MPDO:1015 code refactoring

Author: karankap

samples/oci-apigw-idcs-auth-basic/func.yaml

@@ -1,7 +1,9 @@
 schema_version: 20180708
 name: basicauth
-version: 0.0.6
+version: 0.0.21
 runtime: java
 build_image: fnproject/fn-java-fdk-build:jdk11-1.0.146
 run_image: fnproject/fn-java-fdk:jre11-1.0.146
 cmd: com.example.fn.BasicAuth::handleRequest
+memory: 512
+timeout: 120

samples/oci-apigw-idcs-auth-basic/pom.xml

@@ -1,15 +1,15 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <fdk.version>1.0.146</fdk.version>
+        <jdk.version>11</jdk.version>
     </properties>
+
     <groupId>com.example.fn</groupId>
     <artifactId>basicAuth</artifactId>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
 
     <dependencies>
         <dependency>
@@ -49,18 +49,18 @@
                 <artifactId>maven-compiler-plugin</artifactId>
                 <version>3.3</version>
                 <configuration>
-                    <source>11</source>
-                    <target>11</target>
+                    <source>${jdk.version}</source>
+                    <target>${jdk.version}</target>
                 </configuration>
             </plugin>
             <plugin>
-                 <groupId>org.apache.maven.plugins</groupId>
-                 <artifactId>maven-surefire-plugin</artifactId>
-                 <version>2.22.1</version>
-                 <configuration>
-                     <useSystemClassLoader>false</useSystemClassLoader>
-                 </configuration>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.22.1</version>
+                <configuration>
+                    <useSystemClassLoader>false</useSystemClassLoader>
+                </configuration>
             </plugin>
         </plugins>
     </build>
-</project>
+</project>

samples/oci-apigw-idcs-auth-basic/src/main/java/com/example/fn/BasicAuth.java

@@ -1,96 +1,153 @@
 package com.example.fn;
 
-import java.net.http.HttpClient;
-import java.net.http.HttpRequest;
+import static com.example.fn.util.ResourceServerConfig.TOKEN_PREFIX;
+import static com.example.fn.util.ResourceServerConfig.CONFIG_KEY_IDCS_URL;
+import static com.example.fn.util.ResourceServerConfig.CONFIG_KEY_CLIENT_ID;
+import static com.example.fn.util.ResourceServerConfig.CONFIG_KEY_CLIENT_SECRET;
+import static com.example.fn.util.ResourceServerConfig.CONFIG_KEY_SCOPE_AUD;
+import static com.example.fn.util.ResourceServerConfig.DEFAULT_GRANT_TYPE;
+import static com.example.fn.util.ResourceServerConfig.TOKEN_CLAIM_KEY_EXPIRY;
+import static com.example.fn.util.ResourceServerConfig.TOKEN_CLAIM_KEY_SUBJECT;
+import static com.example.fn.util.ResourceServerConfig.TOKEN_CLAIM_KEY_SCOPE;
+
 import java.net.http.HttpResponse;
-import java.net.URI;
 
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.lang.InterruptedException;
 import org.json.JSONObject;
-import java.util.*;
 
-public class BasicAuth {
-    public static class Input {
-        public String type;
-        public String token;
-    }
+import com.example.fn.util.Helper;
+import com.fnproject.fn.api.FnConfiguration;
+import com.fnproject.fn.api.RuntimeContext;
 
-    public static class Result {
-        public boolean active = false;
-        public String principal;
-        public String[] scope;
-        public String expiresAt;
-    }
+import java.util.*;
 
-    private static final String TOKEN_PREFIX = "Basic ";
-    private static final String IDCS_URL = ResourceServerConfig.IDCS_URL;
+/**
+ * Main class implementing the {@code handleRequest} method, takes the user
+ * credentials as input, authenticates the credentials against the identity
+ * provider and if the authentication is successful then returns the following
+ * claims from the access token <br/>
+ * <ul>
+ * <li>exp</li>
+ * <li>sub</li>
+ * <li>scope</li>
+ * </ul>
+ */
+public class BasicAuth {
 
-    public String[] getUserDetailsFromToken(String token) {
-        String data = token.substring(TOKEN_PREFIX.length());
-        String[] user = new String(Base64.getDecoder().decode(data)).split(":", 2);
-        return user;
+    private static String IDCS_URL = null;
+    private static String CLIENT_ID = null;
+    private static String CLIENT_SECRET = null;
+    private static String SCOPE_AUD = null;
+
+    /**
+     * Reads the configuration parameters and sets the respective variables during
+     * function initialization.
+     * 
+     * @param {@link RuntimeContext} ctx
+     */
+    @FnConfiguration
+    public void config(final RuntimeContext ctx) {
+        IDCS_URL = ctx.getConfigurationByKey(CONFIG_KEY_IDCS_URL).orElse(null);
+        CLIENT_ID = ctx.getConfigurationByKey(CONFIG_KEY_CLIENT_ID).orElse(null);
+        CLIENT_SECRET = ctx.getConfigurationByKey(CONFIG_KEY_CLIENT_SECRET).orElse(null);
+        SCOPE_AUD = ctx.getConfigurationByKey(CONFIG_KEY_SCOPE_AUD).orElse(null);
     }
 
-    public Result handleRequest(Input input) throws UnsupportedEncodingException, InterruptedException {
-        Result returnValue = new Result();
+    /**
+     * Entry point of the function
+     * 
+     * @param {@link Input} input
+     * @return {@link Result}
+     * @throws UnsupportedEncodingException
+     * @throws InterruptedException
+     */
+    public Result handleRequest(final Input input) throws UnsupportedEncodingException, InterruptedException {
+        final Result returnValue = new Result();
+
+        if (!isConfigValid()) {
+            returnValue.active = false;
+            System.out.println(
+                    "Function initialization error, all config parameters not set, please ensure that following config variables are set IDCS_URL, CLIENT_ID, CLIENT_SECRET");
+            return returnValue;
+        }
 
         if (input.token == null || !input.token.startsWith(TOKEN_PREFIX)) {
             returnValue.active = false;
             System.out.println("Request error, missing credentials");
             return returnValue;
         }
 
-        String[] user = getUserDetailsFromToken(input.token);
+        final String[] user = getUserDetailsFromToken(input.token);
         if (user.length != 2 || user[0] == null || user[0].isEmpty() || user[1] == null || user[1].isEmpty()) {
+            returnValue.active = false;
             System.out.println("Request error username or password missing");
             return returnValue;
         }
 
-        String username = user[0];
-        String password = user[1];
-        String clientId = ResourceServerConfig.CLIENT_ID;
-        String clientSecret = ResourceServerConfig.CLIENT_SECRET;
-        String authzHdrVal = clientId + ":" + clientSecret;
-        String idcsScope = ResourceServerConfig.SCOPE_AUD;
-
-        String reqBody =   "grant_type=password" +
-                "&username=" + username +
-                "&password=" + password +
-                "&scope=" + idcsScope;
+        final String authzHdrVal = CLIENT_ID + ":" + CLIENT_SECRET;
+        final String reqBody = Helper.createRequestBody(user[0], user[1], SCOPE_AUD, DEFAULT_GRANT_TYPE);
 
         try {
-            HttpClient client = HttpClient.newHttpClient();
-
-            HttpRequest request = HttpRequest.newBuilder()
-                    .uri(URI.create(IDCS_URL))
-                    .header("Content-Type", "application/x-www-form-urlencoded")
-                    .header("Authorization", "Basic " + Base64.getEncoder().encodeToString(authzHdrVal.getBytes("UTF-8")))
-                    .POST(HttpRequest.BodyPublishers.ofString(reqBody))
-                    .build();
-
-            HttpResponse<String> response = client.send(    request,
-                    HttpResponse.BodyHandlers.ofString() );
-
+            final HttpResponse<String> response = Helper.callIDCS(IDCS_URL, authzHdrVal, reqBody);
 
             if (response.statusCode() == 200) {
+                final String responseString = (String) response.body();
+                final JSONObject payload = Helper.getTokenBody(responseString);
 
-                String responseString = (String) response.body();
-                String[] chunks = responseString.split("\\.");
-                String respjson = new String(Base64.getUrlDecoder().decode(chunks[1]));
-                JSONObject payload = new JSONObject(respjson);
-                Date expTime = new Date(payload.getLong("exp")*1000);
-
-                returnValue.principal = payload.getString("sub");
-                returnValue.scope = payload.getString("scope").split(" ");
+                final Date expTime = new Date(payload.getLong(TOKEN_CLAIM_KEY_EXPIRY) * 1000);
+                returnValue.principal = payload.getString(TOKEN_CLAIM_KEY_SUBJECT);
+                returnValue.scope = payload.getString(TOKEN_CLAIM_KEY_SCOPE).split(" ");
                 returnValue.expiresAt = expTime.toString();
                 returnValue.active = true;
+
                 System.out.println("Authentication successful");
             }
         } catch (IOException e) {
             e.printStackTrace();
         }
         return returnValue;
     }
+
+    /**
+     * Returns true if all the configuration variables are set else returns false
+     * 
+     * @return
+     */
+    private boolean isConfigValid() {
+        if (IDCS_URL != null && !IDCS_URL.trim().isEmpty()
+                && CLIENT_ID != null && !CLIENT_ID.trim().isEmpty()
+                && CLIENT_SECRET != null && !CLIENT_SECRET.isEmpty()
+                && SCOPE_AUD != null && !SCOPE_AUD.trim().isEmpty()) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * The input contains the username and password in {@link Base64} encoded
+     * format. The format of the token is Base64 encoded <username>:<password>. This
+     * function decodes the token and returns the username and password.
+     * 
+     * @param {@link String} token
+     * @return {@link String} array with username and password
+     */
+    private String[] getUserDetailsFromToken(final String token) {
+        final String data = token.substring(TOKEN_PREFIX.length());
+        final String[] user = new String(Base64.getDecoder().decode(data)).split(":", 2);
+        return user;
+    }
+
+    public static class Input {
+        public String type;
+        public String token;
+    }
+
+    public static class Result {
+        public boolean active = false;
+        public String principal;
+        public String[] scope;
+        public String expiresAt;
+    }
 }

samples/oci-apigw-idcs-auth-basic/src/main/java/com/example/fn/ResourceServerConfig.java

@@ -0,0 +1,84 @@
+package com.example.fn.util;
+
+import static com.example.fn.util.ResourceServerConfig.TOKEN_PREFIX;
+import static com.example.fn.util.ResourceServerConfig.HEADER_NAME_CONTENT_TYPE;
+import static com.example.fn.util.ResourceServerConfig.HEADER_NAME_AUTHORIZATION;
+import static com.example.fn.util.ResourceServerConfig.HEADER_VALUE_CONTENT_TYPE;
+
+import java.io.IOException;
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.util.Base64;
+
+import org.json.JSONObject;
+
+/**
+ * Util class that contains some common utility methods
+ */
+public final class Helper {
+
+    private Helper() {
+        //
+    }
+
+    /**
+     * Creates the POST request body that will be sent to IDCS token endpoint
+     * 
+     * @param {@link String} username
+     * @param {@link String} password
+     * @param {@link String} scope
+     * @param {@link String} grantType
+     * @return {@link String} request body
+     */
+    public static String createRequestBody(final String username, final String password, final String scope,
+            final String grantType) {
+        return "grant_type=" + grantType +
+                "&username=" + username +
+                "&password=" + password +
+                "&scope=" + scope;
+    }
+
+    /**
+     * 
+     * Calls IDCS token endpoint to validate the username and password and get the
+     * access token.
+     * 
+     * @param {@link String} url
+     * @param {@link String} authHeader
+     * @param {@link String} requestBody
+     * @return {@link HttpResponse}
+     * @throws InterruptedException
+     * @throws IOException
+     */
+    public static HttpResponse<String> callIDCS(final String url, final String authHeader, final String requestBody)
+            throws IOException, InterruptedException {
+        final HttpClient client = HttpClient.newHttpClient();
+
+        final HttpRequest request = HttpRequest.newBuilder()
+                .uri(URI.create(url))
+                .header(HEADER_NAME_CONTENT_TYPE, HEADER_VALUE_CONTENT_TYPE)
+                .header(HEADER_NAME_AUTHORIZATION,
+                        TOKEN_PREFIX + Base64.getEncoder().encodeToString(authHeader.getBytes("UTF-8")))
+                .POST(HttpRequest.BodyPublishers.ofString(requestBody))
+                .build();
+
+        return client.send(request,
+                HttpResponse.BodyHandlers.ofString());
+    }
+
+    /**
+     * Returns the body from the access token. The token is of the JWT format with 3
+     * parts separated by "." First part is header, body is the second part and the
+     * last part is signature
+     * 
+     * @param response
+     * @return
+     */
+    public static JSONObject getTokenBody(final String response) {
+        final String[] chunks = response.split("\\.");
+        final String respjson = new String(Base64.getUrlDecoder().decode(chunks[1]));
+        return new JSONObject(respjson);
+    }
+}