[nifi] branch main updated: NIFI-9984 Allow 200-series responses in OAuth2 Access Token Provider

2022-05-04 Thread mthomsen 
This is an automated email from the ASF dual-hosted git repository.

mthomsen pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
 new 64f9b66141 NIFI-9984 Allow 200-series responses in OAuth2 Access Token 
Provider
64f9b66141 is described below

commit 64f9b66141f89439923250bf2c263d5af022badb
Author: exceptionfactory 
AuthorDate: Wed May 4 11:13:57 2022 -0500

NIFI-9984 Allow 200-series responses in OAuth2 Access Token Provider

This closes #6016

Signed-off-by: Mike Thomsen 
---
 .../nifi/oauth2/StandardOauth2AccessTokenProvider.java  | 17 -
 .../oauth2/StandardOauth2AccessTokenProviderTest.java   | 15 +--
 2 files changed, 17 insertions(+), 15 deletions(-)

diff --git 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
index c09ecc9e96..af3a96dd68 100644
--- 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
+++ 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
@@ -315,19 +315,18 @@ public class StandardOauth2AccessTokenProvider extends 
AbstractControllerService
 this.accessDetails = getAccessDetails(refreshRequest);
 }
 
-private AccessToken getAccessDetails(Request newRequest) {
+private AccessToken getAccessDetails(final Request newRequest) {
 try {
-Response response = httpClient.newCall(newRequest).execute();
-String responseBody = response.body().string();
-if (response.code() != 200) {
+final Response response = httpClient.newCall(newRequest).execute();
+final String responseBody = response.body().string();
+if (response.isSuccessful()) {
+getLogger().debug("OAuth2 Access Token retrieved [HTTP {}]", 
response.code());
+return ACCESS_DETAILS_MAPPER.readValue(responseBody, 
AccessToken.class);
+} else {
 getLogger().error(String.format("OAuth2 access token request 
failed [HTTP %d], response:%n%s", response.code(), responseBody));
 throw new ProcessException(String.format("OAuth2 access token 
request failed [HTTP %d]", response.code()));
 }
-
-AccessToken accessDetails = 
ACCESS_DETAILS_MAPPER.readValue(responseBody, AccessToken.class);
-
-return accessDetails;
-} catch (IOException e) {
+} catch (final IOException e) {
 throw new UncheckedIOException("OAuth2 access token request 
failed", e);
 }
 }
diff --git 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/test/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProviderTest.java
 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/test/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProviderTest.java
index cbc485aaf6..20054bcad3 100644
--- 
a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/test/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProviderTest.java
+++ 
b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/test/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProviderTest.java
@@ -64,6 +64,9 @@ public class StandardOauth2AccessTokenProviderTest {
 private static final String CLIENT_SECRET = "clientSecret";
 private static final long FIVE_MINUTES = 300;
 
+private static final int HTTP_OK = 200;
+private static final int HTTP_ACCEPTED = 201;
+
 private StandardOauth2AccessTokenProvider testSubject;
 
 @Mock(answer = Answers.RETURNS_DEEP_STUBS)
@@ -146,7 +149,7 @@ public class StandardOauth2AccessTokenProviderTest {
 
 // GIVEN
 Response response = buildResponse(
-200,
+HTTP_OK,
 "{ \"access_token\":\"" + accessTokenValue + "\" }"
 );
 
@@ -166,12 +169,12 @@ public class StandardOauth2AccessTokenProviderTest {
 String expectedToken = "second_token";
 
 Response response1 = buildResponse(
-200,
+HTTP_OK,
 "{ \"access_token\":\"" + firstToken + "\", \"expires_in\":\"0\", 
\"refresh_token\":\"not_checking_in_this_test\" }"
 );
 
 Response response2 = buildResponse(
-200,
+HTTP_OK,

[nifi] branch main updated: NIFI-9988 Corrected Property Decryption for Authorizers and Providers

2022-05-04 Thread thenatog 
This is an automated email from the ASF dual-hosted git repository.

thenatog pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
 new 272325cb4e NIFI-9988 Corrected Property Decryption for Authorizers and 
Providers
272325cb4e is described below

commit 272325cb4ed00682d4d1471ccda8e670f3ef504e
Author: exceptionfactory 
AuthorDate: Wed May 4 12:48:34 2022 -0500

NIFI-9988 Corrected Property Decryption for Authorizers and Providers

- Updated Protection Scheme Resolver to support both Name matching and Path 
matching

Signed-off-by: Nathan Gough 

This closes #6017.
---
 .../nifi/properties/scheme/StandardProtectionSchemeResolver.java | 4 +++-
 .../properties/scheme/StandardProtectionSchemeResolverTest.java  | 9 +
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git 
a/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
 
b/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
index 0c797b3b93..44557963e4 100644
--- 
a/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
+++ 
b/nifi-commons/nifi-property-protection-factory/src/main/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolver.java
@@ -37,7 +37,9 @@ public class StandardProtectionSchemeResolver implements 
ProtectionSchemeResolve
 public ProtectionScheme getProtectionScheme(final String scheme) {
 Objects.requireNonNull(scheme, "Scheme required");
 return Arrays.stream(PropertyProtectionScheme.values())
-.filter(propertyProtectionScheme -> 
propertyProtectionScheme.name().equals(scheme))
+.filter(propertyProtectionScheme ->
+propertyProtectionScheme.name().equals(scheme) || 
scheme.startsWith(propertyProtectionScheme.getPath())
+)
 .findFirst()
 .orElseThrow(() -> new 
SensitivePropertyProtectionException(String.format("Protection Scheme [%s] not 
supported", scheme)));
 }
diff --git 
a/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
 
b/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
index 9cfc4994f7..c8893b2231 100644
--- 
a/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
+++ 
b/nifi-commons/nifi-property-protection-factory/src/test/java/org/apache/nifi/properties/scheme/StandardProtectionSchemeResolverTest.java
@@ -30,6 +30,8 @@ public class StandardProtectionSchemeResolverTest {
 
 private static final String AES_GCM_PATH = "aes/gcm";
 
+private static final String AES_GCM_256_PATH = "aes/gcm/256";
+
 private static final String UNKNOWN = "UNKNOWN";
 
 private StandardProtectionSchemeResolver resolver;
@@ -46,6 +48,13 @@ public class StandardProtectionSchemeResolverTest {
 assertEquals(AES_GCM_PATH, protectionScheme.getPath());
 }
 
+@Test
+public void getProtectionSchemeAesGcm256Found() {
+final ProtectionScheme protectionScheme = 
resolver.getProtectionScheme(AES_GCM_256_PATH);
+assertNotNull(protectionScheme);
+assertEquals(AES_GCM_PATH, protectionScheme.getPath());
+}
+
 @Test
 public void getProtectionSchemeUnknownNotFound() {
 final SensitivePropertyProtectionException exception = 
assertThrows(SensitivePropertyProtectionException.class, () -> 
resolver.getProtectionScheme(UNKNOWN));