WIP

Author: artem-v

services-api/src/main/java/io/scalecube/services/auth/ServiceRolesProcessor.java

@@ -3,7 +3,16 @@
 import io.scalecube.services.methods.ServiceRoleDefinition;
 import java.util.Collection;
 
+/**
+ * Handler for processing of service roles which come out of registered services. Used as
+ * post-construction step in bootstraping of services.
+ */
 public interface ServiceRolesProcessor {
 
-  void process(Collection<ServiceRoleDefinition> serviceRoles);
+  /**
+   * Function that does processing of service roles.
+   *
+   * @param values collection {@link ServiceRoleDefinition} objects
+   */
+  void process(Collection<ServiceRoleDefinition> values);
 }

services-discovery/pom.xml

@@ -14,12 +14,12 @@
   <dependencies>
     <dependency>
       <groupId>io.scalecube</groupId>
-      <artifactId>scalecube-cluster</artifactId>
+      <artifactId>scalecube-services-api</artifactId>
+      <version>${project.version}</version>
     </dependency>
     <dependency>
       <groupId>io.scalecube</groupId>
-      <artifactId>scalecube-services-api</artifactId>
-      <version>${project.version}</version>
+      <artifactId>scalecube-cluster</artifactId>
     </dependency>
     <!-- Tests -->
     <dependency>

services-security/pom.xml

@@ -15,10 +15,9 @@
   <dependencies>
     <dependency>
       <groupId>io.scalecube</groupId>
-      <artifactId>scalecube-services</artifactId>
+      <artifactId>scalecube-services-api</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <!-- Other -->
     <dependency>
       <groupId>io.scalecube</groupId>
       <artifactId>scalecube-security-tokens</artifactId>

services-security/src/main/java/io/scalecube/services/security/VaultServiceRolesProcessor.java

@@ -0,0 +1,66 @@
+package io.scalecube.services.security;
+
+import io.scalecube.security.vault.VaultServiceRolesInstaller;
+import io.scalecube.security.vault.VaultServiceRolesInstaller.ServiceRoles;
+import io.scalecube.security.vault.VaultServiceRolesInstaller.ServiceRoles.Role;
+import io.scalecube.services.auth.ServiceRolesProcessor;
+import io.scalecube.services.methods.ServiceRoleDefinition;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+import java.util.concurrent.CompletableFuture;
+import java.util.function.Function;
+import java.util.function.Supplier;
+
+public class VaultServiceRolesProcessor implements ServiceRolesProcessor {
+
+  private final String vaultAddress;
+  private final Supplier<CompletableFuture<String>> vaultTokenSupplier;
+  private final Supplier<String> keyNameSupplier;
+  private final Function<String, String> roleNameBuilder;
+
+  /**
+   * Constructor.
+   *
+   * @param vaultAddress vaultAddress
+   * @param vaultTokenSupplier vaultTokenSupplier
+   * @param keyNameSupplier keyNameSupplier
+   * @param roleNameBuilder roleNameBuilder
+   */
+  public VaultServiceRolesProcessor(
+      String vaultAddress,
+      Supplier<CompletableFuture<String>> vaultTokenSupplier,
+      Supplier<String> keyNameSupplier,
+      Function<String, String> roleNameBuilder) {
+    this.vaultAddress = vaultAddress;
+    this.vaultTokenSupplier = vaultTokenSupplier;
+    this.keyNameSupplier = keyNameSupplier;
+    this.roleNameBuilder = roleNameBuilder;
+  }
+
+  @Override
+  public void process(Collection<ServiceRoleDefinition> values) {
+    new VaultServiceRolesInstaller.Builder()
+        .vaultAddress(vaultAddress)
+        .vaultTokenSupplier(vaultTokenSupplier)
+        .serviceRolesSources(List.of(() -> toServiceRoles(values)))
+        .keyNameSupplier(keyNameSupplier)
+        .roleNameBuilder(roleNameBuilder)
+        .build()
+        .install();
+  }
+
+  private static ServiceRoles toServiceRoles(Collection<ServiceRoleDefinition> values) {
+    return new ServiceRoles()
+        .roles(
+            values.stream()
+                .map(
+                    roleDefinition -> {
+                      final var role = new Role();
+                      role.role(roleDefinition.role());
+                      role.permissions(new ArrayList<>(roleDefinition.permissions()));
+                      return role;
+                    })
+                .toList());
+  }
+}