Merge pull request #25 from project-kessel/RHCLOUD-34624-Removed-comm…

…on-code RHCLOUD-34624 Replace common client code with common library
project-kessel · Aug 29, 2024 · 003d676 · 003d676
2 parents 084aee0 + 1c13313
commit 003d676
Show file tree

Hide file tree

Showing 25 changed files with 103 additions and 1,456 deletions.
diff --git a/.gitignore b/.gitignore
@@ -14,3 +14,6 @@ Thumbs.db
 
 # Maven generated artifacts
 target/
+
+# Intellij
+*.iml
diff --git a/pom.xml b/pom.xml
@@ -39,6 +39,11 @@
   </scm>
 
   <dependencies>
+    <dependency>
+      <groupId>org.project-kessel</groupId>
+      <artifactId>common-client-java</artifactId>
+      <version>0.1</version>
+    </dependency>
     <dependency>
       <groupId>jakarta.enterprise</groupId>
       <artifactId>jakarta.enterprise.cdi-api</artifactId>

diff --git a/src/main/java/org/project_kessel/relations/client/AuthnConfigConverter.java b/src/main/java/org/project_kessel/relations/client/AuthnConfigConverter.java
@@ -0,0 +1,34 @@
+package org.project_kessel.relations.client;
+
+import org.project_kessel.clients.authn.AuthenticationConfig;
+import org.project_kessel.clients.authn.oidc.client.OIDCClientCredentialsAuthenticationConfig;
+import org.project_kessel.clients.authn.oidc.client.OIDCClientCredentialsAuthenticationConfig.OIDCClientCredentialsConfig;
+
+public class AuthnConfigConverter {
+
+    public static AuthenticationConfig convert(Config.AuthenticationConfig authnConfig) {
+        if(authnConfig == null) {
+            return null;
+        }
+        AuthenticationConfig convertedAuthnConfig;
+        if(authnConfig.clientCredentialsConfig().isPresent()) {
+            Config.OIDCClientCredentialsConfig oidcClientCredentialsConfig = authnConfig.clientCredentialsConfig().get();
+
+            convertedAuthnConfig = new OIDCClientCredentialsAuthenticationConfig();
+            var convertedOidcClientCredentialsConfig = new OIDCClientCredentialsConfig();
+            convertedOidcClientCredentialsConfig.setIssuer(oidcClientCredentialsConfig.issuer());
+            convertedOidcClientCredentialsConfig.setClientId(oidcClientCredentialsConfig.clientId());
+            convertedOidcClientCredentialsConfig.setClientSecret(oidcClientCredentialsConfig.clientSecret());
+            convertedOidcClientCredentialsConfig.setScope(oidcClientCredentialsConfig.scope());
+            convertedOidcClientCredentialsConfig.setOidcClientCredentialsMinterImplementation(oidcClientCredentialsConfig.oidcClientCredentialsMinterImplementation());
+
+            ((OIDCClientCredentialsAuthenticationConfig)convertedAuthnConfig).setCredentialsConfig(convertedOidcClientCredentialsConfig);
+        } else {
+            convertedAuthnConfig = new AuthenticationConfig();
+        }
+
+        convertedAuthnConfig.setMode(authnConfig.mode());
+
+        return convertedAuthnConfig;
+    }
+}
diff --git a/...l/relations/client/CDIManagedClients.java → ...ns/client/CDIManagedRelationsClients.java b/...l/relations/client/CDIManagedClients.java → ...ns/client/CDIManagedRelationsClients.java
@@ -2,20 +2,21 @@
 
 import jakarta.enterprise.context.ApplicationScoped;
 import jakarta.enterprise.inject.Produces;
+import org.project_kessel.clients.authn.AuthenticationConfig.AuthMode;
 
 /**
- * A managed bean for providing relations api clients for injection in apps.
+ * A managed bean for providing clients for injection in apps.
  * It has the current limitation that only one underlying grpc connection can be configured.
- * However, it is still possible to create more via RelationsGrpcClientsManager directly.
+ * However, it is still possible to create more via KesselClientsManager implementation directly.
  * This class does nothing unless the client is being managed by a CDI container (e.g. Quarkus)
  */
 @ApplicationScoped
-public class CDIManagedClients {
+public class CDIManagedRelationsClients {
     @Produces
     RelationsGrpcClientsManager getManager(Config config) {
         var isSecureClients = config.isSecureClients();
         var targetUrl = config.targetUrl();
-        var authnEnabled = config.authenticationConfig().map(t -> !t.mode().equals(Config.AuthMode.DISABLED)).orElse(false);
+        var authnEnabled = config.authenticationConfig().map(t -> !t.mode().equals(AuthMode.DISABLED)).orElse(false);
 
         if (isSecureClients) {
             if(authnEnabled) {

diff --git a/src/main/java/org/project_kessel/relations/client/CheckClient.java b/src/main/java/org/project_kessel/relations/client/CheckClient.java
@@ -7,18 +7,15 @@
 import io.grpc.stub.StreamObserver;
 import io.smallrye.mutiny.Uni;
 import io.smallrye.mutiny.operators.multi.processors.UnicastProcessor;
+import org.project_kessel.clients.KesselClient;
 
 import java.util.logging.Logger;
 
-public class CheckClient {
+public class CheckClient extends KesselClient<KesselCheckServiceGrpc.KesselCheckServiceStub, KesselCheckServiceGrpc.KesselCheckServiceBlockingStub> {
     private static final Logger logger = Logger.getLogger(CheckClient.class.getName());
 
-    private final KesselCheckServiceGrpc.KesselCheckServiceStub asyncStub;
-    private final KesselCheckServiceGrpc.KesselCheckServiceBlockingStub blockingStub;
-
     CheckClient(Channel channel) {
-        asyncStub = KesselCheckServiceGrpc.newStub(channel);
-        blockingStub = KesselCheckServiceGrpc.newBlockingStub(channel);
+        super(KesselCheckServiceGrpc.newStub(channel), KesselCheckServiceGrpc.newBlockingStub(channel));
     }
 
     public void check(CheckRequest request,

diff --git a/src/main/java/org/project_kessel/relations/client/Config.java b/src/main/java/org/project_kessel/relations/client/Config.java
@@ -3,6 +3,7 @@
 import io.smallrye.config.ConfigMapping;
 import io.smallrye.config.WithDefault;
 import io.smallrye.config.WithName;
+import org.project_kessel.clients.authn.AuthenticationConfig.AuthMode;
 
 import java.util.Optional;
 
@@ -14,11 +15,6 @@
  */
 @ConfigMapping(prefix = "relations-api")
 public interface Config {
-    enum AuthMode {
-        DISABLED,
-        OIDC_CLIENT_CREDENTIALS
-    }
-
     @WithDefault("false")
     boolean isSecureClients();
     String targetUrl();

diff --git a/src/main/java/org/project_kessel/relations/client/HealthClient.java b/src/main/java/org/project_kessel/relations/client/HealthClient.java
@@ -8,14 +8,14 @@
 import org.project_kessel.api.relations.v1.GetReadyzResponse;
 import org.project_kessel.api.relations.v1.GetReadyzRequest;
 import org.project_kessel.api.relations.v1.KesselHealthServiceGrpc;
+import org.project_kessel.api.relations.v1beta1.KesselCheckServiceGrpc;
+import org.project_kessel.clients.KesselClient;
 
-public class HealthClient {
+public class HealthClient extends KesselClient<KesselHealthServiceGrpc.KesselHealthServiceStub, KesselHealthServiceGrpc.KesselHealthServiceBlockingStub> {
     private static final Logger logger = Logger.getLogger(HealthClient.class.getName());
 
-    private final KesselHealthServiceGrpc.KesselHealthServiceBlockingStub blockingStub;
-
     HealthClient(Channel channel) {
-        blockingStub = KesselHealthServiceGrpc.newBlockingStub(channel);
+        super(KesselHealthServiceGrpc.newStub(channel), KesselHealthServiceGrpc.newBlockingStub(channel));
     }
 
      public GetReadyzResponse readyz(GetReadyzRequest request) {

diff --git a/src/main/java/org/project_kessel/relations/client/LookupClient.java b/src/main/java/org/project_kessel/relations/client/LookupClient.java
@@ -5,19 +5,16 @@
 import io.smallrye.mutiny.Multi;
 import io.smallrye.mutiny.operators.multi.processors.UnicastProcessor;
 import org.project_kessel.api.relations.v1beta1.*;
+import org.project_kessel.clients.KesselClient;
 
 import java.util.Iterator;
 import java.util.logging.Logger;
 
-public class LookupClient {
+public class LookupClient extends KesselClient<KesselLookupServiceGrpc.KesselLookupServiceStub,KesselLookupServiceGrpc.KesselLookupServiceBlockingStub> {
     private static final Logger logger = Logger.getLogger(LookupClient.class.getName());
 
-    private final KesselLookupServiceGrpc.KesselLookupServiceStub asyncStub;
-    private final KesselLookupServiceGrpc.KesselLookupServiceBlockingStub blockingStub;
-
     LookupClient(Channel channel) {
-        asyncStub = KesselLookupServiceGrpc.newStub(channel);
-        blockingStub = KesselLookupServiceGrpc.newBlockingStub(channel);
+        super(KesselLookupServiceGrpc.newStub(channel), KesselLookupServiceGrpc.newBlockingStub(channel));
     }
 
     public void lookupSubjects(LookupSubjectsRequest request, StreamObserver<LookupSubjectsResponse> responseObserver) {

diff --git a/src/main/java/org/project_kessel/relations/client/RelationTuplesClient.java b/src/main/java/org/project_kessel/relations/client/RelationTuplesClient.java
@@ -11,16 +11,13 @@
 import io.grpc.stub.StreamObserver;
 import io.smallrye.mutiny.Multi;
 import io.smallrye.mutiny.operators.multi.processors.UnicastProcessor;
+import org.project_kessel.clients.KesselClient;
 
 import java.util.Iterator;
 
-public class RelationTuplesClient {
-    private final KesselTupleServiceGrpc.KesselTupleServiceStub asyncStub;
-    private final KesselTupleServiceGrpc.KesselTupleServiceBlockingStub blockingStub;
-
+public class RelationTuplesClient extends KesselClient<KesselTupleServiceGrpc.KesselTupleServiceStub, KesselTupleServiceGrpc.KesselTupleServiceBlockingStub> {
     RelationTuplesClient(Channel channel) {
-        asyncStub = KesselTupleServiceGrpc.newStub(channel);
-        blockingStub = KesselTupleServiceGrpc.newBlockingStub(channel);
+        super(KesselTupleServiceGrpc.newStub(channel), KesselTupleServiceGrpc.newBlockingStub(channel));
     }
 
     /**

diff --git a/src/main/java/org/project_kessel/relations/client/RelationsGrpcClientsManager.java b/src/main/java/org/project_kessel/relations/client/RelationsGrpcClientsManager.java
@@ -1,116 +1,38 @@
 package org.project_kessel.relations.client;
 
-import io.grpc.*;
-import org.project_kessel.relations.client.authn.CallCredentialsFactory;
+import io.grpc.Channel;
+import org.project_kessel.clients.ChannelManager;
+import org.project_kessel.clients.KesselClientsManager;
 
-import java.util.HashMap;
-
-public class RelationsGrpcClientsManager {
-    private static final HashMap<String, RelationsGrpcClientsManager> insecureManagers = new HashMap<>();
-    private static final HashMap<String, RelationsGrpcClientsManager> secureManagers = new HashMap<>();
-
-    private final ManagedChannel channel;
-
-    public static synchronized RelationsGrpcClientsManager forInsecureClients(String targetUrl) {
-        if (!insecureManagers.containsKey(targetUrl)) {
-            var manager = new RelationsGrpcClientsManager(targetUrl, InsecureChannelCredentials.create());
-            insecureManagers.put(targetUrl, manager);
-        }
-        return insecureManagers.get(targetUrl);
+public final class RelationsGrpcClientsManager extends KesselClientsManager {
+    private RelationsGrpcClientsManager(Channel channel) {
+        super(channel);
     }
 
-    public static synchronized RelationsGrpcClientsManager forInsecureClients(String targetUrl, Config.AuthenticationConfig authnConfig) throws RuntimeException {
-        if (!insecureManagers.containsKey(targetUrl)) {
-            try {
-                var manager = new RelationsGrpcClientsManager(targetUrl,
-                        InsecureChannelCredentials.create(),
-                        CallCredentialsFactory.create(authnConfig));
-                insecureManagers.put(targetUrl, manager);
-            } catch (CallCredentialsFactory.CallCredentialsCreationException e) {
-                throw new RuntimeException(e);
-            }
-        }
-        return insecureManagers.get(targetUrl);
-    }
+    private static final String CHANNEL_MANAGER_KEY = RelationsGrpcClientsManager.class.getName();
 
-    public static synchronized RelationsGrpcClientsManager forSecureClients(String targetUrl) {
-        if (!secureManagers.containsKey(targetUrl)) {
-            var tlsChannelCredentials = TlsChannelCredentials.create();
-            var manager = new RelationsGrpcClientsManager(targetUrl, tlsChannelCredentials);
-            secureManagers.put(targetUrl, manager);
-        }
-        return secureManagers.get(targetUrl);
+    public static RelationsGrpcClientsManager forInsecureClients(String targetUrl) {
+        return new RelationsGrpcClientsManager(ChannelManager.getInstance(CHANNEL_MANAGER_KEY).forInsecureClients(targetUrl));
     }
 
-    public static synchronized RelationsGrpcClientsManager forSecureClients(String targetUrl, Config.AuthenticationConfig authnConfig) {
-        if (!secureManagers.containsKey(targetUrl)) {
-            var tlsChannelCredentials = TlsChannelCredentials.create();
-            try {
-                var manager = new RelationsGrpcClientsManager(targetUrl,
-                        tlsChannelCredentials,
-                        CallCredentialsFactory.create(authnConfig));
-                secureManagers.put(targetUrl, manager);
-            } catch (CallCredentialsFactory.CallCredentialsCreationException e) {
-                throw new RuntimeException(e);
-            }
-        }
-        return secureManagers.get(targetUrl);
+    public static RelationsGrpcClientsManager forInsecureClients(String targetUrl, Config.AuthenticationConfig authnConfig) throws RuntimeException {
+        return new RelationsGrpcClientsManager(ChannelManager.getInstance(CHANNEL_MANAGER_KEY).forInsecureClients(targetUrl, AuthnConfigConverter.convert(authnConfig)));
     }
 
-    public static synchronized void shutdownAll() {
-        for (var manager : insecureManagers.values()) {
-            manager.closeClientChannel();
-        }
-        insecureManagers.clear();
-        for (var manager : secureManagers.values()) {
-            manager.closeClientChannel();
-        }
-        secureManagers.clear();
+    public static RelationsGrpcClientsManager forSecureClients(String targetUrl) {
+        return new RelationsGrpcClientsManager(ChannelManager.getInstance(CHANNEL_MANAGER_KEY).forSecureClients(targetUrl));
     }
 
-    public static synchronized void shutdownManager(RelationsGrpcClientsManager managerToShutdown) {
-        var iter = insecureManagers.entrySet().iterator();
-        while (iter.hasNext()) {
-            var entry = iter.next();
-            if(entry.getValue().channel == managerToShutdown.channel) {
-                entry.getValue().closeClientChannel();
-                iter.remove();
-                return;
-            }
-        }
-        iter = secureManagers.entrySet().iterator();
-        while (iter.hasNext()) {
-            var entry = iter.next();
-            if(entry.getValue().channel == managerToShutdown.channel) {
-                entry.getValue().closeClientChannel();
-                iter.remove();
-                return;
-            }
-        }
+    public static RelationsGrpcClientsManager forSecureClients(String targetUrl, Config.AuthenticationConfig authnConfig) {
+        return new RelationsGrpcClientsManager(ChannelManager.getInstance(CHANNEL_MANAGER_KEY).forSecureClients(targetUrl, AuthnConfigConverter.convert(authnConfig)));
     }
 
-    /**
-     * Create a manager for a grpc channel with server credentials.
-     * @param targetUrl
-     * @param serverCredentials authenticates the server for TLS or are InsecureChannelCredentials
-     */
-    private RelationsGrpcClientsManager(String targetUrl, ChannelCredentials serverCredentials) {
-        this.channel = Grpc.newChannelBuilder(targetUrl, serverCredentials).build();
+    public static void shutdownAll() {
+        ChannelManager.getInstance(CHANNEL_MANAGER_KEY).shutdownAll();
     }
 
-    /**
-     * Create a manager for a grpc channel with server credentials and credentials for per-rpc client authentication.
-     * @param targetUrl
-     * @param serverCredentials authenticates the server for TLS or are InsecureChannelCredentials
-     * @param authnCredentials authenticates the client on each rpc
-     */
-    private RelationsGrpcClientsManager(String targetUrl, ChannelCredentials serverCredentials, CallCredentials authnCredentials) {
-        this.channel = Grpc.newChannelBuilder(targetUrl,
-                CompositeChannelCredentials.create(serverCredentials, authnCredentials)).build();
-    }
-
-    private void closeClientChannel() {
-        channel.shutdown();
+    public static void shutdownManager(RelationsGrpcClientsManager managerToShutdown) {
+        ChannelManager.getInstance(CHANNEL_MANAGER_KEY).shutdownChannel(managerToShutdown.channel);
     }
 
     public CheckClient getCheckClient() {
@@ -128,5 +50,4 @@ public LookupClient getLookupClient() {
     public HealthClient getHealthClient() {
         return new HealthClient(channel);
     }
-
 }
diff --git a/src/main/java/org/project_kessel/relations/client/authn/CallCredentialsFactory.java b/src/main/java/org/project_kessel/relations/client/authn/CallCredentialsFactory.java
-Original file line number
+Diff line change
@@ Expand Up / @@ -14,3 +14,6 @@ Thumbs.db @@
     # Maven generated artifacts
     target/
+    # Intellij
+    *.iml