Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update renewed Jira refresh token back to the secrets store #5324

Merged
merged 19 commits into from
Jan 17, 2025
Merged

Update renewed Jira refresh token back to the secrets store #5324

merged 19 commits into from
Jan 17, 2025

Conversation

san81
Copy link
Collaborator

@san81 san81 commented Jan 13, 2025
edited
Loading

Description

In Jira OAuth2 based authentication, if one node renew the refresh token, others are not aware of the renewed refreshed token. This PR enables a way to write the renewed token back into the secret store so that other OCU nodes can pick up the renewed token and continue their execution. The changes introduced in this PR are

  • Introduced PluginConfigVariable interface that underlying provides methods to update the secret using the SecretsSupplier
  • Enhanced Jira source plugin code to make use of this newly introduced config variable member
  • Enahced Jira OAuth2 token refresh flow to make use of this PluginConfigVariable to write the updated refreshToken back into the store

Issues Resolved

Resolves #[Issue number to be closed when this PR is merged]

Check List

  • New functionality includes testing.
  • New functionality has a documentation issue. Please link to it in this PR.
    • New functionality has javadoc added
  • Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

san81 added 4 commits January 12, 2025 16:07
@san81
Introduced PluginConfigVariable interaface to provide ability for the…
aa7ca59 
… plugins to get access to their underlying aws secrets store member to be able to update if needed

Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
renewed access token and refresh tokens are now updated back in the s…
0c34119 
…ecrets store

Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
better naming
cc82281 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
Merge branch 'opensearch-project:main' into secrets-variable-interface
2f640df
@san81 san81 changed the title Updated renewed Jira refresh token back to the secrets store Update renewed Jira refresh token back to the secrets store Jan 13, 2025
san81 added 2 commits January 12, 2025 22:34
@san81
fixing the test cases based on the new PluginConfigVariable attribute…
64bf7bc 
… used for refreshToken

Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
improving the coverage
4df4fba 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81 san81 marked this pull request as ready for review January 13, 2025 23:01
dlvenable
dlvenable requested changes Jan 14, 2025
View reviewed changes
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Outdated Show resolved Hide resolved
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Outdated Show resolved Hide resolved
...epper-plugin-framework/src/main/java/org/opensearch/dataprepper/plugin/VariableExpander.java Show resolved Hide resolved
...gins/aws-plugin/src/main/java/org/opensearch/dataprepper/plugins/aws/AwsSecretsSupplier.java Show resolved Hide resolved
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Show resolved Hide resolved
...test/java/org/opensearch/dataprepper/plugins/source/jira/utils/TestUtilForPrivateFields.java Outdated Show resolved Hide resolved
...r-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigValueTranslator.java Show resolved Hide resolved
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Show resolved Hide resolved
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Show resolved Hide resolved
...src/test/java/org/opensearch/dataprepper/plugins/aws/AwsSecretsPluginConfigVariableTest.java Outdated Show resolved Hide resolved
@san81 san81 requested a review from dlvenable January 15, 2025 23:55
san81 added 5 commits January 15, 2025 16:10
@san81
additional coverage
f8802e5 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
implementing newly added method
eb2e431 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
switching PluginConfigVariable from refreshToken to accessToken
76a136a 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
Only the master node is responsible for Token refresh
188264e 
Signed-off-by: Santhosh Gandhe <[email protected]>
@san81
Added addition parameter in the API to accept the secrets version to …
009eafe 
…set that helps with enforcing idempotency while updating the secret store multiple times

Signed-off-by: Santhosh Gandhe <[email protected]>
dlvenable
dlvenable requested changes Jan 16, 2025
View reviewed changes
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Show resolved Hide resolved
...api/src/main/java/org/opensearch/dataprepper/model/plugin/FailedToUpdateSecretException.java Outdated Show resolved Hide resolved
...-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java Outdated Show resolved Hide resolved
...gins/aws-plugin/src/main/java/org/opensearch/dataprepper/plugins/aws/AwsSecretsSupplier.java Show resolved Hide resolved
.../src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java Show resolved Hide resolved
...aws-plugin/src/main/java/org/opensearch/dataprepper/plugins/aws/AwsPluginConfigVariable.java Show resolved Hide resolved
@san81 san81 requested a review from dlvenable January 16, 2025 19:31
@san81 san81 merged commit 83e949d into opensearch-project:main Jan 17, 2025
44 of 47 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chenqi0805 chenqi0805 chenqi0805 approved these changes

@dlvenable dlvenable dlvenable approved these changes

@sb2k16 sb2k16 Awaiting requested review from sb2k16 sb2k16 is a code owner

@engechas engechas Awaiting requested review from engechas engechas is a code owner

@graytaylor0 graytaylor0 Awaiting requested review from graytaylor0 graytaylor0 is a code owner

@dinujoh dinujoh Awaiting requested review from dinujoh dinujoh is a code owner

@kkondaka kkondaka Awaiting requested review from kkondaka kkondaka is a code owner

@KarstenSchnitter KarstenSchnitter Awaiting requested review from KarstenSchnitter KarstenSchnitter is a code owner

@oeyh oeyh Awaiting requested review from oeyh oeyh is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@san81 @dlvenable @chenqi0805