You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ac...@apache.org on 2023/12/12 11:03:11 UTC
(camel) branch CAMEL-20220 created (now 302266b28e1)
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a change to branch CAMEL-20220
in repository https://gitbox.apache.org/repos/asf/camel.git
at 302266b28e1 CAMEL-20220 - Camel Azure Key Vault: Support Azure Identity in the component and secrets function
This branch includes the following new commits:
new 302266b28e1 CAMEL-20220 - Camel Azure Key Vault: Support Azure Identity in the component and secrets function
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
(camel) 01/01: CAMEL-20220 - Camel Azure Key Vault: Support Azure Identity in the component and secrets function
Posted by ac...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch CAMEL-20220
in repository https://gitbox.apache.org/repos/asf/camel.git
commit 302266b28e1adab7d5871b18c08571119a242089
Author: Andrea Cosentino <an...@gmail.com>
AuthorDate: Tue Dec 12 11:52:02 2023 +0100
CAMEL-20220 - Camel Azure Key Vault: Support Azure Identity in the component and secrets function
Signed-off-by: Andrea Cosentino <an...@gmail.com>
---
.../camel/catalog/components/azure-key-vault.json | 13 ++++----
.../main/camel-main-configuration-metadata.json | 1 +
.../key/vault/KeyVaultEndpointConfigurer.java | 6 ++++
.../key/vault/KeyVaultEndpointUriFactory.java | 3 +-
.../component/azure/key/vault/azure-key-vault.json | 13 ++++----
.../component/azure/key/vault/CredentialType.java | 35 ++++++++++++++++++++++
.../azure/key/vault/KeyVaultConfiguration.java | 18 +++++++++++
.../azure/key/vault/KeyVaultEndpoint.java | 17 +++++++----
.../key/vault/KeyVaultPropertiesFunction.java | 25 ++++++++++++++--
.../camel/vault/AzureVaultConfiguration.java | 13 ++++++++
.../main/AzureVaultConfigurationConfigurer.java | 6 ++++
...zureVaultConfigurationPropertiesConfigurer.java | 6 ++++
.../camel-main-configuration-metadata.json | 1 +
core/camel-main/src/main/docs/main.adoc | 3 +-
.../main/AzureVaultConfigurationProperties.java | 8 +++++
.../java/org/apache/camel/main/MainVaultTest.java | 2 ++
16 files changed, 148 insertions(+), 22 deletions(-)
diff --git a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/azure-key-vault.json b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/azure-key-vault.json
index f7cb32df0fa..6acab7018d6 100644
--- a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/azure-key-vault.json
+++ b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/components/azure-key-vault.json
@@ -31,11 +31,12 @@
},
"properties": {
"vaultName": { "index": 0, "kind": "path", "displayName": "Vault Name", "group": "producer", "label": "", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Vault Name to be used" },
- "operation": { "index": 1, "kind": "parameter", "displayName": "Operation", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.KeyVaultOperation", "enum": [ "createSecret", "getSecret", "deleteSecret", "purgeDeletedSecret" ], "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configu [...]
- "secretClient": { "index": 2, "kind": "parameter", "displayName": "Secret Client", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "com.azure.security.keyvault.secrets.SecretClient", "deprecated": false, "deprecationNote": "", "autowired": true, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Instance of Secret client" },
- "lazyStartProducer": { "index": 3, "kind": "parameter", "displayName": "Lazy Start Producer", "group": "producer (advanced)", "label": "producer,advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a produc [...]
- "clientId": { "index": 4, "kind": "parameter", "displayName": "Client Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Id to be used" },
- "clientSecret": { "index": 5, "kind": "parameter", "displayName": "Client Secret", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Secret to be used" },
- "tenantId": { "index": 6, "kind": "parameter", "displayName": "Tenant Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Tenant Id to be used" }
+ "credentialType": { "index": 1, "kind": "parameter", "displayName": "Credential Type", "group": "common", "label": "common", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.CredentialType", "enum": [ "CLIENT_SECRET", "AZURE_IDENTITY" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "CLIENT_SECRET", "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "co [...]
+ "operation": { "index": 2, "kind": "parameter", "displayName": "Operation", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.KeyVaultOperation", "enum": [ "createSecret", "getSecret", "deleteSecret", "purgeDeletedSecret" ], "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configu [...]
+ "secretClient": { "index": 3, "kind": "parameter", "displayName": "Secret Client", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "com.azure.security.keyvault.secrets.SecretClient", "deprecated": false, "deprecationNote": "", "autowired": true, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Instance of Secret client" },
+ "lazyStartProducer": { "index": 4, "kind": "parameter", "displayName": "Lazy Start Producer", "group": "producer (advanced)", "label": "producer,advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a produc [...]
+ "clientId": { "index": 5, "kind": "parameter", "displayName": "Client Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Id to be used" },
+ "clientSecret": { "index": 6, "kind": "parameter", "displayName": "Client Secret", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Secret to be used" },
+ "tenantId": { "index": 7, "kind": "parameter", "displayName": "Tenant Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Tenant Id to be used" }
}
}
diff --git a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/camel-main-configuration-metadata.json b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/camel-main-configuration-metadata.json
index 72f4180cad8..5577ce62cb1 100644
--- a/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/camel-main-configuration-metadata.json
+++ b/catalog/camel-catalog/src/generated/resources/org/apache/camel/catalog/main/camel-main-configuration-metadata.json
@@ -276,6 +276,7 @@
{ "name": "camel.vault.aws.region", "description": "The AWS region", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.aws.secretKey", "description": "The AWS secret key", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.aws.secrets", "description": "Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma.", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
+ { "name": "camel.vault.azure.azureIdentityEnabled", "description": "Whether the Azure Identity Authentication should be used or not.", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "boolean", "javaType": "boolean", "defaultValue": "false" },
{ "name": "camel.vault.azure.blobAccessKey", "description": "The Eventhubs Blob Access Key for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.azure.blobAccountName", "description": "The Eventhubs Blob Account Name for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.azure.blobContainerName", "description": "The Eventhubs Blob Container Name for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
diff --git a/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointConfigurer.java b/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointConfigurer.java
index a36c1210bd5..372ecd3a4fb 100644
--- a/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointConfigurer.java
+++ b/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointConfigurer.java
@@ -25,6 +25,8 @@ public class KeyVaultEndpointConfigurer extends PropertyConfigurerSupport implem
case "clientId": target.getConfiguration().setClientId(property(camelContext, java.lang.String.class, value)); return true;
case "clientsecret":
case "clientSecret": target.getConfiguration().setClientSecret(property(camelContext, java.lang.String.class, value)); return true;
+ case "credentialtype":
+ case "credentialType": target.getConfiguration().setCredentialType(property(camelContext, org.apache.camel.component.azure.key.vault.CredentialType.class, value)); return true;
case "lazystartproducer":
case "lazyStartProducer": target.setLazyStartProducer(property(camelContext, boolean.class, value)); return true;
case "operation": target.getConfiguration().setOperation(property(camelContext, org.apache.camel.component.azure.key.vault.KeyVaultOperation.class, value)); return true;
@@ -48,6 +50,8 @@ public class KeyVaultEndpointConfigurer extends PropertyConfigurerSupport implem
case "clientId": return java.lang.String.class;
case "clientsecret":
case "clientSecret": return java.lang.String.class;
+ case "credentialtype":
+ case "credentialType": return org.apache.camel.component.azure.key.vault.CredentialType.class;
case "lazystartproducer":
case "lazyStartProducer": return boolean.class;
case "operation": return org.apache.camel.component.azure.key.vault.KeyVaultOperation.class;
@@ -67,6 +71,8 @@ public class KeyVaultEndpointConfigurer extends PropertyConfigurerSupport implem
case "clientId": return target.getConfiguration().getClientId();
case "clientsecret":
case "clientSecret": return target.getConfiguration().getClientSecret();
+ case "credentialtype":
+ case "credentialType": return target.getConfiguration().getCredentialType();
case "lazystartproducer":
case "lazyStartProducer": return target.isLazyStartProducer();
case "operation": return target.getConfiguration().getOperation();
diff --git a/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointUriFactory.java b/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointUriFactory.java
index af6be600796..bc03fdbffa0 100644
--- a/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointUriFactory.java
+++ b/components/camel-azure/camel-azure-key-vault/src/generated/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpointUriFactory.java
@@ -21,9 +21,10 @@ public class KeyVaultEndpointUriFactory extends org.apache.camel.support.compone
private static final Set<String> SECRET_PROPERTY_NAMES;
private static final Set<String> MULTI_VALUE_PREFIXES;
static {
- Set<String> props = new HashSet<>(7);
+ Set<String> props = new HashSet<>(8);
props.add("clientId");
props.add("clientSecret");
+ props.add("credentialType");
props.add("lazyStartProducer");
props.add("operation");
props.add("secretClient");
diff --git a/components/camel-azure/camel-azure-key-vault/src/generated/resources/org/apache/camel/component/azure/key/vault/azure-key-vault.json b/components/camel-azure/camel-azure-key-vault/src/generated/resources/org/apache/camel/component/azure/key/vault/azure-key-vault.json
index f7cb32df0fa..6acab7018d6 100644
--- a/components/camel-azure/camel-azure-key-vault/src/generated/resources/org/apache/camel/component/azure/key/vault/azure-key-vault.json
+++ b/components/camel-azure/camel-azure-key-vault/src/generated/resources/org/apache/camel/component/azure/key/vault/azure-key-vault.json
@@ -31,11 +31,12 @@
},
"properties": {
"vaultName": { "index": 0, "kind": "path", "displayName": "Vault Name", "group": "producer", "label": "", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Vault Name to be used" },
- "operation": { "index": 1, "kind": "parameter", "displayName": "Operation", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.KeyVaultOperation", "enum": [ "createSecret", "getSecret", "deleteSecret", "purgeDeletedSecret" ], "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configu [...]
- "secretClient": { "index": 2, "kind": "parameter", "displayName": "Secret Client", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "com.azure.security.keyvault.secrets.SecretClient", "deprecated": false, "deprecationNote": "", "autowired": true, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Instance of Secret client" },
- "lazyStartProducer": { "index": 3, "kind": "parameter", "displayName": "Lazy Start Producer", "group": "producer (advanced)", "label": "producer,advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a produc [...]
- "clientId": { "index": 4, "kind": "parameter", "displayName": "Client Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Id to be used" },
- "clientSecret": { "index": 5, "kind": "parameter", "displayName": "Client Secret", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Secret to be used" },
- "tenantId": { "index": 6, "kind": "parameter", "displayName": "Tenant Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Tenant Id to be used" }
+ "credentialType": { "index": 1, "kind": "parameter", "displayName": "Credential Type", "group": "common", "label": "common", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.CredentialType", "enum": [ "CLIENT_SECRET", "AZURE_IDENTITY" ], "deprecated": false, "autowired": false, "secret": false, "defaultValue": "CLIENT_SECRET", "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "co [...]
+ "operation": { "index": 2, "kind": "parameter", "displayName": "Operation", "group": "producer", "label": "producer", "required": false, "type": "object", "javaType": "org.apache.camel.component.azure.key.vault.KeyVaultOperation", "enum": [ "createSecret", "getSecret", "deleteSecret", "purgeDeletedSecret" ], "deprecated": false, "autowired": false, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configu [...]
+ "secretClient": { "index": 3, "kind": "parameter", "displayName": "Secret Client", "group": "producer", "label": "", "required": false, "type": "object", "javaType": "com.azure.security.keyvault.secrets.SecretClient", "deprecated": false, "deprecationNote": "", "autowired": true, "secret": false, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Instance of Secret client" },
+ "lazyStartProducer": { "index": 4, "kind": "parameter", "displayName": "Lazy Start Producer", "group": "producer (advanced)", "label": "producer,advanced", "required": false, "type": "boolean", "javaType": "boolean", "deprecated": false, "autowired": false, "secret": false, "defaultValue": false, "description": "Whether the producer should be started lazy (on the first message). By starting lazy you can use this to allow CamelContext and routes to startup in situations where a produc [...]
+ "clientId": { "index": 5, "kind": "parameter", "displayName": "Client Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Id to be used" },
+ "clientSecret": { "index": 6, "kind": "parameter", "displayName": "Client Secret", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Client Secret to be used" },
+ "tenantId": { "index": 7, "kind": "parameter", "displayName": "Tenant Id", "group": "security", "label": "security", "required": false, "type": "string", "javaType": "java.lang.String", "deprecated": false, "autowired": false, "secret": true, "configurationClass": "org.apache.camel.component.azure.key.vault.KeyVaultConfiguration", "configurationField": "configuration", "description": "Tenant Id to be used" }
}
}
diff --git a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/CredentialType.java b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/CredentialType.java
new file mode 100644
index 00000000000..8c8b294a98a
--- /dev/null
+++ b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/CredentialType.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.azure.key.vault;
+
+public enum CredentialType {
+ /**
+ * Client Secret Credential
+ */
+ CLIENT_SECRET,
+ /**
+ * Includes:
+ * <uL>
+ * <li>Service principal with secret</li>
+ * <li>Service principal with certificate</li>
+ * <li>username and password</li>
+ * </uL>
+ *
+ * @see com.azure.identity.DefaultAzureCredentialBuilder
+ */
+ AZURE_IDENTITY
+}
diff --git a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultConfiguration.java b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultConfiguration.java
index a92ef9e767f..2e3fb12b957 100644
--- a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultConfiguration.java
+++ b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultConfiguration.java
@@ -23,6 +23,9 @@ import org.apache.camel.spi.UriParam;
import org.apache.camel.spi.UriParams;
import org.apache.camel.spi.UriPath;
+import static org.apache.camel.component.azure.key.vault.CredentialType.AZURE_IDENTITY;
+import static org.apache.camel.component.azure.key.vault.CredentialType.CLIENT_SECRET;
+
@UriParams
public class KeyVaultConfiguration implements Cloneable {
@@ -39,6 +42,9 @@ public class KeyVaultConfiguration implements Cloneable {
private String tenantId;
@UriParam(label = "producer")
private KeyVaultOperation operation = KeyVaultOperation.createSecret;
+ @UriParam(label = "common", enums = "CLIENT_SECRET,AZURE_IDENTITY",
+ defaultValue = "CLIENT_SECRET")
+ private CredentialType credentialType = CLIENT_SECRET;
/**
* Instance of Secret client
@@ -106,6 +112,18 @@ public class KeyVaultConfiguration implements Cloneable {
this.operation = operation;
}
+
+ public CredentialType getCredentialType() {
+ return credentialType;
+ }
+
+ /**
+ * Determines the credential strategy to adopt
+ */
+ public void setCredentialType(CredentialType credentialType) {
+ this.credentialType = credentialType;
+ }
+
// *************************************************
//
// *************************************************
diff --git a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpoint.java b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpoint.java
index 0840244dc4c..17bdcbca647 100644
--- a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpoint.java
+++ b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultEndpoint.java
@@ -16,8 +16,10 @@
*/
package org.apache.camel.component.azure.key.vault;
+import com.azure.core.credential.TokenCredential;
import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
+import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import org.apache.camel.Category;
@@ -61,12 +63,17 @@ public class KeyVaultEndpoint extends DefaultEndpoint {
// Build key vault URI
String keyVaultUri = "https://" + getConfiguration().getVaultName() + ".vault.azure.net";
+ TokenCredential credential = null;
// Credential
- ClientSecretCredential credential = new ClientSecretCredentialBuilder()
- .tenantId(getConfiguration().getTenantId())
- .clientId(getConfiguration().getClientId())
- .clientSecret(getConfiguration().getClientSecret())
- .build();
+ if (configuration.getCredentialType().equals(CredentialType.CLIENT_SECRET)) {
+ credential = new ClientSecretCredentialBuilder()
+ .tenantId(getConfiguration().getTenantId())
+ .clientId(getConfiguration().getClientId())
+ .clientSecret(getConfiguration().getClientSecret())
+ .build();
+ } else if (configuration.getCredentialType().equals(CredentialType.AZURE_IDENTITY)) {
+ credential = new DefaultAzureCredentialBuilder().build();
+ }
// Build Client
localClient = new SecretClientBuilder()
diff --git a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultPropertiesFunction.java b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultPropertiesFunction.java
index 35f71cd6ad1..ad758c560a2 100644
--- a/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultPropertiesFunction.java
+++ b/components/camel-azure/camel-azure-key-vault/src/main/java/org/apache/camel/component/azure/key/vault/KeyVaultPropertiesFunction.java
@@ -19,9 +19,11 @@ package org.apache.camel.component.azure.key.vault;
import java.util.HashSet;
import java.util.Set;
+import com.azure.core.credential.TokenCredential;
import com.azure.core.exception.ResourceNotFoundException;
import com.azure.identity.ClientSecretCredential;
import com.azure.identity.ClientSecretCredentialBuilder;
+import com.azure.identity.DefaultAzureCredentialBuilder;
import com.azure.security.keyvault.secrets.SecretClient;
import com.azure.security.keyvault.secrets.SecretClientBuilder;
import com.azure.security.keyvault.secrets.models.KeyVaultSecret;
@@ -46,6 +48,7 @@ import org.apache.camel.vault.AzureVaultConfiguration;
* <li><tt>CAMEL_VAULT_AZURE_CLIENT_ID</tt></li>
* <li><tt>CAMEL_VAULT_AZURE_CLIENT_SECRET</tt></li>
* <li><tt>CAMEL_VAULT_AZURE_TENANT_ID</tt></li>
+ * <li><tt>CAMEL_VAULT_AZURE_IDENTITY_ENABLED</tt></li>
* </ul>
* <p/>
*
@@ -56,12 +59,13 @@ import org.apache.camel.vault.AzureVaultConfiguration;
* <li><tt>camel.vault.azure.clientId</tt></li>
* <li><tt>camel.vault.azure.clientSecret</tt></li>
* <li><tt>camel.vault.azure.tenantId</tt></li>
+ * <li><tt>camel.vault.azure.azureIdentityEnabled</tt></li>
* </ul>
* <p/>
*
* This implementation is to return the secret value associated with a key. The properties related to this kind of
* Properties Function are all prefixed with <tt>azure:</tt>. For example asking for <tt>azure:token</tt>, will return
- * the secret value associated to the secret named token on AWS Secrets Manager.
+ * the secret value associated to the secret named token on Azure Key Vault.
*
* Another way of retrieving a secret value is using the following notation <tt>azure:database/username</tt>: in this
* case the field username of the secret database will be returned. As a fallback, the user could provide a default
@@ -78,6 +82,8 @@ public class KeyVaultPropertiesFunction extends ServiceSupport implements Proper
private static final String CAMEL_VAULT_AZURE_CLIENT_ID = "CAMEL_VAULT_AZURE_CLIENT_ID";
private static final String CAMEL_VAULT_AZURE_CLIENT_SECRET = "CAMEL_VAULT_AZURE_CLIENT_SECRET";
private static final String CAMEL_VAULT_AZURE_TENANT_ID = "CAMEL_VAULT_AZURE_TENANT_ID";
+
+ private static final String CAMEL_VAULT_AZURE_IDENTITY_ENABLED = "CAMEL_VAULT_AZURE_IDENTITY_ENABLED";
private CamelContext camelContext;
private SecretClient client;
private final Set<String> secrets = new HashSet<>();
@@ -89,6 +95,7 @@ public class KeyVaultPropertiesFunction extends ServiceSupport implements Proper
String clientId = System.getenv(CAMEL_VAULT_AZURE_CLIENT_ID);
String clientSecret = System.getenv(CAMEL_VAULT_AZURE_CLIENT_SECRET);
String tenantId = System.getenv(CAMEL_VAULT_AZURE_TENANT_ID);
+ boolean azureIdentityEnabled = Boolean.parseBoolean(System.getenv(CAMEL_VAULT_AZURE_IDENTITY_ENABLED));
if (ObjectHelper.isEmpty(vaultName) && ObjectHelper.isEmpty(clientId) && ObjectHelper.isEmpty(clientSecret)
&& ObjectHelper.isEmpty(tenantId)) {
AzureVaultConfiguration azureVaultConfiguration = getCamelContext().getVaultConfiguration().azure();
@@ -97,10 +104,11 @@ public class KeyVaultPropertiesFunction extends ServiceSupport implements Proper
clientId = azureVaultConfiguration.getClientId();
clientSecret = azureVaultConfiguration.getClientSecret();
tenantId = azureVaultConfiguration.getTenantId();
+ azureIdentityEnabled = azureVaultConfiguration.isAzureIdentityEnabled();
}
}
if (ObjectHelper.isNotEmpty(vaultName) && ObjectHelper.isNotEmpty(clientId) && ObjectHelper.isNotEmpty(clientSecret)
- && ObjectHelper.isNotEmpty(tenantId)) {
+ && ObjectHelper.isNotEmpty(tenantId) && !azureIdentityEnabled) {
String keyVaultUri = "https://" + vaultName + ".vault.azure.net";
// Credential
@@ -110,6 +118,17 @@ public class KeyVaultPropertiesFunction extends ServiceSupport implements Proper
.clientSecret(clientSecret)
.build();
+ // Build Client
+ client = new SecretClientBuilder()
+ .vaultUrl(keyVaultUri)
+ .credential(credential)
+ .buildClient();
+ } else if (ObjectHelper.isNotEmpty(vaultName) && azureIdentityEnabled) {
+ String keyVaultUri = "https://" + vaultName + ".vault.azure.net";
+
+ // Credential
+ TokenCredential credential = new DefaultAzureCredentialBuilder().build();
+
// Build Client
client = new SecretClientBuilder()
.vaultUrl(keyVaultUri)
@@ -117,7 +136,7 @@ public class KeyVaultPropertiesFunction extends ServiceSupport implements Proper
.buildClient();
} else {
throw new RuntimeCamelException(
- "Using the Azure Key Vault Properties Function requires setting Azure credentials as application properties or environment variables");
+ "Using the Azure Key Vault Properties Function requires setting Azure credentials as application properties or environment variables or enable the Azure Identity Authentication mechanism");
}
}
diff --git a/core/camel-api/src/main/java/org/apache/camel/vault/AzureVaultConfiguration.java b/core/camel-api/src/main/java/org/apache/camel/vault/AzureVaultConfiguration.java
index 5e1804c661b..64e70878154 100644
--- a/core/camel-api/src/main/java/org/apache/camel/vault/AzureVaultConfiguration.java
+++ b/core/camel-api/src/main/java/org/apache/camel/vault/AzureVaultConfiguration.java
@@ -32,6 +32,8 @@ public class AzureVaultConfiguration extends VaultConfiguration {
@Metadata(secret = true)
private String tenantId;
@Metadata
+ private boolean azureIdentityEnabled;
+ @Metadata
private boolean refreshEnabled;
@Metadata(defaultValue = "30000")
private long refreshPeriod = 30000;
@@ -90,6 +92,17 @@ public class AzureVaultConfiguration extends VaultConfiguration {
this.tenantId = tenantId;
}
+ public boolean isAzureIdentityEnabled() {
+ return azureIdentityEnabled;
+ }
+
+ /**
+ * Whether the Azure Identity Authentication should be used or not.
+ */
+ public void setAzureIdentityEnabled(boolean azureIdentityEnabled) {
+ this.azureIdentityEnabled = azureIdentityEnabled;
+ }
+
public boolean isRefreshEnabled() {
return refreshEnabled;
}
diff --git a/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationConfigurer.java b/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationConfigurer.java
index 9560719e584..ea4798b7450 100644
--- a/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationConfigurer.java
+++ b/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationConfigurer.java
@@ -23,6 +23,8 @@ public class AzureVaultConfigurationConfigurer extends org.apache.camel.support.
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": target.setAwsVaultConfiguration(property(camelContext, org.apache.camel.vault.AwsVaultConfiguration.class, value)); return true;
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": target.setAzureIdentityEnabled(property(camelContext, boolean.class, value)); return true;
case "azurevaultconfiguration":
case "AzureVaultConfiguration": target.setAzureVaultConfiguration(property(camelContext, org.apache.camel.vault.AzureVaultConfiguration.class, value)); return true;
case "blobaccesskey":
@@ -60,6 +62,8 @@ public class AzureVaultConfigurationConfigurer extends org.apache.camel.support.
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": return org.apache.camel.vault.AwsVaultConfiguration.class;
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": return boolean.class;
case "azurevaultconfiguration":
case "AzureVaultConfiguration": return org.apache.camel.vault.AzureVaultConfiguration.class;
case "blobaccesskey":
@@ -98,6 +102,8 @@ public class AzureVaultConfigurationConfigurer extends org.apache.camel.support.
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": return target.getAwsVaultConfiguration();
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": return target.isAzureIdentityEnabled();
case "azurevaultconfiguration":
case "AzureVaultConfiguration": return target.getAzureVaultConfiguration();
case "blobaccesskey":
diff --git a/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationPropertiesConfigurer.java b/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationPropertiesConfigurer.java
index cafee650316..65616f5136c 100644
--- a/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationPropertiesConfigurer.java
+++ b/core/camel-main/src/generated/java/org/apache/camel/main/AzureVaultConfigurationPropertiesConfigurer.java
@@ -23,6 +23,8 @@ public class AzureVaultConfigurationPropertiesConfigurer extends org.apache.came
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": target.setAwsVaultConfiguration(property(camelContext, org.apache.camel.vault.AwsVaultConfiguration.class, value)); return true;
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": target.setAzureIdentityEnabled(property(camelContext, boolean.class, value)); return true;
case "azurevaultconfiguration":
case "AzureVaultConfiguration": target.setAzureVaultConfiguration(property(camelContext, org.apache.camel.vault.AzureVaultConfiguration.class, value)); return true;
case "blobaccesskey":
@@ -60,6 +62,8 @@ public class AzureVaultConfigurationPropertiesConfigurer extends org.apache.came
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": return org.apache.camel.vault.AwsVaultConfiguration.class;
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": return boolean.class;
case "azurevaultconfiguration":
case "AzureVaultConfiguration": return org.apache.camel.vault.AzureVaultConfiguration.class;
case "blobaccesskey":
@@ -98,6 +102,8 @@ public class AzureVaultConfigurationPropertiesConfigurer extends org.apache.came
switch (ignoreCase ? name.toLowerCase() : name) {
case "awsvaultconfiguration":
case "AwsVaultConfiguration": return target.getAwsVaultConfiguration();
+ case "azureidentityenabled":
+ case "AzureIdentityEnabled": return target.isAzureIdentityEnabled();
case "azurevaultconfiguration":
case "AzureVaultConfiguration": return target.getAzureVaultConfiguration();
case "blobaccesskey":
diff --git a/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json b/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json
index 72f4180cad8..5577ce62cb1 100644
--- a/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json
+++ b/core/camel-main/src/generated/resources/META-INF/camel-main-configuration-metadata.json
@@ -276,6 +276,7 @@
{ "name": "camel.vault.aws.region", "description": "The AWS region", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.aws.secretKey", "description": "The AWS secret key", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.aws.secrets", "description": "Specify the secret names (or pattern) to check for updates. Multiple secrets can be separated by comma.", "sourceType": "org.apache.camel.vault.AwsVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
+ { "name": "camel.vault.azure.azureIdentityEnabled", "description": "Whether the Azure Identity Authentication should be used or not.", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "boolean", "javaType": "boolean", "defaultValue": "false" },
{ "name": "camel.vault.azure.blobAccessKey", "description": "The Eventhubs Blob Access Key for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.azure.blobAccountName", "description": "The Eventhubs Blob Account Name for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
{ "name": "camel.vault.azure.blobContainerName", "description": "The Eventhubs Blob Container Name for CheckpointStore purpose", "sourceType": "org.apache.camel.vault.AzureVaultConfiguration", "type": "string", "javaType": "java.lang.String" },
diff --git a/core/camel-main/src/main/docs/main.adoc b/core/camel-main/src/main/docs/main.adoc
index cf27329b981..b4bbd92d60a 100644
--- a/core/camel-main/src/main/docs/main.adoc
+++ b/core/camel-main/src/main/docs/main.adoc
@@ -316,11 +316,12 @@ The camel.vault.gcp supports 7 options, which are listed below.
=== Camel Azure Key Vault configurations
-The camel.vault.azure supports 11 options, which are listed below.
+The camel.vault.azure supports 12 options, which are listed below.
[width="100%",cols="2,5,^1,2",options="header"]
|===
| Name | Description | Default | Type
+| *camel.vault.azure.azure{zwsp}IdentityEnabled* | Whether the Azure Identity Authentication should be used or not. | false | boolean
| *camel.vault.azure.blobAccess{zwsp}Key* | The Eventhubs Blob Access Key for CheckpointStore purpose | | String
| *camel.vault.azure.blobAccount{zwsp}Name* | The Eventhubs Blob Account Name for CheckpointStore purpose | | String
| *camel.vault.azure.blob{zwsp}ContainerName* | The Eventhubs Blob Container Name for CheckpointStore purpose | | String
diff --git a/core/camel-main/src/main/java/org/apache/camel/main/AzureVaultConfigurationProperties.java b/core/camel-main/src/main/java/org/apache/camel/main/AzureVaultConfigurationProperties.java
index 57f786cb978..4a15b5168b2 100644
--- a/core/camel-main/src/main/java/org/apache/camel/main/AzureVaultConfigurationProperties.java
+++ b/core/camel-main/src/main/java/org/apache/camel/main/AzureVaultConfigurationProperties.java
@@ -81,6 +81,14 @@ public class AzureVaultConfigurationProperties extends AzureVaultConfiguration i
return this;
}
+ /**
+ * Whether the Azure Identity Authentication should be used or not.
+ */
+ public AzureVaultConfigurationProperties withAzureIdentityEnabled(boolean azureIdentityEnabled) {
+ setAzureIdentityEnabled(azureIdentityEnabled);
+ return this;
+ }
+
/**
* Whether to automatically reload Camel upon secrets being updated in Azure.
*/
diff --git a/core/camel-main/src/test/java/org/apache/camel/main/MainVaultTest.java b/core/camel-main/src/test/java/org/apache/camel/main/MainVaultTest.java
index ca7ca42b3d8..18fcbe55a8e 100644
--- a/core/camel-main/src/test/java/org/apache/camel/main/MainVaultTest.java
+++ b/core/camel-main/src/test/java/org/apache/camel/main/MainVaultTest.java
@@ -201,6 +201,7 @@ public class MainVaultTest {
Assertions.assertEquals("id1", cfg.getClientId());
Assertions.assertEquals("secret1", cfg.getClientSecret());
Assertions.assertEquals("tenant1", cfg.getTenantId());
+ Assertions.assertEquals(false, cfg.isAzureIdentityEnabled());
main.stop();
}
@@ -226,6 +227,7 @@ public class MainVaultTest {
Assertions.assertEquals("id1", cfg.getClientId());
Assertions.assertEquals("secret1", cfg.getClientSecret());
Assertions.assertEquals("tenant1", cfg.getTenantId());
+ Assertions.assertEquals(false, cfg.isAzureIdentityEnabled());
main.stop();
}