Fix compilation failure for dedicated Vault

Author: MouhsinElmajdouby

ojdbc-provider-common/src/main/java/oracle/jdbc/provider/configuration/JsonSecretUtil.java

@@ -68,7 +68,7 @@ private JsonSecretUtil(){}
    *   }
    * </pre>
    * If an attribute named 'method' is present, the value is keyed to the
-   * name 'AUTHENTICATION' in the returned map. This is done to match the
+   * name 'AUTHENTICATION' in the returned map.  This is done to match the
    * "AUTHENTICATION" parameter name used by the {@code ojdbc-azure-common}
    * module.
    * @param secretJsonObject JSON that may contain a 'value' field or/and an
@@ -77,43 +77,46 @@ private JsonSecretUtil(){}
    * all the attributes mentioned above are not present.
    */
   public static Map<String, String> toNamedValues(
-    OracleJsonObject secretJsonObject) {
+          OracleJsonObject secretJsonObject) {
 
-    final String valueFieldName = "value";
     Map<String, String> options = new HashMap<>();
 
-    if (secretJsonObject.containsKey(valueFieldName)) {
-      OracleJsonValue secretUri = secretJsonObject.get(valueFieldName);
-      if (secretUri.getOracleJsonType()
-        .equals(OracleJsonValue.OracleJsonType.STRING)) {
-        options.put(valueFieldName, secretUri.asJsonString().getString());
-      } else {
-        options.put(valueFieldName, secretUri.toString());
+    secretJsonObject.forEach((key, value) -> {
+      if (key.equals("type")) {
+        // Skipped
       }
-    }
-
-    if (secretJsonObject.containsKey("authentication")) {
-      OracleJsonObject authenticationJsonObject = secretJsonObject
-        .get("authentication")
-        .asJsonObject();
-
-      // Rename "method" to "AUTHENTICATION" to match the parameter names
-      if (authenticationJsonObject.containsKey("method")) {
-        OracleJsonValue authentication = authenticationJsonObject.get("method");
-        authenticationJsonObject.remove("method");
-        authenticationJsonObject.put("AUTHENTICATION", authentication);
+      else if (key.equals("value")) {
+        // Handle the "value" object
+        options.put("value", getValueAsString(value));
       }
+      else if (key.equals("authentication")) {
+        // Handle the "authentication" object
+        OracleJsonObject authenticationJsonObject = value.asJsonObject();
 
-      authenticationJsonObject.forEach((key, value) -> {
-        if (value.getOracleJsonType()
-          .equals(OracleJsonValue.OracleJsonType.STRING)) {
-          options.put(key, value.asJsonString().getString());
-        } else {
-          options.put(key, value.toString());
+        // Rename "method" to "AUTHENTICATION" to match the parameter names
+        if (authenticationJsonObject.containsKey("method")) {
+          OracleJsonValue authentication = authenticationJsonObject.get("method");
+          authenticationJsonObject.remove("method");
+          authenticationJsonObject.put("AUTHENTICATION", authentication);
         }
-      });
-    }
+
+        authenticationJsonObject.forEach((authKey, authValue) -> {
+          options.put(authKey, getValueAsString(authValue));
+        });
+      }
+      else {
+        // For the rest of the cases, directly add to the options
+        options.put(key, getValueAsString(value));
+      }
+    });
 
     return options;
   }
+
+  private static String getValueAsString(OracleJsonValue value) {
+    if (value.getOracleJsonType().equals(OracleJsonValue.OracleJsonType.STRING))
+      return value.asJsonString().getString();
+    else
+      return value.toString();
+  }
 }

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/authentication/HashicorpCredentialsFactory.java

@@ -13,7 +13,6 @@
  */
 public final class HashicorpCredentialsFactory implements ResourceFactory<HashiCredentials> {
 
-  // Example parameter referencing the authentication method
   public static final Parameter<HashicorpAuthenticationMethod> AUTHENTICATION_METHOD =
           Parameter.create(REQUIRED);
 
@@ -33,7 +32,6 @@ public Resource<HashiCredentials> request(ParameterSet parameterSet) {
   }
 
   private static HashiCredentials getCredential(ParameterSet parameterSet) {
-    System.out.println("parameterSet = " + parameterSet);
     // Check which authentication method is requested
     HashicorpAuthenticationMethod method =
             parameterSet.getRequired(AUTHENTICATION_METHOD);
@@ -47,9 +45,6 @@ private static HashiCredentials getCredential(ParameterSet parameterSet) {
     }
   }
 
-  /**
-   * Example: read Vault token from an environment variable "VAULT_TOKEN".
-   */
   private static HashiCredentials tokenCredentials(ParameterSet parameterSet) {
     // (1) Try parameter
     String paramToken = parameterSet.getOptional(HashiVaultSecretsManagerFactory.VAULT_TOKEN);

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/configuration/HashiJsonVaultProvider.java

@@ -13,21 +13,6 @@
 import static oracle.jdbc.provider.hashicorp.configuration.HashiVaultSecretsManagerConfigurationProvider.PARAMETER_SET_PARSER;
 import static oracle.jdbc.provider.hashicorp.secrets.HashiVaultSecretsManagerFactory.FIELD_NAME;
 
-/**
- * Mirrors the AWS pattern for retrieving a single secret
- * field from HashiCorp Vault, base64-encoding it.
- *
- * Example JSON input might look like:
- * {
- *   "password": {
- *       "type": "hashicorpvault",
- *       "value": "/v1/secret/data/test-config2"
- *   }
- * }
- *
- * The provider will retrieve the secret from Vault, then
- * base64-encode it and return as a char[].
- */
 public class HashiJsonVaultProvider implements OracleConfigurationJsonSecretProvider {
 
   @Override
@@ -47,30 +32,22 @@ public char[] getSecret(OracleJsonObject jsonObject) {
     ByteArrayInputStream inputStream = new ByteArrayInputStream(secretString.getBytes(StandardCharsets.UTF_8));
 
 
-    // 3) Parse that JSON to find "myPassword"
-    //    Using the Oracle JSON library, for example:
     OracleJsonObject secretJsonObj =
             new oracle.sql.json.OracleJsonFactory()
                     .createJsonTextValue(inputStream)
                     .asJsonObject();
 
-    System.out.println(secretJsonObj);
-
-    // 4) Retrieve the field we want
-    //String myPasswordValue = secretJsonObj.getString("myPassword");
     String  myPasswordValue = parameterSet.getOptional(FIELD_NAME);
-    System.out.println(myPasswordValue);
+    String a = String.valueOf(secretJsonObj.get(myPasswordValue));
 
     // 5) Base64-encode just that field
     return Base64.getEncoder()
-            .encodeToString(myPasswordValue.getBytes())
+            .encodeToString(a.getBytes())
             .toCharArray();
   }
 
   @Override
   public String getSecretType() {
-    // Must match the "type" field in your JSON.
-    // E.g. "hashicorpvault" or "hashicorsecret"—your choice.
     return "hashicorpvault";
   }
 }

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/configuration/HashiVaultSecretsManagerConfigurationProvider.java

@@ -4,27 +4,23 @@
 import oracle.jdbc.provider.hashicorp.secrets.HashiVaultSecretsManagerFactory;
 import oracle.jdbc.provider.parameter.ParameterSet;
 import oracle.jdbc.provider.parameter.ParameterSetParser;
+import oracle.jdbc.util.OracleConfigurationCache;
 
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.util.HashMap;
 import java.util.Map;
 
-/**
- * A provider for JSON payload from Vault, analogous to AWS Secrets Manager version.
- */
 public class HashiVaultSecretsManagerConfigurationProvider extends OracleConfigurationJsonProvider {
 
-  // Reuse a ParameterSetParser approach
-  // If you need more parameters, add them below.
   static final ParameterSetParser PARAMETER_SET_PARSER =
           HashicorpConfigurationParameters.configureBuilder(
                   ParameterSetParser.builder()
                           .addParameter("value", HashiVaultSecretsManagerFactory.SECRET_PATH)
                           .addParameter("key_name", HashiVaultSecretsManagerFactory.KEY_NAME)
                           .addParameter(
                                   "VAULT_ADDR",
-                                  HashiVaultSecretsManagerFactory.VAULT_ADDRESS
+                                  HashiVaultSecretsManagerFactory.VAULT_ADDR
                           )
                           .addParameter(
                                   "VAULT_TOKEN",
@@ -36,7 +32,6 @@ public class HashiVaultSecretsManagerConfigurationProvider extends OracleConfigu
 
   @Override
   public InputStream getJson(String secretPath) {
-    // 'secretPath' is the location or name of the Vault secret
     final String valueFieldName = "value";
 
     // Build a map of user-provided options
@@ -61,4 +56,9 @@ public String getType() {
     // We'll reference this in our JDBC URL, e.g. "jdbc:oracle:thin:@config-hashicorpvault://..."
     return "hashicorpvault";
   }
+
+  @Override
+  public OracleConfigurationCache getCache() {
+    return CACHE;
+  }
 }

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/configuration/HashicorpConfigurationParameters.java

@@ -2,11 +2,10 @@
 
 import oracle.jdbc.provider.hashicorp.authentication.HashicorpAuthenticationMethod;
 import oracle.jdbc.provider.hashicorp.authentication.HashicorpCredentialsFactory;
-import oracle.jdbc.provider.hashicorp.secrets.HashiVaultSecretsManagerFactory;
 import oracle.jdbc.provider.parameter.ParameterSetParser;
 
 /**
- * Defines how we parse common Vault parameters (similar to AWS approach).
+ * Defines how we parse common Vault parameters.
  */
 public final class HashicorpConfigurationParameters {
 

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/secrets/HashiVaultSecretsManagerFactory.java

@@ -20,10 +20,6 @@
 import static java.nio.charset.StandardCharsets.UTF_8;
 import static oracle.jdbc.provider.parameter.Parameter.CommonAttribute.REQUIRED;
 
-/**
- * Analogous to AWS SecretsManagerFactory: fetches secrets from HashiCorp Vault.
- * Uses a REST call to the Vault HTTP API.
- */
 public final class HashiVaultSecretsManagerFactory extends HashiVaultResourceFactory<String> {
 
   /** The path of the secret in Vault. Required. */
@@ -38,13 +34,14 @@ public final class HashiVaultSecretsManagerFactory extends HashiVaultResourceFac
   /**
    * (Optional) The Vault address. If not specified, fallback to system property or environment var.
    */
-  public static final Parameter<String> VAULT_ADDRESS = Parameter.create();
+  public static final Parameter<String> VAULT_ADDR = Parameter.create();
 
   /**
    * (Optional) The Vault token. If not specified, fallback to system property or environment var.
    */
   public static final Parameter<String> VAULT_TOKEN = Parameter.create();
 
+  public static final Parameter<String> FIELD_NAME = Parameter.create();
 
   private static final OracleJsonFactory JSON_FACTORY = new OracleJsonFactory();
 
@@ -62,10 +59,9 @@ public static ResourceFactory<String> getInstance() {
 
   @Override
   public Resource<String> request(HashiCredentials credentials, ParameterSet parameterSet) {
-    System.out.println("parametrs in SecretManagerFactory" + parameterSet);
     String secretPath = parameterSet.getRequired(SECRET_PATH);
     String key = parameterSet.getOptional(KEY_NAME);
-    String vaultAddrParam = parameterSet.getOptional(VAULT_ADDRESS);
+    String vaultAddrParam = parameterSet.getOptional(VAULT_ADDR);
     String vaultTokenParam = parameterSet.getOptional(VAULT_TOKEN);
 
     String vaultAddr = (vaultAddrParam != null)
@@ -85,12 +81,10 @@ public Resource<String> request(HashiCredentials credentials, ParameterSet param
               "Vault token not found in URL parameters, system properties, or environment variables");
     }
 
-    // Use vaultAddr + secretPath as your final endpoint:
     String vaultUrl = vaultAddr + secretPath;
 
     // Make the REST call
     String secretString = fetchSecretFromVault(vaultUrl, vaultToken);
-    System.out.println("Raw Vault Response: " + secretString);
 
     /*
      * If KEY_NAME is specified, we only want a single field from the nested JSON.
@@ -118,8 +112,6 @@ private static String fetchSecretFromVault(String vaultUrl, String token) {
         throw new IllegalStateException(
                 "Failed to fetch secret. HTTP error code: " + conn.getResponseCode());
       }
-
-      // Java 8-friendly read of InputStream
       try (InputStream in = conn.getInputStream()) {
         return readStream(in);
       }
@@ -133,9 +125,6 @@ private static String fetchSecretFromVault(String vaultUrl, String token) {
     }
   }
 
-  /**
-   * Utility method for reading all bytes from an InputStream in Java 8.
-   */
   private static String readStream(InputStream in) throws IOException {
     ByteArrayOutputStream baos = new ByteArrayOutputStream();
     byte[] buffer = new byte[1024];
@@ -190,7 +179,7 @@ private static String extractValueFromJson(String secretJson, String key, String
         // Return only that key's value
         if (!dataData.containsKey(key)) {
           throw new IllegalArgumentException(
-                  "Failed to find key \"" + key + "\" in secret: " + secretPath);
+                  "Failed to find key " + key + " in secret: " + secretPath);
         }
         return dataData.getString(key);
 

ojdbc-provider-samples/pom.xml

@@ -25,6 +25,11 @@
       <artifactId>ojdbc-provider-oci</artifactId>
       <version>${project.parent.version}</version>
     </dependency>
+    <dependency>
+      <groupId>com.oracle.database.jdbc</groupId>
+      <artifactId>ojdbc-provider-hashicorp</artifactId>
+      <version>${project.parent.version}</version>
+    </dependency>
     <dependency>
       <groupId>com.oracle.database.security</groupId>
       <artifactId>oraclepki</artifactId>