This is an automated email from the ASF dual-hosted git repository.
shenlin pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/rocketmq-eventbridge.git
The following commit(s) were added to refs/heads/main by this push:
new 06cadd7 Update secret value (#61)
06cadd7 is described below
commit 06cadd7588dd47e30ecad630fa854053aa838ae8
Author: zhaohai <[email protected]>
AuthorDate: Wed Mar 22 15:44:19 2023 +0800
Update secret value (#61)
add private network param check
---
.../mybatis/mapper/EventConnectionMapper.java | 4 +-
.../repository/MybatisConnectRepository.java | 6 +-
.../resources/mybatis/EventConnectionMapper.xml | 15 ++-
.../domain/model/connection/ConnectionService.java | 132 +++++++++++++++------
.../domain/repository/ConnectionRepository.java | 4 +-
5 files changed, 114 insertions(+), 47 deletions(-)
diff --git
a/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/mapper/EventConnectionMapper.java
b/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/mapper/EventConnectionMapper.java
index f784ee1..19a2064 100644
---
a/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/mapper/EventConnectionMapper.java
+++
b/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/mapper/EventConnectionMapper.java
@@ -58,7 +58,7 @@ public interface EventConnectionMapper {
*/
ConnectionDO selectByPrimaryKey(Integer id);
- ConnectionDO selectByName(String name);
+ ConnectionDO selectByNameAccountId(@Param("name") String name,
@Param("accountId") String accountId);
/**
* List connection by page.
@@ -70,7 +70,7 @@ public interface EventConnectionMapper {
* @return
*/
List<ConnectionDO> listConnections(@Param("accountId") String accountId,
@Param("name") String name,
- @Param("nextToken") int nextToken, @Param("maxResults") int
maxResults);
+ @Param("nextToken") int nextToken,
@Param("maxResults") int maxResults);
/**
* This method was generated by MyBatis Generator. This method corresponds
to the database table event_connection
diff --git
a/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/repository/MybatisConnectRepository.java
b/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/repository/MybatisConnectRepository.java
index f7137e2..1a8e12b 100644
---
a/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/repository/MybatisConnectRepository.java
+++
b/adapter/persistence/src/main/java/org/apache/rocketmq/eventbridge/adapter/persistence/connect/mybatis/repository/MybatisConnectRepository.java
@@ -65,7 +65,7 @@ public class MybatisConnectRepository implements
ConnectionRepository {
@Override
public List<ConnectionDTO> listConnections(String accountId, String
connectionName, String nextToken,
- int maxResults) {
+ int maxResults) {
List<ConnectionDO> connectionDOS =
eventConnectionMapper.listConnections(accountId, connectionName,
Integer.parseInt(nextToken), maxResults);
return ConnectConverter.doListConvertDtoList(connectionDOS);
}
@@ -82,7 +82,7 @@ public class MybatisConnectRepository implements
ConnectionRepository {
}
@Override
- public ConnectionDTO getConnectionByName(String name) {
- return
ConnectConverter.doConvertDto(eventConnectionMapper.selectByName(name));
+ public ConnectionDTO getConnectionByNameAccountId(String name, String
accountId) {
+ return
ConnectConverter.doConvertDto(eventConnectionMapper.selectByNameAccountId(name,
accountId));
}
}
diff --git
a/adapter/persistence/src/main/resources/mybatis/EventConnectionMapper.xml
b/adapter/persistence/src/main/resources/mybatis/EventConnectionMapper.xml
index 394ffe9..604a065 100644
--- a/adapter/persistence/src/main/resources/mybatis/EventConnectionMapper.xml
+++ b/adapter/persistence/src/main/resources/mybatis/EventConnectionMapper.xml
@@ -63,17 +63,20 @@
from event_connection
where id = #{id,jdbcType=INTEGER}
</select>
- <select id="selectByName" resultMap="ResultMapWithBLOBs"
parameterType="java.lang.String">
- <!--
- WARNING - @mbggenerated
- This element is automatically generated by MyBatis Generator, do not
modify.
- -->
+ <select id="selectByNameAccountId" resultMap="ResultMapWithBLOBs"
parameterType="java.util.Map">
select
<include refid="Base_Column_List"/>
,
<include refid="Blob_Column_List"/>
from event_connection
- where name = #{name,jdbcType=VARCHAR}
+ <where>
+ <if test="accountId != null and accountId != ''">
+ account_id = #{accountId}
+ </if>
+ <if test="name != null and name != ''">
+ and name = #{name}
+ </if>
+ </where>
</select>
<select id="listConnections" resultMap="ResultMapWithBLOBs"
parameterType="java.util.Map">
select
diff --git
a/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/model/connection/ConnectionService.java
b/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/model/connection/ConnectionService.java
index d0ebad5..369694c 100644
---
a/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/model/connection/ConnectionService.java
+++
b/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/model/connection/ConnectionService.java
@@ -18,7 +18,9 @@
package org.apache.rocketmq.eventbridge.domain.model.connection;
import com.google.gson.Gson;
+
import java.util.List;
+
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.apache.rocketmq.eventbridge.domain.common.EventBridgeConstants;
@@ -56,8 +58,8 @@ public class ConnectionService extends
AbstractResourceService {
protected ApiDestinationRepository apiDestinationRepository;
public ConnectionService(ConnectionRepository connectionRepository,
- SecretManagerAPI secretManagerAPI, NetworkServiceAPI networkServiceAPI,
- ApiDestinationRepository apiDestinationRepository) {
+ SecretManagerAPI secretManagerAPI,
NetworkServiceAPI networkServiceAPI,
+ ApiDestinationRepository
apiDestinationRepository) {
this.connectionRepository = connectionRepository;
this.secretManagerAPI = secretManagerAPI;
this.networkServiceAPI = networkServiceAPI;
@@ -96,6 +98,14 @@ public class ConnectionService extends
AbstractResourceService {
}
}
+ private void updateCheckAuthParameters(AuthParameters authParameters) {
+ if (authParameters != null) {
+ updateCheckBasicAuthParameters(authParameters);
+ updateCheckApiKeyAuthParameters(authParameters);
+ checkOAuthParameters(authParameters);
+ }
+ }
+
private void checkOAuthParameters(AuthParameters authParameters) {
OAuthParameters oauthParameters = authParameters.getOauthParameters();
if
(AuthorizationTypeEnum.OAUTH_AUTH.getType().equals(authParameters.getAuthorizationType())
&& oauthParameters == null) {
@@ -144,6 +154,24 @@ public class ConnectionService extends
AbstractResourceService {
}
}
+ private void updateCheckApiKeyAuthParameters(AuthParameters
authParameters) {
+ ApiKeyAuthParameters apiKeyAuthParameters =
authParameters.getApiKeyAuthParameters();
+ if (apiKeyAuthParameters != null &&
AuthorizationTypeEnum.API_KEY_AUTH.getType().equals(authParameters.getAuthorizationType()))
{
+ String apiKeyName = apiKeyAuthParameters.getApiKeyName();
+ String apiKeyValue = apiKeyAuthParameters.getApiKeyValue();
+ if (StringUtils.isNotBlank(apiKeyName)
+ && (apiKeyName.length() >
EventBridgeConstants.MAX_LENGTH_CONSTANT
+ || apiKeyName.length() <
EventBridgeConstants.MIN_LENGTH_CONSTANT)) {
+ throw new
EventBridgeException(EventBridgeErrorCode.ApiKeyNameLengthExceed);
+ }
+ if (StringUtils.isNotBlank(apiKeyValue)
+ && (apiKeyValue.length() >
EventBridgeConstants.MAX_LENGTH_CONSTANT
+ || apiKeyValue.length() <
EventBridgeConstants.MIN_LENGTH_CONSTANT)) {
+ throw new
EventBridgeException(EventBridgeErrorCode.ApiKeyValueLengthExceed);
+ }
+ }
+ }
+
private void checkBasicAuthParameters(AuthParameters authParameters) {
BasicAuthParameters basicAuthParameters =
authParameters.getBasicAuthParameters();
if
(AuthorizationTypeEnum.BASIC_AUTH.getType().equals(authParameters.getAuthorizationType())
&& basicAuthParameters == null) {
@@ -164,6 +192,24 @@ public class ConnectionService extends
AbstractResourceService {
}
}
+ private void updateCheckBasicAuthParameters(AuthParameters authParameters)
{
+ BasicAuthParameters basicAuthParameters =
authParameters.getBasicAuthParameters();
+ if
(AuthorizationTypeEnum.BASIC_AUTH.getType().equals(authParameters.getAuthorizationType())
&& basicAuthParameters != null) {
+ String username = basicAuthParameters.getUsername();
+ String password = basicAuthParameters.getPassword();
+ if (StringUtils.isNotBlank(username) &&
+ (username.length() >
EventBridgeConstants.MAX_LENGTH_CONSTANT
+ || username.length() <
EventBridgeConstants.MIN_LENGTH_CONSTANT)) {
+ throw new
EventBridgeException(EventBridgeErrorCode.BasicUserNameLengthExceed);
+ }
+ if (StringUtils.isNotBlank(password)
+ && (password.length() >
EventBridgeConstants.MAX_LENGTH_CONSTANT
+ || password.length() <
EventBridgeConstants.MIN_LENGTH_CONSTANT)) {
+ throw new
EventBridgeException(EventBridgeErrorCode.BasicPassWordLengthExceed);
+ }
+ }
+ }
+
@Transactional(rollbackFor = Exception.class, propagation =
Propagation.REQUIRED)
public void deleteConnection(String accountId, String connectionName) {
if (CollectionUtils.isEmpty(checkConnection(accountId,
connectionName))) {
@@ -189,21 +235,25 @@ public class ConnectionService extends
AbstractResourceService {
throw new
EventBridgeException(EventBridgeErrorCode.ConnectionNotExist,
connectionDTO.getConnectionName());
}
checkNetworkType(connectionDTO.getNetworkParameters());
+ ConnectionDTO oldConnection =
connectionRepository.getConnectionByNameAccountId(connectionDTO.getConnectionName(),
accountId);
+ if (connectionDTO.getAuthParameters() == null
+ && oldConnection.getAuthParameters() != null
+ &&
StringUtils.isNotBlank(oldConnection.getAuthParameters().getAuthorizationType()))
{
+
secretManagerAPI.deleteSecretName(secretManagerAPI.getSecretName(accountId,
oldConnection.getConnectionName()));
+ }
if (connectionDTO.getAuthParameters() != null) {
- checkAuthParameters(connectionDTO.getAuthParameters());
-
connectionDTO.setAuthParameters(updateSecretData(connectionDTO.getAuthParameters(),
accountId, connectionDTO.getConnectionName(),
connectionDTO.getConnectionName()));
+ updateCheckAuthParameters(connectionDTO.getAuthParameters());
+
connectionDTO.setAuthParameters(updateSecretData(connectionDTO.getAuthParameters(),
accountId, connectionDTO.getConnectionName(), oldConnection));
}
- List<ConnectionDTO> connection =
getConnection(connectionDTO.getAccountId(), connectionDTO.getConnectionName());
- if (!CollectionUtils.isEmpty(connection)) {
- ConnectionDTO dto = connection.get(0);
- if
(NetworkTypeEnum.PRIVATE_NETWORK.getNetworkType().equals(dto.getNetworkParameters().getNetworkType()))
{
-
networkServiceAPI.deletePrivateNetwork(connectionDTO.getAccountId(),
Integer.toString(dto.getId()));
- }
- if
(NetworkTypeEnum.PRIVATE_NETWORK.getNetworkType().equals(connectionDTO.getNetworkParameters().getNetworkType()))
{
- NetworkParameters networkParameters =
connectionDTO.getNetworkParameters();
-
networkServiceAPI.createPrivateNetwork(connectionDTO.getAccountId(),
Integer.toString(dto.getId()), networkParameters.getVpcId(),
networkParameters.getVswitcheId(), networkParameters.getSecurityGroupId());
- }
+
+ if
(NetworkTypeEnum.PRIVATE_NETWORK.getNetworkType().equals(oldConnection.getNetworkParameters().getNetworkType()))
{
+
networkServiceAPI.deletePrivateNetwork(connectionDTO.getAccountId(),
Integer.toString(oldConnection.getId()));
}
+ if
(NetworkTypeEnum.PRIVATE_NETWORK.getNetworkType().equals(connectionDTO.getNetworkParameters().getNetworkType()))
{
+ NetworkParameters networkParameters =
connectionDTO.getNetworkParameters();
+
networkServiceAPI.createPrivateNetwork(connectionDTO.getAccountId(),
Integer.toString(oldConnection.getId()), networkParameters.getVpcId(),
networkParameters.getVswitcheId(), networkParameters.getSecurityGroupId());
+ }
+
connectionRepository.updateConnection(connectionDTO);
}
@@ -263,57 +313,71 @@ public class ConnectionService extends
AbstractResourceService {
}
}
- private AuthParameters updateSecretData(AuthParameters authParameters,
String accountId, String connectionName, String name) {
- ConnectionDTO connection =
connectionRepository.getConnectionByName(name);
+ private AuthParameters updateSecretData(AuthParameters authParameters,
String accountId, String connectionName, ConnectionDTO oldConnection) {
if (authParameters == null) {
return null;
}
final BasicAuthParameters basicAuthParameters =
authParameters.getBasicAuthParameters();
- final ApiKeyAuthParameters apiKeyAuthParameters =
authParameters.getApiKeyAuthParameters();
- final OAuthParameters oauthParameters =
authParameters.getOauthParameters();
if (basicAuthParameters != null) {
String secretName = null;
- if (connection.getAuthParameters() != null &&
connection.getAuthParameters().getBasicAuthParameters() != null) {
- BasicAuthParameters oldBasicAuthParameters =
connection.getAuthParameters().getBasicAuthParameters();
- secretName =
secretManagerAPI.updateSecretValue(oldBasicAuthParameters.getPassword(),
accountId, connectionName, basicAuthParameters.getUsername(),
basicAuthParameters.getPassword());
+ if (oldConnection.getAuthParameters() != null
+ &&
oldConnection.getAuthParameters().getBasicAuthParameters() != null) {
+ if (StringUtils.isBlank(basicAuthParameters.getUsername())
+ ||
StringUtils.isBlank(basicAuthParameters.getPassword())) {
+ secretName =
oldConnection.getAuthParameters().getBasicAuthParameters().getPassword();
+ } else {
+ BasicAuthParameters oldBasicAuthParameters =
oldConnection.getAuthParameters().getBasicAuthParameters();
+ secretName =
secretManagerAPI.updateSecretValue(oldBasicAuthParameters.getPassword(),
accountId, connectionName, basicAuthParameters.getUsername(),
basicAuthParameters.getPassword());
+ }
} else {
+ // old auth not basic
secretName = secretManagerAPI.createSecretName(accountId,
connectionName, new Gson().toJson(basicAuthParameters));
}
-
basicAuthParameters.setPassword(secretName);
return authParameters;
}
+ final ApiKeyAuthParameters apiKeyAuthParameters =
authParameters.getApiKeyAuthParameters();
if (apiKeyAuthParameters != null) {
String secretName = null;
- if (connection.getAuthParameters() != null &&
connection.getAuthParameters().getApiKeyAuthParameters() != null) {
- ApiKeyAuthParameters oldApiKeyAuthParameters =
connection.getAuthParameters().getApiKeyAuthParameters();
- secretName =
secretManagerAPI.updateSecretValue(oldApiKeyAuthParameters.getApiKeyValue(),
accountId, connectionName, apiKeyAuthParameters.getApiKeyName(),
apiKeyAuthParameters.getApiKeyValue());
+ if (oldConnection.getAuthParameters() != null
+ &&
oldConnection.getAuthParameters().getApiKeyAuthParameters() != null) {
+ if (StringUtils.isBlank(apiKeyAuthParameters.getApiKeyName())
|| StringUtils.isBlank(apiKeyAuthParameters.getApiKeyValue())) {
+ secretName =
oldConnection.getAuthParameters().getApiKeyAuthParameters().getApiKeyValue();
+ } else {
+ ApiKeyAuthParameters oldApiKeyAuthParameters =
oldConnection.getAuthParameters().getApiKeyAuthParameters();
+ secretName =
secretManagerAPI.updateSecretValue(oldApiKeyAuthParameters.getApiKeyValue(),
accountId, connectionName, apiKeyAuthParameters.getApiKeyName(),
apiKeyAuthParameters.getApiKeyValue());
+ }
} else {
+ // old auth not api key
secretName = secretManagerAPI.createSecretName(accountId,
connectionName, new Gson().toJson(apiKeyAuthParameters));
}
apiKeyAuthParameters.setApiKeyValue(secretName);
return authParameters;
}
+ final OAuthParameters oauthParameters =
authParameters.getOauthParameters();
if (oauthParameters == null) {
return authParameters;
}
- updateClientByKms(accountId, connectionName, oauthParameters,
connection);
+ updateClientByKms(accountId, connectionName, oauthParameters,
oldConnection);
return authParameters;
}
- private void updateClientByKms(String accountId, String connectionName,
OAuthParameters oauthParameters, ConnectionDTO connection) {
+ private void updateClientByKms(String accountId, String connectionName,
OAuthParameters oauthParameters, ConnectionDTO oldConnection) {
OAuthParameters.ClientParameters clientParameters =
oauthParameters.getClientParameters();
if (clientParameters == null) {
return;
}
String clientSecretSecretValue = null;
- if (connection.getAuthParameters() != null
- && connection.getAuthParameters().getOauthParameters() != null
- &&
connection.getAuthParameters().getOauthParameters().getClientParameters() !=
null) {
- OAuthParameters.ClientParameters oldClientParameters =
connection.getAuthParameters().getOauthParameters().getClientParameters();
- clientSecretSecretValue =
secretManagerAPI.updateSecretValue(oldClientParameters.getClientSecret(),
- accountId, connectionName,
connection.getAuthParameters().getOauthParameters().getClientParameters().getClientID(),
-
connection.getAuthParameters().getOauthParameters().getClientParameters().getClientSecret());
+ if (oldConnection.getAuthParameters() != null
+ && oldConnection.getAuthParameters().getOauthParameters() !=
null
+ &&
oldConnection.getAuthParameters().getOauthParameters().getClientParameters() !=
null) {
+ if (StringUtils.isBlank(clientParameters.getClientID()) ||
StringUtils.isBlank(clientParameters.getClientSecret())) {
+ clientSecretSecretValue =
oldConnection.getAuthParameters().getOauthParameters().getClientParameters().getClientSecret();
+ } else {
+ OAuthParameters.ClientParameters oldClientParameters =
oldConnection.getAuthParameters().getOauthParameters().getClientParameters();
+ clientSecretSecretValue =
secretManagerAPI.updateSecretValue(oldClientParameters.getClientSecret(),
+ accountId, connectionName,
clientParameters.getClientID(), clientParameters.getClientSecret());
+ }
} else {
clientSecretSecretValue =
secretManagerAPI.createSecretName(accountId, connectionName, new
Gson().toJson(clientParameters));
}
diff --git
a/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/repository/ConnectionRepository.java
b/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/repository/ConnectionRepository.java
index 851d207..575199b 100644
---
a/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/repository/ConnectionRepository.java
+++
b/domain/src/main/java/org/apache/rocketmq/eventbridge/domain/repository/ConnectionRepository.java
@@ -31,11 +31,11 @@ public interface ConnectionRepository {
List<ConnectionDTO> getConnection(String accountId, String connectionName);
List<ConnectionDTO> listConnections(String accountId, String
connectionName, String nextToken,
- int maxResults);
+ int maxResults);
int getConnectionCount(String accountId);
ConnectionDTO getConnectionById(Integer id);
- ConnectionDTO getConnectionByName(String name);
+ ConnectionDTO getConnectionByNameAccountId(String name, String accountId);
}
