Skip to content

Commit

Permalink
Refactor FederatedAuthPlugin and add unit tests
Browse files Browse the repository at this point in the history
  • Loading branch information
aaronchung-bitquill committed Nov 21, 2023
1 parent 6bc826d commit 6b73c62
Show file tree
Hide file tree
Showing 23 changed files with 1,802 additions and 448 deletions.
4 changes: 0 additions & 4 deletions config/checkstyle/checkstyle-suppressions.xml
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,4 @@
<suppress files="[\\/]PgDataSourceHelper\.java" checks="IllegalImport"/>
<suppress files="[\\/]test[\\/]" checks="IllegalImport"/>
<suppress files="[\\/]ExtendedFormatter\.java" checks="Header"/>
<suppress files="[\\/]NonValidatingFactory\.java" checks="Header"/>
<suppress files="[\\/]WrappedFactory\.java" checks="Header"/>
<suppress files="[\\/]FederatedAuthConnectionPluginFactory\.java" checks="Header"/>
<suppress files="[\\/]FederatedAuthConnectionPlugin\.java" checks="Header"/>
</suppressions>
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,17 @@
- Include the runtime dependencies, [AWS Java SDK RDS](https://search.maven.org/artifact/software.amazon.awssdk/rds) and [AWS Java SDK STS](https://search.maven.org/artifact/software.amazon.awssdk/sts).
- Specify the following parameters:

| Parameter | Value | Required | Description | Default Value | Example Value |
|-------------------|:------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|--------------------------------------------------------|
| `wrapperPlugins` | String | Yes | A comma separated list of connection plugin codes for which plugins the AWS JDBC Driver is to use. | ``auroraConnectionTracker,failover,efm`` | `auroraConnectionTracker,failover,efm,federatedAuth` |
| `idpHost` | String | Yes | The hosting URL for the service that you are using to authenticate into AWS Aurora. | `null` | `ec2amaz-ab3cdef.example.com` |
| `idpPort` | String | No | The port that the host for the authentication service listens at. | `443` | `1234` |
| `iamRoleArn` | String | Yes | The ARN of the IAM Role that is to be assumed to access AWS Aurora. | `null` | `arn:aws:iam::123456789012:role/adfs_example_iam_role` |
| `iamIdpArn` | String | Yes | The ARN of the Identity Provider. | `null` | `arn:aws:iam::123456789012:saml-provider/adfs_example` |
| `iamRegion` | String | Yes | The IAM region where the IAM token is generated. | `null` | `us-east-2` |
| `idpUserName` | String | Yes | The user name for the `idpHost` server. | `null` | `jimbob@example.com` |
| `idpUserPassword` | String | Yes | The password associated with the `idpHost` user name. | `null` | `someRandomPassword` |
| `user` | String | Yes | The user name of the IAM user with access to your database. <br>If you have previously used the IAM Authentication Plugin, this would be the same IAM user. <br>For information on how to connect to your Aurora Database with IAM, see this [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.html). | `null` | `some_user_name` |
| Parameter | Value | Required | Description | Default Value | Example Value |
|------------------|:------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|--------------------------------------------------------|
| `wrapperPlugins` | String | Yes | A comma separated list of connection plugin codes for which plugins the AWS JDBC Driver is to use. | ``auroraConnectionTracker,failover,efm`` | `auroraConnectionTracker,failover,efm,federatedAuth` |
| `idpEndpoint` | String | Yes | The hosting URL for the service that you are using to authenticate into AWS Aurora. | `null` | `ec2amaz-ab3cdef.example.com` |
| `idpPort` | String | No | The port that the host for the authentication service listens at. | `443` | `1234` |
| `iamRoleArn` | String | Yes | The ARN of the IAM Role that is to be assumed to access AWS Aurora. | `null` | `arn:aws:iam::123456789012:role/adfs_example_iam_role` |
| `iamIdpArn` | String | Yes | The ARN of the Identity Provider. | `null` | `arn:aws:iam::123456789012:saml-provider/adfs_example` |
| `iamRegion` | String | Yes | The IAM region where the IAM token is generated. | `null` | `us-east-2` |
| `idpUsername` | String | Yes | The user name for the `idpEndpoint` server. | `null` | `jimbob@example.com` |
| `idpPassword` | String | Yes | The password associated with the `idpEndpoint` username. | `null` | `someRandomPassword` |
| `user` | String | Yes | The user name of the IAM user with access to your database. <br>If you have previously used the IAM Authentication Plugin, this would be the same IAM user. <br>For information on how to connect to your Aurora Database with IAM, see this [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.html). | `null` | `some_user_name` |

## Code Example

Expand All @@ -34,12 +34,12 @@ public class FederatedAuthConnectionPluginExample {
// Set the AWS Federated Authentication Connection Plugin parameters and the JDBC Wrapper parameters.
final Properties properties = new Properties();
properties.setProperty("wrapperPlugins", "federatedAuth");
properties.setProperty("idpHost", "ec2amaz-ab3cdef.example.com");
properties.setProperty("idpEndpoint", "ec2amaz-ab3cdef.example.com");
properties.setProperty("iamRoleArn", "arn:aws:iam::123456789012:role/adfs_example_iam_role");
properties.setProperty("iamIdpArn", "arn:aws:iam::123456789012:saml-provider/adfs_example");
properties.setProperty("iamRegion", "us-east-2");
properties.setProperty("idpUserName", "someFederatedUsername@example.com");
properties.setProperty("idpUserPassword", "somePassword");
properties.setProperty("idpUsername", "someFederatedUsername@example.com");
properties.setProperty("idpPassword", "somePassword");
properties.setProperty("user", "someIamUser");


Expand Down
4 changes: 2 additions & 2 deletions examples/AWSDriverExample/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@ dependencies {
implementation("org.postgresql:postgresql:42.6.0")
implementation("mysql:mysql-connector-java:8.0.33")
implementation("software.amazon.awssdk:rds:2.21.11")
implementation("software.amazon.awssdk:secretsmanager:2.21.11")
implementation("software.amazon.awssdk:sts:2.21.11")
implementation("software.amazon.awssdk:secretsmanager:2.21.21")
implementation("software.amazon.awssdk:sts:2.21.21")
implementation("com.fasterxml.jackson.core:jackson-databind:2.15.3")
implementation(project(":aws-advanced-jdbc-wrapper"))
implementation("io.opentelemetry:opentelemetry-api:1.31.0")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
package software.amazon;

import software.amazon.jdbc.PropertyDefinition;
import software.amazon.jdbc.plugin.FederatedAuthConnectionPlugin;
import software.amazon.jdbc.plugin.federatedauth.FederatedAuthConnectionPlugin;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
Expand All @@ -35,12 +35,13 @@ public static void main(String[] args) throws SQLException {

// Enable the AWS Federated Authentication Connection Plugin.
properties.setProperty(PropertyDefinition.PLUGINS.name, "federatedAuth");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_HOST.name, "ec2amaz-ab3cdef.example.com");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_NAME.name, "adfs");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_ENDPOINT.name, "ec2amaz-ab3cdef.example.com");
properties.setProperty(FederatedAuthConnectionPlugin.IAM_ROLE_ARN.name, "arn:aws:iam::123456789012:role/adfs_example_iam_role");
properties.setProperty(FederatedAuthConnectionPlugin.IAM_IDP_ARN.name, "arn:aws:iam::123456789012:saml-provider/adfs_example");
properties.setProperty(FederatedAuthConnectionPlugin.IAM_REGION.name, "us-east-2");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USER_NAME.name, "someFederatedUsername@teamatlas.example.com");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USER_PASSWORD.name, "somePassword");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USERNAME.name, "someFederatedUsername@teamatlas.example.com");
properties.setProperty(FederatedAuthConnectionPlugin.IDP_PASSWORD.name, "somePassword");
properties.setProperty(PropertyDefinition.USER.name, "someIamUser");


Expand Down
3 changes: 2 additions & 1 deletion wrapper/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,10 @@ dependencies {
testImplementation("com.zaxxer:HikariCP:4.0.3") // Version 4.+ is compatible with Java 8
testImplementation("org.springframework.boot:spring-boot-starter-jdbc:2.7.13") // 2.7.13 is the last version compatible with Java 8
testImplementation("org.mockito:mockito-inline:4.11.0") // 4.11.0 is the last version compatible with Java 8
testImplementation("software.amazon.awssdk:rds:2.21.11")
testImplementation("software.amazon.awssdk:ec2:2.21.12")
testImplementation("software.amazon.awssdk:rds:2.21.11")
testImplementation("software.amazon.awssdk:secretsmanager:2.21.21")
testImplementation("software.amazon.awssdk:sts:2.21.11")
testImplementation("org.testcontainers:testcontainers:1.19.1")
testImplementation("org.testcontainers:mysql:1.19.1")
testImplementation("org.testcontainers:postgresql:1.19.1")
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,12 @@
import software.amazon.jdbc.plugin.DefaultConnectionPlugin;
import software.amazon.jdbc.plugin.DriverMetaDataConnectionPluginFactory;
import software.amazon.jdbc.plugin.ExecutionTimeConnectionPluginFactory;
import software.amazon.jdbc.plugin.FederatedAuthConnectionPluginFactory;
import software.amazon.jdbc.plugin.IamAuthConnectionPluginFactory;
import software.amazon.jdbc.plugin.LogQueryConnectionPluginFactory;
import software.amazon.jdbc.plugin.dev.DeveloperConnectionPluginFactory;
import software.amazon.jdbc.plugin.efm.HostMonitoringConnectionPluginFactory;
import software.amazon.jdbc.plugin.failover.FailoverConnectionPluginFactory;
import software.amazon.jdbc.plugin.federatedauth.FederatedAuthConnectionPluginFactory;
import software.amazon.jdbc.plugin.readwritesplitting.ReadWriteSplittingPluginFactory;
import software.amazon.jdbc.plugin.staledns.AuroraStaleDnsPluginFactory;
import software.amazon.jdbc.profile.DriverConfigurationProfiles;
Expand Down
Loading

0 comments on commit 6b73c62

Please sign in to comment.