improvements and session based authentication

Author: jitendrazkumar

docs/src/main/asciidoc/_configprops.adoc

@@ -6,7 +6,7 @@
 
 |spring.cloud.oci.config.profile | `DEFAULT` | Name of the profile in OCI Auth config file
 |spring.cloud.oci.config.file | NA | Location of the OCI Auth config file
-|spring.cloud.oci.config.type | FILE | Config/Auth type to be used. Allowed values are FILE, SIMPLE, INSTANCE_PRINCIPAL and RESOURCE_PRINCIPAL
+|spring.cloud.oci.config.type | FILE | Config/Auth type to be used. Allowed values are FILE, SIMPLE, INSTANCE_PRINCIPAL, RESOURCE_PRINCIPAL and SESSION_TOKEN
 |spring.cloud.oci.config.userId | NA | OCID of the user used for creating the API key. This is needed only if spring.cloud.oci.config.type is `SIMPLE`
 |spring.cloud.oci.config.tenantId | NA | Tenancy OCID where the API key is created. This is needed only if spring.cloud.oci.config.type is `SIMPLE`
 |spring.cloud.oci.config.fingerprint | NA | Fingerprint for the public key that was added to the user mentioned in `spring.cloud.oci.config.userId`. This is needed only if spring.cloud.oci.config.type is `SIMPLE`

docs/src/main/asciidoc/core.adoc

@@ -74,6 +74,16 @@ spring.cloud.oci.config.type = RESOURCE_PRINCIPAL
 
 For further details, refer to https://docs.public.oneportal.content.oci.oraclecloud.com/en-us/iaas/Content/API/Concepts/sdk_authentication_methods.htm#sdk_authentication_methods_resource_principal[OCI Resource Principal Authentication]
 
+==== Session token Configuration
+
+Set the config.type to `SESSION_TOKEN` as shown here.
+
+----
+spring.cloud.oci.config.type = SESSION_TOKEN
+----
+
+For further details, refer to https://docs.oracle.com/en-us/iaas/Content/API/Concepts/sdk_authentication_methods.htm#ariaid-title12
+
 === Region Configuration
 
 OCI services are available in different regions. Based on the custom requirements, you can host the application on different OCI regions. The following configuration allows you to set a specific region for the entire application.

pom.xml

@@ -76,6 +76,9 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
         <slf4j-simple.version>1.7.33</slf4j-simple.version>
         <flatten-maven-plugin.version>1.5.0</flatten-maven-plugin.version>
         <checksum-maven-plugin.version>1.11</checksum-maven-plugin.version>
+        <jacoco-maven-plugin.version>0.8.10</jacoco-maven-plugin.version>
+        <cc.code-coverage-ratio>0.00</cc.code-coverage-ratio>
+        <!--<dependency-check-maven.version>8.4.0</dependency-check-maven.version> -->
     </properties>
 
     <dependencyManagement>
@@ -267,7 +270,72 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>${maven-surefire-plugin.version}</version>
+                <configuration>
+                    <argLine>${argLine} -Xmx2048m</argLine>
+                </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+                <version>${jacoco-maven-plugin.version}</version>
+                <configuration>
+                   <outputDirectory>${project.build.directory}/jacoco-reports</outputDirectory>
+                   <excludes>
+                       <exclude>com/oracle/cloud/spring/sample/**</exclude>
+                   </excludes>
+                 </configuration>
+                 <executions>
+                     <execution>
+                         <id>default-prepare-agent</id>
+                         <goals>
+                             <goal>prepare-agent</goal>
+                         </goals>
+                     </execution>
+                     <execution>
+                         <id>default-report</id>
+                         <goals>
+                             <goal>report</goal>
+                         </goals>
+                     </execution>
+                     <execution>
+                         <id>default-check</id>
+                         <goals>
+                             <goal>check</goal>
+                         </goals>
+                         <configuration>
+                             <rules>
+                                 <rule implementation="org.jacoco.maven.RuleConfiguration">
+                                     <element>BUNDLE</element>
+                                     <limits>
+                                         <limit implementation="org.jacoco.report.check.Limit">
+                                             <counter>INSTRUCTION</counter>
+                                             <value>COVEREDRATIO</value>
+                                             <minimum>${cc.code-coverage-ratio}</minimum>
+                                         </limit>
+                                     </limits>
+                                 </rule>
+                             </rules>
+                         </configuration>
+                     </execution>
+                 </executions>
+             </plugin>
+            <!-- Plugin for dependency check -->
+            <!--<plugin>
+                <groupId>org.owasp</groupId>
+                <artifactId>dependency-check-maven</artifactId>
+                <version>${dependency-check-maven.version}</version>
+                <configuration>
+                    <failBuildOnCVSS>8</failBuildOnCVSS>
+                    <skipProvidedScope>true</skipProvidedScope>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin> -->
 		</plugins>
 	</build>
     <profiles>
@@ -286,4 +354,4 @@ Licensed under the Universal Permissive License v 1.0 as shown at https://oss.or
 			</build>
 		</profile>
     </profiles>
-</project>
+</project>

spring-cloud-oci-autoconfigure/src/main/java/com/oracle/cloud/spring/autoconfigure/core/CredentialsProperties.java

@@ -22,7 +22,8 @@ public enum ConfigType {
         FILE,
         INSTANCE_PRINCIPAL,
         RESOURCE_PRINCIPAL,
-        SIMPLE
+        SIMPLE,
+        SESSION_TOKEN
     }
 
     @Nullable

spring-cloud-oci-autoconfigure/src/main/java/com/oracle/cloud/spring/autoconfigure/core/CredentialsProviderAutoConfiguration.java

@@ -14,6 +14,7 @@
 import com.oracle.bmc.auth.ResourcePrincipalAuthenticationDetailsProvider;
 import com.oracle.bmc.auth.SimpleAuthenticationDetailsProvider;
 import com.oracle.bmc.auth.SimplePrivateKeySupplier;
+import com.oracle.bmc.auth.SessionTokenAuthenticationDetailsProvider;
 import org.springframework.boot.autoconfigure.AutoConfiguration;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
@@ -76,6 +77,15 @@ public static BasicAuthenticationDetailsProvider createCredentialsProvider(Crede
                 }
                 authenticationDetailsProvider = builder.build();
                 break;
+            case SESSION_TOKEN:
+                String configProfile = properties.hasProfile() ? properties.getProfile() : PROFILE_DEFAULT;
+
+                if (properties.hasFile()) {
+                    authenticationDetailsProvider = new SessionTokenAuthenticationDetailsProvider(properties.getFile(), configProfile);
+                } else {
+                    authenticationDetailsProvider = new SessionTokenAuthenticationDetailsProvider(configProfile);
+                }
+                break;
             default:
                 String profile = properties.hasProfile() ? properties.getProfile() : PROFILE_DEFAULT;
 

spring-cloud-oci-autoconfigure/src/test/java/com/oracle/cloud/spring/autoconfigure/core/CompartmentProviderAutoConfigurationTests.java

@@ -8,7 +8,9 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.autoconfigure.AutoConfigurations;
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
-import org.springframework.util.Assert;
+
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
 
 class CompartmentProviderAutoConfigurationTests {
     private final ApplicationContextRunner contextRunner =
@@ -21,8 +23,8 @@ void testConfigurationValueDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             CompartmentProperties config = context.getBean(CompartmentProperties.class);
-                            Assert.isTrue(config.getStatic() == null);
-                            Assert.isTrue(!config.isStatic());
+                            assertEquals(config.getStatic(), null);
+                            assertEquals(config.isStatic(), false);
                         });
     }
 
@@ -33,8 +35,8 @@ void testConfigurationValueConfiguredAreAsExpected() {
                 .run(
                         context -> {
                             CompartmentProperties config = context.getBean(CompartmentProperties.class);
-                            Assert.isTrue(config.getStatic().equals("demoCompartment"));
-                            Assert.isTrue(config.isStatic());
+                            assertEquals(config.getStatic(), "demoCompartment");
+                            assertEquals(config.isStatic(), true);
                         });
     }
 }

spring-cloud-oci-autoconfigure/src/test/java/com/oracle/cloud/spring/autoconfigure/core/CredentialsProviderAutoConfigurationTests.java

@@ -11,10 +11,11 @@
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.util.Assert;
 
 import static org.mockito.Mockito.mock;
-
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
 class CredentialsProviderAutoConfigurationTests {
     private final ApplicationContextRunner contextRunner =
             new ApplicationContextRunner().withConfiguration(AutoConfigurations.of(
@@ -26,9 +27,9 @@ void testConfigurationValueDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             CredentialsProperties config = context.getBean(CredentialsProperties.class);
-                            Assert.isTrue(config.getTenantId() == null);
-                            Assert.isTrue(config.getType() != null);
-                            Assert.isTrue(config.getType() == CredentialsProperties.ConfigType.FILE);
+                            assertNull(config.getTenantId());
+                            assertNotNull(config.getType());
+                            assertEquals(config.getType(), CredentialsProperties.ConfigType.FILE);
                         });
     }
 
@@ -47,15 +48,15 @@ void testConfigurationValueConfiguredAreAsExpected() {
                 .run(
                         context -> {
                             CredentialsProperties config = context.getBean(CredentialsProperties.class);
-                            Assert.isTrue(config.getType() == CredentialsProperties.ConfigType.SIMPLE);
-                            Assert.isTrue(config.getUserId().equals("userId"));
-                            Assert.isTrue(config.getTenantId().equals("tenantId"));
-                            Assert.isTrue(config.getFingerprint().equals("fingerprint"));
-                            Assert.isTrue(config.getPrivateKey().equals("privateKey"));
-                            Assert.isTrue(config.getProfile().equals("profile"));
-                            Assert.isTrue(config.getFile().equals("file"));
-                            Assert.isTrue(config.getPassPhrase().equals("passPhrase"));
-                            Assert.isTrue(config.getRegion().equals("region"));
+                            assertEquals(config.getType(), CredentialsProperties.ConfigType.SIMPLE);
+                            assertEquals(config.getUserId(), "userId");
+                            assertEquals(config.getTenantId(), "tenantId");
+                            assertEquals(config.getFingerprint(), "fingerprint");
+                            assertEquals(config.getPrivateKey(), "privateKey");
+                            assertEquals(config.getProfile(), "profile");
+                            assertEquals(config.getFile(), "file");
+                            assertEquals(config.getPassPhrase(), "passPhrase");
+                            assertEquals(config.getRegion(), "region");
                         });
     }
 

spring-cloud-oci-autoconfigure/src/test/java/com/oracle/cloud/spring/autoconfigure/core/RegionProviderAutoConfigurationTests.java

@@ -8,8 +8,10 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.boot.autoconfigure.AutoConfigurations;
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
-import org.springframework.util.Assert;
 
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNull;
 class RegionProviderAutoConfigurationTests {
     private final ApplicationContextRunner contextRunner =
             new ApplicationContextRunner().withConfiguration(AutoConfigurations.of(
@@ -21,8 +23,8 @@ void testConfigurationValueDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             RegionProperties config = context.getBean(RegionProperties.class);
-                            Assert.isTrue(!config.isStatic());
-                            Assert.isTrue(config.getStatic() == null);
+                            assertEquals(config.isStatic(), false);
+                            assertNull(config.getStatic());
                         });
     }
 
@@ -33,8 +35,8 @@ void testConfigurationValueConfiguredAreAsExpected() {
                 .run(
                         context -> {
                            RegionProperties config = context.getBean(RegionProperties.class);
-                           Assert.isTrue(config.getStatic().equals("us-phoenix-1"));
-                           Assert.isTrue(config.isStatic());
+                            assertEquals(config.getStatic(), "us-phoenix-1");
+                            assertEquals(config.isStatic(), true);
                         });
     }
 }

spring-cloud-oci-autoconfigure/src/test/java/com/oracle/cloud/spring/logging/LoggingAutoConfigurationTests.java

@@ -12,9 +12,13 @@
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.util.Assert;
+
 
 import static org.mockito.Mockito.mock;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 class LoggingAutoConfigurationTests {
     private final ApplicationContextRunner contextRunner =
@@ -28,7 +32,7 @@ void testConfigurationValueDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             LoggingProperties config = context.getBean(LoggingProperties.class);
-                            Assert.isTrue(config.getLogId() == null);
+                            assertNull(config.getLogId());
                         });
     }
 
@@ -39,7 +43,7 @@ void testConfigurationValueConfiguredAreAsExpected() {
                 .run(
                         context -> {
                             LoggingProperties config = context.getBean(LoggingProperties.class);
-                            Assert.isTrue(config.getLogId().equals("demoLogId"));
+                            assertEquals(config.getLogId(), "demoLogId");
                         });
     }
 
@@ -49,9 +53,9 @@ void testConfigurationDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             String[] logServiceBeanNames = context.getBeanNamesForType(LogService.class);
-                            Assert.isTrue(logServiceBeanNames.length > 0);
+                            assertTrue(logServiceBeanNames.length > 0);
                             LogService logService = context.getBean(LogService.class);
-                            Assert.isTrue(logService != null);
+                            assertNotNull(logService);
                         });
     }
 
@@ -62,7 +66,7 @@ void testConfigurationConfiguredAreAsExpected() {
                 .run(
                         context -> {
                             String[] logServiceBeanNames = context.getBeanNamesForType(LogService.class);
-                            Assert.isTrue(logServiceBeanNames.length == 0);
+                            assertEquals(logServiceBeanNames.length, 0);
                         });
     }
 

spring-cloud-oci-autoconfigure/src/test/java/com/oracle/cloud/spring/notification/NotificationAutoConfigurationTests.java

@@ -13,9 +13,12 @@
 import org.springframework.boot.test.context.runner.ApplicationContextRunner;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.util.Assert;
+
 
 import static org.mockito.Mockito.mock;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 
 class NotificationAutoConfigurationTests {
     private final ApplicationContextRunner contextRunner =
@@ -29,9 +32,9 @@ void testConfigurationDefaultsAreAsExpected() {
                 .run(
                         context -> {
                             String[] notificationBeanNames = context.getBeanNamesForType(Notification.class);
-                            Assert.isTrue(notificationBeanNames.length > 0);
+                            assertTrue(notificationBeanNames.length > 0);
                             Notification notification = context.getBean(Notification.class);
-                            Assert.isTrue(notification != null);
+                            assertNotNull(notification);
                         });
     }
 
@@ -42,7 +45,7 @@ void testConfigurationConfiguredAreAsExpected() {
                 .run(
                         context -> {
                             String[] notificationBeanNames = context.getBeanNamesForType(Notification.class);
-                            Assert.isTrue(notificationBeanNames.length == 0);
+                            assertEquals(notificationBeanNames.length, 0);
                         });
     }