diff --git a/data-prepper-plugins/common/build.gradle b/data-prepper-plugins/common/build.gradle index 5a84ee5cbc..c03a13222b 100644 --- a/data-prepper-plugins/common/build.gradle +++ b/data-prepper-plugins/common/build.gradle @@ -16,8 +16,15 @@ dependencies { api project(':data-prepper-api') implementation 'com.fasterxml.jackson.core:jackson-databind' implementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-yaml' + implementation "commons-io:commons-io:2.11.0" + implementation 'com.amazonaws:aws-java-sdk-s3' + implementation 'com.amazonaws:aws-java-sdk-acm' + implementation "org.apache.commons:commons-lang3:3.12.0" + implementation "org.bouncycastle:bcprov-jdk15on:1.69" + implementation "org.bouncycastle:bcpkix-jdk15on:1.69" implementation 'org.reflections:reflections:0.9.12' testImplementation 'commons-io:commons-io:2.11.0' + testImplementation "org.hamcrest:hamcrest:2.2" } jacocoTestCoverageVerification { diff --git a/data-prepper-plugins/common/data/certificate/test_cert.crt b/data-prepper-plugins/common/data/certificate/test_cert.crt new file mode 100644 index 0000000000..26c78d1411 --- /dev/null +++ b/data-prepper-plugins/common/data/certificate/test_cert.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAYYCCQD4hqYeYDQZADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCVFgxDzANBgNVBAcMBkF1c3RpbjEPMA0GA1UECgwGQW1hem9u +MRQwEgYDVQQLDAtEYXRhcHJlcHBlcjAgFw0yMTA2MjUxOTIzMTBaGA8yMTIxMDYw +MTE5MjMxMFowUjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZB +dXN0aW4xDzANBgNVBAoMBkFtYXpvbjEUMBIGA1UECwwLRGF0YXByZXBwZXIwgZ8w +DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrb3YhdKbQ5PtLHall10iLZC9ZdDVrq +HOvqVSM8NHlL8f82gJ3l0n9k7hYc5eKisutaS9eDTmJ+Dnn8xn/qPSKTIq9Wh+OZ +O+e9YEEpI/G4F9KpGULgMyRg9sJK0GlZdEt9o5GJNJIJUkptJU5eiLuE0IV+jyJo +Nvm8OE6EJPqxAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAjgnX5n/Tt7eo9uakIGAb +uBhvYdR8JqKXqF9rjFJ/MIK7FdQSF/gCdjnvBhzLlZFK/Nb6MGKoSKm5Lcr75LgC +FyhIwp3WlqQksiMFnOypYVY71vqDgj6UKdMaOBgthsYhngj8lC+wsVzWqQvkJ2Qg +/GAIzJwiZfXiaevQHRk79qI= +-----END CERTIFICATE----- diff --git a/data-prepper-plugins/common/data/certificate/test_decrypted_key.key b/data-prepper-plugins/common/data/certificate/test_decrypted_key.key new file mode 100644 index 0000000000..479b877131 --- /dev/null +++ b/data-prepper-plugins/common/data/certificate/test_decrypted_key.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQCq292IXSm0OT7Sx2pZddIi2QvWXQ1a6hzr6lUjPDR5S/H/NoCd +5dJ/ZO4WHOXiorLrWkvXg05ifg55/MZ/6j0ikyKvVofjmTvnvWBBKSPxuBfSqRlC +4DMkYPbCStBpWXRLfaORiTSSCVJKbSVOXoi7hNCFfo8iaDb5vDhOhCT6sQIDAQAB +AoGANrrhFqpJDpr7vcb1ER0Fp/YArbT27zVo+EUC6puBb41dQlQyFOImcHpjLaAq +H1PgnjU5cBp2hGQ+vOK0rwrYc/HNl6vfh6N3NbDptMiuoBafRJA9JzYourAM09BU +zmXyr61Yn3KHzx1PRwWe37icX93oXP3P0qHb3dI1ZF4jG0ECQQDU5N/a7ogoz2zn +ZssD6FvUOUQDsdBWdXmhUvg+YdZrV44e4xk+FVzwEONoRktEYKz9MFXlsgNHr445 +KRguHWcJAkEAzXQkwOkN8WID1wrwoobUIMbZSGAZzofwkKXgTTnllnT1qOQXuRbS +aCMejFEymBBef4aXP6N4+va2FKW/MF34aQJAO2oMl1sOoOUSrZngepy0VAwPUUCk +thxe74jqQu6nGpn6zd/vQYZQw6bS8Fz90H1yic6dilcd1znFZWp0lxoZkQJBALeI +xoBycRsuFQIYasi1q3AwUtBd0Q/3zkZZeBtk2hzjFMUwJaUZpxKSNOrialD/ZnuD +jz+xWBTRKe0d98JMX+kCQCmsJEj/HYQAC1GamZ7JQWogRSRF2KTgTWRaDXDxy0d4 +yUQgwHB+HZLFcbi1JEK6eIixCsX8iifrrkteh+1npJ0= +-----END RSA PRIVATE KEY----- diff --git a/data-prepper-plugins/common/data/certificate/test_encrypted_key.key b/data-prepper-plugins/common/data/certificate/test_encrypted_key.key new file mode 100644 index 0000000000..285efc8d82 --- /dev/null +++ b/data-prepper-plugins/common/data/certificate/test_encrypted_key.key @@ -0,0 +1,17 @@ +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIICojAcBgoqhkiG9w0BDAEDMA4ECAd2FKZw2oGwAgIIAASCAoDTgiaXkazaotc7 +SxQK3bX34sEvdkLXg/O4ZpHTb0f4gLPxNhDe7ZPKrAS2TdywpSHT0189MVl+PIvw +4YQDaGVHL1SM5ukJu+PQkfQAMigdCJ+bUsG6hkrUDC74qYhHZHj1yVGavL6I4KHT +Ixh9IV2GMRS4m6HGJ17nYsdiTFFNdK++WcTMxbVWv3SNdKGZG79T32pjMxuIUPWr +3dB+ZXM+FSqwlBLZxPvvjlP6ETw7QXrlBHcQh1tHSh10bM+q0c5CktZoXLwpc+gv +ZsGXzpVjqFrAw4Vw0ikJl1mUCoGOtqqP0P6QWwbIJZBxNoO0MvWcXW+U3AGNFFze +nMR8UTXdga2l1Lx7pokQkWUpp48SDRjDx/RdZTRXCgtRcKuBcm0x2lxNILdwOzjJ +5GlKMvvc2OXXTnYqSCTqdfbuR3XBYmWgFki92D6JnVIYq+QJr5qj8IJDJ7mADQ1i +Za6PEJnrT641fLeSKRq7QiTydMQ3JXa9DFqUPwdZPPHLr/hC19sWHrq7gxvhkcLI +wrTtTIi8/iV4IVaiHk7YU83IM6sGExabQ3BRXcHMr+7i1vVxtEsFNC6ycTfJ8gpJ +YsnpXUQe912l5sk7GRSP1InNRF7kzMD0QeOAQ0UVfmsbHOPSXvD7fXkJWIb6N+zW +qCQYRmBwc7Bz2KZein5MLsMeNz2AWj/DcA2fMC+4+QtI0nF5BFtaR0V0npWhsbPu +3rj+AXipnvVhDIkfl8495j7ybCBj7HAZk8Ux8GmiZ3PGFO1C7XCQaLPWJ4Aw4Kb3 +EUqtVtpbwsCov5PDmMDXgz8qOxWMdQsP/dPF1HnVAg7SoFG9xA4nHdZ2WAFZwYtf +rRxEd7br +-----END ENCRYPTED PRIVATE KEY----- diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProvider.java b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProvider.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProvider.java rename to data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProvider.java diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProvider.java b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProvider.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProvider.java rename to data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProvider.java diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProvider.java b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProvider.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProvider.java rename to data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProvider.java diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java similarity index 93% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java rename to data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java index 647eaa5ab9..b7c9fea73a 100644 --- a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java +++ b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/model/Certificate.java @@ -2,6 +2,7 @@ import static java.util.Objects.requireNonNull; +// TODO: accommodate encrypted private key with password public class Certificate { /** * The base64 PEM-encoded certificate. diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProvider.java b/data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProvider.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProvider.java rename to data-prepper-plugins/common/src/main/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProvider.java diff --git a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProviderTest.java b/data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProviderTest.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProviderTest.java rename to data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/acm/ACMCertificateProviderTest.java diff --git a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProviderTest.java b/data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProviderTest.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProviderTest.java rename to data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/file/FileCertificateProviderTest.java diff --git a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProviderTest.java b/data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProviderTest.java similarity index 100% rename from data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProviderTest.java rename to data-prepper-plugins/common/src/test/java/com/amazon/dataprepper/plugins/certificate/s3/S3CertificateProviderTest.java diff --git a/data-prepper-plugins/http-source/README.md b/data-prepper-plugins/http-source/README.md index 3882734d7a..c86ed89382 100644 --- a/data-prepper-plugins/http-source/README.md +++ b/data-prepper-plugins/http-source/README.md @@ -19,6 +19,12 @@ source: * max_connection_count(Optional) => An `int` larger than 0 represents the maximum allowed number of open connections. Default is `500`. * max_pending_requests(Optional) => An `int` larger than 0 represents the maximum allowed number of tasks in the ScheduledThreadPool work queue. Default is `1024`. +### SSL + +* ssl(Optional) => A `boolean` enables TLS/SSL. Default is ```true```. +* ssl_certificate_file(Optional) => A `String` represents the SSL certificate chain file path. Required if ```ssl``` is set to ```true```. +* ssl_key_file(Optional) => A `String` represents the SSL key file path. Only decrypted key file is supported. Required if ```ssl``` is set to ```true```. + ## Metrics TBD diff --git a/data-prepper-plugins/http-source/build.gradle b/data-prepper-plugins/http-source/build.gradle index da459f0fde..64221fbbe0 100644 --- a/data-prepper-plugins/http-source/build.gradle +++ b/data-prepper-plugins/http-source/build.gradle @@ -5,7 +5,9 @@ plugins { dependencies { implementation project(':data-prepper-api') implementation project(':data-prepper-plugins:blocking-buffer') + implementation project(':data-prepper-plugins:common') implementation "com.linecorp.armeria:armeria:1.9.2" + implementation "commons-io:commons-io:2.11.0" testImplementation 'org.assertj:assertj-core:3.20.2' testImplementation "org.hamcrest:hamcrest:2.2" } diff --git a/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSource.java b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSource.java index 0bb260ebb7..2e1d3b119b 100644 --- a/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSource.java +++ b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSource.java @@ -17,12 +17,17 @@ import com.amazon.dataprepper.model.configuration.PluginSetting; import com.amazon.dataprepper.model.record.Record; import com.amazon.dataprepper.model.source.Source; +import com.amazon.dataprepper.plugins.certificate.CertificateProvider; +import com.amazon.dataprepper.plugins.certificate.model.Certificate; +import com.amazon.dataprepper.plugins.source.loghttp.certificate.CertificateProviderFactory; import com.linecorp.armeria.server.Server; import com.linecorp.armeria.server.ServerBuilder; import com.linecorp.armeria.server.throttling.ThrottlingService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import java.io.ByteArrayInputStream; +import java.nio.charset.StandardCharsets; import java.time.Duration; import java.util.concurrent.ExecutionException; import java.util.concurrent.ScheduledThreadPoolExecutor; @@ -32,10 +37,12 @@ public class HTTPSource implements Source> { private static final Logger LOG = LoggerFactory.getLogger(HTTPSource.class); private final HTTPSourceConfig sourceConfig; + private final CertificateProviderFactory certificateProviderFactory; private Server server; public HTTPSource(final PluginSetting pluginSetting) { sourceConfig = HTTPSourceConfig.buildConfig(pluginSetting); + certificateProviderFactory = new CertificateProviderFactory(sourceConfig); } @Override @@ -45,8 +52,19 @@ public void start(Buffer> buffer) { } if (server == null) { final ServerBuilder sb = Server.builder(); - // TODO: allow tls/ssl - sb.http(sourceConfig.getPort()); + if (sourceConfig.isSsl()) { + LOG.info("SSL/TLS is enabled."); + final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider(); + final Certificate certificate = certificateProvider.getCertificate(); + // TODO: enable encrypted key with password + sb.https(sourceConfig.getPort()).tls( + new ByteArrayInputStream(certificate.getCertificate().getBytes(StandardCharsets.UTF_8)), + new ByteArrayInputStream(certificate.getPrivateKey().getBytes(StandardCharsets.UTF_8) + ) + ); + } else { + sb.http(sourceConfig.getPort()); + } sb.maxNumConnections(sourceConfig.getMaxConnectionCount()); final int requestTimeoutInMillis = sourceConfig.getRequestTimeoutInMillis(); // Allow 2*requestTimeoutInMillis to accommodate non-blocking operations other than buffer writing. diff --git a/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfig.java b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfig.java index 072d3bed71..3ebc15f071 100644 --- a/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfig.java +++ b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfig.java @@ -13,6 +13,10 @@ import com.amazon.dataprepper.model.configuration.PluginSetting; import com.google.common.base.Preconditions; +import io.micrometer.core.instrument.util.StringUtils; + +import java.nio.file.Files; +import java.nio.file.Path; public class HTTPSourceConfig { static final String PORT = "port"; @@ -21,6 +25,10 @@ public class HTTPSourceConfig { static final String MAX_CONNECTION_COUNT = "max_connection_count"; static final String MAX_PENDING_REQUESTS = "max_pending_requests"; static final String DEFAULT_LOG_INGEST_URI = "/log/ingest"; + static final String SSL = "ssl"; + static final String SSL_CERTIFICATE_FILE = "ssl_certificate_file"; + static final String SSL_KEY_FILE = "ssl_key_file"; + static final String SSL_KEY_PASSWORD = "ssl_key_password"; static final int DEFAULT_PORT = 2021; static final int DEFAULT_REQUEST_TIMEOUT_MS = 10000; static final int DEFAULT_THREAD_COUNT = 200; @@ -32,22 +40,38 @@ public class HTTPSourceConfig { private final int threadCount; private final int maxConnectionCount; private final int maxPendingRequests; + private final boolean ssl; + private final String sslCertificateFile; + private final String sslKeyFile; + private final String sslKeyPassword; private HTTPSourceConfig(final int port, final int requestTimeoutInMillis, final int threadCount, final int maxConnectionCount, - final int maxPendingRequests) { + final int maxPendingRequests, + final boolean ssl, + final String sslCertificateFile, + final String sslKeyFile, + final String sslKeyPassword) { Preconditions.checkArgument(port >= 0 && port < 65535, "port must be between 0 and 65535."); Preconditions.checkArgument(requestTimeoutInMillis > 0, "request_timeout must be greater than 0."); Preconditions.checkArgument(threadCount > 0, "thread_count must be greater than 0."); Preconditions.checkArgument(maxConnectionCount > 0, "max_connection_count must be greater than 0."); Preconditions.checkArgument(maxPendingRequests > 0, "max_pending_requests must be greater than 0."); + if (ssl) { + validateFilePath(String.format("%s is enabled", SSL), sslCertificateFile, SSL_CERTIFICATE_FILE); + validateFilePath(String.format("%s is enabled", SSL), sslKeyFile, SSL_KEY_FILE); + } this.port = port; this.requestTimeoutInMillis = requestTimeoutInMillis; this.threadCount = threadCount; this.maxConnectionCount = maxConnectionCount; this.maxPendingRequests = maxPendingRequests; + this.ssl = ssl; + this.sslCertificateFile = sslCertificateFile; + this.sslKeyFile = sslKeyFile; + this.sslKeyPassword = sslKeyPassword; } public static HTTPSourceConfig buildConfig(final PluginSetting pluginSetting) { @@ -56,10 +80,20 @@ public static HTTPSourceConfig buildConfig(final PluginSetting pluginSetting) { pluginSetting.getIntegerOrDefault(REQUEST_TIMEOUT, DEFAULT_REQUEST_TIMEOUT_MS), pluginSetting.getIntegerOrDefault(THREAD_COUNT, DEFAULT_THREAD_COUNT), pluginSetting.getIntegerOrDefault(MAX_CONNECTION_COUNT, DEFAULT_MAX_CONNECTION_COUNT), - pluginSetting.getIntegerOrDefault(MAX_PENDING_REQUESTS, DEFAULT_MAX_PENDING_REQUESTS) + pluginSetting.getIntegerOrDefault(MAX_PENDING_REQUESTS, DEFAULT_MAX_PENDING_REQUESTS), + pluginSetting.getBooleanOrDefault(SSL, false), + pluginSetting.getStringOrDefault(SSL_CERTIFICATE_FILE, null), + pluginSetting.getStringOrDefault(SSL_KEY_FILE, null), + pluginSetting.getStringOrDefault(SSL_KEY_PASSWORD, null) ); } + private void validateFilePath(final String typeMessage, final String argument, final String argumentName) { + if (StringUtils.isEmpty(argument) || !Files.exists(Path.of(argument))) { + throw new IllegalArgumentException(String.format("%s, %s needs to be a valid file path.", typeMessage, argumentName)); + } + } + public int getPort() { return port; } @@ -79,4 +113,20 @@ public int getMaxConnectionCount() { public int getMaxPendingRequests() { return maxPendingRequests; } + + public boolean isSsl() { + return ssl; + } + + public String getSslCertificateFile() { + return sslCertificateFile; + } + + public String getSslKeyFile() { + return sslKeyFile; + } + + public String getSslKeyPassword() { + return sslKeyPassword; + } } diff --git a/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactory.java b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactory.java new file mode 100644 index 0000000000..188bf438e1 --- /dev/null +++ b/data-prepper-plugins/http-source/src/main/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactory.java @@ -0,0 +1,33 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package com.amazon.dataprepper.plugins.source.loghttp.certificate; + +import com.amazon.dataprepper.plugins.certificate.CertificateProvider; +import com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider; +import com.amazon.dataprepper.plugins.source.loghttp.HTTPSourceConfig; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class CertificateProviderFactory { + private static final Logger LOG = LoggerFactory.getLogger(CertificateProviderFactory.class); + + final HTTPSourceConfig httpSourceConfig; + public CertificateProviderFactory(final HTTPSourceConfig httpSourceConfig) { + this.httpSourceConfig = httpSourceConfig; + } + + public CertificateProvider getCertificateProvider() { + // TODO: support more certificate providers + LOG.info("Using local file system to get certificate and private key for SSL/TLS."); + return new FileCertificateProvider(httpSourceConfig.getSslCertificateFile(), httpSourceConfig.getSslKeyFile()); + } +} diff --git a/data-prepper-plugins/http-source/src/main/resources/test_cert.crt b/data-prepper-plugins/http-source/src/main/resources/test_cert.crt new file mode 100644 index 0000000000..26c78d1411 --- /dev/null +++ b/data-prepper-plugins/http-source/src/main/resources/test_cert.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAYYCCQD4hqYeYDQZADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCVFgxDzANBgNVBAcMBkF1c3RpbjEPMA0GA1UECgwGQW1hem9u +MRQwEgYDVQQLDAtEYXRhcHJlcHBlcjAgFw0yMTA2MjUxOTIzMTBaGA8yMTIxMDYw +MTE5MjMxMFowUjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZB +dXN0aW4xDzANBgNVBAoMBkFtYXpvbjEUMBIGA1UECwwLRGF0YXByZXBwZXIwgZ8w +DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrb3YhdKbQ5PtLHall10iLZC9ZdDVrq +HOvqVSM8NHlL8f82gJ3l0n9k7hYc5eKisutaS9eDTmJ+Dnn8xn/qPSKTIq9Wh+OZ +O+e9YEEpI/G4F9KpGULgMyRg9sJK0GlZdEt9o5GJNJIJUkptJU5eiLuE0IV+jyJo +Nvm8OE6EJPqxAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAjgnX5n/Tt7eo9uakIGAb +uBhvYdR8JqKXqF9rjFJ/MIK7FdQSF/gCdjnvBhzLlZFK/Nb6MGKoSKm5Lcr75LgC +FyhIwp3WlqQksiMFnOypYVY71vqDgj6UKdMaOBgthsYhngj8lC+wsVzWqQvkJ2Qg +/GAIzJwiZfXiaevQHRk79qI= +-----END CERTIFICATE----- diff --git a/data-prepper-plugins/http-source/src/main/resources/test_decrypted_key.key b/data-prepper-plugins/http-source/src/main/resources/test_decrypted_key.key new file mode 100644 index 0000000000..479b877131 --- /dev/null +++ b/data-prepper-plugins/http-source/src/main/resources/test_decrypted_key.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQCq292IXSm0OT7Sx2pZddIi2QvWXQ1a6hzr6lUjPDR5S/H/NoCd +5dJ/ZO4WHOXiorLrWkvXg05ifg55/MZ/6j0ikyKvVofjmTvnvWBBKSPxuBfSqRlC +4DMkYPbCStBpWXRLfaORiTSSCVJKbSVOXoi7hNCFfo8iaDb5vDhOhCT6sQIDAQAB +AoGANrrhFqpJDpr7vcb1ER0Fp/YArbT27zVo+EUC6puBb41dQlQyFOImcHpjLaAq +H1PgnjU5cBp2hGQ+vOK0rwrYc/HNl6vfh6N3NbDptMiuoBafRJA9JzYourAM09BU +zmXyr61Yn3KHzx1PRwWe37icX93oXP3P0qHb3dI1ZF4jG0ECQQDU5N/a7ogoz2zn +ZssD6FvUOUQDsdBWdXmhUvg+YdZrV44e4xk+FVzwEONoRktEYKz9MFXlsgNHr445 +KRguHWcJAkEAzXQkwOkN8WID1wrwoobUIMbZSGAZzofwkKXgTTnllnT1qOQXuRbS +aCMejFEymBBef4aXP6N4+va2FKW/MF34aQJAO2oMl1sOoOUSrZngepy0VAwPUUCk +thxe74jqQu6nGpn6zd/vQYZQw6bS8Fz90H1yic6dilcd1znFZWp0lxoZkQJBALeI +xoBycRsuFQIYasi1q3AwUtBd0Q/3zkZZeBtk2hzjFMUwJaUZpxKSNOrialD/ZnuD +jz+xWBTRKe0d98JMX+kCQCmsJEj/HYQAC1GamZ7JQWogRSRF2KTgTWRaDXDxy0d4 +yUQgwHB+HZLFcbi1JEK6eIixCsX8iifrrkteh+1npJ0= +-----END RSA PRIVATE KEY----- diff --git a/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfigTest.java b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfigTest.java index 6f0190e6c0..7ec02ed4f8 100644 --- a/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfigTest.java +++ b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceConfigTest.java @@ -18,6 +18,9 @@ import java.util.Map; import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.junit.Assert.assertNull; import static org.junit.Assert.assertThrows; public class HTTPSourceConfigTest { @@ -27,6 +30,8 @@ public class HTTPSourceConfigTest { private static final int TEST_THREAD_COUNT = 888; private static final int TEST_MAX_CONNECTION_COUNT = 999; private static final int TEST_MAX_PENDING_REQUESTS = 666; + private final String TEST_SSL_CERTIFICATE_FILE = getClass().getClassLoader().getResource("test_cert.crt").getFile(); + private final String TEST_SSL_KEY_FILE = getClass().getClassLoader().getResource("test_decrypted_key.key").getFile(); @Test public void testDefault() { @@ -43,14 +48,18 @@ public void testDefault() { } @Test - public void testValidConfig() { + public void testValidConfigSSLDisabled() { // Prepare final PluginSetting pluginSetting = completePluginSettingForLogHTTPSource( TEST_PORT, TEST_REQUEST_TIMEOUT_MS, TEST_THREAD_COUNT, TEST_MAX_CONNECTION_COUNT, - TEST_MAX_PENDING_REQUESTS + TEST_MAX_PENDING_REQUESTS, + false, + null, + null, + null ); final HTTPSourceConfig sourceConfig = HTTPSourceConfig.buildConfig(pluginSetting); @@ -60,6 +69,38 @@ public void testValidConfig() { assertEquals(TEST_THREAD_COUNT, sourceConfig.getThreadCount()); assertEquals(TEST_MAX_CONNECTION_COUNT, sourceConfig.getMaxConnectionCount()); assertEquals(TEST_MAX_PENDING_REQUESTS, sourceConfig.getMaxPendingRequests()); + assertFalse(sourceConfig.isSsl()); + assertNull(sourceConfig.getSslCertificateFile()); + assertNull(sourceConfig.getSslKeyFile()); + assertNull(sourceConfig.getSslKeyPassword()); + } + + @Test + public void testValidConfigSSLEnabled() { + // Prepare + final PluginSetting pluginSetting = completePluginSettingForLogHTTPSource( + TEST_PORT, + TEST_REQUEST_TIMEOUT_MS, + TEST_THREAD_COUNT, + TEST_MAX_CONNECTION_COUNT, + TEST_MAX_PENDING_REQUESTS, + true, + TEST_SSL_CERTIFICATE_FILE, + TEST_SSL_KEY_FILE, + null + ); + final HTTPSourceConfig sourceConfig = HTTPSourceConfig.buildConfig(pluginSetting); + + // When/Then + assertEquals(TEST_PORT, sourceConfig.getPort()); + assertEquals(TEST_REQUEST_TIMEOUT_MS, sourceConfig.getRequestTimeoutInMillis()); + assertEquals(TEST_THREAD_COUNT, sourceConfig.getThreadCount()); + assertEquals(TEST_MAX_CONNECTION_COUNT, sourceConfig.getMaxConnectionCount()); + assertEquals(TEST_MAX_PENDING_REQUESTS, sourceConfig.getMaxPendingRequests()); + assertTrue(sourceConfig.isSsl()); + assertEquals(TEST_SSL_CERTIFICATE_FILE, sourceConfig.getSslCertificateFile()); + assertEquals(TEST_SSL_KEY_FILE, sourceConfig.getSslKeyFile()); + assertNull(sourceConfig.getSslKeyPassword()); } @Test @@ -69,7 +110,11 @@ public void testInvalidPort() { TEST_REQUEST_TIMEOUT_MS, TEST_THREAD_COUNT, TEST_MAX_CONNECTION_COUNT, - TEST_MAX_PENDING_REQUESTS + TEST_MAX_PENDING_REQUESTS, + false, + null, + null, + null ); assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); } @@ -81,7 +126,11 @@ public void testInvalidRequestTimeout() { -1, TEST_THREAD_COUNT, TEST_MAX_CONNECTION_COUNT, - TEST_MAX_PENDING_REQUESTS + TEST_MAX_PENDING_REQUESTS, + false, + null, + null, + null ); assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); } @@ -93,7 +142,11 @@ public void testInvalidThreadCount() { TEST_REQUEST_TIMEOUT_MS, 0, TEST_MAX_CONNECTION_COUNT, - TEST_MAX_PENDING_REQUESTS + TEST_MAX_PENDING_REQUESTS, + false, + null, + null, + null ); assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); } @@ -105,7 +158,11 @@ public void testInvalidMaxConnectionCount() { TEST_REQUEST_TIMEOUT_MS, TEST_THREAD_COUNT, 0, - TEST_MAX_PENDING_REQUESTS + TEST_MAX_PENDING_REQUESTS, + false, + null, + null, + null ); assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); } @@ -117,7 +174,43 @@ public void testInvalidMaxPendingRequests() { TEST_REQUEST_TIMEOUT_MS, TEST_THREAD_COUNT, TEST_MAX_CONNECTION_COUNT, - 0 + 0, + false, + null, + null, + null + ); + assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); + } + + @Test + public void testInvalidSslCert() { + final PluginSetting invalidPluginSetting = completePluginSettingForLogHTTPSource( + TEST_PORT, + TEST_REQUEST_TIMEOUT_MS, + TEST_THREAD_COUNT, + TEST_MAX_CONNECTION_COUNT, + 0, + true, + "invalid path", + TEST_SSL_KEY_FILE, + null + ); + assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); + } + + @Test + public void testInvalidSslKey() { + final PluginSetting invalidPluginSetting = completePluginSettingForLogHTTPSource( + TEST_PORT, + TEST_REQUEST_TIMEOUT_MS, + TEST_THREAD_COUNT, + TEST_MAX_CONNECTION_COUNT, + 0, + true, + TEST_SSL_CERTIFICATE_FILE, + "invalid path", + null ); assertThrows(IllegalArgumentException.class, () -> HTTPSourceConfig.buildConfig(invalidPluginSetting)); } @@ -126,14 +219,21 @@ private PluginSetting completePluginSettingForLogHTTPSource(final int port, final int requestTimeoutInMillis, final int threadCount, final int maxConnectionCount, - final int maxPendingRequests) { + final int maxPendingRequests, + final boolean ssl, + final String sslCertificateFile, + final String sslKeyFile, + final String sslKeyPassword) { final Map settings = new HashMap<>(); - // TODO: add parameters on tls/ssl settings.put(HTTPSourceConfig.PORT, port); settings.put(HTTPSourceConfig.REQUEST_TIMEOUT, requestTimeoutInMillis); settings.put(HTTPSourceConfig.THREAD_COUNT, threadCount); settings.put(HTTPSourceConfig.MAX_CONNECTION_COUNT, maxConnectionCount); settings.put(HTTPSourceConfig.MAX_PENDING_REQUESTS, maxPendingRequests); + settings.put(HTTPSourceConfig.SSL, ssl); + settings.put(HTTPSourceConfig.SSL_CERTIFICATE_FILE, sslCertificateFile); + settings.put(HTTPSourceConfig.SSL_KEY_FILE, sslKeyFile); + settings.put(HTTPSourceConfig.SSL_KEY_PASSWORD, sslKeyPassword); return new PluginSetting(PLUGIN_NAME, settings); } } \ No newline at end of file diff --git a/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceTest.java b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceTest.java index 9ec7965731..292c645397 100644 --- a/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceTest.java +++ b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/HTTPSourceTest.java @@ -15,6 +15,7 @@ import com.amazon.dataprepper.model.record.Record; import com.amazon.dataprepper.plugins.buffer.blockingbuffer.BlockingBuffer; import com.linecorp.armeria.client.ResponseTimeoutException; +import com.linecorp.armeria.client.ClientFactory; import com.linecorp.armeria.client.WebClient; import com.linecorp.armeria.common.HttpData; import com.linecorp.armeria.common.HttpMethod; @@ -24,16 +25,23 @@ import com.linecorp.armeria.common.SessionProtocol; import com.linecorp.armeria.server.Server; import com.linecorp.armeria.server.ServerBuilder; +import org.apache.commons.io.IOUtils; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.Assertions; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; +import org.mockito.ArgumentCaptor; import org.mockito.Mock; import org.mockito.MockedStatic; import org.mockito.Mockito; import org.mockito.junit.jupiter.MockitoExtension; +import java.io.IOException; +import java.io.InputStream; +import java.nio.charset.StandardCharsets; +import java.nio.file.Files; +import java.nio.file.Path; import java.util.Collections; import java.util.HashMap; import java.util.Map; @@ -45,10 +53,13 @@ import static org.mockito.ArgumentMatchers.any; import static org.mockito.ArgumentMatchers.anyInt; import static org.mockito.Mockito.lenient; +import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; @ExtendWith(MockitoExtension.class) class HTTPSourceTest { + private final String TEST_SSL_CERTIFICATE_FILE = getClass().getClassLoader().getResource("test_cert.crt").getFile(); + private final String TEST_SSL_KEY_FILE = getClass().getClassLoader().getResource("test_decrypted_key.key").getFile(); @Mock private ServerBuilder serverBuilder; @@ -74,6 +85,7 @@ private BlockingBuffer> getBuffer() { public void setUp() { lenient().when(serverBuilder.annotatedService(any())).thenReturn(serverBuilder); lenient().when(serverBuilder.http(anyInt())).thenReturn(serverBuilder); + lenient().when(serverBuilder.https(anyInt())).thenReturn(serverBuilder); lenient().when(serverBuilder.build()).thenReturn(server); lenient().when(server.start()).thenReturn(completableFuture); @@ -130,7 +142,7 @@ public void testHTTPJsonResponse429() throws InterruptedException { // Fill in the buffer WebClient.of().execute(testRequestHeaders, testHttpData).aggregate().whenComplete( - (response, ex) -> assertThat(response.status()).isEqualTo(HttpStatus.OK)).join(); + (response, ex) -> assertThat(response.status()).isEqualTo(HttpStatus.OK)).join(); // Send requests to throttle the server when buffer is full // Set the client timeout to be less than source serverTimeoutInMillis / (testMaxPendingRequests + testThreadCount) @@ -143,7 +155,7 @@ public void testHTTPJsonResponse429() throws InterruptedException { // When/Then testWebClient.execute(testRequestHeaders, testHttpData).aggregate().whenComplete( - (response, ex) -> assertThat(response.status()).isEqualTo(HttpStatus.TOO_MANY_REQUESTS)).join(); + (response, ex) -> assertThat(response.status()).isEqualTo(HttpStatus.TOO_MANY_REQUESTS)).join(); // Wait until source server timeout a request processing thread Thread.sleep(serverTimeoutInMillis); // New request should timeout instead of being rejected @@ -152,6 +164,65 @@ public void testHTTPJsonResponse429() throws InterruptedException { assertThat(actualException.getCause()).isInstanceOf(ResponseTimeoutException.class); } + @Test + public void testServerStartCertFileSuccess() throws IOException { + try (MockedStatic armeriaServerMock = Mockito.mockStatic(Server.class)) { + armeriaServerMock.when(Server::builder).thenReturn(serverBuilder); + when(server.stop()).thenReturn(completableFuture); + + final Path certFilePath = Path.of(TEST_SSL_CERTIFICATE_FILE); + final Path keyFilePath = Path.of(TEST_SSL_KEY_FILE); + final String certAsString = Files.readString(certFilePath); + final String keyAsString = Files.readString(keyFilePath); + + final Map settingsMap = new HashMap<>(); + settingsMap.put(HTTPSourceConfig.SSL, true); + settingsMap.put(HTTPSourceConfig.SSL_CERTIFICATE_FILE, TEST_SSL_CERTIFICATE_FILE); + settingsMap.put(HTTPSourceConfig.SSL_KEY_FILE, TEST_SSL_KEY_FILE); + + testPluginSetting = new PluginSetting(null, settingsMap); + testPluginSetting.setPipelineName("pipeline"); + HTTPSourceUnderTest = new HTTPSource(testPluginSetting); + HTTPSourceUnderTest.start(testBuffer); + HTTPSourceUnderTest.stop(); + + final ArgumentCaptor certificateIs = ArgumentCaptor.forClass(InputStream.class); + final ArgumentCaptor privateKeyIs = ArgumentCaptor.forClass(InputStream.class); + verify(serverBuilder).tls(certificateIs.capture(), privateKeyIs.capture()); + final String actualCertificate = IOUtils.toString(certificateIs.getValue(), StandardCharsets.UTF_8.name()); + final String actualPrivateKey = IOUtils.toString(privateKeyIs.getValue(), StandardCharsets.UTF_8.name()); + assertThat(actualCertificate).isEqualTo(certAsString); + assertThat(actualPrivateKey).isEqualTo(keyAsString); + } + } + + @Test + void testHTTPSJsonResponse() { + + final Map settingsMap = new HashMap<>(); + settingsMap.put(HTTPSourceConfig.REQUEST_TIMEOUT, 200); + settingsMap.put(HTTPSourceConfig.SSL, true); + settingsMap.put(HTTPSourceConfig.SSL_CERTIFICATE_FILE, TEST_SSL_CERTIFICATE_FILE); + settingsMap.put(HTTPSourceConfig.SSL_KEY_FILE, TEST_SSL_KEY_FILE); + testPluginSetting = new PluginSetting("http", settingsMap); + testPluginSetting.setPipelineName("pipeline"); + HTTPSourceUnderTest = new HTTPSource(testPluginSetting); + + testBuffer = getBuffer(); + HTTPSourceUnderTest.start(testBuffer); + + WebClient.builder().factory(ClientFactory.insecure()).build().execute(RequestHeaders.builder() + .scheme(SessionProtocol.HTTPS) + .authority("127.0.0.1:2021") + .method(HttpMethod.POST) + .path("/log/ingest") + .contentType(MediaType.JSON_UTF_8) + .build(), + HttpData.ofUtf8("[{\"log\": \"somelog\"}]")) + .aggregate() + .whenComplete((i, ex) -> assertThat(i.status().code()).isEqualTo(200)).join(); + } + @Test public void testDoubleStart() { // starting server diff --git a/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactoryTest.java b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactoryTest.java new file mode 100644 index 0000000000..81188ac97b --- /dev/null +++ b/data-prepper-plugins/http-source/src/test/java/com/amazon/dataprepper/plugins/source/loghttp/certificate/CertificateProviderFactoryTest.java @@ -0,0 +1,46 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package com.amazon.dataprepper.plugins.source.loghttp.certificate; + +import com.amazon.dataprepper.model.configuration.PluginSetting; +import com.amazon.dataprepper.plugins.certificate.CertificateProvider; +import com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider; +import com.amazon.dataprepper.plugins.source.loghttp.HTTPSourceConfig; +import org.hamcrest.core.IsInstanceOf; +import org.junit.jupiter.api.Test; + +import java.util.HashMap; +import java.util.Map; + +import static org.hamcrest.MatcherAssert.assertThat; + +class CertificateProviderFactoryTest { + private final String TEST_SSL_CERTIFICATE_FILE = getClass().getClassLoader().getResource("test_cert.crt").getFile(); + private final String TEST_SSL_KEY_FILE = getClass().getClassLoader().getResource("test_decrypted_key.key").getFile(); + + @Test + public void getFileCertificateProviderSuccess() { + final Map settingsMap = new HashMap<>(); + settingsMap.put("ssl", true); + settingsMap.put("ssl_certificate_file", TEST_SSL_CERTIFICATE_FILE); + settingsMap.put("ssl_key_file", TEST_SSL_KEY_FILE); + + final PluginSetting pluginSetting = new PluginSetting(null, settingsMap); + pluginSetting.setPipelineName("pipeline"); + final HTTPSourceConfig sourceConfig = HTTPSourceConfig.buildConfig(pluginSetting); + + final CertificateProviderFactory certificateProviderFactory = new CertificateProviderFactory(sourceConfig); + final CertificateProvider certificateProvider = certificateProviderFactory.getCertificateProvider(); + + assertThat(certificateProvider, IsInstanceOf.instanceOf(FileCertificateProvider.class)); + } +} \ No newline at end of file diff --git a/data-prepper-plugins/http-source/src/test/resources/test_cert.crt b/data-prepper-plugins/http-source/src/test/resources/test_cert.crt new file mode 100644 index 0000000000..26c78d1411 --- /dev/null +++ b/data-prepper-plugins/http-source/src/test/resources/test_cert.crt @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAYYCCQD4hqYeYDQZADANBgkqhkiG9w0BAQUFADBSMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCVFgxDzANBgNVBAcMBkF1c3RpbjEPMA0GA1UECgwGQW1hem9u +MRQwEgYDVQQLDAtEYXRhcHJlcHBlcjAgFw0yMTA2MjUxOTIzMTBaGA8yMTIxMDYw +MTE5MjMxMFowUjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAlRYMQ8wDQYDVQQHDAZB +dXN0aW4xDzANBgNVBAoMBkFtYXpvbjEUMBIGA1UECwwLRGF0YXByZXBwZXIwgZ8w +DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrb3YhdKbQ5PtLHall10iLZC9ZdDVrq +HOvqVSM8NHlL8f82gJ3l0n9k7hYc5eKisutaS9eDTmJ+Dnn8xn/qPSKTIq9Wh+OZ +O+e9YEEpI/G4F9KpGULgMyRg9sJK0GlZdEt9o5GJNJIJUkptJU5eiLuE0IV+jyJo +Nvm8OE6EJPqxAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAjgnX5n/Tt7eo9uakIGAb +uBhvYdR8JqKXqF9rjFJ/MIK7FdQSF/gCdjnvBhzLlZFK/Nb6MGKoSKm5Lcr75LgC +FyhIwp3WlqQksiMFnOypYVY71vqDgj6UKdMaOBgthsYhngj8lC+wsVzWqQvkJ2Qg +/GAIzJwiZfXiaevQHRk79qI= +-----END CERTIFICATE----- diff --git a/data-prepper-plugins/http-source/src/test/resources/test_decrypted_key.key b/data-prepper-plugins/http-source/src/test/resources/test_decrypted_key.key new file mode 100644 index 0000000000..479b877131 --- /dev/null +++ b/data-prepper-plugins/http-source/src/test/resources/test_decrypted_key.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQCq292IXSm0OT7Sx2pZddIi2QvWXQ1a6hzr6lUjPDR5S/H/NoCd +5dJ/ZO4WHOXiorLrWkvXg05ifg55/MZ/6j0ikyKvVofjmTvnvWBBKSPxuBfSqRlC +4DMkYPbCStBpWXRLfaORiTSSCVJKbSVOXoi7hNCFfo8iaDb5vDhOhCT6sQIDAQAB +AoGANrrhFqpJDpr7vcb1ER0Fp/YArbT27zVo+EUC6puBb41dQlQyFOImcHpjLaAq +H1PgnjU5cBp2hGQ+vOK0rwrYc/HNl6vfh6N3NbDptMiuoBafRJA9JzYourAM09BU +zmXyr61Yn3KHzx1PRwWe37icX93oXP3P0qHb3dI1ZF4jG0ECQQDU5N/a7ogoz2zn +ZssD6FvUOUQDsdBWdXmhUvg+YdZrV44e4xk+FVzwEONoRktEYKz9MFXlsgNHr445 +KRguHWcJAkEAzXQkwOkN8WID1wrwoobUIMbZSGAZzofwkKXgTTnllnT1qOQXuRbS +aCMejFEymBBef4aXP6N4+va2FKW/MF34aQJAO2oMl1sOoOUSrZngepy0VAwPUUCk +thxe74jqQu6nGpn6zd/vQYZQw6bS8Fz90H1yic6dilcd1znFZWp0lxoZkQJBALeI +xoBycRsuFQIYasi1q3AwUtBd0Q/3zkZZeBtk2hzjFMUwJaUZpxKSNOrialD/ZnuD +jz+xWBTRKe0d98JMX+kCQCmsJEj/HYQAC1GamZ7JQWogRSRF2KTgTWRaDXDxy0d4 +yUQgwHB+HZLFcbi1JEK6eIixCsX8iifrrkteh+1npJ0= +-----END RSA PRIVATE KEY----- diff --git a/data-prepper-plugins/opensearch/build.gradle b/data-prepper-plugins/opensearch/build.gradle index 558e0cec4b..d7f444976a 100644 --- a/data-prepper-plugins/opensearch/build.gradle +++ b/data-prepper-plugins/opensearch/build.gradle @@ -83,8 +83,10 @@ configurations.all { force 'com.fasterxml.jackson.core:jackson-core:2.12.5' force 'com.fasterxml.jackson:jackson-bom:2.12.5' force 'com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.12.5' + force 'commons-codec:commons-codec:1.15' force 'commons-logging:commons-logging:1.2' force 'org.apache.httpcomponents:httpclient:4.5.13' + force 'org.apache.httpcomponents:httpcore:4.4.13' force "org.hdrhistogram:HdrHistogram:2.1.12" force 'joda-time:joda-time:2.10.10' force 'org.yaml:snakeyaml:1.29' diff --git a/data-prepper-plugins/otel-trace-source/build.gradle b/data-prepper-plugins/otel-trace-source/build.gradle index 9e410c7a95..bb7fca50c9 100644 --- a/data-prepper-plugins/otel-trace-source/build.gradle +++ b/data-prepper-plugins/otel-trace-source/build.gradle @@ -15,6 +15,7 @@ plugins { dependencies { implementation project(':data-prepper-api') + implementation project(':data-prepper-plugins:common') implementation project(':data-prepper-plugins:blocking-buffer') implementation 'commons-codec:commons-codec:1.15' testImplementation project(':data-prepper-api').sourceSets.test.output diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSource.java b/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSource.java index cffa932317..a834a8974e 100644 --- a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSource.java +++ b/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSource.java @@ -19,7 +19,7 @@ import com.amazon.dataprepper.model.record.Record; import com.amazon.dataprepper.model.source.Source; import com.amazon.dataprepper.plugins.certificate.CertificateProvider; -import com.amazon.dataprepper.plugins.certificate.CertificateProviderFactory; +import com.amazon.dataprepper.plugins.source.oteltrace.certificate.CertificateProviderFactory; import com.amazon.dataprepper.plugins.certificate.model.Certificate; import com.amazon.dataprepper.plugins.health.HealthGrpcService; import com.linecorp.armeria.server.Server; diff --git a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactory.java b/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactory.java similarity index 87% rename from data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactory.java rename to data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactory.java index 4c3237cf48..c307c40eb4 100644 --- a/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactory.java +++ b/data-prepper-plugins/otel-trace-source/src/main/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactory.java @@ -1,5 +1,17 @@ -package com.amazon.dataprepper.plugins.certificate; +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ +package com.amazon.dataprepper.plugins.source.oteltrace.certificate; + +import com.amazon.dataprepper.plugins.certificate.CertificateProvider; import com.amazon.dataprepper.plugins.certificate.acm.ACMCertificateProvider; import com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider; import com.amazon.dataprepper.plugins.certificate.s3.S3CertificateProvider; diff --git a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSourceTest.java b/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSourceTest.java index cdfdba46f5..c7cd2a6e1f 100644 --- a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSourceTest.java +++ b/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/OTelTraceSourceTest.java @@ -15,7 +15,7 @@ import com.amazon.dataprepper.model.record.Record; import com.amazon.dataprepper.plugins.buffer.blockingbuffer.BlockingBuffer; import com.amazon.dataprepper.plugins.certificate.CertificateProvider; -import com.amazon.dataprepper.plugins.certificate.CertificateProviderFactory; +import com.amazon.dataprepper.plugins.source.oteltrace.certificate.CertificateProviderFactory; import com.amazon.dataprepper.plugins.certificate.model.Certificate; import com.amazon.dataprepper.plugins.health.HealthGrpcService; import com.google.protobuf.InvalidProtocolBufferException; diff --git a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactoryTest.java b/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactoryTest.java similarity index 89% rename from data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactoryTest.java rename to data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactoryTest.java index 634dad17e9..a9b7bf67fe 100644 --- a/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/certificate/CertificateProviderFactoryTest.java +++ b/data-prepper-plugins/otel-trace-source/src/test/java/com/amazon/dataprepper/plugins/source/oteltrace/certificate/CertificateProviderFactoryTest.java @@ -1,6 +1,18 @@ -package com.amazon.dataprepper.plugins.certificate; +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +package com.amazon.dataprepper.plugins.source.oteltrace.certificate; import com.amazon.dataprepper.model.configuration.PluginSetting; +import com.amazon.dataprepper.plugins.certificate.CertificateProvider; import com.amazon.dataprepper.plugins.certificate.acm.ACMCertificateProvider; import com.amazon.dataprepper.plugins.certificate.file.FileCertificateProvider; import com.amazon.dataprepper.plugins.certificate.s3.S3CertificateProvider;