Commit e280e893 authored by Wyatt Nielsen's avatar Wyatt Nielsen Committed by Rucha Deshpande
Browse files

Pull Oauth parameters from SSM

commit 32f087e7
Author: Wyatt Nielsen <wyatt.nielsen@parivedasolutions.com>
Date: Mon Dec 14 2020 20:47:39 GMT-0600 (Central Standard Time)

    Pull oAuth parameters from SSM

commit eaa5d629
Author: Wyatt Nielsen <wyatt.nielsen@parivedasolutions.com>
Date: Wed Dec 09 2020 17:05:15 GMT-0600 (Central Standard Time)

    Pull oAuth parameters from SSM
parent 5431b207
Pipeline #19364 failed with stages
in 64 minutes and 30 seconds
......@@ -50,7 +50,7 @@
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
<version>0.3.13</version>
<version>0.3.14</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->
......
......@@ -55,17 +55,8 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
@Setter(AccessLevel.PROTECTED)
public String environment;
@Value("${aws.tokenUrl}")
@Getter()
public String tokenUrl;
@Value("${aws.oauth.custom.scope}")
@Getter()
private String awsOauthCustomScope;
String client_credentials_secret;
String client_credentials_clientid;
ServicePrincipal sp;
......@@ -79,7 +70,9 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
if (ssmEnabled) {
SecretsManager sm = new SecretsManager();
sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
String oauth_token_url = "/osdu/" + environment + "/oauth-token-uri";
String oauth_custom_scope = "/osdu/" + environment + "/oauth-custom-scope";
String client_credentials_client_id = "/osdu/" + environment + "/client-credentials-client-id";
String client_secret_key = "client_credentials_client_secret";
......@@ -91,14 +84,16 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
.withRegion(amazonRegion)
.build();
GetParameterRequest paramRequest = new GetParameterRequest()
.withName(client_credentials_client_id)
.withWithDecryption(true);
GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
Parameter paramsResult = paramResult.getParameter();
client_credentials_clientid = paramsResult.getValue();
client_credentials_clientid = getSsmParameter(client_credentials_client_id);
client_credentials_secret = sm.getSecret(client_secret_secretName,amazonRegion,client_secret_key);
String tokenUrl = getSsmParameter(oauth_token_url);
awsOauthCustomScope = getSsmParameter(oauth_custom_scope);
sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
}
}
......@@ -108,5 +103,11 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
return token;
}
private String getSsmParameter(String parameterKey) {
GetParameterRequest paramRequest = (new GetParameterRequest()).withName(parameterKey).withWithDecryption(true);
GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
return paramResult.getParameter().getValue();
}
}
......@@ -28,8 +28,6 @@ aws.region=${AWS_REGION}
aws.dynamodb.table.prefix=${RESOURCE_PREFIX}-
aws.dynamodb.endpoint=dynamodb.${AWS_REGION}.amazonaws.com
aws.tokenUrl=${OAUTH_TOKEN_URL}
aws.oauth.custom.scope=${OAUTH_CUSTOM_SCOPE}
app.expireTime=300
app.maxCacheSize=10
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment