[ 
https://issues.apache.org/jira/browse/CAMEL-24061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

chio chuan ooi updated CAMEL-24061:
-----------------------------------
    Description: 
camel-zeebe using {{GatewayGrpc.GatewayBlockingStub}} built from a 
{{ManagedChannelBuilder.forAddress(...).usePlaintext().build()}} channel, with 
no credentials provider. 

Even when the clientid is supplier, beside {{startProcess}} method, the rest of 
the method that using grpc stub is not sending the authentication header which 
lead to all the process was rejected due to missing authentication header.

it should use authenticated channel which wraps {{managedChannel}} with the 
OAuth interceptor when credentials are configured; otherwise it's just the 
plain channel, unchanged from current behavior.

e.g 

 
{code:java}
        authenticatedChannel = credentialsProvider != null
            ? ClientInterceptors.intercept(managedChannel, new 
OAuthClientInterceptor(credentialsProvider))
            : managedChannel;



    private static class OAuthClientInterceptor implements ClientInterceptor {

        private final CredentialsProvider credentialsProvider;

        OAuthClientInterceptor(CredentialsProvider credentialsProvider) {
            this.credentialsProvider = credentialsProvider;
        }

        @Override
        public <ReqT, RespT> ClientCall<ReqT, RespT> interceptCall(
            MethodDescriptor<ReqT, RespT> method, CallOptions callOptions, 
Channel next) {
            return new 
ForwardingClientCall.SimpleForwardingClientCall<>(next.newCall(method, 
callOptions)) {
                @Override
                public void start(Listener<RespT> responseListener, Metadata 
headers) {
                    try {
                        credentialsProvider.applyCredentials(
                            
CredentialsProvider.CredentialsApplier.ofMetadata(headers));
                    } catch (IOException e) {
                        throw new RuntimeException("Failed to apply OAuth 
credentials to gRPC call", e);
                    }
                    super.start(responseListener, headers);
                }
            };
        }

    }
{code}
 
 

  was:
camel-zeebe using {{GatewayGrpc.GatewayBlockingStub}} built from a 
{{ManagedChannelBuilder.forAddress(...).usePlaintext().build()}} channel, with 
no credentials provider. 

Event when the clientid is supplier, beside {{startProcess}} method, the rest 
of the method that using grpc stub is not sending the authentication header 
which lead to all the process was rejected due to missing authentication header.

it should use authenticated channel which wraps {{managedChannel}} with the 
OAuth interceptor when credentials are configured; otherwise it's just the 
plain channel, unchanged from current behavior.

e.g 

 
{code:java}
        authenticatedChannel = credentialsProvider != null
            ? ClientInterceptors.intercept(managedChannel, new 
OAuthClientInterceptor(credentialsProvider))
            : managedChannel;



    private static class OAuthClientInterceptor implements ClientInterceptor {

        private final CredentialsProvider credentialsProvider;

        OAuthClientInterceptor(CredentialsProvider credentialsProvider) {
            this.credentialsProvider = credentialsProvider;
        }

        @Override
        public <ReqT, RespT> ClientCall<ReqT, RespT> interceptCall(
            MethodDescriptor<ReqT, RespT> method, CallOptions callOptions, 
Channel next) {
            return new 
ForwardingClientCall.SimpleForwardingClientCall<>(next.newCall(method, 
callOptions)) {
                @Override
                public void start(Listener<RespT> responseListener, Metadata 
headers) {
                    try {
                        credentialsProvider.applyCredentials(
                            
CredentialsProvider.CredentialsApplier.ofMetadata(headers));
                    } catch (IOException e) {
                        throw new RuntimeException("Failed to apply OAuth 
credentials to gRPC call", e);
                    }
                    super.start(responseListener, headers);
                }
            };
        }

    }
{code}

 
 


> camel-zeebe:  grpc-stub-based operations were never wired for auth
> ------------------------------------------------------------------
>
>                 Key: CAMEL-24061
>                 URL: https://issues.apache.org/jira/browse/CAMEL-24061
>             Project: Camel
>          Issue Type: Bug
>    Affects Versions: 4.18.3
>            Reporter: chio chuan ooi
>            Priority: Minor
>
> camel-zeebe using {{GatewayGrpc.GatewayBlockingStub}} built from a 
> {{ManagedChannelBuilder.forAddress(...).usePlaintext().build()}} channel, 
> with no credentials provider. 
> Even when the clientid is supplier, beside {{startProcess}} method, the rest 
> of the method that using grpc stub is not sending the authentication header 
> which lead to all the process was rejected due to missing authentication 
> header.
> it should use authenticated channel which wraps {{managedChannel}} with the 
> OAuth interceptor when credentials are configured; otherwise it's just the 
> plain channel, unchanged from current behavior.
> e.g 
>  
> {code:java}
>         authenticatedChannel = credentialsProvider != null
>             ? ClientInterceptors.intercept(managedChannel, new 
> OAuthClientInterceptor(credentialsProvider))
>             : managedChannel;
>     private static class OAuthClientInterceptor implements ClientInterceptor {
>         private final CredentialsProvider credentialsProvider;
>         OAuthClientInterceptor(CredentialsProvider credentialsProvider) {
>             this.credentialsProvider = credentialsProvider;
>         }
>         @Override
>         public <ReqT, RespT> ClientCall<ReqT, RespT> interceptCall(
>             MethodDescriptor<ReqT, RespT> method, CallOptions callOptions, 
> Channel next) {
>             return new 
> ForwardingClientCall.SimpleForwardingClientCall<>(next.newCall(method, 
> callOptions)) {
>                 @Override
>                 public void start(Listener<RespT> responseListener, Metadata 
> headers) {
>                     try {
>                         credentialsProvider.applyCredentials(
>                             
> CredentialsProvider.CredentialsApplier.ofMetadata(headers));
>                     } catch (IOException e) {
>                         throw new RuntimeException("Failed to apply OAuth 
> credentials to gRPC call", e);
>                     }
>                     super.start(responseListener, headers);
>                 }
>             };
>         }
>     }
> {code}
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to