Merge branch 'master' into warning-count

build.gradle

@@ -7,6 +7,7 @@ buildscript {
   ext.openTelemetryVersion = '1.18.0'
   ext.neo4jVersion = '4.4.9'
   ext.graphQLJavaVersion = '19.0'
+  ext.testContainersVersion = '1.17.4'
   apply from: './repositories.gradle'
   buildscript.repositories.addAll(project.repositories)
   dependencies {
@@ -92,6 +93,7 @@ project.ext.externalDependency = [
     'jerseyGuava': 'org.glassfish.jersey.bundles.repackaged:jersey-guava:2.25.1',
     'jettyJaas': 'org.eclipse.jetty:jetty-jaas:9.4.46.v20220331',
     'jgrapht': 'org.jgrapht:jgrapht-core:1.5.1',
+    'jna': 'net.java.dev.jna:jna:5.12.1',
     'jsonPatch': 'com.github.java-json-tools:json-patch:1.13',
     'jsonSchemaAvro': 'com.github.fge:json-schema-avro:0.1.4',
     'jsonSimple': 'com.googlecode.json-simple:json-simple:1.1.1',
@@ -156,11 +158,11 @@ project.ext.externalDependency = [
     'springActuator': "org.springframework.boot:spring-boot-starter-actuator:$springBootVersion",
     'swaggerAnnotations': 'io.swagger.core.v3:swagger-annotations:2.1.12',
     'testng': 'org.testng:testng:7.3.0',
-    'testContainers': 'org.testcontainers:testcontainers:1.15.3',
-    'testContainersJunit': 'org.testcontainers:junit-jupiter:1.15.3',
-    'testContainersPostgresql':'org.testcontainers:postgresql:1.15.3',
-    'testContainersElasticsearch': 'org.testcontainers:elasticsearch:1.15.3',
-    'testContainersCassandra': 'org.testcontainers:cassandra:1.15.3',
+    'testContainers': 'org.testcontainers:testcontainers:' + testContainersVersion,
+    'testContainersJunit': 'org.testcontainers:junit-jupiter:' + testContainersVersion,
+    'testContainersPostgresql':'org.testcontainers:postgresql:' + testContainersVersion,
+    'testContainersElasticsearch': 'org.testcontainers:elasticsearch:' + testContainersVersion,
+    'testContainersCassandra': 'org.testcontainers:cassandra:' + testContainersVersion,
     'typesafeConfig':'com.typesafe:config:1.4.1',
     'wiremock':'com.github.tomakehurst:wiremock:2.10.0',
     'zookeeper': 'org.apache.zookeeper:zookeeper:3.4.14'

datahub-frontend/app/auth/AuthModule.java

@@ -1,19 +1,28 @@
 package auth;
 
+import auth.sso.SsoConfigs;
+import auth.sso.SsoManager;
+import auth.sso.oidc.OidcConfigs;
+import auth.sso.oidc.OidcProvider;
 import client.AuthServiceClient;
 import com.datahub.authentication.Actor;
 import com.datahub.authentication.ActorType;
+import com.datahub.authentication.Authentication;
 import com.google.inject.AbstractModule;
 import com.google.inject.Provides;
 import com.google.inject.Singleton;
 import com.linkedin.entity.client.EntityClient;
 import com.linkedin.entity.client.RestliEntityClient;
 import com.linkedin.metadata.restli.DefaultRestliClientFactory;
 import com.linkedin.util.Configuration;
-import com.datahub.authentication.Authentication;
+import controllers.SsoCallbackController;
 import java.nio.charset.StandardCharsets;
+import java.util.ArrayList;
 import java.util.Collections;
+import java.util.List;
 import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.http.impl.client.CloseableHttpClient;
+import org.apache.http.impl.client.HttpClients;
 import org.pac4j.core.client.Client;
 import org.pac4j.core.client.Clients;
 import org.pac4j.core.config.Config;
@@ -25,14 +34,6 @@
 import org.pac4j.play.store.PlaySessionStore;
 import org.pac4j.play.store.ShiroAesDataEncrypter;
 import play.Environment;
-
-import java.util.ArrayList;
-import java.util.List;
-import auth.sso.oidc.OidcProvider;
-import auth.sso.oidc.OidcConfigs;
-import auth.sso.SsoConfigs;
-import auth.sso.SsoManager;
-import controllers.SsoCallbackController;
 import play.cache.SyncCacheApi;
 import utils.ConfigUtil;
 
@@ -142,44 +143,49 @@ protected SsoManager provideSsoManager() {
         return manager;
     }
 
-    @Provides @Singleton
+    @Provides
+    @Singleton
     protected Authentication provideSystemAuthentication() {
         // Returns an instance of Authentication used to authenticate system initiated calls to Metadata Service.
         String systemClientId = _configs.getString(SYSTEM_CLIENT_ID_CONFIG_PATH);
         String systemSecret = _configs.getString(SYSTEM_CLIENT_SECRET_CONFIG_PATH);
-        final Actor systemActor = new Actor(ActorType.USER, systemClientId); // TODO: Change to service actor once supported.
-        return new Authentication(
-            systemActor,
-            String.format("Basic %s:%s", systemClientId, systemSecret),
-            Collections.emptyMap()
-        );
+        final Actor systemActor =
+            new Actor(ActorType.USER, systemClientId); // TODO: Change to service actor once supported.
+        return new Authentication(systemActor, String.format("Basic %s:%s", systemClientId, systemSecret),
+            Collections.emptyMap());
     }
 
-    @Provides @Singleton
+    @Provides
+    @Singleton
     protected EntityClient provideEntityClient() {
         return new RestliEntityClient(buildRestliClient());
     }
 
-    @Provides @Singleton
-    protected AuthServiceClient provideAuthClient(Authentication systemAuthentication) {
+    @Provides
+    @Singleton
+    protected CloseableHttpClient provideHttpClient() {
+        return HttpClients.createDefault();
+    }
+
+    @Provides
+    @Singleton
+    protected AuthServiceClient provideAuthClient(Authentication systemAuthentication, CloseableHttpClient httpClient) {
         // Init a GMS auth client
-        final String metadataServiceHost = _configs.hasPath(METADATA_SERVICE_HOST_CONFIG_PATH)
-            ? _configs.getString(METADATA_SERVICE_HOST_CONFIG_PATH)
-            : Configuration.getEnvironmentVariable(GMS_HOST_ENV_VAR, DEFAULT_GMS_HOST);
-
-        final int metadataServicePort = _configs.hasPath(METADATA_SERVICE_PORT_CONFIG_PATH)
-            ? _configs.getInt(METADATA_SERVICE_PORT_CONFIG_PATH)
-            : Integer.parseInt(Configuration.getEnvironmentVariable(GMS_PORT_ENV_VAR, DEFAULT_GMS_PORT));
-
-        final Boolean metadataServiceUseSsl = _configs.hasPath(METADATA_SERVICE_USE_SSL_CONFIG_PATH)
-            ? _configs.getBoolean(METADATA_SERVICE_USE_SSL_CONFIG_PATH)
-            : Boolean.parseBoolean(Configuration.getEnvironmentVariable(GMS_USE_SSL_ENV_VAR, DEFAULT_GMS_USE_SSL));
-
-        return new AuthServiceClient(
-            metadataServiceHost,
-            metadataServicePort,
-            metadataServiceUseSsl,
-            systemAuthentication);
+        final String metadataServiceHost =
+            _configs.hasPath(METADATA_SERVICE_HOST_CONFIG_PATH) ? _configs.getString(METADATA_SERVICE_HOST_CONFIG_PATH)
+                : Configuration.getEnvironmentVariable(GMS_HOST_ENV_VAR, DEFAULT_GMS_HOST);
+
+        final int metadataServicePort =
+            _configs.hasPath(METADATA_SERVICE_PORT_CONFIG_PATH) ? _configs.getInt(METADATA_SERVICE_PORT_CONFIG_PATH)
+                : Integer.parseInt(Configuration.getEnvironmentVariable(GMS_PORT_ENV_VAR, DEFAULT_GMS_PORT));
+
+        final Boolean metadataServiceUseSsl =
+            _configs.hasPath(METADATA_SERVICE_USE_SSL_CONFIG_PATH) ? _configs.getBoolean(
+                METADATA_SERVICE_USE_SSL_CONFIG_PATH)
+                : Boolean.parseBoolean(Configuration.getEnvironmentVariable(GMS_USE_SSL_ENV_VAR, DEFAULT_GMS_USE_SSL));
+
+        return new AuthServiceClient(metadataServiceHost, metadataServicePort, metadataServiceUseSsl,
+            systemAuthentication, httpClient);
     }
 
     private com.linkedin.restli.client.Client buildRestliClient() {

datahub-frontend/app/client/AuthServiceClient.java

@@ -12,7 +12,6 @@
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.entity.StringEntity;
 import org.apache.http.impl.client.CloseableHttpClient;
-import org.apache.http.impl.client.HttpClients;
 import org.apache.http.util.EntityUtils;
 import play.mvc.Http;
 
@@ -27,6 +26,7 @@ public class AuthServiceClient {
   private static final String SIGN_UP_ENDPOINT = "auth/signUp";
   private static final String RESET_NATIVE_USER_CREDENTIALS_ENDPOINT = "auth/resetNativeUserCredentials";
   private static final String VERIFY_NATIVE_USER_CREDENTIALS_ENDPOINT = "auth/verifyNativeUserCredentials";
+  private static final String TRACK_ENDPOINT = "auth/track";
   private static final String ACCESS_TOKEN_FIELD = "accessToken";
   private static final String USER_ID_FIELD = "userId";
   private static final String USER_URN_FIELD = "userUrn";
@@ -44,13 +44,16 @@ public class AuthServiceClient {
   private final Integer metadataServicePort;
   private final Boolean metadataServiceUseSsl;
   private final Authentication systemAuthentication;
+  private final CloseableHttpClient httpClient;
 
   public AuthServiceClient(@Nonnull final String metadataServiceHost, @Nonnull final Integer metadataServicePort,
-      @Nonnull final Boolean useSsl, @Nonnull final Authentication systemAuthentication) {
+      @Nonnull final Boolean useSsl, @Nonnull final Authentication systemAuthentication,
+      @Nonnull final CloseableHttpClient httpClient) {
     this.metadataServiceHost = Objects.requireNonNull(metadataServiceHost);
     this.metadataServicePort = Objects.requireNonNull(metadataServicePort);
     this.metadataServiceUseSsl = Objects.requireNonNull(useSsl);
     this.systemAuthentication = Objects.requireNonNull(systemAuthentication);
+    this.httpClient = Objects.requireNonNull(httpClient);
   }
 
   /**
@@ -62,7 +65,7 @@ public AuthServiceClient(@Nonnull final String metadataServiceHost, @Nonnull fin
   @Nonnull
   public String generateSessionTokenForUser(@Nonnull final String userId) {
     Objects.requireNonNull(userId, "userId must not be null");
-    CloseableHttpClient httpClient = HttpClients.createDefault();
+    CloseableHttpResponse response = null;
 
     try {
 
@@ -81,7 +84,7 @@ public String generateSessionTokenForUser(@Nonnull final String userId) {
       // Add authorization header with DataHub frontend system id and secret.
       request.addHeader(Http.HeaderNames.AUTHORIZATION, this.systemAuthentication.getCredentials());
 
-      CloseableHttpResponse response = httpClient.execute(request);
+      response = httpClient.execute(request);
       final HttpEntity entity = response.getEntity();
       if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK && entity != null) {
         // Successfully generated a token for the User
@@ -96,9 +99,11 @@ public String generateSessionTokenForUser(@Nonnull final String userId) {
       throw new RuntimeException("Failed to generate session token for user", e);
     } finally {
       try {
-        httpClient.close();
+        if (response != null) {
+          response.close();
+        }
       } catch (Exception e) {
-        log.warn("Failed to close http client", e);
+        log.error("Failed to close http response", e);
       }
     }
   }
@@ -114,7 +119,7 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
     Objects.requireNonNull(title, "title must not be null");
     Objects.requireNonNull(password, "password must not be null");
     Objects.requireNonNull(inviteToken, "inviteToken must not be null");
-    CloseableHttpClient httpClient = HttpClients.createDefault();
+    CloseableHttpResponse response = null;
 
     try {
 
@@ -138,7 +143,7 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
       // Add authorization header with DataHub frontend system id and secret.
       request.addHeader(Http.HeaderNames.AUTHORIZATION, this.systemAuthentication.getCredentials());
 
-      CloseableHttpResponse response = httpClient.execute(request);
+      response = httpClient.execute(request);
       final HttpEntity entity = response.getEntity();
       if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK && entity != null) {
         // Successfully generated a token for the User
@@ -153,9 +158,11 @@ public boolean signUp(@Nonnull final String userUrn, @Nonnull final String fullN
       throw new RuntimeException(String.format("Failed to create user %s", userUrn), e);
     } finally {
       try {
-        httpClient.close();
+        if (response != null) {
+          response.close();
+        }
       } catch (Exception e) {
-        log.warn("Failed to close http client", e);
+        log.error("Failed to close http response", e);
       }
     }
   }
@@ -168,7 +175,7 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
     Objects.requireNonNull(userUrn, "userUrn must not be null");
     Objects.requireNonNull(password, "password must not be null");
     Objects.requireNonNull(resetToken, "reset token must not be null");
-    CloseableHttpClient httpClient = HttpClients.createDefault();
+    CloseableHttpResponse response = null;
 
     try {
 
@@ -189,7 +196,7 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
       // Add authorization header with DataHub frontend system id and secret.
       request.addHeader(Http.HeaderNames.AUTHORIZATION, this.systemAuthentication.getCredentials());
 
-      CloseableHttpResponse response = httpClient.execute(request);
+      response = httpClient.execute(request);
       final HttpEntity entity = response.getEntity();
       if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK && entity != null) {
         // Successfully generated a token for the User
@@ -204,9 +211,11 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
       throw new RuntimeException("Failed to reset credentials for user", e);
     } finally {
       try {
-        httpClient.close();
+        if (response != null) {
+          response.close();
+        }
       } catch (Exception e) {
-        log.warn("Failed to close http client", e);
+        log.error("Failed to close http response", e);
       }
     }
   }
@@ -217,7 +226,7 @@ public boolean resetNativeUserCredentials(@Nonnull final String userUrn, @Nonnul
   public boolean verifyNativeUserCredentials(@Nonnull final String userUrn, @Nonnull final String password) {
     Objects.requireNonNull(userUrn, "userUrn must not be null");
     Objects.requireNonNull(password, "password must not be null");
-    CloseableHttpClient httpClient = HttpClients.createDefault();
+    CloseableHttpResponse response = null;
 
     try {
 
@@ -237,7 +246,7 @@ public boolean verifyNativeUserCredentials(@Nonnull final String userUrn, @Nonnu
       // Add authorization header with DataHub frontend system id and secret.
       request.addHeader(Http.HeaderNames.AUTHORIZATION, this.systemAuthentication.getCredentials());
 
-      CloseableHttpResponse response = httpClient.execute(request);
+      response = httpClient.execute(request);
       final HttpEntity entity = response.getEntity();
       if (response.getStatusLine().getStatusCode() == HttpStatus.SC_OK && entity != null) {
         // Successfully generated a token for the User
@@ -252,9 +261,51 @@ public boolean verifyNativeUserCredentials(@Nonnull final String userUrn, @Nonnu
       throw new RuntimeException("Failed to verify credentials for user", e);
     } finally {
       try {
-        httpClient.close();
+        if (response != null) {
+          response.close();
+        }
       } catch (Exception e) {
-        log.warn("Failed to close http client", e);
+        log.error("Failed to close http response", e);
+      }
+    }
+  }
+
+  /**
+   * Call the Auth Service to track an analytics event
+   */
+  public void track(@Nonnull final String event) {
+    Objects.requireNonNull(event, "event must not be null");
+    CloseableHttpResponse response = null;
+
+    try {
+      final String protocol = this.metadataServiceUseSsl ? "https" : "http";
+      final HttpPost request = new HttpPost(
+          String.format("%s://%s:%s/%s", protocol, this.metadataServiceHost, this.metadataServicePort,
+              TRACK_ENDPOINT));
+
+      // Build JSON request to track event.
+      request.setEntity(new StringEntity(event));
+
+      // Add authorization header with DataHub frontend system id and secret.
+      request.addHeader(Http.HeaderNames.AUTHORIZATION, this.systemAuthentication.getCredentials());
+
+      response = httpClient.execute(request);
+      final HttpEntity entity = response.getEntity();
+
+      if (response.getStatusLine().getStatusCode() != HttpStatus.SC_OK || entity == null) {
+        throw new RuntimeException(
+            String.format("Bad response from the Metadata Service: %s %s", response.getStatusLine().toString(),
+                response.getEntity().toString()));
+      }
+    } catch (Exception e) {
+      throw new RuntimeException("Failed to track event", e);
+    } finally {
+      try {
+        if (response != null) {
+          response.close();
+        }
+      } catch (Exception e) {
+        log.error("Failed to close http response", e);
       }
     }
   }