diff --git a/devops/gcp/deploy/README.md b/devops/gcp/deploy/README.md
index 2a5bd9eb706efb783eca59f4439132f04d7cac69..d4b7e4721c63ccc32727aaf4d0ed6e2aac48a546 100644
--- a/devops/gcp/deploy/README.md
+++ b/devops/gcp/deploy/README.md
@@ -40,7 +40,6 @@ You need to set variables in **values.yaml** file using any code editor. Some of
**redisSearchHost** | Redis search host | string | `redis-search-master` | yes
**policyId** | policy id from ex `${POLICY_HOST}/api/policy/v1/policies` | string | `search` | yes
**securityHttpsCertificateTrust** | Elastic client connection uses TrustSelfSignedStrategy(), if it is `true` | bool | `true` | yes
-**googleAudiences** | Client ID of Google Cloud Credentials, ex `123-abc123.apps.googleusercontent.com` | string | - | yes
### Deployment variables
diff --git a/devops/gcp/deploy/templates/configmap.yaml b/devops/gcp/deploy/templates/configmap.yaml
index 4fb73a8c0e7f2b7312566ab9c022a7aae1860cf1..278e898c93a1a9faf534b1d9d895f6ab2652d663 100644
--- a/devops/gcp/deploy/templates/configmap.yaml
+++ b/devops/gcp/deploy/templates/configmap.yaml
@@ -16,6 +16,3 @@ data:
POLICY_HOST: {{ .Values.data.policyHost | quote }}
POLICY_ID: {{ .Values.data.policyId | quote }}
INDEXER_BASE_HOST: {{ .Values.data.indexerHost | quote }}
- {{- if not .Values.conf.onPremEnabled }}
- GOOGLE_AUDIENCES: {{ .Values.data.googleAudiences | quote }}
- {{- end }}
diff --git a/devops/gcp/deploy/values.yaml b/devops/gcp/deploy/values.yaml
index eb1f7de3f253ad2f5be5e45bc08d8b6c9df24d8e..4192e117867ac9d7e1924a5f4438163edd36d622 100644
--- a/devops/gcp/deploy/values.yaml
+++ b/devops/gcp/deploy/values.yaml
@@ -10,7 +10,6 @@ data:
indexerHost: "http://indexer"
policyId: "osdu.instance.search"
securityHttpsCertificateTrust: "true"
- googleAudiences: ""
# Deployments
requestsCpu: "0.1"
requestsMemory: "448M"
diff --git a/docs/api/search_openapi.yaml b/docs/api/search_openapi.yaml
index 2cfc22204657e5459e81a4c34f819c643b9d563e..8287c0c94415669742607aee5a394cd219374b22 100644
--- a/docs/api/search_openapi.yaml
+++ b/docs/api/search_openapi.yaml
@@ -381,7 +381,6 @@ securityDefinitions:
type: "oauth2"
x-google-issuer: "https://accounts.google.com"
x-google-jwks_uri: "https://www.googleapis.com/oauth2/v3/certs"
- x-google-audiences: "245464679631-ktfdfpl147m1mjpbutl00b3cmffissgq.apps.googleusercontent.com,245464679631-u44eh98vq4t2ajc2quc8b0kgojsmd3gp.apps.googleusercontent.com"
scopes: {}
#Security configuration or the portal
Bearer:
diff --git a/provider/search-gcp/docs/anthos/README.md b/provider/search-gcp/docs/anthos/README.md
index 016fdbedd11a08717168f5d12e5b59ce86b96f4e..34b6fe25d083cd06780c6a83e4e9caf036ccc098 100644
--- a/provider/search-gcp/docs/anthos/README.md
+++ b/provider/search-gcp/docs/anthos/README.md
@@ -28,7 +28,6 @@ Defined in default application property file but possible to override:
| `REDIS_SEARCH_PASSWORD` | ex `127.0.0.1` | Redis search host password | yes | |
| `REDIS_SEARCH_WITH_SSL` | ex `true` or `false` | Redis search host ssl config | no | |
| `REDIS_SEARCH_EXPIRATION` | ex `30` | Redis search cache expiration in seconds | no | |
-| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
| `SECURITY_HTTPS_CERTIFICATE_TRUST` | ex `false` | Elastic client connection uses TrustSelfSignedStrategy(), if it is 'true' | false | output of infrastructure deployment |
| `PARTITION_API` | ex `http://localhost:8080/api/partition/v1` | Partition service endpoint | no | output of infrastructure deployment |
diff --git a/provider/search-gcp/docs/gcp/README.md b/provider/search-gcp/docs/gcp/README.md
index 5f2166c98871f0fa2d0c354b5743f9fe220c3787..283dd87c28bb96f494d63d52eb2f9ba469d25202 100644
--- a/provider/search-gcp/docs/gcp/README.md
+++ b/provider/search-gcp/docs/gcp/README.md
@@ -9,7 +9,6 @@ Must have:
| name | value | description | sensitive? | source |
|----------------------------------------------|---------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------|---------------------------------------------------|
| `SPRING_PROFILES_ACTIVE` | ex `gcp` | Spring profile that activate default configuration for Google Cloud environment | false | - |
-| `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |
| `<ELASTICSEARCH_USER_ENV_VARIABLE_NAME>` | ex `user` | Elasticsearch user, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | yes | - |
| `<ELASTICSEARCH_PASSWORD_ENV_VARIABLE_NAME>` | ex `password` | Elasticsearch password, name of that variable not defined at the service level, the name will be received through partition service. Each tenant can have it's own ENV name value, and it must be present in ENV of Indexer service, see [Partition properties set](#Properties-set-in-Partition-service) | false | - |
@@ -124,7 +123,6 @@ You will need to have the following environment variables defined.
| `INDEXER_HOST` | ex `https://os-indexer-dot-opendes.appspot.com/api/indexer/v2/` | Indexer API endpoint | no | output of infrastructure deployment |
| `DATA_GROUP` | `opendes` | The service account to this group and substitute | no | - |
| `ENTITLEMENTS_DOMAIN` | ex `opendes-gcp.projects.com` | OSDU R2 to run tests under | no | - |
-| `INTEGRATION_TEST_AUDIENCE` | `********` | client application ID | yes | https://console.cloud.google.com/apis/credentials || `OTHER_RELEVANT_DATA_COUNTRIES` | ex `US` | a other relevant data countries (for LEGAL_TAG) | no | - |
| `DEFAULT_DATA_PARTITION_ID_TENANT1` | ex `opendes` | HTTP Header 'Data-Partition-ID' | no | - |
| `DEFAULT_DATA_PARTITION_ID_TENANT2` | ex `not-exist` | HTTP Header 'Data-Partition-ID' with not existing tenant | no | - |
| `SEARCH_INTEGRATION_TESTER` | `********` | Service account for API calls. Note: this user must have entitlements configured already | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
diff --git a/provider/search-gcp/pom.xml b/provider/search-gcp/pom.xml
index 5d4248be058a6599d74ffe942538c0934377b53e..bb902653be81fdb3bd673ab1c74b03926d2379ff 100644
--- a/provider/search-gcp/pom.xml
+++ b/provider/search-gcp/pom.xml
@@ -70,7 +70,7 @@
<dependency>
<groupId>org.opengroup.osdu</groupId>
<artifactId>core-lib-gcp</artifactId>
- <version>0.19.0-rc2</version>
+ <version>0.19.0-rc3</version>
</dependency>
<dependency>
<groupId>org.opengroup.osdu</groupId>
diff --git a/provider/search-gcp/src/main/resources/application.properties b/provider/search-gcp/src/main/resources/application.properties
index e74218d6fc65348f92b904a870174a8c84a178f8..02d6fbb896ddb02ac950166b4fe966e9e015443d 100644
--- a/provider/search-gcp/src/main/resources/application.properties
+++ b/provider/search-gcp/src/main/resources/application.properties
@@ -44,7 +44,6 @@ service.policy.enabled=true
service.policy.id=${POLICY_ID}
service.policy.endpoint=${POLICY_API}
-GOOGLE_AUDIENCES=apps.googleusercontent.com
ENTITLEMENTS_HOST=http://entitlements
ENTITLEMENTS_PATH=/api/entitlements/v2
diff --git a/search-core/app.yaml.tmpl b/search-core/app.yaml.tmpl
index 89d053fcd69c3577e1df1ac8f79a300f1c133319..0a7ac79723f0cc4176f5a7e28cd0ffd2c2b3a4c8 100644
--- a/search-core/app.yaml.tmpl
+++ b/search-core/app.yaml.tmpl
@@ -2,7 +2,6 @@
{{$gcloudProject := getenv "GCLOUD_PROJECT" -}}
{{$gcloudRedisHost := getenv "REDIS_SEARCH_HOST" -}}
{{$environment := getenv "ENVIRONMENT" -}}
-{{$googleAudiences := getenv "GOOGLE_AUDIENCES" -}}
{{$ccsDisabled := getenv "SMART_SEARCH_CCS_DISABLED" -}}
service: search
@@ -55,6 +54,5 @@ env_variables:
ELASTIC_DATASTORE_ID: "search-service"
REDIS_SEARCH_HOST: "{{$gcloudRedisHost}}"
ENVIRONMENT: {{$environment}}
- GOOGLE_AUDIENCES: {{$googleAudiences}}
INDEXER_HOST: "https://indexer-dot-{{$gcloudProject}}.appspot.com/api/indexer/v2/"
- SMART_SEARCH_CCS_DISABLED: {{$ccsDisabled}}
\ No newline at end of file
+ SMART_SEARCH_CCS_DISABLED: {{$ccsDisabled}}
diff --git a/search-core/src/main/java/org/opengroup/osdu/search/config/SearchConfigurationProperties.java b/search-core/src/main/java/org/opengroup/osdu/search/config/SearchConfigurationProperties.java
index a0591afffc3b8d7bba1819879632099188ddbe3d..d3e33bda2699d8d1a01e257c75517c9c6c482540 100644
--- a/search-core/src/main/java/org/opengroup/osdu/search/config/SearchConfigurationProperties.java
+++ b/search-core/src/main/java/org/opengroup/osdu/search/config/SearchConfigurationProperties.java
@@ -48,7 +48,6 @@ public class SearchConfigurationProperties {
private String storageRecordsBatchSize;
private String storageSchemaHost;
private String entitlementsHost;
- private String entitlementTargetAudience;
private String indexerQueueHost;
private String redisSearchHost;
private String redisSearchPort = "6379";
@@ -69,7 +68,6 @@ public class SearchConfigurationProperties {
private String gaeVersion;
private String googleCloudProject;
private String googleCloudProjectRegion;
- private String googleAudiences;
public DeploymentEnvironment getDeploymentEnvironment(){
return DeploymentEnvironment.valueOf(deploymentEnvironment);
diff --git a/testing/integration-tests/readme.md b/testing/integration-tests/readme.md
index 4066490e3e708a349da1a40dfacbb99167d35869..101076a9be9c50020c41773584abe8742491394b 100644
--- a/testing/integration-tests/readme.md
+++ b/testing/integration-tests/readme.md
@@ -27,7 +27,6 @@ limitations under the License.
5) Update **DEFAULT_SEARCH_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key
6) Update **DEFAULT_SEARCH_ON_BEHALF_INTEGRATION_TESTER** variable in Config file with base64 encoded value to service account json key (it will be used for slb-on-behalf-header)
7) Have credentials for Elastic Cluster and update **DEFAULT_ELASTIC_HOST**, **DEFAULT_ELASTIC_USER_NAME** and **DEFAULT_ELASTIC_PASSWORD**.
-8) Update **DEFAULT_TARGET_AUDIENCE** with the Google audience
Note:
1) Config (Config.java) file is present in com.slb.util package
diff --git a/testing/integration-tests/search-test-core/src/main/java/org/opengroup/osdu/util/Config.java b/testing/integration-tests/search-test-core/src/main/java/org/opengroup/osdu/util/Config.java
index b5efba56623bb4dd0e36bb08a754a372e061db1b..23f2320dbf87113f9a81d1a365dbd17d114dc823 100644
--- a/testing/integration-tests/search-test-core/src/main/java/org/opengroup/osdu/util/Config.java
+++ b/testing/integration-tests/search-test-core/src/main/java/org/opengroup/osdu/util/Config.java
@@ -16,8 +16,6 @@ public class Config {
private static final String DEFAULT_DATA_PARTITION_ID_TENANT2 = "";
private static final String DEFAULT_SEARCH_INTEGRATION_TESTER = "";
- private static final String DEFAULT_TARGET_AUDIENCE = "";
-
private static final String DEFAULT_LEGAL_TAG = "";
private static final String DEFAULT_OTHER_RELEVANT_DATA_COUNTRIES = "";
@@ -35,9 +33,6 @@ public class Config {
return getEnvironmentVariableOrDefaultValue("LEGAL_TAG", DEFAULT_LEGAL_TAG);
}
- public static String getTargetAudience() {
- return getEnvironmentVariableOrDefaultValue("INTEGRATION_TEST_AUDIENCE", DEFAULT_TARGET_AUDIENCE);
- }
public static String getKeyValue() {
return getEnvironmentVariableOrDefaultValue("SEARCH_INTEGRATION_TESTER", DEFAULT_SEARCH_INTEGRATION_TESTER);
diff --git a/testing/integration-tests/search-test-gcp/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java b/testing/integration-tests/search-test-gcp/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
index 7c13aaae6539701a93daf5793be42e12a2e9da3b..b5b1e70e6848b2cc01a105eaf7e4022c392f55de 100644
--- a/testing/integration-tests/search-test-gcp/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
+++ b/testing/integration-tests/search-test-gcp/src/test/java/org/opengroup/osdu/util/JwtTokenUtil.java
@@ -30,6 +30,7 @@ import java.util.List;
class JwtTokenUtil {
private static String accessToken;
+ public static final String DEFAULT_TARGET_AUDIENCE = "osdu";
static String getAccessToken() throws IOException {
@@ -67,7 +68,6 @@ class JwtTokenUtil {
private static String getJwt(String serviceAccountFile) throws IOException {
- String targetAudience = Config.getTargetAudience();
long currentTime = Clock.SYSTEM.currentTimeMillis();
InputStream stream = new ByteArrayInputStream(Base64.getDecoder().decode(serviceAccountFile));
@@ -83,7 +83,7 @@ class JwtTokenUtil {
payload.setExpirationTimeSeconds(currentTime / 1000 + 3600);
payload.setAudience("https://www.googleapis.com/oauth2/v4/token");
payload.setIssuer(credential.getServiceAccountId());
- payload.set("target_audience", targetAudience);
+ payload.set("target_audience", DEFAULT_TARGET_AUDIENCE);
JsonFactory jsonFactory = JacksonFactory.getDefaultInstance();
String signedJwt = null;