Skip to content

Support PluginConfigVariable for Confluence/Jira bearer token. #6856

Open
srikanthpadakanti wants to merge 5 commits into
opensearch-project:mainfrom
srikanthpadakanti:confluence-plugin-config-variable-6844
Open

Support PluginConfigVariable for Confluence/Jira bearer token. #6856
srikanthpadakanti wants to merge 5 commits into
opensearch-project:mainfrom
srikanthpadakanti:confluence-plugin-config-variable-6844

Conversation

@srikanthpadakanti
Copy link
Copy Markdown
Collaborator

@srikanthpadakanti srikanthpadakanti commented May 12, 2026

Description

Change bearer_token field in AuthenticationConfig from String to PluginConfigVariable to enable reading credentials from external secrets managers (e.g., AWS Secrets Manager). The renewCredentials() method in AtlassianBearerTokenAuthConfig now calls refresh() on the variable so externally rotated secrets are picked up on next use.

Issues Resolved

Resolves #6844
#6844

Check List

  • [ X ] New functionality includes testing.
  • New functionality has a documentation issue. Please link to it in this PR.
  • [ X ] New functionality has javadoc added
  • [ X ] Commits are signed with a real name per the DCO

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@srikanthpadakanti
Change bearer_token from String to PluginConfigVariable for secrets m…
70773ab 
…anager integration

Signed-off-by: Srikanth Padakanti <srikanth_padakanti@apple.com>
dlvenable
dlvenable requested changes May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@dlvenable dlvenable left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @srikanthpadakanti for this contribution!

Comment thread .../org/opensearch/dataprepper/plugins/source/atlassian/configuration/AuthenticationConfig.java Outdated
Comment thread .../java/org/opensearch/dataprepper/plugins/source/confluence/utils/ConfluenceConfigHelper.java Outdated
Comment thread ...pensearch/dataprepper/plugins/source/atlassian/rest/auth/AtlassianBearerTokenAuthConfig.java Outdated
@dlvenable dlvenable mentioned this pull request May 19, 2026
Merged
4 tasks
@dlvenable dlvenable marked this pull request as draft May 19, 2026 16:18
@dlvenable dlvenable marked this pull request as ready for review May 19, 2026 16:18
@srikanthpadakanti
Copy link
Copy Markdown
Collaborator Author

srikanthpadakanti commented May 21, 2026
edited
Loading

Noticed AtlassianOauthConfig.java have the same unsafe cast pattern on getAccessToken().getValue() and getRefreshToken().getValue(). I'll fix those in a follow-up PR to keep this one scoped to bearer token only.

@srikanthpadakanti
Use instanceof for safe cast, guard refresh with isUpdatable, consoli…
756005d 
…date token validation into helper method

Signed-off-by: Srikanth Padakanti <srikanth_padakanti@apple.com>
@srikanthpadakanti srikanthpadakanti mentioned this pull request May 21, 2026
Open
@srikanthpadakanti
Remove unused UUID import from AtlassianAuthFactoryTest
c1b23c4 
Signed-off-by: Srikanth Padakanti <srikanth_padakanti@apple.com>
dlvenable
dlvenable requested changes May 21, 2026
View reviewed changes
Comment thread ...pensearch/dataprepper/plugins/source/atlassian/rest/auth/AtlassianBearerTokenAuthConfig.java Outdated
@srikanthpadakanti
Remove isUpdatable guard and call refresh directly per reviewer feedback
4996a64 
Signed-off-by: Srikanth Padakanti <srikanth_padakanti@apple.com>
dlvenable
dlvenable approved these changes May 22, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@dlvenable dlvenable left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @srikanthpadakanti for this improvement!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dlvenable dlvenable dlvenable approved these changes

@divbok divbok Awaiting requested review from divbok divbok is a code owner

@sb2k16 sb2k16 Awaiting requested review from sb2k16 sb2k16 is a code owner

@san81 san81 Awaiting requested review from san81 san81 is a code owner

@srikanthjg srikanthjg Awaiting requested review from srikanthjg srikanthjg is a code owner

@graytaylor0 graytaylor0 Awaiting requested review from graytaylor0 graytaylor0 is a code owner

@dinujoh dinujoh Awaiting requested review from dinujoh dinujoh is a code owner

@kkondaka kkondaka Awaiting requested review from kkondaka kkondaka is a code owner

@KarstenSchnitter KarstenSchnitter Awaiting requested review from KarstenSchnitter KarstenSchnitter is a code owner

@oeyh oeyh Awaiting requested review from oeyh oeyh is a code owner

@Zhangxunmt Zhangxunmt Awaiting requested review from Zhangxunmt Zhangxunmt is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support PluginConfigVariable for Confluence/Jira bearer token to enable secrets manager integration

2 participants

@srikanthpadakanti @dlvenable