All Downloads are FREE. Search and download functionalities are using the official Maven repository.

tech.ydb.core.auth.EnvironAuthProvider Maven / Gradle / Ivy

package tech.ydb.core.auth;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.nio.file.Path;
import java.nio.file.Paths;

import tech.ydb.auth.AuthIdentity;
import tech.ydb.auth.AuthRpcProvider;
import tech.ydb.core.impl.auth.GrpcAuthRpc;

/**
 *
 * @author Aleksandr Gorshenin
 */
public class EnvironAuthProvider implements AuthRpcProvider {
    private static final String IAM_CLASS_NAME = "tech.ydb.auth.iam.CloudAuthIdentity";
    private static final String IAM_CLASS_ERROR = "Cannot find CloudAuthIdentity class, "
            + "you have to add tech.ydb.auth:yc-auth-provider artifact to classpath";

    private static final String OAUTH2_CLASS_NAME = "tech.ydb.auth.OAuth2AuthHelper";
    private static final String OAUTH2_CLASS_ERROR = "Cannot find OAuth2AuthHelper class, "
            + "you have to add tech.ydb.auth:ydb-oauth2-provider artifact to classpath";

    @Override
    public AuthIdentity createAuthIdentity(GrpcAuthRpc rpc) {
        String anonCredentials = System.getenv("YDB_ANONYMOUS_CREDENTIALS");
        if (anonCredentials != null && anonCredentials.equals("1")) {
            return null;
        }

        String saKeyFile = System.getenv("YDB_SERVICE_ACCOUNT_KEY_FILE_CREDENTIALS");
        if (saKeyFile != null) {
            return loadServiceAccountIdentity(Paths.get(saKeyFile));
        }

        String metadataCredentials = System.getenv("YDB_METADATA_CREDENTIALS");
        if (metadataCredentials != null && metadataCredentials.equals("1")) {
            return loadMetadataIdentity();
        }

        String accessToken = System.getenv("YDB_ACCESS_TOKEN_CREDENTIALS");
        if (accessToken != null) {
            return () -> accessToken;
        }

        String oauth2KeyFile = System.getenv("YDB_OAUTH2_KEY_FILE");
        if (oauth2KeyFile != null) {
            return loadOAuth2KeyProvider(rpc, Paths.get(oauth2KeyFile));
        }

        return loadMetadataIdentity();
    }

    private static AuthIdentity loadServiceAccountIdentity(Path saKeyFile) {
        try {
            Class clazz = Class.forName(IAM_CLASS_NAME);
            Method method = clazz.getMethod("serviceAccountIdentity", Path.class, String.class);
            return (AuthIdentity) method.invoke(null, saKeyFile, null);
        } catch (ClassNotFoundException | NoSuchMethodException | SecurityException |
                IllegalAccessException | IllegalArgumentException | InvocationTargetException ex) {
            throw new RuntimeException(IAM_CLASS_ERROR, ex);
        }
    }

    private static AuthIdentity loadMetadataIdentity() {
        try {
            Class clazz = Class.forName(IAM_CLASS_NAME);
            Method method = clazz.getMethod("metadataIdentity", String.class);
            return (AuthIdentity) method.invoke(null, (Object) null);
        } catch (ClassNotFoundException | NoSuchMethodException | SecurityException |
                IllegalAccessException | IllegalArgumentException | InvocationTargetException ex) {
            throw new RuntimeException(IAM_CLASS_ERROR, ex);
        }
    }

    private static AuthIdentity loadOAuth2KeyProvider(GrpcAuthRpc rpc, Path configFile) {
        try {
            Class clazz = Class.forName(OAUTH2_CLASS_NAME);
            Method method = clazz.getMethod("configFileIdentity", Path.class, GrpcAuthRpc.class);
            return (AuthIdentity) method.invoke(null, configFile, rpc);
        } catch (ClassNotFoundException | NoSuchMethodException | SecurityException |
                IllegalAccessException | IllegalArgumentException | InvocationTargetException ex) {
            throw new RuntimeException(OAUTH2_CLASS_ERROR, ex);
        }
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy