Merge pull request ydb-platform#33 from ydb-platform/oauth2_examples

Added OAuth2 token exchange examples
alex268 · Jul 2, 2024 · b264a2c · b264a2c
2 parents 125bb46 + f299b77
commit b264a2c
Show file tree

Hide file tree

Showing 6 changed files with 213 additions and 2 deletions.
diff --git a/auth/oauth2_token_exchange/jwt_token/pom.xml b/auth/oauth2_token_exchange/jwt_token/pom.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>tech.ydb.examples.auth</groupId>
+        <artifactId>ydb-sdk-auth-examples</artifactId>
+        <version>1.1.0-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>ydb-java-example-auth-oauth2-token-credentials</artifactId>
+    <name>YDB OAuth2 Token Example</name>
+    <packaging>jar</packaging>
+
+    <dependencies>
+        <dependency>
+            <groupId>tech.ydb</groupId>
+            <artifactId>ydb-sdk-table</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>tech.ydb.auth</groupId>
+            <artifactId>ydb-oauth2-provider</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-slf4j-impl</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <finalName>ydb-oauth2-token-example</finalName>
+        <plugins>
+            <!-- copy dependencies to libs folder -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <!-- add libs folder to classpath -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <addClasspath>true</addClasspath>
+                            <classpathPrefix>libs/</classpathPrefix>
+                            <mainClass>tech.ydb.example.Main</mainClass>
+                        </manifest>
+                    </archive>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/auth/oauth2_token_exchange/jwt_token/src/main/java/tech/ydb/example/Main.java b/auth/oauth2_token_exchange/jwt_token/src/main/java/tech/ydb/example/Main.java
@@ -0,0 +1,47 @@
+package tech.ydb.example;
+
+
+import tech.ydb.auth.OAuth2TokenExchangeProvider;
+import tech.ydb.auth.OAuth2TokenSource;
+import tech.ydb.core.grpc.GrpcTransport;
+import tech.ydb.table.SessionRetryContext;
+import tech.ydb.table.TableClient;
+import tech.ydb.table.query.DataQueryResult;
+import tech.ydb.table.result.ResultSetReader;
+import tech.ydb.table.transaction.TxControl;
+
+
+public final class Main {
+    public static void main(String[] args) {
+        if (args.length != 3) {
+            System.err.println("Usage: java -jar ydb-oauth2-token-example "
+                    + "<connection-string> <oauth2-endpoint> <oauth2-token-value>");
+            return;
+        }
+        String connectionString = args[0];
+        String oauth2Endpoint = args[1];
+        String refreshToken = args[2];
+
+        OAuth2TokenSource tokenSource = OAuth2TokenSource.fromValue(refreshToken);
+        OAuth2TokenExchangeProvider authProvider = OAuth2TokenExchangeProvider.newBuilder(oauth2Endpoint, tokenSource)
+                .withScope("demo-scope") // customize of OAuth2 request
+                .build();
+
+        try (GrpcTransport transport = GrpcTransport.forConnectionString(connectionString)
+                .withAuthProvider(authProvider)
+                .build()) {
+            try (TableClient tableClient = TableClient.newClient(transport).build()) {
+                SessionRetryContext retryCtx = SessionRetryContext.create(tableClient).build();
+
+                DataQueryResult dataQueryResult = retryCtx.supplyResult(
+                        session -> session.executeDataQuery("SELECT 1;", TxControl.serializableRw())
+                ).join().getValue();
+
+                ResultSetReader rsReader = dataQueryResult.getResultSet(0);
+                while (rsReader.next()) {
+                    System.out.println(rsReader.getColumn(0).getInt32());
+                }
+            }
+        }
+    }
+}
diff --git a/auth/oauth2_token_exchange/private_key/pom.xml b/auth/oauth2_token_exchange/private_key/pom.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>tech.ydb.examples.auth</groupId>
+        <artifactId>ydb-sdk-auth-examples</artifactId>
+        <version>1.1.0-SNAPSHOT</version>
+        <relativePath>../../pom.xml</relativePath>
+    </parent>
+
+    <artifactId>ydb-java-example-auth-oauth2-key-credentials</artifactId>
+    <name>YDB OAuth2 Private Key Example</name>
+    <packaging>jar</packaging>
+
+    <dependencies>
+        <dependency>
+            <groupId>tech.ydb</groupId>
+            <artifactId>ydb-sdk-table</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>tech.ydb.auth</groupId>
+            <artifactId>ydb-oauth2-provider</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-slf4j-impl</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <finalName>ydb-oauth2-private-key-example</finalName>
+        <plugins>
+            <!-- copy dependencies to libs folder -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+            </plugin>
+            <!-- add libs folder to classpath -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <addClasspath>true</addClasspath>
+                            <classpathPrefix>libs/</classpathPrefix>
+                            <mainClass>tech.ydb.example.Main</mainClass>
+                        </manifest>
+                    </archive>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>
diff --git a/auth/oauth2_token_exchange/private_key/src/main/java/tech/ydb/example/Main.java b/auth/oauth2_token_exchange/private_key/src/main/java/tech/ydb/example/Main.java
@@ -0,0 +1,52 @@
+package tech.ydb.example;
+
+
+import java.io.File;
+
+import tech.ydb.auth.OAuth2TokenExchangeProvider;
+import tech.ydb.auth.OAuth2TokenSource;
+import tech.ydb.core.grpc.GrpcTransport;
+import tech.ydb.table.SessionRetryContext;
+import tech.ydb.table.TableClient;
+import tech.ydb.table.query.DataQueryResult;
+import tech.ydb.table.result.ResultSetReader;
+import tech.ydb.table.transaction.TxControl;
+
+
+public final class Main {
+    public static void main(String[] args) {
+        if (args.length != 3) {
+            System.err.println("Usage: java -jar ydb-oauth2-private-key-example "
+                    + "<connection-string> <oauth2-endpoint> <rsa-private-key.pem>");
+            return;
+        }
+        String connectionString = args[0];
+        String oauth2Endpoint = args[1];
+        String keyPemPath = args[2];
+
+        OAuth2TokenSource tokenSource = OAuth2TokenSource.withPrivateKeyPemFile(new File(keyPemPath))
+                .withIssuer("test-issuer") // customize of JWT token
+                .build();
+
+        OAuth2TokenExchangeProvider authProvider = OAuth2TokenExchangeProvider.newBuilder(oauth2Endpoint, tokenSource)
+                .withScope("demo-scope") // customize of OAuth2 request
+                .build();
+
+        try (GrpcTransport transport = GrpcTransport.forConnectionString(connectionString)
+                .withAuthProvider(authProvider)
+                .build()) {
+            try (TableClient tableClient = TableClient.newClient(transport).build()) {
+                SessionRetryContext retryCtx = SessionRetryContext.create(tableClient).build();
+
+                DataQueryResult dataQueryResult = retryCtx.supplyResult(
+                        session -> session.executeDataQuery("SELECT 1;", TxControl.serializableRw())
+                ).join().getValue();
+
+                ResultSetReader rsReader = dataQueryResult.getResultSet(0);
+                while (rsReader.next()) {
+                    System.out.println(rsReader.getColumn(0).getInt32());
+                }
+            }
+        }
+    }
+}
diff --git a/auth/pom.xml b/auth/pom.xml
@@ -15,13 +15,15 @@
     <artifactId>ydb-sdk-auth-examples</artifactId>
     <name>YDB Auth examples</name>
     <description>Examples of various auth providers for YDB</description>
-    
+
     <modules>
         <module>access_token_credentials</module>
         <module>anonymous_credentials</module>
         <module>environ</module>
         <module>metadata_credentials</module>
         <module>service_account_credentials</module>
         <module>static_credentials</module>
+        <module>oauth2_token_exchange/jwt_token</module>
+        <module>oauth2_token_exchange/private_key</module>
     </modules>
 </project>
diff --git a/pom.xml b/pom.xml
@@ -18,7 +18,7 @@
         <log4j.version>2.22.1</log4j.version>
         <jcommander.version>1.82</jcommander.version>
 
-        <ydb.sdk.version>2.2.1</ydb.sdk.version>
+        <ydb.sdk.version>2.2.3</ydb.sdk.version>
     </properties>
 
     <modules>