NIFI-10842 Added HTTP Protocols to StandardOauth2AccessTokenProvider

This closes #6686 Signed-off-by: David Handermann <exceptionfactory@apache.org>
2025-02-09 03:25:04 +00:00 · 2022-11-18 16:58:57 -05:00 · 2022-11-18 16:58:57 -05:00 · 54108689b6
commit 54108689b6
parent 2d70bfb380
2 changed files with 83 additions and 1 deletions
--- a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/HttpProtocolStrategy.java
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/HttpProtocolStrategy.java
@ -0,0 +1,68 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.nifi.oauth2;
+
+import org.apache.nifi.components.DescribedValue;
+
+import java.util.List;
+
+import okhttp3.Protocol;
+
+import static java.util.Arrays.asList;
+import static java.util.Collections.singletonList;
+
+/**
+ * HTTP protocol configuration strategy
+ */
+public enum HttpProtocolStrategy implements DescribedValue {
+    HTTP_1_1("http/1.1", "HTTP/1.1", singletonList(Protocol.HTTP_1_1)),
+
+    H2_HTTP_1_1("h2 http/1.1", "HTTP/2 and HTTP/1.1 negotiated based on requested protocols", asList(Protocol.HTTP_1_1, Protocol.HTTP_2)),
+
+    H2("h2", "HTTP/2", singletonList(Protocol.HTTP_2));
+
+    private final String displayName;
+
+    private final String description;
+
+    private final List<Protocol> protocols;
+
+    HttpProtocolStrategy(final String displayName, final String description, final List<Protocol> protocols) {
+        this.displayName = displayName;
+        this.description = description;
+        this.protocols = protocols;
+    }
+
+    @Override
+    public String getValue() {
+        return name();
+    }
+
+    @Override
+    public String getDisplayName() {
+        return displayName;
+    }
+
+    @Override
+    public String getDescription() {
+        return description;
+    }
+
+    public List<Protocol> getProtocols() {
+        return protocols;
+    }
+}
--- a/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
+++ b/nifi-nar-bundles/nifi-standard-services/nifi-oauth2-provider-bundle/nifi-oauth2-provider-service/src/main/java/org/apache/nifi/oauth2/StandardOauth2AccessTokenProvider.java
@ -74,6 +74,7 @@ public class StandardOauth2AccessTokenProvider extends AbstractControllerService
        "User Password",
        "Resource Owner Password Credentials Grant. Used to access resources available to users. Requires username and password and usually Client ID and Client Secret"
    );
+
    public static AllowableValue CLIENT_CREDENTIALS_GRANT_TYPE = new AllowableValue(
        "client_credentials",
        "Client Credentials",
@ -151,6 +152,15 @@ public class StandardOauth2AccessTokenProvider extends AbstractControllerService
        .required(false)
        .build();

+    public static final PropertyDescriptor HTTP_PROTOCOL_STRATEGY = new PropertyDescriptor.Builder()
+        .name("HTTP Protocols")
+        .description("HTTP Protocols supported for Application Layer Protocol Negotiation with TLS")
+        .required(true)
+        .allowableValues(HttpProtocolStrategy.class)
+        .defaultValue(HttpProtocolStrategy.H2_HTTP_1_1.getValue())
+        .dependsOn(SSL_CONTEXT)
+        .build();
+
    private static final List<PropertyDescriptor> PROPERTIES = Collections.unmodifiableList(Arrays.asList(
        AUTHORIZATION_SERVER_URL,
        GRANT_TYPE,
@ -160,7 +170,8 @@ public class StandardOauth2AccessTokenProvider extends AbstractControllerService
        CLIENT_SECRET,
        SCOPE,
        REFRESH_WINDOW,
-        SSL_CONTEXT
+        SSL_CONTEXT,
+        HTTP_PROTOCOL_STRATEGY
    ));

    public static final ObjectMapper ACCESS_DETAILS_MAPPER = new ObjectMapper()
@ -238,6 +249,9 @@ public class StandardOauth2AccessTokenProvider extends AbstractControllerService
            clientBuilder.sslSocketFactory(sslContext.getSocketFactory(), trustManager);
        }

+        final HttpProtocolStrategy httpProtocolStrategy = HttpProtocolStrategy.valueOf(context.getProperty(HTTP_PROTOCOL_STRATEGY).getValue());
+        clientBuilder.protocols(httpProtocolStrategy.getProtocols());
+
        return clientBuilder.build();
    }