-
Notifications
You must be signed in to change notification settings - Fork 47
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Refactor FederatedAuthPlugin and add unit tests
- Loading branch information
1 parent
6bc826d
commit 84018c3
Showing
24 changed files
with
1,806 additions
and
442 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,17 +11,17 @@ | |
- Include the runtime dependencies, [AWS Java SDK RDS](https://search.maven.org/artifact/software.amazon.awssdk/rds) and [AWS Java SDK STS](https://search.maven.org/artifact/software.amazon.awssdk/sts). | ||
- Specify the following parameters: | ||
|
||
| Parameter | Value | Required | Description | Default Value | Example Value | | ||
|-------------------|:------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|--------------------------------------------------------| | ||
| `wrapperPlugins` | String | Yes | A comma separated list of connection plugin codes for which plugins the AWS JDBC Driver is to use. | ``auroraConnectionTracker,failover,efm`` | `auroraConnectionTracker,failover,efm,federatedAuth` | | ||
| `idpHost` | String | Yes | The hosting URL for the service that you are using to authenticate into AWS Aurora. | `null` | `ec2amaz-ab3cdef.example.com` | | ||
| `idpPort` | String | No | The port that the host for the authentication service listens at. | `443` | `1234` | | ||
| `iamRoleArn` | String | Yes | The ARN of the IAM Role that is to be assumed to access AWS Aurora. | `null` | `arn:aws:iam::123456789012:role/adfs_example_iam_role` | | ||
| `iamIdpArn` | String | Yes | The ARN of the Identity Provider. | `null` | `arn:aws:iam::123456789012:saml-provider/adfs_example` | | ||
| `iamRegion` | String | Yes | The IAM region where the IAM token is generated. | `null` | `us-east-2` | | ||
| `idpUserName` | String | Yes | The user name for the `idpHost` server. | `null` | `[email protected]` | | ||
| `idpUserPassword` | String | Yes | The password associated with the `idpHost` user name. | `null` | `someRandomPassword` | | ||
| `user` | String | Yes | The user name of the IAM user with access to your database. <br>If you have previously used the IAM Authentication Plugin, this would be the same IAM user. <br>For information on how to connect to your Aurora Database with IAM, see this [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.html). | `null` | `some_user_name` | | ||
| Parameter | Value | Required | Description | Default Value | Example Value | | ||
|------------------|:------:|:--------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------|--------------------------------------------------------| | ||
| `wrapperPlugins` | String | Yes | A comma separated list of connection plugin codes for which plugins the AWS JDBC Driver is to use. | ``auroraConnectionTracker,failover,efm`` | `auroraConnectionTracker,failover,efm,federatedAuth` | | ||
| `idpEndpoint` | String | Yes | The hosting URL for the service that you are using to authenticate into AWS Aurora. | `null` | `ec2amaz-ab3cdef.example.com` | | ||
| `idpPort` | String | No | The port that the host for the authentication service listens at. | `443` | `1234` | | ||
| `iamRoleArn` | String | Yes | The ARN of the IAM Role that is to be assumed to access AWS Aurora. | `null` | `arn:aws:iam::123456789012:role/adfs_example_iam_role` | | ||
| `iamIdpArn` | String | Yes | The ARN of the Identity Provider. | `null` | `arn:aws:iam::123456789012:saml-provider/adfs_example` | | ||
| `iamRegion` | String | Yes | The IAM region where the IAM token is generated. | `null` | `us-east-2` | | ||
| `idpUsername` | String | Yes | The user name for the `idpEndpoint` server. | `null` | `[email protected]` | | ||
| `idpPassword` | String | Yes | The password associated with the `idpEndpoint` username. | `null` | `someRandomPassword` | | ||
| `user` | String | Yes | The user name of the IAM user with access to your database. <br>If you have previously used the IAM Authentication Plugin, this would be the same IAM user. <br>For information on how to connect to your Aurora Database with IAM, see this [documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.Connecting.html). | `null` | `some_user_name` | | ||
|
||
## Code Example | ||
|
||
|
@@ -34,12 +34,12 @@ public class FederatedAuthConnectionPluginExample { | |
// Set the AWS Federated Authentication Connection Plugin parameters and the JDBC Wrapper parameters. | ||
final Properties properties = new Properties(); | ||
properties.setProperty("wrapperPlugins", "federatedAuth"); | ||
properties.setProperty("idpHost", "ec2amaz-ab3cdef.example.com"); | ||
properties.setProperty("idpEndpoint", "ec2amaz-ab3cdef.example.com"); | ||
properties.setProperty("iamRoleArn", "arn:aws:iam::123456789012:role/adfs_example_iam_role"); | ||
properties.setProperty("iamIdpArn", "arn:aws:iam::123456789012:saml-provider/adfs_example"); | ||
properties.setProperty("iamRegion", "us-east-2"); | ||
properties.setProperty("idpUserName", "[email protected]"); | ||
properties.setProperty("idpUserPassword", "somePassword"); | ||
properties.setProperty("idpUsername", "[email protected]"); | ||
properties.setProperty("idpPassword", "somePassword"); | ||
properties.setProperty("user", "someIamUser"); | ||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,7 +17,7 @@ | |
package software.amazon; | ||
|
||
import software.amazon.jdbc.PropertyDefinition; | ||
import software.amazon.jdbc.plugin.FederatedAuthConnectionPlugin; | ||
import software.amazon.jdbc.plugin.federatedauth.FederatedAuthConnectionPlugin; | ||
import java.sql.Connection; | ||
import java.sql.DriverManager; | ||
import java.sql.ResultSet; | ||
|
@@ -35,12 +35,13 @@ public static void main(String[] args) throws SQLException { | |
|
||
// Enable the AWS Federated Authentication Connection Plugin. | ||
properties.setProperty(PropertyDefinition.PLUGINS.name, "federatedAuth"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_HOST.name, "ec2amaz-ab3cdef.example.com"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_NAME.name, "adfs"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_ENDPOINT.name, "ec2amaz-ab3cdef.example.com"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IAM_ROLE_ARN.name, "arn:aws:iam::123456789012:role/adfs_example_iam_role"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IAM_IDP_ARN.name, "arn:aws:iam::123456789012:saml-provider/adfs_example"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IAM_REGION.name, "us-east-2"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USER_NAME.name, "[email protected]"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USER_PASSWORD.name, "somePassword"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_USERNAME.name, "[email protected]"); | ||
properties.setProperty(FederatedAuthConnectionPlugin.IDP_PASSWORD.name, "somePassword"); | ||
properties.setProperty(PropertyDefinition.USER.name, "someIamUser"); | ||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.