Skip to content

Commit

Permalink
fix(micronaut-projectsGH-1442): handle SecretsManagerException thrown…
Browse files Browse the repository at this point in the history 
… when fetching secrets
  • Loading branch information
Adrian Chlebosz authored and Adrian Chlebosz committed Feb 12, 2023
1 parent b1b479b commit f013f1a
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 10 deletions.
5 changes: 5 additions & 0 deletions ...smanager/src/main/java/io/micronaut/aws/secretsmanager/SecretsManagerKeyValueFetcher.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@
/**
* {@link SecretsKeyValueFetcher} implementations for AWS Secrets Manager.
* @author Sergio del Amo
* @author Adrian Chlebosz
* @since 2.8.0
*/
@Experimental
Expand Down Expand Up @@ -195,6 +196,10 @@ private Optional<GetSecretValueResponse> fetchSecretValueResponse(@NonNull Secre
if (LOG.isWarnEnabled()) {
LOG.warn("Could not find the resource for secret ({})", getSecretValueRequest.secretId());
}
} catch (SecretsManagerException e) {
if (LOG.isWarnEnabled()) {
LOG.warn("SecretsManagerException {}", e.awsErrorDetails().errorMessage());
}
}
return Optional.empty();

Expand Down
35 changes: 25 additions & 10 deletions .../src/test/groovy/io/micronaut/aws/secretsmanager/SecretsManagerKeyValueFetcherSpec.groovy
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import io.micronaut.context.annotation.BootstrapContextCompatible
import io.micronaut.context.annotation.Primary
import io.micronaut.context.annotation.Requires
import io.micronaut.inject.BeanDefinition
import software.amazon.awssdk.awscore.exception.AwsErrorDetails
import software.amazon.awssdk.awscore.exception.AwsServiceException
import software.amazon.awssdk.core.exception.SdkClientException
import software.amazon.awssdk.services.secretsmanager.SecretsManagerClient
Expand Down Expand Up @@ -108,6 +109,14 @@ class SecretsManagerKeyValueFetcherSpec extends ApplicationContextSpecification
.name("/config/myapp_dev/oauthgoogle")
.build()
)
.nextToken("bar")
.build()
} else if (listSecretsRequest.nextToken() == "bar") {
return (ListSecretsResponse) ListSecretsResponse.builder()
.secretList(SecretListEntry.builder()
.name("/config/myapp_dev/oauthmeta")
.build()
)
.nextToken(null)
.build()
}
Expand All @@ -119,20 +128,26 @@ class SecretsManagerKeyValueFetcherSpec extends ApplicationContextSpecification
InvalidParameterException, InvalidRequestException, DecryptionFailureException, InternalServiceErrorException,
AwsServiceException, SdkClientException, SecretsManagerException {
if (getSecretValueRequest.secretId() == "/config/myapp_dev/oauthcompanyauthserver") {
return GetSecretValueResponse.builder()
return (GetSecretValueResponse) GetSecretValueResponse.builder()
.secretString('''\
{
"micronaut.security.oauth2.clients.companyauthserver.client-id": "XXX",
"micronaut.security.oauth2.clients.companyauthserver.client-secret": "YYY"
}''')
{
"micronaut.security.oauth2.clients.companyauthserver.client-id": "XXX",
"micronaut.security.oauth2.clients.companyauthserver.client-secret": "YYY"
}'''.stripIndent())
.build()
} else if (getSecretValueRequest.secretId() == "/config/myapp_dev/oauthmeta") {
throw SecretsManagerException.builder()
.awsErrorDetails(AwsErrorDetails.builder()
.errorMessage("User is not authorized to perform operation")
.build())
.build()
} else if (getSecretValueRequest.secretId() == "/config/myapp_dev/oauthgoogle") {
return GetSecretValueResponse.builder()
return (GetSecretValueResponse) GetSecretValueResponse.builder()
.secretString('''\
{
"micronaut.security.oauth2.clients.google.client-id": "ZZZ",
"micronaut.security.oauth2.clients.google.client-secret": "PPP"
}''')
{
"micronaut.security.oauth2.clients.google.client-id": "ZZZ",
"micronaut.security.oauth2.clients.google.client-secret": "PPP"
}'''.stripIndent())
.build()
}
throw new UnsupportedOperationException();
Expand Down

0 comments on commit f013f1a

Please sign in to comment.