Include proxy_options into oauth_provider type

MarcialRosales · MarcialRosales · commit 9b946c95f7a3 · 2024-11-29T12:07:26.000+01:00
diff --git a/deps/oauth2_client/src/oauth2_client.erl b/deps/oauth2_client/src/oauth2_client.erl
@@ -305,7 +305,7 @@ ensure_oauth_provider_has_attributes(OAuthProvider, ListOfRequiredAttributes) ->
 
 get_root_oauth_provider(ListOfRequiredAttributes) ->
     OAuthProvider = lookup_root_oauth_provider(),
-    rabbit_log:debug("Using root oauth_provider ~p", 
+    ct:log("Using root oauth_provider ~p", 
         [format_oauth_provider(OAuthProvider)]),
     case find_missing_attributes(OAuthProvider, ListOfRequiredAttributes) of
         [] ->
@@ -397,9 +397,32 @@ lookup_root_oauth_provider() ->
         token_endpoint = get_env(token_endpoint),
         authorization_endpoint = get_env(authorization_endpoint),
         end_session_endpoint = get_env(end_session_endpoint),
-        ssl_options = extract_ssl_options_as_list(Map)
+        ssl_options = extract_ssl_options_as_list(Map),
+        proxy_options = extract_proxy_options(Map)
     }.
 
+-spec extract_proxy_options(#{atom() => any()}|list()) -> proxy_options().
+extract_proxy_options(List) when is_list(List) ->
+    case proplists:get_value(proxy, List, undefined) of 
+        undefined -> undefined;
+        URL -> 
+            #proxy_options{
+                proxy = URL,
+                username = proplists:get_value(proxy_username, List, undefined),
+                password = proplists:get_value(proxy_password, List, undefined)
+            }
+    end;
+extract_proxy_options(Map) ->
+    case maps:get(proxy, Map, undefined) of
+        undefined -> undefined;
+        URL -> 
+            #proxy_options{
+                proxy = URL,
+                username = maps:get(proxy_username, Map, undefined),
+                password = maps:get(proxy_password, Map, undefined)
+            }
+    end.
+
 -spec extract_ssl_options_as_list(#{atom() => any()}) -> proplists:proplist().
 extract_ssl_options_as_list(Map) ->
     {Verify, CaCerts, CaCertFile} = case get_verify_or_peer_verification(Map, verify_peer) of
@@ -591,7 +614,9 @@ map_to_oauth_provider(PropList) when is_list(PropList) ->
             proplists:get_value(jwks_uri, PropList, undefined),
         ssl_options = 
             extract_ssl_options_as_list(maps:from_list(
-                proplists:get_value(https, PropList, [])))
+                proplists:get_value(https, PropList, []))),
+        proxy_options = 
+            extract_proxy_options(PropList)
     }.
 map_to_access_token_response(Code, Reason, Headers, Body) ->
     case decode_body(proplists:get_value("content-type", Headers, ?CONTENT_JSON), Body) of
@@ -629,6 +654,17 @@ format_ssl_options(TlsOptions) ->
         proplists:get_value(cacertfile, TlsOptions),
         CaCertsCount])).
 
+-spec format_proxy_options(proxy_options()) -> string().
+format_proxy_options(undefined) ->
+    lists:flatten(io_lib:format("{no proxy}", []));
+
+format_proxy_options(ProxyOptions) ->
+    lists:flatten(io_lib:format("{proxy: ~p, username: ~p, " ++
+        "password: ~p }", [
+        ProxyOptions#proxy_options.proxy,
+        ProxyOptions#proxy_options.username,
+        ProxyOptions#proxy_options.password])).
+
 format_oauth_provider_id(root) -> "<from keyconfig>";
 format_oauth_provider_id(Id) -> binary_to_list(Id).
 
@@ -637,15 +673,16 @@ format_oauth_provider(OAuthProvider) ->
     lists:flatten(io_lib:format("{id: ~p, issuer: ~p, discovery_endpoint: ~p, " ++
         " token_endpoint: ~p, " ++
         "authorization_endpoint: ~p, end_session_endpoint: ~p, " ++
-        "jwks_uri: ~p, ssl_options: ~p }", [
+        "jwks_uri: ~p, ssl_options: ~p, proxy_options: ~p}", [
         format_oauth_provider_id(OAuthProvider#oauth_provider.id),
         OAuthProvider#oauth_provider.issuer,
         OAuthProvider#oauth_provider.discovery_endpoint,
         OAuthProvider#oauth_provider.token_endpoint,
         OAuthProvider#oauth_provider.authorization_endpoint,
         OAuthProvider#oauth_provider.end_session_endpoint,
         OAuthProvider#oauth_provider.jwks_uri,
-        format_ssl_options(OAuthProvider#oauth_provider.ssl_options)])).
+        format_ssl_options(OAuthProvider#oauth_provider.ssl_options),
+        format_proxy_options(OAuthProvider#oauth_provider.proxy_options)])).
 
 get_env(Par) ->
     application:get_env(rabbitmq_auth_backend_oauth2, Par, undefined).
diff --git a/deps/rabbitmq_auth_backend_oauth2/test/rabbit_oauth2_provider_SUITE.erl b/deps/rabbitmq_auth_backend_oauth2/test/rabbit_oauth2_provider_SUITE.erl
@@ -153,13 +153,21 @@ init_per_group(with_resource_server_id, Config) ->
     Config;
 
 init_per_group(oauth_provider_with_proxy, Config) ->
-    KeyConfig = get_env(key_config, []),
-    set_env(key_config, KeyConfig ++ [
+    Proxy = [
         {proxy, build_url_to_oauth_provider(<<"/">>)},
         {proxy_username, <<"user1">>},
         {proxy_password, <<"pwd1">>}
-    ]),
-    Config;
+    ],
+    case ?config(oauth_provider_id, Config) of 
+        root -> 
+            KeyConfig = get_env(key_config, []),
+            set_env(key_config, KeyConfig ++ Proxy);
+        Id -> 
+            OAuthProviders = get_env(oauth_providers, #{}),
+            OAuthProvider = maps:get(Id, OAuthProviders, []),
+            set_env(oauth_providers, maps:put(Id, Proxy ++ OAuthProvider, OAuthProviders))
+    end,
+    Proxy ++ Config;
 
 init_per_group(with_algorithms, Config) ->
     KeyConfig = get_env(key_config, []),
@@ -203,11 +211,16 @@ end_per_group(with_rabbitmq_node, Config) ->
     rabbit_ct_helpers:run_steps(Config, rabbit_ct_broker_helpers:teardown_steps());
 
 end_per_group(oauth_provider_with_proxy, Config) ->
-    KeyConfig = get_env(key_config, []),    
-    KeyConfig0 = proplists:delete(proxy, KeyConfig),
-    KeyConfig1 = proplists:delete(proxy_username, KeyConfig0),
-    KeyConfig2 = proplists:delete(proxy_password, KeyConfig1),
-    set_env(key_config, KeyConfig2),
+    case ?config(oauth_provider_id, Config) of 
+        root -> 
+            KeyConfig = get_env(key_config, []),    
+            KeyConfig0 = proplists:delete(proxy, KeyConfig),
+            KeyConfig1 = proplists:delete(proxy_username, KeyConfig0),
+            KeyConfig2 = proplists:delete(proxy_password, KeyConfig1),
+            set_env(key_config, KeyConfig2);
+        Id -> 
+            unset_oauth_provider_properties(Id, [proxy, proxy_username, proxy_password])
+    end,
     Config;
 
 end_per_group(with_root_static_signing_keys, Config) ->
@@ -427,15 +440,21 @@ get_oauth_provider_with_jwks_uri_returns_error(Config) ->
 
 get_oauth_provider_has_jwks_uri(Config) ->
     {ok, OAuthProvider} = get_oauth_provider(
-        ?config(oauth_provider_id, Config), [jwks_uri]),
-        ct:log("OAuthProvider: ~p", [OAuthProvider]),
+        ?config(oauth_provider_id, Config), [jwks_uri]),        
     ?assertEqual(?config(jwks_uri, Config), OAuthProvider#oauth_provider.jwks_uri).
 
 get_oauth_provider_has_proxy(Config) ->
     {ok, OAuthProvider} = get_oauth_provider(
-        ?config(oauth_provider_id, Config), [jwks_uri]),
-        ct:log("OAuthProvider: ~p", [OAuthProvider]),
-    ?assertEqual(?config(jwks_uri, Config), OAuthProvider#oauth_provider.jwks_uri).
+        ?config(oauth_provider_id, Config), [jwks_uri]),    
+    ct:log("key_config: ~p",
+        [ application:get_all_env(rabbitmq_auth_backend_oauth2)]),
+
+    ?assertEqual(?config(proxy, Config), 
+        OAuthProvider#oauth_provider.proxy_options#proxy_options.proxy),
+    ?assertEqual(?config(proxy_username, Config), 
+        OAuthProvider#oauth_provider.proxy_options#proxy_options.username),
+    ?assertEqual(?config(proxy_password, Config), 
+        OAuthProvider#oauth_provider.proxy_options#proxy_options.password).
 
 
 %% ---- Utility functions
