feat: implement automatic hashicorp token renewal (eclipse-edc#3782)

* feat: add PrefixMonitor (eclipse-edc#3510) * feat: add token rotation mechanism * test: adding tests for hashicorp token rotation * fix: fix checkstyle errors * fix: set empty list when policies null * docs: update DEPENDENCIES * fix: pr comments * fix: pr comments * fix: pr comments * add custom retry mechanism to token renewal * merge upstream main * minor fixes * extract hashicorp config value validation into separate class * checkstyle fixes * remove vault timeout config * clean up * added ConfigImplTest test for double config * remove root token property from token look up data * use in-built retry mechanism of EdcHttpClient for token operations * using single thread executor for hashicorp client * remove retry config from HashicorpVaultConfig * revert config impl changes * revert SettingResolver changes * test call of FallbackFactories.retryWhenStatusIsNotIn(..) with static mocks * implement custom Fallback factory for hashicorp client * replace token dto classes by map<string, object> * merge upstream * update pr comments * update pr comments * update pr comments * clean up merge * merge main into feature branch
zub4t · Mar 20, 2024 · 3cde990 · 3cde990
1 parent 964e40b
commit 3cde990
Show file tree

Hide file tree

Showing 27 changed files with 1,641 additions and 1,092 deletions.
diff --git a/...hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpCertificateResolver.java b/...hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpCertificateResolver.java
diff --git a/...t/vault-hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClient.java b/...t/vault-hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClient.java
diff --git a/...t-hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClientConfig.java b/...t-hashicorp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClientConfig.java
diff --git a/...rp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClientFallbackFactory.java b/...rp/src/main/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultClientFallbackFactory.java
@@ -0,0 +1,37 @@
+/*
+ *  Copyright (c) 2024 Mercedes-Benz Tech Innovation GmbH
+ *
+ *  This program and the accompanying materials are made available under the
+ *  terms of the Apache License, Version 2.0 which is available at
+ *  https://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Contributors:
+ *       Mercedes-Benz Tech Innovation GmbH - Implement automatic Hashicorp Vault token renewal
+ *
+ */
+
+package org.eclipse.edc.vault.hashicorp;
+
+import dev.failsafe.Fallback;
+import okhttp3.Request;
+import okhttp3.Response;
+import org.eclipse.edc.spi.http.FallbackFactory;
+
+import static org.eclipse.edc.spi.http.FallbackFactories.retryWhenStatusIsNotIn;
+
+/**
+ * Implements a {@link Fallback}factory for requests executed against the Hashicorp Vault.
+ *
+ * @see <a href="https://developer.hashicorp.com/vault/api-docs">Hashicorp Vault Api</a> for more information on retryable error codes.
+ */
+public class HashicorpVaultClientFallbackFactory implements FallbackFactory {
+
+    private static final int[] NON_RETRYABLE_STATUS_CODES = {200, 204, 400, 403, 404, 405};
+
+    @Override
+    public Fallback<Response> create(Request request) {
+        return retryWhenStatusIsNotIn(NON_RETRYABLE_STATUS_CODES).create(request);
+    }
+}