[nifi] branch main updated: NIFI-11912 Added Proxy support to StandardOauth2AccessTokenProvider

exceptionfactory Wed, 23 Aug 2023 14:24:10 -0700

This is an automated email from the ASF dual-hosted git repository.

exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git



The following commit(s) were added to refs/heads/main by this push:
     new e9b62f7b83 NIFI-11912 Added Proxy support to 
StandardOauth2AccessTokenProvider
e9b62f7b83 is described below

commit e9b62f7b835569e2ee29e00aa897a3fb2ccf2688
Author: Nandor Soma Abonyi <[email protected]>
AuthorDate: Sat Aug 5 01:33:04 2023 +0200

    NIFI-11912 Added Proxy support to StandardOauth2AccessTokenProvider
    
    This closes #7609
    
    Signed-off-by: David Handermann <[email protected]>
---
 .../nifi-oauth2-provider-service/pom.xml           |  5 +++++
 .../oauth2/StandardOauth2AccessTokenProvider.java  | 25 +++++++++++++++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)

diff --git 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/pom.xml
 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/pom.xml
index 75c5ff63fc..805c0b0afc 100644
--- 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/pom.xml
+++ 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/pom.xml
@@ -35,6 +35,11 @@
             <artifactId>nifi-api</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>org.apache.nifi</groupId>
+            <artifactId>nifi-proxy-configuration-api</artifactId>
+            <scope>provided</scope>
+        </dependency>
         <dependency>
             <groupId>org.apache.nifi</groupId>
             <artifactId>nifi-utils</artifactId>
diff --git 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
index 3062e887ad..599bab079a 100644
--- 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
+++ 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
@@ -42,12 +42,15 @@ import org.apache.nifi.expression.ExpressionLanguageScope;
 import org.apache.nifi.logging.ComponentLog;
 import org.apache.nifi.processor.exception.ProcessException;
 import org.apache.nifi.processor.util.StandardValidators;
+import org.apache.nifi.proxy.ProxyConfiguration;
+import org.apache.nifi.proxy.ProxySpec;
 import org.apache.nifi.ssl.SSLContextService;
 
 import javax.net.ssl.SSLContext;
 import javax.net.ssl.X509TrustManager;
 import java.io.IOException;
 import java.io.UncheckedIOException;
+import java.net.Proxy;
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -205,6 +208,8 @@ public class StandardOauth2AccessTokenProvider extends 
AbstractControllerService
         .dependsOn(SSL_CONTEXT)
         .build();
 
+    private static final ProxySpec[] PROXY_SPECS = { ProxySpec.HTTP_AUTH };
+
     private static final List<PropertyDescriptor> PROPERTIES = 
Collections.unmodifiableList(Arrays.asList(
         AUTHORIZATION_SERVER_URL,
         CLIENT_AUTHENTICATION_STRATEGY,
@@ -219,7 +224,8 @@ public class StandardOauth2AccessTokenProvider extends 
AbstractControllerService
         AUDIENCE,
         REFRESH_WINDOW,
         SSL_CONTEXT,
-        HTTP_PROTOCOL_STRATEGY
+        HTTP_PROTOCOL_STRATEGY,
+        ProxyConfiguration.createProxyConfigPropertyDescriptor(false, 
PROXY_SPECS)
     ));
 
     private static final String AUTHORIZATION_HEADER = "Authorization";
@@ -302,6 +308,8 @@ public class StandardOauth2AccessTokenProvider extends 
AbstractControllerService
                 .build());
         }
 
+        ProxyConfiguration.validateProxySpec(validationContext, 
validationResults, PROXY_SPECS);
+
         return validationResults;
     }
 
@@ -315,6 +323,21 @@ public class StandardOauth2AccessTokenProvider extends 
AbstractControllerService
             clientBuilder.sslSocketFactory(sslContext.getSocketFactory(), 
trustManager);
         }
 
+        final ProxyConfiguration proxyConfig = 
ProxyConfiguration.getConfiguration(context);
+
+        final Proxy proxy = proxyConfig.createProxy();
+        if (!Proxy.Type.DIRECT.equals(proxy.type())) {
+            clientBuilder.proxy(proxy);
+            if (proxyConfig.hasCredential()) {
+                clientBuilder.proxyAuthenticator((route, response) -> {
+                    final String credential = 
Credentials.basic(proxyConfig.getProxyUserName(), 
proxyConfig.getProxyUserPassword());
+                    return response.request().newBuilder()
+                                   .header("Proxy-Authorization", credential)
+                                   .build();
+                });
+            }
+        }
+
         final HttpProtocolStrategy httpProtocolStrategy = 
HttpProtocolStrategy.valueOf(context.getProperty(HTTP_PROTOCOL_STRATEGY).getValue());
         clientBuilder.protocols(httpProtocolStrategy.getProtocols());

[nifi] branch main updated: NIFI-11912 Added Proxy support to StandardOauth2AccessTokenProvider

Reply via email to