diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/CatalogApplicationConfig.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/CatalogApplicationConfig.java index f025a49967a..7d35581dc1d 100644 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/CatalogApplicationConfig.java +++ b/catalog-rest-service/src/main/java/org/openmetadata/catalog/CatalogApplicationConfig.java @@ -36,82 +36,98 @@ import org.openmetadata.catalog.slack.SlackPublisherConfiguration; import org.openmetadata.catalog.slackChat.SlackChatConfiguration; public class CatalogApplicationConfig extends Configuration { - @JsonProperty("database") + private static final String DATABASE_CONFIG = "database"; + private static final String SWAGGER_CONFIG = "swagger"; + private static final String AUTHORIZER_CONFIG = "authorizerConfiguration"; + private static final String AUTHENTICATION_CONFIG = "authenticationConfiguration"; + private static final String JWT_CONFIG = "jwtTokenConfiguration"; + private static final String ELASTIC_CONFIG = "elasticsearch"; + private static final String EVENTHANDLER_CONFIG = "eventHandlerConfiguration"; + private static final String AIRFLOW_CONFIG = "airflowConfiguration"; + private static final String SLACK_CONFIG = "slackEventPublishers"; + private static final String FERNET_CONFIG = "fernetConfiguration"; + private static final String HEALTH_CONFIG = "health"; + private static final String MIGRATION_CONFIG = "migrationConfiguration"; + private static final String SANDBOXMODE_CONFIG = "sandboxModeEnabled"; + private static final String SLACK_CHAT_CONFIG = "slackChat"; + private static final String SECRET_MANAGER_CONFIG = "secretsManagerConfiguration"; + + @JsonProperty(DATABASE_CONFIG) @NotNull @Valid @Getter @Setter private DataSourceFactory dataSourceFactory; - @JsonProperty("swagger") + @JsonProperty(SWAGGER_CONFIG) @Getter @Setter private SwaggerBundleConfiguration swaggerBundleConfig; - @JsonProperty("authorizerConfiguration") + @JsonProperty(AUTHORIZER_CONFIG) @Getter @Setter private AuthorizerConfiguration authorizerConfiguration; - @JsonProperty("authenticationConfiguration") + @JsonProperty(AUTHENTICATION_CONFIG) @Getter @Setter private AuthenticationConfiguration authenticationConfiguration; - @JsonProperty("jwtTokenConfiguration") + @JsonProperty(JWT_CONFIG) @Getter @Setter private JWTTokenConfiguration jwtTokenConfiguration; - @JsonProperty("elasticsearch") + @JsonProperty(ELASTIC_CONFIG) @Getter @Setter private ElasticSearchConfiguration elasticSearchConfiguration; - @JsonProperty("eventHandlerConfiguration") + @JsonProperty(EVENTHANDLER_CONFIG) @Getter @Setter private EventHandlerConfiguration eventHandlerConfiguration; - @JsonProperty("airflowConfiguration") + @JsonProperty(AIRFLOW_CONFIG) @Getter @Setter private AirflowConfiguration airflowConfiguration; - @JsonProperty("slackEventPublishers") + @JsonProperty(SLACK_CONFIG) @Getter @Setter private List slackEventPublishers; - @JsonProperty("migrationConfiguration") + @JsonProperty(MIGRATION_CONFIG) @NotNull @Getter @Setter private MigrationConfiguration migrationConfiguration; - @JsonProperty("fernetConfiguration") + @JsonProperty(FERNET_CONFIG) @Getter @Setter private FernetConfiguration fernetConfiguration; - @JsonProperty("health") + @JsonProperty(HEALTH_CONFIG) @NotNull @Valid @Getter @Setter private HealthConfiguration healthConfiguration = new HealthConfiguration(); - @JsonProperty("sandboxModeEnabled") + @JsonProperty(SANDBOXMODE_CONFIG) @Getter @Setter private boolean sandboxModeEnabled; - @JsonProperty("slackChat") + @JsonProperty(SLACK_CHAT_CONFIG) @Getter @Setter private SlackChatConfiguration slackChatConfiguration = new SlackChatConfiguration(); - @JsonProperty("secretsManagerConfiguration") + @JsonProperty(SECRET_MANAGER_CONFIG) @Getter @Setter private SecretsManagerConfiguration secretsManagerConfiguration; diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AirflowConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AirflowConfiguration.java deleted file mode 100644 index a063e53198c..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AirflowConfiguration.java +++ /dev/null @@ -1,35 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.airflow; - -import javax.validation.constraints.NotEmpty; -import lombok.Getter; -import lombok.Setter; - -public class AirflowConfiguration { - - @NotEmpty @Getter @Setter private String apiEndpoint; - - @NotEmpty @Getter @Setter private String username; - - @NotEmpty @Getter @Setter private String password; - - @Getter @Setter private Integer timeout = 30; - - @NotEmpty @Getter @Setter private String metadataApiEndpoint; - - @NotEmpty @Getter @Setter private String authProvider; - - @Getter @Setter private AuthConfiguration authConfig; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AuthConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AuthConfiguration.java deleted file mode 100644 index 2b9264b12b4..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/airflow/AuthConfiguration.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.airflow; - -import lombok.Getter; -import lombok.Setter; -import org.openmetadata.catalog.security.client.Auth0SSOClientConfig; -import org.openmetadata.catalog.security.client.AzureSSOClientConfig; -import org.openmetadata.catalog.security.client.CustomOIDCSSOClientConfig; -import org.openmetadata.catalog.security.client.GoogleSSOClientConfig; -import org.openmetadata.catalog.security.client.OktaSSOClientConfig; -import org.openmetadata.catalog.security.client.OpenMetadataJWTClientConfig; - -public class AuthConfiguration { - - @Getter @Setter private GoogleSSOClientConfig google; - - @Getter @Setter private OktaSSOClientConfig okta; - - @Getter @Setter private Auth0SSOClientConfig auth0; - - @Getter @Setter private AzureSSOClientConfig azure; - - @Getter @Setter private CustomOIDCSSOClientConfig customOidc; - - @Getter @Setter private OpenMetadataJWTClientConfig openmetadata; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/elasticsearch/ElasticSearchConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/elasticsearch/ElasticSearchConfiguration.java deleted file mode 100644 index 275e44de021..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/elasticsearch/ElasticSearchConfiguration.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.elasticsearch; - -import javax.validation.constraints.NotEmpty; -import lombok.Getter; -import lombok.Setter; - -public class ElasticSearchConfiguration { - @NotEmpty @Getter @Setter private String host; - @NotEmpty @Getter @Setter private Integer port; - @Getter @Setter private String username; - @Getter @Setter private String password; - @Getter @Setter private String scheme; - @Getter @Setter private String truststorePath; - @Getter @Setter private String truststorePassword; - @Getter @Setter private Integer connectionTimeoutSecs = 5; - @Getter @Setter private Integer socketTimeoutSecs = 60; - @Getter @Setter private Integer batchSize = 10; - - @Override - public String toString() { - return "ElasticSearchConfiguration{" - + "host='" - + host - + '\'' - + ", port=" - + port - + ", username='" - + username - + '\'' - + '}'; - } -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventFilter.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventFilter.java index ec98b116f29..de7540bd0cd 100644 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventFilter.java +++ b/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventFilter.java @@ -13,10 +13,7 @@ package org.openmetadata.catalog.events; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.List; -import java.util.Set; +import java.util.*; import java.util.concurrent.ForkJoinPool; import javax.ws.rs.container.ContainerRequestContext; import javax.ws.rs.container.ContainerResponseContext; @@ -43,7 +40,8 @@ public class EventFilter implements ContainerResponseFilter { private void registerEventHandlers(CatalogApplicationConfig config, Jdbi jdbi) { try { - Set eventHandlerClassNames = config.getEventHandlerConfiguration().getEventHandlerClassNames(); + Set eventHandlerClassNames = + new HashSet<>(config.getEventHandlerConfiguration().getEventHandlerClassNames()); for (String eventHandlerClassName : eventHandlerClassNames) { EventHandler eventHandler = ((Class) Class.forName(eventHandlerClassName)).getConstructor().newInstance(); diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventHandlerConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventHandlerConfiguration.java deleted file mode 100644 index 49da8b934ba..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/events/EventHandlerConfiguration.java +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.openmetadata.catalog.events; - -import java.util.Set; -import lombok.Getter; -import lombok.Setter; - -public class EventHandlerConfiguration { - @Getter @Setter private Set eventHandlerClassNames; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/fernet/FernetConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/fernet/FernetConfiguration.java deleted file mode 100644 index eb8e0d8a413..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/fernet/FernetConfiguration.java +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.fernet; - -import javax.validation.constraints.NotEmpty; -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class FernetConfiguration { - @NotEmpty private String fernetKey; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthenticationConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthenticationConfiguration.java deleted file mode 100644 index 753b74bfcd2..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthenticationConfiguration.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.security; - -import java.util.List; -import lombok.Getter; -import lombok.Setter; - -public class AuthenticationConfiguration { - @Getter @Setter private String provider; - @Getter @Setter private String providerName; - - /** @deprecated Use publicKeyUrls */ - @Deprecated(since = "0.9.1", forRemoval = true) - @Getter - @Setter - private String publicKey; - - @Getter @Setter private List publicKeyUrls; - @Getter @Setter private String authority; - @Getter @Setter private String clientId; - @Getter @Setter private String callbackUrl; - @Getter @Setter private List jwtPrincipalClaims; - - @Override - public String toString() { - return "AuthenticationConfiguration{" - + "provider='" - + provider - + '\'' - + ", publicKeyUrls=" - + publicKeyUrls - + ", authority='" - + authority - + '\'' - + ", clientId='" - + clientId - + '\'' - + ", callbackUrl='" - + callbackUrl - + '\'' - + ", jwtPrincipalClaims=" - + jwtPrincipalClaims - + '}'; - } -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthorizerConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthorizerConfiguration.java deleted file mode 100644 index 0492f72924d..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/AuthorizerConfiguration.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright 2021 Collate - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * http://www.apache.org/licenses/LICENSE-2.0 - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.openmetadata.catalog.security; - -import java.util.Set; -import javax.validation.constraints.NotEmpty; -import lombok.Getter; -import lombok.Setter; - -public class AuthorizerConfiguration { - @NotEmpty @Getter @Setter private String className; - @NotEmpty @Getter @Setter private String containerRequestFilter; - @NotEmpty @Getter @Setter private Set adminPrincipals; - @NotEmpty @Getter @Setter private Set botPrincipals; - @NotEmpty @Getter @Setter private String principalDomain; - @NotEmpty @Getter @Setter private Boolean enforcePrincipalDomain; - @NotEmpty @Getter @Setter private Boolean enableSecureSocketConnection; - - @Override - public String toString() { - return "AuthorizerConfiguration{" - + "className='" - + className - + '\'' - + ", containerRequestFilter='" - + containerRequestFilter - + '\'' - + '}'; - } -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenConfiguration.java deleted file mode 100644 index c5182432211..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenConfiguration.java +++ /dev/null @@ -1,11 +0,0 @@ -package org.openmetadata.catalog.security.jwt; - -import lombok.Getter; -import lombok.Setter; - -public class JWTTokenConfiguration { - @Getter @Setter private String RSAPublicKeyFilePath; - @Getter @Setter private String RSAPrivateKeyFilePath; - @Getter @Setter private String JWTIssuer; - @Getter @Setter private String keyId; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenGenerator.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenGenerator.java index aea08fd9361..7cc60f0ad3a 100644 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenGenerator.java +++ b/catalog-rest-service/src/main/java/org/openmetadata/catalog/security/jwt/JWTTokenGenerator.java @@ -48,19 +48,19 @@ public class JWTTokenGenerator { public void init(JWTTokenConfiguration jwtTokenConfiguration) { try { - if (jwtTokenConfiguration.getRSAPrivateKeyFilePath() != null - && !jwtTokenConfiguration.getRSAPrivateKeyFilePath().isEmpty() - && jwtTokenConfiguration.getRSAPublicKeyFilePath() != null - && !jwtTokenConfiguration.getRSAPublicKeyFilePath().isEmpty()) { - byte[] privateKeyBytes = Files.readAllBytes(Paths.get(jwtTokenConfiguration.getRSAPrivateKeyFilePath())); + if (jwtTokenConfiguration.getRsaprivateKeyFilePath() != null + && !jwtTokenConfiguration.getRsaprivateKeyFilePath().isEmpty() + && jwtTokenConfiguration.getRsapublicKeyFilePath() != null + && !jwtTokenConfiguration.getRsapublicKeyFilePath().isEmpty()) { + byte[] privateKeyBytes = Files.readAllBytes(Paths.get(jwtTokenConfiguration.getRsaprivateKeyFilePath())); PKCS8EncodedKeySpec privateSpec = new PKCS8EncodedKeySpec(privateKeyBytes); KeyFactory privateKF = KeyFactory.getInstance("RSA"); privateKey = (RSAPrivateKey) privateKF.generatePrivate(privateSpec); - byte[] publicKeyBytes = Files.readAllBytes(Paths.get(jwtTokenConfiguration.getRSAPublicKeyFilePath())); + byte[] publicKeyBytes = Files.readAllBytes(Paths.get(jwtTokenConfiguration.getRsapublicKeyFilePath())); X509EncodedKeySpec spec = new X509EncodedKeySpec(publicKeyBytes); KeyFactory kf = KeyFactory.getInstance("RSA"); publicKey = (RSAPublicKey) kf.generatePublic(spec); - issuer = jwtTokenConfiguration.getJWTIssuer(); + issuer = jwtTokenConfiguration.getJwtissuer(); kid = jwtTokenConfiguration.getKeyId(); } } catch (Exception ex) { diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/slack/SlackPublisherConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/slack/SlackPublisherConfiguration.java deleted file mode 100644 index d4d4da656f2..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/slack/SlackPublisherConfiguration.java +++ /dev/null @@ -1,15 +0,0 @@ -package org.openmetadata.catalog.slack; - -import java.util.List; -import javax.validation.constraints.NotEmpty; -import lombok.Getter; -import lombok.Setter; -import org.openmetadata.catalog.type.EventFilter; - -public class SlackPublisherConfiguration { - @NotEmpty @Getter @Setter private String webhookUrl; - @NotEmpty @Getter @Setter private String name; - @NotEmpty @Getter @Setter private String openMetadataUrl; - @Getter @Setter List filters; - @Getter @Setter private int batchSize = 10; -} diff --git a/catalog-rest-service/src/main/java/org/openmetadata/catalog/slackChat/SlackChatConfiguration.java b/catalog-rest-service/src/main/java/org/openmetadata/catalog/slackChat/SlackChatConfiguration.java deleted file mode 100644 index ef933cc37d5..00000000000 --- a/catalog-rest-service/src/main/java/org/openmetadata/catalog/slackChat/SlackChatConfiguration.java +++ /dev/null @@ -1,13 +0,0 @@ -package org.openmetadata.catalog.slackChat; - -import java.util.List; -import lombok.Getter; -import lombok.Setter; - -@Getter -@Setter -public class SlackChatConfiguration { - private String apiToken; - private String botName; - private List channels; -} diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/airflowConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/airflowConfiguration.json new file mode 100644 index 00000000000..126c44a7d06 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/airflowConfiguration.json @@ -0,0 +1,41 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/airflowConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "AirflowConfiguration", + "description": "This schema defines the AirFlow Configuration", + "type": "object", + "javaType": "org.openmetadata.catalog.airflow.AirflowConfiguration", + "properties": { + "apiEndpoint": { + "description": "API host endpoint for Airflow", + "type": "string" + }, + "username": { + "description": "Username for Login", + "type": "string" + }, + "password": { + "description": "Password for Login", + "type": "string" + }, + "metadataApiEndpoint": { + "description": "Metadata api endpoint", + "type": "string" + }, + "authProvider": { + "description": "Auth Provider like no-auth, azure , google, okta, auth0, customOidc, openmetadata", + "type": "string" + }, + "timeout": { + "description": "Timeout", + "type": "integer", + "default": 10 + }, + "authConfig": { + "description": "Auth Provider Configuration ", + "$ref": "authConfig.json" + } + }, + "required": ["apiEndpoint", "username", "password", "metadataApiEndpoint", "authProvider", "authConfig"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/authConfig.json b/catalog-rest-service/src/main/resources/json/schema/configuration/authConfig.json new file mode 100644 index 00000000000..f442c9f99fa --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/authConfig.json @@ -0,0 +1,35 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/authConfig.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "AuthConfiguration", + "description": "This schema defines the Auth Config.", + "type": "object", + "javaType": "org.openmetadata.catalog.airflow.AuthConfiguration", + "properties": { + "google": { + "description": "Google SSO Configuration", + "$ref": "../security/client/googleSSOClientConfig.json" + }, + "okta": { + "description": "Okta SSO Configuration", + "$ref": "../security/client/oktaSSOClientConfig.json" + }, + "auth0": { + "description": "Auth0 SSO Configuration", + "$ref": "../security/client/auth0SSOClientConfig.json" + }, + "azure": { + "description": "Azure SSO Configuration", + "$ref": "../security/client/azureSSOClientConfig.json" + }, + "customOidc": { + "description": "Custom OIDC SSO Configuration", + "$ref": "../security/client/customOidcSSOClientConfig.json" + }, + "openmetadata": { + "description": "OpenMetadata SSO Configuration", + "$ref": "../security/client/openMetadataJWTClientConfig.json" + } + }, + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/authenticationConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/authenticationConfiguration.json new file mode 100644 index 00000000000..7d3d5f67814 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/authenticationConfiguration.json @@ -0,0 +1,46 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/authenticationConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "AuthenticationConfiguration", + "description": "This schema defines the Authentication Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.security.AuthenticationConfiguration", + "properties": { + "provider": { + "description": "SSO provider , no-auth, okta, google , azure etc.", + "type": "string" + }, + "providerName": { + "description": "Custom OIDC Authentication Provider Name", + "type": "string" + }, + "publicKeyUrls": { + "description": "List of Public Key URLs", + "type": "array", + "items": { + "type": "string" + } + }, + "authority": { + "description": "Authentication Authority", + "type": "string" + }, + "clientId": { + "description": "Client ID", + "type": "string" + }, + "callbackUrl": { + "description": "Callback URL", + "type": "string" + }, + "jwtPrincipalClaims": { + "description": "Jwt Principal Claim", + "type": "array", + "items": { + "type": "string" + } + } + }, + "required": ["provider", "providerName", "publicKeyUrls", "authority", "callbackUrl", "clientId", "jwtPrincipalClaims"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/authorizerConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/authorizerConfiguration.json new file mode 100644 index 00000000000..e8e613200d3 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/authorizerConfiguration.json @@ -0,0 +1,46 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/authorizerConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "AuthorizerConfiguration", + "description": "This schema defines the Authorization Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.security.AuthorizerConfiguration", + "properties": { + "className": { + "description": "Class Name for authorizer.", + "type": "string" + }, + "containerRequestFilter": { + "description": "Filter for the request authorization", + "type": "string" + }, + "adminPrincipals": { + "description": "List of unique admin principals", + "type": "array", + "items": { + "type": "string" + } + }, + "botPrincipals": { + "description": "List of unique bot principals", + "type": "array", + "items": { + "type": "string" + } + }, + "principalDomain": { + "description": "Principal Domain", + "type": "string" + }, + "enforcePrincipalDomain": { + "description": "Enable Enforce Principal Domain", + "type": "boolean" + }, + "enableSecureSocketConnection": { + "description": "Enable Secure Socket Connection", + "type": "boolean" + } + }, + "required": ["className", "containerRequestFilter", "adminPrincipals", "botPrincipals", "principalDomain", "enforcePrincipalDomain", "enableSecureSocketConnection"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/elasticSearchConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/elasticSearchConfiguration.json new file mode 100644 index 00000000000..765ac5a1ee0 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/elasticSearchConfiguration.json @@ -0,0 +1,55 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/elasticSearchConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "ElasticSearchConfiguration", + "description": "This schema defines the Elastic Search Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.elasticsearch.ElasticSearchConfiguration", + "properties": { + "host": { + "description": "Elastic Search Host", + "type": "string" + }, + "port": { + "description": "Elastic Search port", + "type": "integer" + }, + "scheme": { + "description": "Http/Https connection scheme", + "type": "string" + }, + "username": { + "description": "Elastic Search Username for Login", + "type": "string" + }, + "password": { + "description": "Elastic Search Password for Login", + "type": "string" + }, + "truststorePath": { + "description": "Truststore Path", + "type": "string" + }, + "truststorePassword": { + "description": "Truststore Password", + "type": "string" + }, + "connectionTimeoutSecs": { + "description": "Connection Timeout in Seconds", + "type": "integer", + "default": 5 + }, + "socketTimeoutSecs": { + "description": "Socket Timeout in Seconds", + "type": "integer", + "default": 60 + }, + "batchSize": { + "description": "Batch Size for Requests", + "type": "integer", + "default": 10 + } + }, + "required": ["host", "port", "scheme", "connectionTimeoutSecs", "socketTimeoutSecs", "batchSize"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/eventHandlerConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/eventHandlerConfiguration.json new file mode 100644 index 00000000000..832d47eaf40 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/eventHandlerConfiguration.json @@ -0,0 +1,19 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/eventHandlerConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "EventHandlerConfiguration", + "description": "This schema defines the Event Handler Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.events.EventHandlerConfiguration", + "properties": { + "eventHandlerClassNames": { + "description": "Event Handler Class Names", + "type": "array", + "items": { + "type": "string" + } + } + }, + "required": ["eventHandlerClassNames"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/fernetConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/fernetConfiguration.json new file mode 100644 index 00000000000..09c1d72c81a --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/fernetConfiguration.json @@ -0,0 +1,16 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/fernetConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "FernetConfiguration", + "description": "This schema defines the Fernet Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.fernet.FernetConfiguration", + "properties": { + "fernetKey": { + "description": "Fernet Key", + "type": "string" + } + }, + "required": ["fernetKey"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/jwtTokenConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/jwtTokenConfiguration.json new file mode 100644 index 00000000000..cbf318a8407 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/jwtTokenConfiguration.json @@ -0,0 +1,28 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/jwtTokenConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "JWTTokenConfiguration", + "description": "This schema defines the JWT Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.security.jwt.JWTTokenConfiguration", + "properties": { + "rsapublicKeyFilePath": { + "description": "RSA Public Key File Path", + "type": "string" + }, + "rsaprivateKeyFilePath": { + "description": "RSA Private Key File Path", + "type": "string" + }, + "jwtissuer": { + "description": "JWT Issuer", + "type": "string" + }, + "keyId": { + "description": "Key ID", + "type": "string" + } + }, + "required": ["jwtissuer", "keyId"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/slackChatConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/slackChatConfiguration.json new file mode 100644 index 00000000000..afb2aabae14 --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/slackChatConfiguration.json @@ -0,0 +1,28 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/slackChatConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "SlackChatConfiguration", + "description": "This schema defines the Slack Chat Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.slackChat.SlackChatConfiguration", + "properties": { + "apiToken": { + "description": "Api Token", + "type": "string" + }, + "botName": { + "description": "Bot Name", + "type": "string" + }, + "channels": { + "description": "Slack Chat Channels", + "type": "array", + "items": { + "type": "string" + }, + "default": null + } + }, + "required": ["apiToken", "botName", "channels"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/main/resources/json/schema/configuration/slackEventPubConfiguration.json b/catalog-rest-service/src/main/resources/json/schema/configuration/slackEventPubConfiguration.json new file mode 100644 index 00000000000..cf6cfde108b --- /dev/null +++ b/catalog-rest-service/src/main/resources/json/schema/configuration/slackEventPubConfiguration.json @@ -0,0 +1,37 @@ +{ + "$id": "https://open-metadata.org/schema/entity/configuration/slackEventPubConfiguration.json", + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "SlackPublisherConfiguration", + "description": "This schema defines the Authentication Configuration.", + "type": "object", + "javaType": "org.openmetadata.catalog.slack.SlackPublisherConfiguration", + "properties": { + "name": { + "description": "Publisher Name", + "type": "string" + }, + "webhookUrl": { + "description": "Webhook URL", + "type": "string" + }, + "openMetadataUrl": { + "description": "OpenMetadata URL", + "type": "string" + }, + "filters": { + "description": "Filters", + "type": "array", + "items": { + "$ref": "../type/changeEvent.json#/definitions/eventFilter" + }, + "default": null + }, + "batchSize": { + "description": "Batch Size", + "type": "integer", + "default": 10 + } + }, + "required": ["name", "filters"], + "additionalProperties": false +} \ No newline at end of file diff --git a/catalog-rest-service/src/test/java/org/openmetadata/catalog/resources/config/ConfigResourceTest.java b/catalog-rest-service/src/test/java/org/openmetadata/catalog/resources/config/ConfigResourceTest.java index 59b9e8beeb8..e9934f3b6a8 100644 --- a/catalog-rest-service/src/test/java/org/openmetadata/catalog/resources/config/ConfigResourceTest.java +++ b/catalog-rest-service/src/test/java/org/openmetadata/catalog/resources/config/ConfigResourceTest.java @@ -58,14 +58,26 @@ class ConfigResourceTest extends CatalogApplicationTest { void get_auth_configs_200_OK() throws IOException { WebTarget target = getConfigResource("auth"); AuthenticationConfiguration auth = TestUtils.get(target, AuthenticationConfiguration.class, TEST_AUTH_HEADERS); - assertEquals(config.getAuthenticationConfiguration().toString(), auth.toString()); + assertEquals(config.getAuthenticationConfiguration().getProvider(), auth.getProvider()); + assertEquals(config.getAuthenticationConfiguration().getProviderName(), auth.getProviderName()); + assertEquals(config.getAuthenticationConfiguration().getAuthority(), auth.getAuthority()); + assertEquals(config.getAuthenticationConfiguration().getCallbackUrl(), auth.getCallbackUrl()); + assertEquals(config.getAuthenticationConfiguration().getJwtPrincipalClaims(), auth.getJwtPrincipalClaims()); + assertEquals(config.getAuthenticationConfiguration().getClientId(), auth.getClientId()); } @Test void get_authorizer_configs_200_OK() throws IOException { WebTarget target = getConfigResource("authorizer"); AuthorizerConfiguration auth = TestUtils.get(target, AuthorizerConfiguration.class, TEST_AUTH_HEADERS); - assertEquals(config.getAuthorizerConfiguration().toString(), auth.toString()); + assertEquals(config.getAuthorizerConfiguration().getClassName(), auth.getClassName()); + assertEquals(config.getAuthorizerConfiguration().getPrincipalDomain(), auth.getPrincipalDomain()); + assertEquals(config.getAuthorizerConfiguration().getAdminPrincipals(), auth.getAdminPrincipals()); + assertEquals(config.getAuthorizerConfiguration().getBotPrincipals(), auth.getBotPrincipals()); + assertEquals(config.getAuthorizerConfiguration().getContainerRequestFilter(), auth.getContainerRequestFilter()); + assertEquals( + config.getAuthorizerConfiguration().getEnableSecureSocketConnection(), auth.getEnableSecureSocketConnection()); + assertEquals(config.getAuthorizerConfiguration().getEnforcePrincipalDomain(), auth.getEnforcePrincipalDomain()); } @Test diff --git a/catalog-rest-service/src/test/java/org/openmetadata/catalog/security/JWTTokenGeneratorTest.java b/catalog-rest-service/src/test/java/org/openmetadata/catalog/security/JWTTokenGeneratorTest.java index b658a81216c..e48179f01d2 100644 --- a/catalog-rest-service/src/test/java/org/openmetadata/catalog/security/JWTTokenGeneratorTest.java +++ b/catalog-rest-service/src/test/java/org/openmetadata/catalog/security/JWTTokenGeneratorTest.java @@ -36,12 +36,11 @@ public class JWTTokenGeneratorTest { @BeforeAll public void setup(TestInfo test) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { jwtTokenConfiguration = new JWTTokenConfiguration(); - jwtTokenConfiguration.setJWTIssuer("open-metadata.org"); - jwtTokenConfiguration.setRSAPrivateKeyFilePath(rsaPrivateKeyPath); - jwtTokenConfiguration.setRSAPublicKeyFilePath(rsaPublicKeyPath); + jwtTokenConfiguration.setJwtissuer("open-metadata.org"); + jwtTokenConfiguration.setRsaprivateKeyFilePath(rsaPrivateKeyPath); + jwtTokenConfiguration.setRsapublicKeyFilePath(rsaPublicKeyPath); jwtTokenGenerator = JWTTokenGenerator.getInstance(); jwtTokenGenerator.init(jwtTokenConfiguration); - ; } @Test @@ -71,7 +70,7 @@ public class JWTTokenGeneratorTest { private DecodedJWT decodedJWT(String token) { RSAPublicKey publicKey = jwtTokenGenerator.getPublicKey(); Algorithm algorithm = Algorithm.RSA256(publicKey, null); - JWTVerifier verifier = JWT.require(algorithm).withIssuer(jwtTokenConfiguration.getJWTIssuer()).build(); + JWTVerifier verifier = JWT.require(algorithm).withIssuer(jwtTokenConfiguration.getJwtissuer()).build(); return verifier.verify(token); } } diff --git a/catalog-rest-service/src/test/resources/openmetadata-secure-test.yaml b/catalog-rest-service/src/test/resources/openmetadata-secure-test.yaml index 7aeff1be32a..49af21ae263 100644 --- a/catalog-rest-service/src/test/resources/openmetadata-secure-test.yaml +++ b/catalog-rest-service/src/test/resources/openmetadata-secure-test.yaml @@ -137,10 +137,16 @@ authorizerConfiguration: authenticationConfiguration: provider: "openID" - publicKey: "https://www.googleapis.com/oauth2/v3/certs" + providerName: "" + publicKeyUrls: + - "https://www.googleapis.com/oauth2/v3/certs" authority: "https://accounts.google.com" clientId: "261867039324-neb92r2147i6upchb78tv29idk079bps.apps.googleusercontent.com" callbackUrl: "http://localhost:8585/callback" + jwtPrincipalClaims: + - "email" + - "preferred_username" + - "sub" jwtTokenConfiguration: rsapublicKeyFilePath: "src/test/resources/public_key.der"