AwsSecretManagerConfigImpl.java
package com.tradecloud.repository.multitenant;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.secretsmanager.AWSSecretsManager;
import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
import com.amazonaws.services.secretsmanager.model.*;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
@Component
public class AwsSecretManagerConfigImpl implements AwsSecretManagerConfig {
Logger log = Logger.getLogger(AwsSecretManagerConfigImpl.class);
private String rdsHost = System.getenv("rds_host");
private String awsHost = System.getenv("database_url");
private String awsRegion = System.getenv("secret_region");
private String awsEndpoint = System.getenv("secret_endpoint");
private String awsSecretName = System.getenv("secret_name");
private String databaseHost;
private String databaseUsername;
private String databasePassword;
private Map<String, String> secret = null;
private void getAWSConfig() {
if (secret == null) {
try {
secret = getSecret();
} catch (IOException e) {
e.printStackTrace();
}
if (secret != null) {
this.databaseHost = awsHost;
this.databaseUsername = (String) secret.get("username");
this.databasePassword = (String) secret.get("password");
}
if (rdsHost != null && !rdsHost.trim().isEmpty()) {
this.databaseHost = rdsHost;
}
}
}
private Map<String, String> getSecret() throws IOException {
if (awsEndpoint != null) {
//log.debug("awsEndpoint not null so proceed to next step (init aws secretsmanager client)");
AwsClientBuilder.EndpointConfiguration config = new AwsClientBuilder.EndpointConfiguration(awsEndpoint, awsRegion);
//log.debug("aws config: " + config);
AWSSecretsManagerClientBuilder clientBuilder = AWSSecretsManagerClientBuilder.standard();
//log.debug("client builder: " + clientBuilder);
clientBuilder.setEndpointConfiguration(config);
AWSSecretsManager client = clientBuilder.build();
//log.debug("aws client: " + client);
//String secret;
//ByteBuffer binarySecretData;
GetSecretValueRequest secretValueRequest = new GetSecretValueRequest().withSecretId(awsSecretName);
//log.debug("secretValueRequest: " + secretValueRequest);
GetSecretValueResult secretValueResult = null;
try {
secretValueResult = client.getSecretValue(secretValueRequest);
//log.debug("secretValueResult: " + secretValueResult);
} catch (ResourceNotFoundException e) {
//log.error("The requested secret " + awsSecretName + " was not found");
e.printStackTrace();
} catch (InvalidRequestException e) {
//log.error("The request was invalid due to: " + e.getMessage());
e.printStackTrace();
} catch (InvalidParameterException e) {
//log.error("The request had invalid params: " + e.getMessage());
e.printStackTrace();
}
if (secretValueResult == null) {
//log.debug("secretValueResult is null .. return null");
return null;
}
final String secretBinaryString = secretValueResult.getSecretString();
//log.debug("secretBinaryString: " + secretBinaryString);
final ObjectMapper objectMapper = new ObjectMapper();
final HashMap<String, String> secretMap = objectMapper.readValue(secretBinaryString, HashMap.class);
//log.debug("Secret username = " + secretMap.get("username"));
//log.debug("Secret password = " + secretMap.get("password"));
return secretMap;
}
return null;
}
@Override
public String getDatabaseHost() {
getAWSConfig();
return databaseHost;
}
@Override
public String getDatabaseUsername() {
getAWSConfig();
return databaseUsername;
}
@Override
public String getDatabasePassword() {
getAWSConfig();
return databasePassword;
}
}