From fe0ad4f7c498fb52c22a18e4ec4a927c878ae6c1 Mon Sep 17 00:00:00 2001
From: Jeremy Belldina <jbelldina@pearlstreettechnologies.com>
Date: Thu, 5 Sep 2024 13:50:33 -0400
Subject: [PATCH] fix(influxdb): Add API token auth for InfluxDB.

---
 .../kayenta/config/KayentaConfiguration.java  |  1 -
 ...aSerializationConfigurationProperties.java |  2 +-
 .../config/RetrofitClientConfiguration.java   |  2 +-
 .../config/RetrofitClientFactory.java         | 46 +++++++++++++++++--
 .../kayenta/metrics/CanaryScopeSpec.groovy    |  2 +-
 ...lizationConfigurationPropertiesTest.groovy |  2 +-
 .../config/InfluxDbConfiguration.java         | 10 +++-
 .../security/InfluxdbCredentials.java         |  1 +
 .../config/PrometheusConfiguration.java       |  3 +-
 9 files changed, 55 insertions(+), 14 deletions(-)

diff --git a/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaConfiguration.java b/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaConfiguration.java
index 2fb97f411..93907ba77 100644
--- a/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaConfiguration.java
+++ b/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaConfiguration.java
@@ -23,7 +23,6 @@
 import com.fasterxml.jackson.databind.SerializationFeature;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.google.common.collect.ImmutableList;
-import com.netflix.kayenta.atlas.config.KayentaSerializationConfigurationProperties;
 import com.netflix.kayenta.canary.CanaryMetricSetQueryConfig;
 import com.netflix.kayenta.metrics.MapBackedMetricsServiceRepository;
 import com.netflix.kayenta.metrics.MetricSetMixerService;
diff --git a/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaSerializationConfigurationProperties.java b/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaSerializationConfigurationProperties.java
index dcb13aba7..1a0b5e4a1 100644
--- a/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaSerializationConfigurationProperties.java
+++ b/kayenta-core/src/main/java/com/netflix/kayenta/config/KayentaSerializationConfigurationProperties.java
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package com.netflix.kayenta.atlas.config;
+package com.netflix.kayenta.config;
 
 import lombok.Data;
 
diff --git a/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientConfiguration.java b/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientConfiguration.java
index 3037cc929..8ee244e8e 100644
--- a/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientConfiguration.java
+++ b/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientConfiguration.java
@@ -17,8 +17,8 @@
 package com.netflix.kayenta.retrofit.config;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.netflix.kayenta.atlas.config.KayentaSerializationConfigurationProperties;
 import com.netflix.kayenta.config.KayentaConfiguration;
+import com.netflix.kayenta.config.KayentaSerializationConfigurationProperties;
 import com.netflix.spinnaker.config.OkHttpClientConfiguration;
 import com.netflix.spinnaker.orca.retrofit.exceptions.SpinnakerServerExceptionHandler;
 import com.squareup.okhttp.ConnectionPool;
diff --git a/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientFactory.java b/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientFactory.java
index 1067fecd4..ab2952c44 100644
--- a/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientFactory.java
+++ b/kayenta-core/src/main/java/com/netflix/kayenta/retrofit/config/RetrofitClientFactory.java
@@ -61,7 +61,8 @@ JacksonConverter jacksonConverterWithMapper(ObjectMapper objectMapper) {
   public <T> T createClient(
       Class<T> type, Converter converter, RemoteService remoteService, OkHttpClient okHttpClient) {
     try {
-      return createClient(type, converter, remoteService, okHttpClient, null, null, null, null);
+      return createClient(
+          type, converter, remoteService, okHttpClient, null, null, null, null, null);
     } catch (IOException e) {
       throw new RuntimeException(e);
     }
@@ -84,6 +85,7 @@ public <T> T createClient(
           username,
           password,
           usernamePasswordFile,
+          null,
           null);
     } catch (IOException e) {
       throw new RuntimeException(e);
@@ -98,7 +100,33 @@ public <T> T createClient(
       String username,
       String password,
       String usernamePasswordFile,
-      String bearerToken)
+      String bearerToken) {
+    try {
+      return createClient(
+          type,
+          converter,
+          remoteService,
+          okHttpClient,
+          username,
+          password,
+          usernamePasswordFile,
+          bearerToken,
+          null);
+    } catch (IOException e) {
+      throw new RuntimeException(e);
+    }
+  }
+
+  public <T> T createClient(
+      Class<T> type,
+      Converter converter,
+      RemoteService remoteService,
+      OkHttpClient okHttpClient,
+      String username,
+      String password,
+      String usernamePasswordFile,
+      String bearerToken,
+      String apiToken)
       throws IOException {
     String baseUrl = remoteService.getBaseUrl();
 
@@ -109,9 +137,11 @@ public <T> T createClient(
     if (!(StringUtils.isEmpty(username)
         && StringUtils.isEmpty(password)
         && StringUtils.isEmpty(usernamePasswordFile)
-        && StringUtils.isEmpty(bearerToken))) {
+        && StringUtils.isEmpty(bearerToken)
+        && StringUtils.isEmpty(apiToken))) {
       okHttpClient =
-          createAuthenticatedClient(username, password, usernamePasswordFile, bearerToken);
+          createAuthenticatedClient(
+              username, password, usernamePasswordFile, bearerToken, apiToken);
     }
 
     Slf4jRetrofitLogger logger = createRetrofitLogger.apply(type);
@@ -128,7 +158,11 @@ public <T> T createClient(
   }
 
   private static OkHttpClient createAuthenticatedClient(
-      String username, String password, String usernamePasswordFile, String bearerToken)
+      String username,
+      String password,
+      String usernamePasswordFile,
+      String bearerToken,
+      String apiToken)
       throws IOException {
     final String credential;
 
@@ -139,6 +173,8 @@ private static OkHttpClient createAuthenticatedClient(
       credential = "Basic " + Base64.encodeBase64String(trimmedFileContent.getBytes());
     } else if (StringUtils.isNotEmpty(bearerToken)) {
       credential = "Bearer " + bearerToken;
+    } else if (StringUtils.isNotEmpty(apiToken)) {
+      credential = "Token " + apiToken;
     } else {
       credential = Credentials.basic(username, password);
     }
diff --git a/kayenta-core/src/test/groovy/com/netflix/kayenta/metrics/CanaryScopeSpec.groovy b/kayenta-core/src/test/groovy/com/netflix/kayenta/metrics/CanaryScopeSpec.groovy
index 8696d7c2c..e52edb0b9 100644
--- a/kayenta-core/src/test/groovy/com/netflix/kayenta/metrics/CanaryScopeSpec.groovy
+++ b/kayenta-core/src/test/groovy/com/netflix/kayenta/metrics/CanaryScopeSpec.groovy
@@ -17,7 +17,7 @@
 package com.netflix.kayenta.metrics
 
 import com.fasterxml.jackson.databind.ObjectMapper
-import com.netflix.kayenta.atlas.config.KayentaSerializationConfigurationProperties
+import com.netflix.kayenta.config.KayentaSerializationConfigurationProperties
 import com.netflix.kayenta.canary.CanaryScope
 import com.netflix.kayenta.config.KayentaConfiguration
 import spock.lang.Shared
diff --git a/kayenta-core/src/test/groovy/com/netflix/kayenta/util/KayentaSerializationConfigurationPropertiesTest.groovy b/kayenta-core/src/test/groovy/com/netflix/kayenta/util/KayentaSerializationConfigurationPropertiesTest.groovy
index 2d834e980..66dbf7b37 100644
--- a/kayenta-core/src/test/groovy/com/netflix/kayenta/util/KayentaSerializationConfigurationPropertiesTest.groovy
+++ b/kayenta-core/src/test/groovy/com/netflix/kayenta/util/KayentaSerializationConfigurationPropertiesTest.groovy
@@ -18,7 +18,7 @@
 package com.netflix.kayenta.util
 
 import com.fasterxml.jackson.databind.ObjectMapper
-import com.netflix.kayenta.atlas.config.KayentaSerializationConfigurationProperties
+import com.netflix.kayenta.config.KayentaSerializationConfigurationProperties
 import com.netflix.kayenta.config.KayentaConfiguration
 import spock.lang.Specification
 import spock.lang.Unroll
diff --git a/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/config/InfluxDbConfiguration.java b/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/config/InfluxDbConfiguration.java
index df2c38fd0..590903a3a 100644
--- a/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/config/InfluxDbConfiguration.java
+++ b/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/config/InfluxDbConfiguration.java
@@ -70,7 +70,8 @@ MetricsService influxDbMetricsService(
       String name = account.getName();
       List<AccountCredentials.Type> supportedTypes = account.getSupportedTypes();
 
-      InfluxdbCredentials credentials = InfluxdbCredentials.builder().build();
+      InfluxdbCredentials credentials =
+          InfluxdbCredentials.builder().apiToken(account.getApiKey()).build();
 
       InfluxDbNamedAccountCredentials.InfluxDbNamedAccountCredentialsBuilder
           accountCredentialsBuilder =
@@ -86,7 +87,12 @@ MetricsService influxDbMetricsService(
                   InfluxDbRemoteService.class,
                   influxDbResponseConverter,
                   account.getEndpoint(),
-                  okHttpClient));
+                  okHttpClient,
+                  null,
+                  null,
+                  null,
+                  null,
+                  credentials.getApiToken()));
         }
         accountCredentialsBuilder.supportedTypes(supportedTypes);
       }
diff --git a/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/security/InfluxdbCredentials.java b/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/security/InfluxdbCredentials.java
index 120963bee..2ce6d2f6c 100644
--- a/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/security/InfluxdbCredentials.java
+++ b/kayenta-influxdb/src/main/java/com/netflix/kayenta/influxdb/security/InfluxdbCredentials.java
@@ -28,4 +28,5 @@ public class InfluxdbCredentials {
           .orElse("Unknown");
 
   private String dbName;
+  private String apiToken;
 }
diff --git a/kayenta-prometheus/src/main/java/com/netflix/kayenta/prometheus/config/PrometheusConfiguration.java b/kayenta-prometheus/src/main/java/com/netflix/kayenta/prometheus/config/PrometheusConfiguration.java
index 4a4dc220b..695948cad 100644
--- a/kayenta-prometheus/src/main/java/com/netflix/kayenta/prometheus/config/PrometheusConfiguration.java
+++ b/kayenta-prometheus/src/main/java/com/netflix/kayenta/prometheus/config/PrometheusConfiguration.java
@@ -27,7 +27,6 @@
 import com.netflix.kayenta.security.AccountCredentials;
 import com.netflix.kayenta.security.AccountCredentialsRepository;
 import com.squareup.okhttp.OkHttpClient;
-import java.io.IOException;
 import java.util.List;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.actuate.health.HealthIndicator;
@@ -104,7 +103,7 @@ MetricsService prometheusMetricsService(
 
         accountCredentialsRepository.save(name, prometheusManagedAccount);
         prometheusMetricsServiceBuilder.accountName(name);
-      } catch (IOException e) {
+      } catch (RuntimeException e) {
         log.error("Problem registering Prometheus account {}:", name, e);
       }
     }