diff --git a/provider/notification-aws/pom.xml b/provider/notification-aws/pom.xml
index 19bd5d784d520289da5d5a12dc1c49c21fff360c..a43af444ac5934edfe4c99008b3021e123455bab 100644
--- a/provider/notification-aws/pom.xml
+++ b/provider/notification-aws/pom.xml
@@ -50,7 +50,7 @@
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
- <version>0.3.13</version>
+ <version>0.3.14</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->
diff --git a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
index 02e2b91e7f64abc56a6ecafa648183337e4fe2df..325b629c5b2f84b00c3bff2b3c706e62be273ac7 100644
--- a/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
+++ b/provider/notification-aws/src/main/java/org/opengroup/osdu/notification/provider/aws/impl/ServiceAccountJwtAwsClientImpl.java
@@ -55,17 +55,8 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
@Setter(AccessLevel.PROTECTED)
public String environment;
-
- @Value("${aws.tokenUrl}")
- @Getter()
- public String tokenUrl;
-
- @Value("${aws.oauth.custom.scope}")
- @Getter()
private String awsOauthCustomScope;
-
-
String client_credentials_secret;
String client_credentials_clientid;
ServicePrincipal sp;
@@ -79,7 +70,9 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
if (ssmEnabled) {
SecretsManager sm = new SecretsManager();
- sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
+
+ String oauth_token_url = "/osdu/" + environment + "/oauth-token-uri";
+ String oauth_custom_scope = "/osdu/" + environment + "/oauth-custom-scope";
String client_credentials_client_id = "/osdu/" + environment + "/client-credentials-client-id";
String client_secret_key = "client_credentials_client_secret";
@@ -91,14 +84,16 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
.withRegion(amazonRegion)
.build();
- GetParameterRequest paramRequest = new GetParameterRequest()
- .withName(client_credentials_client_id)
- .withWithDecryption(true);
- GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
- Parameter paramsResult = paramResult.getParameter();
- client_credentials_clientid = paramsResult.getValue();
+ client_credentials_clientid = getSsmParameter(client_credentials_client_id);
+
client_credentials_secret = sm.getSecret(client_secret_secretName,amazonRegion,client_secret_key);
+ String tokenUrl = getSsmParameter(oauth_token_url);
+
+ awsOauthCustomScope = getSsmParameter(oauth_custom_scope);
+
+ sp = new ServicePrincipal(amazonRegion,environment,tokenUrl,awsOauthCustomScope);
+
}
}
@@ -108,5 +103,11 @@ public class ServiceAccountJwtAwsClientImpl implements IServiceAccountJwtClient
return token;
}
+ private String getSsmParameter(String parameterKey) {
+ GetParameterRequest paramRequest = (new GetParameterRequest()).withName(parameterKey).withWithDecryption(true);
+ GetParameterResult paramResult = ssmManager.getParameter(paramRequest);
+ return paramResult.getParameter().getValue();
+ }
+
}
diff --git a/provider/notification-aws/src/main/resources/application.properties b/provider/notification-aws/src/main/resources/application.properties
index cfccbdec8a2adc65bd8952cdb11bfcfc86fc6813..0b12d5c287e9d86b07868c5122941b86f6c9b888 100644
--- a/provider/notification-aws/src/main/resources/application.properties
+++ b/provider/notification-aws/src/main/resources/application.properties
@@ -28,8 +28,6 @@ aws.region=${AWS_REGION}
aws.dynamodb.table.prefix=${RESOURCE_PREFIX}-
aws.dynamodb.endpoint=dynamodb.${AWS_REGION}.amazonaws.com
-aws.tokenUrl=${OAUTH_TOKEN_URL}
-aws.oauth.custom.scope=${OAUTH_CUSTOM_SCOPE}
app.expireTime=300
app.maxCacheSize=10