Add quarkus.oidc.proxy config

[dxps]

One addition to oidc extension: ability to use a proxy for talking with OIDC provider.
The following configuration items were added and can be used for this purpose:

• quarkus.oidc.proxy.host
• quarkus.oidc.proxy.port
• quarkus.oidc.proxy.username
• quarkus.oidc.proxy.password
• quarkus.oidc.proxy.type (update: ignored for now)

This refers to issue 8088.

Waiting for Quarkus team review and feedback.
Thanks.

[sberyozkin]

@DEVisions Many thanks for this PR, minor updates are suggested, cheers

[dxps]

@sberyozkin Many thanks for the feedback, Sergey! Changes submitted. I hope it's ok now.
Sorry for the last two sloppy commits.

[sberyozkin]

@DEVisions It all looks perfect to me now, as far as I recall the curly braces should be used all the time, so please tweak that and it should be ready to go.
There is some strange JDK11 compilation error which is not related to your PR.
Can you please do another minor update re those curly braces, squash the commits, and also fetch and rebase upstream/master and force-push ?
Thanks

[dxps]

@sberyozkin We should be good now, right? 😊 Thanks

[gastaldi]

Please squash your commits into a single one

[sberyozkin]

Hi @DEVisions It looks nice and ready to go :-), one more thing, @stuartwdouglas recommends avoiding using lambdas in the recorder in general due to them being a bit suboptimal. Can you please give me a favour and update that toProxyOptions with simple if proxy.username.isPresent() and the same for password ? You can just use .get() for host and port because the check that both of these props are set has already been done.

And squash as George has said.
Cheers

[dxps]

Hi @sberyozkin , Sure. You mean like this:

private ProxyOptions toProxyOptions(OidcTenantConfig.Proxy proxyConfig) {
        JsonObject jsonOptions = new JsonObject();
        jsonOptions.put("host", proxyConfig.host.get());
        jsonOptions.put("port", proxyConfig.port.getAsInt());
        if (proxyConfig.username.isPresent()) {
            jsonOptions.put("username", proxyConfig.username.get());
        }
        if (proxyConfig.password.isPresent()) {
            jsonOptions.put("password", proxyConfig.password.get());
        }
        return new ProxyOptions(jsonOptions);
    }

And I'll try to do the squashing now...

[gastaldi]

Be aware that host and port are optional too

[gastaldi]

Perhaps it's better to move the optional checks from the Recorder class to this method. I forgot you were performing the optional test there

[gastaldi]

It would be nice to also have a small unit test to ensure that this method works

[dxps]

Be aware that host and port are optional too

@gastaldi George, if both host and port are optional, therefore we "enable" the proxy if at least "host" is being defined in the config?

Sure, I'll include a unit test for toProxyOptions(OidcTenantConfig.Proxy proxyConfig) method.

[gastaldi]

if both host and port are optional, therefore we "enable" the proxy if at least "host" is being defined in the config?

Yes, that makes sense, and make sure to set a default value of 80 for the port

[sberyozkin]

@DEVisions @gastaldi so if we move the optional checks out of OidcRecorder to this method then setting a host is enough (with a default 80 port) to return ProxyOptions and if host is not set then null is returned ? That is good

[dxps]

@sberyozkin Actually, the enablement is done in .createTenantContext() as:

        Optional<ProxyOptions> proxyOpt = toProxyOptions(oidcConfig.getProxy());
        if (proxyOpt.isPresent()) {
            options.setProxyOptions(proxyOpt.get());
        }

And the rules are now moved into toProxyOptions(OidcTenantConfig.Proxy).

Submitted the updates, including a unit test.

[sberyozkin]

boring-cyborg got over-excited and added lots of labels :-)

[sberyozkin]

@DEVisions, nearly there :-), can you please do mvn process-sources in extensions/oidc and squash again ?

[dxps]

@sberyozkin Done! Are we there? ☺️

[sberyozkin]

@DEVisions Hope so :-), it is already approved

[sberyozkin]

@DEVisions thanks for your PR. It will only be available in 1.4.0 though because only critical fixes go to 1.3.1.Final. 1.4.0 will be out soon enough too I guess :-)

[dxps]

@sberyozkin @gastaldi Thank you both for the support and quick feedback!