881 Tenant credentials (#43)

* Trying tenant credentials * Test fixed * Spotless * RELEASENOTES * README * Renamed tests
it-at-m · Jun 24, 2024 · e3e345e · e3e345e
1 parent 9937ae3
commit e3e345e
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 27 deletions.
diff --git a/RELEASENOTES.md b/RELEASENOTES.md
@@ -1,6 +1,6 @@
 # Release-Notes
 
-## Sprint 13 (19.06.2024 - 09.06.2024)
+## Sprint 13 (19.06.2024 - 09.07.2024)
 ### Hinzugefügt
 - Tenant Credentials
 

diff --git a/docs/README.md b/docs/README.md
@@ -95,19 +95,19 @@ Mit der Rest Ressource GET '.../filesInFolder?bucketName=bucket1&path=...&archiv
 ### Konfiguration
 
 Zur Konfiguration der Credentials der Buckets dient das Property ***mobidam.s3.bucket-credential-config***.
-Dieses ist als Map gestaltet und enthält für jeden benannten Bucket die Namen von Umgebungsvariablen für Access-Key und Secret-Key:
+Dieses ist als Map gestaltet und enthält die default Tenant-Credentials. Nach Bedarf können der Access-Key und Secret-Key für die einzelnen Buckets separat konfiguriert werden:
 ```
-x-itmkm82k:
-  access-key-env-var: MOBIDAM_BUCKET1_ACCESS_KEY
-  secret-key-env-var: MOBIDAM_BUCKET1_SECRET_KEY
+tenant-default:
+  access-key-env-var: MOBIDAM_ACCESS_KEY
+  secret-key-env-var: MOBIDAM_SECRET_KEY
 int-mdasc-mdasdev:
   access-key-env-var: MOBIDAM_BUCKET2_ACCESS_KEY
   secret-key-env-var: MOBIDAM_BUCKET2_SECRET_KEY
 ```
 Die Umgebungsvariablen müssen entsprechend in der Laufzeitumgebung bereitgestellt werden:
 ```
-MOBIDAM_BUCKET1_ACCESS_KEY=<my-access-key1>
-MOBIDAM_BUCKET1_SECRET_KEY=<my-secret-key1>
+MOBIDAM_ACCESS_KEY=<my-access-key1>
+MOBIDAM_SECRET_KEY=<my-secret-key1>
 MOBIDAM_BUCKET2_ACCESS_KEY=<my-access-key2>
 MOBIDAM_BUCKET2_SECRET_KEY=<my-secret-key2>
 ```

diff --git a/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java b/src/main/java/de/muenchen/mobidam/s3/S3CredentialProvider.java
@@ -22,6 +22,8 @@
 @RequiredArgsConstructor
 public class S3CredentialProvider implements Processor {
 
+    private static final String TENANT_CONFIG = "tenant-default";
+
     private final S3BucketCredentialConfig properties;
     private final EnvironmentReader environmentReader;
 
@@ -52,10 +54,18 @@ private S3BucketCredentialConfig.BucketCredentialConfig verifyCredentials(String
         Map<String, S3BucketCredentialConfig.BucketCredentialConfig> map = properties.getBucketCredentialConfig();
         S3BucketCredentialConfig.BucketCredentialConfig envVars = map.get(bucketName);
         if (envVars == null) {
-            exchange.getMessage()
-                    .setBody(ErrorResponseBuilder.build(HttpStatus.INTERNAL_SERVER_ERROR.value(), "Configuration for bucket not found: " + bucketName));
-            throw new MobidamException("Configuration for bucket not found: " + bucketName);
+            envVars = tryTenantCredentials(map);
+            if (envVars == null) {
+                exchange.getMessage()
+                        .setBody(ErrorResponseBuilder.build(HttpStatus.INTERNAL_SERVER_ERROR.value(),
+                                "Configuration for bucket and tenant not found: " + bucketName));
+                throw new MobidamException("Configuration for bucket and tenant not found: " + bucketName);
+            }
         }
         return envVars;
     }
+
+    private S3BucketCredentialConfig.BucketCredentialConfig tryTenantCredentials(Map<String, S3BucketCredentialConfig.BucketCredentialConfig> propertiesMap) {
+        return propertiesMap.get(TENANT_CONFIG);
+    }
 }
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
@@ -23,19 +23,7 @@ mobidam:
     expiration: 30
   s3:
     bucket-credential-config:
-      x-itmkm82k:
-        access-key-env-var: MOBIDAM_ACCESS_KEY
-        secret-key-env-var: MOBIDAM_SECRET_KEY
-      int-mdasc-mdasdev:
-        access-key-env-var: MOBIDAM_ACCESS_KEY
-        secret-key-env-var: MOBIDAM_SECRET_KEY
-      int-mdask-lapas:
-        access-key-env-var: MOBIDAM_ACCESS_KEY
-        secret-key-env-var: MOBIDAM_SECRET_KEY
-      int-mdask-kvutest:
-        access-key-env-var: MOBIDAM_ACCESS_KEY
-        secret-key-env-var: MOBIDAM_SECRET_KEY
-      int-mdask-bau:
+      tenant-default:
         access-key-env-var: MOBIDAM_ACCESS_KEY
         secret-key-env-var: MOBIDAM_SECRET_KEY
       int-pitprojektmdask-vespa:

diff --git a/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java b/src/test/java/de/muenchen/mobidam/s3/S3BucketTest.java
@@ -120,7 +120,7 @@ public void test_RouteWithBucketNameParameterNotExist() {
     }
 
     @Test
-    public void test_RouteWithBucketNameNotFound() {
+    public void test_RouteWithBucketNameNotFoundAndTenantNotFound() {
 
         var s3Request = ExchangeBuilder.anExchange(camelContext)
                 .withHeader(Constants.CAMEL_SERVLET_CONTEXT_PATH, Constants.CAMEL_SERVLET_CONTEXT_PATH_FILES_IN_FOLDER)
@@ -129,7 +129,7 @@ public void test_RouteWithBucketNameNotFound() {
         var response = producer.send("{{camel.route.common}}", s3Request);
 
         var error = response.getIn().getBody(ErrorResponse.class);
-        Assertions.assertEquals("Configuration for bucket not found: foo", error.getError());
+        Assertions.assertEquals("Bucket not configured: foo", error.getError());
         Assertions.assertEquals(BigDecimal.valueOf(HttpStatus.INTERNAL_SERVER_ERROR.value()), error.getStatus());
 
     }

diff --git a/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java b/src/test/java/de/muenchen/mobidam/s3/S3PresignedUrlTest.java
@@ -167,7 +167,7 @@ public void test_RouteWithPresignedUrlObjectNotExist() {
     }
 
     @Test
-    public void test_RouteWithPresignedUrlBucketNotExist() {
+    public void test_RouteWithPresignedUrlWithBucketAndTenantNotConfigured() {
 
         // Set S3 test-bucket content
         s3InitClient.putObject(PutObjectRequest.builder().bucket(TEST_BUCKET).key("File_1.csv").build(),
@@ -181,7 +181,7 @@ public void test_RouteWithPresignedUrlBucketNotExist() {
         var response = producer.send("{{camel.route.common}}", s3Request);
 
         var error = response.getIn().getBody(ErrorResponse.class);
-        Assertions.assertEquals("Configuration for bucket not found: BucketNotExist", error.getError());
+        Assertions.assertEquals("Bucket not configured: BucketNotExist", error.getError());
         Assertions.assertEquals(BigDecimal.valueOf(500), error.getStatus());
 
     }

diff --git a/src/test/resources/application.yml b/src/test/resources/application.yml
@@ -40,6 +40,9 @@ mobidam:
     expiration: 30
   s3:
     bucket-credential-config:
+      tenant-default:
+        access-key-env-var: MOBIDAM_ACCESS_KEY
+        secret-key-env-var: MOBIDAM_SECRET_KEY
       test-bucket:
         access-key-env-var: FOO_ACCESS_KEY
         secret-key-env-var: FOO_SECRET_KEY