You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2021/08/26 05:00:38 UTC
[camel] 01/02: CAMEL-16883: Enable authentication in GKE via
workload identity. (#5987)
This is an automated email from the ASF dual-hosted git repository.
davsclaus pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
commit e6826810e601f11ba5391657cdf8c88e535efce8
Author: Tamas Utasi <38...@users.noreply.github.com>
AuthorDate: Thu Aug 26 06:42:26 2021 +0200
CAMEL-16883: Enable authentication in GKE via workload identity. (#5987)
* CAMEL-16883: Enable authentication in GKE via workload identity.
* CAMEL-16883: Disable authentication cause it's using an emulator.
---
.../pubsub/GooglePubsubComponentConfigurer.java | 3 +
.../pubsub/GooglePubsubEndpointConfigurer.java | 3 +
.../pubsub/GooglePubsubEndpointUriFactory.java | 3 +-
.../component/google/pubsub/google-pubsub.json | 6 +-
.../src/main/docs/google-pubsub-component.adoc | 18 ++--
.../google/pubsub/GooglePubsubComponent.java | 70 +++++++-------
.../google/pubsub/GooglePubsubConsumer.java | 5 +-
.../google/pubsub/GooglePubsubEndpoint.java | 14 ++-
.../google/pubsub/GooglePubsubProducer.java | 2 +-
.../component/google/pubsub/PubsubTestSupport.java | 1 +
.../dsl/GooglePubsubComponentBuilderFactory.java | 17 ++++
.../dsl/GooglePubsubEndpointBuilderFactory.java | 106 ++++++++++++++++++++-
.../ROOT/pages/google-pubsub-component.adoc | 19 ++--
13 files changed, 206 insertions(+), 61 deletions(-)
diff --git a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubComponentConfigurer.java b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubComponentConfigurer.java
index ad90ef3..e2b37f5 100644
--- a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubComponentConfigurer.java
+++ b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubComponentConfigurer.java
@@ -21,6 +21,7 @@ public class GooglePubsubComponentConfigurer extends PropertyConfigurerSupport i
public boolean configure(CamelContext camelContext, Object obj, String name, Object value, boolean ignoreCase) {
GooglePubsubComponent target = (GooglePubsubComponent) obj;
switch (ignoreCase ? name.toLowerCase() : name) {
+ case "authenticate": target.setAuthenticate(property(camelContext, boolean.class, value)); return true;
case "autowiredenabled":
case "autowiredEnabled": target.setAutowiredEnabled(property(camelContext, boolean.class, value)); return true;
case "bridgeerrorhandler":
@@ -43,6 +44,7 @@ public class GooglePubsubComponentConfigurer extends PropertyConfigurerSupport i
@Override
public Class<?> getOptionType(String name, boolean ignoreCase) {
switch (ignoreCase ? name.toLowerCase() : name) {
+ case "authenticate": return boolean.class;
case "autowiredenabled":
case "autowiredEnabled": return boolean.class;
case "bridgeerrorhandler":
@@ -66,6 +68,7 @@ public class GooglePubsubComponentConfigurer extends PropertyConfigurerSupport i
public Object getOptionValue(Object obj, String name, boolean ignoreCase) {
GooglePubsubComponent target = (GooglePubsubComponent) obj;
switch (ignoreCase ? name.toLowerCase() : name) {
+ case "authenticate": return target.isAuthenticate();
case "autowiredenabled":
case "autowiredEnabled": return target.isAutowiredEnabled();
case "bridgeerrorhandler":
diff --git a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointConfigurer.java b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointConfigurer.java
index b794579..0e8211c 100644
--- a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointConfigurer.java
+++ b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointConfigurer.java
@@ -23,6 +23,7 @@ public class GooglePubsubEndpointConfigurer extends PropertyConfigurerSupport im
switch (ignoreCase ? name.toLowerCase() : name) {
case "ackmode":
case "ackMode": target.setAckMode(property(camelContext, org.apache.camel.component.google.pubsub.GooglePubsubConstants.AckMode.class, value)); return true;
+ case "authenticate": target.setAuthenticate(property(camelContext, boolean.class, value)); return true;
case "bridgeerrorhandler":
case "bridgeErrorHandler": target.setBridgeErrorHandler(property(camelContext, boolean.class, value)); return true;
case "concurrentconsumers":
@@ -60,6 +61,7 @@ public class GooglePubsubEndpointConfigurer extends PropertyConfigurerSupport im
switch (ignoreCase ? name.toLowerCase() : name) {
case "ackmode":
case "ackMode": return org.apache.camel.component.google.pubsub.GooglePubsubConstants.AckMode.class;
+ case "authenticate": return boolean.class;
case "bridgeerrorhandler":
case "bridgeErrorHandler": return boolean.class;
case "concurrentconsumers":
@@ -93,6 +95,7 @@ public class GooglePubsubEndpointConfigurer extends PropertyConfigurerSupport im
switch (ignoreCase ? name.toLowerCase() : name) {
case "ackmode":
case "ackMode": return target.getAckMode();
+ case "authenticate": return target.isAuthenticate();
case "bridgeerrorhandler":
case "bridgeErrorHandler": return target.isBridgeErrorHandler();
case "concurrentconsumers":
diff --git a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointUriFactory.java b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointUriFactory.java
index dcee6c6..f1656c3 100644
--- a/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointUriFactory.java
+++ b/components/camel-google/camel-google-pubsub/src/generated/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpointUriFactory.java
@@ -20,8 +20,9 @@ public class GooglePubsubEndpointUriFactory extends org.apache.camel.support.com
private static final Set<String> PROPERTY_NAMES;
private static final Set<String> SECRET_PROPERTY_NAMES;
static {
- Set<String> props = new HashSet<>(15);
+ Set<String> props = new HashSet<>(16);
props.add("serviceAccountKey");
+ props.add("authenticate");
props.add("exchangePattern");
props.add("serializer");
props.add("synchronousPull");
diff --git a/components/camel-google/camel-google-pubsub/src/generated/resources/org/apache/camel/component/google/pubsub/google-pubsub.json b/components/camel-google/camel-google-pubsub/src/generated/resources/org/apache/camel/component/google/pubsub/google-pubsub.json
index 184efd4..9578fe4 100644
--- a/components/camel-google/camel-google-pubsub/src/generated/resources/org/apache/camel/component/google/pubsub/google-pubsub.json
+++ b/components/camel-google/camel-google-pubsub/src/generated/resources/org/apache/camel/component/google/pubsub/google-pubsub.json
@@ -22,8 +22,9 @@
"lenientProperties": false
},
"componentProperties": {
+ "authenticate": { "kind": "property", "displayName": "Authenticate", "group": "common", "label": "common", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Use Credentials when interacting with PubSub service (no authentication is required when using emulator)." },
"endpoint": { "kind": "property", "displayName": "Endpoint", "group": "common", "label": "common", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Endpoint to use with local Pub\/Sub emulator." },
- "serviceAccountKey": { "kind": "property", "displayName": "Service Account Key", "group": "common", "label": "common", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "The Service account key that can be used as credentials for the PubSub publisher\/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different s [...]
+ "serviceAccountKey": { "kind": "property", "displayName": "Service Account Key", "group": "common", "label": "common", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "The Service account key that can be used as credentials for the PubSub publisher\/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different [...]
"bridgeErrorHandler": { "kind": "property", "displayName": "Bridge Error Handler", "group": "consumer", "label": "consumer", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a me [...]
"lazyStartProducer": { "kind": "property", "displayName": "Lazy Start Producer", "group": "producer", "label": "producer", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during star [...]
"publisherCacheSize": { "kind": "property", "displayName": "Publisher Cache Size", "group": "producer", "label": "producer", "required": false, "type": "integer", "javaType": "int", "deprecated": false, "autowired": false, "secret": false, "description": "Maximum number of producers to cache. This could be increased if you have producers for lots of different topics." },
@@ -35,10 +36,11 @@
"projectId": { "kind": "path", "displayName": "Project Id", "group": "common", "label": "common", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "deprecationNote": "", "autowired": false, "secret": false, "description": "The Google Cloud PubSub Project Id" },
"destinationName": { "kind": "path", "displayName": "Destination Name", "group": "common", "label": "common", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "deprecationNote": "", "autowired": false, "secret": false, "description": "The Destination Name. For the consumer this will be the subscription name, while for the producer this will be the topic name." },
"ackMode": { "kind": "parameter", "displayName": "Ack Mode", "group": "common", "label": "", "required": false, "type": "object", "javaType": "org.apache.camel.component.google.pubsub.GooglePubsubConstants.AckMode", "enum": [ "AUTO", "NONE" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "AUTO", "description": "AUTO = exchange gets ack'ed\/nack'ed on completion. NONE = downstream process has to ack\/nack explicitly" },
+ "authenticate": { "kind": "parameter", "displayName": "Authenticate", "group": "common", "label": "common", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": true, "description": "Use Credentials when interacting with PubSub service (no authentication is required when using emulator)." },
"concurrentConsumers": { "kind": "parameter", "displayName": "Concurrent Consumers", "group": "common", "label": "", "required": false, "type": "integer", "javaType": "java.lang.Integer", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "1", "description": "The number of parallel streams consuming from the subscription" },
"loggerId": { "kind": "parameter", "displayName": "Logger Id", "group": "common", "label": "", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "Logger ID to use when a match to the parent route required" },
"maxMessagesPerPoll": { "kind": "parameter", "displayName": "Max Messages Per Poll", "group": "common", "label": "", "required": false, "type": "integer", "javaType": "java.lang.Integer", "deprecated": false, "autowired": false, "secret": false, "defaultValue": "1", "description": "The max number of messages to receive from the server in a single API call" },
- "serviceAccountKey": { "kind": "parameter", "displayName": "Service Account Key", "group": "common", "label": "common", "required": true, "type": "string", "javaType": "java.lang.String", "deprecated": false, "deprecationNote": "", "autowired": false, "secret": false, "description": "The Service account key that can be used as credentials for the PubSub publisher\/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the r [...]
+ "serviceAccountKey": { "kind": "parameter", "displayName": "Service Account Key", "group": "common", "label": "common", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "description": "The Service account key that can be used as credentials for the PubSub publisher\/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different [...]
"synchronousPull": { "kind": "parameter", "displayName": "Synchronous Pull", "group": "common", "label": "", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Synchronously pull batches of messages" },
"bridgeErrorHandler": { "kind": "parameter", "displayName": "Bridge Error Handler", "group": "consumer", "label": "consumer", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a m [...]
"exceptionHandler": { "kind": "parameter", "displayName": "Exception Handler", "group": "consumer (advanced)", "label": "consumer,advanced", "required": false, "type": "object", "javaType": "org.apache.camel.spi.ExceptionHandler", "optionalPrefix": "consumer.", "deprecated": false, "autowired": false, "secret": false, "description": "To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this option is not in use. By default the con [...]
diff --git a/components/camel-google/camel-google-pubsub/src/main/docs/google-pubsub-component.adoc b/components/camel-google/camel-google-pubsub/src/main/docs/google-pubsub-component.adoc
index d4f29e4..34539a7 100644
--- a/components/camel-google/camel-google-pubsub/src/main/docs/google-pubsub-component.adoc
+++ b/components/camel-google/camel-google-pubsub/src/main/docs/google-pubsub-component.adoc
@@ -80,16 +80,15 @@ The following two sections lists all the options, firstly for the component foll
// component options: START
== Component Options
-
-The Google Pubsub component supports 8 options, which are listed below.
-
+The Google Pubsub component supports 9 options, which are listed below.
[width="100%",cols="2,5,^1,2",options="header"]
|===
| Name | Description | Default | Type
+| *authenticate* (common) | Use Credentials when interacting with PubSub service (no authentication is required when using emulator). | true | boolean
| *endpoint* (common) | Endpoint to use with local Pub/Sub emulator. | | String
-| *serviceAccountKey* (common) | *Required* The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
+| *serviceAccountKey* (common) | The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
| *bridgeErrorHandler* (consumer) | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | boolean
| *lazyStartProducer* (producer) | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and [...]
| *publisherCacheSize* (producer) | Maximum number of producers to cache. This could be increased if you have producers for lots of different topics. | | int
@@ -121,17 +120,18 @@ with the following path and query parameters:
|===
-=== Query Parameters (13 parameters):
+=== Query Parameters (14 parameters):
[width="100%",cols="2,5,^1,2",options="header"]
|===
| Name | Description | Default | Type
| *ackMode* (common) | AUTO = exchange gets ack'ed/nack'ed on completion. NONE = downstream process has to ack/nack explicitly. There are 2 enums and the value can be one of: AUTO, NONE | AUTO | AckMode
+| *authenticate* (common) | Use Credentials when interacting with PubSub service (no authentication is required when using emulator). | true | boolean
| *concurrentConsumers* (common) | The number of parallel streams consuming from the subscription | 1 | Integer
| *loggerId* (common) | Logger ID to use when a match to the parent route required | | String
| *maxMessagesPerPoll* (common) | The max number of messages to receive from the server in a single API call | 1 | Integer
-| *serviceAccountKey* (common) | *Required* The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
+| *serviceAccountKey* (common) | The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
| *synchronousPull* (common) | Synchronously pull batches of messages | false | boolean
| *bridgeErrorHandler* (consumer) | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | boolean
| *exceptionHandler* (consumer) | To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this option is not in use. By default the consumer will deal with exceptions, that will be logged at WARN or ERROR level and ignored. | | ExceptionHandler
@@ -164,7 +164,7 @@ To enable this set set the options messageOrderingEnabled to true, and the pubsu
When producing messages set the message header `GooglePubsubConstants.ORDERING_KEY` . This will be set as the PubSub orderingKey for the message.
More information in https://cloud.google.com/pubsub/docs/ordering[Ordering messages].
-
+
Once exchange has been delivered to PubSub the PubSub Message ID will be assigned to
the header `GooglePubsubConstants.MESSAGE_ID`.
@@ -196,7 +196,9 @@ It is up for the route to convert/unmarshall the contents.
== Authentication Configuration
-The location of the default credentials file is configurable via the serviceAccountKey parameter.
+By default this component aquires credentials using `GoogleCredentials.getApplicationDefault()`.
+This behavior can be disabled by setting _authenticate_ option to `false`, in which case requests to Google API will be made without authentication details. This is only desirable when developing against an emulator.
+This behavior can be altered by supplying a path to a service account key file.
== Rollback and Redelivery
diff --git a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubComponent.java b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubComponent.java
index bcc7c32..83b7732 100644
--- a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubComponent.java
+++ b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubComponent.java
@@ -17,7 +17,6 @@
package org.apache.camel.component.google.pubsub;
import java.io.IOException;
-import java.io.InputStream;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
@@ -28,6 +27,7 @@ import com.google.api.gax.core.NoCredentialsProvider;
import com.google.api.gax.grpc.GrpcTransportChannel;
import com.google.api.gax.rpc.FixedTransportChannelProvider;
import com.google.api.gax.rpc.TransportChannelProvider;
+import com.google.auth.oauth2.GoogleCredentials;
import com.google.auth.oauth2.ServiceAccountCredentials;
import com.google.cloud.pubsub.v1.MessageReceiver;
import com.google.cloud.pubsub.v1.Publisher;
@@ -62,9 +62,13 @@ public class GooglePubsubComponent extends DefaultComponent {
private String endpoint;
@Metadata(label = "common",
+ description = "Use Credentials when interacting with PubSub service (no authentication is required when using emulator).",
+ defaultValue = "true")
+ private boolean authenticate = true;
+
+ @Metadata(label = "common",
description = "The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from "
- + " classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems.",
- required = true)
+ + " classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems.")
private String serviceAccountKey;
@Metadata(
@@ -118,6 +122,7 @@ public class GooglePubsubComponent extends DefaultComponent {
pubsubEndpoint.setProjectId(parts[0]);
pubsubEndpoint.setDestinationName(parts[1]);
pubsubEndpoint.setServiceAccountKey(serviceAccountKey);
+ pubsubEndpoint.setAuthenticate(authenticate);
setProperties(pubsubEndpoint, parameters);
@@ -131,12 +136,12 @@ public class GooglePubsubComponent extends DefaultComponent {
super.doShutdown();
}
- public Publisher getPublisher(String topicName, GooglePubsubEndpoint googlePubsubEndpoint, String serviceAccountKey)
+ public Publisher getPublisher(String topicName, GooglePubsubEndpoint googlePubsubEndpoint)
throws ExecutionException {
- return cachedPublishers.get(topicName, () -> buildPublisher(topicName, googlePubsubEndpoint, serviceAccountKey));
+ return cachedPublishers.get(topicName, () -> buildPublisher(topicName, googlePubsubEndpoint));
}
- private Publisher buildPublisher(String topicName, GooglePubsubEndpoint googlePubsubEndpoint, String serviceAccountKey)
+ private Publisher buildPublisher(String topicName, GooglePubsubEndpoint googlePubsubEndpoint)
throws IOException {
Publisher.Builder builder = Publisher.newBuilder(topicName);
if (StringHelper.trimToNull(endpoint) != null) {
@@ -145,15 +150,7 @@ public class GooglePubsubComponent extends DefaultComponent {
= FixedTransportChannelProvider.create(GrpcTransportChannel.create(channel));
builder.setChannelProvider(channelProvider);
}
- CredentialsProvider credentialsProvider;
- if (ObjectHelper.isEmpty(serviceAccountKey)) {
- credentialsProvider = NoCredentialsProvider.create();
- } else {
- InputStream serviceAccountFile
- = ResourceHelper.resolveMandatoryResourceAsInputStream(getCamelContext(), serviceAccountKey);
- credentialsProvider = FixedCredentialsProvider.create(ServiceAccountCredentials.fromStream(serviceAccountFile));
- }
- builder.setCredentialsProvider(credentialsProvider);
+ builder.setCredentialsProvider(getCredentialsProvider(googlePubsubEndpoint));
if (StringHelper.trimToNull(googlePubsubEndpoint.getPubsubEndpoint()) != null) {
builder.setEndpoint(googlePubsubEndpoint.getPubsubEndpoint());
}
@@ -167,7 +164,8 @@ public class GooglePubsubComponent extends DefaultComponent {
return builder.build();
}
- public Subscriber getSubscriber(String subscriptionName, MessageReceiver messageReceiver, String serviceAccountKey)
+ public Subscriber getSubscriber(
+ String subscriptionName, MessageReceiver messageReceiver, GooglePubsubEndpoint googlePubsubEndpoint)
throws IOException {
Subscriber.Builder builder = Subscriber.newBuilder(subscriptionName, messageReceiver);
if (StringHelper.trimToNull(endpoint) != null) {
@@ -176,19 +174,11 @@ public class GooglePubsubComponent extends DefaultComponent {
= FixedTransportChannelProvider.create(GrpcTransportChannel.create(channel));
builder.setChannelProvider(channelProvider);
}
- CredentialsProvider credentialsProvider;
- if (ObjectHelper.isEmpty(serviceAccountKey)) {
- credentialsProvider = NoCredentialsProvider.create();
- } else {
- InputStream serviceAccountFile
- = ResourceHelper.resolveMandatoryResourceAsInputStream(getCamelContext(), serviceAccountKey);
- credentialsProvider = FixedCredentialsProvider.create(ServiceAccountCredentials.fromStream(serviceAccountFile));
- }
- builder.setCredentialsProvider(credentialsProvider);
+ builder.setCredentialsProvider(getCredentialsProvider(googlePubsubEndpoint));
return builder.build();
}
- public SubscriberStub getSubscriberStub(String serviceAccountKey) throws IOException {
+ public SubscriberStub getSubscriberStub(GooglePubsubEndpoint googlePubsubEndpoint) throws IOException {
SubscriberStubSettings.Builder builder = SubscriberStubSettings.newBuilder().setTransportChannelProvider(
SubscriberStubSettings.defaultGrpcTransportProviderBuilder().build());
@@ -198,16 +188,22 @@ public class GooglePubsubComponent extends DefaultComponent {
= FixedTransportChannelProvider.create(GrpcTransportChannel.create(channel));
builder.setTransportChannelProvider(channelProvider);
}
+ builder.setCredentialsProvider(getCredentialsProvider(googlePubsubEndpoint));
+ return builder.build().createStub();
+ }
+
+ private CredentialsProvider getCredentialsProvider(GooglePubsubEndpoint endpoint) throws IOException {
CredentialsProvider credentialsProvider;
- if (ObjectHelper.isEmpty(serviceAccountKey)) {
- credentialsProvider = NoCredentialsProvider.create();
+
+ if (endpoint.isAuthenticate()) {
+ credentialsProvider = FixedCredentialsProvider.create(ObjectHelper.isEmpty(endpoint.getServiceAccountKey())
+ ? GoogleCredentials.getApplicationDefault() : ServiceAccountCredentials.fromStream(ResourceHelper
+ .resolveMandatoryResourceAsInputStream(getCamelContext(), endpoint.getServiceAccountKey())));
} else {
- InputStream serviceAccountFile
- = ResourceHelper.resolveMandatoryResourceAsInputStream(getCamelContext(), serviceAccountKey);
- credentialsProvider = FixedCredentialsProvider.create(ServiceAccountCredentials.fromStream(serviceAccountFile));
+ credentialsProvider = NoCredentialsProvider.create();
}
- builder.setCredentialsProvider(credentialsProvider);
- return builder.build().createStub();
+
+ return credentialsProvider;
}
public String getEndpoint() {
@@ -242,6 +238,14 @@ public class GooglePubsubComponent extends DefaultComponent {
this.publisherTerminationTimeout = publisherTerminationTimeout;
}
+ public boolean isAuthenticate() {
+ return authenticate;
+ }
+
+ public void setAuthenticate(boolean authenticate) {
+ this.authenticate = authenticate;
+ }
+
public String getServiceAccountKey() {
return serviceAccountKey;
}
diff --git a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubConsumer.java b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubConsumer.java
index 69f183b..b4aa82b 100644
--- a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubConsumer.java
+++ b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubConsumer.java
@@ -126,8 +126,7 @@ public class GooglePubsubConsumer extends DefaultConsumer {
while (isRunAllowed() && !isSuspendingOrSuspended()) {
MessageReceiver messageReceiver = new CamelMessageReceiver(GooglePubsubConsumer.this, endpoint, processor);
- Subscriber subscriber = endpoint.getComponent().getSubscriber(subscriptionName, messageReceiver,
- endpoint.getServiceAccountKey());
+ Subscriber subscriber = endpoint.getComponent().getSubscriber(subscriptionName, messageReceiver, endpoint);
try {
subscribers.add(subscriber);
subscriber.startAsync().awaitRunning();
@@ -143,7 +142,7 @@ public class GooglePubsubConsumer extends DefaultConsumer {
private void synchronousPull(String subscriptionName) {
while (isRunAllowed() && !isSuspendingOrSuspended()) {
- try (SubscriberStub subscriber = endpoint.getComponent().getSubscriberStub(endpoint.getServiceAccountKey())) {
+ try (SubscriberStub subscriber = endpoint.getComponent().getSubscriberStub(endpoint)) {
PullRequest pullRequest = PullRequest.newBuilder()
.setMaxMessages(endpoint.getMaxMessagesPerPoll())
diff --git a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpoint.java b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpoint.java
index 183fb52..f063b77 100644
--- a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpoint.java
+++ b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubEndpoint.java
@@ -55,10 +55,14 @@ public class GooglePubsubEndpoint extends DefaultEndpoint {
@Metadata(required = true)
private String destinationName;
+ @UriParam(label = "common", name = "authenticate",
+ description = "Use Credentials when interacting with PubSub service (no authentication is required when using emulator).",
+ defaultValue = "true")
+ private boolean authenticate = true;
+
@UriParam(label = "common",
description = "The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from "
+ " classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems.")
- @Metadata(required = true)
private String serviceAccountKey;
@UriParam(name = "loggerId", description = "Logger ID to use when a match to the parent route required")
@@ -167,6 +171,14 @@ public class GooglePubsubEndpoint extends DefaultEndpoint {
this.loggerId = loggerId;
}
+ public boolean isAuthenticate() {
+ return authenticate;
+ }
+
+ public void setAuthenticate(boolean authenticate) {
+ this.authenticate = authenticate;
+ }
+
public String getServiceAccountKey() {
return serviceAccountKey;
}
diff --git a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubProducer.java b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubProducer.java
index 7cb038f..63489e4 100644
--- a/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubProducer.java
+++ b/components/camel-google/camel-google-pubsub/src/main/java/org/apache/camel/component/google/pubsub/GooglePubsubProducer.java
@@ -84,7 +84,7 @@ public class GooglePubsubProducer extends DefaultProducer {
GooglePubsubEndpoint endpoint = (GooglePubsubEndpoint) getEndpoint();
String topicName = String.format("projects/%s/topics/%s", endpoint.getProjectId(), endpoint.getDestinationName());
- Publisher publisher = endpoint.getComponent().getPublisher(topicName, endpoint, endpoint.getServiceAccountKey());
+ Publisher publisher = endpoint.getComponent().getPublisher(topicName, endpoint);
Object body = exchange.getIn().getBody();
ByteString byteString;
diff --git a/components/camel-google/camel-google-pubsub/src/test/java/org/apache/camel/component/google/pubsub/PubsubTestSupport.java b/components/camel-google/camel-google-pubsub/src/test/java/org/apache/camel/component/google/pubsub/PubsubTestSupport.java
index 5489449..041aaae 100644
--- a/components/camel-google/camel-google-pubsub/src/test/java/org/apache/camel/component/google/pubsub/PubsubTestSupport.java
+++ b/components/camel-google/camel-google-pubsub/src/test/java/org/apache/camel/component/google/pubsub/PubsubTestSupport.java
@@ -69,6 +69,7 @@ public class PubsubTestSupport extends CamelTestSupport {
GooglePubsubComponent component = new GooglePubsubComponent();
component.setEndpoint(service.getServiceAddress());
+ component.setAuthenticate(false);
context.addComponent("google-pubsub", component);
context.getPropertiesComponent().setLocation("ref:prop");
diff --git a/core/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/GooglePubsubComponentBuilderFactory.java b/core/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/GooglePubsubComponentBuilderFactory.java
index 0020696..9f3b79b 100644
--- a/core/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/GooglePubsubComponentBuilderFactory.java
+++ b/core/camel-componentdsl/src/generated/java/org/apache/camel/builder/component/dsl/GooglePubsubComponentBuilderFactory.java
@@ -51,6 +51,22 @@ public interface GooglePubsubComponentBuilderFactory {
extends
ComponentBuilder<GooglePubsubComponent> {
/**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option is a: <code>boolean</code> type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubComponentBuilder authenticate(boolean authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
* Endpoint to use with local Pub/Sub emulator.
*
* The option is a: <code>java.lang.String</code> type.
@@ -212,6 +228,7 @@ public interface GooglePubsubComponentBuilderFactory {
String name,
Object value) {
switch (name) {
+ case "authenticate": ((GooglePubsubComponent) component).setAuthenticate((boolean) value); return true;
case "endpoint": ((GooglePubsubComponent) component).setEndpoint((java.lang.String) value); return true;
case "serviceAccountKey": ((GooglePubsubComponent) component).setServiceAccountKey((java.lang.String) value); return true;
case "bridgeErrorHandler": ((GooglePubsubComponent) component).setBridgeErrorHandler((boolean) value); return true;
diff --git a/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/GooglePubsubEndpointBuilderFactory.java b/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/GooglePubsubEndpointBuilderFactory.java
index fd0dacf..598d891 100644
--- a/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/GooglePubsubEndpointBuilderFactory.java
+++ b/core/camel-endpointdsl/src/generated/java/org/apache/camel/builder/endpoint/dsl/GooglePubsubEndpointBuilderFactory.java
@@ -76,6 +76,41 @@ public interface GooglePubsubEndpointBuilderFactory {
return this;
}
/**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option is a: <code>boolean</code> type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointConsumerBuilder authenticate(
+ boolean authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option will be converted to a <code>boolean</code>
+ * type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointConsumerBuilder authenticate(
+ String authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
* The number of parallel streams consuming from the subscription.
*
* The option is a: <code>java.lang.Integer</code> type.
@@ -165,7 +200,6 @@ public interface GooglePubsubEndpointBuilderFactory {
*
* The option is a: <code>java.lang.String</code> type.
*
- * Required: true
* Group: common
*
* @param serviceAccountKey the value to set
@@ -381,6 +415,41 @@ public interface GooglePubsubEndpointBuilderFactory {
return this;
}
/**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option is a: <code>boolean</code> type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointProducerBuilder authenticate(
+ boolean authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option will be converted to a <code>boolean</code>
+ * type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointProducerBuilder authenticate(
+ String authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
* The number of parallel streams consuming from the subscription.
*
* The option is a: <code>java.lang.Integer</code> type.
@@ -470,7 +539,6 @@ public interface GooglePubsubEndpointBuilderFactory {
*
* The option is a: <code>java.lang.String</code> type.
*
- * Required: true
* Group: common
*
* @param serviceAccountKey the value to set
@@ -705,6 +773,39 @@ public interface GooglePubsubEndpointBuilderFactory {
return this;
}
/**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option is a: <code>boolean</code> type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointBuilder authenticate(boolean authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
+ * Use Credentials when interacting with PubSub service (no
+ * authentication is required when using emulator).
+ *
+ * The option will be converted to a <code>boolean</code>
+ * type.
+ *
+ * Default: true
+ * Group: common
+ *
+ * @param authenticate the value to set
+ * @return the dsl builder
+ */
+ default GooglePubsubEndpointBuilder authenticate(String authenticate) {
+ doSetProperty("authenticate", authenticate);
+ return this;
+ }
+ /**
* The number of parallel streams consuming from the subscription.
*
* The option is a: <code>java.lang.Integer</code> type.
@@ -794,7 +895,6 @@ public interface GooglePubsubEndpointBuilderFactory {
*
* The option is a: <code>java.lang.String</code> type.
*
- * Required: true
* Group: common
*
* @param serviceAccountKey the value to set
diff --git a/docs/components/modules/ROOT/pages/google-pubsub-component.adoc b/docs/components/modules/ROOT/pages/google-pubsub-component.adoc
index f55a330..2923251 100644
--- a/docs/components/modules/ROOT/pages/google-pubsub-component.adoc
+++ b/docs/components/modules/ROOT/pages/google-pubsub-component.adoc
@@ -82,16 +82,14 @@ The following two sections lists all the options, firstly for the component foll
// component options: START
== Component Options
-
-The Google Pubsub component supports 8 options, which are listed below.
-
-
+The Google Pubsub component supports 9 options, which are listed below.
[width="100%",cols="2,5,^1,2",options="header"]
|===
| Name | Description | Default | Type
+| *authenticate* (common) | Use Credentials when interacting with PubSub service (no authentication is required when using emulator). | true | boolean
| *endpoint* (common) | Endpoint to use with local Pub/Sub emulator. | | String
-| *serviceAccountKey* (common) | *Required* The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
+| *serviceAccountKey* (common) | The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
| *bridgeErrorHandler* (consumer) | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | boolean
| *lazyStartProducer* (producer) | Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a producer may otherwise fail during starting and cause the route to fail being started. By deferring this startup to be lazy then the startup failure can be handled during routing messages via Camel's routing error handlers. Beware that when the first message is processed then creating and [...]
| *publisherCacheSize* (producer) | Maximum number of producers to cache. This could be increased if you have producers for lots of different topics. | | int
@@ -123,17 +121,18 @@ with the following path and query parameters:
|===
-=== Query Parameters (13 parameters):
+=== Query Parameters (14 parameters):
[width="100%",cols="2,5,^1,2",options="header"]
|===
| Name | Description | Default | Type
| *ackMode* (common) | AUTO = exchange gets ack'ed/nack'ed on completion. NONE = downstream process has to ack/nack explicitly. There are 2 enums and the value can be one of: AUTO, NONE | AUTO | AckMode
+| *authenticate* (common) | Use Credentials when interacting with PubSub service (no authentication is required when using emulator). | true | boolean
| *concurrentConsumers* (common) | The number of parallel streams consuming from the subscription | 1 | Integer
| *loggerId* (common) | Logger ID to use when a match to the parent route required | | String
| *maxMessagesPerPoll* (common) | The max number of messages to receive from the server in a single API call | 1 | Integer
-| *serviceAccountKey* (common) | *Required* The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
+| *serviceAccountKey* (common) | The Service account key that can be used as credentials for the PubSub publisher/subscriber. It can be loaded by default from classpath, but you can prefix with classpath:, file:, or http: to load the resource from different systems. | | String
| *synchronousPull* (common) | Synchronously pull batches of messages | false | boolean
| *bridgeErrorHandler* (consumer) | Allows for bridging the consumer to the Camel routing Error Handler, which mean any exceptions occurred while the consumer is trying to pickup incoming messages, or the likes, will now be processed as a message and handled by the routing Error Handler. By default the consumer will use the org.apache.camel.spi.ExceptionHandler to deal with exceptions, that will be logged at WARN or ERROR level and ignored. | false | boolean
| *exceptionHandler* (consumer) | To let the consumer use a custom ExceptionHandler. Notice if the option bridgeErrorHandler is enabled then this option is not in use. By default the consumer will deal with exceptions, that will be logged at WARN or ERROR level and ignored. | | ExceptionHandler
@@ -166,7 +165,7 @@ To enable this set set the options messageOrderingEnabled to true, and the pubsu
When producing messages set the message header `GooglePubsubConstants.ORDERING_KEY` . This will be set as the PubSub orderingKey for the message.
More information in https://cloud.google.com/pubsub/docs/ordering[Ordering messages].
-
+
Once exchange has been delivered to PubSub the PubSub Message ID will be assigned to
the header `GooglePubsubConstants.MESSAGE_ID`.
@@ -198,7 +197,9 @@ It is up for the route to convert/unmarshall the contents.
== Authentication Configuration
-The location of the default credentials file is configurable via the serviceAccountKey parameter.
+By default this component aquires credentials using `GoogleCredentials.getApplicationDefault()`.
+This behavior can be disabled by setting _authenticate_ option to `false`, in which case requests to Google API will be made without authentication details. This is only desirable when developing against an emulator.
+This behavior can be altered by supplying a path to a service account key file.
== Rollback and Redelivery