Refreshing AWS Secret values on demand

data-prepper-api/src/main/java/org/opensearch/dataprepper/model/plugin/PluginConfigVariable.java

@@ -31,6 +31,11 @@ public interface PluginConfigVariable {
      */
     void setValue(Object updatedValue);
 
+    /**
+     * Refresh the secret value on demand
+     */
+    void refresh();
+
     /**
      * Returns if the variable is updatable.
      *

data-prepper-plugin-framework/src/test/java/org/opensearch/dataprepper/plugin/VariableExpanderTest.java

@@ -157,6 +157,10 @@ public void setValue(Object updatedValue) {
                 this.secretValue = updatedValue.toString();
             }
 
+            @Override
+            public void refresh() {
+            }
+
             @Override
             public boolean isUpdatable() {
                 return true;

data-prepper-plugins/aws-plugin/src/main/java/org/opensearch/dataprepper/plugins/aws/AwsPluginConfigVariable.java

@@ -47,6 +47,12 @@ public void setValue(Object newValue) {
         this.secretValue = newValue;
     }
 
+    @Override
+    public void refresh() {
+        secretsSupplier.refresh(secretId);
+    }
+
+
     @Override
     public boolean isUpdatable() {
         return isUpdatable;

data-prepper-plugins/aws-plugin/src/test/java/org/opensearch/dataprepper/plugins/aws/AwsPluginConfigVariableTest.java

@@ -25,6 +25,8 @@
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 
 @ExtendWith(MockitoExtension.class)
@@ -81,4 +83,11 @@ void testSetValueSuccess(final String input) {
         assertThat(objectUnderTest.getValue(), equalTo(input));
     }
 
+
+    @Test
+    void testRefreshSecretsWithKey() {
+        objectUnderTest.refresh();
+        verify(secretsSupplier, times(1)).refresh(secretId);
+    }
+
 }

data-prepper-plugins/saas-source-plugins/jira-source/src/main/java/org/opensearch/dataprepper/plugins/source/jira/rest/auth/JiraOauthConfig.java

@@ -142,6 +142,9 @@ public void renewCredentials() {
             } catch (HttpClientErrorException ex) {
                 this.expireTime = Instant.ofEpochMilli(0);
                 this.expiresInSeconds = 0;
+                // Try refreshing the secrets and see if that helps
+                // Refreshing one of the secret refreshes the entire store so we are good to trigger refresh on just one
+                jiraSourceConfig.getAuthenticationConfig().getOauth2Config().getAccessToken().refresh();
                 log.error("Failed to renew access token. Status code: {}, Error Message: {}",
                         ex.getRawStatusCode(), ex.getMessage());
                 throw new RuntimeException("Failed to renew access token" + ex.getMessage(), ex);

data-prepper-plugins/saas-source-plugins/jira-source/src/test/java/org/opensearch/dataprepper/plugins/source/jira/utils/MockPluginConfigVariableImpl.java

@@ -33,6 +33,10 @@ public void setValue(Object someValue) {
         this.defaultValue = someValue;
     }
 
+    @Override
+    public void refresh() {
+    }
+
     @Override
     public boolean isUpdatable() {
         return true;