env var only config (#823)

* a bunch of config property stuff

* checks for env-var only config

* fix missing test :facepalm

* CR feedback to use preconditions to check args

java/core/src/main/java/co/worklytics/psoxy/gateway/BulkModeConfigProperty.java

@@ -1,9 +1,15 @@
 package co.worklytics.psoxy.gateway;
 
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
 /**
  * configuration properties used to control Proxy behavior in Bulk Mode
  *
  */
+@NoArgsConstructor
+@AllArgsConstructor
 public enum BulkModeConfigProperty implements ConfigService.ConfigProperty {
 
     OUTPUT_BUCKET,
@@ -12,7 +18,7 @@ public enum BulkModeConfigProperty implements ConfigService.ConfigProperty {
      * additional transforms to apply to each input file
      * @see co.worklytics.psoxy.storage.StorageHandler.ObjectTransform
      */
-    ADDITIONAL_TRANSFORMS,
+    ADDITIONAL_TRANSFORMS(false),
 
     /**
      * if provided, this path segment will be removed from keys of input object to produce
@@ -50,4 +56,8 @@ public enum BulkModeConfigProperty implements ConfigService.ConfigProperty {
     COMPRESS_OUTPUT_ALWAYS,
 
     ;
+
+
+    @Getter
+    private boolean envVarOnly = true;
 }

java/core/src/main/java/co/worklytics/psoxy/gateway/ConfigService.java

@@ -33,6 +33,13 @@ interface ConfigProperty extends Serializable {
         default Boolean noCache() {
             return false;
         }
+
+        /**
+         * @return whether this property is limited to being set via environment variables only
+         */
+        default boolean isEnvVarOnly() {
+            return false;
+        }
     }
 
     /**

java/core/src/main/java/co/worklytics/psoxy/gateway/ProxyConfigProperty.java

@@ -1,8 +1,14 @@
 package co.worklytics.psoxy.gateway;
 
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+
 /**
  * config properties that control basic proxy behavior
  */
+@NoArgsConstructor
+@AllArgsConstructor
 public enum ProxyConfigProperty implements ConfigService.ConfigProperty {
 
 
@@ -34,16 +40,17 @@ public enum ProxyConfigProperty implements ConfigService.ConfigProperty {
      */
     PATH_TO_INSTANCE_CONFIG,
 
-    PSOXY_ENCRYPTION_KEY,
-    ENCRYPTION_KEY_IP,
+    PSOXY_ENCRYPTION_KEY(false),
+
+    ENCRYPTION_KEY_IP(false),
 
 
-    @Deprecated //removed from v0.4
+    @Deprecated //removed from v0.5
     IDENTIFIER_SCOPE_ID,
 
 
-    PSOXY_SALT,
-    SALT_IP, // used to salt IP; distinct value so can independently rotate IP salt from primary salt
+    PSOXY_SALT(false),
+    SALT_IP(false), // used to salt IP; distinct value so can independently rotate IP salt from primary salt
 
 
     //see PseudonymImplementation
@@ -59,7 +66,7 @@ public enum ProxyConfigProperty implements ConfigService.ConfigProperty {
     PSEUDONYMIZE_APP_IDS,
 
     // if set, a base64-YAML encoding of rules
-    RULES,
+    RULES(false),
     // for testing - if set, allows for behavior that should only be permitted in development context,
     // such as to skip sanitizer if corresponding header is sent
     IS_DEVELOPMENT_MODE,
@@ -84,4 +91,8 @@ public static class TlsVersions {
         public final static String TLSv1_3 = "TLSv1.3";
         public final  static String[] ALL = {TLSv1_2, TLSv1_3};
     }
+
+
+    @Getter
+    private boolean envVarOnly = true;
 }

java/core/src/main/java/co/worklytics/psoxy/gateway/impl/VaultConfigService.java

@@ -10,6 +10,7 @@
 import com.bettercloud.vault.response.LogicalResponse;
 import com.bettercloud.vault.response.LookupResponse;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.base.Preconditions;
 import dagger.assisted.Assisted;
 import dagger.assisted.AssistedInject;
 import lombok.Getter;
@@ -42,6 +43,9 @@ public enum VaultConfigProperty implements ConfigProperty {
         //base64 encoding of an X.509 certificate in PEM format with UTF-8 encoding
         //VAULT_SSL_CERTIFICATE,
         ;
+
+        @Getter
+        private boolean envVarOnly = true;
     }
 
     //q: vault caters to storing secrets in groups, as a "map" (eg key-value pairs)
@@ -126,13 +130,18 @@ public VaultConfigService init() {
     @SneakyThrows
     @Override
     public void putConfigProperty(ConfigProperty property, String value) {
+        Preconditions.checkArgument(!property.isEnvVarOnly(), "Can't put env-only config property: " + property);
+
         vault.logical()
             .write(path(property), Map.of(VALUE_FIELD, value));
     }
 
     @SneakyThrows
     @Override
     public String getConfigPropertyOrError(ConfigProperty property) {
+        if (property.isEnvVarOnly()) {
+            throw new IllegalArgumentException("Can't get env-only config property: " + property);
+        }
 
         LogicalResponse response = vault.logical()
             .read(path(property));
@@ -148,6 +157,10 @@ public String getConfigPropertyOrError(ConfigProperty property) {
     @SneakyThrows
     @Override
     public Optional<String> getConfigPropertyAsOptional(ConfigProperty property) {
+        if (property.isEnvVarOnly()) {
+            return Optional.empty();
+        }
+
         LogicalResponse response = vault.logical()
             .read(path(property));
 

java/core/src/main/java/co/worklytics/psoxy/gateway/impl/oauth/AccountCredentialsGrantTokenRequestBuilder.java

@@ -52,6 +52,7 @@ public enum ConfigProperty implements ConfigService.ConfigProperty {
         CLIENT_ID,
         // secrets
         CLIENT_SECRET,
+        ;
     }
 
     @Getter(onMethod_ = @Override)

java/core/src/main/java/co/worklytics/psoxy/gateway/impl/oauth/OAuthRefreshTokenSourceAuthStrategy.java

@@ -10,10 +10,7 @@
 import com.google.auth.oauth2.OAuth2CredentialsWithRefresh;
 import com.google.common.annotations.VisibleForTesting;
 import com.google.common.util.concurrent.Uninterruptibles;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import lombok.NonNull;
-import lombok.RequiredArgsConstructor;
+import lombok.*;
 import lombok.extern.java.Log;
 import org.apache.commons.lang3.StringUtils;
 
@@ -72,12 +69,13 @@ public class OAuthRefreshTokenSourceAuthStrategy implements SourceAuthStrategy {
     //q: should we put these as config properties? creates potential for inconsistent configs
     // eg, orphaned config properties for SourceAuthStrategy not in use; missing config properties
     //  expected by this
+    @AllArgsConstructor
     @RequiredArgsConstructor
     public enum ConfigProperty implements ConfigService.ConfigProperty {
-        REFRESH_ENDPOINT(false),
-        CLIENT_ID(false),
-        GRANT_TYPE(false),
-        ACCESS_TOKEN(true),
+        REFRESH_ENDPOINT(false, false),
+        CLIENT_ID(false, false),
+        GRANT_TYPE(false, true),
+        ACCESS_TOKEN(true, false),
 
         /**
          * whether resulting `access_token` should be shared across all instances of connections
@@ -109,6 +107,11 @@ public enum ConfigProperty implements ConfigService.ConfigProperty {
         public Boolean noCache() {
             return noCache;
         }
+
+        ;
+
+        @Getter
+        private boolean envVarOnly = true;
     }
 
     @Inject OAuth2CredentialsWithRefresh.OAuth2RefreshHandler refreshHandler;

java/core/src/test/java/co/worklytics/psoxy/gateway/ProxyConfigPropertyTest.java

@@ -0,0 +1,46 @@
+package co.worklytics.psoxy.gateway;
+
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.ValueSource;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class ProxyConfigPropertyTest {
+
+
+
+    @ValueSource(
+        strings = {
+            "PSOXY_ENCRYPTION_KEY",
+            "ENCRYPTION_KEY_IP",
+            "RULES",
+            "PSOXY_SALT",
+            "SALT_IP",
+        }
+    )
+    @ParameterizedTest
+    public void remoteConfigVars(String paramName) {
+        ProxyConfigProperty property = ProxyConfigProperty.valueOf(paramName);
+        assertNotNull(property);
+        assertFalse(property.isEnvVarOnly());
+    }
+
+    @ValueSource(
+        strings = {
+            "CUSTOM_RULES_SHA",
+            "EMAIL_CANONICALIZATION",
+            "PATH_TO_SHARED_CONFIG",
+            "PATH_TO_INSTANCE_CONFIG",
+            "IDENTIFIER_SCOPE_ID",
+        }
+    )
+    @ParameterizedTest
+    public void envOnlyConfigVars(String paramName) {
+        ProxyConfigProperty property = ProxyConfigProperty.valueOf(paramName);
+        assertNotNull(property);
+        assertTrue(property.isEnvVarOnly());
+    }
+
+
+}

java/impl/aws/src/main/java/co/worklytics/psoxy/aws/AWSWorkloadIdentityFederationGrantTokenRequestBuilder.java

@@ -3,6 +3,7 @@
 import co.worklytics.psoxy.gateway.ConfigService;
 import co.worklytics.psoxy.gateway.impl.oauth.WorkloadIdentityFederationGrantTokenRequestBuilder;
 import com.google.common.collect.Streams;
+import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.java.Log;
@@ -30,7 +31,11 @@ public class AWSWorkloadIdentityFederationGrantTokenRequestBuilder extends Workl
     enum ConfigProperty implements ConfigService.ConfigProperty {
         IDENTITY_POOL_ID,
         IDENTITY_ID,
-        DEVELOPER_NAME_ID
+        DEVELOPER_NAME_ID,
+        ;
+
+        @Getter
+        private boolean envVarOnly = true;
     }
 
     @Inject
@@ -63,4 +68,4 @@ protected String getClientAssertion() {
 
         return response.token();
     }
-}
+}

java/impl/aws/src/main/java/co/worklytics/psoxy/aws/ParameterStoreConfigService.java

@@ -73,6 +73,8 @@ public class ParameterStoreConfigService implements SecretStore, LockService {
 
     @Override
     public void putConfigProperty(ConfigProperty property, String value) {
+        Preconditions.checkArgument(!property.isEnvVarOnly(), "Can't put env-only config property: " + property);
+
         String key = parameterName(property);
         try {
             PutParameterRequest parameterRequest = PutParameterRequest.builder()
@@ -104,6 +106,10 @@ public Optional<String> getConfigPropertyAsOptional(ConfigProperty property) {
     }
 
     <T> Optional<T> getConfigPropertyAsOptional(ConfigProperty property, Function<GetParameterResponse, T> mapping) {
+        if (property.isEnvVarOnly()) {
+            return Optional.empty();
+        }
+
         String paramName = parameterName(property);
 
         try {

java/impl/aws/src/main/java/co/worklytics/psoxy/aws/SecretsManagerSecretStore.java

@@ -3,6 +3,7 @@
 import co.worklytics.psoxy.gateway.SecretStore;
 import co.worklytics.psoxy.gateway.impl.EnvVarsConfigService;
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Preconditions;
 import dagger.assisted.Assisted;
 import dagger.assisted.AssistedInject;
 import lombok.Getter;
@@ -48,6 +49,8 @@ public class SecretsManagerSecretStore implements SecretStore {
 
     @Override
     public void putConfigProperty(ConfigProperty property, String value) {
+        Preconditions.checkArgument(!property.isEnvVarOnly(), "Can't put env-only config property: " + property);
+
         String id = secretId(property);
         try {
             PutSecretValueRequest request = PutSecretValueRequest.builder()
@@ -84,6 +87,9 @@ public Optional<String> getConfigPropertyAsOptional(ConfigProperty property) {
     }
 
     <T> Optional<T> getConfigPropertyAsOptional(ConfigProperty property, Function<GetSecretValueResponse, T> mapping) {
+        if (property.isEnvVarOnly()) {
+            return Optional.empty();
+        }
 
         String id = secretId(property);
         try {

java/impl/gcp/src/main/java/co/worklytics/psoxy/GCPWorkloadIdentityFederationGrantTokenRequestBuilder.java

@@ -3,6 +3,7 @@
 import co.worklytics.psoxy.gateway.ConfigService;
 import co.worklytics.psoxy.gateway.impl.oauth.WorkloadIdentityFederationGrantTokenRequestBuilder;
 import com.google.common.collect.Streams;
+import lombok.Getter;
 import lombok.NoArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.java.Log;
@@ -28,7 +29,11 @@
 public class GCPWorkloadIdentityFederationGrantTokenRequestBuilder extends WorkloadIdentityFederationGrantTokenRequestBuilder {
 
     enum ConfigProperty implements ConfigService.ConfigProperty {
-        AUDIENCE
+        AUDIENCE,
+        ;
+
+        @Getter
+        private boolean envVarOnly = true;
     }
 
     @Override
@@ -73,4 +78,4 @@ protected String getClientAssertion() {
 
         return content.toString();
     }
-}
+}

java/impl/gcp/src/main/java/co/worklytics/psoxy/SecretManagerConfigService.java

@@ -61,6 +61,8 @@ public SecretManagerConfigService(@Assisted("projectId") @NonNull String project
 
     @Override
     public void putConfigProperty(ConfigProperty property, String value) {
+        Preconditions.checkArgument(!property.isEnvVarOnly(), "Can't put env-only config property: " + property);
+
         String key = parameterName(property);
         SecretName secretName = SecretName.of(projectId, key);
         try {
@@ -93,6 +95,11 @@ public String getConfigPropertyOrError(ConfigProperty property) {
     @SneakyThrows
     @Override
     public Optional<String> getConfigPropertyAsOptional(ConfigProperty property) {
+        if (property.isEnvVarOnly()) {
+            Optional.empty();
+        }
+
+
         String paramName = parameterName(property);
 
         SecretName secretName = SecretName.of(projectId, paramName);
@@ -288,4 +295,4 @@ private String parameterName(ConfigProperty property) {
             return this.namespace + property.name();
         }
     }
-}
+}