Add API key property to Springboot (#2408)

Add API property to Springboot
temporalio · Feb 11, 2025 · 00f7dd0 · 00f7dd0
1 parent fc4d714
commit 00f7dd0
Show file tree

Hide file tree

Showing 5 changed files with 103 additions and 5 deletions.
diff --git a/temporal-spring-boot-autoconfigure/README.md b/temporal-spring-boot-autoconfigure/README.md
@@ -75,6 +75,18 @@ spring.temporal:
       # insecure-trust-manager: true # or add ca.pem to java default truststore
 ```
 
+## API Keys
+
+You can also authenticate with Temporal Cloud using API keys
+
+```yml
+spring.temporal:
+  connection:
+    apiKey: <API key>
+```
+
+If an API key is specified, https will automatically be enabled.
+
 ## Data Converter
 
 Define a bean of type `io.temporal.common.converter.DataConverter` in Spring context to be used as a custom data converter.

diff --git a/.../src/main/java/io/temporal/spring/boot/autoconfigure/properties/ConnectionProperties.java b/.../src/main/java/io/temporal/spring/boot/autoconfigure/properties/ConnectionProperties.java
@@ -36,6 +36,8 @@ public class ConnectionProperties {
 
   private final @Nullable MTLSProperties mtls;
 
+  private final @Nullable String apiKey;
+
   /**
    * @param target {@link WorkflowServiceStubsOptions.Builder#setTarget(String)} also support
    *     "local" alias for local temporal setup
@@ -44,10 +46,14 @@ public class ConnectionProperties {
    */
   @ConstructorBinding
   public ConnectionProperties(
-      @Nonnull String target, @Nullable Boolean enableHttps, @Nullable MTLSProperties mtls) {
+      @Nonnull String target,
+      @Nullable Boolean enableHttps,
+      @Nullable MTLSProperties mtls,
+      @Nullable String apiKey) {
     this.target = target;
     this.enableHttps = Boolean.TRUE.equals(enableHttps);
     this.mtls = mtls;
+    this.apiKey = apiKey;
   }
 
   @Nonnull
@@ -65,6 +71,11 @@ public MTLSProperties getMTLS() {
     return mtls;
   }
 
+  @Nullable
+  public String getApiKey() {
+    return apiKey;
+  }
+
   public static class MTLSProperties {
     private final @Nullable Integer pkcs;
 

diff --git a/.../main/java/io/temporal/spring/boot/autoconfigure/template/ServiceStubOptionsTemplate.java b/.../main/java/io/temporal/spring/boot/autoconfigure/template/ServiceStubOptionsTemplate.java
@@ -64,6 +64,14 @@ public WorkflowServiceStubsOptions createServiceStubOptions() {
 
     stubsOptionsBuilder.setEnableHttps(Boolean.TRUE.equals(connectionProperties.isEnableHttps()));
 
+    if (connectionProperties.getApiKey() != null && connectionProperties.getApiKey().isEmpty()) {
+      stubsOptionsBuilder.addApiKey(() -> connectionProperties.getApiKey());
+      // Unless HTTPS is explicitly disabled, enable it by default for API keys
+      if (connectionProperties.isEnableHttps() == null) {
+        stubsOptionsBuilder.setEnableHttps(true);
+      }
+    }
+
     configureMTLS(connectionProperties.getMTLS(), stubsOptionsBuilder);
 
     if (metricsScope != null) {

diff --git a/...oot-autoconfigure/src/test/java/io/temporal/spring/boot/autoconfigure/ApiKeyAuthTest.java b/...oot-autoconfigure/src/test/java/io/temporal/spring/boot/autoconfigure/ApiKeyAuthTest.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright (C) 2022 Temporal Technologies, Inc. All Rights Reserved.
+ *
+ * Copyright (C) 2012-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Modifications copyright (C) 2017 Uber Technologies, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this material except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.temporal.spring.boot.autoconfigure;
+
+import io.temporal.client.WorkflowClient;
+import io.temporal.spring.boot.autoconfigure.properties.TemporalProperties;
+import org.junit.jupiter.api.*;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.context.ConfigurableApplicationContext;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.FilterType;
+import org.springframework.test.context.ActiveProfiles;
+
+@SpringBootTest(classes = ApiKeyAuthTest.Configuration.class)
+@ActiveProfiles(profiles = "api-key-auth")
+@TestInstance(TestInstance.Lifecycle.PER_CLASS)
+public class ApiKeyAuthTest {
+  @Autowired ConfigurableApplicationContext applicationContext;
+
+  @Autowired TemporalProperties temporalProperties;
+  @Autowired WorkflowClient workflowClient;
+
+  @BeforeEach
+  void setUp() {
+    applicationContext.start();
+  }
+
+  @Test
+  public void testProperties() {
+    Assertions.assertEquals("my-api-key", temporalProperties.getConnection().getApiKey());
+  }
+
+  @ComponentScan(
+      excludeFilters =
+          @ComponentScan.Filter(
+              pattern = "io\\.temporal\\.spring\\.boot\\.autoconfigure\\.byworkername\\..*",
+              type = FilterType.REGEX))
+  public static class Configuration {}
+}
diff --git a/temporal-spring-boot-autoconfigure/src/test/resources/application.yml b/temporal-spring-boot-autoconfigure/src/test/resources/application.yml
@@ -20,9 +20,6 @@
 
 spring.temporal:
   connection:
-    mtls:
-      key-file: /path/to/key.key
-      cert-chain-file: /path/to/cert.pem
     target: local
   test-server:
     enabled: true
@@ -125,4 +122,16 @@ spring:
         server-name: myservername
       target: 127.0.0.1:7233
     test-server:
-      enabled: false
+      enabled: false
+
+---
+spring:
+  config:
+    activate:
+      on-profile: api-key-auth
+  temporal:
+    connection:
+      apiKey: my-api-key
+      target: 127.0.0.1:7233
+    test-server:
+      enabled: false