From 3b96379d6858cd17f29209992cd54dd8c18200ef Mon Sep 17 00:00:00 2001
From: Bandini Bhopi <bandinib@amazon.com>
Date: Fri, 26 Jan 2024 02:05:01 +0000
Subject: [PATCH] Add registerCredentialProvider in data source plugin setup

Signed-off-by: Bandini Bhopi <bandinib@amazon.com>
---
 .../data_source/common/data_sources/types.ts  |  4 ++--
 .../server/client/configure_client.ts         | 12 +++++++++--
 src/plugins/data_source/server/plugin.ts      | 20 ++++++++++++++++++-
 src/plugins/data_source/server/types.ts       | 17 ++++++++++++++++
 .../data_source_management/public/index.ts    |  1 +
 5 files changed, 49 insertions(+), 5 deletions(-)

diff --git a/src/plugins/data_source/common/data_sources/types.ts b/src/plugins/data_source/common/data_sources/types.ts
index 8763c5306c15..a685ca5d91ff 100644
--- a/src/plugins/data_source/common/data_sources/types.ts
+++ b/src/plugins/data_source/common/data_sources/types.ts
@@ -2,7 +2,6 @@
  * Copyright OpenSearch Contributors
  * SPDX-License-Identifier: Apache-2.0
  */
-
 import { SavedObjectAttributes } from 'src/core/types';
 
 export interface DataSourceAttributes extends SavedObjectAttributes {
@@ -11,7 +10,7 @@ export interface DataSourceAttributes extends SavedObjectAttributes {
   endpoint: string;
   auth: {
     type: AuthType;
-    credentials: UsernamePasswordTypedContent | SigV4Content | undefined;
+    credentials: UsernamePasswordTypedContent | SigV4Content | undefined | SavedObjectAttributes;
   };
   lastUpdatedTime?: string;
 }
@@ -26,6 +25,7 @@ export interface SigV4Content extends SavedObjectAttributes {
   secretKey: string;
   region: string;
   service?: SigV4ServiceName;
+  sessionToken?: string;
 }
 
 export interface UsernamePasswordTypedContent extends SavedObjectAttributes {
diff --git a/src/plugins/data_source/server/client/configure_client.ts b/src/plugins/data_source/server/client/configure_client.ts
index acbdfddb3fc4..47799b1d5539 100644
--- a/src/plugins/data_source/server/client/configure_client.ts
+++ b/src/plugins/data_source/server/client/configure_client.ts
@@ -7,7 +7,7 @@ import { Client, ClientOptions } from '@opensearch-project/opensearch';
 import { Client as LegacyClient } from 'elasticsearch';
 import { Credentials } from 'aws-sdk';
 import { AwsSigv4Signer } from '@opensearch-project/opensearch/aws';
-import { Logger } from '../../../../../src/core/server';
+import { Logger, OpenSearchDashboardsRequest } from '../../../../../src/core/server';
 import {
   AuthType,
   DataSourceAttributes,
@@ -29,7 +29,13 @@ import {
 } from './configure_client_utils';
 
 export const configureClient = async (
-  { dataSourceId, savedObjects, cryptography, testClientDataSourceAttr }: DataSourceClientParams,
+  {
+    dataSourceId,
+    savedObjects,
+    cryptography,
+    testClientDataSourceAttr,
+    request,
+  }: DataSourceClientParams,
   openSearchClientPoolSetup: OpenSearchClientPoolSetup,
   config: DataSourcePluginConfigType,
   logger: Logger
@@ -68,6 +74,7 @@ export const configureClient = async (
       dataSource,
       openSearchClientPoolSetup.addClientToPool,
       config,
+      request,
       cryptography,
       rootClient,
       dataSourceId,
@@ -98,6 +105,7 @@ const getQueryClient = async (
   dataSourceAttr: DataSourceAttributes,
   addClientToPool: (endpoint: string, authType: AuthType, client: Client | LegacyClient) => void,
   config: DataSourcePluginConfigType,
+  request: OpenSearchDashboardsRequest,
   cryptography?: CryptographyServiceSetup,
   rootClient?: Client,
   dataSourceId?: string,
diff --git a/src/plugins/data_source/server/plugin.ts b/src/plugins/data_source/server/plugin.ts
index 0f3c47be4b4c..59f019bc4c2e 100644
--- a/src/plugins/data_source/server/plugin.ts
+++ b/src/plugins/data_source/server/plugin.ts
@@ -23,7 +23,11 @@ import { LoggingAuditor } from './audit/logging_auditor';
 import { CryptographyService, CryptographyServiceSetup } from './cryptography_service';
 import { DataSourceService, DataSourceServiceSetup } from './data_source_service';
 import { DataSourceSavedObjectsClientWrapper, dataSource } from './saved_objects';
-import { DataSourcePluginSetup, DataSourcePluginStart } from './types';
+import {
+  DataSourcePluginSetup,
+  DataSourcePluginStart,
+  DataSourceCredentialsProvider,
+} from './types';
 import { DATA_SOURCE_SAVED_OBJECT_TYPE } from '../common';
 
 // eslint-disable-next-line @osd/eslint/no-restricted-paths
@@ -109,8 +113,20 @@ export class DataSourcePlugin implements Plugin<DataSourcePluginSetup, DataSourc
     const router = core.http.createRouter();
     registerTestConnectionRoute(router, dataSourceService, cryptographyServiceSetup);
 
+    const registerCredentialProvider = (
+      authType: string,
+      credentialProvider: DataSourceCredentialsProvider
+    ) => {
+      this.logger.info(`Registered Credential Provider for authType = ${authType}`);
+      /*
+      Add in auth registry
+      this.authRegistery.registerAuth(authType, credentialProvider);
+      */
+    };
+
     return {
       createDataSourceError: (e: any) => createDataSourceError(e),
+      registerCredentialProvider,
     };
   }
 
@@ -142,6 +158,7 @@ export class DataSourcePlugin implements Plugin<DataSourcePluginSetup, DataSourc
               dataSourceId,
               savedObjects: context.core.savedObjects.client,
               cryptography,
+              request: req,
             });
           },
           legacy: {
@@ -150,6 +167,7 @@ export class DataSourcePlugin implements Plugin<DataSourcePluginSetup, DataSourc
                 dataSourceId,
                 savedObjects: context.core.savedObjects.client,
                 cryptography,
+                request: req,
               });
             },
           },
diff --git a/src/plugins/data_source/server/types.ts b/src/plugins/data_source/server/types.ts
index 68a840ebbbcb..c61592035eaa 100644
--- a/src/plugins/data_source/server/types.ts
+++ b/src/plugins/data_source/server/types.ts
@@ -7,6 +7,7 @@ import {
   LegacyCallAPIOptions,
   OpenSearchClient,
   SavedObjectsClientContract,
+  OpenSearchDashboardsRequest,
 } from 'src/core/server';
 import { DataSourceAttributes } from '../common/data_sources';
 
@@ -27,8 +28,19 @@ export interface DataSourceClientParams {
   dataSourceId?: string;
   // required when creating test client
   testClientDataSourceAttr?: DataSourceAttributes;
+  request: OpenSearchDashboardsRequest;
 }
 
+export interface DataSourceCredentialsProviderOptions {
+  dataSourceAttr: DataSourceAttributes;
+  request: OpenSearchDashboardsRequest;
+  cryptography?: CryptographyServiceSetup;
+}
+
+export type DataSourceCredentialsProvider = (
+  options: DataSourceCredentialsProviderOptions
+) => UsernamePasswordTypedContent | SigV4Content;
+
 export interface DataSourcePluginRequestContext {
   opensearch: {
     getClient: (dataSourceId: string) => Promise<OpenSearchClient>;
@@ -53,6 +65,11 @@ declare module 'src/core/server' {
 
 export interface DataSourcePluginSetup {
   createDataSourceError: (err: any) => DataSourceError;
+
+  registerCredentialProvider: (
+    authType: string,
+    credentialProvider: DataSourceCredentialsProvider
+  ) => void;
 }
 // eslint-disable-next-line @typescript-eslint/no-empty-interface
 export interface DataSourcePluginStart {}
diff --git a/src/plugins/data_source_management/public/index.ts b/src/plugins/data_source_management/public/index.ts
index acae34449ce3..729185898130 100644
--- a/src/plugins/data_source_management/public/index.ts
+++ b/src/plugins/data_source_management/public/index.ts
@@ -11,3 +11,4 @@ export function plugin() {
   return new DataSourceManagementPlugin();
 }
 export { DataSourceManagementPluginStart } from './types';
+export { DataSourceManagementPlugin } from './plugin';