    .build();
+
+            GetParameterRequest paramRequest = new GetParameterRequest()
+                    .withName(client_credentials_client_id)
+                    .withWithDecryption(true);
+            GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
+            Parameter paramsResult = paramResult.getParameter();
+            client_credentials_clientid = paramsResult.getValue();
+            client_credentials_secret = sm.getSecret(client_secret_secretName,amazonRegion,client_secret_key);
+
+        }
+    }
 
     @Override
     public String getIdToken(String s) {
-        ServicePrincipal sp = new ServicePrincipal(amazonRegion,environment);
-        String token=  sp.getServicePrincipalAccessToken();
+        String token=  sp.getServicePrincipalAccessToken(client_credentials_clientid,client_credentials_secret);
         return token;
     }
 
diff --git a/testing/notification-test-aws/pom.xml b/testing/notification-test-aws/pom.xml
index 3743b6537..ae675c474 100644
--- a/testing/notification-test-aws/pom.xml
+++ b/testing/notification-test-aws/pom.xml
@@ -44,7 +44,7 @@
         <dependency>
             <groupId>org.opengroup.osdu.core.aws</groupId>
             <artifactId>os-core-lib-aws</artifactId>
-            <version>0.3.12</version>
+            <version>0.3.13-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>com.amazonaws</groupId>
-- 
GitLab