Refactor DedicatedVault Implementation

Author: MouhsinElmajdouby

ojdbc-provider-common/src/main/java/oracle/jdbc/provider/util/ParameterUtil.java

@@ -0,0 +1,39 @@
+package oracle.jdbc.provider.util;
+
+import oracle.jdbc.provider.parameter.Parameter;
+import oracle.jdbc.provider.parameter.ParameterSet;
+
+import java.util.Optional;
+
+/**
+ * Utility class for handling parameters and environment variables.
+ */
+public final class ParameterUtil {
+
+  private ParameterUtil() {
+    // Prevent instantiation
+  }
+
+  /**
+   * Fetches a value from system properties or environment variables.
+   *
+   * @param key the name of the property or environment variable
+   * @return the value of the property or environment variable, or null if not found
+   */
+  public static String getEnvOrProperty(String key) {
+    return System.getProperty(key, System.getenv(key));
+  }
+
+  /**
+   * Fetches a parameter from the ParameterSet or falls back to environment/system properties.
+   *
+   * @param parameterSet the ParameterSet to search for the parameter
+   * @param parameter    the Parameter to fetch from the ParameterSet
+   * @param envKey       the environment/system property key to use as fallback
+   * @return the parameter value, or the environment/system property value if the parameter is not set
+   */
+  public static String getRequiredOrFallback(ParameterSet parameterSet, Parameter<String> parameter, String envKey) {
+    return Optional.ofNullable(parameterSet.getOptional(parameter))
+            .orElse(getEnvOrProperty(envKey));
+  }
+}

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/HashiVaultResourceFactory.java ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/DedicatedVaultResourceFactory.java

@@ -2,20 +2,21 @@
 
 import oracle.jdbc.provider.factory.Resource;
 import oracle.jdbc.provider.factory.ResourceFactory;
-import oracle.jdbc.provider.hashicorp.dedicated.authentication.HashiCredentials;
-import oracle.jdbc.provider.hashicorp.dedicated.authentication.HashicorpCredentialsFactory;
+import oracle.jdbc.provider.hashicorp.dedicated.authentication.DedicatedVaultCredentials;
+import oracle.jdbc.provider.hashicorp.dedicated.authentication.DedicatedVaultCredentialsFactory;
 import oracle.jdbc.provider.parameter.ParameterSet;
 
 /**
  * Common super class for ResourceFactory implementations that request
  * a resource from Vault using HashiCredentials (Vault token).
  */
-public abstract class HashiVaultResourceFactory<T> implements ResourceFactory<T> {
+public abstract class DedicatedVaultResourceFactory<T> implements ResourceFactory<T> {
 
   @Override
   public final Resource<T> request(ParameterSet parameterSet) {
     // Retrieve the Vault credentials (token) from the credentials factory
-    HashiCredentials credentials = HashicorpCredentialsFactory.getInstance()
+    DedicatedVaultCredentials credentials = DedicatedVaultCredentialsFactory
+            .getInstance()
             .request(parameterSet)
             .getContent();
 
@@ -32,5 +33,5 @@ public final Resource<T> request(ParameterSet parameterSet) {
    * the given credentials and parameters.
    */
   public abstract Resource<T> request(
-          HashiCredentials credentials, ParameterSet parameterSet);
+          DedicatedVaultCredentials credentials, ParameterSet parameterSet);
 }

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/DedicatedVaultAuthenticationMethod.java

@@ -0,0 +1,13 @@
+package oracle.jdbc.provider.hashicorp.dedicated.authentication;
+
+/**
+ * A method of authentication using Dedicated HashiCorp Vault.
+ */
+public enum DedicatedVaultAuthenticationMethod {
+
+  /**
+   * Authentication using a Vault token, possibly read from a parameter,
+   * system property, or environment variable.
+   */
+  TOKEN
+}

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/HashiCredentials.java ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/DedicatedVaultCredentials.java

@@ -1,12 +1,12 @@
 package oracle.jdbc.provider.hashicorp.dedicated.authentication;
 
 /**
- * Simple credentials object for HashiCorp Vault that holds a token.
+ * Holds a Vault token for Dedicated Vault usage.
  */
-public final class HashiCredentials {
+public final class DedicatedVaultCredentials {
   private final String vaultToken;
 
-  public HashiCredentials(String vaultToken) {
+  public DedicatedVaultCredentials(String vaultToken) {
     this.vaultToken = vaultToken;
   }
 

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/DedicatedVaultCredentialsFactory.java

@@ -0,0 +1,64 @@
+package oracle.jdbc.provider.hashicorp.dedicated.authentication;
+
+import oracle.jdbc.provider.factory.Resource;
+import oracle.jdbc.provider.factory.ResourceFactory;
+import oracle.jdbc.provider.hashicorp.dedicated.secrets.DedicatedVaultSecretsManagerFactory;
+import oracle.jdbc.provider.parameter.Parameter;
+import oracle.jdbc.provider.parameter.ParameterSet;
+
+import static oracle.jdbc.provider.parameter.Parameter.CommonAttribute.REQUIRED;
+import static oracle.jdbc.provider.util.ParameterUtil.getRequiredOrFallback;
+
+/**
+ * A factory for creating {@link DedicatedVaultCredentials} objects for Dedicated Vault.
+ */
+public final class DedicatedVaultCredentialsFactory implements ResourceFactory<DedicatedVaultCredentials> {
+
+  public static final Parameter<DedicatedVaultAuthenticationMethod> AUTHENTICATION_METHOD =
+          Parameter.create(REQUIRED);
+
+  private static final DedicatedVaultCredentialsFactory INSTANCE =
+          new DedicatedVaultCredentialsFactory();
+
+  private DedicatedVaultCredentialsFactory() { }
+
+  public static DedicatedVaultCredentialsFactory getInstance() {
+    return INSTANCE;
+  }
+
+  @Override
+  public Resource<DedicatedVaultCredentials> request(ParameterSet parameterSet) {
+    DedicatedVaultCredentials credentials = getCredential(parameterSet);
+    return Resource.createPermanentResource(credentials, true);
+  }
+
+  private static DedicatedVaultCredentials getCredential(ParameterSet parameterSet) {
+    // Check which authentication method is requested
+    DedicatedVaultAuthenticationMethod method =
+            parameterSet.getRequired(AUTHENTICATION_METHOD);
+
+    switch (method) {
+      case TOKEN:
+        return createTokenCredentials(parameterSet);
+      default:
+        throw new IllegalArgumentException(
+                "Unrecognized authentication method: " + method);
+    }
+  }
+
+  private static DedicatedVaultCredentials createTokenCredentials(ParameterSet parameterSet) {
+    String vaultToken = getRequiredOrFallback(
+            parameterSet,
+            DedicatedVaultSecretsManagerFactory.VAULT_TOKEN,
+            "VAULT_TOKEN"
+    );
+
+    if (vaultToken == null || vaultToken.isEmpty()) {
+      throw new IllegalStateException("Vault Token not found in parameters, " +
+              "system properties, or environment variables");
+    }
+
+    return new DedicatedVaultCredentials(vaultToken);
+  }
+
+}

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/HashicorpAuthenticationMethod.java

@@ -1,32 +1,31 @@
 package oracle.jdbc.provider.hashicorp.dedicated.configuration;
 
-import oracle.jdbc.provider.hashicorp.dedicated.authentication.HashicorpAuthenticationMethod;
-import oracle.jdbc.provider.hashicorp.dedicated.authentication.HashicorpCredentialsFactory;
+import oracle.jdbc.provider.hashicorp.dedicated.authentication.DedicatedVaultAuthenticationMethod;
+import oracle.jdbc.provider.hashicorp.dedicated.authentication.DedicatedVaultCredentialsFactory;
 import oracle.jdbc.provider.parameter.ParameterSetParser;
 
 /**
  * Defines how we parse common Vault parameters.
  */
-public final class HashicorpConfigurationParameters {
+public final class DedicatedVaultConfigurationParameters {
 
-  private HashicorpConfigurationParameters() {}
+  private DedicatedVaultConfigurationParameters() {}
 
   public static ParameterSetParser.Builder configureBuilder(ParameterSetParser.Builder builder) {
     return builder.addParameter(
             // The parameter name is "AUTHENTICATION"
             "AUTHENTICATION",
             // Tied to HashicorpCredentialsFactory.AUTHENTICATION_METHOD
-            HashicorpCredentialsFactory.AUTHENTICATION_METHOD,
+            DedicatedVaultCredentialsFactory.AUTHENTICATION_METHOD,
             // Default value if none is specified:
-            HashicorpAuthenticationMethod.TOKEN,
-            HashicorpConfigurationParameters::parseAuthentication)
+            DedicatedVaultAuthenticationMethod.TOKEN,
+            DedicatedVaultConfigurationParameters::parseAuthentication)
             ;
   }
 
-  private static HashicorpAuthenticationMethod parseAuthentication(String value) {
-    // Map user-provided string to enum
+  private static DedicatedVaultAuthenticationMethod parseAuthentication(String value) {
     if ("TOKEN".equalsIgnoreCase(value) || "VAULT_TOKEN".equalsIgnoreCase(value)) {
-      return HashicorpAuthenticationMethod.TOKEN;
+      return DedicatedVaultAuthenticationMethod.TOKEN;
     }
     throw new IllegalArgumentException(
             "Unrecognized Hashicorp authentication value: " + value);

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/authentication/HashicorpCredentialsFactory.java

@@ -1,7 +1,7 @@
 package oracle.jdbc.provider.hashicorp.dedicated.configuration;
 
 import oracle.jdbc.provider.configuration.JsonSecretUtil;
-import oracle.jdbc.provider.hashicorp.dedicated.secrets.HashiVaultSecretsManagerFactory;
+import oracle.jdbc.provider.hashicorp.dedicated.secrets.DedicatedVaultSecretsManagerFactory;
 import oracle.jdbc.provider.parameter.ParameterSet;
 import oracle.jdbc.spi.OracleConfigurationJsonSecretProvider;
 import oracle.sql.json.OracleJsonFactory;
@@ -11,26 +11,25 @@
 import java.nio.charset.StandardCharsets;
 import java.util.Base64;
 
-import static oracle.jdbc.provider.hashicorp.dedicated.configuration.HashiVaultSecretsManagerConfigurationProvider.PARAMETER_SET_PARSER;
-import static oracle.jdbc.provider.hashicorp.dedicated.secrets.HashiVaultSecretsManagerFactory.FIELD_NAME;
+import static oracle.jdbc.provider.hashicorp.dedicated.configuration.DedicatedVaultSecretsManagerConfigurationProvider.PARAMETER_SET_PARSER;
+import static oracle.jdbc.provider.hashicorp.dedicated.secrets.DedicatedVaultSecretsManagerFactory.FIELD_NAME;
 
-public class HashiJsonVaultProvider implements OracleConfigurationJsonSecretProvider {
+public class DedicatedVaultJsonSecretProvider implements OracleConfigurationJsonSecretProvider {
 
   @Override
   public char[] getSecret(OracleJsonObject jsonObject) {
-    // 1) Convert the JSON object to named key-value pairs
     ParameterSet parameterSet =
             PARAMETER_SET_PARSER.parseNamedValues(
                     JsonSecretUtil.toNamedValues(jsonObject)
             );
 
-    // 2) Call the Vault factory to fetch the raw secret string
-    String secretString = HashiVaultSecretsManagerFactory
+    String secretString = DedicatedVaultSecretsManagerFactory
             .getInstance()
             .request(parameterSet)
             .getContent();
 
-    ByteArrayInputStream inputStream = new ByteArrayInputStream(secretString.getBytes(StandardCharsets.UTF_8));
+    ByteArrayInputStream inputStream = new ByteArrayInputStream(
+            secretString.getBytes(StandardCharsets.UTF_8));
 
     OracleJsonObject secretJsonObj =
             new OracleJsonFactory()
@@ -48,6 +47,6 @@ public char[] getSecret(OracleJsonObject jsonObject) {
 
   @Override
   public String getSecretType() {
-    return "hashicorpvault";
+    return "dedicatedvault";
   }
 }

ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/configuration/HashicorpConfigurationParameters.java ojdbc-provider-hashicorp/src/main/java/oracle/jdbc/provider/hashicorp/dedicated/configuration/DedicatedVaultConfigurationParameters.java

@@ -1,7 +1,7 @@
 package oracle.jdbc.provider.hashicorp.dedicated.configuration;
 
 import oracle.jdbc.driver.OracleConfigurationJsonProvider;
-import oracle.jdbc.provider.hashicorp.dedicated.secrets.HashiVaultSecretsManagerFactory;
+import oracle.jdbc.provider.hashicorp.dedicated.secrets.DedicatedVaultSecretsManagerFactory;
 import oracle.jdbc.provider.parameter.ParameterSet;
 import oracle.jdbc.provider.parameter.ParameterSetParser;
 import oracle.jdbc.util.OracleConfigurationCache;
@@ -11,23 +11,23 @@
 import java.util.HashMap;
 import java.util.Map;
 
-public class HashiVaultSecretsManagerConfigurationProvider extends OracleConfigurationJsonProvider {
+public class DedicatedVaultSecretsManagerConfigurationProvider extends OracleConfigurationJsonProvider {
 
   static final ParameterSetParser PARAMETER_SET_PARSER =
-          HashicorpConfigurationParameters.configureBuilder(
+          DedicatedVaultConfigurationParameters.configureBuilder(
                   ParameterSetParser.builder()
-                          .addParameter("value", HashiVaultSecretsManagerFactory.SECRET_PATH)
-                          .addParameter("key", HashiVaultSecretsManagerFactory.KEY)
+                          .addParameter("value", DedicatedVaultSecretsManagerFactory.SECRET_PATH)
+                          .addParameter("key", DedicatedVaultSecretsManagerFactory.KEY)
                           .addParameter(
                                   "VAULT_ADDR",
-                                  HashiVaultSecretsManagerFactory.VAULT_ADDR
+                                  DedicatedVaultSecretsManagerFactory.VAULT_ADDR
                           )
                           .addParameter(
                                   "VAULT_TOKEN",
-                                  HashiVaultSecretsManagerFactory.VAULT_TOKEN
+                                  DedicatedVaultSecretsManagerFactory.VAULT_TOKEN
                           )
                           .addParameter("FILED_NAME",
-                                  HashiVaultSecretsManagerFactory.FIELD_NAME)
+                                  DedicatedVaultSecretsManagerFactory.FIELD_NAME)
           ).build();
 
   @Override
@@ -42,7 +42,7 @@ public InputStream getJson(String secretPath) {
     ParameterSet parameters = PARAMETER_SET_PARSER.parseNamedValues(optionsWithSecret);
 
     // Fetch the secret from Vault
-    String secretString = HashiVaultSecretsManagerFactory
+    String secretString = DedicatedVaultSecretsManagerFactory
             .getInstance()
             .request(parameters)
             .getContent();
@@ -52,8 +52,8 @@ public InputStream getJson(String secretPath) {
 
   @Override
   public String getType() {
-    // We'll reference this in our JDBC URL, e.g. "jdbc:oracle:thin:@config-hashicorpvault://..."
-    return "hashicorpvault";
+    // We'll reference this in our JDBC URL, e.g. "jdbc:oracle:thin:@config-dedicatedvault://..."
+    return "dedicatedvault";
   }
 
   @Override